Merge pull request #12 from mrlesmithjr/enhancements/issues-9-10-11

Enhancements/issues 9 10 11

15 files changed, 865 insertions, 153 deletions

diff --git a/README.md b/README.md
index 99c019d..b3b03ad 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 Role Name
 =========
 
-Installs rabbitmq https://www.rabbitmq.com/ (Configurable...HA and Clustering ready)
+An [Ansible] role to install/configure [RabbitMQ]
 
 Build Status
 ------------
@@ -11,67 +11,30 @@ Build Status
 Requirements
 ------------
 
-Ensure hostnames are resolvable prior to clustering...either update /etc/hosts or ensure DNS is working.
+Ensure hostnames are resolvable prior to clustering...either update /etc/hosts
+or ensure DNS is working.
 
 Vagrant
 -------
 
 Spin up a 3 node HA Cluster for testing...  
 Install Ansible role on your host:  
-````
+```
 sudo ansible-galaxy install -r requirements.yml -f
-````
+```
 Now spin up your environment...  
-````
+```
 vagrant up
-````
+```
 When you are done testing, tear it all down...  
-````
+```
 ./cleanup.sh
-````
+```
 
 Role Variables
 --------------
 
-````
----
-# defaults file for ansible-rabbitmq
-rabbitmq_config_ha: false  #defines if rabbitmq ha should be configured...define here or in group_vars/group
-rabbitmq_enable_clustering: false  #defines if setting up a rabbitmq cluster...define here or in group_vars/group
-rabbitmq_erlang_cookie: 'LSKNKBELKPSTDBBCHETL'  #define erlang cookie for cluster...define here or in group_vars/group
-rabbitmq_erlang_cookie_file: '/var/lib/rabbitmq/.erlang.cookie'
-rabbitmq_config:
-  - queue_name: logstash
-    durable: true
-    exchange_name: logstash
-    type: direct
-    routing_key: logstash
-    tags: 'ha-mode=all,ha-sync-mode=automatic'
-rabbitmq_debian_repo: 'deb http://www.rabbitmq.com/debian/ testing main'
-rabbitmq_debian_repo_key: 'http://www.rabbitmq.com/rabbitmq-signing-key-public.asc'
-rabbitmq_master: []  #defines the inventory host that should be considered master...define here or in group_vars/group
-rabbitmq_redhat_repo_key: 'https://www.rabbitmq.com/rabbitmq-signing-key-public.asc'
-rabbitmq_redhat_package: 'rabbitmq-server-{{ rabbitmq_redhat_version }}-1.noarch.rpm'
-rabbitmq_redhat_url: 'http://www.rabbitmq.com/releases/rabbitmq-server/v{{ rabbitmq_redhat_version }}'
-rabbitmq_redhat_version: '3.6.1'
-rabbitmq_users:  #define admin user to create in order to login to WebUI
-  - name: rabbitmqadmin
-    password: rabbitmqadmin
-    vhost: /
-    configure_priv: '.*'
-    read_priv: '.*'
-    write_priv: '.*'
-    tags: 'administrator'  #define comma separated list of tags to assign to user....management,policymaker,monitoring,administrator...required for management plugin. https://www.rabbitmq.com/management.html
-````
-
-example...
-group_vars/rabbitmq-cluster-nodes
-````
----
-rabbitmq_enable_clustering: true
-rabbitmq_config_ha: false
-rabbitmq_master: ans-test-1
-````
+[Role Defaults](./defaults/main.yml)
 
 Dependencies
 ------------
@@ -81,33 +44,7 @@ None
 Example Playbook
 ----------------
 
-````
----
-- hosts: all
-  become: true
-  vars:
-    - pri_domain_name: 'test.vagrant.local'
-  roles:
-  tasks:
-    - name: updating /etc/hosts
-      lineinfile:
-        dest: /etc/hosts
-        regexp: "^{{ hostvars[item].ansible_ssh_host }} {{ item }} {{ item }}.{{ pri_domain_name }}"
-        line: "{{ hostvars[item].ansible_ssh_host }} {{ item }} {{ item }}.{{ pri_domain_name }}"
-        state: present
-      with_items: "{{ groups['all'] }}"
-
-- hosts: all
-  become: true
-  vars:
-    - rabbitmq_config_ha: true
-    - rabbitmq_enable_clustering: true
-    - pri_domain_name: 'test.vagrant.local'
-    - rabbitmq_master: 'node0'
-  roles:
-    - role: ansible-rabbitmq
-  tasks:
-````
+[Example Playbook](./playbook.yml)
 
