Newer
Older
# Copyright 2025 Chris Croome
#
# This file is part of the Webarchitects Valkey Ansible role.
#
# The Webarchitects Valkey Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
#
# The Webarchitects Valkey Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with the Webarchitects Valkey Ansible role. If not, see <https://www.gnu.org/licenses/>.
---
argument_specs:
main:
author: Chris Croome
description: Ansible role for installing and configuring nftables on Debian.
short_description: The main entry point for the Valkey role.
options:
valkey:
type: bool
required: true
description: Run the tasks in this role.
valkey_apt_backports:
type: str
required: true
description: String that will be present in the apt cache policy when backports are enabled.
elements: dict
required: true
description: A list of Valkey instances and their configuration.
config_file:
type: str
required: true
description: The path to the valkey instance configuration file.
state:
type: str
required: true
choices:
- absent
- enabled
description: The state of the Valkey instance.
config:
type: dict
required: false
description: A dictionary of keys and values for the Valkey configuration.
options:
include:
type: list
elements: str
description: Include one or more other config files.
required: false
loadmodule:
type: list
elements: str
description: Load modules at startup.
required: false
bind:
type: str
required: false
description: One or more IP addresses that the instance should bind to, each address can be prefixed by "-", which means that the server will not fail to start if the address is not available.
bind_source_addr:
type: str
required: false
description: Configure a specific address to bind to.
protected_mode:
type: bool
required: false
description: When protected mode is on and the default user has no password, the server only accepts local connections from the IPv4 address (127.0.0.1), IPv6 address (::1) or Unix domain sockets.
tcp_backlog:
description: In high requests-per-second environments you need a high backlog in order to avoid slow clients connection issues.
enable_protected_configs:
type: str
choices:
- "local"
- "no"
- "yes"
required: false
description: Enable protected configs.
enable_debug_command:
type: str
choices:
- "local"
- "no"
- "yes"
required: false
description: Enable debug command.
enable_module_command:
type: str
choices:
- "local"
- "no"
- "yes"
required: false
description: Enable module command.
port:
type: list
elements: int
required: true
description: A list of port numbers to accept connections on, the default is 6379. If port 0 is specified the server will not listen on a TCP socket.
unixsocket:
type: str
required: false
description: The path for the Unix socket that will be used to listen for incoming connections. There is no default, so the server will not listen on a unix socket when not specified.
unixsocketgroup:
type: str
required: false
description: UNIX socket group.
unixsocketperm:
type: int
required: false
description: The Unix socket octal permissions, default 700.
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
socket_mark_id:
type: int
required: false
description: The ID represents a connection mark. The default value is 0, which implies no marking is required.
tls_port:
type: str
required: false
description: TLS port.
tls_cert_file:
type: str
required: false
description: TLS cert file.
tls_key_file:
type: str
required: false
description: TLS key file.
tls_key_file_pass:
type: str
required: false
description: TLS key file password.
tls_client_cert_file:
type: str
required: false
description: TLS client cert file.
tls_client_key_file:
type: str
required: false
description: TLS client key file.
tls_client_key_file_pass:
type: str
required: false
description: TLS client key file password.
tls_dh_params_file:
type: str
required: false
description: TLS DH params file.
tls_ca_cert_file:
type: str
required: false
description: TLS CA cert file.
tls_ca_cert_dir:
type: str
required: false
description: TLS CA cert dirextory.
tls_auth_clients:
type: str
choices:
- "no"
- "optional"
required: false
description: TLS auth clients.
tls_replication:
type: bool
required: false
description: TLS replications.
tls_cluster:
type: bool
required: false
description: TLS cluster.
tls_protocols:
type: str
required: false
description: TLS protocols.
tls_ciphers:
type: str
required: false
description: TLS ciphers.
tls_ciphersuites:
type: str
required: false
description: TLS cipher suites.
tls_prefer_server_ciphers:
type: bool
required: false
description: TLS prefer server ciphers.
tls_session_caching:
type: bool
required: false
description: TLS session caching.
tls_session_cache_size:
type: int
required: false
description: TLS session cache size.
Loading
Loading full blame...