├── .gitignore
├── ansible.cfg
├── images
    ├── redis.png
    ├── ansible.png
    ├── redis.svg
    └── ansible.svg
├── hosts
├── templates
    ├── redis.service.j2
    └── rc.local
├── Vagrantfile
├── README.md
└── playbook.yml


/.gitignore:
--------------------------------------------------------------------------------
1 | .vagrant
2 | *.retry


--------------------------------------------------------------------------------
/ansible.cfg:
--------------------------------------------------------------------------------
1 | [defaults]
2 | inventory = $PWD/hosts
3 | 


--------------------------------------------------------------------------------
/images/redis.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mikeblum/redis-playbook/HEAD/images/redis.png


--------------------------------------------------------------------------------
/hosts:
--------------------------------------------------------------------------------
1 | [webservers]
2 | 127.0.0.1
3 | [localhost]
4 | localhost           ansible_connection=local


--------------------------------------------------------------------------------
/images/ansible.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mikeblum/redis-playbook/HEAD/images/ansible.png


--------------------------------------------------------------------------------
/templates/redis.service.j2:
--------------------------------------------------------------------------------
 1 | [Unit]
 2 | Description=Redis In-Memory Data Store
 3 | After=network.target
 4 | 
 5 | [Service]
 6 | User={{ redis_user }}
 7 | Group={{ redis_group }}
 8 | ExecStart=/usr/local/bin/redis-server /etc/redis/redis.conf
 9 | ExecStop=/usr/local/bin/redis-cli shutdown
10 | Restart=always
11 | 
12 | [Install]
13 | WantedBy=multi-user.target


--------------------------------------------------------------------------------
/templates/rc.local:
--------------------------------------------------------------------------------
 1 | #!/bin/sh -e
 2 | #
 3 | # rc.local
 4 | #
 5 | # This script is executed at the end of each multiuser runlevel.
 6 | # Make sure that the script will "exit 0" on success or any other
 7 | # value on error.
 8 | #
 9 | # In order to enable or disable this script just change the execution
10 | # bits.
11 | #
12 | # By default this script does nothing.
13 | 
14 | exit 0
15 | 


--------------------------------------------------------------------------------
/Vagrantfile:
--------------------------------------------------------------------------------
 1 | # -*- mode: ruby -*-
 2 | # vi: set ft=ruby :
 3 | 
 4 | Vagrant.configure("2") do |config|
 5 |   config.vm.box = "bento/ubuntu-16.04"
 6 | 
 7 |   config.vm.provider "virtualbox" do |vb|
 8 |     # Customize the amount of memory on the VM:
 9 |     vb.memory = "1024"
10 |   end
11 | 
12 |   # Disable the new default behavior introduced in Vagrant 1.7, to
13 |   # ensure that all Vagrant machines will use the same SSH key pair.
14 |   # See https://github.com/mitchellh/vagrant/issues/5005
15 |   config.ssh.insert_key = false
16 |   
17 |   # expose redis to the host machine
18 |   config.vm.network "forwarded_port", guest: 6379, host: 6379, protocol: "tcp"
19 | 
20 |   config.vm.provision "ansible" do |ansible|
21 |     ansible.verbose = "v"
22 |     ansible.playbook = "playbook.yml"
23 |     # enable access from the host machine - DEVELOPMENT ONLY
24 |     # on a web server this would expose redis to the world
25 |     ansible.extra_vars = {
26 |       redis_bind_addr: "0.0.0.0",
27 |       redis_socket_permissions: 777
28 |     }
29 |   end
30 | end
31 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | ## redis-playbook
 2 | 
 3 | <img src="https://github.com/mikeblum/redis-playbook/raw/master/images/ansible.png" style="max-width: 150px"/>
 4 | ---
 5 | <img src="https://github.com/mikeblum/redis-playbook/raw/master/images/redis.png"   style="max-width: 150px"/>
 6 | 
 7 | an Ansible playbook for deploying a secured and optimized Redis instance
 8 | 
 9 | Based originally on DigitailOcean's guide to deploying a Redis instance:
10 | 
11 | [How to install and configure redis on Ubuntu 16.04](https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-redis-on-ubuntu-16-04)
12 | 
13 | This playbook looks to automate the tedious setup process by performing the following tasks:
14 | 
15 | - Update OS with apt-get
16 | - Install Redis dependencies
17 | - Install Redis from source (test, make)
18 | - Configure and secure Redis-as-a-service
19 | 	- Create a `redis` user and group
20 | 	- Create data and logging directories
21 | 	- Enable Redis socket support (`redis-cli -a redis -s /var/run/redis/redis.sock`)
22 | 
23 | - Optimize Redis
24 | 	- Disable Transparent Huge Pages (THP) support 
25 | 	- Increase TCP backlog
26 | 	- Enable low-memory DB saves
27 | 
28 | Run `vagrant up` to provision a Redis instance available from your local machine.
29 | 


