├── rabbitmq-env.conf ├── README.md ├── Dockerfile ├── LICENSE └── rabbitmq.config /rabbitmq-env.conf: -------------------------------------------------------------------------------- 1 | NODENAME=rabbit@localhost -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # rabbitmq-mqtt-docker 2 | RabbitMQ Dockerfile with default configuration to run MQTT Broker 3 | 4 | # Build and Run 5 | ``` 6 | $ docker build -t rmq-mqtt . 7 | $ docker run -it \ 8 | -p 15672:15672 -p 5672:5672 -p 1883:1883 \ 9 | -v $PWD/docker/var/lib/rabbitmq:/var/lib/rabbitmq \ 10 | rmq-mqtt 11 | ``` 12 | Admin interface will be available at localhost:15672 (admin:admin) 13 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM rabbitmq:3.6 2 | 3 | ENV RABBITMQ_DEFAULT_USER admin 4 | ENV RABBITMQ_DEFAULT_PASS admin 5 | 6 | RUN rabbitmq-plugins enable --offline rabbitmq_management 7 | RUN rabbitmq-plugins enable --offline rabbitmq_mqtt 8 | 9 | COPY rabbitmq-env.conf /etc/rabbitmq/rabbitmq-env.conf 10 | COPY rabbitmq.config /etc/rabbitmq/rabbitmq.config 11 | RUN chown -R rabbitmq:rabbitmq /var/lib/rabbitmq /etc/rabbitmq &&\ 12 | chmod 777 /var/lib/rabbitmq /etc/rabbitmq 13 | 14 | EXPOSE 15672 15 | EXPOSE 5672 16 | EXPOSE 1883 17 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 João Ricardo 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /rabbitmq.config: -------------------------------------------------------------------------------- 1 | %% -*- mode: erlang -*- 2 | %% ---------------------------------------------------------------------------- 3 | %% RabbitMQ Sample Configuration File. 4 | %% 5 | %% See http://www.rabbitmq.com/configure.html for details. 6 | %% ---------------------------------------------------------------------------- 7 | [ 8 | {rabbit, 9 | [%% 10 | %% Network Connectivity 11 | %% ==================== 12 | %% 13 | 14 | %% By default, RabbitMQ will listen on all interfaces, using 15 | %% the standard (reserved) AMQP port. 16 | %% 17 | %% {tcp_listeners, [5672]}, 18 | 19 | %% To listen on a specific interface, provide a tuple of {IpAddress, Port}. 20 | %% For example, to listen only on localhost for both IPv4 and IPv6: 21 | %% 22 | %% {tcp_listeners, [{"127.0.0.1", 5672}, 23 | %% {"::1", 5672}]}, 24 | 25 | %% SSL listeners are configured in the same fashion as TCP listeners, 26 | %% including the option to control the choice of interface. 27 | %% 28 | %% {ssl_listeners, [5671]}, 29 | 30 | %% Number of Erlang processes that will accept connections for the TCP 31 | %% and SSL listeners. 32 | %% 33 | %% {num_tcp_acceptors, 10}, 34 | %% {num_ssl_acceptors, 1}, 35 | 36 | %% Maximum time for AMQP 0-8/0-9/0-9-1 handshake (after socket connection 37 | %% and SSL handshake), in milliseconds. 38 | %% 39 | %% {handshake_timeout, 10000}, 40 | 41 | %% Log levels (currently just used for connection logging). 42 | %% One of 'debug', 'info', 'warning', 'error' or 'none', in decreasing 43 | %% order of verbosity. Defaults to 'info'. 44 | %% 45 | %% {log_levels, [{connection, info}, {channel, info}]}, 46 | 47 | %% Set to 'true' to perform reverse DNS lookups when accepting a 48 | %% connection. Hostnames will then be shown instead of IP addresses 49 | %% in rabbitmqctl and the management plugin. 50 | %% 51 | %% {reverse_dns_lookups, true}, 52 | 53 | %% 54 | %% Security / AAA 55 | %% ============== 56 | %% 57 | 58 | %% The default "guest" user is only permitted to access the server 59 | %% via a loopback interface (e.g. localhost). 60 | %% {loopback_users, [<<"guest">>]}, 61 | %% 62 | %% Uncomment the following line if you want to allow access to the 63 | %% guest user from anywhere on the network. 