modules/roles/manifests/pubsub/entities.pp

   1 # = Class: roles::pubsub::entities
   2 #
   3 # MQ users, vhosts, policies, and permissions for pubsub hosts
   4 #
   5 # == Sample Usage:
   6 #
   7 #   include roles::pubsub::entities
   8 #
   9 class roles::pubsub::entities {
  10         include roles::pubsub::params
  11
  12         $admin_password   = $roles::pubsub::params::admin_password
  13         $ftp_password     = $roles::pubsub::params::ftp_password
  14         $buildd_password  = $roles::pubsub::params::buildd_password
  15         $wbadm_password   = $roles::pubsub::params::wbadm_password
  16         $mailadm_password = $roles::pubsub::params::mailadm_password
  17         $mailly_password  = $roles::pubsub::params::mailly_password
  18         $muffat_password  = $roles::pubsub::params::muffat_password
  19
  20         rabbitmq_user { 'admin':
  21                 admin    => true,
  22                 password => $admin_password,
  23         }
  24
  25         rabbitmq_user { 'ftpteam':
  26                 admin    => false,
  27                 password => $ftp_password,
  28         }
  29
  30         rabbitmq_user { 'buildd':
  31                 admin    => false,
  32                 password => $buildd_password,
  33         }
  34
  35         rabbitmq_user { 'wbadm':
  36                 admin    => false,
  37                 password => $wbadm_password,
  38         }
  39
  40         rabbitmq_user { 'mailadm':
  41                 admin    => false,
  42                 password => $mailadm_password,
  43         }
  44
  45         rabbitmq_user { 'mailly':
  46                 admin    => false,
  47                 password => $mailly_password,
  48         }
  49
  50         rabbitmq_user { 'muffat':
  51                 admin    => false,
  52                 password => $muffat_password,
  53         }
  54
  55         $do_hosts = keys($deprecated::localinfo)
  56
  57         pubsub::autouser { $do_hosts: }
  58
  59         rabbitmq_vhost { 'packages':
  60                 ensure   => present,
  61         }
  62
  63         rabbitmq_vhost { 'buildd':
  64                 ensure   => present,
  65         }
  66
  67         rabbitmq_vhost { 'dsa':
  68                 ensure   => present,
  69         }
  70
  71         rabbitmq_user_permissions { 'admin@/':
  72                 configure_permission => '.*',
  73                 read_permission      => '.*',
  74                 write_permission     => '.*',
  75         }
  76
  77         rabbitmq_user_permissions { 'admin@buildd':
  78                 configure_permission => '.*',
  79                 read_permission      => '.*',
  80                 write_permission     => '.*',
  81         }
  82
  83         rabbitmq_user_permissions { 'admin@dsa':
  84                 configure_permission => '.*',
  85                 read_permission      => '.*',
  86                 write_permission     => '.*',
  87         }
  88
  89         rabbitmq_user_permissions { 'admin@packages':
  90                 configure_permission => '.*',
  91                 read_permission      => '.*',
  92                 write_permission     => '.*',
  93         }
  94
  95         rabbitmq_user_permissions { 'ftpteam@packages':
  96                 configure_permission => '.*',
  97                 read_permission      => '.*',
  98                 write_permission     => '.*',
  99         }
 100
 101         rabbitmq_user_permissions { 'wbadm@packages':
 102                 read_permission  => 'unchecked',
 103                 write_permission => 'wbadm',
 104         }
 105
 106         rabbitmq_user_permissions { 'buildd@buildd':
 107                 configure_permission => '.*',
 108                 read_permission      => '.*',
 109                 write_permission     => '.*',
 110         }
 111
 112         rabbitmq_user_permissions { 'wbadm@buildd':
 113                 configure_permission => '.*',
 114                 read_permission      => '.*',
 115                 write_permission     => '.*',
 116         }
 117
 118         rabbitmq_user_permissions { 'mailadm@dsa':
 119                 configure_permission => '.*',
 120                 read_permission      => '.*',
 121                 write_permission     => '.*',
 122         }
 123
 124         rabbitmq_policy { 'mirror-dsa@dsa':
 125                 pattern    => '.*',
 126                 priority   => 0,
 127                 applyto    => 'all',
 128                 definition => {
 129                         'ha-mode'      => 'all',
 130                         'ha-sync-mode' => 'automatic',
 131                 },
 132         }
 133
 134         rabbitmq_policy { 'mirror-buildd@buildd':
 135                 pattern    => '.*',
 136                 priority   => 0,
 137                 applyto    => 'all',
 138                 definition => {
 139                         'ha-mode'      => 'all',
 140                         'ha-sync-mode' => 'automatic',
 141                 },
 142         }
 143
 144         rabbitmq_policy { 'mirror-packages@packages':
 145                 pattern    => '.*',
 146                 priority   => 0,
 147                 applyto    => 'all',
 148                 definition => {
 149                         'ha-mode'      => 'all',
 150                         'ha-sync-mode' => 'automatic',
 151                 },
 152         }
 153
 154         rabbitmq_plugin { 'rabbitmq_management_agent':
 155                 ensure   => present,
 156         }
 157         rabbitmq_plugin { 'rabbitmq_tracing':
 158                 ensure   => present,
 159         }
 160         rabbitmq_plugin { 'rabbitmq_management_visualiser':
 161                 ensure   => present,
 162         }
 163
 164 }