1 # Class: rabbitmq::config
2 # Sets all the configuration values for RabbitMQ and creates the directories for
4 class rabbitmq::config {
6 $admin_enable = $rabbitmq::admin_enable
7 $cluster_node_type = $rabbitmq::cluster_node_type
8 $cluster_nodes = $rabbitmq::cluster_nodes
9 $config = $rabbitmq::config
10 $config_cluster = $rabbitmq::config_cluster
11 $config_path = $rabbitmq::config_path
12 $config_ranch = $rabbitmq::config_ranch
13 $config_stomp = $rabbitmq::config_stomp
14 $config_shovel = $rabbitmq::config_shovel
15 $config_shovel_statics = $rabbitmq::config_shovel_statics
16 $default_user = $rabbitmq::default_user
17 $default_pass = $rabbitmq::default_pass
18 $env_config = $rabbitmq::env_config
19 $env_config_path = $rabbitmq::env_config_path
20 $erlang_cookie = $rabbitmq::erlang_cookie
21 $interface = $rabbitmq::interface
22 $management_port = $rabbitmq::management_port
23 $management_ssl = $rabbitmq::management_ssl
24 $management_hostname = $rabbitmq::management_hostname
25 $node_ip_address = $rabbitmq::node_ip_address
26 $rabbitmq_user = $rabbitmq::rabbitmq_user
27 $rabbitmq_group = $rabbitmq::rabbitmq_group
28 $rabbitmq_home = $rabbitmq::rabbitmq_home
29 $port = $rabbitmq::port
30 $tcp_keepalive = $rabbitmq::tcp_keepalive
31 $tcp_backlog = $rabbitmq::tcp_backlog
32 $tcp_sndbuf = $rabbitmq::tcp_sndbuf
33 $tcp_recbuf = $rabbitmq::tcp_recbuf
34 $heartbeat = $rabbitmq::heartbeat
35 $service_name = $rabbitmq::service_name
37 $ssl_only = $rabbitmq::ssl_only
38 $ssl_cacert = $rabbitmq::ssl_cacert
39 $ssl_cert = $rabbitmq::ssl_cert
40 $ssl_key = $rabbitmq::ssl_key
41 $ssl_depth = $rabbitmq::ssl_depth
42 $ssl_cert_password = $rabbitmq::ssl_cert_password
43 $ssl_port = $rabbitmq::ssl_port
44 $ssl_interface = $rabbitmq::ssl_interface
45 $ssl_management_port = $rabbitmq::ssl_management_port
46 $ssl_management_verify = $rabbitmq::ssl_management_verify
47 $ssl_management_fail_if_no_peer_cert = $rabbitmq::ssl_management_fail_if_no_peer_cert
48 $ssl_stomp_port = $rabbitmq::ssl_stomp_port
49 $ssl_verify = $rabbitmq::ssl_verify
50 $ssl_fail_if_no_peer_cert = $rabbitmq::ssl_fail_if_no_peer_cert
51 $ssl_secure_renegotiate = $rabbitmq::ssl_secure_renegotiate
52 $ssl_reuse_sessions = $rabbitmq::ssl_reuse_sessions
53 $ssl_honor_cipher_order = $rabbitmq::ssl_honor_cipher_order
54 $ssl_dhfile = $rabbitmq::ssl_dhfile
55 $ssl_versions = $rabbitmq::ssl_versions
56 $ssl_ciphers = $rabbitmq::ssl_ciphers
57 $stomp_port = $rabbitmq::stomp_port
58 $stomp_ssl_only = $rabbitmq::stomp_ssl_only
59 $ldap_auth = $rabbitmq::ldap_auth
60 $ldap_server = $rabbitmq::ldap_server
61 $ldap_user_dn_pattern = $rabbitmq::ldap_user_dn_pattern
62 $ldap_other_bind = $rabbitmq::ldap_other_bind
63 $ldap_use_ssl = $rabbitmq::ldap_use_ssl
64 $ldap_port = $rabbitmq::ldap_port
65 $ldap_log = $rabbitmq::ldap_log
66 $ldap_config_variables = $rabbitmq::ldap_config_variables
67 $wipe_db_on_cookie_change = $rabbitmq::wipe_db_on_cookie_change
68 $config_variables = $rabbitmq::config_variables
69 $config_kernel_variables = $rabbitmq::config_kernel_variables
70 $config_management_variables = $rabbitmq::config_management_variables
71 $config_additional_variables = $rabbitmq::config_additional_variables
72 $auth_backends = $rabbitmq::auth_backends
73 $cluster_partition_handling = $rabbitmq::cluster_partition_handling
74 $file_limit = $rabbitmq::file_limit
75 $collect_statistics_interval = $rabbitmq::collect_statistics_interval
76 $ipv6 = $rabbitmq::ipv6
77 $inetrc_config = $rabbitmq::inetrc_config
78 $inetrc_config_path = $rabbitmq::inetrc_config_path
79 $ssl_erl_dist = $rabbitmq::ssl_erl_dist
82 $default_ssl_env_variables = {}
84 $default_ssl_env_variables = {
86 'NODE_IP_ADDRESS' => $node_ip_address,
90 # This seems like a sensible default, and I think we have to assign it here
91 # to be safe. Use $node_ip_address (which can also be undef) if
92 # $management_ip_address is not set.
93 if $rabbitmq::management_ip_address {
94 $management_ip_address = $rabbitmq::management_ip_address
96 $management_ip_address = $rabbitmq::node_ip_address
99 $inetrc_env = {'export ERL_INETRC' => $inetrc_config_path}
101 # Handle env variables.
