├── .ansible-lint ├── .flake8 ├── .github ├── config.yml ├── release-drafter.yml ├── settings.yml ├── stale.yml └── workflows │ ├── default.yml │ └── release-drafter.yml ├── .gitignore ├── .gitlab-ci.yml ├── .pre-commit-config.yaml ├── .travis.yml ├── .yamllint ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── CONTRIBUTORS.md ├── LICENSE.md ├── README.md ├── defaults └── main.yml ├── files └── .gitkeep ├── handlers └── main.yml ├── meta └── main.yml ├── molecule ├── centos7 │ ├── INSTALL.rst │ ├── molecule.yml │ └── verify.yml ├── centos8 │ ├── INSTALL.rst │ ├── molecule.yml │ └── verify.yml ├── debian10 │ ├── INSTALL.rst │ ├── molecule.yml │ └── verify.yml ├── debian8 │ ├── INSTALL.rst │ ├── molecule.yml │ └── verify.yml ├── debian9 │ ├── INSTALL.rst │ ├── molecule.yml │ └── verify.yml ├── fedora │ ├── INSTALL.rst │ ├── molecule.yml │ └── verify.yml ├── shared │ ├── converge.yml │ ├── prepare.yml │ └── verify.yml ├── ubuntu1604 │ ├── INSTALL.rst │ ├── molecule.yml │ └── verify.yml ├── ubuntu1804 │ ├── INSTALL.rst │ ├── molecule.yml │ └── verify.yml └── ubuntu2004 │ ├── INSTALL.rst │ ├── converge.yml │ ├── molecule.yml │ └── verify.yml ├── playbook.yml ├── poetry.lock ├── pyproject.toml ├── requirements-dev.txt ├── requirements.txt ├── requirements.yml ├── tasks ├── config.yml ├── debian.yml ├── fedora.yml ├── main.yml ├── rabbitmq_clustering.yml ├── rabbitmq_config.yml ├── rabbitmq_ha_config.yml ├── rabbitmq_plugins.yml ├── rabbitmq_users.yml ├── rabbitmq_vhosts.yml └── redhat.yml ├── templates ├── .gitkeep ├── erlang.cookie.j2 └── etc │ └── rabbitmq │ ├── rabbitmq-env.conf.j2 │ ├── rabbitmq.config │ └── rabbitmq.config.j2 └── vars └── main.yml /.ansible-lint: -------------------------------------------------------------------------------- 1 | skip_list: 2 | - name[casing] 3 | -------------------------------------------------------------------------------- /.flake8: -------------------------------------------------------------------------------- 1 | [flake8] 2 | max-line-length = 88 3 | exclude = .venv/ 4 | -------------------------------------------------------------------------------- /.github/config.yml: -------------------------------------------------------------------------------- 1 | # Configuration for request-info - https://github.com/behaviorbot/request-info 2 | 3 | # *Required* Comment to reply with 4 | requestInfoReplyComment: > 5 | We would appreciate it if you could provide us with more info about this issue/pr! 6 | 7 | # *OPTIONAL* default titles to check against for lack of descriptiveness 8 | # MUST BE ALL LOWERCASE 9 | requestInfoDefaultTitles: 10 | - update readme.md 11 | - updates 12 | 13 | # *OPTIONAL* Label to be added to Issues and Pull Requests with insufficient information given 14 | requestInfoLabelToAdd: needs-more-info 15 | -------------------------------------------------------------------------------- /.github/release-drafter.yml: -------------------------------------------------------------------------------- 1 | name-template: "v$RESOLVED_VERSION 🌈" 2 | tag-template: "v$RESOLVED_VERSION" 3 | categories: 4 | - title: "🚀 Features" 5 | labels: 6 | - "feature" 7 | - "enhancement" 8 | - title: "🐛 Bug Fixes" 9 | labels: 10 | - "fix" 11 | - "bugfix" 12 | - "bug" 13 | - title: "🧰 Maintenance" 14 | label: "chore" 15 | - title: "🧺 Miscellaneous" #Everything except ABAP 16 | label: "misc" 17 | change-template: "- $TITLE @$AUTHOR (#$NUMBER)" 18 | change-title-escapes: '\<*_&' # You can add # and @ to disable mentions, and add ` to disable code blocks. 19 | version-resolver: 20 | major: 21 | labels: 22 | - "major" 23 | minor: 24 | labels: 25 | - "minor" 26 | patch: 27 | labels: 28 | - "patch" 29 | default: patch 30 | template: | 31 | ## Changes 32 | $CHANGES 33 | -------------------------------------------------------------------------------- /.github/settings.yml: -------------------------------------------------------------------------------- 1 | # These settings are synced to GitHub by https://probot.github.io/apps/settings/ 2 | 3 | repository: 4 | # See https://developer.github.com/v3/repos/#edit for all available settings. 5 | 6 | # The name of the repository. Changing this will rename the repository 7 | name: ansible-rabbitmq 8 | 9 | # A short description of the repository that will show up on GitHub 10 | description: Ansible role to install/configure RabbitMQ 11 | 12 | # A comma-separated list of topics to set on the repository 13 | topics: ansible, ansible-role 14 | -------------------------------------------------------------------------------- /.github/stale.yml: -------------------------------------------------------------------------------- 1 | # Number of days of inactivity before an issue becomes stale 2 | daysUntilStale: 60 3 | # Number of days of inactivity before a stale issue is closed 4 | daysUntilClose: 7 5 | # Issues with these labels will never be considered stale 6 | exemptLabels: 7 | - pinned 8 | - security 9 | # Label to use when marking an issue as stale 10 | staleLabel: wontfix 11 | # Comment to post when marking an issue as stale. Set to `false` to disable 12 | markComment: > 13 | This issue has been automatically marked as stale because it has not had 14 | recent activity. It will be closed if no further activity occurs. Thank you 15 | for your contributions. 16 | # Comment to post when closing a stale issue. Set to `false` to disable 17 | closeComment: false 18 | -------------------------------------------------------------------------------- /.github/workflows/default.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Molecule Test 3 | on: 4 | push: 5 | branches-ignore: 6 | - main 7 | - master 8 | pull_request: 9 | branches: 10 | - develop 11 | - main 12 | - master 13 | jobs: 14 | build: 15 | runs-on: ubuntu-latest 16 | strategy: 17 | fail-fast: false 18 | max-parallel: 4 19 | matrix: 20 | molecule_distro: 21 | # - alpine313 22 | # - alpine314 23 | # - centos7 24 | # - centos8 25 | # - debian8 26 | # - debian9 27 | # - debian10 28 | # - debian11 29 | # - fedora 30 | # - fedora34 31 | # - fedora35 32 | # - rocky8 33 | # - ubuntu1604 34 | - ubuntu1804 35 | - ubuntu2004 36 | # - ubuntu2204 37 | python-version: [3.9] 38 | steps: 39 | - uses: actions/checkout@v3 40 | with: 41 | submodules: recursive 42 | - name: Set up Python ${{ matrix.python-version }} 43 | uses: actions/setup-python@v4 44 | with: 45 | python-version: ${{ matrix.python-version }} 46 | - uses: actions/cache@v2 47 | with: 48 | path: ~/.cache/pip 49 | key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }} 50 | restore-keys: | 51 | ${{ runner.os }}-pip- 52 | - name: Install dependencies 53 | run: | 54 | python -m pip install --upgrade pip 55 | pip install -r requirements.txt -r requirements-dev.txt 56 | pip install pre-commit 57 | - name: Run pre-commit checks 58 | run: | 59 | SKIP=no-commit-to-branch pre-commit run --all-files 60 | - name: Test with molecule 61 | run: | 62 | molecule test --scenario-name ${{ matrix.molecule_distro }} 63 | -------------------------------------------------------------------------------- /.github/workflows/release-drafter.yml: -------------------------------------------------------------------------------- 1 | name: Release Drafter 2 | 3 | on: 4 | push: 5 | # branches to consider in the event; optional, defaults to all 6 | branches: 7 | - main 8 | - master 9 | 10 | jobs: 11 | update_release_draft: 12 | runs-on: ubuntu-latest 13 | steps: 14 | # Drafts your next Release notes as Pull Requests are merged into "master" 15 | - uses: release-drafter/release-drafter@v5 16 | env: 17 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 18 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | !* 2 | 3 | ### Ansible 4 | .cache/ 5 | 6 | ### VirtualEnv ### 7 | # Virtualenv 8 | .venv/ 9 | venv/ 10 | 11 | ### VisualStudioCode ### 12 | .vscode/* 13 | !.vscode/settings.json 14 | !.vscode/tasks.json 15 | !.vscode/launch.json 16 | !.vscode/extensions.json 17 | *.code-workspace 18 | 19 | # Local History for Visual Studio Code 20 | .history/ 21 | 22 | ### VisualStudioCode Patch ### 23 | # Ignore all local history of files 24 | .history 25 | .ionide 26 | -------------------------------------------------------------------------------- /.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | --- 2 | image: docker:git 3 | 4 | services: 5 | - docker:dind 6 | 7 | before_script: 8 | - apk update && apk add --no-cache docker 9 | python3-dev py3-pip docker gcc git curl build-base 10 | autoconf automake py3-cryptography linux-headers 11 | musl-dev libffi-dev openssl-dev openssh 12 | - docker info 13 | - python3 --version 14 | - pip3 install -r requirements.txt 15 | - ansible --version 16 | - molecule --version 17 | 18 | molecule: 19 | stage: test 20 | script: 21 | - molecule test --scenario-name centos7 22 | # - molecule test --scenario-name centos8 23 | # - molecule test --scenario-name debian8 24 | - molecule test --scenario-name debian9 25 | - molecule test --scenario-name debian10 26 | # - molecule test --scenario-name fedora 27 | - molecule test --scenario-name ubuntu1604 28 | - molecule test --scenario-name ubuntu1804 29 | -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- 1 | # See https://pre-commit.com for more information 2 | # See https://pre-commit.com/hooks.html for more hooks 3 | repos: 4 | - repo: https://github.com/pre-commit/pre-commit-hooks 5 | rev: v4.5.0 6 | hooks: 7 | - id: check-added-large-files 8 | - id: check-executables-have-shebangs 9 | - id: check-merge-conflict 10 | - id: check-symlinks 11 | - id: detect-private-key 12 | - id: end-of-file-fixer 13 | - id: no-commit-to-branch 14 | args: [--branch, develop, --branch, master, --branch, main] 15 | - id: trailing-whitespace 16 | - repo: https://github.com/ansible-community/ansible-lint 17 | rev: v6.22.1 18 | hooks: 19 | - id: ansible-lint 20 | - repo: https://github.com/psf/black 21 | rev: 23.3.0 22 | hooks: 23 | - id: black 24 | language_version: python3 25 | - repo: https://github.com/PyCQA/flake8 26 | rev: 6.1.0 27 | hooks: 28 | - id: flake8 29 | - repo: https://github.com/adrienverge/yamllint 30 | rev: v1.33.0 31 | hooks: 32 | - id: yamllint 33 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sudo: required 3 | language: python 4 | services: 5 | - docker 6 | before_install: 7 | - sudo apt-get -qq update 8 | env: 9 | # - molecule_distro=centos7 10 | - molecule_distro=centos8 11 | # - molecule_distro=debian8 12 | - molecule_distro=debian9 13 | - molecule_distro=debian10 14 | # - molecule_distro=fedora 15 | # - molecule_distro=ubuntu1604 16 | - molecule_distro=ubuntu1804 17 | - molecule_distro=ubuntu2004 18 | install: 19 | - python -m pip install --upgrade pip 20 | - pip install -r requirements.txt -r requirements-dev.txt 21 | - pip install pre-commit 22 | script: 23 | - molecule test --scenario-name "$molecule_distro" 24 | notifications: 25 | webhooks: https://galaxy.ansible.com/api/v1/notifications/ 26 | -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- 1 | --- 2 | # Based on ansible-lint config 3 | extends: default 4 | 5 | ignore: | 6 | .venv/ 7 | 8 | rules: 9 | braces: 10 | max-spaces-inside: 1 11 | level: error 12 | brackets: 13 | max-spaces-inside: 1 14 | level: error 15 | colons: 16 | max-spaces-after: -1 17 | level: error 18 | commas: 19 | max-spaces-after: -1 20 | level: error 21 | comments: disable 22 | comments-indentation: disable 23 | document-start: disable 24 | empty-lines: 25 | max: 3 26 | level: error 27 | hyphens: 28 | level: error 29 | indentation: disable 30 | key-duplicates: enable 31 | line-length: disable 32 | new-line-at-end-of-file: disable 33 | new-lines: 34 | type: unix 35 | trailing-spaces: disable 36 | truthy: disable 37 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | In the interest of fostering an open and welcoming environment, we as 6 | contributors and maintainers pledge to making participation in our project and 7 | our community a harassment-free experience for everyone, regardless of age, body 8 | size, disability, ethnicity, sex characteristics, gender identity and expression, 9 | level of experience, education, socio-economic status, nationality, personal 10 | appearance, race, religion, or sexual identity and orientation. 