64 | %% {loopback_users, []}, 65 | 66 | %% Configuring SSL. 67 | %% See http://www.rabbitmq.com/ssl.html for full documentation. 68 | %% 69 | %% {ssl_options, [{cacertfile, "/path/to/testca/cacert.pem"}, 70 | %% {certfile, "/path/to/server/cert.pem"}, 71 | %% {keyfile, "/path/to/server/key.pem"}, 72 | %% {verify, verify_peer}, 73 | %% {fail_if_no_peer_cert, false}]}, 74 | 75 | %% Choose the available SASL mechanism(s) to expose. 76 | %% The two default (built in) mechanisms are 'PLAIN' and 77 | %% 'AMQPLAIN'. Additional mechanisms can be added via 78 | %% plugins. 79 | %% 80 | %% See http://www.rabbitmq.com/authentication.html for more details. 81 | %% 82 | %% {auth_mechanisms, ['PLAIN', 'AMQPLAIN']}, 83 | 84 | %% Select an authentication database to use. RabbitMQ comes bundled 85 | %% with a built-in auth-database, based on mnesia. 86 | %% 87 | %% {auth_backends, [rabbit_auth_backend_internal]}, 88 | 89 | %% Configurations supporting the rabbitmq_auth_mechanism_ssl and 90 | %% rabbitmq_auth_backend_ldap plugins. 91 | %% 92 | %% NB: These options require that the relevant plugin is enabled. 93 | %% See http://www.rabbitmq.com/plugins.html for further details. 94 | 95 | %% The RabbitMQ-auth-mechanism-ssl plugin makes it possible to 96 | %% authenticate a user based on the client's SSL certificate. 97 | %% 98 | %% To use auth-mechanism-ssl, add to or replace the auth_mechanisms 99 | %% list with the entry 'EXTERNAL'. 100 | %% 101 | %% {auth_mechanisms, ['EXTERNAL']}, 102 | 103 | %% The rabbitmq_auth_backend_ldap plugin allows the broker to 104 | %% perform authentication and authorisation by deferring to an 105 | %% external LDAP server. 106 | %% 107 | %% For more information about configuring the LDAP backend, see 108 | %% http://www.rabbitmq.com/ldap.html. 109 | %% 110 | %% Enable the LDAP auth backend by adding to or replacing the 111 | %% auth_backends entry: 112 | %% 113 | %% {auth_backends, [rabbit_auth_backend_ldap]}, 114 | 115 | %% This pertains to both the rabbitmq_auth_mechanism_ssl plugin and 116 | %% STOMP ssl_cert_login configurations. See the rabbitmq_stomp 117 | %% configuration section later in this file and the README in 118 | %% https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further 119 | %% details. 120 | %% 121 | %% To use the SSL cert's CN instead of its DN as the username 122 | %% 123 | %% {ssl_cert_login_from, common_name}, 124 | 125 | %% SSL handshake timeout, in milliseconds. 126 | %% 127 | %% {ssl_handshake_timeout, 5000}, 128 | 129 | %% Password hashing implementation. Will only affect newly 130 | %% created users. To recalculate hash for an existing user 131 | %% it's necessary to update her password. 132 | %% 133 | %% {password_hashing_module, rabbit_password_hashing_sha256}, 134 | 135 | %% Configuration entry encryption. 136 | %% See http://www.rabbitmq.com/configure.html#configuration-encryption 137 | %% 138 | %% To specify the passphrase in the configuration file: 139 | %% 140 | %% {config_entry_decoder, [{passphrase, <<"mypassphrase">>}]} 141 | %% 142 | %% To specify the passphrase in an external file: 143 | %% 144 | %% {config_entry_decoder, [{passphrase, {file, "/path/to/passphrase/file"}}]} 145 | %% 146 | %% To make the broker request the passphrase when it starts: 147 | %% 148 | %% {config_entry_decoder, [{passphrase, prompt}]} 149 | %% 150 | %% To change encryption settings: 151 | %% 152 | %% {config_entry_decoder, [{cipher, aes_cbc256}, 153 | %% {hash, sha512}, 154 | %% {iterations, 1000}]} 155 | 156 | %% 157 | %% Default User / VHost 158 | %% ==================== 159 | %% 160 | 161 | %% On first start RabbitMQ will create a vhost and a user. These 162 | %% config items control what gets created. See 163 | %% http://www.rabbitmq.com/access-control.html for further 164 | %% information about vhosts and access control. 