ansible-playbooks/roles/valkey/defaults/main.yml
2025-11-11 00:02:42 +01:00

47 lines
1.4 KiB
YAML

---
# Valkey bind address
# Default: localhost only
# To allow container access, set to "127.0.0.1 {{ podman_subnet_gateway }}" in your inventory
# Example: "127.0.0.1 10.89.0.1"
valkey_bind: 127.0.0.1
# Valkey port
valkey_port: 6379
# Valkey authentication (REQUIRED - must be set explicitly)
# Set via inventory, host_vars, or ansible-vault
# valkey_admin_password: "" # Intentionally undefined - role will fail if not set
# Valkey max memory (0 = unlimited)
valkey_maxmemory: 256mb
# Valkey max memory policy
# noeviction: Return errors when memory limit is reached (recommended for job queues like BullMQ)
# allkeys-lru: Evict least recently used keys (good for pure caching)
valkey_maxmemory_policy: noeviction
# Valkey data directory (overridden by OS-specific vars)
valkey_dir: /var/lib/valkey
# Valkey ACL file location
valkey_acl_file: /etc/valkey/users.acl
# Valkey ACL users
# Services can register their users here
# Each user should have: username, password, keypattern, commands
valkey_acl_users: []
# Example:
# valkey_acl_users:
# - username: immich
# password: "secretpassword"
# keypattern: "*" # Keys this user can access
# commands: "+@all -@dangerous" # Allowed commands
# Valkey log level (debug, verbose, notice, warning)
valkey_loglevel: notice
# Firewall configuration
valkey_firewall_allowed_sources:
- 127.0.0.0/8 # Localhost
- "{{ podman_subnet | default('10.88.0.0/16') }}" # Podman bridge network