Home ExampleConfig logo

Redis /etc/systemd/redis-server@.service

Authentic ๐Ÿ“‹ Ubuntu 24.04 LTS (Noble Numbat) 91 lines
๐Ÿ“ฅ Download ๐Ÿ” Compare

Compatibility

Currently viewing:
Ubuntu 24.04 LTS (Noble Numbat)
Also compatible:
Debian 12 (Bookworm) Debian 13 (Trixie)
Different versions:
Debian 10 (Buster) Debian 11 (Bullseye) Ubuntu 18.04 LTS (Bionic Beaver) Ubuntu 20.04 LTS (Focal Fossa) Ubuntu 22.04 LTS (Jammy Jellyfish)

File Info

Size
91 lines
MD5
3450c61e28809e6d1d5c49d0beec589a
SHA256
b97b4c0ce03dbdf2b2631f8af7c6ff38d10228c083cd8e683e11dac391ff1e9d

Quick Commands

curl:
curl https://exampleconfig.com/api/v1/config/original/3450c61e28809e6d1d5c49d0beec589a?hint=redis-server@.service
wget:
wget -O redis-server@.service https://exampleconfig.com/api/v1/config/original/3450c61e28809e6d1d5c49d0beec589a?hint=redis-server@.service
/etc/systemd/redis-server@.service 
# Templated service file for redis-server(1)
#
# Each instance of redis-server requires its own configuration file:
#
#   $ cp /etc/redis/redis.conf /etc/redis/redis-myname.conf
#   $ chown redis:redis /etc/redis/redis-myname.conf
#
# Ensure each instance is using their own database:
#
#   $ sed -i -e 's@^dbfilename .*@dbfilename dump-myname.rdb@' /etc/redis/redis-myname.conf
#
# We then listen exlusively on UNIX sockets to avoid TCP port collisions:
#
#   $ sed -i -e 's@^port .*@port 0@' /etc/redis/redis-myname.conf
#   $ sed -i -e 's@^\(# \)\{0,1\}unixsocket .*@unixsocket /run/redis-myname/redis-server.sock@' /etc/redis/redis-myname.conf
#
# ... and ensure we are logging, etc. in a unique location:
#
#   $ sed -i -e 's@^logfile .*@logfile /var/log/redis/redis-server-myname.log@' /etc/redis/redis-myname.conf
#   $ sed -i -e 's@^pidfile .*@pidfile /run/redis-myname/redis-server.pid@' /etc/redis/redis-myname.conf
#
# We can then start the service as follows, validating we are using our own
# configuration:
#
#   $ systemctl start redis-server@myname.service
#   $ redis-cli -s /run/redis-myname/redis-server.sock info | grep config_file
#
#  -- Chris Lamb <lamby@debian.org>  Mon, 09 Oct 2017 22:17:24 +0100
[Unit]
Description=Advanced key-value store (%I)
After=network.target
Documentation=http://redis.io/documentation, man:redis-server(1)

[Service]
Type=notify
ExecStart=/usr/bin/redis-server /etc/redis/redis-%i.conf --supervised systemd --daemonize no
PIDFile=/run/redis-%i/redis-server.pid
TimeoutStopSec=0
Restart=always
User=redis
Group=redis
RuntimeDirectory=redis-%i
RuntimeDirectoryMode=2755

UMask=007
PrivateTmp=true
LimitNOFILE=65535
PrivateDevices=true
ProtectHome=true
ProtectSystem=strict
ReadWritePaths=-/var/lib/redis
ReadWritePaths=-/var/log/redis
ReadWritePaths=-/var/run/redis-%i

CapabilityBoundingSet=
LockPersonality=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateUsers=true
ProtectClock=true
ProtectControlGroups=true
ProtectHostname=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectProc=invisible
RemoveIPC=true
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
RestrictNamespaces=true
RestrictRealtime=true
RestrictSUIDSGID=true
SystemCallArchitectures=native
SystemCallFilter=@system-service
SystemCallFilter=~ @privileged @resources

# redis-server can write to its own config file when in cluster mode so we
# permit writing there by default. If you are not using this feature, it is
# recommended that you remove this line.
ReadWriteDirectories=-/etc/redis

# This restricts this service from executing binaries other than redis-server
# itself. This is really effective at e.g. making it impossible to an
# attacker to spawn a shell on the system, but might be more restrictive
# than desired. If you need to, you can permit the execution of extra
# binaries by adding an extra ExecPaths= directive with the command
# systemctl edit redis-server.service
NoExecPaths=/
ExecPaths=/usr/bin/redis-server /usr/lib /lib

[Install]
WantedBy=multi-user.target

How to Install Redis

Alpine Linux

sudo apk add redis

Debian

sudo apt update && sudo apt install redis-server

Ubuntu

sudo apt update && sudo apt install redis-server

Configuration File Location

File Path
/etc/systemd/redis-server@.service
Directory
/etc/systemd/
Significance
System-wide configuration directory
Description
Files in /etc/ contain system-wide configuration settings that affect all users.

Quick Answers

When should I use this redis-server@.service?

Use this file to restore Redis defaults after misconfiguration, for fresh installations, or as a customization baseline.

How do I restore Redis defaults?

Download this file, backup your current config, then replace /etc/systemd/redis-server@.service. Restart Redis service.

Is redis-server@.service safe for production?

Factory default from Redis on Ubuntu 24.04 LTS (Noble Numbat). Safe baseline, but customize for your requirements.

How does this differ from other OS versions?

This config is from Ubuntu 24.04 LTS (Noble Numbat). Other OS versions may have different defaults. Check compatibility section.

Can I use this for Redis troubleshooting?

Yes, compare this original config with your current settings to identify problematic modifications.

Related Files

/etc/logrotate.d/redis-server
Redis ยท Debian 9 (Stretch)
/etc/systemd/redis-server.service
Redis ยท Debian 9 (Stretch)
/etc/logrotate.d/redis
Redis ยท Alpine Linux v3.21