165 | %% 166 | %% {default_vhost, <<"/">>}, 167 | %% {default_user, <<"guest">>}, 168 | %% {default_pass, <<"guest">>}, 169 | %% {default_permissions, [<<".*">>, <<".*">>, <<".*">>]}, 170 | 171 | %% Tags for default user 172 | %% 173 | %% For more details about tags, see the documentation for the 174 | %% Management Plugin at http://www.rabbitmq.com/management.html. 175 | %% 176 | %% {default_user_tags, [administrator]}, 177 | 178 | %% 179 | %% Additional network and protocol related configuration 180 | %% ===================================================== 181 | %% 182 | 183 | %% Set the default AMQP heartbeat delay (in seconds). 184 | %% 185 | %% {heartbeat, 60}, 186 | 187 | %% Set the max permissible size of an AMQP frame (in bytes). 188 | %% 189 | %% {frame_max, 131072}, 190 | 191 | %% Set the max frame size the server will accept before connection 192 | %% tuning occurs 193 | %% 194 | %% {initial_frame_max, 4096}, 195 | 196 | %% Set the max permissible number of channels per connection. 197 | %% 0 means "no limit". 198 | %% 199 | %% {channel_max, 128}, 200 | 201 | %% Customising Socket Options. 202 | %% 203 | %% See (http://www.erlang.org/doc/man/inet.html#setopts-2) for 204 | %% further documentation. 205 | %% 206 | %% {tcp_listen_options, [{backlog, 128}, 207 | %% {nodelay, true}, 208 | %% {exit_on_close, false}]}, 209 | 210 | %% 211 | %% Resource Limits & Flow Control 212 | %% ============================== 213 | %% 214 | %% See http://www.rabbitmq.com/memory.html for full details. 215 | 216 | %% Memory-based Flow Control threshold. 217 | %% 218 | %% {vm_memory_high_watermark, 0.4}, 219 | 220 | %% Alternatively, we can set a limit (in bytes) of RAM used by the node. 221 | %% 222 | %% {vm_memory_high_watermark, {absolute, 1073741824}}, 223 | %% 224 | %% Or you can set absolute value using memory units. 225 | %% 226 | %% {vm_memory_high_watermark, {absolute, "1024M"}}, 227 | %% 228 | %% Supported units suffixes: 229 | %% 230 | %% k, kiB: kibibytes (2^10 bytes) 231 | %% M, MiB: mebibytes (2^20) 232 | %% G, GiB: gibibytes (2^30) 233 | %% kB: kilobytes (10^3) 234 | %% MB: megabytes (10^6) 235 | %% GB: gigabytes (10^9) 236 | 237 | %% Fraction of the high watermark limit at which queues start to 238 | %% page message out to disc in order to free up memory. 239 | %% 240 | %% Values greater than 0.9 can be dangerous and should be used carefully. 241 | %% 242 | %% {vm_memory_high_watermark_paging_ratio, 0.5}, 243 | 244 | %% Interval (in milliseconds) at which we perform the check of the memory 245 | %% levels against the watermarks. 246 | %% 247 | %% {memory_monitor_interval, 2500}, 248 | 249 | %% Set disk free limit (in bytes). Once free disk space reaches this 250 | %% lower bound, a disk alarm will be set - see the documentation 251 | %% listed above for more details. 252 | %% 253 | %% {disk_free_limit, 50000000}, 254 | %% 255 | %% Or you can set it using memory units (same as in vm_memory_high_watermark) 256 | %% {disk_free_limit, "50MB"}, 257 | %% {disk_free_limit, "50000kB"}, 258 | %% {disk_free_limit, "2GB"}, 259 | 260 | %% Alternatively, we can set a limit relative to total available RAM. 261 | %% 262 | %% Values lower than 1.0 can be dangerous and should be used carefully. 263 | %% {disk_free_limit, {mem_relative, 2.0}}, 264 | 265 | %% 266 | %% Misc/Advanced Options 267 | %% ===================== 268 | %% 269 | %% NB: Change these only if you understand what you are doing! 