rick-infra/roles/valkey/tasks/main.yml

---
# Valkey Infrastructure Role - Simplified Tasks

- name: Install Valkey 
  pacman:
    name: valkey
    state: present

# Note: Arch Linux's redis package (which provides Valkey) creates the 'valkey' user automatically
# We don't need to create users - just ensure data directory permissions

- name: Create Valkey configuration directory
  file:
    path: /etc/valkey
    state: directory
    mode: '0755'

- name: Check if Valkey data directory exists
  stat:
    path: "/var/lib/valkey"
  register: valkey_data_dir

- name: Ensure Valkey data directory permissions
  file:
    path: /var/lib/valkey
    state: directory
    owner: valkey
    group: valkey
    mode: '0750'

- name: Deploy Valkey configuration file
  template:
    src: valkey.conf.j2
    dest: /etc/valkey/valkey.conf
    owner: valkey
    group: valkey
    mode: '0640'
    backup: yes
  notify: restart valkey

- name: Create systemd override directory for Valkey security
  file:
    path: /etc/systemd/system/valkey.service.d
    state: directory
    mode: '0755'
  when: valkey_systemd_security

- name: Deploy Valkey systemd security override
  template:
    src: systemd-override.conf.j2
    dest: /etc/systemd/system/valkey.service.d/override.conf
    mode: '0644'
  when: valkey_systemd_security
  notify:
    - reload systemd
    - restart valkey

- name: Enable and start Valkey service
  systemd:
    name: valkey
    enabled: "{{ valkey_service_enabled }}"
    state: "{{ valkey_service_state }}"
    daemon_reload: yes

- name: Wait for Valkey to be ready
  wait_for:
    port: "{{ valkey_port }}"
    host: "{{ valkey_bind }}"
    timeout: 30
  when: valkey_service_state == "started"

- name: Test Valkey connectivity
  command: redis-cli -h {{ valkey_bind }} -p {{ valkey_port }} -a {{ valkey_requirepass }} ping
  register: valkey_ping_result
  changed_when: false
  failed_when: valkey_ping_result.stdout != "PONG"
  when: valkey_service_state == "started"

- name: Display Valkey infrastructure status
  debug:
    msg: |
      ✅ Valkey infrastructure ready!
      
      📡 Service: {{ valkey_bind }}:{{ valkey_port }}
      🔒 Auth: Password protected
      💾 Persistence: {{ 'RDB enabled' if valkey_save_enabled else 'Memory only' }}
      🗄️ Databases: {{ valkey_databases }} available (0-{{ valkey_databases - 1 }})
      
      🏗️ Ready for applications to configure Valkey usage
      
      📋 Application Integration:
      - Use database numbers 1-{{ valkey_databases - 1 }} for applications
      - Database 0 reserved for system/testing
      - Redis-compatible: applications can use REDIS_* or VALKEY_* env vars