Update to 2021-05-06 17:00

master
Daniel Berteaud 4 years ago
parent 10117271e9
commit d7dda79cb4
  1. 8
      roles/rabbitmq_server/defaults/main.yml
  2. 13
      roles/rabbitmq_server/tasks/conf.yml
  3. 5
      roles/rabbitmq_server/tasks/facts.yml
  4. 13
      roles/rabbitmq_server/tasks/iptables.yml
  5. 1
      roles/rabbitmq_server/tasks/main.yml
  6. 1
      roles/rabbitmq_server/templates/enabled_plugins.j2
  7. 4
      roles/rabbitmq_server/templates/rabbitmq.conf.j2

@ -6,5 +6,13 @@ rabbitmq_port: 5672
# Access to the plain port # Access to the plain port
rabbitmq_src_ip: [] rabbitmq_src_ip: []
# HTTP API / Web management interface
rabbitmq_web_port: 15672
rabbitmq_web_src_ip: []
# Should the guest user available from anywhere ? If False, it'll only be accepted from loopback # Should the guest user available from anywhere ? If False, it'll only be accepted from loopback
rabbitmq_guest_from_anywhere: False rabbitmq_guest_from_anywhere: False
# List of plugins to enable
rabbitmq_plugins:
- rabbitmq_management

@ -1,6 +1,17 @@
--- ---
- name: Remove unused config
file: path=/etc/rabbitmq/rabbitmq.config state=absent
when: rabbitmq_conf == 'rabbit.conf'
notify: restart rabbitmq-server
tags: rabbit
- name: Deploy configuration - name: Deploy configuration
template: src=rabbitmq.config.j2 dest=/etc/rabbitmq/rabbitmq.config template: src={{ rabbitmq_conf }}.j2 dest=/etc/rabbitmq/{{ rabbitmq_conf }}
notify: restart rabbitmq-server
tags: rabbitmq
- name: Deploy plugins to enable
template: src=enabled_plugins.j2 dest=/etc/rabbitmq/enabled_plugins
notify: restart rabbitmq-server notify: restart rabbitmq-server
tags: rabbitmq tags: rabbitmq

@ -0,0 +1,5 @@
---
# On EL8 and newer, rabbitmq config uses the new format
- set_fact: rabbitmq_conf={{ ansible_distribution_major_version is version('8','>=') | ternary('rabbitmq.conf','rabbitmq.config') }}
tags: rabbitmq

@ -2,7 +2,14 @@
- name: Handle RabbitMQ Server port in the firewall - name: Handle RabbitMQ Server port in the firewall
iptables_raw: iptables_raw:
name: rabbitmq_port name: "{{ item.name }}"
state: "{{ (rabbitmq_src_ip | length > 0) | ternary('present','absent') }}" state: "{{ (item.src_ip | length > 0) | ternary('present','absent') }}"
rules: "-A INPUT -m state --state NEW -p tcp --dport {{ rabbitmq_port }} -s {{ rabbitmq_src_ip | join(',') }} -j ACCEPT" rules: "-A INPUT -m state --state NEW -p tcp --dport {{ item.port }} -s {{ item.src_ip | join(',') }} -j ACCEPT"
loop:
- name: rabbitmq_port
port: "{{ rabbitmq_port }}"
src_ip: "{{ rabbitmq_src_ip }}"
- name: rabbitmq_web_port
port: "{{ rabbitmq_web_port }}"
src_ip: "{{ rabbitmq_web_src_ip }}"
tags: firewall,rabbitmq tags: firewall,rabbitmq

@ -1,5 +1,6 @@
--- ---
- include: facts.yml
- include: install.yml - include: install.yml
- include: conf.yml - include: conf.yml
- include: iptables.yml - include: iptables.yml

@ -0,0 +1 @@
[{{ rabbitmq_plugins | join(',') }}].

@ -0,0 +1,4 @@
listeners.tcp.default = {{ rabbitmq_port }}
loopback_users.guest = {{ rabbitmq_guest_from_anywhere | ternary('false','true') }}
management.tcp.port = {{ rabbitmq_web_port }}
management.tcp.ip = 0.0.0.0
Loading…
Cancel
Save