openstack/openstack-ansible-rabbitmq_server
Code Issues Proposed changes
Files
e707eecdd84b420c9f8af318959f6e5653d0c0e8
openstack-ansible-rabbitmq_…/templates/rabbitmq.conf.j2
Dmitriy Rabotyagov e707eecdd8 Use sysctl ini-like config file 
Starting from RabbitMQ 3.7.0 it's recommended to use new-style
config which is simply an ini file.

It's easier to read and maintain config file in ini fromat rather then
in classic erlang.

At the same time we still keep old-style config as it might have settings
that are not supported in new-style config.

There're no evidences that used there options are still supported,
but it's worth deprecating them in follow-up patch anyway.

Change-Id: I239366ad4aa2bc7a02d826b6c2f94631f4b0e622
2022-01-25 19:27:01 +02:00

71 lines
2.6 KiB
Django/Jinja
Raw Blame History

collect_statistics_interval = {{ rabbitmq_collect_statistics_interval }}
{% for key, value in rabbitmq_port_bindings.items() %}
{% if 'tcp' in key %}
{% set _opt = 'tcp' %}
{% elif 'ssl' in key %}
{% set _opt = 'ssl' %}
{% endif %}
{% for _key, _value in value.items() %}
listeners.{{ _opt }}.{{ loop.index }} = {{ _key }}:{{ _value }}
{% endfor %}
{% endfor %}
ssl_options.certfile = {{ rabbitmq_ssl_cert }}
ssl_options.keyfile = {{ rabbitmq_ssl_key }}
{% if rabbitmq_user_ssl_ca_cert is defined -%}
ssl_options.cacertfile = {{ rabbitmq_ssl_ca_cert }}
{% endif %}
ssl_options.honor_cipher_order = true
ssl_options.honor_ecc_order = true
{% if "tlsv1.3" not in rabbitmq_ssl_tls_versions %}
ssl_options.client_renegotiation = false
ssl_options.secure_renegotiate = true
{% endif %}
{% for version in rabbitmq_ssl_tls_versions %}
ssl_options.versions.{{ loop.index }} = {{ version }}
{% endfor %}
{% for cipher in rabbitmq_ssl_ciphers %}
ssl_options.ciphers.{{ loop.index }} = {{ cipher }}
{% endfor %}
ssl_options.verify = {{ rabbitmq_ssl_verify | lower }}
ssl_options.fail_if_no_peer_cert = {{ rabbitmq_ssl_fail_if_no_peer_cert | lower }}
{% if rabbitmq_memory_high_watermark is float %}
{% set watermark_type = 'relative' %}
{% else %}
{% set watermark_type = 'absolute' %}
{% endif %}
vm_memory_high_watermark.{{ watermark_type }} = {{ rabbitmq_memory_high_watermark }}
cluster_partition_handling = {{ rabbitmq_cluster_partition_handling }}
# Management plugin configuration
{% if rabbitmq_management_ssl %}
management.ssl.ip = {{ rabbitmq_management_bind_address }}
management.ssl.port = {{ rabbitmq_management_bind_tls_port }}
management.ssl.certfile = {{ rabbitmq_ssl_cert }}
management.ssl.keyfile = {{ rabbitmq_ssl_key }}
{% if rabbitmq_user_ssl_ca_cert is defined -%}
management.ssl.cacertfile = {{ rabbitmq_ssl_ca_cert }}
{% endif %}
management.ssl.honor_cipher_order = true
management.ssl.honor_ecc_order = true
{% if "tlsv1.3" not in rabbitmq_ssl_tls_versions %}
management.ssl.client_renegotiation = false
management.ssl.secure_renegotiate = true
{% endif %}
{% for version in rabbitmq_ssl_tls_versions %}
management.ssl.versions.{{ loop.index }} = {{ version }}
{% endfor %}
{% for cipher in rabbitmq_ssl_ciphers %}
management.ssl.ciphers.{{ loop.index }} = {{ cipher }}
{% endfor %}
management.ssl.verify = {{ rabbitmq_ssl_verify | lower }}
management.ssl.fail_if_no_peer_cert = {{ rabbitmq_ssl_fail_if_no_peer_cert | lower }}
{% else %}
management.tcp.ip = {{ rabbitmq_management_bind_address }}
management.tcp.port = {{ rabbitmq_management_bind_tcp_port }}
{% endif %}
View Git Blame Copy Permalink