add rmq adjustments
This commit is contained in:
parent
ff5cb35875
commit
90c4496c77
7 changed files with 53 additions and 11 deletions
|
@ -79,7 +79,6 @@
|
|||
gpgcheck: true
|
||||
gpgkey: https://download.copr.fedorainfracloud.org/results/nalika/rockylinux-tools/pubkey.gpg
|
||||
enabled: true
|
||||
when: ansible_distribution_major_version == '8'
|
||||
|
||||
# Right now, we are not sure how or where we'll get our certificates. So we
|
||||
# are presenting a choice by setting a variable, koji_internal_ca. There is a
|
||||
|
|
|
@ -79,7 +79,6 @@
|
|||
gpgcheck: true
|
||||
gpgkey: https://download.copr.fedorainfracloud.org/results/nalika/rockylinux-tools/pubkey.gpg
|
||||
enabled: true
|
||||
when: ansible_distribution_major_version == '8'
|
||||
|
||||
# Right now, we are not sure how or where we'll get our certificates. So we
|
||||
# are presenting a choice by setting a variable, koji_internal_ca. There is a
|
||||
|
|
|
@ -4,10 +4,10 @@
|
|||
hosts: kojihub
|
||||
become: true
|
||||
vars_files:
|
||||
- vars/vaults/encpass.yml
|
||||
- vars/common.yml
|
||||
- vars/staging/kojihub.yml
|
||||
- vars/staging/koji-common.yml
|
||||
- vars/vaults/encpass.yml
|
||||
- vars/common.yml
|
||||
- vars/staging/kojihub.yml
|
||||
- vars/staging/koji-common.yml
|
||||
|
||||
# This is to try to avoid the handler issue in pre/post tasks
|
||||
handlers:
|
||||
|
|
|
@ -4,10 +4,10 @@
|
|||
hosts: kojihub
|
||||
become: true
|
||||
vars_files:
|
||||
- vars/vaults/encpass.yml
|
||||
- vars/common.yml
|
||||
- vars/production/kojihub.yml
|
||||
- vars/production/koji-common.yml
|
||||
- vars/vaults/encpass.yml
|
||||
- vars/common.yml
|
||||
- vars/production/kojihub.yml
|
||||
- vars/production/koji-common.yml
|
||||
|
||||
# This is to try to avoid the handler issue in pre/post tasks
|
||||
handlers:
|
||||
|
|
|
@ -79,7 +79,12 @@
|
|||
- name: Run rabbitmq users
|
||||
ansible.builtin.import_tasks: "tasks/rabbitmq/users.yml"
|
||||
tags:
|
||||
- vhosts
|
||||
- users
|
||||
|
||||
- name: Run rabbitmq topics
|
||||
ansible.builtin.import_tasks: "tasks/rabbitmq/topics.yml"
|
||||
tags:
|
||||
- topics
|
||||
|
||||
post_tasks:
|
||||
- name: Touching run file that ansible has ran here
|
||||
|
|
|
@ -78,4 +78,32 @@ rabbitmq_users:
|
|||
read_priv: "^$"
|
||||
write_priv: "^$"
|
||||
tags: "monitoring"
|
||||
- user: rockypubsub
|
||||
state: present
|
||||
permissions:
|
||||
- vhost: public_pubsub
|
||||
configure_priv: "^(\\w{8}(-\\w{4}){3}-\\w{12})$"
|
||||
write_priv: "^(\\w{8}(-\\w{4}){3}-\\w{12})$"
|
||||
read_priv: ".*"
|
||||
- user: pubsub_federation
|
||||
state: present
|
||||
permissions:
|
||||
- vhost: pubsub
|
||||
configure_priv: "^federation.*"
|
||||
write_priv: "^federation.*"
|
||||
read_priv: ".*"
|
||||
- user: rockykoji
|
||||
state: present
|
||||
permissions:
|
||||
- vhost: pubsub
|
||||
configure_priv: "^$"
|
||||
read_priv: "^$"
|
||||
write_priv: "amq\\.topic"
|
||||
- user: rockyautomation
|
||||
state: present
|
||||
permissions:
|
||||
- vhost: pubsub
|
||||
configure_priv: "^$"
|
||||
read_priv: "^$"
|
||||
write_priv: "amq\\.topic"
|
||||
...
|
||||
|
|
|
@ -1,3 +1,8 @@
|
|||
# parameter:
|
||||
# - name: "pubsub-to-public_pubsub"
|
||||
# component: "federation-upstream"
|
||||
# value: '{"uri": "amqps://pubsub_federation:{{ pubsub_federation_pass }}@{{ rabbitmq_cluster_list[0] }}/%2Fpubsub", "ack-mode": "on-confirm"}'
|
||||
# state: present
|
||||
---
|
||||
rabbitmq_vhosts:
|
||||
- vhost: '/pubsub'
|
||||
|
@ -97,6 +102,12 @@ rabbitmq_vhosts:
|
|||
tags:
|
||||
expires: 3600000
|
||||
max-length-bytes: 52428800
|
||||
- name: pubsub-to-public_pubsub
|
||||
apply_to: exchanges
|
||||
state: present
|
||||
pattern: "^(amq|zmq)\\.topic$"
|
||||
tags:
|
||||
federation-upstream: "pubsub-to-public_pubsub"
|
||||
- vhost: '/mbs'
|
||||
state: present
|
||||
policy:
|
||||
|
|
Loading…
Reference in a new issue