Write a role to setup a Redis instance.

The role expects two parameters: * `redis_instance`: the instance name * `redis_client_group`: the group allowed to access the instance's unix socket Fixes #17 Updates #10
2020-10-24 14:04:22 +02:00 · 2020-10-24 14:04:22 +02:00 · 0a6b680cda
parent 593d8deddf
commit 0a6b680cda
9 changed files with 1619 additions and 0 deletions
--- a/roles/redis/handlers/main.yml
+++ b/roles/redis/handlers/main.yml
@ -0,0 +1,11 @@
+---
+- name: Reload s6-rc
+  service:
+    name: s6-rc
+    state: reloaded
+
+- name: 'Restart redis-{{ redis_instance }}'
+  command: s6-svc -wR -T 15000 -ru /run/service/redis-{{ redis_instance }}
+
+- name: 'Restart redis-{{ redis_instance }} log'
+  command: s6-svc -wR -T 5000 -ru /run/service/redis-{{ redis_instance }}-log
--- a/roles/redis/tasks/main.yml
+++ b/roles/redis/tasks/main.yml
@ -0,0 +1,100 @@
+---
+- name: Install redis
+  package:
+    name: redis
+    state: present
+
+- name: 'Create /var/db/redis-{{ redis_instance }}'
+  file:
+    path: '/var/db/redis-{{ redis_instance }}'
+    state: directory
+    owner: redis
+    group: redis
+    mode: 0700
+
+- name: 'Create /var/run/redis-{{ redis_instance }}'
+  file:
+    path: '/var/run/redis-{{ redis_instance }}'
+    state: directory
+    owner: redis
+    group: '{{ redis_client_group }}'
+    mode: 0750
+
+- name: 'Add /var/log/redis-{{ redis_instance }} to fstab'
+  mount:
+    path: /var/log/redis-{{ redis_instance }}
+    src: tmpfs
+    fstype: tmpfs
+    opts: 'rw,size={{ redis_log_size }},mode={{ redis_log_mode }},uid={{ redis_log_uid }},gid={{ redis_log_gid }},late'
+    state: mounted
+
+- name: 'Create redis-{{ redis_instance }} service directories'
+  file:
+    path: '/etc/s6-rc/service/redis-{{ redis_instance}}{{ item }}'
+    state: directory
+    owner: root
+    group: wheel
+    mode: 0755
+  with_items: '{{ redis_service_dirs }}'
+  notify:
+    - Reload s6-rc
+    - 'Restart redis-{{ redis_instance }} log'
+    - 'Restart redis-{{ redis_instance }}'
+
+- name: 'Generate redis-{{ redis_instance }} service scripts'
+  template:
+    dest: '/etc/s6-rc/service/redis-{{ redis_instance }}{{ item }}'
+    src: 'redis{{ item }}.j2'
+    mode: 0555
+    owner: root
+    group: wheel
+  with_items: '{{ redis_service_scripts }}'
+  notify:
+    - Reload s6-rc
+    - 'Restart redis-{{ redis_instance }} log'
+    - 'Restart redis-{{ redis_instance }}'
+
+- name: 'Generate redis-{{ redis_instance }} service configuration'
+  copy:
+    dest: '/etc/s6-rc/service/redis-{{ redis_instance}}{{ item.name }}'
+    content: '{{ item.content }}'
+    mode: 0444
+    owner: root
+    group: wheel
+  loop_control:
+    label: 'redis-{{ redis_instance }}{{ item.name }} = {{ item.content }}'
+  notify:
+    - Reload s6-rc
+    - 'Restart redis-{{ redis_instance }} log'
+    - 'Restart redis-{{ redis_instance }}'
+  with_items: '{{ redis_service_config }}'
+
+- name: 'Configure redis-{{ redis_instance }}'
+  template:
+    dest: '/usr/local/etc/redis-{{ redis_instance }}.conf'
+    src: redis.conf.j2
+    mode: 0444
+    owner: root
+    group: wheel
+  notify:
+    - 'Restart redis-{{ redis_instance }}'
+
+- name: Flush handlers
+  meta: flush_handlers
+
+- name: 'Start redis-{{ redis_instance }}'
+  command: 'fdmove -c 2 1 s6-rc -u -v 2 -t 15000 change redis-{{ redis_instance }}'
+  register: change
+  changed_when: change.stdout | length > 0
+
+- name: 'Enable redis-{{ redis_instance }}'
+  lineinfile:
+    path: /etc/s6-rc/service/enabled/contents
+    regexp: "^redis-{{ redis_instance }}$"
+    line: 'redis-{{ redis_instance }}'
+    state: present
+  notify:
+    - Reload s6-rc
+
+- name: Flush handlers (again)
+  meta: flush_handlers
--- a/roles/redis/templates/redis-log/finish.j2
+++ b/roles/redis/templates/redis-log/finish.j2
@ -0,0 +1,13 @@
+#!/usr/local/bin/execlineb -S2
+# {{ ansible_managed }}
+
+s6-envdir ./env
+multisubstitute {
+        importas -i -u NAME NAME
+}
+
+fdmove -c 1 2
+ifelse { test "${1}" -eq 0 } {
+        echo "${NAME}-log: Stopped."