--------------------------------------------------------------------------------
/images/redis.svg:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8" standalone="no" ?>
 2 | <svg width="256px" height="220px" viewBox="0 0 256 220" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" preserveAspectRatio="xMidYMid">
 3 |     <g>
 4 |         <path d="M245.969687,168.943256 C232.308259,176.064479 161.536048,205.163388 146.468577,213.017633 C131.402107,220.873879 123.031844,220.797876 111.129473,215.107699 C99.2271007,209.417521 23.9127473,178.99557 10.3463234,172.511368 C3.56511141,169.270267 0,166.535181 0,163.9511 L0,138.075292 C0,138.075292 98.0490639,116.729625 113.878559,111.051447 C129.707053,105.372269 135.199225,105.167264 148.669646,110.101418 C162.141067,115.036572 242.686583,129.569026 256,134.445178 C256,134.445178 255.993999,157.5559 255.993999,159.954975 C255.996,162.513055 252.923904,165.319143 245.969687,168.943256" fill="#912626"></path>
 5 |         <path d="M245.964922,143.220067 C232.303935,150.33806 161.534003,179.438032 146.467017,187.292024 C131.401031,195.149018 123.031039,195.072017 111.12905,189.382023 C99.2260618,183.696028 23.9151336,153.269057 10.3491466,146.788063 C-3.21684053,140.303069 -3.50184026,135.840074 9.82514705,130.622079 C23.1511343,125.402084 98.0490629,96.0171117 113.880047,90.3381172 C129.708033,84.6611226 135.199028,84.4541228 148.669014,89.3901181 C162.140002,94.3241134 232.487935,122.325087 245.799922,127.200082 C259.11491,132.081078 259.625908,136.099073 245.964922,143.220067" fill="#C6302B"></path>
 6 |         <path d="M245.969687,127.074354 C232.308259,134.195577 161.536048,163.294486 146.468577,171.151732 C131.402107,179.004977 123.031844,178.928975 111.129473,173.238797 C99.2261007,167.551619 23.9127473,137.126668 10.3463234,130.642465 C3.56511141,127.401364 0,124.669279 0,122.085199 L0,96.2063895 C0,96.2063895 98.0490639,74.8617226 113.878559,69.182545 C129.707053,63.5043676 135.199225,63.2983612 148.669646,68.2325154 C162.141067,73.1676697 242.686583,87.6971237 256,92.5742761 C256,92.5742761 255.993999,115.684998 255.993999,118.087073 C255.996,120.644153 252.923904,123.450241 245.969687,127.074354" fill="#912626"></path>
 7 |         <path d="M245.964922,101.351164 C232.303935,108.471157 161.534003,137.569129 146.467017,145.426122 C131.401031,153.280114 123.031039,153.203114 111.12905,147.51312 C99.2260618,141.827125 23.9151336,111.401154 10.3491466,104.91916 C-3.21684053,98.4361664 -3.50184026,93.9721706 9.82514705,88.7521756 C23.1511343,83.5351806 98.0490629,54.1482087 113.880047,48.4702141 C129.708033,42.7922195 135.199028,42.5862197 148.669014,47.521215 C162.140002,52.4552102 232.487935,80.4541835 245.799922,85.3311789 C259.11491,90.2101742 259.625908,94.2301704 245.964922,101.350163 L245.964922,101.351164" fill="#C6302B"></path>
 8 |         <path d="M245.969687,83.6525661 C232.308259,90.7737887 161.536048,119.873698 146.468577,127.730944 C131.402107,135.585189 123.031844,135.508187 111.129473,129.818008 C99.2261007,124.130831 23.9127473,93.7048802 10.3463234,87.2226777 C3.56511141,83.9805764 0,81.2474909 0,78.6654102 L0,52.7856015 C0,52.7856015 98.0490639,31.4419345 113.878559,25.7637571 C129.707053,20.0845797 135.199225,19.8795733 148.669646,24.8137275 C162.141067,29.7488817 242.686583,44.2783357 256,49.1554881 C256,49.1554881 255.993999,72.2662103 255.993999,74.6672853 C255.996,77.2223652 252.923904,80.0284528 245.969687,83.6525661" fill="#912626"></path>
 9 |         <path d="M245.964922,57.929387 C232.303935,65.0493802 161.534003,94.1493524 146.467017,102.004345 C131.401031,109.858338 123.031039,109.781338 111.12905,104.093343 C99.2270617,98.4053484 23.9151336,67.9813773 10.3491466,61.4983836 C-3.21684053,55.0153898 -3.50184026,50.550394 9.82514705,45.331399 C23.1511343,40.113404 98.0490629,10.729432 113.880047,5.04943744 C129.708033,-0.629557148 135.199028,-0.833556953 148.669014,4.10143834 C162.140002,9.03643363 232.487935,37.0354069 245.799922,41.9124022 C259.11491,46.7883976 259.625908,50.8093938 245.964922,57.929387" fill="#C6302B"></path>
10 |         <path d="M159.282977,32.7570853 L137.273922,35.0422326 L132.346419,46.8976124 L124.387597,33.667969 L98.973147,31.383814 L117.936992,24.5452403 L112.247442,14.0472558 L130.001736,20.9910078 L146.739969,15.5108217 L142.21631,26.3660155 L159.282977,32.7570853" fill="#FFFFFF"></path>
11 |         <path d="M131.03169,90.2747287 L89.9546047,73.2378295 L148.815752,64.2034109 L131.03169,90.2747287" fill="#FFFFFF"></path>
12 |         <path d="M74.0816124,39.3466047 C91.4568682,39.3466047 105.541829,44.8069457 105.541829,51.5413333 C105.541829,58.2767132 91.4568682,63.736062 74.0816124,63.736062 C56.7073488,63.736062 42.6213953,58.2767132 42.6213953,51.5413333 C42.6213953,44.8069457 56.7073488,39.3466047 74.0816124,39.3466047" fill="#FFFFFF"></path>
13 |         <path d="M185.29476,35.9977674 L220.130605,49.7642171 L185.324527,63.5167752 L185.29476,35.9977674" fill="#621B1C"></path>
14 |         <path d="M146.754853,51.2426667 L185.29476,35.9977674 L185.324527,63.5167752 L181.546047,64.9952248 L146.754853,51.2426667" fill="#9A2928"></path>
15 |     </g>
16 | </svg>
17 | 


