├── .github └── FUNDING.yml ├── .travis.yml ├── CONTRIBUTING.md ├── Dockerfile ├── LICENSE ├── Procfile ├── README.md ├── redis-logo.png ├── start.sh └── stunnel.conf /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | # These are supported funding model platforms 2 | 3 | github: ["madflojo"] 4 | patreon: # Replace with a single Patreon username 5 | open_collective: # Replace with a single Open Collective username 6 | ko_fi: # Replace with a single Ko-fi username 7 | tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel 8 | community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry 9 | liberapay: # Replace with a single Liberapay username 10 | issuehunt: # Replace with a single IssueHunt username 11 | otechie: # Replace with a single Otechie username 12 | custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] 13 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: bash 2 | 3 | services: 4 | - docker 5 | 6 | hosts: 7 | - example.com 8 | 9 | install: 10 | - docker build -t redis-tls . 11 | - mkdir certs 12 | - docker run -v certs:/certs stakater/ssl-certs-generator:1.0 13 | - docker run -d -p 127.0.0.1:6379:6379 -v certs:/certs --name redis-tls -e REDIS_PASS="redis" redis-tls 14 | 15 | script: 16 | - docker ps | grep -q redis-tls 17 | 18 | after_script: 19 | - docker logs redis-tls 20 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | Thank you for your interest in helping develop this project. The time, skills, and perspectives you contribute to this project are valued. 4 | 5 | ## How can I contribute? 6 | 7 | Bugs, Proposals, Feature Requests, and Questions are all welcome by creating an Issue or using Discussions. Please provide as much detail as you can in your request. 8 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM redis:6.0.9-alpine 2 | 3 | RUN apk add --no-cache \ 4 | stunnel \ 5 | python3 \ 6 | py3-pip 7 | 8 | RUN python3 -m pip install honcho==1.0.* 9 | 10 | WORKDIR / 11 | COPY stunnel.conf Procfile start.sh / 12 | RUN chmod +x start.sh 13 | 14 | ENV PYTHONUNBUFFERED=1 15 | CMD ["sh", "start.sh"] 16 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2016 Benjamin Cane 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Procfile: -------------------------------------------------------------------------------- 1 | stunnel: stunnel /stunnel.conf $STUNNEL_CMD_OPTS 2 | redis: /usr/local/bin/redis-server --port 6380 --bind 0.0.0.0 $REDIS_CMD_OPTS 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Redis with TLS Dockerfile 2 | 3 | ![Redis Logo](redis-logo.png) 4 | 5 | [![Build Status](https://travis-ci.com/madflojo/redis-tls-dockerfile.svg?branch=master)](https://travis-ci.com/madflojo/redis-tls-dockerfile) [![Docker Pulls](https://img.shields.io/docker/pulls/madflojo/redis-tls)](https://hub.docker.com/r/madflojo/redis-tls) 6 | 7 | This project produces an Open Source Redis Docker image with TLS support. This project uses the base Open Source Redis docker image and stunnel to create a TLS wrapped Redis instance. 8 | 9 | ## Using this Image 10 | 11 | **Start Redis with TLS:** 12 | 13 | ```console 14 | $ docker run -d -p 6379:6379 -v /path/to/certs:/certs --name redis-tls madflojo/redis-tls 15 | ``` 16 | 17 | The `/path/to/certs` should be a directory on the host that contains the appropriate `cert.pem` and `key.pem` files for `stunnel` to provide TLS encryption. 18 | 19 | **Require password authentication for Redis:** 20 | 21 | ```console 22 | $ docker run -d -p 6379:6379 -v /path/to/certs:/certs --env REDIS_PASS="<>" \ 23 | --name redis-tls madflojo/redis-tls 24 | ``` 25 | 26 | Use the `$REDIS_PASS` environment variable to require clients to authenticate with this Redis server. 27 | 28 | **Additional Options to Redis Start Command:** 29 | 30 | ```consol 31 | $ docker run -d -p 6379:6379 -v /path/to/certs:/certs --env REDIS_PASS="<>" \ 32 | --env REDIS_CMD_OPTS="--appendonly yes" --name redis-tls madflojo/redis-tls 33 | ``` 34 | 35 | Use the `$REDIS_CMD_OPTS` environment variable to pass any command-line arguments to the Redis server start command. 36 | 37 | **Start with Persistence:** 38 | 39 | ```console 40 | $ docker run --restart=always -d -p 6379:6379 -v /path/to/certs:/certs \ 41 | -v /hostpath/to/redisdatabackup:/data --env REDIS_PASS="<>" \ 42 | --name redis-tls madflojo/redis-tls 43 | ``` 44 | 45 | To retain data throughout container restarts, use Docker's volume maps to mount the data directory to a host-level directory. 46 | 47 | ## Contributing 48 | 49 | Thank you for your interest in helping develop this project. The time, skills, and perspectives you contribute to this project are valued. 50 | 51 | ### How can I contribute? 52 | 53 | Bugs, Proposals, Feature Requests, and Questions are all welcome by creating an Issue or using Discussions. Please provide as much detail as you can in your request. 54 | -------------------------------------------------------------------------------- /redis-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/madflojo/redis-tls-dockerfile/7bb142640356e798124ed1984ede952a9f9abc10/redis-logo.png -------------------------------------------------------------------------------- /start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | if [ ! -z "$REDIS_PASS" ] 4 | then 5 | REDIS_CMD_OPTS=$(echo "$REDIS_CMD_OPTS --requirepass $REDIS_PASS") 6 | fi 7 | 8 | exec honcho start -f Procfile 9 | -------------------------------------------------------------------------------- /stunnel.conf: -------------------------------------------------------------------------------- 1 | foreground = yes 2 | debug = 7 3 | 4 | [redis] 5 | accept = 0.0.0.0:6379 6 | connect = localhost:6380 7 | cert = /certs/cert.pem 8 | key = /certs/key.pem 9 | --------------------------------------------------------------------------------