Compare commits

..

2 Commits

Author SHA1 Message Date
Matthieu Lamalle 72e912facb Merge pull request 'Maj env et doc' (#26) from redis-sentinel into develop
Cadoles/hydra-sql/pipeline/head This commit is unstable Details
Reviewed-on: #26
2023-12-12 08:48:57 +01:00
Matthieu Lamalle abb1adecb7 Maj env et doc
Cadoles/hydra-sql/pipeline/head Build started... Details
Cadoles/hydra-sql/pipeline/pr-develop Build started... Details
2023-12-12 08:47:41 +01:00
4 changed files with 13 additions and 6 deletions

2
.env
View File

@ -40,4 +40,4 @@ LOCK_DSN=flock
###> sentry/sentry-symfony ###
SENTRY_DSN=
###< sentry/sentry-symfony ###
REDIS_URL=redis://redis:6379
REDIS_DSN=redis://redis:6379

View File

@ -9,7 +9,7 @@ framework:
# Redis
app: cache.adapter.redis
default_redis_provider: '%env(REDIS_URL)%'
default_redis_provider: '%env(REDIS_DSN)%'
# APCu (not recommended with heavy random-write workloads as memory fragmentation can cause perf issues)
#app: cache.adapter.apcu

View File

@ -12,7 +12,7 @@ framework:
# Enables session support. Note that the session will ONLY be started if you read or write from it.
# Remove or comment this section to explicitly disable session support.
session:
handler_id: '%env(REDIS_URL)%'
handler_id: '%env(REDIS_DSN)%'
cookie_secure: auto
cookie_samesite: lax
storage_factory_id: session.storage.factory.native

View File

@ -36,6 +36,7 @@ DSN_REMOTE_DATABASE="pgsql:host='postgres';port=5432;dbname=lasql"
APP_LOCALES="fr,en"
HASH_ALGO_LEGACY="sha256, bcrypt"
SECURITY_PATTERN="password,salt,pepper"
REDIS_DSN="redis://redis:6379
PEPPER=
```
## Tests password
@ -59,6 +60,12 @@ et conserver le pepper dans service.yaml
env(PEPPER): "257d62c24cd352c21b51c26dba678c8ff05011a89022aec106185bf67c69aa8b"
```
### Redis
La variable `REDIS_DSN` est obligatoire. Hydra-sql utilise dorénavant Redis pour le stockage du cache et des session. Compatible Redis Sentinel
ex : `'redis:?host[redis1:26379]&host[redis2:26379]&host[redis3:26379]&redis_sentinel=mymaster'`
### mariadb
```
En plus de tester la connexion à une différente base de donnée, on teste le hashage de password sans salt ni pepper