From b677defd972f1c5d131ac33e250b83d95c5578c7 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Wed, 8 Jun 2022 15:36:47 +0200
Subject: [PATCH] redis: binding is possible on multiple interfaces

---
 CHANGELOG.md                  | 2 ++
 redis/README.md               | 2 +-
 redis/defaults/main.yml       | 3 ++-
 redis/tasks/main.yml          | 8 ++++++++
 redis/tasks/nrpe.yml          | 2 +-
 redis/templates/redis.conf.j2 | 2 +-
 6 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7033e693..8ad2a22c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,8 @@ The **patch** part changes is incremented if multiple releases happen the same m
 
 ### Changed
 
+* redis: binding is possible on multiple interfaces (breaking change)
+
 ### Fixed
 
 ### Removed
diff --git a/redis/README.md b/redis/README.md
index 850af13a..57aa4f41 100644
--- a/redis/README.md
+++ b/redis/README.md
@@ -14,7 +14,7 @@ Main variables are :
 
 * `redis_conf_dir`: config directory ;
 * `redis_port`: listening TCP port ;
-* `redis_bind_interface`: listening IP address ;
+* `redis_bind_interfaces`: listening IP addresses (array) ;
 * `redis_password`: password for redis. Empty means no password ;
 * `redis_socket_dir`: Unix socket directory ;
 * `redis_log_level`: log verbosity ;
diff --git a/redis/defaults/main.yml b/redis/defaults/main.yml
index 93bbc741..1a86c95c 100644
--- a/redis/defaults/main.yml
+++ b/redis/defaults/main.yml
@@ -6,7 +6,8 @@ redis_conf_dir_prefix: /etc/redis
 redis_force_instance_port: False
 
 redis_port: 6379
-redis_bind_interface: 127.0.0.1
+redis_bind_interfaces:
+  - 127.0.0.1
 
 redis_socket_enabled: True
 redis_socket_dir_prefix: '/run/redis'
diff --git a/redis/tasks/main.yml b/redis/tasks/main.yml
index 10598aa6..871ab3eb 100644
--- a/redis/tasks/main.yml
+++ b/redis/tasks/main.yml
@@ -63,6 +63,14 @@
     redis_data_dir: "{{ redis_data_dir_prefix }}-{{ redis_instance_name }}"
   when: redis_instance_name is defined
 
+- name: Fail if redis_bind_interface is set
+  fail:
+    msg: "Please change 'redis_bind_interface' (String) to 'redis_bind_interfaces' (List)"
+  when:
+    - redis_bind_interface is defined
+    - redis_bind_interface is not none
+    - redis_bind_interface | length > 0
+
 - name: configure Redis for default mode
   include: default-server.yml
   when: redis_instance_name is not defined
diff --git a/redis/tasks/nrpe.yml b/redis/tasks/nrpe.yml
index 9e042479..b42e2da2 100644
--- a/redis/tasks/nrpe.yml
+++ b/redis/tasks/nrpe.yml
@@ -60,7 +60,7 @@
   replace:
     dest: /etc/nagios/nrpe.d/evolix.cfg
     regexp: '^command\[check_redis\]=.+'
-    replace: 'command[check_redis]=sudo {{ redis_check_redis_path }} -H {{ redis_bind_interface }} -p {{ redis_port }}'
+    replace: 'command[check_redis]=sudo {{ redis_check_redis_path }} -H {{ redis_bind_interfaces | first }} -p {{ redis_port }}'
   when: redis_instance_name is undefined
   notify: restart nagios-nrpe-server
   tags:
diff --git a/redis/templates/redis.conf.j2 b/redis/templates/redis.conf.j2
index b10a11b9..720f724f 100644
--- a/redis/templates/redis.conf.j2
+++ b/redis/templates/redis.conf.j2
@@ -1,7 +1,7 @@
 daemonize yes
 pidfile {{ redis_pid_dir }}/redis-server.pid
 port {{ redis_port }}
-bind {{ redis_bind_interface }}
+bind {{ redis_bind_interfaces | join(' ') }}
 
 {% if redis_socket_enabled %}
 unixsocket {{ redis_socket_dir }}/redis.sock