Skip to content

Commit

Permalink
add falkordb user
Browse files Browse the repository at this point in the history
  • Loading branch information
Dudi Zimberknopf committed Mar 13, 2024
1 parent 233c030 commit 3eb06d9
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 16 deletions.
1 change: 1 addition & 0 deletions falkordb-node/.env
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
#GLOBAL
FALKORDB_PASSWORD=
ADMIN_PASSWORD=
RUN_NODE=1
RUN_SENTINEL=0
TLS=false
Expand Down
33 changes: 20 additions & 13 deletions falkordb-node/node-entrypoint.sh
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
#!/bin/bash

FALKORDB_PASSWORD=${FALKORDB_PASSWORD:-''}
ADMIN_PASSWORD=${ADMIN_PASSWORD:-''}
RUN_SENTINEL=${RUN_SENTINEL:-0}
RUN_NODE=${RUN_NODE:-1}
TLS=${TLS:-'false'}
Expand All @@ -24,7 +25,7 @@ TLS_MOUNT_PATH=${TLS_MOUNT_PATH:-'/etc/tls'}
TLS_CONNECTION_STRING=$(if [[ $TLS == "true" ]]; then echo "--tls --cacert $ROOT_CA_PATH"; else echo ""; fi)

get_master() {
master_info=$(redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $FALKORDB_PASSWORD $TLS_CONNECTION_STRING --no-auth-warning SENTINEL get-master-addr-by-name $MASTER_NAME)
master_info=$(redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING --no-auth-warning SENTINEL get-master-addr-by-name $MASTER_NAME)
redisRetVal=$?
echo "Master Info: $master_info"
echo "Redis Ret Val: $redisRetVal"
Expand Down Expand Up @@ -78,7 +79,7 @@ is_replica() {
if [ "$RUN_NODE" -eq "1" ]; then
sed -i "s/\$NODE_HOST/$NODE_HOST/g" /falkordb/node.conf
sed -i "s/\$NODE_PORT/$NODE_PORT/g" /falkordb/node.conf
sed -i "s/\$FALKORDB_PASSWORD/$FALKORDB_PASSWORD/g" /falkordb/node.conf
sed -i "s/\$ADMIN_PASSWORD/$ADMIN_PASSWORD/g" /falkordb/node.conf

is_replica
if [[ $IS_REPLICA -eq 1 ]]; then
Expand Down Expand Up @@ -106,18 +107,24 @@ if [ "$RUN_NODE" -eq "1" ]; then

# If node should be master, add it to sentinel
if [[ $IS_REPLICA -eq 0 && $RUN_SENTINEL -eq 1 ]]; then
redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $FALKORDB_PASSWORD $TLS_CONNECTION_STRING SENTINEL monitor $MASTER_NAME $NODE_HOST $NODE_PORT $SENTINEL_QUORUM
redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $FALKORDB_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME auth-pass $FALKORDB_PASSWORD
redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $FALKORDB_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME failover-timeout $SENTINEL_FAILOVER
redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $FALKORDB_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME down-after-milliseconds $SENTINEL_DOWN_AFTER
redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $FALKORDB_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME parallel-syncs 1
redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING SENTINEL monitor $MASTER_NAME $NODE_HOST $NODE_PORT $SENTINEL_QUORUM
redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME auth-pass $ADMIN_PASSWORD
redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME failover-timeout $SENTINEL_FAILOVER
redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME down-after-milliseconds $SENTINEL_DOWN_AFTER
redis-cli -h $SENTINEL_HOST -p $SENTINEL_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME parallel-syncs 1
fi

# If is master, create falkordb user
if [[ $IS_REPLICA -e 0 ]]; then
echo "Creating falkordb user"
redis-cli -h $NODE_HOST -p $NODE_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING ACL SETUSER falkordb on >$FALKORDB_PASSWORD ~* +INFO +PING +HELLO +AUTH +RESTORE +DUMP +DEL +EXISTS +UNLINK +TYPE +FLUSHALL +TOUCH +EXPIRE +PEXPIREAT +TTL +PTTL +EXPIRETIME +RENAME +RENAMENX +SCAN +DISCARD +EXEC +MULTI +UNWATCH +WATCH +ECHO +SLOWLOG +WAIT +WAITAOF +GRAPH.INFO +GRAPH.LIST +GRAPH.QUERY +GRAPH.RO_QUERY +GRAPH.EXPLAIN +GRAPH.PROFILE +GRAPH.DELETE +GRAPH.CONSTRAINT +GRAPH.SLOWLOG +GRAPH.BULK +GRAPH.CONFIG
fi

