You need Redis, but Fedora says the package doesn't exist
You run sudo dnf install redis and the package manager tells you nothing matches. You switch to a tutorial from three years ago that mentions yum and remi, and suddenly you're installing dependencies you don't recognize. Or maybe Redis starts, but your application can't connect, and the logs are full of Connection refused or SELinux denials that make no sense. Redis is the workhorse for caching and queues, but getting it running securely on Fedora requires a few steps beyond the basic install command.
What's actually happening
Redis isn't in the core Fedora repositories. Fedora keeps the base repos tight and focused on upstream standards. Third-party software like Redis lives in EPEL, which stands for Extra Packages for Enterprise Linux. EPEL provides high-quality add-on packages that don't conflict with Fedora's core. When you install Redis, you get a systemd unit, a configuration file in /etc/redis/, and a binary.
Fedora's default security stack includes SELinux and firewalld. Both are active by default. SELinux enforces mandatory access controls, and firewalld blocks inbound traffic unless you explicitly allow it. If you change the Redis data directory or bind address without updating these security contexts, the service will fail silently or drop connections. Config files in /etc/ are user-modified. Files in /usr/lib/ ship with the package. Edit /etc/. Never edit /usr/lib/.
Install Redis from EPEL
Here's how to enable the EPEL repository and install Redis in one transaction.
# EPEL provides Redis; not in core repos.
# dnf install handles dependency resolution automatically.
sudo dnf install -y epel-release redis
Enable EPEL once. It stays enabled for future packages.
Start and enable the service
Here's how to start Redis immediately and ensure it survives a reboot.
# Starts service immediately and enables on boot.
# --now combines start and enable flags.
sudo systemctl enable --now redis
Check the status before you assume it's running.
Verify the connection
Here's how to confirm the daemon is listening and responding to commands.
# Sends PING command to local socket.
# PONG confirms the server is responsive.
redis-cli ping
If you get PONG, the daemon is alive.
Configure security and binding
Here's how to inspect the current security posture of your Redis configuration.
# Shows current security settings.
# Uncomment lines to activate changes.
sudo grep -E '^(bind|protected-mode|requirepass)' /etc/redis/redis.conf
Redis binds to 127.0.0.1 by default. Remote machines cannot reach localhost. If you need external access, change the bind directive. protected-mode is enabled by default. It prevents external connections unless you set a password or bind to a specific interface. If you disable protected-mode, you must set requirepass or risk exposing your data to the network.
Here's how to set a password and bind to a specific interface.
# Edit the configuration file.
# Use a text editor like nano or vim.
sudo nano /etc/redis/redis.conf
Find the bind line and change it to your interface IP. Find the requirepass line, uncomment it, and set a strong password. Save the file. Restart the service after every config change. Redis doesn't reload hot.
Handle firewall and SELinux
Here's how to allow external traffic on the Redis port.
# Adds rule to persistent config.
# --permanent makes the rule survive reboot.
sudo firewall-cmd --permanent --add-port=6379/tcp
# Reloads runtime to match persistent.
# --reload is mandatory after --permanent changes.
sudo firewall-cmd --reload
Reload the firewall after every rule change. Runtime and persistent configs diverge otherwise.
If you move the Redis data directory or log file, SELinux will block access. You'll see denials in the journal. Here's how to restore the correct context.
# Restores default SELinux context.
# Fixes permission errors after moving data.
sudo restorecon -v /var/lib/redis/
Trust the package manager. Manual file edits drift, snapshots stay.
Tune limits with systemd drop-ins
Here's how to increase file descriptor limits without editing the unit file.
# Creates override file in /etc/systemd/system/redis.service.d/
# Drop-ins are safer than editing unit files.
sudo systemctl edit redis
Add the following to the editor.
[Service]
# Increases open file limit for high-connection workloads.
# Redis needs many file descriptors for clients.
LimitNOFILE=65535
Save and exit. Reload systemd and restart Redis.
# Reloads systemd manager configuration.
# Applies new drop-in settings.
sudo systemctl daemon-reload
sudo systemctl restart redis
Verify the limit took effect.
# Shows active limits for the redis process.
# Look for Max open files line.
systemctl show redis | grep LimitNOFILE
Use drop-ins for service tuning. They survive package updates.
Common pitfalls and errors
If you see Connection refused, the service isn't listening. Check systemctl status redis. If the status shows active but apps can't connect, check the bind address. Redis binds to 127.0.0.1 by default. Remote machines cannot reach localhost.
If you change the data directory, SELinux will block access. You'll see denials in the journal. Here's what a SELinux denial looks like.
type=AVC msg=audit(1728700000.000:123): avc: denied { name_bind } for pid=1234 comm="redis-server" src=6379 scontext=system_u:system_r:redis_t:s0 tcontext=system_u:object_r:unreserved_port_t:s0 tclass=tcp_socket
This error appears when Redis tries to bind to a non-standard port. SELinux restricts Redis to specific ports. Use semanage port to add the port, or stick to the default.
If you see Can't open the log file: Permission denied, the redis user doesn't own the log file. Check ownership and permissions.
# Checks ownership of the log file.
# redis user must own the file.
ls -l /var/log/redis/
Run journalctl first. Read the actual error before guessing.
When to use Redis vs alternatives
Use Redis when you need sub-millisecond latency for caching or session storage. Use PostgreSQL when you require ACID compliance and complex relational queries. Use Memcached when you only need simple key-value caching without persistence or advanced data structures. Use RabbitMQ when you need guaranteed message delivery and complex routing. Stay on the default Redis configuration if you are running a single-node development environment.
Pick the tool that matches the data shape, not just the speed.