ansible-ops-management/tasks/rabbitmq/rabbitmq.yml
2023-07-15 18:51:26 -07:00

114 lines
2.6 KiB
YAML

---
- name: Install RabbitMQ
ansible.builtin.dnf:
name: rabbitmq-server
state: present
- name: Enable SELinux boolean
ansible.posix.seboolean:
name: nis_enabled
persistent: true
state: true
- name: Deploy RabbitMQ configuration
ansible.builtin.template:
src: "etc/rabbitmq/{{ item }}.j2"
dest: "/etc/rabbitmq/{{ item }}"
owner: rabbitmq
group: rabbitmq
mode: '0644'
loop:
- rabbitmq.conf
- rabbitmq-env.conf
notify:
- restart_rabbitmq
- name: Deploy erlang cookie
ansible.builtin.copy:
owner: rabbitmq
group: rabbitmq
mode: '0600'
content: "{{ rabbitmq_cookie }}"
dest: "/var/lib/rabbitmq/.erlang.cookie"
notify:
- restart_rabbitmq
- name: Create systemd override for RabbitMQ
ansible.builtin.file:
path: /etc/systemd/system/rabbitmq-server.service.d
state: directory
owner: root
group: root
mode: '0755'
- name: Override nofile limit for RabbitMQ
ansible.builtin.copy:
dest: /etc/systemd/system/rabbitmq-server.service.d/99-override.conf
owner: root
group: root
mode: '0644'
content: |
[Service]
LimitNOFILE={{ rabbitmq_file_limit }}
notify:
- restart_rabbitmq
# We are doing it the command line way
- name: Enable RabbitMQ Plugins
ansible.builtin.command: "rabbitmq-plugins enable {{ rabbitmq_plugins | join(' ') }}"
changed_when: "1 != 1"
- name: Ensure file ownership for plugins
ansible.builtin.file:
path: /etc/rabbitmq/enabled_plugins
owner: rabbitmq
group: rabbitmq
mode: '0644'
state: file
- name: Ensure file ownership for certificate
ansible.builtin.file:
path: "{{ item }}"
owner: rabbitmq
group: rabbitmq
mode: '0600'
state: file
loop:
- "{{ rabbitmq_tls_cert }}"
- "{{ rabbitmq_tls_key }}"
- name: Open applicable firewall rules
ansible.posix.firewalld:
port: "{{ item }}"
permanent: true
state: enabled
immediate: true
loop: "{{ rabbitmq_ports }}"
- name: Ensure RabbitMQ is running
ansible.builtin.systemd:
name: rabbitmq-server
state: started
enabled: true
daemon_reload: true
- name: Non-master nodes should wait for 001 to be up first
ansible.builtin.wait_for:
host: "{{ rabbitmq_cluster_list[0] }}"
port: '5672'
delay: '15'
connect_timeout: '10'
state: started
when: rabbitmq_cluster_list[0] not in inventory_hostname
- name: Drop the admin password in a file if available
ansible.builtin.copy:
dest: /root/.rabbitmqpass
content: "{{ rabbitmq_admin_password }}"
mode: '0600'
owner: root
group: root
when: rabbitmq_admin_password is defined
tags:
- rabbitmq_cluster
...