SSL configuration in cable.yml

AFAIK when you intend to run a redis connection via SSL you have to overwrite

ActionCable::SubscriptionAdapter::Redis.redis_connector . My current solution

looks something like:

cert = File.read config[:ssl_params][:cert]

key  = File.read config[:ssl_params][:key]

config = config.merge(

  ssl_params: {

    ca_file: config[:ssl_params][:ca_file],

    cert:    OpenSSL::X509::Certificate.new(cert),

    key:     OpenSSL::PKey::RSA.new(key)

  }

)

which lives in an initializer.

I’m wondering if a change to the redis subscription adapter, which would allow a cable.yml configurations like:

production:

  adapter: redis

  url: rediss://redis-cluster

  ssl_params:

    ca_file: /certs/ca.pem

    cert:    /certs/cert.pem

    key:     /certs/key.pem

would be a welcome addition to the rails/action-cable? If that’s the case I’d be happy to start on a patch. If this is more

of an edge case and the change is not welcome, I understand but would appreciate some feedback on my current approach

and would like to submit a patch to at least mention this option in the documentation .

Thanks in advance for solution.

IIRC the ActionCable configuration already picks up all options and passes them through to the redis connection. This is the setup we had to do e.g. to work with Heroku Redis, no monkeypatching required:

application.rb

class Application < Rails::Application
  #...
  redis_params = { url: ENV["REDIS_URL"] || 'redis://localhost:6379' }
  redis_params[:ssl_params] = { verify_mode: OpenSSL::SSL::VERIFY_NONE } if ENV['ENABLE_REDIS_TLS']

  config.redis_params = redis_params
  #...
end

cable.yml

default: &default
  adapter: redis
  url: <%= Rails.configuration.redis_params.fetch(:url) %>
  <% if Rails.configuration.redis_params[:ssl_params].present? %>
  ssl_params:
    verify_mode: <%= Rails.configuration.redis_params.dig(:ssl_params, :verify_mode) %>
  <% end %>

production:
  <<: *default