11 | 12 | ## Our Standards 13 | 14 | Examples of behavior that contributes to creating a positive environment 15 | include: 16 | 17 | - Using welcoming and inclusive language 18 | - Being respectful of differing viewpoints and experiences 19 | - Gracefully accepting constructive criticism 20 | - Focusing on what is best for the community 21 | - Showing empathy towards other community members 22 | 23 | Examples of unacceptable behavior by participants include: 24 | 25 | - The use of sexualized language or imagery and unwelcome sexual attention or 26 | advances 27 | - Trolling, insulting/derogatory comments, and personal or political attacks 28 | - Public or private harassment 29 | - Publishing others' private information, such as a physical or electronic 30 | address, without explicit permission 31 | - Other conduct which could reasonably be considered inappropriate in a 32 | professional setting 33 | 34 | ## Our Responsibilities 35 | 36 | Project maintainers are responsible for clarifying the standards of acceptable 37 | behavior and are expected to take appropriate and fair corrective action in 38 | response to any instances of unacceptable behavior. 39 | 40 | Project maintainers have the right and responsibility to remove, edit, or 41 | reject comments, commits, code, wiki edits, issues, and other contributions 42 | that are not aligned to this Code of Conduct, or to ban temporarily or 43 | permanently any contributor for other behaviors that they deem inappropriate, 44 | threatening, offensive, or harmful. 45 | 46 | ## Scope 47 | 48 | This Code of Conduct applies both within project spaces and in public spaces 49 | when an individual is representing the project or its community. Examples of 50 | representing a project or community include using an official project e-mail 51 | address, posting via an official social media account, or acting as an appointed 52 | representative at an online or offline event. Representation of a project may be 53 | further defined and clarified by project maintainers. 54 | 55 | ## Enforcement 56 | 57 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 58 | reported by contacting the project team at mrlesmithjr@gmail.com. All 59 | complaints will be reviewed and investigated and will result in a response that 60 | is deemed necessary and appropriate to the circumstances. The project team is 61 | obligated to maintain confidentiality with regard to the reporter of an incident. 62 | Further details of specific enforcement policies may be posted separately. 63 | 64 | Project maintainers who do not follow or enforce the Code of Conduct in good 65 | faith may face temporary or permanent repercussions as determined by other 66 | members of the project's leadership. 67 | 68 | ## Attribution 69 | 70 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, 71 | available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html 72 | 73 | [homepage]: https://www.contributor-covenant.org 74 | 75 | For answers to common questions about this code of conduct, see 76 | https://www.contributor-covenant.org/faq 77 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing to ansible-rabbitmq 2 | 3 | ## Table Of Contents 4 | 5 | [Code of Conduct](#code-of-conduct) 6 | 7 | ## Code of Conduct 8 | 9 | This project and everyone participating in it is governed by the [ansible-rabbitmq Code of Conduct](CODE_OF_CONDUCT.md). By participating, you are expected to uphold this code. Please report unacceptable behavior to [mrlesmithjr@gmail.com](mailto:mrlesmithjr@gmail.com). 10 | -------------------------------------------------------------------------------- /CONTRIBUTORS.md: -------------------------------------------------------------------------------- 1 | Larry Smith Jr. - mrlesmithjr@gmail.com 2 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2020 Larry Smith Jr. 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ansible-rabbitmq 2 | 3 | Ansible role to install/configure RabbitMQ 4 | 5 | ## Build Status 6 | 7 | ### GitHub Actions 8 | 9 | ![Molecule Test](https://github.com/mrlesmithjr/ansible-rabbitmq/workflows/Molecule%20Test/badge.svg) 10 | 11 | ## Requirements 12 | 13 | For any required Ansible roles, review: 14 | [requirements.yml](requirements.yml) 15 | 16 | ## Role Variables 17 | 18 | [defaults/main.yml](defaults/main.yml) 19 | 20 | ## Dependencies 21 | 22 | ## Example Playbook 23 | 24 | [playbook.yml](playbook.yml) 25 | 26 | ## License 27 | 28 | MIT 29 | 30 | ## Author Information 31 | 32 | Larry Smith Jr. 33 | 34 | - [@mrlesmithjr](https://twitter.com/mrlesmithjr) 35 | - [mrlesmithjr@gmail.com](mailto:mrlesmithjr@gmail.com) 36 | - [http://everythingshouldbevirtual.com](http://everythingshouldbevirtual.com) 37 | 38 | Buy Me A Coffee 39 | 40 | > NOTE: Repo has been created/updated using [https://github.com/mrlesmithjr/cookiecutter-ansible-role](https://github.com/mrlesmithjr/cookiecutter-ansible-role) as a template. 41 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for ansible-rabbitmq 3 | rabbitmq_config: [] 4 | # - queue_name: logstash 5 | # durable: true 6 | # exchange_name: logstash 7 | # type: direct 8 | # routing_key: logstash 9 | # tags: "ha-mode=all,ha-sync-mode=automatic" 10 | # - queue_name: logstash-quorum 11 | # durable: true 12 | # exchange_name: logstash-quorum 13 | # type: direct 14 | # routing_key: logstash 15 | # queue_type: quorum 16 | # tags: "ha-mode=all,ha-sync-mode=automatic" 17 | # - policy_pattern: ".*" 18 | # vhost: apps 19 | # tags: "ha-mode=all,ha-sync-mode=automatic" 20 | 21 | # Defines if rabbitmq ha should be configured 22 | rabbitmq_config_ha: false 23 | 24 | rabbitmq_config_service: false 25 | rabbitmq_config_file: etc/rabbitmq/rabbitmq.config.j2 26 | rabbitmq_config_env_file: etc/rabbitmq/rabbitmq-env.conf.j2 27 | rabbitmq_env_config: {} 28 | 29 | # rabbitmq_debian_repo: deb http://www.rabbitmq.com/debian/ testing main 30 | #other repos 31 | rabbitmq_debian_repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/rabbitmq-server.asc] https://ppa1.rabbitmq.com/rabbitmq/rabbitmq-server/deb/ubuntu {{ ansible_distribution_release }} main" 32 | rabbitmq_debian_repo_key: "https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key" 33 | 34 | 35 | rabbitmq_debian_erlang_from_rabbit: true 36 | rabbitmq_debian_erlang_repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/rabbitmq-erlang.asc] https://ppa1.rabbitmq.com/rabbitmq/rabbitmq-erlang/deb/ubuntu {{ ansible_distribution_release }} main" 37 | rabbitmq_debian_erlang_repo_key: "https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key" 38 | 39 | 40 | # current version if not defined 41 | rabbitmq_debian_version_defined: true 42 | rabbitmq_debian_version: 3.13.7-1 43 | 44 | # Defines if setting up a rabbitmq cluster 45 | rabbitmq_enable_clustering: false 46 | # Defines the inventory host that should be considered master 47 | rabbitmq_master: None 48 | 49 | rabbitmq_erlang_cookie_file: /var/lib/rabbitmq/.erlang.cookie 50 | 51 | rabbitmq_listen_port: 5672 52 | rabbitmq_listeners: [] 53 | # - 127.0.0.1 54 | # - '::1' 55 | 56 | # Uncomment to set cluster partition handling strategy (https://www.rabbitmq.com/partitions.html) 57 | #rabbitmq_cluster_partition_handling: ignore 58 | 59 | rabbitmq_ssl_enable: false 60 | rabbitmq_ssl_port: 5671 61 | rabbitmq_ssl_listeners: [] 62 | # - 127.0.0.1 63 | # - "::1" 64 | 65 | rabitmq_ssl_options: {} 66 | # cacertfile: '"/path/to/testca/cacert.pem"' 67 | # certfile: '"/path/to/server/cert.pem"' 68 | # keyfile: '"/path/to/server/key.pem"' 69 | # verify: verify_peer 70 | # fail_if_no_peer_cert: "false" 71 | 72 | rabbitmq_redhat_repo_key: https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc 73 | rabbitmq_redhat_package: "rabbitmq-server-{{ rabbitmq_redhat_version }}-1.el{{ ansible_distribution_major_version }}.noarch.rpm" 74 | rabbitmq_redhat_url: "https://dl.cloudsmith.io/public/rabbitmq/rabbitmq-server/rpm/el/{{ ansible_distribution_major_version }}/noarch" 75 | rabbitmq_redhat_version: 3.12.10 76 | 77 | # Define extra vhosts to be created 78 | rabbitmq_extra_vhosts: [] 79 | # - name: / 80 | # state: present 81 | 82 | # Define admin user to create in order to login to WebUI 83 | rabbitmq_users: 84 | - name: rabbitmqadmin 85 | password: rabbitmqadmin 86 | vhost: / 87 | configure_priv: ".*" 88 | read_priv: ".*" 89 | write_priv: ".*" 90 | # Define comma separated list of tags to assign to user: 91 | # management,policymaker,monitoring,administrator 92 | # required for management plugin. 93 | # https://www.rabbitmq.com/management.html 94 | tags: administrator 95 | 96 | # comma separated list of plugins to enable 97 | rabbitmq_plugins: "rabbitmq_management" 98 | -------------------------------------------------------------------------------- /files/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mrlesmithjr/ansible-rabbitmq/7a75b2d87bc3fdde47c143f42cd6bb17e1e48561/files/.gitkeep -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for ansible-rabbitmq 3 | - name: restart rabbitmq-server 4 | ansible.builtin.service: 5 | name: rabbitmq-server 6 | state: restarted 7 | become: true 8 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | author: Larry Smith Jr. 4 | description: Ansible role to install/configure RabbitMQ 5 | license: MIT 6 | min_ansible_version: "1.2" 7 | role_name: rabbitmq 8 | namespace: mrlesmithjr 9 | platforms: 10 | - name: EL 11 | versions: 12 | - all 13 | - name: Fedora 14 | versions: 15 | - all 16 | - name: Ubuntu 17 | versions: 18 | - all 19 | - name: Debian 20 | versions: 21 | - all 22 | galaxy_tags: 23 | - clustering 24 | - system 25 | dependencies: [] 26 | -------------------------------------------------------------------------------- /molecule/centos7/INSTALL.rst: -------------------------------------------------------------------------------- 1 | ******* 2 | Docker driver installation guide 3 | ******* 4 | 5 | Requirements 6 | ============ 7 | 8 | * Docker Engine 9 | 10 | Install 11 | ======= 12 | 13 | Please refer to the `Virtual environment`_ documentation for installation best 14 | practices. If not using a virtual environment, please consider passing the 15 | widely recommended `'--user' flag`_ when invoking ``pip``. 16 | 17 | .. _Virtual environment: https://virtualenv.pypa.io/en/latest/ 18 | .. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site 19 | 20 | .. code-block:: bash 21 | 22 | $ pip install 'molecule[docker]' 23 | -------------------------------------------------------------------------------- /molecule/centos7/molecule.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependency: 3 | name: galaxy 4 | enabled: false 5 | options: 6 | role-file: requirements.yml 7 | driver: 8 | name: docker 9 | lint: | 10 | yamllint . 11 | ansible-lint 12 | flake8 13 | platforms: 14 | - name: centos7 15 | image: mrlesmithjr/centos:7 16 | privileged: true 17 | command: /usr/sbin/init 18 | # tmpfs: 19 | # - /run 20 | # - /tmp 21 | volumes: 22 | - /sys/fs/cgroup:/sys/fs/cgroup:rw 23 | cgroupns_mode: host 24 | # groups: [] 25 | provisioner: 26 | name: ansible 27 | playbooks: 28 | converge: ../shared/converge.yml 29 | prepare: ../shared/prepare.yml 30 | verify: ../shared/verify.yml 31 | verifier: 32 | name: ansible 33 | -------------------------------------------------------------------------------- /molecule/centos7/verify.