63 lines
1.6 KiB
YAML
63 lines
1.6 KiB
YAML
---
|
|
- name: Validate required password is set
|
|
ansible.builtin.assert:
|
|
that:
|
|
- valkey_admin_password is defined
|
|
- valkey_admin_password | length >= 12
|
|
fail_msg: |
|
|
valkey_admin_password is required (min 12 chars).
|
|
See roles/valkey/defaults/main.yml for configuration instructions.
|
|
success_msg: "Password validation passed"
|
|
|
|
- name: Configure kernel tuning for Valkey
|
|
ansible.builtin.import_tasks: kernel-tuning.yml
|
|
|
|
- name: Load OS-specific variables
|
|
ansible.builtin.include_vars: "{{ item }}"
|
|
with_first_found:
|
|
- "{{ ansible_facts['os_family'] }}.yml"
|
|
- debian.yml
|
|
|
|
- name: Install Valkey
|
|
ansible.builtin.package:
|
|
name: "{{ valkey_package }}"
|
|
state: present
|
|
|
|
- name: Deploy Valkey configuration
|
|
ansible.builtin.template:
|
|
src: valkey.conf.j2
|
|
dest: "{{ valkey_config_file }}"
|
|
owner: "{{ valkey_user }}"
|
|
group: "{{ valkey_group }}"
|
|
mode: "0640"
|
|
notify: Restart Valkey
|
|
|
|
- name: Deploy Valkey ACL file
|
|
ansible.builtin.template:
|
|
src: users.acl.j2
|
|
dest: "{{ valkey_acl_file }}"
|
|
owner: "{{ valkey_user }}"
|
|
group: "{{ valkey_group }}"
|
|
mode: "0640"
|
|
notify: Restart Valkey
|
|
|
|
- name: Enable and start Valkey service
|
|
ansible.builtin.systemd:
|
|
name: "{{ valkey_service_name }}"
|
|
enabled: true
|
|
state: started
|
|
|
|
- name: Setup firewall rules for Valkey
|
|
community.general.ufw:
|
|
rule: allow
|
|
src: "{{ item }}"
|
|
port: "{{ valkey_port }}"
|
|
proto: tcp
|
|
direction: in
|
|
comment: "Valkey"
|
|
loop: "{{ valkey_firewall_allowed_sources }}"
|
|
retries: 5
|
|
delay: 2
|
|
register: ufw_result
|
|
until: ufw_result is succeeded
|