From 0261e875679f1bf63c8d689da7fc7e014597885d Mon Sep 17 00:00:00 2001
From: Stonewall Jackson <stonewall@sacredheartsc.com>
Date: Sat, 4 Feb 2023 01:23:43 -0500
Subject: initial commit

---
 roles/redis/defaults/main.yml                      |  3 +
 .../redis/files/etc/systemd/system/redis@.service  | 18 ++++++
 roles/redis/tasks/main.yml                         | 43 ++++++++++++++
 roles/redis/templates/etc/redis.conf.j2            | 65 ++++++++++++++++++++++
 roles/redis/vars/main.yml                          |  1 +
 5 files changed, 130 insertions(+)
 create mode 100644 roles/redis/defaults/main.yml
 create mode 100644 roles/redis/files/etc/systemd/system/redis@.service
 create mode 100644 roles/redis/tasks/main.yml
 create mode 100644 roles/redis/templates/etc/redis.conf.j2
 create mode 100644 roles/redis/vars/main.yml

(limited to 'roles/redis')

diff --git a/roles/redis/defaults/main.yml b/roles/redis/defaults/main.yml
new file mode 100644
index 0000000..db46496
--- /dev/null
+++ b/roles/redis/defaults/main.yml
@@ -0,0 +1,3 @@
+redis_port: 6379
+redis_max_memory: 2gb
+redis_max_memory_policy: allkeys-lru
diff --git a/roles/redis/files/etc/systemd/system/redis@.service b/roles/redis/files/etc/systemd/system/redis@.service
new file mode 100644
index 0000000..b119142
--- /dev/null
+++ b/roles/redis/files/etc/systemd/system/redis@.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=Redis persistent key-value database on port %I
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/redis-server /etc/redis-%i.conf --supervised systemd
+ExecStop=/usr/bin/redis-cli -h 127.0.0.1 -p %i shutdown
+Type=notify
+User=redis
+Group=redis
+RuntimeDirectory=redis-%i
+RuntimeDirectoryMode=0755
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+LimitNOFILE=10240
diff --git a/roles/redis/tasks/main.yml b/roles/redis/tasks/main.yml
new file mode 100644
index 0000000..ccd7c98
--- /dev/null
+++ b/roles/redis/tasks/main.yml
@@ -0,0 +1,43 @@
+- name: install redis
+  dnf:
+    name: redis
+    state: present
+
+- name: create systemd unit
+  copy:
+    src: etc/systemd/system/redis@.service
+    dest: /etc/systemd/system/redis@.service
+  register: redis_unit
+
+- name: reload systemd units
+  systemd:
+    daemon_reload: yes
+  when: redis_unit.changed
+
+- name: create redis data directory
+  file:
+    path: '{{ redis_home }}/{{ redis_port }}'
+    owner: redis
+    group: redis
+    mode: 0750
+    state: directory
+
+- name: generate config file
+  template:
+    src: etc/redis.conf.j2
+    dest: /etc/redis-{{ redis_port }}.conf
+  register: redis_config_file
+
+- name: set redis_port_t selinux context for redis port
+  seport:
+    ports: '{{ redis_port }}'
+    proto: tcp
+    setype: redis_port_t
+    state: present
+  tags: selinux
+
+- name: enable redis
+  systemd:
+    name: redis@{{ redis_port }}
+    enabled: yes
+    state: "{{ 'restarted' if redis_config_file.changed else 'started' }}"
diff --git a/roles/redis/templates/etc/redis.conf.j2 b/roles/redis/templates/etc/redis.conf.j2
new file mode 100644
index 0000000..5f6a307
--- /dev/null
+++ b/roles/redis/templates/etc/redis.conf.j2
@@ -0,0 +1,65 @@
+bind 127.0.0.1 ::1
+protected-mode yes
+port {{ redis_port }}
+logfile ""
+maxmemory {{ redis_max_memory }}
+maxmemory-policy {{ redis_max_memory_policy }}
+dir {{ redis_home }}/{{ redis_port }}
+
+# the rest of this file is unchanged from the EL defaults:
+tcp-backlog 511
+timeout 0
+tcp-keepalive 300
+daemonize no
+supervised no
+loglevel notice
+databases 16
+always-show-logo no
+save 900 1
+save 300 10
+save 60 10000
+stop-writes-on-bgsave-error yes
+rdbcompression yes
+rdbchecksum yes
+dbfilename dump.rdb
+replica-serve-stale-data yes
+replica-read-only yes
+repl-diskless-sync no
+repl-diskless-sync-delay 5
+repl-disable-tcp-nodelay no
+replica-priority 100
+lazyfree-lazy-eviction no
+lazyfree-lazy-expire no
+lazyfree-lazy-server-del no
+replica-lazy-flush no
+appendonly no
+appendfilename "appendonly.aof"
+appendfsync everysec
+no-appendfsync-on-rewrite no
+auto-aof-rewrite-percentage 100
+auto-aof-rewrite-min-size 64mb
+aof-load-truncated yes
+aof-use-rdb-preamble yes
+lua-time-limit 5000
+slowlog-log-slower-than 10000
+slowlog-max-len 128
+latency-monitor-threshold 0
+notify-keyspace-events ""
+hash-max-ziplist-entries 512
+hash-max-ziplist-value 64
+list-max-ziplist-size -2
+list-compress-depth 0
+set-max-intset-entries 512
+zset-max-ziplist-entries 128
+zset-max-ziplist-value 64
+hll-sparse-max-bytes 3000
+stream-node-max-bytes 4096
+stream-node-max-entries 100
+activerehashing yes
+client-output-buffer-limit normal 0 0 0
+client-output-buffer-limit replica 256mb 64mb 60
+client-output-buffer-limit pubsub 32mb 8mb 60
+hz 10
+dynamic-hz yes
+aof-rewrite-incremental-fsync yes
+rdb-save-incremental-fsync yes
diff --git a/roles/redis/vars/main.yml b/roles/redis/vars/main.yml
new file mode 100644
index 0000000..4659127
--- /dev/null
+++ b/roles/redis/vars/main.yml
@@ -0,0 +1 @@
+redis_home: /var/lib/redis
-- 
cgit