1 # Class: rabbitmq::config
2 # Sets all the configuration values for RabbitMQ and creates the directories for
4 class rabbitmq::config {
6 $admin_enable = $rabbitmq::admin_enable
7 $cluster_node_type = $rabbitmq::cluster_node_type
8 $cluster_nodes = $rabbitmq::cluster_nodes
9 $config = $rabbitmq::config
10 $config_cluster = $rabbitmq::config_cluster
11 $config_path = $rabbitmq::config_path
12 $config_ranch = $rabbitmq::config_ranch
13 $config_stomp = $rabbitmq::config_stomp
14 $config_shovel = $rabbitmq::config_shovel
15 $config_shovel_statics = $rabbitmq::config_shovel_statics
16 $default_user = $rabbitmq::default_user
17 $default_pass = $rabbitmq::default_pass
18 $env_config = $rabbitmq::env_config
19 $env_config_path = $rabbitmq::env_config_path
20 $erlang_cookie = $rabbitmq::erlang_cookie
21 $interface = $rabbitmq::interface
22 $management_port = $rabbitmq::management_port
23 $management_ssl = $rabbitmq::management_ssl
24 $management_hostname = $rabbitmq::management_hostname
25 $node_ip_address = $rabbitmq::node_ip_address
26 $rabbitmq_user = $rabbitmq::rabbitmq_user
27 $rabbitmq_group = $rabbitmq::rabbitmq_group
28 $rabbitmq_home = $rabbitmq::rabbitmq_home
29 $port = $rabbitmq::port
30 $tcp_keepalive = $rabbitmq::tcp_keepalive
31 $tcp_backlog = $rabbitmq::tcp_backlog
32 $tcp_sndbuf = $rabbitmq::tcp_sndbuf
33 $tcp_recbuf = $rabbitmq::tcp_recbuf
34 $heartbeat = $rabbitmq::heartbeat
35 $service_name = $rabbitmq::service_name
37 $ssl_only = $rabbitmq::ssl_only
38 $ssl_cacert = $rabbitmq::ssl_cacert
39 $ssl_cert = $rabbitmq::ssl_cert
40 $ssl_key = $rabbitmq::ssl_key
41 $ssl_depth = $rabbitmq::ssl_depth
42 $ssl_cert_password = $rabbitmq::ssl_cert_password
43 $ssl_port = $rabbitmq::ssl_port
44 $ssl_interface = $rabbitmq::ssl_interface
45 $ssl_management_port = $rabbitmq::ssl_management_port
46 $ssl_management_verify = $rabbitmq::ssl_management_verify
47 $ssl_management_fail_if_no_peer_cert = $rabbitmq::ssl_management_fail_if_no_peer_cert
48 $ssl_stomp_port = $rabbitmq::ssl_stomp_port
49 $ssl_verify = $rabbitmq::ssl_verify
50 $ssl_fail_if_no_peer_cert = $rabbitmq::ssl_fail_if_no_peer_cert
51 $ssl_secure_renegotiate = $rabbitmq::ssl_secure_renegotiate
52 $ssl_reuse_sessions = $rabbitmq::ssl_reuse_sessions
53 $ssl_honor_cipher_order = $rabbitmq::ssl_honor_cipher_order
54 $ssl_dhfile = $rabbitmq::ssl_dhfile
55 $ssl_versions = $rabbitmq::ssl_versions
56 $ssl_ciphers = $rabbitmq::ssl_ciphers
57 $stomp_port = $rabbitmq::stomp_port
58 $stomp_ssl_only = $rabbitmq::stomp_ssl_only
59 $ldap_auth = $rabbitmq::ldap_auth
60 $ldap_server = $rabbitmq::ldap_server
61 $ldap_user_dn_pattern = $rabbitmq::ldap_user_dn_pattern
62 $ldap_other_bind = $rabbitmq::ldap_other_bind
63 $ldap_use_ssl = $rabbitmq::ldap_use_ssl
64 $ldap_port = $rabbitmq::ldap_port
65 $ldap_log = $rabbitmq::ldap_log
66 $ldap_config_variables = $rabbitmq::ldap_config_variables
67 $wipe_db_on_cookie_change = $rabbitmq::wipe_db_on_cookie_change
68 $config_variables = $rabbitmq::config_variables
69 $config_kernel_variables = $rabbitmq::config_kernel_variables
70 $config_management_variables = $rabbitmq::config_management_variables
71 $config_additional_variables = $rabbitmq::config_additional_variables
72 $auth_backends = $rabbitmq::auth_backends
73 $cluster_partition_handling = $rabbitmq::cluster_partition_handling
74 $file_limit = $rabbitmq::file_limit
75 $collect_statistics_interval = $rabbitmq::collect_statistics_interval
76 $ipv6 = $rabbitmq::ipv6
77 $inetrc_config = $rabbitmq::inetrc_config
78 $inetrc_config_path = $rabbitmq::inetrc_config_path
79 $ssl_erl_dist = $rabbitmq::ssl_erl_dist
80 $loopback_users = $rabbitmq::loopback_users
83 $default_ssl_env_variables = {}
85 $default_ssl_env_variables = {
87 'NODE_IP_ADDRESS' => $node_ip_address,
91 # This seems like a sensible default, and I think we have to assign it here
92 # to be safe. Use $node_ip_address (which can also be undef) if
93 # $management_ip_address is not set.
