infrastructure/ansible-role-rabbitmq
7
0
Fork 0
mirror of https://github.com/rocky-linux/ansible-role-rabbitmq.git synced 2024-12-04 10:26:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Changes

Browse Source 
Reducing rabbitmq space reqs, removing the '/' for vhosts as that
appears to cause issues when forming URL's to connect to RabbitMQ.
This commit is contained in:
nazunalika 2021-02-13 18:51:32 -07:00
parent 226a464172
commit baccc3e81d
Signed by: label
GPG Key ID: CB6D9706D138D190
7 changed files with 36 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
tasks/commonapps.yml
View File

@ -57,7 +57,7 @@
run_once: true
delegate_to: "{{ rabbitmq_cluster_list[0] }}"
community.rabbitmq.rabbitmq_vhost:
name: /rocky-odcs
name: rocky-odcs
state: present
tags:
- odcs
@ -73,7 +73,7 @@
ha-mode: all
ha-sync-mode: automatic
ha-sync-batch-size: 10000
vhost: /rocky-odcs
vhost: rocky-odcs
tags:
- odcs
@ -88,7 +88,7 @@
tags:
expires: 111600000
max-length-bytes: 1073741824
vhost: /rocky-odcs
vhost: rocky-odcs
tags:
- odcs
@ -98,7 +98,7 @@
delegate_to: "{{ rabbitmq_cluster_list[0] }}"
community.rabbitmq.rabbitmq_user:
user: rockyadmin
vhost: /rocky-odcs
vhost: rocky-odcs
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"

8
tasks/federation.yml
View File

@ -15,7 +15,7 @@
community.rabbitmq.rabbitmq_user:
user: rockypubsub
permissions:
- vhost: /public_pubsub
- vhost: public_pubsub
configure_priv: "^(\\w{8}(-\\w{4}){3}-\\w{12})$"
write_priv: "^(\\w{8}(-\\w{4}){3}-\\w{12})$"
read_priv: ".*"
@ -29,7 +29,7 @@
community.rabbitmq.rabbitmq_user:
user: pubsub_federation
permissions:
- vhost: /pubsub
- vhost: pubsub
configure_priv: "^federation.*"
write_priv: "^federation.*"
read_priv: ".*"
@ -45,7 +45,7 @@
name: "pubsub-to-public_pubsub"
value: '{"uri": "amqps://pubsub_federation:{{ pubsub_federation_pass }}@{{ rabbitmq_cluster_list[0] }}/%2Fpubsub", "ack-mode": "on-confirm"}'
state: present
vhost: /public_pubsub
vhost: public_pubsub
when:
- rabbitmq_enable_public
- pubsub_federation_pass is defined
@ -60,7 +60,7 @@
pattern: "^(amq|zmq)\\.topic$"
tags:
federation-upstream: "pubsub-to-public_pubsub"
vhost: /public_pubsub
vhost: public_pubsub
when:
- rabbitmq_enable_public
- pubsub_federation_pass is defined

11
tasks/main.yml
View File

@ -65,6 +65,17 @@
mode: '0644'
state: file
- name: Ensure file ownership for certificate
file:
path: "{{ item }}"
owner: rabbitmq
group: rabbitmq
mode: '0600'
state: file
loop:
- "{{ rabbitmq_tls_cert }}"
- "{{ rabbitmq_tls_key }}"
- name: Open applicable firewall rules
ansible.posix.firewalld:
port: "{{ item }}"

