From 8d649bbb8c7e7e52f7af9884ae7100b9fed9255e Mon Sep 17 00:00:00 2001
From: "CanbiZ (MickLesk)" <47820557+MickLesk@users.noreply.github.com>
Date: Thu, 29 Jan 2026 12:43:51 +0100
Subject: [PATCH] clear valkey

---
 install/alpine-valkey-install.sh | 46 +++-----------------------------
 1 file changed, 4 insertions(+), 42 deletions(-)

diff --git a/install/alpine-valkey-install.sh b/install/alpine-valkey-install.sh
index 26571cb72..ea2d17451 100644
--- a/install/alpine-valkey-install.sh
+++ b/install/alpine-valkey-install.sh
@@ -14,10 +14,10 @@ network_check
 update_os
 
 msg_info "Installing Valkey"
-$STD apk add valkey valkey-openrc valkey-cli openssl
+$STD apk add valkey valkey-openrc valkey-cli
 sed -i 's/^bind .*/bind 0.0.0.0/' /etc/valkey/valkey.conf
 
-PASS="$(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9' | head -c32)"
+PASS="$(tr -dc 'a-zA-Z0-9' </dev/urandom | head -c32)"
 echo "requirepass $PASS" >>/etc/valkey/valkey.conf
 echo "$PASS" >~/valkey.creds
 chmod 600 ~/valkey.creds
@@ -34,46 +34,8 @@ MAXMEMORY_MB=$((MEMTOTAL_MB * 75 / 100))
 } >>/etc/valkey/valkey.conf
 msg_ok "Installed Valkey"
 
-echo
-read -r -p "${TAB3}Enable TLS for Valkey (Sentinel mode not supported)? [y/N]: " prompt
-if [[ ${prompt,,} =~ ^(y|yes)$ ]]; then
-  read -r -p "${TAB3}Use TLS-only mode (disable TCP port 6379)? [y/N]: " tls_only
-  msg_info "Configuring TLS for Valkey..."
-
-  TLS_DIR="/etc/ssl/valkey"
-  mkdir -p "$TLS_DIR"
-  $STD openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 \
-    -subj "/CN=Valkey" \
-    -addext "subjectAltName=DNS:Valkey" \
-    -keyout "$TLS_DIR/valkey.key" \
-    -out "$TLS_DIR/valkey.crt"
-  chmod 600 "$TLS_DIR/valkey.key"
-  chmod 644 "$TLS_DIR/valkey.crt"
-  chown valkey:valkey "$TLS_DIR/valkey.crt" "$TLS_DIR/valkey.key"
-
-  if [[ ${tls_only,,} =~ ^(y|yes)$ ]]; then
-    {
-      echo ""
-      echo "# TLS configuration generated by Proxmox VE Valkey helper-script"
-      echo "port 0"
-      echo "tls-port 6379"
-      echo "tls-cert-file $TLS_DIR/valkey.crt"
-      echo "tls-key-file $TLS_DIR/valkey.key"
-      echo "tls-auth-clients no"
-    } >>/etc/valkey/valkey.conf
-    msg_ok "Enabled TLS-only mode on port 6379"
-  else
-    {
-      echo ""
-      echo "# TLS configuration generated by Proxmox VE Valkey helper-script"
-      echo "tls-port 6380"
-      echo "tls-cert-file $TLS_DIR/valkey.crt"
-      echo "tls-key-file $TLS_DIR/valkey.key"
-      echo "tls-auth-clients no"
-    } >>/etc/valkey/valkey.conf
-    msg_ok "Enabled TLS on port 6380 and TCP on 6379"
-  fi
-fi
+# Note: Alpine's valkey package is compiled without TLS support
+# For TLS, use the Debian-based valkey script instead
 
 $STD rc-update add valkey default
 $STD rc-service valkey start