62 lines
1.5 KiB
Bash
Executable File
62 lines
1.5 KiB
Bash
Executable File
#!/bin/bash
|
|
set -ue
|
|
|
|
# peer gives us a username, we generate credentials and access in return
|
|
RABBIT_USER=`relation-get username`
|
|
|
|
DEFAULT_ETH=$(ip route | grep default | awk '{ print $5 }')
|
|
IP=$(ifconfig $DEFAULT_ETH | grep 'inet addr' | awk '{ print $2 }' | cut -d: -f2)
|
|
|
|
RABBIT_CTL='rabbitmqctl'
|
|
PASSWD_FILE="/var/run/ensemble/$RABBIT_USER.passwd"
|
|
|
|
if ! which pwgen ; then apt-get -y install pwgen ; fi
|
|
|
|
if [[ -e $PASSWD_FILE ]] ; then
|
|
PASSWORD=$(cat $PASSWD_FILE)
|
|
else
|
|
PASSWORD=$(pwgen 10 1)
|
|
echo $PASSWORD >$PASSWD_FILE
|
|
chmod 0400 $PASSWD_FILE
|
|
fi
|
|
|
|
if [[ -z $RABBIT_USER ]] ; then
|
|
ensemble-log "Peer not ready."
|
|
exit 0
|
|
fi
|
|
|
|
function user_exists {
|
|
$RABBIT_CTL list_users | grep $1 >/dev/null
|
|
}
|
|
|
|
function user_is_admin {
|
|
$RABBIT_CTL list_users | grep $1 | grep true >/dev/null
|
|
}
|
|
|
|
function user_create {
|
|
ensemble-log "Creating user $1."
|
|
|
|
$RABBIT_CTL add_user $1 $PASSWORD || return 1
|
|
|
|
# grant the user all permissions on the default vhost /
|
|
# TODO: investigate sane permissions
|
|
ensemble-log "Granting permission to $1 on vhost /"
|
|
$RABBIT_CTL set_permissions -p / $1 ".*" ".*" ".*"
|
|
|
|
if [[ $2 == 'admin' ]] ; then
|
|
user_is_admin $1 && return 0
|
|
ensemble-log "Granting user $1 admin access"
|
|
$RABBIT_CTL set_admin $1 || return 1
|
|
fi
|
|
}
|
|
|
|
if ! user_exists $RABBIT_USER ; then
|
|
user_create $RABBIT_USER admin || exit 1
|
|
else
|
|
ensemble-log "RabbiqMQ user $RABBIT_USER already exists."
|
|
fi
|
|
|
|
ensemble-log "Giving peer credentials for $RABBIT_USER@$IP"
|
|
relation-set ip=$IP
|
|
relation-set password=$PASSWORD
|