From 43c34d41046f56c67515aa304ef9f21623a9b7a4 Mon Sep 17 00:00:00 2001
From: Chris Croome <chris@webarchitects.co.uk>
Date: Tue, 4 Feb 2025 16:06:52 +0000
Subject: [PATCH] wip
---
defaults/main.yml | 4 +-
meta/argument_specs.yml | 22 ++++-----
molecule/default/converge.yml | 39 +++++++++++++++
molecule/default/verify.yml | 13 +++--
tasks/instance_absent.yml | 50 ++++++++++++++++++++
tasks/instance_check.yml | 44 +++++++++++++++++
tasks/instance_check_pass.yml | 46 ++++++++++++++++++
tasks/{instance.yml => instance_present.yml} | 46 ++----------------
tasks/main.yml | 13 ++---
9 files changed, 207 insertions(+), 70 deletions(-)
create mode 100644 tasks/instance_absent.yml
create mode 100644 tasks/instance_check.yml
create mode 100644 tasks/instance_check_pass.yml
rename tasks/{instance.yml => instance_present.yml} (80%)
diff --git a/defaults/main.yml b/defaults/main.yml
index 65fbb73..f627304 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -12,6 +12,7 @@ valkey: false
valkey_instances:
- name: server
state: enabled
+ config_file: /etc/valkey/valkey.conf
config:
bind: 127.0.0.1 -::1
port: 0
@@ -20,9 +21,9 @@ valkey_instances:
pidfile: /run/valkey/valkey-server.pid
logfile: /var/log/valkey/valkey-server.log
dbfilename: dump.rdb
- config_file: /etc/valkey/valkey.conf
# - name: cloud
# state: enabled
+ # config_file: /etc/valkey/valkey-cloud.conf
# config:
# port: 0
# unixsocket: /run/valkey-cloud/valkey-server.sock
@@ -30,7 +31,6 @@ valkey_instances:
# pidfile: /run/valkey-cloud/valkey-server.pid
# logfile: /var/log/valkey/valkey-server-cloud.log
# dbfilename: dump-cloud.rdb
- # CONFIg_file: /etc/valkey/valkey-cloud.conf
valkey_enabled: true
valkey_pkgs:
- name: bookworm
diff --git a/meta/argument_specs.yml b/meta/argument_specs.yml
index 9ffeed3..79c8d9f 100644
--- a/meta/argument_specs.yml
+++ b/meta/argument_specs.yml
@@ -32,6 +32,17 @@ argument_specs:
type: str
required: true
description: The Valkey instance name.
+ config_file:
+ type: str
+ required: true
+ description: The path to the valkey instance configuration file.
+ state:
+ type: str
+ required: true
+ choices:
+ - absent
+ - enabled
+ description: The state of the Valkey instance.
config:
type: dict
required: false
@@ -69,17 +80,6 @@ argument_specs:
type: str
required: false
description: The instance default password.
- config_file:
- type: str
- required: true
- description: The path to the valkey instance configuration file.
- state:
- type: str
- required: true
- choices:
- - absent
- - enabled
- description: The state of the Valkey instance.