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is an example playbook to execute Ansible tests. 3 | 4 | - name: Verify 5 | hosts: all 6 | tasks: 7 | - name: Example assertion 8 | ansible.builtin.assert: 9 | that: true 10 | -------------------------------------------------------------------------------- /molecule/centos8/INSTALL.rst: -------------------------------------------------------------------------------- 1 | ******* 2 | Docker driver installation guide 3 | ******* 4 | 5 | Requirements 6 | ============ 7 | 8 | * Docker Engine 9 | 10 | Install 11 | ======= 12 | 13 | Please refer to the `Virtual environment`_ documentation for installation best 14 | practices. If not using a virtual environment, please consider passing the 15 | widely recommended `'--user' flag`_ when invoking ``pip``. 16 | 17 | .. _Virtual environment: https://virtualenv.pypa.io/en/latest/ 18 | .. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site 19 | 20 | .. code-block:: bash 21 | 22 | $ pip install 'molecule[docker]' 23 | -------------------------------------------------------------------------------- /molecule/centos8/molecule.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependency: 3 | name: galaxy 4 | enabled: false 5 | options: 6 | role-file: requirements.yml 7 | driver: 8 | name: docker 9 | lint: | 10 | yamllint . 11 | ansible-lint 12 | flake8 13 | platforms: 14 | - name: centos8 15 | image: mrlesmithjr/centos:8 16 | privileged: true 17 | command: /usr/sbin/init 18 | # tmpfs: 19 | # - /run 20 | # - /tmp 21 | volumes: 22 | - /sys/fs/cgroup:/sys/fs/cgroup:rw 23 | cgroupns_mode: host 24 | # groups: [] 25 | provisioner: 26 | name: ansible 27 | playbooks: 28 | converge: ../shared/converge.yml 29 | prepare: ../shared/prepare.yml 30 | verify: ../shared/verify.yml 31 | verifier: 32 | name: ansible 33 | -------------------------------------------------------------------------------- /molecule/centos8/verify.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is an example playbook to execute Ansible tests. 3 | 4 | - name: Verify 5 | hosts: all 6 | tasks: 7 | - name: Example assertion 8 | ansible.builtin.assert: 9 | that: true 10 | -------------------------------------------------------------------------------- /molecule/debian10/INSTALL.rst: -------------------------------------------------------------------------------- 1 | ******* 2 | Docker driver installation guide 3 | ******* 4 | 5 | Requirements 6 | ============ 7 | 8 | * Docker Engine 9 | 10 | Install 11 | ======= 12 | 13 | Please refer to the `Virtual environment`_ documentation for installation best 14 | practices. If not using a virtual environment, please consider passing the 15 | widely recommended `'--user' flag`_ when invoking ``pip``. 16 | 17 | .. _Virtual environment: https://virtualenv.pypa.io/en/latest/ 18 | .. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site 19 | 20 | .. code-block:: bash 21 | 22 | $ pip install 'molecule[docker]' 23 | -------------------------------------------------------------------------------- /molecule/debian10/molecule.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependency: 3 | name: galaxy 4 | enabled: false 5 | options: 6 | role-file: requirements.yml 7 | driver: 8 | name: docker 9 | lint: | 10 | yamllint . 11 | ansible-lint 12 | flake8 13 | platforms: 14 | - name: debian10 15 | image: mrlesmithjr/debian:10 16 | privileged: true 17 | command: /lib/systemd/systemd 18 | # tmpfs: 19 | # - /run 20 | # - /tmp 21 | volumes: 22 | - /sys/fs/cgroup:/sys/fs/cgroup:rw 23 | cgroupns_mode: host 24 | # groups: [] 25 | provisioner: 26 | name: ansible 27 | playbooks: 28 | converge: ../shared/converge.yml 29 | prepare: ../shared/prepare.yml 30 | verify: ../shared/verify.yml 31 | verifier: 32 | name: ansible 33 | -------------------------------------------------------------------------------- /molecule/debian10/verify.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is an example playbook to execute Ansible tests. 3 | 4 | - name: Verify 5 | hosts: all 6 | tasks: 7 | - name: Example assertion 8 | ansible.builtin.assert: 9 | that: true 10 | -------------------------------------------------------------------------------- /molecule/debian8/INSTALL.rst: -------------------------------------------------------------------------------- 1 | ******* 2 | Docker driver installation guide 3 | ******* 4 | 5 | Requirements 6 | ============ 7 | 8 | * Docker Engine 9 | 10 | Install 11 | ======= 12 | 13 | Please refer to the `Virtual environment`_ documentation for installation best 14 | practices. If not using a virtual environment, please consider passing the 15 | widely recommended `'--user' flag`_ when invoking ``pip``. 16 | 17 | .. _Virtual environment: https://virtualenv.pypa.io/en/latest/ 18 | .. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site 19 | 20 | .. code-block:: bash 21 | 22 | $ pip install 'molecule[docker]' 23 | -------------------------------------------------------------------------------- /molecule/debian8/molecule.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependency: 3 | name: galaxy 4 | enabled: false 5 | options: 6 | role-file: requirements.yml 7 | driver: 8 | name: docker 9 | lint: | 10 | yamllint . 11 | ansible-lint 12 | flake8 13 | platforms: 14 | - name: debian8 15 | image: mrlesmithjr/debian:8 16 | privileged: true 17 | command: /lib/systemd/systemd 18 | # tmpfs: 19 | # - /run 20 | # - /tmp 21 | volumes: 22 | - /sys/fs/cgroup:/sys/fs/cgroup:rw 23 | cgroupns_mode: host 24 | # groups: [] 25 | provisioner: 26 | name: ansible 27 | playbooks: 28 | converge: ../shared/converge.yml 29 | prepare: ../shared/prepare.yml 30 | verify: ../shared/verify.yml 31 | verifier: 32 | name: ansible 33 | -------------------------------------------------------------------------------- /molecule/debian8/verify.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is an example playbook to execute Ansible tests. 3 | 4 | - name: Verify 5 | hosts: all 6 | tasks: 7 | - name: Example assertion 8 | ansible.builtin.assert: 9 | that: true 10 | -------------------------------------------------------------------------------- /molecule/debian9/INSTALL.rst: -------------------------------------------------------------------------------- 1 | ******* 2 | Docker driver installation guide 3 | ******* 4 | 5 | Requirements 6 | ============ 7 | 8 | * Docker Engine 9 | 10 | Install 11 | ======= 12 | 13 | Please refer to the `Virtual environment`_ documentation for installation best 14 | practices. If not using a virtual environment, please consider passing the 15 | widely recommended `'--user' flag`_ when invoking ``pip``. 16 | 17 | .. _Virtual environment: https://virtualenv.pypa.io/en/latest/ 18 | .. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site 19 | 20 | .. code-block:: bash 21 | 22 | $ pip install 'molecule[docker]' 23 | -------------------------------------------------------------------------------- /molecule/debian9/molecule.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependency: 3 | name: galaxy 4 | enabled: false 5 | options: 6 | role-file: requirements.yml 7 | driver: 8 | name: docker 9 | lint: | 10 | yamllint . 11 | ansible-lint 12 | flake8 13 | platforms: 14 | - name: debian9 15 | image: mrlesmithjr/debian:9 16 | privileged: true 17 | command: /lib/systemd/systemd 18 | # tmpfs: 19 | # - /run 20 | # - /tmp 21 | volumes: 22 | - /sys/fs/cgroup:/sys/fs/cgroup:rw 23 | cgroupns_mode: host 24 | # groups: [] 25 | provisioner: 26 | name: ansible 27 | playbooks: 28 | converge: ../shared/converge.yml 29 | prepare: ../shared/prepare.yml 30 | verify: ../shared/verify.yml 31 | verifier: 32 | name: ansible 33 | -------------------------------------------------------------------------------- /molecule/debian9/verify.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is an example playbook to execute Ansible tests. 3 | 4 | - name: Verify 5 | hosts: all 6 | tasks: 7 | - name: Example assertion 8 | ansible.builtin.assert: 9 | that: true 10 | -------------------------------------------------------------------------------- /molecule/fedora/INSTALL.rst: -------------------------------------------------------------------------------- 1 | ******* 2 | Docker driver installation guide 3 | ******* 4 | 5 | Requirements 6 | ============ 7 | 8 | * Docker Engine 9 | 10 | Install 11 | ======= 12 | 13 | Please refer to the `Virtual environment`_ documentation for installation best 14 | practices. If not using a virtual environment, please consider passing the 15 | widely recommended `'--user' flag`_ when invoking ``pip``. 16 | 17 | .. _Virtual environment: https://virtualenv.pypa.io/en/latest/ 18 | .. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site 19 | 20 | .. code-block:: bash 21 | 22 | $ pip install 'molecule[docker]' 23 | -------------------------------------------------------------------------------- /molecule/fedora/molecule.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependency: 3 | name: galaxy 4 | enabled: false 5 | options: 6 | role-file: requirements.yml 7 | driver: 8 | name: docker 9 | lint: | 10 | yamllint . 11 | ansible-lint 12 | flake8 13 | platforms: 14 | - name: fedora 15 | image: jrei/systemd-fedora 16 | privileged: true 17 | command: /usr/sbin/init 18 | tmpfs: 19 | - /run 20 | - /tmp 21 | volumes: 22 | - /sys/fs/cgroup:/sys/fs/cgroup:ro 23 | provisioner: 24 | name: ansible 25 | playbooks: 26 | converge: ../shared/converge.yml 27 | verifier: 28 | name: ansible 29 | -------------------------------------------------------------------------------- /molecule/fedora/verify.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is an example playbook to execute Ansible tests. 3 | 4 | - name: Verify 5 | hosts: all 6 | tasks: 7 | - name: Example assertion 8 | ansible.builtin.assert: 9 | that: true 10 | -------------------------------------------------------------------------------- /molecule/shared/converge.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Converge 3 | hosts: all 4 | tasks: 5 | - name: Include ansible-rabbitmq 6 | ansible.builtin.include_role: 7 | name: ansible-rabbitmq 8 | -------------------------------------------------------------------------------- /molecule/shared/prepare.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Prepare hosts for testing 3 | hosts: all 4 | tasks: 5 | - name: Update Apt Cache 6 | ansible.builtin.apt: 7 | update_cache: true 8 | become: true 9 | when: ansible_os_family == "Debian" 10 | -------------------------------------------------------------------------------- /molecule/shared/verify.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is an example playbook to execute Ansible tests. 3 | 4 | - name: Verify 5 | hosts: all 6 | tasks: 7 | - name: Example assertion 8 | ansible.builtin.assert: 9 | that: true 10 | -------------------------------------------------------------------------------- /molecule/ubuntu1604/INSTALL.rst: -------------------------------------------------------------------------------- 1 | ******* 2 | Docker driver installation guide 3 | ******* 4 | 5 | Requirements 6 | ============ 7 | 8 | * Docker Engine 9 | 10 | Install 11 | ======= 12 | 13 | Please refer to the `Virtual environment`_ documentation for installation best 14 | practices. If not using a virtual environment, please consider passing the 15 | widely recommended `'--user' flag`_ when invoking ``pip``. 