ansible-ops-management/templates/etc/rabbitmq/rabbitmq.conf.j2
2023-07-17 02:02:45 -07:00

56 lines
1.7 KiB
Django/Jinja

listeners.ssl.default = 5671
listeners.tcp.default = 5672
num_acceptors.tcp = 10
num_acceptors.ssl = 10
reverse_dns_lookups = true
ssl_options.verify = verify_peer
ssl_options.fail_if_no_peer_cert = false
ssl_options.cacertfile = {{ rabbitmq_tls_ca_cert }}
ssl_options.certfile = {{ rabbitmq_tls_cert }}
ssl_options.keyfile = {{ rabbitmq_tls_key }}
# Authentication Backends
auth_backends.1.authn = ldap
auth_backends.1.authz = internal
auth_backends.2 = internal
auth_mechanisms.1 = PLAIN
auth_mechanisms.1 = AMQPLAIN
auth_mechanisms.1 = EXTERNAL
# No certs for internal
auth_mechanisms.2 = PLAIN
auth_mechanisms.2 = AMQPLAIN
ssl_cert_login_from = common_name
auth_ldap.dn_lookup_bind.user_dn = {{ rabbitmq_ldap_bind_dn }}
auth_ldap.dn_lookup_bind.password = {{ rabbitmq_ldap_bind_pw }}
auth_ldap.dn_lookup_attribute = uid
auth_ldap.dn_lookup_base = {{ rabbitmq_ldap_basedn }}
auth_ldap.port = 389
auth_ldap.connection_pool_size = 256
auth_ldap.idle_timeout = 120000
auth_ldap.use_starttls = true
{% for ldapsrv in rabbitmq_ldap_servers %}
auth_ldap.servers.{{ loop.index }} = {{ ldapsrv }}
{% endfor %}
cluster_name = {{ rabbitmq_cluster_name }}
password_hashing_module = rabbit_password_hashing_sha256
cluster_partition_handling = autoheal
cluster_formation.node_type = disc
cluster_formation.peer_discovery_backend = classic_config
product.name = RockyMQ!
product.version = 0.0.1
#disk_free_limit.relative = 2.0
disk_free_limit.absolute = 2GB
# Cluster Nodes
{% for mqsrv in rabbitmq_cluster_list %}
cluster_formation.classic_config.nodes.{{ loop.index }} = rabbit@{{ mqsrv }}
{% endfor %}