270 | %% 271 | 272 | %% To announce custom properties to clients on connection: 273 | %% 274 | %% {server_properties, []}, 275 | 276 | %% How to respond to cluster partitions. 277 | %% See http://www.rabbitmq.com/partitions.html for further details. 278 | %% 279 | %% {cluster_partition_handling, ignore}, 280 | 281 | %% Make clustering happen *automatically* at startup - only applied 282 | %% to nodes that have just been reset or started for the first time. 283 | %% See http://www.rabbitmq.com/clustering.html#auto-config for 284 | %% further details. 285 | %% 286 | %% {cluster_nodes, {['rabbit@my.host.com'], disc}}, 287 | 288 | %% Interval (in milliseconds) at which we send keepalive messages 289 | %% to other cluster members. Note that this is not the same thing 290 | %% as net_ticktime; missed keepalive messages will not cause nodes 291 | %% to be considered down. 292 | %% 293 | %% {cluster_keepalive_interval, 10000}, 294 | 295 | %% Set (internal) statistics collection granularity. 296 | %% 297 | %% {collect_statistics, none}, 298 | 299 | %% Statistics collection interval (in milliseconds). 300 | %% 301 | %% {collect_statistics_interval, 5000}, 302 | 303 | %% Explicitly enable/disable hipe compilation. 304 | %% 305 | %% {hipe_compile, true}, 306 | 307 | %% Timeout used when waiting for Mnesia tables in a cluster to 308 | %% become available. 309 | %% 310 | %% {mnesia_table_loading_timeout, 30000}, 311 | 312 | %% Size in bytes below which to embed messages in the queue index. See 313 | %% http://www.rabbitmq.com/persistence-conf.html 314 | %% 315 | %% {queue_index_embed_msgs_below, 4096}, 316 | 317 | %% Whether or not to enable background GC. 318 | %% 319 | %% {background_gc_enabled, true}, 320 | %% 321 | %% Interval (in milliseconds) at which we run background GC. 322 | %% 323 | %% {background_gc_target_interval, 60000} 324 | 325 | ]}, 326 | 327 | %% ---------------------------------------------------------------------------- 328 | %% Advanced Erlang Networking/Clustering Options. 329 | %% 330 | %% See http://www.rabbitmq.com/clustering.html for details 331 | %% ---------------------------------------------------------------------------- 332 | {kernel, 333 | [%% Sets the net_kernel tick time. 334 | %% Please see http://erlang.org/doc/man/kernel_app.html and 335 | %% http://www.rabbitmq.com/nettick.html for further details. 336 | %% 337 | %% {net_ticktime, 60} 338 | ]}, 339 | 340 | %% ---------------------------------------------------------------------------- 341 | %% RabbitMQ Management Plugin 342 | %% 343 | %% See http://www.rabbitmq.com/management.html for details 344 | %% ---------------------------------------------------------------------------- 345 | 346 | {rabbitmq_management, 347 | [%% Pre-Load schema definitions from the following JSON file. See 348 | %% http://www.rabbitmq.com/management.html#load-definitions 349 | %% 350 | %% {load_definitions, "/path/to/schema.json"}, 351 | 352 | %% Log all requests to the management HTTP API to a file. 353 | %% 354 | %% {http_log_dir, "/path/to/access.log"}, 355 | 356 | %% Change the port on which the HTTP listener listens, 357 | %% specifying an interface for the web server to bind to. 358 | %% Also set the listener to use SSL and provide SSL options. 359 | %% 360 | %% {listener, [{port, 12345}, 361 | %% {ip, "127.0.0.1"}, 362 | %% {ssl, true}, 363 | %% {ssl_opts, [{cacertfile, "/path/to/cacert.pem"}, 364 | %% {certfile, "/path/to/cert.pem"}, 365 | %% {keyfile, "/path/to/key.pem"}]}]}, 366 | 367 | %% One of 'basic', 'detailed' or 'none'. See 368 | %% http://www.rabbitmq.com/management.html#fine-stats for more details. 