miaou-server/recipes/redis/install.sh

#!/bin/bash

function check() {
    PREFIX="recipe:redis:check"

    container_running "$CONTAINER" || return 10
    echo "checking redis regarding access to its ip address <$REDIS_IP>..."

    lxc exec "$CONTAINER" -- bash <<EOF
        set -Eeuo pipefail
        systemctl is-active redis.service &>/dev/null
        ss -tlnp | grep redis | grep -q $REDIS_IP:6379
        test -f /etc/redis/redis.conf
        grep -Eq "^protected-mode no" /etc/redis/redis.conf
EOF
    status="$?"
    [[ $status -eq 0 ]] && echo "container <$CONTAINER> approved!"
    return $status
}

function install() {
    PREFIX="recipe:redis:install"
    : "$PREFIX"

    credential_redis=$(load_yaml_from_expanded credential.redis)
    echowarn "initializing redis regarding access to its IP address <$REDIS_IP>..."

    launch_container "$CONTAINER"
    lxc exec "$CONTAINER" -- bash <<EOF
        set -Eeuo pipefail

        . /opt/miaou-bash/lib/functions.sh
        /opt/miaou-bash/tools/idem_apt_install redis
        /opt/miaou-bash/tools/append_or_replace "^bind .*$" "bind $REDIS_IP" /etc/redis/redis.conf
        /opt/miaou-bash/tools/append_or_replace "^protected-mode .*$" "protected-mode no" /etc/redis/redis.conf
        /opt/miaou-bash/tools/append_or_replace "^requirepass .*$" "requirepass $credential_redis" /etc/redis/redis.conf
        systemctl restart redis.service
EOF
    PREFIX="" echo OK

}

# MAIN
. "$MIAOU_BASEDIR/lib/init.sh"

arg1_required "$@"

CONTAINER="$1"
REDIS_IP=$(lxc list "$CONTAINER" -c 4 -f csv | cut -d ' ' -f1)
readonly CONTAINER REDIS_IP

check || (
    install
    check
)