Wann sollte ich redis-server@.service verwenden?
Nutze sie, um eine fehlende Default-Datei wiederherzustellen, zu prüfen, was ausgeliefert wurde, oder sie gegen deine aktuelle Redis-Config zu diffen.
Redis /etc/systemd/redis-server@.service
Original
📋 Debian 12 (Bookworm)
91 Zeilen
Läuft auf
Ansicht:
Debian 12 (Bookworm)
Gleich auf:
Debian 13 (Trixie)
Ubuntu 24.04 LTS (Noble Numbat)
Andere Versionen:
Details
- Größe
- 91 Zeilen
- MD5
- 3450c61e28809e6d1d5c49d0beec589a
- SHA256
- b97b4c0ce03dbdf2b2631f8af7c6ff38d10228c083cd8e683e11dac391ff1e9d
/etc/systemd/redis-server@.service
# Templated service file for redis-server(1)
#
# Each instance of redis-server requires its own configuration file:
#
# $ cp /etc/redis/redis.conf /etc/redis/redis-myname.conf
# $ chown redis:redis /etc/redis/redis-myname.conf
#
# Ensure each instance is using their own database:
#
# $ sed -i -e 's@^dbfilename .*@dbfilename dump-myname.rdb@' /etc/redis/redis-myname.conf
#
# We then listen exlusively on UNIX sockets to avoid TCP port collisions:
#
# $ sed -i -e 's@^port .*@port 0@' /etc/redis/redis-myname.conf
# $ sed -i -e 's@^\(# \)\{0,1\}unixsocket .*@unixsocket /run/redis-myname/redis-server.sock@' /etc/redis/redis-myname.conf
#
# ... and ensure we are logging, etc. in a unique location:
#
# $ sed -i -e 's@^logfile .*@logfile /var/log/redis/redis-server-myname.log@' /etc/redis/redis-myname.conf
# $ sed -i -e 's@^pidfile .*@pidfile /run/redis-myname/redis-server.pid@' /etc/redis/redis-myname.conf
#
# We can then start the service as follows, validating we are using our own
# configuration:
#
# $ systemctl start redis-server@myname.service
# $ redis-cli -s /run/redis-myname/redis-server.sock info | grep config_file
#
# -- Chris Lamb <lamby@debian.org> Mon, 09 Oct 2017 22:17:24 +0100
[Unit]
Description=Advanced key-value store (%I)
After=network.target
Documentation=http://redis.io/documentation, man:redis-server(1)
[Service]
Type=notify
ExecStart=/usr/bin/redis-server /etc/redis/redis-%i.conf --supervised systemd --daemonize no
PIDFile=/run/redis-%i/redis-server.pid
TimeoutStopSec=0
Restart=always
User=redis
Group=redis
RuntimeDirectory=redis-%i
RuntimeDirectoryMode=2755
UMask=007
PrivateTmp=true
LimitNOFILE=65535
PrivateDevices=true
ProtectHome=true
ProtectSystem=strict
ReadWritePaths=-/var/lib/redis
ReadWritePaths=-/var/log/redis
ReadWritePaths=-/var/run/redis-%i
CapabilityBoundingSet=
LockPersonality=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateUsers=true
ProtectClock=true
ProtectControlGroups=true
ProtectHostname=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectProc=invisible
RemoveIPC=true
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
RestrictNamespaces=true
RestrictRealtime=true
RestrictSUIDSGID=true
SystemCallArchitectures=native
SystemCallFilter=@system-service
SystemCallFilter=~ @privileged @resources
# redis-server can write to its own config file when in cluster mode so we
# permit writing there by default. If you are not using this feature, it is
# recommended that you remove this line.
ReadWriteDirectories=-/etc/redis
# This restricts this service from executing binaries other than redis-server
# itself. This is really effective at e.g. making it impossible to an
# attacker to spawn a shell on the system, but might be more restrictive
# than desired. If you need to, you can permit the execution of extra
# binaries by adding an extra ExecPaths= directive with the command
# systemctl edit redis-server.service
NoExecPaths=/
ExecPaths=/usr/bin/redis-server /usr/lib /lib
[Install]
WantedBy=multi-user.target
Kopieren & Einfügen
curl:
curl https://exampleconfig.com/api/v1/config/original/3450c61e28809e6d1d5c49d0beec589a?hint=redis-server@.service
wget:
wget -O redis-server@.service https://exampleconfig.com/api/v1/config/original/3450c61e28809e6d1d5c49d0beec589a?hint=redis-server@.service
Für KI-Agenten
<prompt><role>DevOps agent</role><source url='https://exampleconfig.com/api/v1/config/original/3450c61e28809e6d1d5c49d0beec589a?hint=redis-server@.service' /><config><app>Redis</app><os>Debian 12 (Bookworm)</os><location>/etc/systemd/redis-server@.service</location><lines>91</lines><md5>3450c61e28809e6d1d5c49d0beec589a</md5><sha256>b97b4c0ce03dbdf2b2631f8af7c6ff38d10228c083cd8e683e11dac391ff1e9d</sha256></config></prompt>
Füge es in Claude, ChatGPT oder einen anderen KI-Assistenten ein.
Redis installieren
Alpine Linux
sudo apk add redis
Debian
sudo apt update && sudo apt install redis-server
Ubuntu
sudo apt update && sudo apt install redis-server
Ablageort
FAQ
Wie stelle ich die Defaults von Redis wieder her?
Lad die Datei runter, sichere die aktuelle in /etc/systemd/redis-server@.service, ersetze sie und lade Redis neu oder starte es neu.
Ist redis-server@.service für den produktiven Einsatz geeignet?
Das ist der Hersteller-Default für Debian 12 (Bookworm). Nimm sie als Basis und prüf Security- und Performance-Einstellungen, bevor du sie produktiv nutzt.
Wie unterscheidet sich das von anderen OS-Versionen?
Defaults variieren je nach Distro und Version. Diese Version passt zu Debian 12 (Bookworm).
Kann ich das fürs Troubleshooting von Redis nutzen?
Ja. Diff es gegen deine Version, finde Abweichungen und stell nur die Teile wieder her, die du brauchst.
