1 # = Class: roles::pubsub::entities
3 # MQ users, vhosts, policies, and permissions for pubsub hosts
7 # include roles::pubsub::entities
9 class roles::pubsub::entities {
10 include roles::pubsub::params
12 $admin_password = $roles::pubsub::params::admin_password
13 $ftp_password = $roles::pubsub::params::ftp_password
14 $buildd_password = $roles::pubsub::params::buildd_password
15 $wbadm_password = $roles::pubsub::params::wbadm_password
16 $mailadm_password = $roles::pubsub::params::mailadm_password
17 $mailly_password = $roles::pubsub::params::mailly_password
18 $muffat_password = $roles::pubsub::params::muffat_password
19 $pet_password = $roles::pubsub::params::pet_password
21 rabbitmq_user { 'admin':
23 password => $admin_password,
24 provider => 'rabbitmqctl',
27 rabbitmq_user { 'ftpteam':
29 password => $ftp_password,
30 provider => 'rabbitmqctl',
33 rabbitmq_user { 'buildd':
35 password => $buildd_password,
36 provider => 'rabbitmqctl',
39 rabbitmq_user { 'wbadm':
41 password => $wbadm_password,
42 provider => 'rabbitmqctl',
45 rabbitmq_user { 'mailadm':
47 password => $mailadm_password,
48 provider => 'rabbitmqctl',
51 rabbitmq_user { 'mailly':
53 password => $mailly_password,
54 provider => 'rabbitmqctl',
57 rabbitmq_user { 'muffat':
59 password => $muffat_password,
60 provider => 'rabbitmqctl',
63 rabbitmq_user { 'pet-devel':
65 password => $pet_password,
66 provider => 'rabbitmqctl',
69 $do_hosts = keys($site::localinfo)
71 rabbitmq::autouser { $do_hosts: }
73 rabbitmq_vhost { 'packages':
75 provider => 'rabbitmqctl',
78 rabbitmq_vhost { 'buildd':
80 provider => 'rabbitmqctl',
83 rabbitmq_vhost { 'dsa':
85 provider => 'rabbitmqctl',
88 rabbitmq_vhost { 'pet':
90 provider => 'rabbitmqctl',
93 rabbitmq_user_permissions { 'admin@/':
94 configure_permission => '.*',
95 read_permission => '.*',
96 write_permission => '.*',
97 provider => 'rabbitmqctl',
98 require => Rabbitmq_user['admin']
101 rabbitmq_user_permissions { 'admin@buildd':
102 configure_permission => '.*',
103 read_permission => '.*',
104 write_permission => '.*',
105 provider => 'rabbitmqctl',
107 Rabbitmq_user['admin'],
108 Rabbitmq_vhost['buildd']
112 rabbitmq_user_permissions { 'admin@dsa':
113 configure_permission => '.*',
114 read_permission => '.*',
115 write_permission => '.*',
116 provider => 'rabbitmqctl',
118 Rabbitmq_user['admin'],
119 Rabbitmq_vhost['dsa']
123 rabbitmq_user_permissions { 'admin@packages':
124 configure_permission => '.*',
125 read_permission => '.*',
126 write_permission => '.*',
127 provider => 'rabbitmqctl',
129 Rabbitmq_user['admin'],
130 Rabbitmq_vhost['packages']
134 rabbitmq_user_permissions { 'admin@pet':
135 configure_permission => '.*',
136 read_permission => '.*',
137 write_permission => '.*',
138 provider => 'rabbitmqctl',
140 Rabbitmq_user['admin'],
141 Rabbitmq_vhost['pet']
145 rabbitmq_user_permissions { 'ftpteam@packages':
146 configure_permission => '.*',
147 read_permission => '.*',
148 write_permission => '.*',
149 provider => 'rabbitmqctl',
151 Rabbitmq_user['ftpteam'],
152 Rabbitmq_vhost['packages']
156 rabbitmq_user_permissions { 'wbadm@packages':
157 read_permission => 'unchecked',
158 write_permission => 'wbadm',
159 provider => 'rabbitmqctl',
161 Rabbitmq_user['wbadm'],
162 Rabbitmq_vhost['packages']
166 rabbitmq_user_permissions { 'buildd@buildd':
167 configure_permission => '.*',
168 read_permission => '.*',
169 write_permission => '.*',
170 provider => 'rabbitmqctl',
172 Rabbitmq_user['buildd'],
173 Rabbitmq_vhost['buildd']
177 rabbitmq_user_permissions { 'wbadm@buildd':
178 configure_permission => '.*',
179 read_permission => '.*',
180 write_permission => '.*',
181 provider => 'rabbitmqctl',
183 Rabbitmq_user['wbadm'],
184 Rabbitmq_vhost['buildd']
188 rabbitmq_user_permissions { 'mailadm@dsa':
189 configure_permission => '.*',
190 read_permission => '.*',
191 write_permission => '.*',
192 provider => 'rabbitmqctl',
194 Rabbitmq_user['mailadm'],
195 Rabbitmq_vhost['dsa']
199 rabbitmq_user_permissions { 'pet-devel@pet':
200 configure_permission => '.*',
201 read_permission => '.*',
202 write_permission => '.*',
203 provider => 'rabbitmqctl',
205 Rabbitmq_user['pet-devel'],
206 Rabbitmq_vhost['pet']
210 rabbitmq_policy { 'mirror-dsa':
213 policy => '{"ha-mode":"all"}',
214 require => Rabbitmq_vhost['dsa']
217 rabbitmq_policy { 'mirror-buildd':
220 policy => '{"ha-mode":"all"}',
221 require => Rabbitmq_vhost['buildd']
224 rabbitmq_policy { 'mirror-packages':
227 policy => '{"ha-mode":"all"}',
228 require => Rabbitmq_vhost['packages']
231 rabbitmq_policy { 'mirror_pet':
234 policy => '{"ha-mode":"all"}',
235 require => Rabbitmq_vhost['pet']
238 rabbitmq_plugin { 'rabbitmq_management':
240 provider => 'rabbitmqplugins',
241 require => Package['rabbitmq-server'],
242 notify => Service['rabbitmq-server']
244 rabbitmq_plugin { 'rabbitmq_management_agent':
246 provider => 'rabbitmqplugins',
247 require => Package['rabbitmq-server'],
248 notify => Service['rabbitmq-server']
250 rabbitmq_plugin { 'rabbitmq_tracing':
252 provider => 'rabbitmqplugins',
253 require => Package['rabbitmq-server'],
254 notify => Service['rabbitmq-server']
256 rabbitmq_plugin { 'rabbitmq_management_visualiser':
258 provider => 'rabbitmqplugins',
259 require => Package['rabbitmq-server'],
260 notify => Service['rabbitmq-server']