369 | %% {rates_mode, basic}, 370 | 371 | %% Configure how long aggregated data (such as message rates and queue 372 | %% lengths) is retained. Please read the plugin's documentation in 373 | %% http://www.rabbitmq.com/management.html#configuration for more 374 | %% details. 375 | %% 376 | %% {sample_retention_policies, 377 | %% [{global, [{60, 5}, {3600, 60}, {86400, 1200}]}, 378 | %% {basic, [{60, 5}, {3600, 60}]}, 379 | %% {detailed, [{10, 5}]}]} 380 | ]}, 381 | 382 | %% ---------------------------------------------------------------------------- 383 | %% RabbitMQ Shovel Plugin 384 | %% 385 | %% See http://www.rabbitmq.com/shovel.html for details 386 | %% ---------------------------------------------------------------------------- 387 | 388 | {rabbitmq_shovel, 389 | [{shovels, 390 | [%% A named shovel worker. 391 | %% {my_first_shovel, 392 | %% [ 393 | 394 | %% List the source broker(s) from which to consume. 395 | %% 396 | %% {sources, 397 | %% [%% URI(s) and pre-declarations for all source broker(s). 398 | %% {brokers, ["amqp://user:password@host.domain/my_vhost"]}, 399 | %% {declarations, []} 400 | %% ]}, 401 | 402 | %% List the destination broker(s) to publish to. 403 | %% {destinations, 404 | %% [%% A singular version of the 'brokers' element. 405 | %% {broker, "amqp://"}, 406 | %% {declarations, []} 407 | %% ]}, 408 | 409 | %% Name of the queue to shovel messages from. 410 | %% 411 | %% {queue, <<"your-queue-name-goes-here">>}, 412 | 413 | %% Optional prefetch count. 414 | %% 415 | %% {prefetch_count, 10}, 416 | 417 | %% when to acknowledge messages: 418 | %% - no_ack: never (auto) 419 | %% - on_publish: after each message is republished 420 | %% - on_confirm: when the destination broker confirms receipt 421 | %% 422 | %% {ack_mode, on_confirm}, 423 | 424 | %% Overwrite fields of the outbound basic.publish. 425 | %% 426 | %% {publish_fields, [{exchange, <<"my_exchange">>}, 427 | %% {routing_key, <<"from_shovel">>}]}, 428 | 429 | %% Static list of basic.properties to set on re-publication. 430 | %% 431 | %% {publish_properties, [{delivery_mode, 2}]}, 432 | 433 | %% The number of seconds to wait before attempting to 434 | %% reconnect in the event of a connection failure. 435 | %% 436 | %% {reconnect_delay, 2.5} 437 | 438 | %% ]} %% End of my_first_shovel 439 | ]} 440 | %% Rather than specifying some values per-shovel, you can specify 441 | %% them for all shovels here. 442 | %% 443 | %% {defaults, [{prefetch_count, 0}, 444 | %% {ack_mode, on_confirm}, 445 | %% {publish_fields, []}, 446 | %% {publish_properties, [{delivery_mode, 2}]}, 447 | %% {reconnect_delay, 2.5}]} 448 | ]}, 449 | 450 | %% ---------------------------------------------------------------------------- 451 | %% RabbitMQ Stomp Adapter 452 | %% 453 | %% See http://www.rabbitmq.com/stomp.html for details 454 | %% ---------------------------------------------------------------------------- 455 | 456 | {rabbitmq_stomp, 457 | [%% Network Configuration - the format is generally the same as for the broker 458 | 459 | %% Listen only on localhost (ipv4 & ipv6) on a specific port. 460 | %% {tcp_listeners, [{"127.0.0.1", 61613}, 461 | %% {"::1", 61613}]}, 462 | 463 | %% Listen for SSL connections on a specific port. 464 | %% {ssl_listeners, [61614]}, 465 | 466 | %% Number of Erlang processes that will accept connections for the TCP 467 | %% and SSL listeners. 468 | %% 469 | %% {num_tcp_acceptors, 10}, 470 | %% {num_ssl_acceptors, 1}, 471 | 472 | %% Additional SSL options 473 | 474 | %% Extract a name from the client's certificate when using SSL. 475 | %% 476 | %% {ssl_cert_login, true}, 477 | 478 | %% Set a default user name and password. This is used as the default login 479 | %% whenever a CONNECT frame omits the login and passcode headers. 