def test_get_tls_redis_url(): """ Test conversion from REDIS_URL to the stunnel TLS URL described here: https://devcenter.heroku.com/articles/securing-heroku-redis#connecting-directly-to-stunnel """ REDIS_URL = 'redis://*****:*****@ec2-12-34-56-78.compute-1.amazonaws.com:8069' TLS_REDIS_URL = 'rediss://*****:*****@ec2-12-34-56-78.compute-1.amazonaws.com:8070?ssl_cert_reqs=none' assert get_tls_redis_url(REDIS_URL) == TLS_REDIS_URL
# prevent data loss (either STRICT_TRANS_TABLES or STRICT_ALL_TABLES). 'init_command': "SET sql_mode='STRICT_TRANS_TABLES'", } if connection_should_use_tls(DATABASES[alias]['HOST']): # Use TLS when connecting to RDS. # https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.SSLSupport # https://mysqlclient.readthedocs.io/user_guide.html#functions-and-attributes DATABASES[alias]['OPTIONS']['ssl'] = { 'ca': 'deployment/aws/rds-combined-ca-bundle.pem', } # Caches REDIS_URL = env('REDIS_URL', default='redis://localhost:6379') if connection_should_use_tls(REDIS_URL): # Connect using TLS on Heroku. REDIS_URL = get_tls_redis_url(REDIS_URL) CACHES = { 'default': { 'BACKEND': 'django_redis.cache.RedisCache', 'LOCATION': REDIS_URL, 'OPTIONS': { # Override the default of no timeout, to avoid connection hangs. 'SOCKET_CONNECT_TIMEOUT': 5, }, }, } config.update({}) # Internationalization
DATABASES[alias]['OPTIONS'] = { # Override Django's default connection charset of 'utf8', otherwise it's # still not possible to insert non-BMP unicode into utf8mb4 tables. 'charset': 'utf8mb4', } if DATABASES[alias]['HOST'] != 'localhost': # Use TLS when connecting to RDS. DATABASES[alias]['OPTIONS']['ssl'] = { 'ca': 'deployment/aws/combined-ca-bundle.pem', } REDIS_URL = env('REDIS_URL') if connection_should_use_tls(REDIS_URL): # Connect using TLS on Heroku. REDIS_URL = get_tls_redis_url(REDIS_URL) CACHES = { 'default': { 'BACKEND': 'django_redis.cache.RedisCache', 'LOCATION': REDIS_URL, 'OPTIONS': { # Override the default of no timeout, to avoid connection hangs. 'SOCKET_CONNECT_TIMEOUT': 5, }, }, } SWAGGER_SETTINGS = { 'SECURITY_DEFINITIONS': {}, 'SUPPORTED_SUBMIT_METHODS': ['get'],