valkey_enabled:
type: bool
required: true
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
index 420c2de..ef6ff7b 100644
--- a/molecule/default/converge.yml
+++ b/molecule/default/converge.yml
@@ -30,9 +30,48 @@
ansible.builtin.debug:
var: ansible_facts.user_dir
+ - name: Set fact for Valkey passwords
+ ansible.builtin.set_fact:
+ molecule_valkey_cloud_pass: "{{ lookup('community.general.random_string', length=16, special=false) }}"
+ molecule_valkey_wp_pass: "{{ lookup('community.general.random_string', length=16, special=false) }}"
+
- name: Include netfilter role as root
ansible.builtin.include_role:
name: valkey
vars: # noqa: var-naming[no-role-prefix]
valkey: true
+ valkey_instances:
+ - name: server
+ state: enabled
+ config_file: /etc/valkey/valkey.conf
+ config:
+ bind: 127.0.0.1 -::1
+ port: 0
+ unixsocket: /run/valkey/valkey-server.sock
+ unixsocketperm: 770
+ pidfile: /run/valkey/valkey-server.pid
+ logfile: /var/log/valkey/valkey-server.log
+ dbfilename: dump.rdb
+ - name: cloud
+ state: enabled
+ config_file: /etc/valkey/valkey-cloud.conf
+ config:
+ port: 0
+ unixsocket: /run/valkey-cloud/valkey-server.sock
+ unixsocketperm: 770
+ requirepass: "{{ molecule_valkey_cloud_pass }}"
+ pidfile: /run/valkey-cloud/valkey-server.pid
+ logfile: /var/log/valkey/valkey-server-cloud.log
+ dbfilename: dump-cloud.rdb
+ - name: wp
+ state: enabled
+ config_file: /etc/valkey/valkey-wp.conf
+ config:
+ port: 0
+ unixsocket: /run/valkey-wp/valkey-server.sock
+ unixsocketperm: 770
+ requirepass: "{{ molecule_valkey_wp_pass }}"
+ pidfile: /run/valkey-wp/valkey-server.pid
+ logfile: /var/log/valkey/valkey-server-wp.log
+ dbfilename: dump-wp.rdb
...
diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml
index 76767ba..d1d5cf4 100644
--- a/molecule/default/verify.yml
+++ b/molecule/default/verify.yml
@@ -20,20 +20,19 @@
- name: Gather service facts
ansible.builtin.service_facts:
- register: molecule_service_facts
- - name: Debug valkey service status
+ - name: Debug Valkey service status
ansible.builtin.debug:
- msg: "{{ molecule_service_facts | community.general.json_query(molecule_service_jpq) }}"
+ msg: "{{ ansible_facts.services | community.general.json_query(molecule_service_jpq) }}"
verbosity: 0
vars:
- molecule_service_jpq: 'ansible_facts.services.["valkey.service"]|[0]'
+ molecule_service_jpq: '["valkey.service"]|[0]'
- - name: Check that Valkey is enabled # and running
+ - name: Check that Valkey server is active
ansible.builtin.assert:
that:
- - (molecule_service_facts | community.general.json_query(molecule_service_jpq)).state == "active"
+ - (ansible_facts.services | community.general.json_query(molecule_service_jpq)).state == "active"
quiet: true
vars:
- molecule_service_jpq: 'ansible_facts.services.["valkey.service"]|[0]'
+ molecule_service_jpq: '["valkey.service"]|[0]'
...
diff --git a/tasks/instance_absent.yml b/tasks/instance_absent.yml
new file mode 100644
index 0000000..ef5ce77
--- /dev/null
+++ b/tasks/instance_absent.yml
@@ -0,0 +1,50 @@
+# Copyright 2025 Chris Croome
+#
+# This file is part of the Webarchitects Valkey Ansible role.
+#
+# The Webarchitects Valkey Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Valkey Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Valkey Ansible role. If not, see <https://www.gnu.org/licenses/>.
+---
+- name: Valkey instance absent
+ block:
+
+ - name: Debug valkey_instance
+ ansible.builtin.debug:
+ var: valkey_instance
+ verbosity: "{% if ansible_check_mode | bool or ansible_diff_mode | bool %}1{% else %}2{% endif %}"
+
+ - name: Set a fact for the systemd service name
+ ansible.builtin.set_fact:
+ valkey_instance_service: >-
+ {%- if valkey_instance.name == "server" -%}
+ valkey-server.service
+ {%- else -%}
+ valkey-server@{{ valkey_instance.name }}.service
+ {%- endif -%}
+
+ - name: Debug valkey_instance_service
+ ansible.builtin.debug:
+ var: valkey_instance_service
+ verbosity: "{% if ansible_check_mode | bool or ansible_diff_mode | bool %}0{% else %}1{% endif %}"
+
+ - name: "Valkey disabled for {{ valkey_instance_service }}"
+ ansible.builtin.systemd_service:
+ name: "{{ valkey_instance_service }}"
+ enabled: false
+
+ - name: "Valkey stopped for {{ valkey_instance_service }}"
+ ansible.builtin.systemd_service:
+ name: "{{ valkey_instance_service }}"
+ state: started
+
+ - name: Valkey instance config absent
+ ansible.builtin.file:
+ path: "{{ valkey_instance.config_file }}"
+ state: absent
+
+ tags:
+ - valkey
+...