480 | %% 481 | %% Please note that setting this will allow clients to connect without 482 | %% authenticating! 483 | %% 484 | %% {default_user, [{login, "guest"}, 485 | %% {passcode, "guest"}]}, 486 | 487 | %% If a default user is configured, or you have configured use SSL client 488 | %% certificate based authentication, you can choose to allow clients to 489 | %% omit the CONNECT frame entirely. If set to true, the client is 490 | %% automatically connected as the default user or user supplied in the 491 | %% SSL certificate whenever the first frame sent on a session is not a 492 | %% CONNECT frame. 493 | %% 494 | %% {implicit_connect, true} 495 | ]}, 496 | 497 | %% ---------------------------------------------------------------------------- 498 | %% RabbitMQ MQTT Adapter 499 | %% 500 | %% See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md 501 | %% for details 502 | %% ---------------------------------------------------------------------------- 503 | 504 | {rabbitmq_mqtt, 505 | [ 506 | {default_user, <<"admin">>}, 507 | {default_pass, <<"admin">>}, 508 | {allow_anonymous, true}, 509 | {vhost, <<"/">>}, 510 | {exchange, <<"amq.topic">>}, 511 | {subscription_ttl, 1800000}, 512 | {prefetch, 10}, 513 | {ssl_listeners, []},s 514 | %% Default MQTT with TLS port is 8883 515 | %% {ssl_listeners, [8883]} 516 | {tcp_listeners, [1883]}, 517 | {tcp_listen_options, [{backlog, 128}, 518 | {nodelay, true}]} 519 | 520 | 521 | %% Set the default user name and password. Will be used as the default login 522 | %% if a connecting client provides no other login details. 523 | %% 524 | %% Please note that setting this will allow clients to connect without 525 | %% authenticating! 526 | %% 527 | %% {default_user, <<"guest">>}, 528 | %% {default_pass, <<"guest">>}, 529 | 530 | %% Enable anonymous access. If this is set to false, clients MUST provide 531 | %% login information in order to connect. See the default_user/default_pass 532 | %% configuration elements for managing logins without authentication. 533 | %% 534 | %% {allow_anonymous, true}, 535 | 536 | %% If you have multiple chosts, specify the one to which the 537 | %% adapter connects. 538 | %% 539 | %% {vhost, <<"/">>}, 540 | 541 | %% Specify the exchange to which messages from MQTT clients are published. 542 | %% 543 | %% {exchange, <<"amq.topic">>}, 544 | 545 | %% Specify TTL (time to live) to control the lifetime of non-clean sessions. 546 | %% 547 | %% {subscription_ttl, 1800000}, 548 | 549 | %% Set the prefetch count (governing the maximum number of unacknowledged 550 | %% messages that will be delivered). 551 | %% 552 | %% {prefetch, 10}, 553 | 554 | %% TCP/SSL Configuration (as per the broker configuration). 555 | %% 556 | %% {tcp_listeners, [1883]}, 557 | %% {ssl_listeners, []}, 558 | 559 | %% Number of Erlang processes that will accept connections for the TCP 560 | %% and SSL listeners. 561 | %% 562 | %% {num_tcp_acceptors, 10}, 563 | %% {num_ssl_acceptors, 1}, 564 | 565 | %% TCP/Socket options (as per the broker configuration). 566 | %% 567 | %% {tcp_listen_options, [{backlog, 128}, 568 | %% {nodelay, true}]} 569 | ]}, 570 | 571 | %% ---------------------------------------------------------------------------- 572 | %% RabbitMQ AMQP 1.0 Support 573 | %% 574 | %% See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md 575 | %% for details 576 | %% ---------------------------------------------------------------------------- 577 | 578 | {rabbitmq_amqp1_0, 579 | [%% Connections that are not authenticated with SASL will connect as this 580 | %% account. See the README for more information. 