+}
+        echo "${NAME}-log: Failed with exit status (${1}, ${2})."
--- a/roles/redis/templates/redis-log/run.j2
+++ b/roles/redis/templates/redis-log/run.j2
@ -0,0 +1,23 @@
+#!/usr/local/bin/execlineb
+# {{ ansible_managed }}
+
+s6-envdir ./env
+multisubstitute {
+	importas -i -u NAME  NAME
+	importas -i -u USER  USER
+	importas -i -u GROUP GROUP
+	importas -i -u MODE  MODE
+	importas -i -u DIR   DIR
+}
+
+foreground { fdmove -c 1 2 echo "${NAME} log: Starting." }
+ 
+ifelse -n { install -d -o "${USER}" -g "${GROUP}" -m "${MODE}" "$DIR" } {
+ 	foreground { fdmove -c 1 2 echo "${NAME} log: Failed to create logging directory." }
+ 	false
+}
+ 
+fdmove -c 2 1
+ 
+s6-envuidgid $USER
+s6-log -d 3 T $DIR
--- a/roles/redis/templates/redis.conf.j2
+++ b/roles/redis/templates/redis.conf.j2
--- a/roles/redis/templates/redis/data/check.j2
+++ b/roles/redis/templates/redis/data/check.j2
@ -0,0 +1,19 @@
+#!/usr/local/bin/execlineb -P
+# {{ ansible_managed }}
+
+s6-envdir ./env
+multisubstitute {
+        importas -i -u NAME NAME
+	importas -i -u SOCK SOCK
+}
+
+ifelse {
+	redirfd -w 1 /dev/null
+	fdmove -c 2 1
+	redis-cli -s "${SOCK}" PING
+} {
+	foreground { fdmove -c 1 2 echo "${NAME}: Ready." }
+	true
+}
+	foreground { fdmove -c 1 2 echo "${NAME}: Poll." }
+	false
--- a/roles/redis/templates/redis/finish.j2
+++ b/roles/redis/templates/redis/finish.j2
@ -0,0 +1,13 @@
+#!/usr/local/bin/execlineb -S2
+# {{ ansible_managed }}
+
+s6-envdir ./env
+multisubstitute {
+        importas -i -u NAME NAME
+}
+
+fdmove -c 1 2
+ifelse { test "${1}" -eq 0 } {
+        echo "${NAME}: Stopped."
+}
+        echo "${NAME}: Failed with exit status (${1}, ${2})."
--- a/roles/redis/templates/redis/run.j2
+++ b/roles/redis/templates/redis/run.j2
@ -0,0 +1,15 @@
+#!/usr/local/bin/execlineb -P
+# {{ ansible_managed }}
+
+s6-envdir ./env
+multisubstitute {
+	importas -i -u NAME NAME
+}
+
+foreground { fdmove -c 1 2 echo "${NAME}: Starting." }
+s6-notifyoncheck -d -w 100 -n 70
+
+fdmove -c 2 1
+s6-setuidgid redis
+redis-server /usr/local/etc/redis-{{ redis_instance }}.conf
+
--- a/roles/redis/vars/main.yml
+++ b/roles/redis/vars/main.yml
@ -0,0 +1,52 @@
+---
+redis_log_size: '32m'
+redis_log_mode: '750'
+redis_log_uid: '20000'
+redis_log_gid: '20000'
+
+redis_service_dirs:
+  - ''
+  - '/env'
+  - '/data'
+  - '-log'
+  - '-log/env'
+
+redis_service_scripts:
+  - /run
+  - /finish
+  - /data/check
+  - -log/run
+  - -log/finish
+
+redis_service_config:
+  - name: /type
+    content: longrun
+  - name: /producer-for
+    content: redis-{{ redis_instance }}-log
+  - name: /notification-fd
+    content: 3
+  - name: /env/NAME
+    content: 'redis-{{ redis_instance }}'
+  - name: /env/PATH
+    content: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/root/bin
+  - name: /env/SOCK
+    content: '/var/run/redis-{{ redis_instance }}/sock'
+
+  - name: -log/type
+    content: longrun
+  - name: -log/notification-fd
+    content: 3
+  - name: -log/consumer-for
+    content: redis-{{ redis_instance }}
+  - name: -log/env/NAME
+    content: redis
+  - name: -log/env/PATH
+    content: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/root/bin
+  - name: -log/env/MODE
+    content: '750'
+  - name: -log/env/USER
+    content: s6-log
+  - name: -log/env/GROUP
+    content: s6-log
+  - name: -log/env/DIR
+    content: '/var/log/redis-{{ redis_instance }}'