Skip to content

Support Redis TLS server name #105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sjmiller609 merged 1 commit into from
May 28, 2026
+24 −5
Merged

Support Redis TLS server name #105

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .env.example
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ MINTLIFY_DOMAIN=<x>

# Redis Configuration
REDIS_URL=<x> # redis://127.0.0.1:6379
# REDIS_TLS_SERVER_NAME=<x> # optional; requires REDIS_URL to use rediss://

# OAuth Client IDs
KERNEL_CLI_PROD_CLIENT_ID=<x>
Expand Down
28 changes: 23 additions & 5 deletions src/lib/redis.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,34 @@
import { createClient } from "redis";
import { createHmac } from "crypto";

const redisUrl = process.env.REDIS_URL;
const redisTlsServerName = process.env.REDIS_TLS_SERVER_NAME;
const parsedRedisUrl = redisUrl ? new URL(redisUrl) : null;

if (redisTlsServerName && parsedRedisUrl?.protocol !== "rediss:") {
throw new Error("REDIS_TLS_SERVER_NAME requires REDIS_URL to use rediss://");
}

// Modest backoff to smooth over first-hit cold connections
const reconnectStrategy = (retries: number) =>
Math.min(500 + retries * 100, 2000);

// Connect on first use
let isConnected = false;
let connectPromise: Promise<void> | null = null;

const client = createClient({
url: process.env.REDIS_URL,
socket: {
// Modest backoff to smooth over first-hit cold connections
reconnectStrategy: (retries) => Math.min(500 + retries * 100, 2000),
},
url: redisUrl,
socket: redisTlsServerName
? {
host: parsedRedisUrl!.hostname,
tls: true,
servername: redisTlsServerName,
reconnectStrategy,
}
Copy link
Copy Markdown

@cursor cursor Bot May 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Redundant socket.host may drop non-standard URL port

Medium Severity

Setting socket.host without socket.port when url is also provided risks losing the port from the URL. If socket.host takes effect, socket.port defaults to 6379, silently ignoring any non-standard port in the rediss:// URL. The official node-redis pattern for adding servername alongside a url only sets tls and servername in the socket config—not host. Omitting socket.host (and socket.tls, which rediss:// already implies) avoids this risk and removes the need for parsedRedisUrl and the non-null assertion entirely.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 28fe644. Configure here.

: {
reconnectStrategy,
},
});

client.on("error", (err) => {
Expand Down
Loading