diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3d2caefe..5ba2914d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -51,6 +51,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * nagios: cleaning nrpe check template
 * nagios: rename var `nagios_nrpe_process_processes` into `nagios_nrpe_processes` and check systemd-timesyncd instead of ntpd in Debian 12
 * proftpd: in SFTP vhost, enable SSH keys login, enable ed25549 host key for Debian >= 11
+* redis: manage config template inside a block, to allow custom modifications outside
 * squid: config directory seems to have changed from /etc/squid3 to /etc/squid in Debian 8
 * spamassassin: Use spamd starting with Bookworm
 * unbound: Add config file to allow configuration reload on Debian 11 and lower
diff --git a/redis/defaults/main.yml b/redis/defaults/main.yml
index b5547597..dc5a5d06 100644
--- a/redis/defaults/main.yml
+++ b/redis/defaults/main.yml
@@ -3,6 +3,8 @@ redis_systemd_name: redis-server
 
 redis_conf_dir_prefix: /etc/redis
 
+redis_conf_marker_label: "ANSIBLE MANAGED CONFIGURATION"
+
 redis_force_instance_port: False
 
 redis_port: 6379
diff --git a/redis/tasks/default-server.yml b/redis/tasks/default-server.yml
index 89a664e6..89ba641e 100644
--- a/redis/tasks/default-server.yml
+++ b/redis/tasks/default-server.yml
@@ -1,12 +1,32 @@
 ---
 
-- name: Redis is configured.
-  ansible.builtin.template:
-    src: redis.conf.j2
-    dest: "{{ redis_conf_dir }}/redis.conf"
+- name: "Add begin marker if missing"
+  ansible.builtin.lineinfile:
+    path: "{{ redis_conf_dir }}/redis.conf"
+    line: "# BEGIN {{ redis_conf_marker_label }}"
+    insertbefore: BOF
+    create: yes
+  tags:
+    - redis
+
+- name: "Add end marker if missing"
+  ansible.builtin.lineinfile:
+    path: "{{ redis_conf_dir }}/redis.conf"
+    line: "# END {{ redis_conf_marker_label }}"
+    insertbefore: "Generated by CONFIG REWRITE"
+    create: yes
+  tags:
+    - redis
+
+- name: "Create config if missing"
+  ansible.builtin.blockinfile:
+    path: "{{ redis_conf_dir }}/redis.conf"
+    marker: "# {mark} {{ redis_conf_marker_label }}"
+    block: "{{ lookup('ansible.builtin.template', '../templates/redis.conf.j2') }}"
     mode: "0640"
     owner: redis
     group: redis
+    create: yes
   notify: "{{ redis_restart_handler_name }}"
   tags:
     - redis
diff --git a/redis/tasks/instance-server.yml b/redis/tasks/instance-server.yml
index 42dc1876..b5f11053 100644
--- a/redis/tasks/instance-server.yml
+++ b/redis/tasks/instance-server.yml
@@ -118,14 +118,33 @@
   tags:
     - redis
 
+- name: "Add begin marker if missing"
+  ansible.builtin.lineinfile:
+    path: "{{ redis_conf_dir }}/redis.conf"
+    line: "# BEGIN {{ redis_conf_marker_label }}"
+    insertbefore: BOF
+    create: yes
+  tags:
+    - redis
 
-- name: "Instance '{{ redis_instance_name }}' configuration file is present"
-  ansible.builtin.template:
-    src: redis.conf.j2
-    dest: "{{ redis_conf_dir }}/redis.conf"
+- name: "Add end marker if missing"
+  ansible.builtin.lineinfile:
+    path: "{{ redis_conf_dir }}/redis.conf"
+    line: "# END {{ redis_conf_marker_label }}"
+    insertbefore: "# Generated by CONFIG REWRITE"
+    create: yes
+  tags:
+    - redis
+
+- name: "Create config if missing"
+  ansible.builtin.blockinfile:
+    path: "{{ redis_conf_dir }}/redis.conf"
+    marker: "# {mark} {{ redis_conf_marker_label }}"
+    block: "{{ lookup('ansible.builtin.template', '../templates/redis.conf.j2') }}"
     mode: "0640"
     owner: redis-{{ redis_instance_name }}
     group: redis-{{ redis_instance_name }}
+    create: yes
   notify: "{{ redis_restart_handler_name }}"
   tags:
     - redis