diff --git a/tasks/instance_check.yml b/tasks/instance_check.yml
new file mode 100644
index 0000000..62b8ee9
--- /dev/null
+++ b/tasks/instance_check.yml
@@ -0,0 +1,44 @@
+# Copyright 2025 Chris Croome
+#
+# This file is part of the Webarchitects Valkey Ansible role.
+#
+# The Webarchitects Valkey Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Valkey Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Valkey Ansible role. If not, see <https://www.gnu.org/licenses/>.
+---
+- name: Valkey check using password
+ block:
+
+ - name: "Check Valkey info for {{ valkey_instance.name }}"
+ ansible.builtin.command: >-
+ valkey-cli
+ {% if valkey_instance.config.unixsocket is defined %}
+ -s {{ valkey_instance.config.unixsocket }}
+ {% else %}
+ -h localhost -p {{ valkey_instance.config.port }}
+ {% endif %}
+ INFO SERVER
+ check_mode: false
+ changed_when: false
+ register: valkey_instance_info_server
+ when: valkey_instance.config.requirepass is not defined
+
+ - name: Debug valkey_instance_info_server
+ ansible.builtin.debug:
+ var: valkey_instance_info_server
+
+ - name: "Set a fact for the Valkey info for {{ valkey_instance.name }}"
+ ansible.builtin.set_fact:
+ valkey_instance_info: "{{ valkey_instance_info_server.stdout | string | community.general.jc('ini') }}"
+ when: valkey_instance_info_server.stdout is defined
+
+ - name: Debug valkey_instance_info
+ ansible.builtin.debug:
+ var: valkey_instance_info
+ when: valkey_instance_info is defined
+
+ tags:
+ - valkey
+...
diff --git a/tasks/instance_check_pass.yml b/tasks/instance_check_pass.yml
new file mode 100644
index 0000000..114d4f1
--- /dev/null
+++ b/tasks/instance_check_pass.yml
@@ -0,0 +1,46 @@
+# Copyright 2025 Chris Croome
+#
+# This file is part of the Webarchitects Valkey Ansible role.
+#
+# The Webarchitects Valkey Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Valkey Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Valkey Ansible role. If not, see <https://www.gnu.org/licenses/>.
+---
+- name: Valkey check using password
+ block:
+
+ - name: "When active check Valkey info using REDISCLI_AUTH for {{ valkey_instance.name }}"
+ ansible.builtin.command: >-
+ valkey-cli
+ {% if valkey_instance.config.unixsocket is defined %}
+ -s {{ valkey_instance.config.unixsocket }}
+ {% else %}
+ -h localhost -p {{ valkey_instance.config.port }}
+ {% endif %}
+ INFO SERVER
+ environment:
+ REDISCLI_AUTH: "{{ valkey_instance.config.requirepass }}"
+ check_mode: false
+ changed_when: false
+ register: valkey_instance_info_server
+ when: valkey_instance.config.requirepass is defined
+
+ - name: Debug valkey_instance_info_server
+ ansible.builtin.debug:
+ var: valkey_instance_info_server
+
+ - name: "Set a fact for the Valkey info for {{ valkey_instance.name }}"
+ ansible.builtin.set_fact:
+ valkey_instance_info: "{{ valkey_instance_info_server.stdout | string | community.general.jc('ini') }}"
+ when: valkey_instance_info_server.stdout is defined
+
+ - name: Debug valkey_instance_info
+ ansible.builtin.debug:
+ var: valkey_instance_info
+ when: valkey_instance_info is defined
+
+ tags:
+ - valkey
+...
diff --git a/tasks/instance.yml b/tasks/instance_present.yml
similarity index 80%
rename from tasks/instance.yml
rename to tasks/instance_present.yml
index e9309d2..59aa2b0 100644
--- a/tasks/instance.yml
+++ b/tasks/instance_present.yml
@@ -8,7 +8,7 @@
#
# You should have received a copy of the GNU General Public License along with the Webarchitects Valkey Ansible role. If not, see <https://www.gnu.org/licenses/>.