581 | %% 582 | %% Please note that setting this will allow clients to connect without 583 | %% authenticating! 584 | %% 585 | %% {default_user, "guest"}, 586 | 587 | %% Enable protocol strict mode. See the README for more information. 588 | %% 589 | %% {protocol_strict_mode, false} 590 | ]}, 591 | 592 | %% ---------------------------------------------------------------------------- 593 | %% RabbitMQ LDAP Plugin 594 | %% 595 | %% See http://www.rabbitmq.com/ldap.html for details. 596 | %% 597 | %% ---------------------------------------------------------------------------- 598 | 599 | {rabbitmq_auth_backend_ldap, 600 | [%% 601 | %% Connecting to the LDAP server(s) 602 | %% ================================ 603 | %% 604 | 605 | %% Specify servers to bind to. You *must* set this in order for the plugin 606 | %% to work properly. 607 | %% 608 | %% {servers, ["your-server-name-goes-here"]}, 609 | 610 | %% Connect to the LDAP server using SSL 611 | %% 612 | %% {use_ssl, false}, 613 | 614 | %% Specify the LDAP port to connect to 615 | %% 616 | %% {port, 389}, 617 | 618 | %% LDAP connection timeout, in milliseconds or 'infinity' 619 | %% 620 | %% {timeout, infinity}, 621 | 622 | %% Enable logging of LDAP queries. 623 | %% One of 624 | %% - false (no logging is performed) 625 | %% - true (verbose logging of the logic used by the plugin) 626 | %% - network (as true, but additionally logs LDAP network traffic) 627 | %% 628 | %% Defaults to false. 629 | %% 630 | %% {log, false}, 631 | 632 | %% 633 | %% Authentication 634 | %% ============== 635 | %% 636 | 637 | %% Pattern to convert the username given through AMQP to a DN before 638 | %% binding 639 | %% 640 | %% {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"}, 641 | 642 | %% Alternatively, you can convert a username to a Distinguished 643 | %% Name via an LDAP lookup after binding. See the documentation for 644 | %% full details. 645 | 646 | %% When converting a username to a dn via a lookup, set these to 647 | %% the name of the attribute that represents the user name, and the 648 | %% base DN for the lookup query. 649 | %% 650 | %% {dn_lookup_attribute, "userPrincipalName"}, 651 | %% {dn_lookup_base, "DC=gopivotal,DC=com"}, 652 | 653 | %% Controls how to bind for authorisation queries and also to 654 | %% retrieve the details of users logging in without presenting a 655 | %% password (e.g., SASL EXTERNAL). 656 | %% One of 657 | %% - as_user (to bind as the authenticated user - requires a password) 658 | %% - anon (to bind anonymously) 659 | %% - {UserDN, Password} (to bind with a specified user name and password) 660 | %% 661 | %% Defaults to 'as_user'. 662 | %% 663 | %% {other_bind, as_user}, 664 | 665 | %% 666 | %% Authorisation 667 | %% ============= 668 | %% 669 | 670 | %% The LDAP plugin can perform a variety of queries against your 671 | %% LDAP server to determine questions of authorisation. See 672 | %% http://www.rabbitmq.com/ldap.html#authorisation for more 673 | %% information. 674 | 675 | %% Set the query to use when determining vhost access 676 | %% 677 | %% {vhost_access_query, {in_group, 678 | %% "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}}, 679 | 680 | %% Set the query to use when determining resource (e.g., queue) access 681 | %% 682 | %% {resource_access_query, {constant, true}}, 683 | 684 | %% Set queries to determine which tags a user has 685 | %% 686 | %% {tag_queries, []} 687 | ]} 688 | ]. 689 | --------------------------------------------------------------------------------