102 $_environment_variables = $default_ssl_env_variables + $inetrc_env + $rabbitmq::environment_variables
104 if $ipv6 or $ssl_erl_dist {
105 # must append "-proto_dist inet6_tcp" to any provided ERL_ARGS for
106 # both the server and rabbitmqctl, being careful not to mess up
107 # quoting. If both IPv6 and TLS are enabled, we must use "inet6_tls".
108 # Finally, if only TLS is enabled (no IPv6), the -proto_dist value to use
110 if $ipv6 and $ssl_erl_dist {
111 $proto_dist = 'inet6_tls'
112 $ssl_path = " -pa ${::erl_ssl_path} "
113 } elsif $ssl_erl_dist {
114 $proto_dist = 'inet_tls'
115 $ssl_path = " -pa ${::erl_ssl_path} "
117 $proto_dist = 'inet6_tcp'
120 $ipv6_or_tls_env = ['SERVER', 'CTL'].reduce({}) |$memo, $item| {
121 $orig = $_environment_variables["RABBITMQ_${item}_ERL_ARGS"]
123 # already quoted, keep quoting
124 /^([\'\"])(.*)\1/ => "${1}${2}${ssl_path} -proto_dist ${proto_dist}${1}",
125 # unset, add our own quoted value
126 undef => "\"${ssl_path}-proto_dist ${proto_dist}\"",
127 # previously unquoted value, add quoting
128 default => "\"${orig}${ssl_path} -proto_dist ${proto_dist}\"",
131 merge($memo, {"RABBITMQ_${item}_ERL_ARGS" => $munged})
134 $environment_variables = $_environment_variables + $ipv6_or_tls_env
136 $environment_variables = $_environment_variables
139 file { '/etc/rabbitmq':
146 file { '/etc/rabbitmq/ssl':
153 file { 'rabbitmq.config':
155 path => $config_path,
156 content => template($config),
158 group => $rabbitmq_group,
160 notify => Class['rabbitmq::service'],
163 file { 'rabbitmq-env.config':
165 path => $env_config_path,
166 content => template($env_config),
168 group => $rabbitmq_group,
170 notify => Class['rabbitmq::service'],
173 file { 'rabbitmq-inetrc':
175 path => $inetrc_config_path,
176 content => template($inetrc_config),
178 group => $rabbitmq_group,
180 notify => Class['rabbitmq::service'],
184 file { 'rabbitmqadmin.conf':
186 path => '/etc/rabbitmq/rabbitmqadmin.conf',
187 content => template('rabbitmq/rabbitmqadmin.conf.erb'),
189 group => $rabbitmq_group,
191 require => File['/etc/rabbitmq'],
195 case $facts['os']['family'] {
197 if versioncmp($facts['os']['release']['full'], '16.04') >= 0 {
198 file { '/etc/systemd/system/rabbitmq-server.service.d':
203 selinux_ignore_defaults => true,
205 -> file { '/etc/systemd/system/rabbitmq-server.service.d/limits.conf':
206 content => template('rabbitmq/rabbitmq-server.service.d/limits.conf'),
210 notify => Exec['rabbitmq-systemd-reload'],
212 exec { 'rabbitmq-systemd-reload':
213 command => '/bin/systemctl daemon-reload',
214 notify => Class['Rabbitmq::Service'],
218 file { '/etc/default/rabbitmq-server':
220 content => template('rabbitmq/default.erb'),
224 notify => Class['rabbitmq::service'],
228 if versioncmp($facts['os']['release']['major'], '7') >= 0 {
229 file { '/etc/systemd/system/rabbitmq-server.service.d':
234 selinux_ignore_defaults => true,
236 -> file { '/etc/systemd/system/rabbitmq-server.service.d/limits.conf':
237 content => template('rabbitmq/rabbitmq-server.service.d/limits.conf'),
241 notify => Exec['rabbitmq-systemd-reload'],
243 exec { 'rabbitmq-systemd-reload':
244 command => '/bin/systemctl daemon-reload',
245 notify => Class['Rabbitmq::Service'],
249 file { '/etc/security/limits.d/rabbitmq-server.conf':
250 content => template('rabbitmq/limits.conf'),
254 notify => Class['Rabbitmq::Service'],
258 file { '/etc/systemd/system/rabbitmq.service.d':
263 selinux_ignore_defaults => true,
265 -> file { '/etc/systemd/system/rabbitmq.service.d/limits.conf':
266 content => template('rabbitmq/rabbitmq-server.service.d/limits.conf'),
270 notify => Exec['rabbitmq-systemd-reload'],
272 exec { 'rabbitmq-systemd-reload':
273 command => '/bin/systemctl daemon-reload',
274 notify => Class['Rabbitmq::Service'],
282 if $erlang_cookie == undef and $config_cluster {
283 fail('You must set the $erlang_cookie value in order to configure clustering.')
284 } elsif $erlang_cookie != undef {
285 rabbitmq_erlang_cookie { "${rabbitmq_home}/.erlang.cookie":
286 content => $erlang_cookie,
287 force => $wipe_db_on_cookie_change,
288 rabbitmq_user => $rabbitmq_user,
289 rabbitmq_group => $rabbitmq_group,
290 rabbitmq_home => $rabbitmq_home,
291 service_name => $service_name,
292 before => File['rabbitmq.config'],
293 notify => Class['rabbitmq::service'],