2 include roles::pubsub::params
3 include roles::pubsub::entities
5 $cluster_cookie = $roles::pubsub::params::cluster_cookie
8 $cc_secondary = rapoport
13 "rabbit@${cc_master}",
14 "rabbit@${cc_secondary}",
16 clustercookie => '8r17so6o1s124ns49sr08n0o24342160',
17 delete_guest_user => true,
25 concat::fragment { 'rabbit_ssl':
26 target => '/etc/rabbitmq/rabbitmq.config',
28 source => 'puppet:///modules/roles/pubsub/rabbitmq.config'
31 concat::fragment { 'rabbit_mgmt_ssl':
32 target => '/etc/rabbitmq/rabbitmq.config',
34 source => 'puppet:///modules/roles/pubsub/rabbitmq-mgmt.config'
37 @ferm::rule { 'rabbitmq':
38 description => 'rabbitmq connections',
39 rule => '&SERVICE_RANGE(tcp, 5671, $HOST_DEBIAN_V4)'
42 @ferm::rule { 'rabbitmq-v6':
44 description => 'rabbitmq connections',
45 rule => '&SERVICE_RANGE(tcp, 5671, $HOST_DEBIAN_V6)'
48 @ferm::rule { 'rabbitmq-adm':
49 description => 'rabbitmq connections',
50 rule => '&SERVICE_RANGE(tcp, 5671, $DSA_IPS)'
53 @ferm::rule { 'rabbitmq-v6-adm':
55 description => 'rabbitmq connections',
56 rule => '&SERVICE_RANGE(tcp, 5671, $DSA_V6_IPS)'
59 if $::hostname == $cc_master {
61 $you6 = '2001:41c8:1000:21::21:15'
64 $you6 = '2001:41c8:1000:21::21:16'
67 @ferm::rule { 'rabbitmq_cluster':
69 description => 'rabbitmq cluster connections',
70 rule => "proto tcp mod state state (NEW) saddr (${you}) ACCEPT"
72 @ferm::rule { 'rabbitmq_cluster_v6':
74 description => 'rabbitmq cluster connections',
75 rule => "proto tcp mod state state (NEW) saddr (${you6}) ACCEPT"
77 @ferm::rule { 'rabbitmq_mgmt':
78 description => 'rabbitmq cluster connections',
79 rule => '&SERVICE_RANGE(tcp, 15672, $DSA_IPS)'
81 @ferm::rule { 'rabbitmq_mgmt_v6':
83 description => 'rabbitmq cluster connections',
84 rule => '&SERVICE_RANGE(tcp, 15672, $DSA_V6_IPS)'