diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py index 719bc3ae9..d1caba0cd 100644 --- a/apps/jumpserver/conf.py +++ b/apps/jumpserver/conf.py @@ -704,7 +704,8 @@ class Config(dict): def compatible_redis(self): redis_config = { - 'REDIS_PASSWORD': quote(str(self.REDIS_PASSWORD)), + 'REDIS_PASSWORD': str(self.REDIS_PASSWORD), + 'REDIS_PASSWORD_QUOTE': quote(str(self.REDIS_PASSWORD)), } for key, value in redis_config.items(): self[key] = value diff --git a/apps/jumpserver/settings/base.py b/apps/jumpserver/settings/base.py index f05293155..6503b2477 100644 --- a/apps/jumpserver/settings/base.py +++ b/apps/jumpserver/settings/base.py @@ -406,7 +406,7 @@ if REDIS_SENTINEL_SERVICE_NAME and REDIS_SENTINELS: else: REDIS_LOCATION_NO_DB = '%(protocol)s://:%(password)s@%(host)s:%(port)s/{}' % { 'protocol': REDIS_PROTOCOL, - 'password': CONFIG.REDIS_PASSWORD, + 'password': CONFIG.REDIS_PASSWORD_QUOTE, 'host': CONFIG.REDIS_HOST, 'port': CONFIG.REDIS_PORT, } diff --git a/apps/jumpserver/settings/libs.py b/apps/jumpserver/settings/libs.py index 1f2c333ec..f2ace1279 100644 --- a/apps/jumpserver/settings/libs.py +++ b/apps/jumpserver/settings/libs.py @@ -82,7 +82,6 @@ BOOTSTRAP3 = { # Django channels support websocket REDIS_LAYERS_HOST = { 'db': CONFIG.REDIS_DB_WS, - 'password': CONFIG.REDIS_PASSWORD or None, } REDIS_LAYERS_SSL_PARAMS = {} @@ -97,6 +96,7 @@ if REDIS_USE_SSL: if REDIS_SENTINEL_SERVICE_NAME and REDIS_SENTINELS: REDIS_LAYERS_HOST['sentinels'] = REDIS_SENTINELS + REDIS_LAYERS_HOST['password'] = CONFIG.REDIS_PASSWORD or None REDIS_LAYERS_HOST['master_name'] = REDIS_SENTINEL_SERVICE_NAME REDIS_LAYERS_HOST['sentinel_kwargs'] = { 'password': REDIS_SENTINEL_PASSWORD, @@ -111,7 +111,7 @@ else: # More info see: https://github.com/django/channels_redis/issues/334 # REDIS_LAYERS_HOST['address'] = (CONFIG.REDIS_HOST, CONFIG.REDIS_PORT) REDIS_LAYERS_ADDRESS = '{protocol}://:{password}@{host}:{port}/{db}'.format( - protocol=REDIS_PROTOCOL, password=CONFIG.REDIS_PASSWORD, + protocol=REDIS_PROTOCOL, password=CONFIG.REDIS_PASSWORD_QUOTE, host=CONFIG.REDIS_HOST, port=CONFIG.REDIS_PORT, db=CONFIG.REDIS_DB_WS ) REDIS_LAYERS_HOST['address'] = REDIS_LAYERS_ADDRESS @@ -153,7 +153,7 @@ if REDIS_SENTINEL_SERVICE_NAME and REDIS_SENTINELS: else: CELERY_BROKER_URL = CELERY_BROKER_URL_FORMAT % { 'protocol': REDIS_PROTOCOL, - 'password': CONFIG.REDIS_PASSWORD, + 'password': CONFIG.REDIS_PASSWORD_QUOTE, 'host': CONFIG.REDIS_HOST, 'port': CONFIG.REDIS_PORT, 'db': CONFIG.REDIS_DB_CELERY, @@ -187,6 +187,7 @@ ANSIBLE_LOG_DIR = os.path.join(PROJECT_DIR, 'data', 'ansible') REDIS_HOST = CONFIG.REDIS_HOST REDIS_PORT = CONFIG.REDIS_PORT REDIS_PASSWORD = CONFIG.REDIS_PASSWORD +REDIS_PASSWORD_QUOTE = CONFIG.REDIS_PASSWORD_QUOTE DJANGO_REDIS_SCAN_ITERSIZE = 1000 diff --git a/utils/start_celery_beat.py b/utils/start_celery_beat.py index 2f089a4af..d2e0d4753 100644 --- a/utils/start_celery_beat.py +++ b/utils/start_celery_beat.py @@ -19,9 +19,7 @@ os.environ.setdefault('PYTHONOPTIMIZE', '1') if os.getuid() == 0: os.environ.setdefault('C_FORCE_ROOT', '1') -connection_params = { - 'password': settings.REDIS_PASSWORD, -} +connection_params = {} if settings.REDIS_USE_SSL: connection_params['ssl'] = settings.REDIS_USE_SSL @@ -36,6 +34,7 @@ REDIS_SENTINEL_PASSWORD = settings.REDIS_SENTINEL_PASSWORD REDIS_SENTINEL_SOCKET_TIMEOUT = settings.REDIS_SENTINEL_SOCKET_TIMEOUT if REDIS_SENTINEL_SERVICE_NAME and REDIS_SENTINELS: connection_params['sentinels'] = REDIS_SENTINELS + connection_params['password'] = settings.REDIS_PASSWORD sentinel_client = Sentinel( **connection_params, sentinel_kwargs={ 'ssl': settings.REDIS_USE_SSL, @@ -52,7 +51,7 @@ else: REDIS_PROTOCOL = 'rediss' if settings.REDIS_USE_SSL else 'redis' REDIS_LOCATION_NO_DB = '%(protocol)s://:%(password)s@%(host)s:%(port)s' % { 'protocol': REDIS_PROTOCOL, - 'password': settings.REDIS_PASSWORD, + 'password': settings.REDIS_PASSWORD_QUOTE, 'host': settings.REDIS_HOST, 'port': settings.REDIS_PORT, }