Server: Support Redis and Memcached as session handler
Is your feature request related to a problem? Please describe.
It would be great to have the ability to set Memcached or Redis as session handler in NextCloud.
This could be a significant performance gain compared to the default file handler.
Describe the solution you'd like
I'd like to have an option similar to the existing ones for file locking. E.g.
'memcache.session' => '\\OC\\Memcache\\Redis'
Describe alternatives you've considered
Up to now you have to configure them manually in PHP:
session.save_handler = redis
session.save_path = "tcp://redis-server"
session.save_handler = memcached
session.save_path = "memcached-server"
J0WI
All 18 comments
I do not think it is a good idea to start implementing our own session handling. These kind of things should be handled properly by php itself I think.
rullzer
on 19 Dec 2018
One challenge we're having in our deployment is that when running in a cluster, users get CSRF errors when their request is routed between Docker instances. I think the issue here is that the session is storing the CSRF token but that session doesn't move between instances.
How do Nextcloud clusters normally work around this issue if sessions can't be stored in Redis?
GuyPaddock
on 24 Jan 2019
The most reliable way is to change php session handler like suggested above as alternative solution.
kesselb
on 24 Jan 2019
Can the session handler be modified on-the-fly during NC startup?
GuyPaddock
on 25 Jan 2019
Separately, I found a solution by having my Docker entrypoint.sh for Nextcloud write-out the Redis session connection string on the fly. I will post a link as soon as my changes have been pushed to the Nextcloud resource kit I'm working on.
GuyPaddock
on 25 Jan 2019
Here's what I came up with in my entrypoint.sh, if it's useful to anyone else:
https://github.com/GuyPaddock/inveniem-nextcloud-azure/commit/9b9c73c4450beee211eb3f9df2ce2b7a419403da#diff-3fcf514429a2e9e913084c350892c067R66
The Redis config is already passed to the container via environment variables. This gets used to setup PHP's session handling on start-up.
Separately, those same environment variables are used to setup Nextcloud's in-memory cache here:
https://github.com/GuyPaddock/inveniem-nextcloud-azure/commit/9b9c73c4450beee211eb3f9df2ce2b7a419403da#diff-4027a37b5fb90805a18b0a60333859e0
GuyPaddock
on 25 Jan 2019
We have a pending PR to support Redis in Docker:
https://github.com/nextcloud/docker/pull/600
I actually planned to also add a session handler option after https://github.com/nextcloud/docker/pull/600 is merged. So I'd welcome an upstream PR of your changes.
J0WI
on 25 Jan 2019
@J0WI Happy to oblige after https://github.com/nextcloud/docker/pull/600 gets merged.
GuyPaddock
on 28 Jan 2019
Afternoon, this would really help me!
I have a pi that runs my nextcloud instance and I'm looking at how I can move it to a docker setup with multi pis, but I cant seem to make it work without editing the php session handler.
Currnet setup
nginx(pi1) -> php-fpn/nginx(pi2) -|-> mysql(pi3)
|-> nfs(pi4)
Docker (using traefik to LB more than 1 container)
nginx(pi1) -> docker1(pi2) -|-> mysql(pi3)
docker1(pi2) -|-> nfs(pi4)
matt-horwood-mayden
on 1 Feb 2019
@GuyPaddock https://github.com/nextcloud/docker/pull/600 is merged 馃槈
J0WI
on 8 Feb 2019
@J0WI okay for you to close this issue? I guess we found a good way how to handle this case.
kesselb
on 25 May 2019
This is only solved for the Docker image so far.
J0WI
on 27 May 2019
I do not think it is a good idea to start implementing our own session handling. These kind of things should be handled properly by php itself I think.
The alternative solution is the way to go. You gain nothing from reinventing the wheel ;)
kesselb
on 27 May 2019
How about adding the session handler to nextcloud/serverinfo and adding some hints to nextcloud/documentation?
J0WI
on 27 May 2019
Which problem are you trying to solve? Any php based solution will be slower and less reliable ...
kesselb
on 27 May 2019
For my 2 pence, I support an NHS web application used by almost 10k users daily. We have to run our big monolith on lots of servers to support our users, we don't want to be editing the default PHP sessions handling every time we spin up a new VM. So our application implements its own session code using Memcache and falling back to DB, This makes our application scale over multiple vms any many users.
Also, remember that some users of nextcloud will use a reverse proxy and want to scale Nextcloud over many hosts. If you have to edit the default PHP session handler, you might not be able to run other applications along side.
matt-horwood-mayden
on 28 May 2019
@matt-horwood-mayden you can always reach out to your account manager if you have a subscription.
Anyways like said there are no plans to do this currently. On top of that there can be side effects that make it all do :boom:
See:
Support: Locking feature is currently only supported for Redis setup with single master instance (e.g. classic master/slave Sentinel environment). So locking may not work properly in RedisArray or RedisCluster environments.
If you have a huge setup I assume you'll also have redis cluster. Which then doesn't have session locking.
Of course if somebody wants to implement a session handler and submit a PR I'm happy to take a look at it.
rullzer
on 28 May 2019
Anyways like said there are no plans to do this currently.
We can always reopen this issue if someone wants to do it. Still the most reliable way to do this is via php-fpm pool or php.ini.
kesselb
on 25 Sep 2019
Related issues
mxschmitt
路
68Comments
iG8R
路
85Comments
cdauth
路
121Comments
daita
路
99Comments
mara21
路
124Comments
Most helpful comment
@J0WI Happy to oblige after https://github.com/nextcloud/docker/pull/600 gets merged.