Fix redis remote access issue

[tchia04]

✍️ Description

This is to fix the issue where the redis server is only accessible from localhost by not remotely.
There was a security change to disable the remote access
https://redis.io/docs/latest/operate/oss_and_stack/management/security/#protected-mode

Before

accessing redis server from mac 
❯ redis-cli  -h 192.168.1.24 -p 6379
Could not connect to Redis at 192.168.1.24:6379: Connection refused
not connected>


redis config in container 
root@redis:/etc# grep -i protected-mode /etc/redis/redis.conf  
protected-mode yes

modification

root@redis:/etc#
 sed -i 's/^protected-mode .*/protected-mode no/' /etc/redis/redis.conf

After

root@redis:/etc# grep -i protected-mode /etc/redis/redis.conf  
protected-mode no


❯ redis-cli  -h 192.168.1.38 -p 6379
192.168.1.38:6379>

🔗 Related PR / Issue

Link: #

✅ Prerequisites (X in brackets)

• Self-review completed – Code follows project standards.
• Tested thoroughly – Changes work as expected.
• No security risks – No hardcoded secrets, unnecessary privilege escalations, or permission issues.

---

🛠️ Type of Change (X in brackets)

• 🐞 Bug fix – Resolves an issue without breaking functionality.
• ✨ New feature – Adds new, non-breaking functionality.
• 💥 Breaking change – Alters existing functionality in a way that may require updates.
• 🆕 New script – A fully functional and tested script or script set.
• 🌍 Website update – Changes to website-related JSON files or metadata.
• 🔧 Refactoring / Code Cleanup – Improves readability or maintainability without changing functionality.
• 📝 Documentation update – Changes to README, AppName.md, CONTRIBUTING.md, or other docs.

[MickLesk]

I think this should be an User Option with read -rp. I prefer all local, not external. This should destroy it and open redis for all Interfaces

[michelroegl-brunner]

I see it the same as Mick. Default should be local only, only if a user wants to expose it should be exposed. On the other Hand i would say this dose not even need to be in the script, this could be a Github Discussion wich could be linked to in the json as well.

[tchia04]

Since there was a sed command to make it listen to all ip address already before my change, I thought the idea is to make it easier for the homelab user.

[CrazyWolf13]

agreed, if we add this, only with a read prompt to the user, if they want to allow remote connections and default to false.

[MickLesk]

Ah, okay, then I misunderstood @tchia04. But wouldn't it make sense to do it “right” from now? That you can offer it to users as an option, for example:

read -rp "Allow remote Redis access? (default: no) [y/N]: " ALLOW_REDIS_REMOTE
ALLOW_REDIS_REMOTE="${ALLOW_REDIS_REMOTE,,}" # lowercase

if [[ "$ALLOW_REDIS_REMOTE" == "y" ]]; then
    msg_info "Configuring Redis for remote access"
    sed -i 's/^bind .*/bind 0.0.0.0/' /etc/redis/redis.conf
    sed -i 's/^protected-mode .*/protected-mode no/' /etc/redis/redis.conf
    msg_ok "Redis configured for remote access"
else
    msg_info "Keeping Redis local-only (default)"
    sed -i 's/^bind .*/bind 127.0.0.1/' /etc/redis/redis.conf
    sed -i 's/^protected-mode .*/protected-mode yes/' /etc/redis/redis.conf
    msg_ok "Redis restricted to localhost"
fi