94 if $rabbitmq::management_ip_address {
95 $management_ip_address = $rabbitmq::management_ip_address
97 $management_ip_address = $rabbitmq::node_ip_address
100 $inetrc_env = {'export ERL_INETRC' => $inetrc_config_path}
102 # Handle env variables.
103 $_environment_variables = $default_ssl_env_variables + $inetrc_env + $rabbitmq::environment_variables
105 if $ipv6 or $ssl_erl_dist {
106 # must append "-proto_dist inet6_tcp" to any provided ERL_ARGS for
107 # both the server and rabbitmqctl, being careful not to mess up
108 # quoting. If both IPv6 and TLS are enabled, we must use "inet6_tls".
109 # Finally, if only TLS is enabled (no IPv6), the -proto_dist value to use
111 if $ipv6 and $ssl_erl_dist {
112 $proto_dist = 'inet6_tls'
113 $ssl_path = " -pa ${::erl_ssl_path} "
114 } elsif $ssl_erl_dist {
115 $proto_dist = 'inet_tls'
116 $ssl_path = " -pa ${::erl_ssl_path} "
118 $proto_dist = 'inet6_tcp'
121 $ipv6_or_tls_env = ['SERVER', 'CTL'].reduce({}) |$memo, $item| {
122 $orig = $_environment_variables["RABBITMQ_${item}_ERL_ARGS"]
124 # already quoted, keep quoting
125 /^([\'\"])(.*)\1/ => "${1}${2}${ssl_path} -proto_dist ${proto_dist}${1}",
126 # unset, add our own quoted value
127 undef => "\"${ssl_path}-proto_dist ${proto_dist}\"",
128 # previously unquoted value, add quoting
129 default => "\"${orig}${ssl_path} -proto_dist ${proto_dist}\"",
132 merge($memo, {"RABBITMQ_${item}_ERL_ARGS" => $munged})
135 $environment_variables = $_environment_variables + $ipv6_or_tls_env
137 $environment_variables = $_environment_variables
140 file { '/etc/rabbitmq':
147 file { '/etc/rabbitmq/ssl':
154 file { 'rabbitmq.config':
156 path => $config_path,
157 content => template($config),
159 group => $rabbitmq_group,
163 file { 'rabbitmq-env.config':
165 path => $env_config_path,
166 content => template($env_config),
168 group => $rabbitmq_group,
172 file { 'rabbitmq-inetrc':
174 path => $inetrc_config_path,
175 content => template($inetrc_config),
177 group => $rabbitmq_group,
182 file { 'rabbitmqadmin.conf':
184 path => '/etc/rabbitmq/rabbitmqadmin.conf',
185 content => template('rabbitmq/rabbitmqadmin.conf.erb'),
187 group => $rabbitmq_group,
189 require => File['/etc/rabbitmq'],
193 case $facts['os']['family'] {
195 file { '/etc/default/rabbitmq-server':
197 content => template('rabbitmq/default.erb'),
204 file { '/etc/security/limits.d/rabbitmq-server.conf':
205 content => template('rabbitmq/limits.conf'),
214 if $facts['systemd'] { # systemd fact provided by systemd module
215 systemd::service_limits { "${service_name}.service":
216 limits => {'LimitNOFILE' => $file_limit},
217 # The service will be notified when config changes
218 restart_service => false,
222 if $erlang_cookie == undef and $config_cluster {
223 fail('You must set the $erlang_cookie value in order to configure clustering.')
224 } elsif $erlang_cookie != undef {
225 rabbitmq_erlang_cookie { "${rabbitmq_home}/.erlang.cookie":
226 content => $erlang_cookie,
227 force => $wipe_db_on_cookie_change,
228 rabbitmq_user => $rabbitmq_user,
229 rabbitmq_group => $rabbitmq_group,
230 rabbitmq_home => $rabbitmq_home,
231 service_name => $service_name,
232 before => File['rabbitmq.config'],