2 include roles::pubsub::params
3 include roles::pubsub::entities
5 $cluster_cookie = $roles::pubsub::params::cluster_cookie
8 $cc_secondary = rapoport
11 config_cluster => true,
16 cluster_node_type => 'disc',
17 erlang_cookie => '8r17so6o1s124ns49sr08n0o24342160',
18 delete_guest_user => true,
20 ssl_cacert => '/etc/ssl/debian/certs/ca.crt',
21 ssl_cert => '/etc/ssl/debian/certs/thishost-server.crt',
22 ssl_key => '/etc/ssl/private/thishost-server.key',
24 ssl_verify => 'verify_none',
25 repos_ensure => false,
32 ferm::rule { 'rabbitmq':
33 description => 'rabbitmq connections',
34 rule => '&SERVICE_RANGE(tcp, 5671, $HOST_DEBIAN_V4)'
37 ferm::rule { 'rabbitmq-v6':
39 description => 'rabbitmq connections',
40 rule => '&SERVICE_RANGE(tcp, 5671, $HOST_DEBIAN_V6)'
43 ferm::rule { 'rabbitmq-adm':
44 description => 'rabbitmq connections',
45 rule => '&SERVICE_RANGE(tcp, 5671, $DSA_IPS)'
48 ferm::rule { 'rabbitmq-v6-adm':
50 description => 'rabbitmq connections',
51 rule => '&SERVICE_RANGE(tcp, 5671, $DSA_V6_IPS)'
54 if $::hostname == $cc_master {
56 $you6 = '2001:41c8:1000:21::21:15'
59 $you6 = '2001:41c8:1000:21::21:16'
62 ferm::rule { 'rabbitmq_cluster':
64 description => 'rabbitmq cluster connections',
65 rule => "proto tcp mod state state (NEW) saddr (${you}) ACCEPT"
67 ferm::rule { 'rabbitmq_cluster_v6':
69 description => 'rabbitmq cluster connections',
70 rule => "proto tcp mod state state (NEW) saddr (${you6}) ACCEPT"
72 ferm::rule { 'rabbitmq_mgmt':
73 description => 'rabbitmq cluster connections',
74 rule => '&SERVICE_RANGE(tcp, 15671, $DSA_IPS)'
76 ferm::rule { 'rabbitmq_mgmt_v6':
78 description => 'rabbitmq cluster connections',
79 rule => '&SERVICE_RANGE(tcp, 15671, $DSA_V6_IPS)'