Skip to content

Instantly share code, notes, and snippets.

@dsandip

dsandip/Hasura-Pro-Redis-TLS-details.md

Created September 30, 2021 17:50
Show Gist options
  • Save dsandip/30089efb0743d90d086cb709f3041a15 to your computer and use it in GitHub Desktop.
Save dsandip/30089efb0743d90d086cb709f3041a15 to your computer and use it in GitHub Desktop.
Download ZIP
describes the recent updates in Hasura E.E data plane for Redis TLS support
Raw
Hasura-Pro-Redis-TLS-details.md

Redis TLS configuration

Hasura supports using TLS to connect securely to Redis instances (which it can use for rate limiting and caching).

TLS connection information can be specified via the following environment variables:

  • HASURA_GRAPHQL_REDIS_USE_TLS: Opt-in flag that enables the use of TLS for the caching Redis instance, defaults to false.
  • HASURA_GRAPHQL_RATE_LIMIT_REDIS_USE_TLS: Opt-in flag that enables the use of TLS for the rate-limiting Redis instance, defaults to false.
  • HASURA_GRAPHQL_REDIS_TLS_HOSTNAME: TLS hostname to use for caching Redis instance.
  • HASURA_GRAPHQL_RATE_LIMIT_REDIS_TLS_HOSTNAME: TLS hostname to use for rate-limiting Redis instance.
  • HASURA_GRAPHQL_REDIS_TLS_SHARED_CA_STORE_PATH: path to the shared CA certificate store to use for both the caching and rate-limiting Redis instances. If unspecified, defaults to the system CA store if available.

Example

For caching Redis -

HASURA_GRAPHQL_REDIS_USE_TLS="true"
HASURA_GRAPHQL_REDIS_URL="redis://username:password@redishostname:port"
HASURA_GRAPHQL_REDIS_TLS_HOSTNAME="redishostname"

For rate limit Redis -

HASURA_GRAPHQL_RATE_LIMIT_REDIS_USE_TLS="true"
HASURA_GRAPHQL_RATE_LIMIT_REDIS_URL="redis://username:password@redishostname:port"
HASURA_GRAPHQL_RATE_LIMIT_REDIS_TLS_HOSTNAME="redishostname"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment