projects / mirror / dsa-puppet.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Update 3rdparty rabbitmq module
[mirror/dsa-puppet.git] / 3rdparty / modules / rabbitmq / manifests / config.pp
1 # Class: rabbitmq::config
2 # Sets all the configuration values for RabbitMQ and creates the directories for
3 # config and ssl.
4 class rabbitmq::config {
5
6   $admin_enable                        = $rabbitmq::admin_enable
7   $cluster_node_type                   = $rabbitmq::cluster_node_type
8   $cluster_nodes                       = $rabbitmq::cluster_nodes
9   $config                              = $rabbitmq::config
10   $config_cluster                      = $rabbitmq::config_cluster
11   $config_path                         = $rabbitmq::config_path
12   $config_ranch                        = $rabbitmq::config_ranch
13   $config_stomp                        = $rabbitmq::config_stomp
14   $config_shovel                       = $rabbitmq::config_shovel
15   $config_shovel_statics               = $rabbitmq::config_shovel_statics
16   $default_user                        = $rabbitmq::default_user
17   $default_pass                        = $rabbitmq::default_pass
18   $env_config                          = $rabbitmq::env_config
19   $env_config_path                     = $rabbitmq::env_config_path
20   $erlang_cookie                       = $rabbitmq::erlang_cookie
21   $interface                           = $rabbitmq::interface
22   $management_port                     = $rabbitmq::management_port
23   $management_ssl                      = $rabbitmq::management_ssl
24   $management_hostname                 = $rabbitmq::management_hostname
25   $node_ip_address                     = $rabbitmq::node_ip_address
26   $rabbitmq_user                       = $rabbitmq::rabbitmq_user
27   $rabbitmq_group                      = $rabbitmq::rabbitmq_group
28   $rabbitmq_home                       = $rabbitmq::rabbitmq_home
29   $port                                = $rabbitmq::port
30   $tcp_keepalive                       = $rabbitmq::tcp_keepalive
31   $tcp_backlog                         = $rabbitmq::tcp_backlog
32   $tcp_sndbuf                          = $rabbitmq::tcp_sndbuf
33   $tcp_recbuf                          = $rabbitmq::tcp_recbuf
34   $heartbeat                           = $rabbitmq::heartbeat
35   $service_name                        = $rabbitmq::service_name
36   $ssl                                 = $rabbitmq::ssl
37   $ssl_only                            = $rabbitmq::ssl_only
38   $ssl_cacert                          = $rabbitmq::ssl_cacert
39   $ssl_cert                            = $rabbitmq::ssl_cert
40   $ssl_key                             = $rabbitmq::ssl_key
41   $ssl_depth                           = $rabbitmq::ssl_depth
42   $ssl_cert_password                   = $rabbitmq::ssl_cert_password
43   $ssl_port                            = $rabbitmq::ssl_port
44   $ssl_interface                       = $rabbitmq::ssl_interface
45   $ssl_management_port                 = $rabbitmq::ssl_management_port
46   $ssl_management_verify               = $rabbitmq::ssl_management_verify
47   $ssl_management_fail_if_no_peer_cert = $rabbitmq::ssl_management_fail_if_no_peer_cert
48   $ssl_stomp_port                      = $rabbitmq::ssl_stomp_port
49   $ssl_verify                          = $rabbitmq::ssl_verify
50   $ssl_fail_if_no_peer_cert            = $rabbitmq::ssl_fail_if_no_peer_cert
51   $ssl_secure_renegotiate              = $rabbitmq::ssl_secure_renegotiate
52   $ssl_reuse_sessions                  = $rabbitmq::ssl_reuse_sessions
53   $ssl_honor_cipher_order              = $rabbitmq::ssl_honor_cipher_order
54   $ssl_dhfile                          = $rabbitmq::ssl_dhfile
55   $ssl_versions                        = $rabbitmq::ssl_versions
56   $ssl_ciphers                         = $rabbitmq::ssl_ciphers
57   $stomp_port                          = $rabbitmq::stomp_port
58   $stomp_ssl_only                      = $rabbitmq::stomp_ssl_only
59   $ldap_auth                           = $rabbitmq::ldap_auth
60   $ldap_server                         = $rabbitmq::ldap_server
61   $ldap_user_dn_pattern                = $rabbitmq::ldap_user_dn_pattern
62   $ldap_other_bind                     = $rabbitmq::ldap_other_bind
63   $ldap_use_ssl                        = $rabbitmq::ldap_use_ssl
64   $ldap_port                           = $rabbitmq::ldap_port
65   $ldap_log                            = $rabbitmq::ldap_log
66   $ldap_config_variables               = $rabbitmq::ldap_config_variables
67   $wipe_db_on_cookie_change            = $rabbitmq::wipe_db_on_cookie_change
68   $config_variables                    = $rabbitmq::config_variables
69   $config_kernel_variables             = $rabbitmq::config_kernel_variables
70   $config_management_variables         = $rabbitmq::config_management_variables
71   $config_additional_variables         = $rabbitmq::config_additional_variables
72   $auth_backends                       = $rabbitmq::auth_backends
73   $cluster_partition_handling          = $rabbitmq::cluster_partition_handling
74   $file_limit                          = $rabbitmq::file_limit
75   $collect_statistics_interval         = $rabbitmq::collect_statistics_interval
76   $ipv6                                = $rabbitmq::ipv6
77   $inetrc_config                       = $rabbitmq::inetrc_config
78   $inetrc_config_path                  = $rabbitmq::inetrc_config_path
79   $ssl_erl_dist                        = $rabbitmq::ssl_erl_dist
80   $loopback_users                      = $rabbitmq::loopback_users
81
82   if $ssl_only {
83     $default_ssl_env_variables = {}
84   } else {
85     $default_ssl_env_variables = {
86       'NODE_PORT'        => $port,
87       'NODE_IP_ADDRESS'  => $node_ip_address,
88     }
89   }
90
91   # This seems like a sensible default, and I think we have to assign it here
92   # to be safe. Use $node_ip_address (which can also be undef) if
93   # $management_ip_address is not set.
94   if $rabbitmq::management_ip_address {
95     $management_ip_address = $rabbitmq::management_ip_address
96   } else {
97     $management_ip_address = $rabbitmq::node_ip_address
98   }
99
100   $inetrc_env = {'export ERL_INETRC' => $inetrc_config_path}
101
102   # Handle env variables.
103   $_environment_variables = $default_ssl_env_variables + $inetrc_env + $rabbitmq::environment_variables
104
105   if $ipv6 or $ssl_erl_dist {
106     # must append "-proto_dist inet6_tcp" to any provided ERL_ARGS for
107     # both the server and rabbitmqctl, being careful not to mess up
108     # quoting. If both IPv6 and TLS are enabled, we must use "inet6_tls".
109     # Finally, if only TLS is enabled (no IPv6), the -proto_dist value to use
110     # is "inet_tls".
111     if $ipv6 and $ssl_erl_dist {
112       $proto_dist = 'inet6_tls'
113       $ssl_path = " -pa ${::erl_ssl_path} "
114     } elsif $ssl_erl_dist {
115       $proto_dist = 'inet_tls'
116       $ssl_path = " -pa ${::erl_ssl_path} "
117     } else {
118       $proto_dist = 'inet6_tcp'
119       $ssl_path = ''
120     }
121     $ipv6_or_tls_env = ['SERVER', 'CTL'].reduce({}) |$memo, $item| {
122       $orig = $_environment_variables["RABBITMQ_${item}_ERL_ARGS"]
123       $munged = $orig ? {
124         # already quoted, keep quoting
125         /^([\'\"])(.*)\1/ => "${1}${2}${ssl_path} -proto_dist ${proto_dist}${1}",
126         # unset, add our own quoted value
127         undef             => "\"${ssl_path}-proto_dist ${proto_dist}\"",
128         # previously unquoted value, add quoting
129         default           => "\"${orig}${ssl_path} -proto_dist ${proto_dist}\"",
130       }
131
132       merge($memo, {"RABBITMQ_${item}_ERL_ARGS" => $munged})
133     }
134
135     $environment_variables = $_environment_variables + $ipv6_or_tls_env
136   } else {
137     $environment_variables = $_environment_variables
138   }
139
140   file { '/etc/rabbitmq':
141     ensure => directory,
142     owner  => '0',
143     group  => '0',
144     mode   => '0755',
145   }
146
147   file { '/etc/rabbitmq/ssl':
148     ensure => directory,
149     owner  => '0',
150     group  => '0',
151     mode   => '0755',
152   }
153
154   file { 'rabbitmq.config':
155     ensure  => file,
156     path    => $config_path,
157     content => template($config),
158     owner   => '0',
159     group   => $rabbitmq_group,
160     mode    => '0640',
161   }
162
163   file { 'rabbitmq-env.config':
164     ensure  => file,
165     path    => $env_config_path,
166     content => template($env_config),
167     owner   => '0',
168     group   => $rabbitmq_group,
169     mode    => '0640',
170   }
171
172   file { 'rabbitmq-inetrc':
173     ensure  => file,
174     path    => $inetrc_config_path,
175     content => template($inetrc_config),
176     owner   => '0',
177     group   => $rabbitmq_group,
178     mode    => '0640',
179   }
180
181   if $admin_enable {
182     file { 'rabbitmqadmin.conf':
183       ensure  => file,
184       path    => '/etc/rabbitmq/rabbitmqadmin.conf',
185       content => template('rabbitmq/rabbitmqadmin.conf.erb'),
186       owner   => '0',
187       group   => $rabbitmq_group,
188       mode    => '0640',
189       require => File['/etc/rabbitmq'],
190     }
191   }
192
193   case $facts['os']['family'] {
194     'Debian': {
195       file { '/etc/default/rabbitmq-server':
196         ensure  => file,
197         content => template('rabbitmq/default.erb'),
198         mode    => '0644',
199         owner   => '0',
200         group   => '0',
201       }
202     }
203     'RedHat': {
204       file { '/etc/security/limits.d/rabbitmq-server.conf':
205         content => template('rabbitmq/limits.conf'),
206         owner   => '0',
207         group   => '0',
208         mode    => '0644',
209       }
210     }
211     default: { }
212   }
213
214   if $facts['systemd'] { # systemd fact provided by systemd module
215     systemd::service_limits { "${service_name}.service":
216       limits          => {'LimitNOFILE' => $file_limit},
217       # The service will be notified when config changes
218       restart_service => false,
219     }
220   }
221
222   if $erlang_cookie == undef and $config_cluster {
223     fail('You must set the $erlang_cookie value in order to configure clustering.')
224   } elsif $erlang_cookie != undef {
225     rabbitmq_erlang_cookie { "${rabbitmq_home}/.erlang.cookie":
226       content        => $erlang_cookie,
227       force          => $wipe_db_on_cookie_change,
228       rabbitmq_user  => $rabbitmq_user,
229       rabbitmq_group => $rabbitmq_group,
230       rabbitmq_home  => $rabbitmq_home,
231       service_name   => $service_name,
232       before         => File['rabbitmq.config'],
233     }
234   }
235 }
Unnamed repository; edit this file 'description' to name the repository.