| 3 | import { env } from "./env.server.js"; |
| 4 | |
| 5 | const buildTlsOptions = (): Record<string, unknown> => { |
| 6 | if (env.REDIS_TLS_ENABLED !== "true" && !env.REDIS_URL.startsWith("rediss://")) { |
| 7 | return {}; |
| 8 | } |
| 9 | |
| 10 | return { |
| 11 | tls: { |
| 12 | ca: env.REDIS_TLS_CA_PATH |
| 13 | ? fs.readFileSync(env.REDIS_TLS_CA_PATH) |
| 14 | : undefined, |
| 15 | cert: env.REDIS_TLS_CERT_PATH |
| 16 | ? fs.readFileSync(env.REDIS_TLS_CERT_PATH) |
| 17 | : undefined, |
| 18 | key: env.REDIS_TLS_KEY_PATH |
| 19 | ? fs.readFileSync(env.REDIS_TLS_KEY_PATH) |
| 20 | : undefined, |
| 21 | ...(env.REDIS_TLS_REJECT_UNAUTHORIZED |
| 22 | ? { rejectUnauthorized: env.REDIS_TLS_REJECT_UNAUTHORIZED === "true" } |
| 23 | : {}), |
| 24 | ...(env.REDIS_TLS_SERVERNAME |
| 25 | ? { servername: env.REDIS_TLS_SERVERNAME } |
| 26 | : {}), |
| 27 | ...(env.REDIS_TLS_CHECK_SERVER_IDENTITY === "false" |
| 28 | ? { checkServerIdentity: () => undefined } |
| 29 | : {}), |
| 30 | ...(env.REDIS_TLS_SECURE_PROTOCOL |
| 31 | ? { secureProtocol: env.REDIS_TLS_SECURE_PROTOCOL } |
| 32 | : {}), |
| 33 | ...(env.REDIS_TLS_CIPHERS ? { ciphers: env.REDIS_TLS_CIPHERS } : {}), |
| 34 | ...(env.REDIS_TLS_HONOR_CIPHER_ORDER |
| 35 | ? { |
| 36 | honorCipherOrder: env.REDIS_TLS_HONOR_CIPHER_ORDER === "true", |
| 37 | } |
| 38 | : {}), |
| 39 | ...(env.REDIS_TLS_KEY_PASSPHRASE |
| 40 | ? { passphrase: env.REDIS_TLS_KEY_PASSPHRASE } |
| 41 | : {}), |
| 42 | }, |
| 43 | }; |
| 44 | }; |
| 45 | |
| 46 | export const createRedisClient = () => new Redis(env.REDIS_URL, { |
| 47 | maxRetriesPerRequest: null, |