diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg index 516592e..3167296 100644 --- a/ansible/ansible.cfg +++ b/ansible/ansible.cfg @@ -67,3 +67,10 @@ log_path = tmp/ansible.log known_hosts = tmp/known_hosts roles_path = roles/local:roles/public collections_paths = collections + +######################################## +# SSH Configuration +######################################## +[ssh_connection] +# Disable GSSAPI, which slows down SSH connections for ansible +ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s -o GSSAPIAuthentication=no diff --git a/ansible/playbooks/vars/rabbitmq.yml b/ansible/playbooks/vars/rabbitmq.yml index 135b7d7..b69071c 100644 --- a/ansible/playbooks/vars/rabbitmq.yml +++ b/ansible/playbooks/vars/rabbitmq.yml @@ -28,6 +28,9 @@ rabbitmq_enable_public: false # into account when setting this variable. rabbitmq_cluster_list: "{{ groups['rabbitmq'] }}" rabbitmq_ldap_servers: "{{ rocky_ipaserver_list }}" +rabbitmq_ldap_bind_dn: "uid=rabbitmq_binder,cn=sysaccounts,cn=etc,dc=rockylinux,dc=org" +rabbitmq_ldap_bind_pw: "{{ rabbitmq_binder_password }}" +rabbitmq_ldap_basedn: "{{ rocky_ldap_account_basedn }}" # Messaging queues are generally private rabbitmq_private: true @@ -37,3 +40,5 @@ ipa_getcert_requested_hostnames: key_location: "{{ rabbitmq_tls_key }}" cert_location: "{{ rabbitmq_tls_cert }}" postcmd: "/bin/systemctl restart rabbitmq-server" + cnames: + - "rabbitmq-{{ rabbitmq_env }}.rockylinux.org"