16 | 17 | .. _Virtual environment: https://virtualenv.pypa.io/en/latest/ 18 | .. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site 19 | 20 | .. code-block:: bash 21 | 22 | $ pip install 'molecule[docker]' 23 | -------------------------------------------------------------------------------- /molecule/ubuntu1604/molecule.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependency: 3 | name: galaxy 4 | enabled: false 5 | options: 6 | role-file: requirements.yml 7 | driver: 8 | name: docker 9 | lint: | 10 | yamllint . 11 | ansible-lint 12 | flake8 13 | platforms: 14 | - name: ubuntu1604 15 | image: mrlesmithjr/ubuntu:16.04 16 | privileged: true 17 | command: /lib/systemd/systemd 18 | # tmpfs: 19 | # - /run 20 | # - /tmp 21 | volumes: 22 | - /sys/fs/cgroup:/sys/fs/cgroup:rw 23 | cgroupns_mode: host 24 | # groups: [] 25 | provisioner: 26 | name: ansible 27 | playbooks: 28 | converge: ../shared/converge.yml 29 | prepare: ../shared/prepare.yml 30 | verify: ../shared/verify.yml 31 | verifier: 32 | name: ansible 33 | -------------------------------------------------------------------------------- /molecule/ubuntu1604/verify.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is an example playbook to execute Ansible tests. 3 | 4 | - name: Verify 5 | hosts: all 6 | tasks: 7 | - name: Example assertion 8 | ansible.builtin.assert: 9 | that: true 10 | -------------------------------------------------------------------------------- /molecule/ubuntu1804/INSTALL.rst: -------------------------------------------------------------------------------- 1 | ******* 2 | Docker driver installation guide 3 | ******* 4 | 5 | Requirements 6 | ============ 7 | 8 | * Docker Engine 9 | 10 | Install 11 | ======= 12 | 13 | Please refer to the `Virtual environment`_ documentation for installation best 14 | practices. If not using a virtual environment, please consider passing the 15 | widely recommended `'--user' flag`_ when invoking ``pip``. 16 | 17 | .. _Virtual environment: https://virtualenv.pypa.io/en/latest/ 18 | .. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site 19 | 20 | .. code-block:: bash 21 | 22 | $ pip install 'molecule[docker]' 23 | -------------------------------------------------------------------------------- /molecule/ubuntu1804/molecule.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependency: 3 | name: galaxy 4 | enabled: false 5 | options: 6 | role-file: requirements.yml 7 | driver: 8 | name: docker 9 | lint: | 10 | yamllint . 11 | ansible-lint 12 | flake8 13 | platforms: 14 | - name: ubuntu1804 15 | image: mrlesmithjr/ubuntu:18.04 16 | privileged: true 17 | command: /lib/systemd/systemd 18 | # tmpfs: 19 | # - /run 20 | # - /tmp 21 | volumes: 22 | - /sys/fs/cgroup:/sys/fs/cgroup:rw 23 | cgroupns_mode: host 24 | # groups: [] 25 | provisioner: 26 | name: ansible 27 | playbooks: 28 | converge: ../shared/converge.yml 29 | prepare: ../shared/prepare.yml 30 | verify: ../shared/verify.yml 31 | verifier: 32 | name: ansible 33 | -------------------------------------------------------------------------------- /molecule/ubuntu1804/verify.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is an example playbook to execute Ansible tests. 3 | 4 | - name: Verify 5 | hosts: all 6 | tasks: 7 | - name: Example assertion 8 | ansible.builtin.assert: 9 | that: true 10 | -------------------------------------------------------------------------------- /molecule/ubuntu2004/INSTALL.rst: -------------------------------------------------------------------------------- 1 | ******* 2 | Docker driver installation guide 3 | ******* 4 | 5 | Requirements 6 | ============ 7 | 8 | * Docker Engine 9 | 10 | Install 11 | ======= 12 | 13 | Please refer to the `Virtual environment`_ documentation for installation best 14 | practices. If not using a virtual environment, please consider passing the 15 | widely recommended `'--user' flag`_ when invoking ``pip``. 16 | 17 | .. _Virtual environment: https://virtualenv.pypa.io/en/latest/ 18 | .. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site 19 | 20 | .. code-block:: bash 21 | 22 | $ pip install 'molecule[docker]' 23 | -------------------------------------------------------------------------------- /molecule/ubuntu2004/converge.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Converge 3 | hosts: all 4 | vars: 5 | rabbitmq_debian_version_defined: false 6 | rabbitmq_debian_repo: "deb https://dl.bintray.com/rabbitmq-erlang/debian {{ ansible_distribution_release }} erlang-22.x" 7 | tasks: 8 | - name: Include ansible-rabbitmq 9 | ansible.builtin.include_role: 10 | name: ansible-rabbitmq 11 | -------------------------------------------------------------------------------- /molecule/ubuntu2004/molecule.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependency: 3 | name: galaxy 4 | enabled: false 5 | options: 6 | role-file: requirements.yml 7 | driver: 8 | name: docker 9 | lint: | 10 | yamllint . 11 | ansible-lint 12 | flake8 13 | platforms: 14 | - name: ubuntu2004 15 | image: mrlesmithjr/ubuntu:20.04 16 | privileged: true 17 | command: /lib/systemd/systemd 18 | # tmpfs: 19 | # - /run 20 | # - /tmp 21 | volumes: 22 | - /sys/fs/cgroup:/sys/fs/cgroup:rw 23 | cgroupns_mode: host 24 | # groups: [] 25 | provisioner: 26 | name: ansible 27 | playbooks: 28 | converge: ../shared/converge.yml 29 | prepare: ../shared/prepare.yml 30 | verify: ../shared/verify.yml 31 | verifier: 32 | name: ansible 33 | -------------------------------------------------------------------------------- /molecule/ubuntu2004/verify.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This is an example playbook to execute Ansible tests. 3 | 4 | - name: Verify 5 | hosts: all 6 | tasks: 7 | - name: Example assertion 8 | ansible.builtin.assert: 9 | that: true 10 | -------------------------------------------------------------------------------- /playbook.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Example Playbook 3 | hosts: all 4 | tasks: 5 | - name: Include ansible-rabbitmq 6 | ansible.builtin.include_role: 7 | name: ansible-rabbitmq 8 | -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- 1 | [tool.poetry] 2 | name = "ansible-rabbitmq" 3 | version = "0.1.0" 4 | description = "" 5 | authors = ["Larry Smith Jr. "] 6 | 7 | [tool.poetry.dependencies] 8 | python = ">=3.8.1,<4.0" 9 | ansible = "6.6.0" 10 | 11 | [tool.poetry.group.dev.dependencies] 12 | ansible-lint = "6.8.7" 13 | black = "^22.10.0" 14 | pylint = "^2.15.7" 15 | molecule = {extras = ["docker"], version = "^4.0.3"} 16 | flake8 = "^6.0.0" 17 | cookiecutter = "^2.1.1" 18 | pre-commit = "^2.20.0" 19 | 20 | [build-system] 21 | requires = ["poetry-core>=1.0.0"] 22 | build-backend = "poetry.core.masonry.api" 23 | -------------------------------------------------------------------------------- /requirements-dev.txt: -------------------------------------------------------------------------------- 1 | ansible-compat==3.0.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 2 | ansible-core==2.13.13 ; python_full_version >= "3.8.1" and python_version < "4.0" 3 | ansible-lint==6.8.7 ; python_full_version >= "3.8.1" and python_version < "4.0" 4 | ansible==6.6.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 5 | arrow==1.3.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 6 | astroid==2.15.8 ; python_full_version >= "3.8.1" and python_version < "4.0" 7 | attrs==23.1.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 8 | binaryornot==0.4.4 ; python_full_version >= "3.8.1" and python_version < "4.0" 9 | black==22.12.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 10 | bracex==2.4 ; python_full_version >= "3.8.1" and python_version < "4.0" 11 | certifi==2023.11.17 ; python_full_version >= "3.8.1" and python_version < "4.0" 12 | cffi==1.16.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 13 | cfgv==3.4.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 14 | chardet==5.2.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 15 | charset-normalizer==3.3.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 16 | click-help-colors==0.9.4 ; python_full_version >= "3.8.1" and python_version < "4.0" 17 | click==8.1.7 ; python_full_version >= "3.8.1" and python_version < "4.0" 18 | colorama==0.4.6 ; python_full_version >= "3.8.1" and python_version < "4.0" and (sys_platform == "win32" or platform_system == "Windows") 19 | cookiecutter==2.5.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 20 | cryptography==41.0.7 ; python_full_version >= "3.8.1" and python_version < "4.0" 21 | dill==0.3.7 ; python_full_version >= "3.8.1" and python_version < "4.0" 22 | distlib==0.3.8 ; python_full_version >= "3.8.1" and python_version < "4.0" 23 | distro==1.8.0 ; python_full_version >= "3.8.1" and python_version < "4.0" and (sys_platform == "linux" or sys_platform == "linux2") 24 | docker==7.0.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 25 | enrich==1.2.7 ; python_full_version >= "3.8.1" and python_version < "4.0" 26 | filelock==3.13.1 ; python_full_version >= "3.8.1" and python_version < "4.0" 27 | flake8==6.1.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 28 | identify==2.5.33 ; python_full_version >= "3.8.1" and python_version < "4.0" 29 | idna==3.6 ; python_full_version >= "3.8.1" and python_version < "4.0" 30 | importlib-resources==6.1.1 ; python_full_version >= "3.8.1" and python_version < "3.9" 31 | isort==5.13.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 32 | jinja2==3.1.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 33 | jsonschema-specifications==2023.11.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 34 | jsonschema==4.20.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 35 | lazy-object-proxy==1.10.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 36 | markdown-it-py==3.0.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 37 | markupsafe==2.1.3 ; python_full_version >= "3.8.1" and python_version < "4.0" 38 | mccabe==0.7.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 39 | mdurl==0.1.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 40 | molecule-docker==2.1.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 41 | molecule==4.0.4 ; python_full_version >= "3.8.1" and python_version < "4.0" 42 | molecule[docker]==4.0.4 ; python_full_version >= "3.8.1" and python_version < "4.0" 43 | mypy-extensions==1.0.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 44 | nodeenv==1.8.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 45 | packaging==23.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 46 | pathspec==0.12.1 ; python_full_version >= "3.8.1" and python_version < "4.0" 47 | pkgutil-resolve-name==1.3.10 ; python_full_version >= "3.8.1" and python_version < "3.9" 48 | platformdirs==4.1.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 49 | pluggy==1.3.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 50 | pre-commit==2.21.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 51 | pycodestyle==2.11.1 ; python_full_version >= "3.8.1" and python_version < "4.0" 52 | pycparser==2.21 ; python_full_version >= "3.8.1" and python_version < "4.0" 53 | pyflakes==3.1.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 54 | pygments==2.17.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 55 | pylint==2.17.7 ; python_full_version >= "3.8.1" and python_version < "4.0" 56 | python-dateutil==2.8.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 57 | python-slugify==8.0.1 ; python_full_version >= "3.8.1" and python_version < "4.0" 58 | pywin32==306 ; python_full_version >= "3.8.1" and python_version < "4.0" and sys_platform == "win32" 59 | pyyaml==6.0.1 ; python_full_version >= "3.8.1" and python_version < "4.0" 60 | referencing==0.32.