--------------------------------------------------------------------------------
/images/ansible.svg:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8" standalone="no"?>
 2 | <svg width="256px" height="315px" viewBox="0 0 256 315" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" preserveAspectRatio="xMidYMid">
 3 | 	<g>
 4 | 		<g transform="translate(0.000000, 281.859985)" fill="#1A1918">
 5 | 			<path d="M67.516834,32.0035248 C66.9753105,32.0035248 66.3906671,31.8666739 65.9847187,31.3176926 L48.6011921,8.45648614 L48.6011921,31.775177 L44.6368825,31.775177 L44.6368825,3.06093065 C44.6368825,1.91840275 45.5828006,1.00382829 46.6646822,1.00382829 C47.2943879,1.00382829 47.8355229,1.18642767 48.239529,1.73540898 L65.5791587,24.5512613 L65.5791587,1.323673 L69.5430798,1.323673 L69.5430798,29.9917765 C69.5430798,31.1808416 68.5971618,32.0035248 67.516834,32.0035248"></path>
 6 | 			<path d="M100.306277,32.277976 C96.3435217,32.277976 92.1993517,31.4545041 88.3259436,29.9921314 L89.2722501,26.6994268 C92.8302228,27.8427434 96.7032425,28.665821 100.306277,28.665821 C105.305853,28.665821 107.917907,26.8824205 107.917907,24.3682281 C107.917907,22.0815948 105.890496,20.9386725 98.9097372,17.6463622 C91.9289785,14.3544463 89.1825141,12.2515955 89.1825141,8.13581322 C89.1825141,2.9701831 93.1452698,0.865754758 100.620936,0.865754758 C103.729063,0.865754758 108.502551,1.50662733 111.250957,2.32970491 L110.620086,5.71272332 C107.601695,4.98153702 103.819576,4.47869854 100.711449,4.47869854 C95.4430543,4.47869854 93.2808449,5.48398111 93.2808449,7.99935666 C93.2808449,10.4678006 94.8564686,11.5196204 102.242787,14.949176 C110.034666,18.561331 112.016238,20.39048 112.016238,24.1390915 C112.016238,29.5807898 106.881088,32.277976 100.306277,32.277976"></path>
 7 | 			<path d="M130.798131,1.323673 L134.896461,1.323673 L134.896461,31.7747826 L130.798131,31.7747826 L130.798131,1.323673 Z"></path>
 8 | 			<path d="M169.757834,17.9669168 L159.578047,17.9669168 L159.578047,28.3009377 L169.757834,28.3009377 C173.225294,28.3009377 175.342053,26.1058013 175.342053,23.0418388 C175.342053,20.1612645 173.135558,17.9669168 169.757834,17.9669168 M167.775097,4.79846437 L159.578047,4.79846437 L159.578047,14.5377556 L167.775097,14.5377556 C171.063473,14.5377556 173.450217,12.434116 173.450217,9.50818761 C173.450217,6.62761329 171.378132,4.79846437 167.775097,4.79846437 M169.802508,31.7750587 L157.552578,31.7750587 C156.38096,31.7750587 155.480104,30.8600898 155.480104,29.7175619 L155.480104,3.38144581 C155.480104,2.2834832 156.38096,1.32394907 157.552578,1.32394907 L167.685749,1.32394907 C173.900839,1.32394907 177.59361,4.38712277 177.59361,9.1883429 C177.59361,11.7940322 176.062271,14.2175165 173.719813,15.6349294 C177.189215,16.6867492 179.529731,19.5669291 179.529731,23.0418388 C179.529731,27.888413 175.522302,31.7750587 169.802508,31.7750587"></path>
