To set up TLS/SSL encryption for Redis connections in Laravel Sail, you can follow these steps:
1. Configure Redis in your `docker-compose.yml` file:
In the `services` section, add the Redis service with the necessary configuration:
yaml
redis:
image: 'redis:alpine'
ports:
- '${FORWARD_REDIS_PORT:-6379}:6379'
volumes:
- 'sailredis:/data'
command: redis-server --requirepass ${REDIS_PASSWORD} --tls-port 6379 --tls-cert-file /data/tls/cert.pem --tls-key-file /data/tls/key.pem
environment:
- TLS_CERT_FILE=/data/tls/cert.pem
- TLS_KEY_FILE=/data/tls/key.pem
This configuration sets up Redis to use TLS/SSL encryption with a password. It also specifies the paths for the SSL certificate and key files.
2. Generate SSL certificate and key:
You'll need to generate SSL certificate and key files that match the paths specified in the `docker-compose.yml` file. You can use OpenSSL or any other tool to generate these files.
For example, using OpenSSL:
bash
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365
This command will generate `key.pem` and `cert.pem` files in the current directory.
3. Mount the SSL files in the Redis container:
In the `volumes` section of your `docker-compose.yml` file, add a volume to mount the SSL certificate and key files:
yaml
volumes:
- 'sailredis:/data'
- './path/to/ssl:/data/tls'
Replace `'./path/to/ssl'` with the actual path to the directory containing your SSL files.
4. Configure Redis connection in Laravel:
Update your Redis configuration in `config/database.php` to use TLS/SSL encryption:
php
'redis' => [
'client' => env('REDIS_CLIENT', 'phpredis'),
'options' => [
'cluster' => env('REDIS_CLUSTER', 'redis'),
'prefix' => env('REDIS_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_database_'),
'scheme' => 'tls',
],
'default' => [
'url' => env('REDIS_URL'),
'host' => env('REDIS_HOST', '127.0.0.1'),
'password' => env('REDIS_PASSWORD'),
'port' => env('REDIS_PORT', '6379'),
'database' => env('REDIS_DB', '0'),
],
],
Add the `'scheme' => 'tls'` option to enable TLS/SSL encryption for Redis connections.
5. Set Redis environment variables:
In your `.env` file, set the Redis-related environment variables:
REDIS_HOST=redis
REDIS_PASSWORD=your-redis-password
REDIS_PORT=6379
Replace `'your-redis-password'` with the actual password you want to use for Redis.
6. Start or restart your Sail environment:
bash
sail up -d
This will start the Redis service with TLS/SSL encryption enabled.
By following these steps, you should have Redis configured to use TLS/SSL encryption in your Laravel Sail environment. Make sure the SSL certificate and key files are valid and match the paths specified in the `docker-compose.yml` file.
Citations:[1] https://github.com/laravel/sail/issues/591
[2] https://github.com/laravel/sail/issues/589
[3] https://laravel.com/docs/11.x/redis
[4] https://stackoverflow.com/questions/67097278/add-new-service-using-laravel-sail
[5] https://laracasts.com/discuss/channels/guides/redis-horizon-with-sail