infrastructure
/
ansible-role-rabbitmq
mirror of https://github.com/rocky-linux/ansible-role-rabbitmq.git
7
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ansible-role-rabbitmq/tasks/federation.yml

60 lines
1.7 KiB
YAML
Raw Blame History

---
# Create necessary federation pieces
# This public user can write UUID objects and read anything else
- name: Create a public access user
run_once: true
delegate_to: "{{ rabbitmq_cluster_list[0] }}"
community.rabbitmq.rabbitmq_user:
user: rockypubsub
permissions:
- vhost:
configure_priv: "^(\\w{8}(-\\w{4}){3}-\\w{12})$"
write_priv: "^(\\w{8}(-\\w{4}){3}-\\w{12})$"
read_priv: ".*"
state: present
tags:
- rabbitmq_cluster
# You will need to address the certificates yourself. Right now we are trying
# to figure out how to deal with SNI using FreeIPA.
# /etc/rabbitmq/pubsub_federation.pem
# /etc/rabbitmq/pubsub_federation.key
- name: Create a federation user
run_once: true
delegate_to: "{{ rabbitmq_cluster_list[0] }}"
community.rabbitmq.rabbitmq_user:
user: pubsub_federation
permissions:
- vhost: /pubsub
configure_priv: "^federation.*"
write_priv: "^federation.*"
read_priv: ".*"
state: present
tags:
- rabbitmq_cluster
- name: Configure Federation Upstream from pubsub to public
run_once: true
delegate_to: "{{ rabbitmq_cluster_list[0] }}"
community.rabbitmq.rabbitmq_parameter:
component: "federation-upstream"
name: "pubsub-to-public_pubsub"
value: 'novalue'
state: present
vhost: /public_pubsub
when: rabbitmq_enable_public
- name: Configure a policy to federate the topic exchange to public
run_once: true
delegate_to: "{{ rabbitmq_cluster_list[0] }}"
community.rabbitmq.rabbitmq_policy:
apply_to: exchanges
name: pubsub-to-public_pubsub
state: present
pattern: "^(amq|zmq)\\.topic$"
tags:
federation-upstream: "pubsub-to-public_pubsub"
vhost: /public_pubsub
when: rabbitmq_enable_public
Reference in New Issue View Git Blame Copy Permalink