35 lines
2.1 KiB
Markdown
35 lines
2.1 KiB
Markdown
# Redis
|
|
|
|
<!-- TOC -->
|
|
* [Redis](#redis)
|
|
* [Variable reference](#variable-reference)
|
|
* [Optional variables](#optional-variables)
|
|
* [Example](#example)
|
|
<!-- TOC -->
|
|
|
|
## Variable reference
|
|
|
|
### Optional variables
|
|
|
|
| Variable | Description | Type of variable | Default value | Other value |
|
|
|-----------------------------|-----------------------------------------------------------------------------------------------|------------------|-------------------------------------------------------------------|---------------------------------------------------------|
|
|
| redis_config | Override redis default settings located in `/etc/redis/redis.conf` | `dict` | See Example | |
|
|
| redis_default_user_password | Define redis superuser `default` password | `string` | `auto` (password is auto-generated and stored in Hashicorp vault) | nopass (redis keyword to deactive password); <password> |
|
|
| redis_acls | Define ACLs [doc](https://redis.io/docs/latest/operate/oss_and_stack/management/security/acl) | `list` | None | |
|
|
|
|
### Example
|
|
|
|
```
|
|
redis_config:
|
|
bind: "127.0.0.1 ::1"
|
|
port: "0"
|
|
unixsocket: "/var/run/redis/redis-server.sock"
|
|
unixsocketperm: "770" # the unix socket mode is `0770`, and the owner and group is `redis`, so if you want to allow a process to access the socket, you may add its user to the redis group
|
|
protected-mode: "no"
|
|
save: '""' # snapshot to disk are disabled since we usually don't need persistence
|
|
|
|
redis_acls:
|
|
- name: app1
|
|
password: nopass # If the special keyword `auto` is provided the password will be generated and stored in Hashicorp Vault
|
|
right: "~* &* +@all"
|
|
```
|