diff --git a/.gitignore b/.gitignore index df5f857..9309ed2 100644 --- a/.gitignore +++ b/.gitignore @@ -5,4 +5,5 @@ __pycache__ /venv /test -/test/* \ No newline at end of file +/test/* +certs diff --git a/constants.py b/constants.py index f1f3da7..f32ae77 100644 --- a/constants.py +++ b/constants.py @@ -17,6 +17,8 @@ API_ROOT = "/api" APP_PATH = os.path.dirname(sys.executable) if getattr(sys, 'frozen', False) else os.path.dirname(__file__) +KAFKA_CERTS_PATH = os.path.join(APP_PATH, "certs") + allowed_telegram_ids = [ 7532624817, # Me 355308397, # SerGey diff --git a/external/kafka/consumer.py b/external/kafka/consumer.py index dc57a61..9b0f705 100644 --- a/external/kafka/consumer.py +++ b/external/kafka/consumer.py @@ -3,11 +3,14 @@ from aiokafka.errors import KafkaConnectionError from backend.config import KAFKA_URL, KAFKA_CONSUMER_TOPIC from backend.session import session_maker +from external.kafka.context import context from external.kafka.services.consumer_service import ConsumerService consumer = AIOKafkaConsumer( KAFKA_CONSUMER_TOPIC, bootstrap_servers=KAFKA_URL, + security_protocol='SSL', + ssl_context=context, ) diff --git a/external/kafka/context.py b/external/kafka/context.py new file mode 100644 index 0000000..4be481b --- /dev/null +++ b/external/kafka/context.py @@ -0,0 +1,11 @@ +from pathlib import Path + +from aiokafka.helpers import create_ssl_context + +from constants import KAFKA_CERTS_PATH + +context = create_ssl_context( + cafile=KAFKA_CERTS_PATH / Path('ca-cert'), + certfile=KAFKA_CERTS_PATH / Path('cert-signed'), + keyfile=KAFKA_CERTS_PATH / Path('cert-key'), +) diff --git a/external/kafka/producer.py b/external/kafka/producer.py index c600117..6f56cdb 100644 --- a/external/kafka/producer.py +++ b/external/kafka/producer.py @@ -1,5 +1,10 @@ from aiokafka import AIOKafkaProducer from backend.config import KAFKA_URL +from external.kafka.context import context -producer = AIOKafkaProducer(bootstrap_servers=KAFKA_URL) +producer = AIOKafkaProducer( + bootstrap_servers=KAFKA_URL, + security_protocol='SSL', + ssl_context=context, +)