 9 | 			<path d="M199.212246,31.7750981 C198.088022,31.7750981 197.186778,30.8147752 197.186778,29.7176013 L197.186778,1.32398851 L201.284331,1.32398851 L201.284331,28.0718406 L217.588307,28.0718406 L217.588307,31.7750981 L199.212246,31.7750981 Z"></path>
10 | 			<path d="M245.526181,32.277976 C237.148883,32.277976 232.104634,29.1690539 232.104634,22.9050667 C232.104634,19.9329955 233.771547,17.0981697 237.014473,15.7722536 C234.40203,14.1260985 233.051329,11.7941111 233.051329,9.23377583 C233.051329,3.56451846 237.421198,0.865754758 245.617083,0.865754758 C248.364713,0.865754758 252.237344,1.18638824 255.480658,1.91836331 L255.029647,5.30138173 C251.607638,4.75240042 248.408609,4.43334448 245.301259,4.43334448 C239.986637,4.43334448 237.148883,5.89571709 237.148883,9.4167696 C237.148883,12.2062414 239.761714,14.4005891 243.230339,14.4005891 L250.255383,14.4005891 C251.246364,14.4005891 252.011644,15.1779182 252.011644,16.1378468 C252.011644,17.1435237 251.246364,17.9208529 250.255383,17.9208529 L242.69037,17.9208529 C238.725672,17.9208529 236.204907,19.8864583 236.204907,22.9050667 C236.204907,27.3399049 240.303238,28.665821 245.437222,28.665821 C248.229914,28.665821 252.011644,28.3010166 255.073933,27.5690415 L255.660907,30.9063115 C252.73264,31.7297835 248.903905,32.277976 245.526181,32.277976"></path>
11 | 			<path d="M14.1379982,7.03469555 L21.3157099,25.0189603 L10.4751393,16.3496305 L14.1379982,7.03469555 Z M26.8894398,29.1623494 L15.8495854,2.18772698 C15.5345384,1.41039785 14.9036674,0.99866187 14.1379982,0.99866187 C13.372329,0.99866187 12.6967842,1.41039785 12.3817372,2.18772698 L0.263885888,31.7751375 L4.40844431,31.7751375 L9.20601639,19.5768676 L23.5202622,31.3176531 C24.0959709,31.7897297 24.5112425,32.0034854 25.0523775,32.0034854 C26.1327053,32.0034854 27.0786234,31.1808022 27.0786234,29.9921314 C27.0786234,29.7992781 27.0106416,29.492448 26.8894398,29.1623494 L26.8894398,29.1623494 Z"></path>
12 | 		</g>
13 | 		<g>
14 | 			<path d="M255.878566,127.868028 C255.878566,198.323171 198.768494,255.43274 128.312347,255.43274 C57.8622265,255.43274 0.746127325,198.323171 0.746127325,127.868028 C0.746127325,57.4179077 57.8622265,0.301808544 128.312347,0.301808544 C198.768494,0.301808544 255.878566,57.4179077 255.878566,127.868028" fill="#1A1918"></path>
15 | 			<path d="M130.459863,78.228885 L163.47146,159.705138 L113.608007,120.427335 L130.459863,78.228885 Z M189.104342,178.474123 L138.32577,56.2720498 C136.876246,52.7476854 133.977698,50.8827909 130.459863,50.8827909 C126.935499,50.8827909 123.826002,52.7476854 122.376477,56.2720498 L66.6436045,190.312411 L85.708924,190.312411 L107.771234,135.047143 L173.610097,188.23707 C176.258016,190.378208 178.168617,191.346566 180.652297,191.346566 C185.626186,191.346566 189.973756,187.617782 189.973756,182.235555 C189.973756,181.359612 189.664363,179.969354 189.104342,178.474123 L189.104342,178.474123 Z" fill="#FFFFFF"></path>
16 | 		</g>
17 | 	</g>
18 | </svg>
19 | 