fi


if [ "$RUN_SENTINEL" -eq "1" ]; then
sed -i "s/\$FALKORDB_PASSWORD/$FALKORDB_PASSWORD/g" /falkordb/sentinel.conf
sed -i "s/\$ADMIN_PASSWORD/$ADMIN_PASSWORD/g" /falkordb/sentinel.conf

echo "Starting Sentinel"

Expand All @@ -139,11 +146,11 @@ if [ "$RUN_SENTINEL" -eq "1" ]; then

# If FALKORDB_MASTER_HOST is not empty, add monitor to sentinel
if [[ ! -z $FALKORDB_MASTER_HOST ]]; then
redis-cli -p $SENTINEL_PORT -a $FALKORDB_PASSWORD $TLS_CONNECTION_STRING SENTINEL monitor $MASTER_NAME $FALKORDB_MASTER_HOST $FALKORDB_MASTER_PORT_NUMBER $SENTINEL_QUORUM
redis-cli -p $SENTINEL_PORT -a $FALKORDB_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME auth-pass $FALKORDB_PASSWORD
redis-cli -p $SENTINEL_PORT -a $FALKORDB_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME failover-timeout $SENTINEL_FAILOVER
redis-cli -p $SENTINEL_PORT -a $FALKORDB_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME down-after-milliseconds $SENTINEL_DOWN_AFTER
redis-cli -p $SENTINEL_PORT -a $FALKORDB_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME parallel-syncs 1
redis-cli -p $SENTINEL_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING SENTINEL monitor $MASTER_NAME $FALKORDB_MASTER_HOST $FALKORDB_MASTER_PORT_NUMBER $SENTINEL_QUORUM
redis-cli -p $SENTINEL_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME auth-pass $ADMIN_PASSWORD
redis-cli -p $SENTINEL_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME failover-timeout $SENTINEL_FAILOVER
redis-cli -p $SENTINEL_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME down-after-milliseconds $SENTINEL_DOWN_AFTER
redis-cli -p $SENTINEL_PORT -a $ADMIN_PASSWORD $TLS_CONNECTION_STRING SENTINEL set $MASTER_NAME parallel-syncs 1
fi
fi

Expand Down
4 changes: 2 additions & 2 deletions falkordb-node/node.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ loadmodule /FalkorDB/bin/src/falkordb.so

replica-announce-ip $NODE_HOST
replica-announce-port $NODE_PORT
masterauth $FALKORDB_PASSWORD
requirepass $FALKORDB_PASSWORD
masterauth $ADMIN_PASSWORD
requirepass $ADMIN_PASSWORD

# Injected configs
2 changes: 1 addition & 1 deletion falkordb-node/sentinel.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@ dir /tmp

sentinel announce-hostnames yes
sentinel resolve-hostnames yes
requirepass $FALKORDB_PASSWORD
requirepass $ADMIN_PASSWORD
2 changes: 2 additions & 0 deletions omnistrate.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -194,6 +194,7 @@ services:
- NODE_PORT=6379
- TLS=$var.enableTLS
- FALKORDB_PASSWORD=$var.falkordbPassword
- ADMIN_PASSWORD=$func.random(string, 16)
- SECURITY_CONTEXT_USER_ID=0
- SECURITY_CONTEXT_GROUP_ID=0
- SECURITY_CONTEXT_FS_GROUP=0
Expand Down Expand Up @@ -223,6 +224,7 @@ services:
- SENTINEL_PORT=26379
- TLS=$var.enableTLS
- FALKORDB_PASSWORD=$var.falkordbPassword
- ADMIN_PASSWORD=$func.random(string, 16)
- SECURITY_CONTEXT_USER_ID=0
- SECURITY_CONTEXT_GROUP_ID=0
- SECURITY_CONTEXT_FS_GROUP=0
Expand Down

0 comments on commit 3eb06d9

Please sign in to comment.