114 lines
2.6 KiB
YAML
114 lines
2.6 KiB
YAML
---
|
|
- name: Install RabbitMQ
|
|
ansible.builtin.dnf:
|
|
name: rabbitmq-server
|
|
state: present
|
|
|
|
- name: Enable SELinux boolean
|
|
ansible.posix.seboolean:
|
|
name: nis_enabled
|
|
persistent: true
|
|
state: true
|
|
|
|
- name: Deploy RabbitMQ configuration
|
|
ansible.builtin.template:
|
|
src: "etc/rabbitmq/{{ item }}.j2"
|
|
dest: "/etc/rabbitmq/{{ item }}"
|
|
owner: rabbitmq
|
|
group: rabbitmq
|
|
mode: '0644'
|
|
loop:
|
|
- rabbitmq.conf
|
|
- rabbitmq-env.conf
|
|
notify:
|
|
- restart_rabbitmq
|
|
|
|
- name: Deploy erlang cookie
|
|
ansible.builtin.copy:
|
|
owner: rabbitmq
|
|
group: rabbitmq
|
|
mode: '0600'
|
|
content: "{{ rabbitmq_cookie }}"
|
|
dest: "/var/lib/rabbitmq/.erlang.cookie"
|
|
notify:
|
|
- restart_rabbitmq
|
|
|
|
- name: Create systemd override for RabbitMQ
|
|
ansible.builtin.file:
|
|
path: /etc/systemd/system/rabbitmq-server.service.d
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
|
|
- name: Override nofile limit for RabbitMQ
|
|
ansible.builtin.copy:
|
|
dest: /etc/systemd/system/rabbitmq-server.service.d/99-override.conf
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
content: |
|
|
[Service]
|
|
LimitNOFILE={{ rabbitmq_file_limit }}
|
|
notify:
|
|
- restart_rabbitmq
|
|
|
|
# We are doing it the command line way
|
|
- name: Enable RabbitMQ Plugins
|
|
ansible.builtin.command: "rabbitmq-plugins enable {{ rabbitmq_plugins | join(' ') }}"
|
|
changed_when: "1 != 1"
|
|
|
|
- name: Ensure file ownership for plugins
|
|
ansible.builtin.file:
|
|
path: /etc/rabbitmq/enabled_plugins
|
|
owner: rabbitmq
|
|
group: rabbitmq
|
|
mode: '0644'
|
|
state: file
|
|
|
|
- name: Ensure file ownership for certificate
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
owner: rabbitmq
|
|
group: rabbitmq
|
|
mode: '0600'
|
|
state: file
|
|
loop:
|
|
- "{{ rabbitmq_tls_cert }}"
|
|
- "{{ rabbitmq_tls_key }}"
|
|
|
|
- name: Open applicable firewall rules
|
|
ansible.posix.firewalld:
|
|
port: "{{ item }}"
|
|
permanent: true
|
|
state: enabled
|
|
immediate: true
|
|
loop: "{{ rabbitmq_ports }}"
|
|
|
|
- name: Ensure RabbitMQ is running
|
|
ansible.builtin.systemd:
|
|
name: rabbitmq-server
|
|
state: started
|
|
enabled: true
|
|
daemon_reload: true
|
|
|
|
- name: Non-master nodes should wait for 001 to be up first
|
|
ansible.builtin.wait_for:
|
|
host: "{{ rabbitmq_cluster_list[0] }}"
|
|
port: '5672'
|
|
delay: '15'
|
|
connect_timeout: '10'
|
|
state: started
|
|
when: rabbitmq_cluster_list[0] not in inventory_hostname
|
|
|
|
- name: Drop the admin password in a file if available
|
|
ansible.builtin.copy:
|
|
dest: /root/.rabbitmqpass
|
|
content: "{{ rabbitmq_admin_password }}"
|
|
mode: '0600'
|
|
owner: root
|
|
group: root
|
|
when: rabbitmq_admin_password is defined
|
|
tags:
|
|
- rabbitmq_cluster
|
|
...
|