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 61 | requests==2.31.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 62 | resolvelib==0.8.1 ; python_full_version >= "3.8.1" and python_version < "4.0" 63 | rich==13.7.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 64 | rpds-py==0.15.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 65 | ruamel-yaml-clib==0.2.8 ; platform_python_implementation == "CPython" and python_version < "3.13" and python_full_version >= "3.8.1" 66 | ruamel-yaml==0.17.40 ; python_full_version >= "3.8.1" and python_version < "4.0" 67 | selinux==0.2.1 ; python_full_version >= "3.8.1" and python_version < "4.0" and (sys_platform == "linux" or sys_platform == "linux2") 68 | setuptools==69.0.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 69 | six==1.16.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 70 | subprocess-tee==0.4.1 ; python_full_version >= "3.8.1" and python_version < "4.0" 71 | text-unidecode==1.3 ; python_full_version >= "3.8.1" and python_version < "4.0" 72 | tomli==2.0.1 ; python_full_version >= "3.8.1" and python_full_version < "3.11.0a7" 73 | tomlkit==0.12.3 ; python_full_version >= "3.8.1" and python_version < "4.0" 74 | types-python-dateutil==2.8.19.14 ; python_full_version >= "3.8.1" and python_version < "4.0" 75 | typing-extensions==4.9.0 ; python_full_version >= "3.8.1" and python_version < "3.11" 76 | urllib3==2.1.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 77 | virtualenv==20.25.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 78 | wcmatch==8.5 ; python_full_version >= "3.8.1" and python_version < "4.0" 79 | wrapt==1.16.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 80 | yamllint==1.33.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 81 | zipp==3.17.0 ; python_full_version >= "3.8.1" and python_version < "3.9" 82 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | ansible-core==2.13.13 ; python_full_version >= "3.8.1" and python_version < "4.0" 2 | ansible==6.6.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 3 | cffi==1.16.0 ; python_full_version >= "3.8.1" and python_version < "4.0" 4 | cryptography==41.0.7 ; python_full_version >= "3.8.1" and python_version < "4.0" 5 | jinja2==3.1.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 6 | markupsafe==2.1.3 ; python_full_version >= "3.8.1" and python_version < "4.0" 7 | packaging==23.2 ; python_full_version >= "3.8.1" and python_version < "4.0" 8 | pycparser==2.21 ; python_full_version >= "3.8.1" and python_version < "4.0" 9 | pyyaml==6.0.1 ; python_full_version >= "3.8.1" and python_version < "4.0" 10 | resolvelib==0.8.1 ; python_full_version >= "3.8.1" and python_version < "4.0" 11 | -------------------------------------------------------------------------------- /requirements.yml: -------------------------------------------------------------------------------- 1 | --- 2 | collections: 3 | - name: community.docker 4 | version: "*" # Need to ensure that the latest version is installed or Molecule fails 5 | roles: [] 6 | -------------------------------------------------------------------------------- /tasks/config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: config | Configuring RabbitMQ 3 | ansible.builtin.template: 4 | src: "{{ rabbitmq_config_file }}" 5 | dest: "/etc/rabbitmq/rabbitmq.config" 6 | mode: u=rw,g=r,o=r 7 | become: true 8 | notify: "restart rabbitmq-server" 9 | 10 | - name: config | Configuring RabbitMQ environemnt 11 | ansible.builtin.template: 12 | src: "{{ rabbitmq_config_env_file }}" 13 | dest: "/etc/rabbitmq/rabbitmq-env.conf" 14 | mode: u=rw,g=r,o=r 15 | become: true 16 | notify: "restart rabbitmq-server" 17 | -------------------------------------------------------------------------------- /tasks/debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: debian | Adding Pre-Reqs 3 | ansible.builtin.apt: 4 | name: 5 | - gnupg2 6 | - apt-transport-https 7 | state: present 8 | update_cache: true 9 | become: true 10 | register: result 11 | until: result is successful 12 | 13 | - name: debian | add RabbitMQ repo GPG Signin Keys 14 | ansible.builtin.get_url: 15 | url: "{{ rabbitmq_debian_repo_key }}" 16 | dest: "/usr/share/keyrings/rabbitmq-server.asc" 17 | mode: "0644" 18 | become: true 19 | register: result 20 | until: result is successful 21 | 22 | - name: debian | adding RabbitMQ repo 23 | ansible.builtin.apt_repository: 24 | repo: "{{ rabbitmq_debian_repo }}" 25 | state: present 26 | become: true 27 | register: result 28 | until: result is successful 29 | 30 | - name: debian | adding RabbitMQ relang repo public GPG key to the apt repo 31 | ansible.builtin.get_url: 32 | url: "{{ rabbitmq_debian_erlang_repo_key }}" 33 | dest: "/usr/share/keyrings/rabbitmq-erlang.asc" 34 | mode: "0644" 35 | become: true 36 | register: result 37 | until: result is successful 38 | 39 | - name: debian | add Rabbitmq erlang repo 40 | ansible.builtin.apt_repository: 41 | repo: "{{ rabbitmq_debian_erlang_repo }}" 42 | state: present 43 | become: true 44 | when: rabbitmq_debian_erlang_from_rabbit 45 | 46 | - name: debian | installing RabbitMQ server 47 | ansible.builtin.apt: 48 | name: 49 | - rabbitmq-server{{ (rabbitmq_debian_version_defined and rabbitmq_debian_version is defined) | ternary(['=', rabbitmq_debian_version] | join(''), '') }} 50 | state: present 51 | become: true 52 | register: result 53 | until: result is successful 54 | 55 | - name: debian | ensuring that the RabbitMQ service is running 56 | ansible.builtin.service: 57 | name: rabbitmq-server 58 | state: started 59 | enabled: yes 60 | become: true 61 | -------------------------------------------------------------------------------- /tasks/fedora.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: fedora | installing pre-reqs 3 | ansible.builtin.dnf: 4 | name: ['wget'] 5 | state: present 6 | become: true 7 | register: result 8 | until: result is successful 9 | 10 | - name: fedora | installing erlang 11 | ansible.builtin.dnf: 12 | name: ['erlang'] 13 | state: present 14 | become: true 15 | register: result 16 | until: result is successful 17 | 18 | - name: fedora | adding RabbitMQ public GPG key 19 | ansible.builtin.rpm_key: 20 | key: "{{ rabbitmq_redhat_repo_key }}" 21 | state: present 22 | become: true 23 | register: result 24 | until: result is successful 25 | 26 | - name: fedora | downloading RabbitMQ 27 | ansible.builtin.get_url: 28 | url: "{{ rabbitmq_redhat_url }}/{{ rabbitmq_redhat_package }}" 29 | dest: "/opt/{{ rabbitmq_redhat_package }}" 30 | mode: u=rw,g=r,o=r 31 | become: true 32 | 33 | - name: fedora | installing RabbitMQ 34 | ansible.builtin.dnf: 35 | name: "/opt/{{ rabbitmq_redhat_package }}" 36 | state: present 37 | become: true 38 | register: result 39 | until: result is successful 40 | 41 | - name: fedora | starting and enabling RabbitMQ service 42 | ansible.builtin.service: 43 | name: rabbitmq-server 44 | state: started 45 | enabled: true 46 | become: true 47 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for ansible-rabbitmq 3 | - name: Include Debian tasks 4 | ansible.builtin.include_tasks: debian.yml 5 | when: ansible_os_family == "Debian" 6 | 7 | - name: Include RedHat tasks 8 | ansible.builtin.include_tasks: redhat.yml 9 | when: > 10 | ansible_distribution == "CentOS" or 11 | ansible_distribution == "Red Hat Enterprise Linux" or 12 | ansible_distribution == "OracleLinux" 13 | 14 | - name: Include Fedora tasks 15 | ansible.builtin.include_tasks: fedora.yml 16 | when: ansible_distribution == "Fedora" 17 | 18 | - name: Manage RabbitMQ plugins 19 | ansible.builtin.include_tasks: rabbitmq_plugins.yml 20 | when: rabbitmq_plugins is defined 21 | 22 | - name: Configure RabbitMQ 23 | ansible.builtin.include_tasks: config.yml 24 | when: rabbitmq_config_service 25 | 26 | - name: checking to see if already clustered 27 | ansible.builtin.stat: 28 | path: /etc/rabbitmq/clustered 29 | become: true 30 | register: clustered 31 | 32 | - name: Manage RabbitMQ clustering 33 | ansible.builtin.include_tasks: rabbitmq_clustering.yml 34 | when: > 35 | rabbitmq_enable_clustering and 36 | not clustered['stat']['exists'] 37 | 38 | - name: Manage RabbitMQ virtual hosts 39 | ansible.builtin.include_tasks: rabbitmq_vhosts.yml 40 | when: rabbitmq_extra_vhosts is defined 41 | 42 | - name: Configure RabbitMQ 43 | ansible.builtin.include_tasks: rabbitmq_config.yml 44 | when: > 45 | rabbitmq_enable_clustering and 46 | rabbitmq_config is defined 47 | 48 | - name: Manage RabbitMQ users 49 | ansible.builtin.include_tasks: rabbitmq_users.yml 50 | when: rabbitmq_users is defined 51 | -------------------------------------------------------------------------------- /tasks/rabbitmq_clustering.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: rabbitmq_clustering | stopping rabbitmq app # noqa no-changed-when 3 | ansible.builtin.command: rabbitmqctl stop_app 4 | become: true 5 | when: inventory_hostname != rabbitmq_master 6 | 7 | - name: rabbitmq_clustering | resetting rabbitmq app # noqa no-changed-when 8 | ansible.builtin.command: rabbitmqctl reset 9 | become: true 10 | when: inventory_hostname != rabbitmq_master 11 | 12 | - name: rabbitmq_clustering | stopping rabbitmq-server 13 | ansible.builtin.service: 14 | name: rabbitmq-server 15 | state: stopped 16 | become: true 17 | 18 | - name: rabbitmq_clustering | Capturing Erlang Cookie On Master # noqa no-changed-when 19 | ansible.builtin.command: "cat {{ rabbitmq_erlang_cookie_file }}" 20 | become: true 21 | register: "rabbitmq_erlang_cookie" 22 | when: inventory_hostname == rabbitmq_master 23 | 24 | - name: rabbitmq_clustering | Setting Erlang Cookie Of Master on Non-Master 25 | ansible.builtin.set_fact: 26 | rabbitmq_erlang_cookie: "{{ hostvars[rabbitmq_master]['rabbitmq_erlang_cookie']['stdout'] }}" 27 | when: inventory_hostname != rabbitmq_master 28 | 29 | - name: rabbitmq_clustering | copy erlang cookie 30 | ansible.builtin.template: 31 | src: erlang.cookie.j2 32 | dest: "{{ rabbitmq_erlang_cookie_file }}" 33 | owner: rabbitmq 34 | group: rabbitmq 35 | mode: 0400 36 | # backing up in case the need to recover 37 | backup: yes 38 | become: true 39 | when: inventory_hostname != rabbitmq_master 40 | 41 | - name: rabbitmq_clustering | restarting rabbitmq-server on master 42 | ansible.builtin.service: 43 | name: rabbitmq-server 44 | state: restarted 45 | become: true 46 | when: inventory_hostname == rabbitmq_master 47 | 48 | - name: rabbitmq_clustering | starting rabbitmq app on master # noqa no-changed-when 49 | ansible.builtin.command: rabbitmqctl start_app 50 | register: cluster_master 51 | become: true 52 | when: inventory_hostname == rabbitmq_master 53 | 54 | - name: rabbitmq_clustering | sending sigterm to any running rabbitmq processes # noqa no-changed-when 55 | ansible.builtin.shell: pkill -u rabbitmq || true 56 | become: true 57 | when: inventory_hostname != rabbitmq_master 58 | 59 | - name: rabbitmq_clustering | restarting rabbitmq-server 60 | ansible.builtin.service: 61 | name: rabbitmq-server 62 | state: restarted 63 | become: true 64 | when: inventory_hostname != rabbitmq_master 65 | 66 | - name: rabbitmq_clustering | stopping rabbitmq app # noqa no-changed-when 67 | ansible.builtin.command: rabbitmqctl stop_app 68 | become: true 69 | when: inventory_hostname != rabbitmq_master 70 | 71 | - name: rabbitmq_clustering | resetting rabbitmq app # noqa no-changed-when 72 | ansible.builtin.command: rabbitmqctl reset 73 | become: true 74 | when: inventory_hostname != rabbitmq_master 75 | 76 | - name: rabbitmq_clustering | joining rabbitmq cluster # noqa no-changed-when 77 | ansible.builtin.command: rabbitmqctl join_cluster "rabbit@{{ hostvars[rabbitmq_master]['ansible_hostname'] }}" 78 | register: cluster_joined 79 | become: true 80 | when: inventory_hostname != rabbitmq_master 81 | 82 | - name: rabbitmq_clustering | starting rabbitmq app # noqa no-changed-when 83 | ansible.builtin.command: rabbitmqctl start_app 84 | become: true 85 | when: inventory_hostname != rabbitmq_master 86 | 87 | - name: rabbitmq_clustering | marking as clustered # noqa no-handler 88 | ansible.builtin.file: 89 | path: /etc/rabbitmq/clustered 90 | state: touch 91 | mode: u=rw,g=r,o=r 92 | become: true 93 | when: > 94 | cluster_master['changed'] or 95 | cluster_joined['changed'] 96 | -------------------------------------------------------------------------------- /tasks/rabbitmq_config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: rabbitmq_config | checking if rabbitmqadmin is installed 3 | ansible.builtin.stat: 4 | path: /usr/sbin/rabbitmqadmin 5 | register: rabbitmqadmin_check 6 | 7 | - name: rabbit_config | Installing rabbitMQ admin 8 | ansible.builtin.get_url: 9 | url: http://guest:guest@localhost:15672/cli/rabbitmqadmin 10 | dest: /usr/sbin/rabbitmqadmin 11 | mode: u=rwx,g=rw,o=rw 12 | become: true 13 | notify: restart rabbitmq-server 14 | when: not rabbitmqadmin_check['stat']['exists'] 15 | 16 | - name: rabbitmq_config | creating exchange(s) # noqa no-changed-when 17 | ansible.builtin.command: rabbitmqadmin declare exchange name={{ item['exchange_name'] }} type={{ item['type'] }} --vhost={{ item['vhost'] | default('/') }} 18 | run_once: true 19 | delegate_to: "{{ rabbitmq_master }}" 20 | become: true 21 | with_items: "{{ rabbitmq_config }}" 22 | when: item['exchange_name'] is defined 23 | 24 | - name: rabbitmq_config | creating queue(s) # noqa no-changed-when 25 | ansible.builtin.command: rabbitmqadmin declare queue name={{ item['queue_name'] }} durable={{ item['durable'] | lower }} --vhost={{ item['vhost'] | default('/') }} queue_type={{ item['queue_type'] | default('classic') }} 26 | run_once: true 27 | delegate_to: "{{ rabbitmq_master }}" 28 | become: true 29 | when: 30 | - item['queue_name'] is defined 31 | with_items: "{{ rabbitmq_config }}" 32 | 33 | - name: rabbitmq_config | Manage RabbitMQ HA 34 | ansible.builtin.include_tasks: rabbitmq_ha_config.yml 35 | when: rabbitmq_config_ha 36 | 37 | - name: rabbitmq_config | creating binding(s) # noqa no-changed-when 38 | ansible.builtin.command: rabbitmqadmin declare binding source={{ item['exchange_name'] }} destination_type="queue" destination={{ item['queue_name'] }} routing_key={{ item['routing_key'] }} --vhost={{ item['vhost'] | default('/') }} # noqa 204 39 | run_once: true 40 | delegate_to: "{{ rabbitmq_master }}" 41 | become: true 42 | with_items: "{{ rabbitmq_config }}" 43 | when: item['exchange_name'] is defined and item['queue_name'] is defined 44 | -------------------------------------------------------------------------------- /tasks/rabbitmq_ha_config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: rabbitmq_ha_config | setting up ha on queue(s) 3 | community.rabbitmq.rabbitmq_policy: 4 | name: "ha-all{{ policy_name }}" 5 | pattern: "{{ item.queue_name | default(item.policy_pattern) }}" 6 | vhost: "{{ item.vhost | default('/') }}" 7 | tags: "{{ item.tags }}" 8 | state: present 9 | vars: 10 | policy_vhost: "{{ item.vhost | default('/') }}" 11 | policy_name: "{{ item.policy_pattern is defined | ternary(policy_vhost + item.policy_pattern | default(''), item.queue_name | default('')) }}" 12 | run_once: true 13 | delegate_to: "{{ rabbitmq_master }}" 14 | become: true 15 | when: item.queue_name is defined or item.policy_pattern is defined 16 | with_items: "{{ rabbitmq_config }}" 17 | -------------------------------------------------------------------------------- /tasks/rabbitmq_plugins.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: rabbitmq_plugins | installing plugin(s) 3 | community.rabbitmq.rabbitmq_plugin: 4 | name: "{{ rabbitmq_plugins }}" 5 | become: true 6 | when: rabbitmq_plugins 7 | notify: restart rabbitmq-server 8 | -------------------------------------------------------------------------------- /tasks/rabbitmq_users.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: rabbitmq_users | creating rabbitmq users 3 | community.rabbitmq.rabbitmq_user: 4 | name: "{{ item['name'] }}" 5 | password: "{{ item['password'] }}" 6 | vhost: "{{ item['vhost'] | default(omit) }}" 7 | configure_priv: "{{ item['configure_priv'] | default(omit) }}" 8 | read_priv: "{{ item['read_priv'] | default(omit) }}" 9 | write_priv: "{{ item['write_priv'] | default(omit) }}" 10 | tags: "{{ item['tags'] | default(omit) }}" 11 | permissions: "{{ item['permissions'] | default(omit) }}" 12 | state: present 13 | become: true 14 | loop: "{{ rabbitmq_users }}" 15 | loop_control: 16 | label: "{{ item.name }}" 17 | when: > 18 | (rabbitmq_enable_clustering is defined and 19 | not rabbitmq_enable_clustering) or 20 | rabbitmq_enable_clustering is not defined 21 | 22 | - name: rabbitmq_users | creating rabbitmq users 23 | community.rabbitmq.rabbitmq_user: 24 | name: "{{ item['name'] }}" 25 | password: "{{ item['password'] }}" 26 | vhost: "{{ item['vhost'] | default(omit) }}" 27 | configure_priv: "{{ item['configure_priv'] | default(omit) }}" 28 | read_priv: "{{ item['read_priv'] | default(omit) }}" 29 | write_priv: "{{ item['write_priv'] | default(omit) }}" 30 | tags: "{{ item['tags'] | default(omit) }}" 31 | permissions: "{{ item['permissions'] | default(omit) }}" 32 | state: present 33 | run_once: yes 34 | delegate_to: "{{ rabbitmq_master }}" 35 | become: true 36 | loop: "{{ rabbitmq_users }}" 37 | loop_control: 38 | label: "{{ item.name }}" 39 | when: > 40 | rabbitmq_enable_clustering is defined and 41 | rabbitmq_enable_clustering 42 | -------------------------------------------------------------------------------- /tasks/rabbitmq_vhosts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: rabbitmq_extra_vhosts | Create vhosts 3 | community.rabbitmq.rabbitmq_vhost: 4 | name: "{{ item['name'] }}" 5 | state: "{{ item['state'] }}" 6 | become: true 7 | with_items: "{{ rabbitmq_extra_vhosts }}" 8 | run_once: "{{ rabbitmq_enable_clustering is defined and rabbitmq_enable_clustering }}" 9 | register: rabbitmq_created_vhosts 10 | 11 | - name: rabbitmq_extra_vhosts | Check guest administrator is present # noqa no-handler 12 | ansible.builtin.command: rabbitmqctl -q list_users 13 | become: true 14 | run_once: "{{ rabbitmq_enable_clustering is defined and rabbitmq_enable_clustering }}" 15 | when: rabbitmq_created_vhosts.changed 16 | changed_when: false 17 | register: rabbitmq_existing_users 18 | 19 | - name: rabbitmq_extra_vhosts | Give access to new vhosts to guest administrator # noqa no-changed-when 20 | ansible.builtin.command: "rabbitmqctl -q set_permissions -p {{ item['name'] }} guest '.*' '.*' '.*'" 21 | become: true 22 | run_once: "{{ rabbitmq_enable_clustering is defined and rabbitmq_enable_clustering }}" 23 | with_items: "{{ rabbitmq_created_vhosts.results | selectattr('changed') | list }}" 24 | when: 25 | - item['state'] == 'present' 26 | - rabbitmq_existing_users.stdout_lines | map('regex_search', '^guest\\s\\[.*administrator.*\\]$') | list | difference([None]) | length > 0 27 | -------------------------------------------------------------------------------- /tasks/redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: redhat | installing pre-reqs 3 | ansible.builtin.yum: 4 | name: ['epel-release', 'wget'] 5 | state: present 6 | become: true 7 | register: result 8 | until: result is successful 9 | 10 | - name: redhat | installing erlang 11 | ansible.builtin.yum: 12 | name: erlang 13 | state: present 14 | become: true 15 | register: result 16 | until: result is successful 17 | 18 | - name: redhat | adding RabbitMQ public GPG key 19 | ansible.builtin.rpm_key: 20 | key: "{{ rabbitmq_redhat_repo_key }}" 21 | state: present 22 | become: true 23 | register: result 24 | until: result is successful 25 | 26 | - name: redhat | downloading RabbitMQ 27 | ansible.builtin.get_url: 28 | url: "{{ rabbitmq_redhat_url }}/{{ rabbitmq_redhat_package }}" 29 | dest: "/opt/{{ rabbitmq_redhat_package }}" 30 | mode: u=rw,g=r,o=r 31 | become: true 32 | 33 | - name: redhat | installing RabbitMQ 34 | ansible.builtin.yum: 35 | name: "/opt/{{ rabbitmq_redhat_package }}" 36 | state: present 37 | become: true 38 | register: result 39 | until: result is successful 40 | 41 | - name: redhat | starting and enabling RabbitMQ service 42 | ansible.builtin.service: 43 | name: rabbitmq-server 44 | state: started 45 | enabled: yes 46 | become: true 47 | -------------------------------------------------------------------------------- /templates/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mrlesmithjr/ansible-rabbitmq/7a75b2d87bc3fdde47c143f42cd6bb17e1e48561/templates/.gitkeep -------------------------------------------------------------------------------- /templates/erlang.cookie.j2: -------------------------------------------------------------------------------- 1 | {{ rabbitmq_erlang_cookie }} 2 | -------------------------------------------------------------------------------- /templates/etc/rabbitmq/rabbitmq-env.conf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | # Note that the variables do not have the RABBITMQ_ prefix. 3 | # 4 | {% for key, value in rabbitmq_env_config.items() %} 5 | {{ key }}={{ value }} 6 | {% endfor %} 7 | -------------------------------------------------------------------------------- /templates/etc/rabbitmq/rabbitmq.config: -------------------------------------------------------------------------------- 1 | %% -*- mode: erlang -*- 2 | %% ---------------------------------------------------------------------------- 3 | %% RabbitMQ Sample Configuration File. 4 | %% 5 | %% See http://www.rabbitmq.com/configure.html for details. 6 | %% ---------------------------------------------------------------------------- 7 | [ 8 | {rabbit, 9 | [%% 10 | %% Network Connectivity 11 | %% ==================== 12 | %% 13 | 14 | %% By default, RabbitMQ will listen on all interfaces, using 15 | %% the standard (reserved) AMQP port. 16 | %% 17 | %% {tcp_listeners, [5672]}, 18 | 19 | %% To listen on a specific interface, provide a tuple of {IpAddress, Port}. 20 | %% For example, to listen only on localhost for both IPv4 and IPv6: 21 | %% 22 | %% {tcp_listeners, [{"127.0.0.1", 5672}, 23 | %% {"::1", 5672}]}, 24 | 25 | %% SSL listeners are configured in the same fashion as TCP listeners, 26 | %% including the option to control the choice of interface. 27 | %% 28 | %% {ssl_listeners, [5671]}, 29 | 30 | %% Number of Erlang processes that will accept connections for the TCP 31 | %% and SSL listeners. 32 | %% 33 | %% {num_tcp_acceptors, 10}, 34 | %% {num_ssl_acceptors, 1}, 35 | 36 | %% Maximum time for AMQP 0-8/0-9/0-9-1 handshake (after socket connection 37 | %% and SSL handshake), in milliseconds. 38 | %% 39 | %% {handshake_timeout, 10000}, 40 | 41 | %% Log levels (currently just used for connection logging). 42 | %% One of 'debug', 'info', 'warning', 'error' or 'none', in decreasing 43 | %% order of verbosity. Defaults to 'info'. 44 | %% 45 | %% {log_levels, [{connection, info}, {channel, info}]}, 46 | 47 | %% Set to 'true' to perform reverse DNS lookups when accepting a 48 | %% connection. Hostnames will then be shown instead of IP addresses 49 | %% in rabbitmqctl and the management plugin. 50 | %% 51 | %% {reverse_dns_lookups, true}, 52 | 53 | %% 54 | %% Security / AAA 55 | %% ============== 56 | %% 57 | 58 | %% The default "guest" user is only permitted to access the server 59 | %% via a loopback interface (e.g. localhost). 