6
tasks/topics.yml
View File

@ -6,7 +6,7 @@
community.rabbitmq.rabbitmq_exchange:
name: "zmq.topic"
exchange_type: "topic"
vhost: "/pubsub"
vhost: "pubsub"
login_user: rockyadmin
login_password: "{{ rabbitmq_admin_password }}"
tags:
@ -18,7 +18,7 @@
community.rabbitmq.rabbitmq_exchange:
name: "zmq.topic"
exchange_type: "topic"
vhost: "/public_pubsub"
vhost: "public_pubsub"
login_user: rockyadmin
login_password: "{{ rabbitmq_admin_password }}"
tags:
@ -32,7 +32,7 @@
name: zmq.topic
dest: amq.topic
routing_key: "#"
vhost: "/public_pubsub"
vhost: "public_pubsub"
login_user: rockyadmin
login_password: "{{ rabbitmq_admin_password }}"
tags:

10
tasks/users.yml
View File

@ -20,8 +20,8 @@
when: "'rabbitmq001' in inventory_hostname"
with_items:
- /
- /pubsub
- /public_pubsub
- pubsub
- public_pubsub
tags:
- rabbitmq_cluster
@ -46,11 +46,11 @@
configure_priv: "^$"
read_priv: "^$"
write_priv: "^$"
- vhost: /pubsub
- vhost: pubsub
configure_priv: "^$"
read_priv: "^$"
write_priv: "^$"
- vhost: /public_pubsub
- vhost: public_pubsub
configure_priv: "^$"
read_priv: "^$"
write_priv: "^$"
@ -66,7 +66,7 @@
user: "mbs"
password: "{{ rabbitmq_mbs_password }}"
update_password: always
vhost: /mbs
vhost: mbs
configure_priv: "^$"
read_priv: "^$"
write_priv: "^$"

14
tasks/vhosts.yml
View File

@ -2,7 +2,7 @@
# Create vhosts
- name: Configure pubsub virtual host
community.rabbitmq.rabbitmq_vhost:
name: /pubsub
name: pubsub
state: present
tags:
- rabbitmq_cluster
@ -11,7 +11,7 @@
run_once: true
delegate_to: "{{ rabbitmq_cluster_list[0] }}"
community.rabbitmq.rabbitmq_vhost:
name: /public_pubsub
name: public_pubsub
state: present
tags:
- rabbitmq_cluster
@ -25,7 +25,7 @@
ha-mode: all
ha-sync-mode: automatic
ha-sync-batch-size: 10000
vhost: /pubsub
vhost: pubsub
tags:
- rabbitmq_cluster
@ -40,7 +40,7 @@
tags:
expires: 111600000
max-length-bytes: 1073741824
vhost: /pubsub
vhost: pubsub
tags:
- rabbitmq_cluster
@ -55,7 +55,7 @@
tags:
expires: 3600000
max-length-bytes: 52428800
vhost: /public_pubsub
vhost: public_pubsub
tags:
- rabbitmq_cluster
@ -63,7 +63,7 @@
run_once: true
delegate_to: "{{ rabbitmq_cluster_list[0] }}"
community.rabbitmq.rabbitmq_vhost:
name: /mbs
name: mbs
state: present
tags:
- rabbitmq_cluster
@ -79,6 +79,6 @@
ha-mode: all
ha-sync-mode: automatic
ha-sync-batch-size: 10000
vhost: /mbs
vhost: mbs
tags:
- rabbitmq_cluster

4
templates/etc/rabbitmq/rabbitmq.conf.j2
View File

@ -17,8 +17,8 @@ auth_backends.1.authn = ldap
auth_backends.1.authz = internal
auth_backends.2 = internal
auth_mechanisms.1 = PLAIN
auth_mechanisms.1 = EXTERNAL
auth_mechanisms.2 = EXTERNAL
auth_mechanisms.3 = AMQPLAIN
ssl_cert_login_from = common_name
auth_ldap.dn_lookup_bind.user_dn = {{ rabbitmq_ldap_bind_dn }}
@ -43,7 +43,7 @@ product.name = RockyMQ!
product.version = 0.0.1
#disk_free_limit.relative = 2.0
disk_free_limit.absolute = 10GB
disk_free_limit.absolute = 2GB
# Cluster Nodes
{% for mqsrv in rabbitmq_cluster_list %}