---
-- name: Valkey instance config
+- name: Valkey instance present
block:
- name: Debug valkey_instance
@@ -166,50 +166,14 @@
- name: Check Valkey instance status
block:
- - name: "When active check Valkey info using REDISCLI_AUTH for {{ valkey_instance.name }}"
- ansible.builtin.command: >-
- valkey-cli
- {% if valkey_instance.config.unixsocket is defined %}
- -s {{ valkey_instance.config.unixsocket }}
- {% else %}
- -h localhost -p {{ valkey_instance.config.port }}
- {% endif %}
- INFO SERVER
- environment:
- REDISCLI_AUTH: "{{ valkey_instance.config.requirepass }}"
- check_mode: false
- changed_when: false
- register: valkey_instance_info_server
+ - name: "Include valkey instance check using REDISCLI_AUTH for {{ valkey_instance.name }}"
+ ansible.builtin.include_tasks: instance_check_pass.yml
when: valkey_instance.config.requirepass is defined
- - name: "Check Valkey info for {{ valkey_instance.name }}"
- ansible.builtin.command: >-
- valkey-cli
- {% if valkey_instance.config.unixsocket is defined %}
- -s {{ valkey_instance.config.unixsocket }}
- {% else %}
- -h localhost -p {{ valkey_instance.config.port }}
- {% endif %}
- INFO SERVER
- check_mode: false
- changed_when: false
- register: valkey_instance_info_server
+ - name: "Include valkey instance check for {{ valkey_instance.name }}"
+ ansible.builtin.include_tasks: instance_check_pass.yml
when: valkey_instance.config.requirepass is not defined
- - name: Debug valkey_instance_info_server
- ansible.builtin.debug:
- var: valkey_instance_info_server
-
- - name: "Set a fact for the Valkey info for {{ valkey_instance.name }}"
- ansible.builtin.set_fact:
- valkey_instance_info: "{{ valkey_instance_info_server.stdout | string | community.general.jc('ini') }}"
- when: valkey_instance_info_server.stdout is defined
-
- - name: Debug valkey_instance_info
- ansible.builtin.debug:
- var: valkey_instance_info
- when: valkey_instance_info is defined
-
when:
- valkey_instance_enabled.enabled | bool
- valkey_instance_started.status.ActiveState == "active"
diff --git a/tasks/main.yml b/tasks/main.yml
index 8e91089..19f2e3c 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -37,21 +37,16 @@
tags:
- valkey_check
- - name: Valkey instance config absent
- ansible.builtin.command:
- args:
- cmd: "mv {{ valkey_instance.config_file }} {{ valkey_config_backup }}"
- removes: "{{ valkey_instance.config_file }}"
- vars:
- valkey_config_backup: "{{ valkey_instance.config_file | ansible.builtin.dirname }}/.{{ valkey_instance.config_file | ansible.builtin.basename }}.{{ ansible_facts.date_time.iso8601_basic_short }}.bak"
+ - name: Include Valkey instance absent tasks
+ ansible.builtin.include_tasks: instance_absent.yml
loop: "{{ valkey_instances }}"
loop_control:
loop_var: valkey_instance
label: "{{ valkey_instance.name }}"
when: valkey_instance.state == "absent"
- - name: Include Valkey instance config tasks when not absent
- ansible.builtin.include_tasks: instance.yml
+ - name: Include Valkey instance present tasks
+ ansible.builtin.include_tasks: instance_present.yml
loop: "{{ valkey_instances }}"
loop_control:
loop_var: valkey_instance
--
GitLab