Browse Source

Add per service switch to rabbitmq

Change-Id: Ied83e12b91944a96a870135f0f4a0aed9f9c9d29
Proskurin Kirill 2 years ago
parent
commit
f5d5b62c5d
2 changed files with 10 additions and 8 deletions
  1. 2
    0
      service/files/defaults.yaml
  2. 8
    8
      service/files/rabbitmq.config.j2

+ 2
- 0
service/files/defaults.yaml View File

@@ -12,6 +12,8 @@ configs:
12 12
     password: password
13 13
     erlang_cookie: erlang_cookie
14 14
     user: rabbitmq
15
+    tls:
16
+      enabled: true
15 17
 
16 18
     # How many seconds we give a node before making liveness checks
17 19
     # completely strict

+ 8
- 8
service/files/rabbitmq.config.j2 View File

@@ -1,13 +1,13 @@
1 1
 [
2 2
    {rabbit, [
3 3
       {dummy_param_without_comma, true}
4
-     {% if not security.tls.enabled %}
5
-     ,{tcp_listeners, [
4
+     {% if security.tls.enabled and rabbitmq.tls.enabled %}
5
+     ,{tcp_listeners, [] }
6
+     ,{ssl_listeners, [
6 7
         {"0.0.0.0", {{ rabbitmq.port.cont }} }
7 8
       ]}
8 9
      {% else %}
9
-     ,{tcp_listeners, [] }
10
-     ,{ssl_listeners, [
10
+     ,{tcp_listeners, [
11 11
         {"0.0.0.0", {{ rabbitmq.port.cont }} }
12 12
       ]}
13 13
      {% endif %}
@@ -16,7 +16,7 @@
16 16
      ,{loopback_users, []}
17 17
      ,{cluster_partition_handling, pause_minority}
18 18
      ,{queue_master_locator, <<"random">>}
19
-     {% if security.tls.enabled %}
19
+     {% if security.tls.enabled and rabbitmq.tls.enabled %}
20 20
      ,{ssl_options, [{cacertfile,"/opt/ccp/etc/tls/ca.pem"},
21 21
                     {certfile,"/opt/ccp/etc/tls/rabbitmq_certificate.pem"},
22 22
                     {keyfile,"/opt/ccp/etc/tls/rabbitmq_server_key.pem"},
@@ -32,10 +32,10 @@
32 32
      ,{cluster_cleanup, true}
33 33
      ,{cleanup_warn_only, false}
34 34
      ,{etcd_ttl, 15}
35
-    {% if not security.tls.enabled %}
36
-     ,{etcd_scheme, http}
37
-    {% else %}
35
+    {% if security.tls.enabled and etcd.tls.enabled %}
38 36
      ,{etcd_scheme, https}
37
+    {% else %}
38
+     ,{etcd_scheme, http}
39 39
     {% endif %}
40 40
      ,{etcd_host, "{{ address('etcd') }}"}
41 41
      ,{etcd_port, {{ etcd.client_port.cont }}}

Loading…
Cancel
Save