--------------------------------------------------------------------------------
/playbook.yml:
--------------------------------------------------------------------------------
  1 | ---
  2 | # based on Digital Ocean's installation guide
  3 | # https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-redis-on-ubuntu-16-04
  4 | - hosts: all 
  5 |   sudo: True
  6 |   remote_user: root
  7 | 
  8 |   vars:
  9 |     ipv4_addr: '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}'
 10 |     redis_user: redis
 11 |     redis_group: redis
 12 |     # change for production
 13 |     redis_bind_addr: 127.0.0.1
 14 |     redis_port: 6379
 15 |     redis_tcp_sockets: 511
 16 |     redis_socket: /var/run/redis/redis.sock
 17 |     redis_socket_permissions: 770
 18 |     redis_logfile: /var/log/redis/redis-server.log
 19 |     # generate a 32-character password with apg:
 20 |     # apg -m 32 -x 1 -a 1 -n 1
 21 |     redis_password: redis
 22 |   
 23 |   # install python 2.7 on Ubuntu > 14.x 
 24 |   # solves "/bin/sh: 1: /usr/bin/python: not found" issue with
 25 |   # later Ubuntu releases
 26 |   gather_facts: no
 27 |   pre_tasks:
 28 |     - name: 'install python2'
 29 |       raw: sudo apt-get -y install python-simplejson  
 30 | 
 31 |   tasks:
 32 |     - name: update apt cache
 33 |       apt: update_cache=yes
 34 | 
 35 |     - name: install required packages
 36 |       apt: name={{ item }} state=present
 37 |       with_items:
 38 |         - build-essential
 39 |         - tcl
 40 | 
 41 |     - name: download redis src
 42 |       # remote_src broken in ~ 2.1
 43 |       # https://github.com/ansible/ansible-modules-core/issues/4752
 44 |       unarchive: 
 45 |         src: http://download.redis.io/redis-stable.tar.gz 
 46 |         copy: no
 47 |         dest: /tmp
 48 |         mode: u=rwx,g=rx,o=rx
 49 |         owner: root
 50 |         creates: /tmp/redis-stable
 51 |     
 52 |     - name: make redis
 53 |       make: chdir=/tmp/redis-stable
 54 | 
 55 |     - name: test and install redis
 56 |       make: chdir=/tmp/redis-stable target={{ item }}
 57 |       become: yes
 58 |       with_items:
 59 |         - test
 60 |         - install
 61 | 
 62 |     - name: create /etc/redis, data, logs, and socket directories
 63 |       file: path={{ item }} state=directory
 64 |       with_items:
 65 |         - /etc/redis
 66 |         - /var/lib/redis
 67 |         - /var/log/redis
 68 |         - /var/run/redis
 69 | 
 70 |     - name: copy default redis.conf
 71 |       # create a copy of the default redis.conf
 72 |       copy: remote_src=True
 73 |             src=/tmp/redis-stable/redis.conf
 74 |             dest=/etc/redis/redis.conf
 75 |       become: yes
 76 | 
 77 |     - name: configure systemmd
 78 |       lineinfile: dest=/etc/redis/redis.conf 
 79 |                 regexp='^supervised no$' 
 80 |                 line='supervised systemd'
 81 |                 state=present
 82 | 
 83 |     - name: store redis data in /var/lib/redis
 84 |       lineinfile: dest=/etc/redis/redis.conf
 85 |                 regexp='^dir ./$'
 86 |                 line='dir /var/lib/redis'
 87 |                 state=present
 88 | 
 89 |     - name: secure redis
 90 |       lineinfile: 
 91 |         dest: /etc/redis/redis.conf
 92 |         regexp: '^# requirepass \w*$'
 93 |         line: 'requirepass {{ redis_password }}'
 94 |         state: present
 95 | 
 96 |     - name: bind to redis.bind_addr
 97 |       lineinfile: 
