From e91eacfe5368e6ffe504140902e1d3fb5783d059 Mon Sep 17 00:00:00 2001
From: Stephen Gran <steve@lobefin.net>
Date: Tue, 10 Sep 2013 22:11:17 +0100
Subject: [PATCH] try ssl for management

Signed-off-by: Stephen Gran <steve@lobefin.net>
---
 modules/roles/files/pubsub/rabbitmq-mgmt.config | 12 ++++++++++++
 modules/roles/manifests/pubsub.pp               |  6 ++++++
 2 files changed, 18 insertions(+)
 create mode 100644 modules/roles/files/pubsub/rabbitmq-mgmt.config

diff --git a/modules/roles/files/pubsub/rabbitmq-mgmt.config b/modules/roles/files/pubsub/rabbitmq-mgmt.config
new file mode 100644
index 000000000..4710fb501
--- /dev/null
+++ b/modules/roles/files/pubsub/rabbitmq-mgmt.config
@@ -0,0 +1,12 @@
+,{rabbitmq_management,
+	[{listener, [
+		{port,     15672},
+		{ssl,      true},
+		{ssl_options, [
+			{cacertfile,"/etc/ssl/debian/certs/ca.crt"},
+			{certfile,"/etc/ssl/debian/certs/thishost-server.crt"},
+			{keyfile,"/etc/ssl/debian/keys/thishost-server.key"},
+			{verify,verify_none},
+			{fail_if_no_peer_cert,false}]}
+	]}
+]}
diff --git a/modules/roles/manifests/pubsub.pp b/modules/roles/manifests/pubsub.pp
index 43f2c6f20..9cc7bb7d9 100644
--- a/modules/roles/manifests/pubsub.pp
+++ b/modules/roles/manifests/pubsub.pp
@@ -31,6 +31,12 @@ class roles::pubsub {
 		source => 'puppet:///modules/roles/pubsub/rabbitmq.config'
 	}
 
+	concat::fragment { 'rabbit_mgmt_ssl':
+		target => '/etc/rabbitmq/rabbitmq.config',
+		order  => 55,
+		source => 'puppet:///modules/roles/pubsub/rabbitmq-mgmt.config'
+	}
+
 	rabbitmq_user { 'admin':
 		admin    => true,
 		password => $admin_password,
-- 
2.20.1