60 | %% {loopback_users, [<<"guest">>]}, 61 | %% 62 | %% Uncomment the following line if you want to allow access to the 63 | %% guest user from anywhere on the network. 64 | %% {loopback_users, []}, 65 | 66 | %% Configuring SSL. 67 | %% See http://www.rabbitmq.com/ssl.html for full documentation. 68 | %% 69 | %% {ssl_options, [{cacertfile, "/path/to/testca/cacert.pem"}, 70 | %% {certfile, "/path/to/server/cert.pem"}, 71 | %% {keyfile, "/path/to/server/key.pem"}, 72 | %% {verify, verify_peer}, 73 | %% {fail_if_no_peer_cert, false}]}, 74 | 75 | %% Choose the available SASL mechanism(s) to expose. 76 | %% The two default (built in) mechanisms are 'PLAIN' and 77 | %% 'AMQPLAIN'. Additional mechanisms can be added via 78 | %% plugins. 79 | %% 80 | %% See http://www.rabbitmq.com/authentication.html for more details. 81 | %% 82 | %% {auth_mechanisms, ['PLAIN', 'AMQPLAIN']}, 83 | 84 | %% Select an authentication database to use. RabbitMQ comes bundled 85 | %% with a built-in auth-database, based on mnesia. 86 | %% 87 | %% {auth_backends, [rabbit_auth_backend_internal]}, 88 | 89 | %% Configurations supporting the rabbitmq_auth_mechanism_ssl and 90 | %% rabbitmq_auth_backend_ldap plugins. 91 | %% 92 | %% NB: These options require that the relevant plugin is enabled. 93 | %% See http://www.rabbitmq.com/plugins.html for further details. 94 | 95 | %% The RabbitMQ-auth-mechanism-ssl plugin makes it possible to 96 | %% authenticate a user based on the client's SSL certificate. 97 | %% 98 | %% To use auth-mechanism-ssl, add to or replace the auth_mechanisms 99 | %% list with the entry 'EXTERNAL'. 100 | %% 101 | %% {auth_mechanisms, ['EXTERNAL']}, 102 | 103 | %% The rabbitmq_auth_backend_ldap plugin allows the broker to 104 | %% perform authentication and authorisation by deferring to an 105 | %% external LDAP server. 106 | %% 107 | %% For more information about configuring the LDAP backend, see 108 | %% http://www.rabbitmq.com/ldap.html. 109 | %% 110 | %% Enable the LDAP auth backend by adding to or replacing the 111 | %% auth_backends entry: 112 | %% 113 | %% {auth_backends, [rabbit_auth_backend_ldap]}, 114 | 115 | %% This pertains to both the rabbitmq_auth_mechanism_ssl plugin and 116 | %% STOMP ssl_cert_login configurations. See the rabbitmq_stomp 117 | %% configuration section later in this file and the README in 118 | %% https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further 119 | %% details. 120 | %% 121 | %% To use the SSL cert's CN instead of its DN as the username 122 | %% 123 | %% {ssl_cert_login_from, common_name}, 124 | 125 | %% SSL handshake timeout, in milliseconds. 126 | %% 127 | %% {ssl_handshake_timeout, 5000}, 128 | 129 | %% Password hashing implementation. Will only affect newly 130 | %% created users. To recalculate hash for an existing user 131 | %% it's necessary to update her password. 132 | %% 133 | %% {password_hashing_module, rabbit_password_hashing_sha256}, 134 | 135 | %% Configuration entry encryption. 136 | %% See http://www.rabbitmq.com/configure.html#configuration-encryption 137 | %% 138 | %% To specify the passphrase in the configuration file: 139 | %% 140 | %% {config_entry_decoder, [{passphrase, <<"mypassphrase">>}]} 141 | %% 142 | %% To specify the passphrase in an external file: 143 | %% 144 | %% {config_entry_decoder, [{passphrase, {file, "/path/to/passphrase/file"}}]} 145 | %% 146 | %% To make the broker request the passphrase when it starts: 147 | %% 148 | %% {config_entry_decoder, [{passphrase, prompt}]} 149 | %% 150 | %% To change encryption settings: 151 | %% 152 | %% {config_entry_decoder, [{cipher, aes_cbc256}, 153 | %% {hash, sha512}, 154 | %% {iterations, 1000}]} 155 | 156 | %% 157 | %% Default User / VHost 158 | %% ==================== 159 | %% 160 | 161 | %% On first start RabbitMQ will create a vhost and a user. These 162 | %% config items control what gets created. See 163 | %% http://www.rabbitmq.com/access-control.html for further 164 | %% information about vhosts and access control. 165 | %% 166 | %% {default_vhost, <<"/">>}, 167 | %% {default_user, <<"guest">>}, 168 | %% {default_pass, <<"guest">>}, 169 | %% {default_permissions, [<<".*">>, <<".*">>, <<".*">>]}, 170 | 171 | %% Tags for default user 172 | %% 173 | %% For more details about tags, see the documentation for the 174 | %% Management Plugin at http://www.rabbitmq.com/management.html. 175 | %% 176 | %% {default_user_tags, [administrator]}, 177 | 178 | %% 179 | %% Additional network and protocol related configuration 180 | %% ===================================================== 181 | %% 182 | 183 | %% Set the default AMQP heartbeat delay (in seconds). 184 | %% 185 | %% {heartbeat, 60}, 186 | 187 | %% Set the max permissible size of an AMQP frame (in bytes). 188 | %% 189 | %% {frame_max, 131072}, 190 | 191 | %% Set the max frame size the server will accept before connection 192 | %% tuning occurs 193 | %% 194 | %% {initial_frame_max, 4096}, 195 | 196 | %% Set the max permissible number of channels per connection. 197 | %% 0 means "no limit". 198 | %% 199 | %% {channel_max, 128}, 200 | 201 | %% Customising Socket Options. 202 | %% 203 | %% See (http://www.erlang.org/doc/man/inet.html#setopts-2) for 204 | %% further documentation. 205 | %% 206 | %% {tcp_listen_options, [{backlog, 128}, 207 | %% {nodelay, true}, 208 | %% {exit_on_close, false}]}, 209 | 210 | %% 211 | %% Resource Limits & Flow Control 212 | %% ============================== 213 | %% 214 | %% See http://www.rabbitmq.com/memory.html for full details. 215 | 216 | %% Memory-based Flow Control threshold. 217 | %% 218 | %% {vm_memory_high_watermark, 0.4}, 219 | 220 | %% Alternatively, we can set a limit (in bytes) of RAM used by the node. 221 | %% 222 | %% {vm_memory_high_watermark, {absolute, 1073741824}}, 223 | %% 224 | %% Or you can set absolute value using memory units. 225 | %% 226 | %% {vm_memory_high_watermark, {absolute, "1024M"}}, 227 | %% 228 | %% Supported units suffixes: 229 | %% 230 | %% k, kiB: kibibytes (2^10 bytes) 231 | %% M, MiB: mebibytes (2^20) 232 | %% G, GiB: gibibytes (2^30) 233 | %% kB: kilobytes (10^3) 234 | %% MB: megabytes (10^6) 235 | %% GB: gigabytes (10^9) 236 | 237 | %% Fraction of the high watermark limit at which queues start to 238 | %% page message out to disc in order to free up memory. 239 | %% 240 | %% Values greater than 0.9 can be dangerous and should be used carefully. 241 | %% 242 | %% {vm_memory_high_watermark_paging_ratio, 0.5}, 243 | 244 | %% Interval (in milliseconds) at which we perform the check of the memory 245 | %% levels against the watermarks. 246 | %% 247 | %% {memory_monitor_interval, 2500}, 248 | 249 | %% Set disk free limit (in bytes). Once free disk space reaches this 250 | %% lower bound, a disk alarm will be set - see the documentation 251 | %% listed above for more details. 252 | %% 253 | %% {disk_free_limit, 50000000}, 254 | %% 255 | %% Or you can set it using memory units (same as in vm_memory_high_watermark) 256 | %% {disk_free_limit, "50MB"}, 257 | %% {disk_free_limit, "50000kB"}, 258 | %% {disk_free_limit, "2GB"}, 259 | 260 | %% Alternatively, we can set a limit relative to total available RAM. 261 | %% 262 | %% Values lower than 1.0 can be dangerous and should be used carefully. 263 | %% {disk_free_limit, {mem_relative, 2.0}}, 264 | 265 | %% 266 | %% Misc/Advanced Options 267 | %% ===================== 268 | %% 269 | %% NB: Change these only if you understand what you are doing! 270 | %% 271 | 272 | %% To announce custom properties to clients on connection: 273 | %% 274 | %% {server_properties, []}, 275 | 276 | %% How to respond to cluster partitions. 277 | %% See http://www.rabbitmq.com/partitions.html for further details. 278 | %% 279 | %% {cluster_partition_handling, ignore}, 280 | 281 | %% Make clustering happen *automatically* at startup - only applied 282 | %% to nodes that have just been reset or started for the first time. 283 | %% See http://www.rabbitmq.com/clustering.html#auto-config for 284 | %% further details. 285 | %% 286 | %% {cluster_nodes, {['rabbit@my.host.com'], disc}}, 287 | 288 | %% Interval (in milliseconds) at which we send keepalive messages 289 | %% to other cluster members. Note that this is not the same thing 290 | %% as net_ticktime; missed keepalive messages will not cause nodes 291 | %% to be considered down. 292 | %% 293 | %% {cluster_keepalive_interval, 10000}, 294 | 295 | %% Set (internal) statistics collection granularity. 296 | %% 297 | %% {collect_statistics, none}, 298 | 299 | %% Statistics collection interval (in milliseconds). 300 | %% 301 | %% {collect_statistics_interval, 5000}, 302 | 303 | %% Explicitly enable/disable hipe compilation. 304 | %% 305 | %% {hipe_compile, true}, 306 | 307 | %% Number of times to retry while waiting for Mnesia tables in a cluster to 308 | %% become available. 309 | %% 310 | %% {mnesia_table_loading_retry_limit, 10}, 311 | 312 | %% Time to wait per retry for Mnesia tables in a cluster to become 313 | %% available. 314 | %% 315 | %% {mnesia_table_loading_retry_timeout, 30000}, 316 | 317 | %% Size in bytes below which to embed messages in the queue index. See 318 | %% http://www.rabbitmq.com/persistence-conf.html 319 | %% 320 | %% {queue_index_embed_msgs_below, 4096}, 321 | 322 | %% Whether or not to enable background GC. 323 | %% 324 | %% {background_gc_enabled, true}, 325 | %% 326 | %% Interval (in milliseconds) at which we run background GC. 327 | %% 328 | %% {background_gc_target_interval, 60000} 329 | 330 | ]}, 331 | 332 | %% ---------------------------------------------------------------------------- 333 | %% Advanced Erlang Networking/Clustering Options. 334 | %% 335 | %% See http://www.rabbitmq.com/clustering.html for details 336 | %% ---------------------------------------------------------------------------- 337 | {kernel, 338 | [%% Sets the net_kernel tick time. 339 | %% Please see http://erlang.org/doc/man/kernel_app.html and 340 | %% http://www.rabbitmq.com/nettick.html for further details. 341 | %% 342 | %% {net_ticktime, 60} 343 | ]}, 344 | 345 | %% ---------------------------------------------------------------------------- 346 | %% RabbitMQ Management Plugin 347 | %% 348 | %% See http://www.rabbitmq.com/management.html for details 349 | %% ---------------------------------------------------------------------------- 350 | 351 | {rabbitmq_management, 352 | [%% Pre-Load schema definitions from the following JSON file. See 353 | %% http://www.rabbitmq.com/management.html#load-definitions 354 | %% 355 | %% {load_definitions, "/path/to/schema.json"}, 356 | 357 | %% Log all requests to the management HTTP API to a file. 358 | %% 359 | %% {http_log_dir, "/path/to/access.log"}, 360 | 361 | %% Change the port on which the HTTP listener listens, 362 | %% specifying an interface for the web server to bind to. 363 | %% Also set the listener to use SSL and provide SSL options. 364 | %% 365 | %% {listener, [{port, 12345}, 366 | %% {ip, "127.0.0.1"}, 367 | %% {ssl, true}, 368 | %% {ssl_opts, [{cacertfile, "/path/to/cacert.pem"}, 369 | %% {certfile, "/path/to/cert.pem"}, 370 | %% {keyfile, "/path/to/key.pem"}]}]}, 371 | 372 | %% One of 'basic', 'detailed' or 'none'. See 373 | %% http://www.rabbitmq.com/management.html#fine-stats for more details. 374 | %% {rates_mode, basic}, 375 | 376 | %% Configure how long aggregated data (such as message rates and queue 377 | %% lengths) is retained. Please read the plugin's documentation in 378 | %% http://www.rabbitmq.com/management.html#configuration for more 379 | %% details. 