gib/GibSend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add REDIS_KEY_PREFIX env var for Redis ACL namespace isolation (#365)

Browse Source 
* feat: add REDIS_KEY_PREFIX env var for Redis ACL namespace isolation

Adds optional REDIS_KEY_PREFIX env var that prefixes all Redis keys
(BullMQ queues via `prefix` option, cache/lock/rate-limit keys via
`redisKey()` helper). When unset, behavior is unchanged (BullMQ
defaults to "bull:", cache keys are unprefixed).

This enables self-hosters using Redis ACL multi-tenancy to restrict
useSend to its own key namespace (e.g. `~usesend:*`).

16 files changed across env schema, Redis module, 9 BullMQ queue/worker
files, and 5 direct Redis key operation sites.

* docs: add REDIS_KEY_PREFIX to self-host assets and fix docker run example

Add REDIS_KEY_PREFIX env var to docker/prod/compose.yml, .env.example,
.env.selfhost.example, and self-hosting docs. Fix missing trailing
backslashes in standalone docker run example.

* fix(redis): disable ioredis ready check and BullMQ version check

Redis ACL blocks INFO command (in @dangerous category). ioredis uses
INFO for ready check, BullMQ uses it for version detection. Without
these flags, BullMQ workers fail to initialize and silently stop
processing jobs.

- Add enableReadyCheck: false to ioredis connection
- Add skipVersionCheck: true to all 5 Queue + 5 Worker constructors

* fix(redis): add skipVersionCheck to remaining BullMQ job queues

Add skipVersionCheck: true to Queue and Worker constructors in all 4 job
files (campaign-scheduler, cleanup-email-bodies, usage-job,
webhook-cleanup) to match the pattern already used in service files.
This prevents BullMQ version mismatch errors when using REDIS_KEY_PREFIX
with Redis ACL namespace isolation.
This commit is contained in:
Michał Ordon
2026-03-01 21:12:47 +00:00
committed by GitHub
parent 69eeb2d96e
commit 62d7c44efc
21 changed files with 100 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docker/README.md
+9 -9
View File
@@ -48,15 +48,15 @@ docker pull ghcr.io/usesend/usesend
```
docker run -d \
-p 3000:3000 \
-e NEXTAUTH_URL="<your-nextauth-url>"
-e NEXTAUTH_SECRET="<your-nextauth-secret>"
-e DATABASE_URL="<your-next-private-database-url>"
-e REDIS_URL="<your-next-private-redis-url>"
-e AWS_ACCESS_KEY="<your-next-private-aws-access-key-id>"
-e AWS_SECRET_KEY="<your-next-private-aws-secret-access-key>"
-e AWS_DEFAULT_REGION="<your-next-private-aws-region>"
-e GITHUB_ID="<your-next-private-github-id>"
-e GITHUB_SECRET="<your-next-private-github-secret>"
-e NEXTAUTH_URL="<your-nextauth-url>" \
-e NEXTAUTH_SECRET="<your-nextauth-secret>" \
-e DATABASE_URL="<your-database-url>" \
-e REDIS_URL="<your-redis-url>" \
-e AWS_ACCESS_KEY="<your-aws-access-key-id>" \
-e AWS_SECRET_KEY="<your-aws-secret-access-key>" \
-e AWS_DEFAULT_REGION="<your-aws-region>" \
-e GITHUB_ID="<your-github-client-id>" \
-e GITHUB_SECRET="<your-github-client-secret>" \
usesend/usesend
```