X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fpubsub%2Fentities.pp;h=5248bbc75254a67794eb755814ab0d9124803f9c;hb=1517f5e59bda6b8e85df9efad0a52f91afec5e68;hp=acbc1739d0f70a53d279a773298747e92eff9a54;hpb=d3cb659116b7c5d4ed4b24da4d1f95a2538db8fe;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/pubsub/entities.pp b/modules/roles/manifests/pubsub/entities.pp
index acbc1739d..5248bbc75 100644
--- a/modules/roles/manifests/pubsub/entities.pp
+++ b/modules/roles/manifests/pubsub/entities.pp
@@ -16,6 +16,7 @@ class roles::pubsub::entities {
 	$mailadm_password = $roles::pubsub::params::mailadm_password
 	$mailly_password  = $roles::pubsub::params::mailly_password
 	$muffat_password  = $roles::pubsub::params::muffat_password
+	$pet_password     = $roles::pubsub::params::pet_password
 
 	rabbitmq_user { 'admin':
 		admin    => true,
@@ -24,41 +25,51 @@ class roles::pubsub::entities {
 	}
 
 	rabbitmq_user { 'ftpteam':
-		admin    => true,
+		admin    => false,
 		password => $ftp_password,
 		provider => 'rabbitmqctl',
 	}
 
 	rabbitmq_user { 'buildd':
-		admin    => true,
+		admin    => false,
 		password => $buildd_password,
 		provider => 'rabbitmqctl',
 	}
 
 	rabbitmq_user { 'wbadm':
-		admin    => true,
+		admin    => false,
 		password => $wbadm_password,
 		provider => 'rabbitmqctl',
 	}
 
 	rabbitmq_user { 'mailadm':
-		admin    => true,
+		admin    => false,
 		password => $mailadm_password,
 		provider => 'rabbitmqctl',
 	}
 
 	rabbitmq_user { 'mailly':
-		admin    => true,
+		admin    => false,
 		password => $mailly_password,
 		provider => 'rabbitmqctl',
 	}
 
 	rabbitmq_user { 'muffat':
-		admin    => true,
+		admin    => false,
 		password => $muffat_password,
 		provider => 'rabbitmqctl',
 	}
 
+	rabbitmq_user { 'pet-devel':
+		admin    => false,
+		password => $pet_password,
+		provider => 'rabbitmqctl',
+	}
+
+	$do_hosts = keys($site::localinfo)
+
+	rabbitmq::autouser { $do_hosts: }
+
 	rabbitmq_vhost { 'packages':
 		ensure   => present,
 		provider => 'rabbitmqctl',
@@ -74,6 +85,11 @@ class roles::pubsub::entities {
 		provider => 'rabbitmqctl',
 	}
 
+	rabbitmq_vhost { 'pet':
+		ensure   => present,
+		provider => 'rabbitmqctl',
+	}
+
 	rabbitmq_user_permissions { 'admin@/':
 		configure_permission => '.*',
 		read_permission      => '.*',
@@ -115,6 +131,17 @@ class roles::pubsub::entities {
 		]
 	}
 
+	rabbitmq_user_permissions { 'admin@pet':
+		configure_permission => '.*',
+		read_permission      => '.*',
+		write_permission     => '.*',
+		provider             => 'rabbitmqctl',
+		require              => [
+			Rabbitmq_user['admin'],
+			Rabbitmq_vhost['pet']
+		]
+	}
+
 	rabbitmq_user_permissions { 'ftpteam@packages':
 		configure_permission => '.*',
 		read_permission      => '.*',
@@ -169,25 +196,14 @@ class roles::pubsub::entities {
 		]
 	}
 
-	rabbitmq_user_permissions { 'mailly@dsa':
-		configure_permission => '*',
-		read_permission      => '*',
-		write_permission     => '*',
-		provider             => 'rabbitmqctl',
-		require              => [
-			Rabbitmq_user['mailly'],
-			Rabbitmq_vhost['dsa']
-		]
-	}
-
-	rabbitmq_user_permissions { 'muffat@dsa':
-		configure_permission => '*',
-		read_permission      => '*',
-		write_permission     => '*',
+	rabbitmq_user_permissions { 'pet-devel@pet':
+		configure_permission => '.*',
+		read_permission      => '.*',
+		write_permission     => '.*',
 		provider             => 'rabbitmqctl',
 		require              => [
-			Rabbitmq_user['muffat'],
-			Rabbitmq_vhost['dsa']
+			Rabbitmq_user['pet-devel'],
+			Rabbitmq_vhost['pet']
 		]
 	}
 
@@ -212,6 +228,13 @@ class roles::pubsub::entities {
 		require => Rabbitmq_vhost['packages']
 	}
 
+	rabbitmq_policy { 'mirror_pet':
+		vhost   => 'pet',
+		match   => '.*',
+		policy  => '{"ha-mode":"all"}',
+		require => Rabbitmq_vhost['pet']
+	}
+
 	rabbitmq_plugin { 'rabbitmq_management':
 		ensure   => present,
 		provider => 'rabbitmqplugins',