380 | %% 381 | %% {sample_retention_policies, 382 | %% [{global, [{60, 5}, {3600, 60}, {86400, 1200}]}, 383 | %% {basic, [{60, 5}, {3600, 60}]}, 384 | %% {detailed, [{10, 5}]}]} 385 | ]}, 386 | 387 | %% ---------------------------------------------------------------------------- 388 | %% RabbitMQ Shovel Plugin 389 | %% 390 | %% See http://www.rabbitmq.com/shovel.html for details 391 | %% ---------------------------------------------------------------------------- 392 | 393 | {rabbitmq_shovel, 394 | [{shovels, 395 | [%% A named shovel worker. 396 | %% {my_first_shovel, 397 | %% [ 398 | 399 | %% List the source broker(s) from which to consume. 400 | %% 401 | %% {sources, 402 | %% [%% URI(s) and pre-declarations for all source broker(s). 403 | %% {brokers, ["amqp://user:password@host.domain/my_vhost"]}, 404 | %% {declarations, []} 405 | %% ]}, 406 | 407 | %% List the destination broker(s) to publish to. 408 | %% {destinations, 409 | %% [%% A singular version of the 'brokers' element. 410 | %% {broker, "amqp://"}, 411 | %% {declarations, []} 412 | %% ]}, 413 | 414 | %% Name of the queue to shovel messages from. 415 | %% 416 | %% {queue, <<"your-queue-name-goes-here">>}, 417 | 418 | %% Optional prefetch count. 419 | %% 420 | %% {prefetch_count, 10}, 421 | 422 | %% when to acknowledge messages: 423 | %% - no_ack: never (auto) 424 | %% - on_publish: after each message is republished 425 | %% - on_confirm: when the destination broker confirms receipt 426 | %% 427 | %% {ack_mode, on_confirm}, 428 | 429 | %% Overwrite fields of the outbound basic.publish. 430 | %% 431 | %% {publish_fields, [{exchange, <<"my_exchange">>}, 432 | %% {routing_key, <<"from_shovel">>}]}, 433 | 434 | %% Static list of basic.properties to set on re-publication. 435 | %% 436 | %% {publish_properties, [{delivery_mode, 2}]}, 437 | 438 | %% The number of seconds to wait before attempting to 439 | %% reconnect in the event of a connection failure. 440 | %% 441 | %% {reconnect_delay, 2.5} 442 | 443 | %% ]} %% End of my_first_shovel 444 | ]} 445 | %% Rather than specifying some values per-shovel, you can specify 446 | %% them for all shovels here. 447 | %% 448 | %% {defaults, [{prefetch_count, 0}, 449 | %% {ack_mode, on_confirm}, 450 | %% {publish_fields, []}, 451 | %% {publish_properties, [{delivery_mode, 2}]}, 452 | %% {reconnect_delay, 2.5}]} 453 | ]}, 454 | 455 | %% ---------------------------------------------------------------------------- 456 | %% RabbitMQ Stomp Adapter 457 | %% 458 | %% See http://www.rabbitmq.com/stomp.html for details 459 | %% ---------------------------------------------------------------------------- 460 | 461 | {rabbitmq_stomp, 462 | [%% Network Configuration - the format is generally the same as for the broker 463 | 464 | %% Listen only on localhost (ipv4 & ipv6) on a specific port. 465 | %% {tcp_listeners, [{"127.0.0.1", 61613}, 466 | %% {"::1", 61613}]}, 467 | 468 | %% Listen for SSL connections on a specific port. 469 | %% {ssl_listeners, [61614]}, 470 | 471 | %% Number of Erlang processes that will accept connections for the TCP 472 | %% and SSL listeners. 473 | %% 474 | %% {num_tcp_acceptors, 10}, 475 | %% {num_ssl_acceptors, 1}, 476 | 477 | %% Additional SSL options 478 | 479 | %% Extract a name from the client's certificate when using SSL. 480 | %% 481 | %% {ssl_cert_login, true}, 482 | 483 | %% Set a default user name and password. This is used as the default login 484 | %% whenever a CONNECT frame omits the login and passcode headers. 485 | %% 486 | %% Please note that setting this will allow clients to connect without 487 | %% authenticating! 488 | %% 489 | %% {default_user, [{login, "guest"}, 490 | %% {passcode, "guest"}]}, 491 | 492 | %% If a default user is configured, or you have configured use SSL client 493 | %% certificate based authentication, you can choose to allow clients to 494 | %% omit the CONNECT frame entirely. If set to true, the client is 495 | %% automatically connected as the default user or user supplied in the 496 | %% SSL certificate whenever the first frame sent on a session is not a 497 | %% CONNECT frame. 498 | %% 499 | %% {implicit_connect, true} 500 | ]}, 501 | 502 | %% ---------------------------------------------------------------------------- 503 | %% RabbitMQ MQTT Adapter 504 | %% 505 | %% See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md 506 | %% for details 507 | %% ---------------------------------------------------------------------------- 508 | 509 | {rabbitmq_mqtt, 510 | [%% Set the default user name and password. Will be used as the default login 511 | %% if a connecting client provides no other login details. 512 | %% 513 | %% Please note that setting this will allow clients to connect without 514 | %% authenticating! 515 | %% 516 | %% {default_user, <<"guest">>}, 517 | %% {default_pass, <<"guest">>}, 518 | 519 | %% Enable anonymous access. If this is set to false, clients MUST provide 520 | %% login information in order to connect. See the default_user/default_pass 521 | %% configuration elements for managing logins without authentication. 522 | %% 523 | %% {allow_anonymous, true}, 524 | 525 | %% If you have multiple chosts, specify the one to which the 526 | %% adapter connects. 527 | %% 528 | %% {vhost, <<"/">>}, 529 | 530 | %% Specify the exchange to which messages from MQTT clients are published. 531 | %% 532 | %% {exchange, <<"amq.topic">>}, 533 | 534 | %% Specify TTL (time to live) to control the lifetime of non-clean sessions. 535 | %% 536 | %% {subscription_ttl, 1800000}, 537 | 538 | %% Set the prefetch count (governing the maximum number of unacknowledged 539 | %% messages that will be delivered). 540 | %% 541 | %% {prefetch, 10}, 542 | 543 | %% TCP/SSL Configuration (as per the broker configuration). 544 | %% 545 | %% {tcp_listeners, [1883]}, 546 | %% {ssl_listeners, []}, 547 | 548 | %% Number of Erlang processes that will accept connections for the TCP 549 | %% and SSL listeners. 550 | %% 551 | %% {num_tcp_acceptors, 10}, 552 | %% {num_ssl_acceptors, 1}, 553 | 554 | %% TCP/Socket options (as per the broker configuration). 555 | %% 556 | %% {tcp_listen_options, [{backlog, 128}, 557 | %% {nodelay, true}]} 558 | ]}, 559 | 560 | %% ---------------------------------------------------------------------------- 561 | %% RabbitMQ AMQP 1.0 Support 562 | %% 563 | %% See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md 564 | %% for details 565 | %% ---------------------------------------------------------------------------- 566 | 567 | {rabbitmq_amqp1_0, 568 | [%% Connections that are not authenticated with SASL will connect as this 569 | %% account. See the README for more information. 570 | %% 571 | %% Please note that setting this will allow clients to connect without 572 | %% authenticating! 573 | %% 574 | %% {default_user, "guest"}, 575 | 576 | %% Enable protocol strict mode. See the README for more information. 577 | %% 578 | %% {protocol_strict_mode, false} 579 | ]}, 580 | 581 | %% ---------------------------------------------------------------------------- 582 | %% RabbitMQ LDAP Plugin 583 | %% 584 | %% See http://www.rabbitmq.com/ldap.html for details. 585 | %% 586 | %% ---------------------------------------------------------------------------- 587 | 588 | {rabbitmq_auth_backend_ldap, 589 | [%% 590 | %% Connecting to the LDAP server(s) 591 | %% ================================ 592 | %% 593 | 594 | %% Specify servers to bind to. You *must* set this in order for the plugin 595 | %% to work properly. 596 | %% 597 | %% {servers, ["your-server-name-goes-here"]}, 598 | 599 | %% Connect to the LDAP server using SSL 600 | %% 601 | %% {use_ssl, false}, 602 | 603 | %% Specify the LDAP port to connect to 604 | %% 605 | %% {port, 389}, 606 | 607 | %% LDAP connection timeout, in milliseconds or 'infinity' 608 | %% 609 | %% {timeout, infinity}, 610 | 611 | %% Enable logging of LDAP queries. 612 | %% One of 613 | %% - false (no logging is performed) 614 | %% - true (verbose logging of the logic used by the plugin) 615 | %% - network (as true, but additionally logs LDAP network traffic) 616 | %% 617 | %% Defaults to false. 618 | %% 619 | %% {log, false}, 620 | 621 | %% 622 | %% Authentication 623 | %% ============== 624 | %% 625 | 626 | %% Pattern to convert the username given through AMQP to a DN before 627 | %% binding 628 | %% 629 | %% {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"}, 630 | 631 | %% Alternatively, you can convert a username to a Distinguished 632 | %% Name via an LDAP lookup after binding. See the documentation for 633 | %% full details. 634 | 635 | %% When converting a username to a dn via a lookup, set these to 636 | %% the name of the attribute that represents the user name, and the 637 | %% base DN for the lookup query. 638 | %% 639 | %% {dn_lookup_attribute, "userPrincipalName"}, 640 | %% {dn_lookup_base, "DC=gopivotal,DC=com"}, 641 | 642 | %% Controls how to bind for authorisation queries and also to 643 | %% retrieve the details of users logging in without presenting a 644 | %% password (e.g., SASL EXTERNAL). 645 | %% One of 646 | %% - as_user (to bind as the authenticated user - requires a password) 647 | %% - anon (to bind anonymously) 648 | %% - {UserDN, Password} (to bind with a specified user name and password) 649 | %% 650 | %% Defaults to 'as_user'. 651 | %% 652 | %% {other_bind, as_user}, 653 | 654 | %% 655 | %% Authorisation 656 | %% ============= 657 | %% 658 | 659 | %% The LDAP plugin can perform a variety of queries against your 660 | %% LDAP server to determine questions of authorisation. See 661 | %% http://www.rabbitmq.com/ldap.html#authorisation for more 662 | %% information. 663 | 664 | %% Set the query to use when determining vhost access 665 | %% 666 | %% {vhost_access_query, {in_group, 667 | %% "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}}, 668 | 669 | %% Set the query to use when determining resource (e.g., queue) access 670 | %% 671 | %% {resource_access_query, {constant, true}}, 672 | 673 | %% Set queries to determine which tags a user has 674 | %% 675 | %% {tag_queries, []} 676 | ]} 677 | ]. 678 | -------------------------------------------------------------------------------- /templates/etc/rabbitmq/rabbitmq.config.j2: -------------------------------------------------------------------------------- 1 | [ 2 | {rabbit, [ 3 | {% if rabbitmq_listeners is not defined or (rabbitmq_listeners | length) == 0 %} 4 | {tcp_listeners, [{{ rabbitmq_listen_port }}]} 5 | {% elif rabbitmq_listeners is defined %} 6 | {tcp_listeners, [{% for item in rabbitmq_listeners %}{"{{ item }}", {{ rabbitmq_listen_port }}}{% if not loop.last %}, {% endif %}{% endfor %}]} 7 | {% endif %} 8 | {% if rabbitmq_cluster_partition_handling is defined %} 9 | ,{cluster_partition_handling, {{ rabbitmq_cluster_partition_handling }}} 10 | {% endif %} 11 | {% if rabbitmq_ssl_enable %} 12 | , 13 | {num_ssl_acceptors, 10}, 14 | {% if rabbitmq_ssl_listeners is not defined or (rabbitmq_ssl_listeners | length) == 0 %} 15 | {ssl_listeners, [{{ rabbitmq_ssl_port }}]}, 16 | {% elif rabbitmq_listeners is defined %} 17 | {tcp_listeners, [{% for item in rabbitmq_ssl_listeners %}{"{{ item }}", {{ rabbitmq_ssl_port }}}{% if not loop.last %}, {% endif %}{% endfor %}]}, 18 | {% endif %} 19 | {% if rabbitmq_ssl_options is defined and (rabbitmq_ssl_options | length ) > 0 %} 20 | {ssl_options, [ 21 | {% for key in rabbitmq_ssl_options %} 22 | { {{ key }}, {{ rabbitmq_ssl_options[key] }}}{% if not loop.last %}, {% endif %} 23 | {% endfor %} 24 | ]} 25 | {% endif %} 26 | {% endif %} 27 | ]} 28 | ]. 29 | -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for ansible-rabbitmq 3 | --------------------------------------------------------------------------------