diff options
author | Gaëtan Duchaussois <gaetan.duchaussois@fretlink.com> | 2018-07-11 15:11:49 +0200 |
---|---|---|
committer | Gaëtan Duchaussois <gaetan.duchaussois@fretlink.com> | 2018-07-11 17:50:46 +0200 |
commit | 567573e86ad7a28961dd9e4086b3f1226c9ed0b0 (patch) | |
tree | 919b7614c1ceef0e748c31a8c9bb0f95c56996f4 | |
parent | f0d4a36933db49494d544dc7c801fc5beb8b584d (diff) | |
download | ansible-rabbitmq-add_ssl_support.tar.gz ansible-rabbitmq-add_ssl_support.tar.zst ansible-rabbitmq-add_ssl_support.zip |
add ssl listener supportadd_ssl_support
-rw-r--r-- | defaults/main.yml | 12 | ||||
-rw-r--r-- | templates/etc/rabbitmq/rabbitmq.config.j2 | 18 |
2 files changed, 29 insertions, 1 deletions
diff --git a/defaults/main.yml b/defaults/main.yml index 90d7fb5..2c51370 100644 --- a/defaults/main.yml +++ b/defaults/main.yml | |||
@@ -26,6 +26,18 @@ rabbitmq_listeners: [] | |||
26 | # - '127.0.0.1' | 26 | # - '127.0.0.1' |
27 | # - '::1' | 27 | # - '::1' |
28 | 28 | ||
29 | rabbitmq_ssl_enable: false | ||
30 | rabbitmq_ssl_port: 5671 | ||
31 | rabbitmq_ssl_listeners: [] | ||
32 | # - '127.0.0.1' | ||
33 | # - '::1' | ||
34 | rabitmq_ssl_options: {} | ||
35 | # cacertfile: '"/path/to/testca/cacert.pem"' | ||
36 | # certfile: '"/path/to/server/cert.pem"' | ||
37 | # keyfile: '"/path/to/server/key.pem"' | ||
38 | # verify: verify_peer | ||
39 | # fail_if_no_peer_cert: "false" | ||
40 | |||
29 | # Defines the inventory host that should be considered master | 41 | # Defines the inventory host that should be considered master |
30 | rabbitmq_master: [] | 42 | rabbitmq_master: [] |
31 | 43 | ||
diff --git a/templates/etc/rabbitmq/rabbitmq.config.j2 b/templates/etc/rabbitmq/rabbitmq.config.j2 index 97ae132..c2d836a 100644 --- a/templates/etc/rabbitmq/rabbitmq.config.j2 +++ b/templates/etc/rabbitmq/rabbitmq.config.j2 | |||
@@ -1,9 +1,25 @@ | |||
1 | [ | 1 | [ |
2 | {rabbit, [ | 2 | {rabbit, [ |
3 | {% if rabbitmq_listeners is not defined %} | 3 | {% if rabbitmq_listeners is not defined or (rabbitmq_listeners | length) == 0 %} |
4 | {tcp_listeners, [{{ rabbitmq_listen_port }}]} | 4 | {tcp_listeners, [{{ rabbitmq_listen_port }}]} |
5 | {% elif rabbitmq_listeners is defined %} | 5 | {% elif rabbitmq_listeners is defined %} |
6 | {tcp_listeners, [{% for item in rabbitmq_listeners %}{"{{ item }}", {{ rabbitmq_listen_port }}}{% if not loop.last %}, {% endif %}{% endfor %}]} | 6 | {tcp_listeners, [{% for item in rabbitmq_listeners %}{"{{ item }}", {{ rabbitmq_listen_port }}}{% if not loop.last %}, {% endif %}{% endfor %}]} |
7 | {% endif %} | 7 | {% endif %} |
8 | {% if rabbitmq_ssl_enable %} | ||
9 | , | ||
10 | {num_ssl_acceptors, 10}, | ||
11 | {% if rabbitmq_ssl_listeners is not defined or (rabbitmq_ssl_listeners | length) == 0 %} | ||
12 | {ssl_listeners, [{{ rabbitmq_ssl_port }}]}, | ||
13 | {% elif rabbitmq_listeners is defined %} | ||
14 | {tcp_listeners, [{% for item in rabbitmq_ssl_listeners %}{"{{ item }}", {{ rabbitmq_ssl_port }}}{% if not loop.last %}, {% endif %}{% endfor %}]}, | ||
15 | {% endif %} | ||
16 | {% if rabbitmq_ssl_options is defined and (rabbitmq_ssl_options | length ) > 0 %} | ||
17 | {ssl_options, [ | ||
18 | {% for key in rabbitmq_ssl_options %} | ||
19 | { {{ key }}, {{ rabbitmq_ssl_options[key] }}}{% if not loop.last %}, {% endif %} | ||
20 | {% endfor %} | ||
21 | ]} | ||
22 | {% endif %} | ||
23 | {% endif %} | ||
8 | ]} | 24 | ]} |
9 | ]. | 25 | ]. |