 98 |         dest: /etc/redis/redis.conf
 99 |         regexp: '^bind {{ ipv4_addr }}$'
100 |         line: 'bind {{ redis_bind_addr }}'
101 |         state: present
102 | 
103 |     - name: configure logging
104 |       lineinfile: 
105 |         dest: /etc/redis/redis.conf
106 |         regexp: '^logfile ""$'
107 |         line: 'logfile {{ redis_logfile }}'
108 |         state: present
109 | 
110 |     - name: Check rc.local exists
111 |       stat:
112 |         path: /etc/rc.local
113 |       register: rc_local
114 | 
115 |     - name: Create rc.local if not present
116 |       when: rc_local.islnk is not defined
117 |       template:
118 |         src: templates/rc.local
119 |         dest: /etc/rc.local
120 |         mode: '0755'
121 | 
122 |     - name: disable Transparent Huge Pages (THP) support
123 |       lineinfile: dest=/etc/rc.local
124 |             	  insertbefore='^exit 0$'
125 |           	  line='echo never > /sys/kernel/mm/transparent_hugepage/enabled'
126 |           	  state=present
127 |       become: yes
128 | 
129 |     - name: fix TCP backlog
130 |       lineinfile: dest=/etc/rc.local
131 |                 insertbefore='^exit 0$'
132 |                 line='net.core.somaxconn={{ redis_tcp_sockets }}'
133 |                 state=present
134 |       become: yes
135 | 
136 |     - command: sysctl -w net.core.somaxconn={{ redis_tcp_sockets }}
137 |       become: yes
138 | 
139 |     - name: enable low-memory background saves
140 |       lineinfile: dest=/etc/sysctl.conf
141 |                 regexp=''
142 |                 insertafter=EOF
143 |                 line='vm.overcommit_memory = 1'
144 |       become: yes
145 | 
146 |     - command: sysctl vm.overcommit_memory=1
147 |       become: yes
148 | 
149 |     - name: create redis-as-a-service
150 |       template: src=templates/redis.service.j2 
151 |                 dest=/etc/systemd/system/redis.service
152 |                 owner=root
153 |                 group=root
154 |                 mode=0644
155 | 
156 |     - name: create redis group
157 |       group: name=redis state=present
158 | 
159 |     - name: create redis user
160 |       user: name={{ redis_user }}
161 |             group={{ redis_group }}
162 |             shell=/bin/bash
163 |             createhome=no
164 |     
165 |     - name: enable unix socket support
166 |       lineinfile: dest=/etc/redis/redis.conf
167 |                 regexp='^unixsocket {{ redis_socket }}$'
168 |                 line='unixsocket {{ redis_socket }}'
169 |                 state=present
170 |                 insertafter=EOF
171 |                 create=True
172 | 
173 |     - name: configure unix socket permissions
174 |       lineinfile: dest=/etc/redis/redis.conf
175 |                 regexp='^unixsocketperm {{ redis_socket_permissions }}$'
176 |                 line='unixsocketperm {{ redis_socket_permissions }}'
177 |                 state=present
178 |                 insertafter=EOF
179 |                 create=True
180 | 
181 |     - name: set permissions for redis
182 |       file: path={{ item }} state=touch owner=redis group=redis mode=0770
183 |       with_items:
184 |         - /etc/redis
185 |         - /var/lib/redis
186 |         - /var/log/redis
187 |         - /var/run/redis
188 |       become: yes
189 | 
190 |     - name: start redis
191 |       service: name=redis state=restarted enabled=yes
192 | 


--------------------------------------------------------------------------------