 License
 -------
@@ -118,6 +55,11 @@ Author Information
 ------------------
 
 Larry Smith Jr.
-- @mrlesmithjr
+- [@mrlesmithjr]
 - http://everythingshouldbevirtual.com
 - mrlesmithjr [at] gmail.com
+
+[@mrlesmithjr]: <https://www.twitter.com/mrlesmithjr>
+
+[Ansible]: <https://www.ansible.com>
+[RabbitMQ]: <https://www.rabbitmq.com/>
diff --git a/defaults/main.yml b/defaults/main.yml
index ad22ead..90d7fb5 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,28 +1,49 @@
 ---
 # defaults file for ansible-rabbitmq
-rabbitmq_config:
-  - queue_name: 'logstash'
-    durable: true
-    exchange_name: logstash
-    type: 'direct'
-    routing_key: 'logstash'
-    tags: 'ha-mode=all,ha-sync-mode=automatic'
-rabbitmq_config_ha: false  #defines if rabbitmq ha should be configured...define here or in group_vars/group
+rabbitmq_config: []
+  # - queue_name: 'logstash'
+  #   durable: true
+  #   exchange_name: logstash
+  #   type: 'direct'
+  #   routing_key: 'logstash'
+  #   tags: 'ha-mode=all,ha-sync-mode=automatic'
+
+# Defines if rabbitmq ha should be configured
+rabbitmq_config_ha: false
+
+rabbitmq_config_service: false
+
 rabbitmq_debian_repo: 'deb http://www.rabbitmq.com/debian/ testing main'
 rabbitmq_debian_repo_key: 'https://www.rabbitmq.com/rabbitmq-release-signing-key.asc'
-rabbitmq_enable_clustering: false  #defines if setting up a rabbitmq cluster...define here or in group_vars/group
-rabbitmq_erlang_cookie: 'LSKNKBELKPSTDBBCHETL'  #define erlang cookie for cluster...define here or in group_vars/group
+
+# Defines if setting up a rabbitmq cluster
+rabbitmq_enable_clustering: false
+
 rabbitmq_erlang_cookie_file: '/var/lib/rabbitmq/.erlang.cookie'
-rabbitmq_master: []  #defines the inventory host that should be considered master...define here or in group_vars/group
+
+rabbitmq_listen_port: 5672
+rabbitmq_listeners: []
+  # - '127.0.0.1'
+  # - '::1'
+
+# Defines the inventory host that should be considered master
+rabbitmq_master: []
+
 rabbitmq_redhat_repo_key: 'https://www.rabbitmq.com/rabbitmq-signing-key-public.asc'
 rabbitmq_redhat_package: 'rabbitmq-server-{{ rabbitmq_redhat_version }}-1.noarch.rpm'
 rabbitmq_redhat_url: 'http://www.rabbitmq.com/releases/rabbitmq-server/v{{ rabbitmq_redhat_version }}'
 rabbitmq_redhat_version: '3.6.1'
-rabbitmq_users:  #define admin user to create in order to login to WebUI
+
+# Define admin user to create in order to login to WebUI
+rabbitmq_users:
   - name: 'rabbitmqadmin'
     password: 'rabbitmqadmin'
     vhost: '/'
     configure_priv: '.*'
     read_priv: '.*'
     write_priv: '.*'
-    tags: 'administrator'  #define comma separated list of tags to assign to user....management,policymaker,monitoring,administrator...required for management plugin. https://www.rabbitmq.com/management.html
+    # Define comma separated list of tags to assign to user:
+    # management,policymaker,monitoring,administrator
+    # required for management plugin.
+    # https://www.rabbitmq.com/management.html
+    tags: 'administrator'
diff --git a/handlers/main.yml b/handlers/main.yml
index 259ce1c..4fdafe5 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -4,3 +4,4 @@
   service:
     name: "rabbitmq-server"
     state: restarted
+  become: true
diff --git a/playbook.yml b/playbook.yml
index 1968320..4936577 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -1,25 +1,12 @@
 ---
-- hosts: all
-  become: true
+- hosts: rabbitmq_cluster
   vars:
-    pri_domain_name: 'test.vagrant.local'
-  roles:
-  tasks:
-    - name: updating /etc/hosts
-      lineinfile:
-        dest: /etc/hosts
-        regexp: "^{{ hostvars[item].ansible_ssh_host }} {{ item }} {{ item }}.{{ pri_domain_name }}"
-        line: "{{ hostvars[item].ansible_ssh_host }} {{ item }} {{ item }}.{{ pri_domain_name }}"
-        state: present
-      with_items: "{{ groups['all'] }}"
-
-- hosts: all
-  become: true
-  vars:
-    pri_domain_name: 'test.vagrant.local'
-    rabbitmq_config_ha: true
+    etc_hosts_add_all_hosts: true
+    etc_hosts_pri_dns_name: '{{ pri_domain_name }}'
+    pri_domain_name: 'vagrant.local'
     rabbitmq_enable_clustering: true
-    rabbitmq_master: 'node0'
+    rabbitmq_master: "{{ groups['rabbitmq_cluster'][0] }}"
   roles:
+    - role: ansible-etc-hosts
     - role: ansible-rabbitmq
   tasks:
diff --git a/requirements.yml b/requirements.yml
index a1f51cb..ce92d72 100644
--- a/requirements.yml
+++ b/requirements.yml
@@ -1,2 +1,3 @@
 ---
+- src: https://github.com/mrlesmithjr/ansible-etc-hosts.git
 - src: https://github.com/mrlesmithjr/ansible-rabbitmq.git
diff --git a/tasks/config.yml b/tasks/config.yml
new file mode 100644
index 0000000..9ea5da2
--- /dev/null
+++ b/tasks/config.yml
@@ -0,0 +1,7 @@
+---
+- name: config | Configuring RabbitMQ
+  template:
+    src: "etc/rabbitmq/rabbitmq.config.j2"
+    dest: "/etc/rabbitmq/rabbitmq.config"
+  become: true
+  notify: "restart rabbitmq-server"
diff --git a/tasks/debian.yml b/tasks/debian.yml
index a031ead..b25d39b 100644
--- a/tasks/debian.yml
+++ b/tasks/debian.yml
@@ -3,22 +3,26 @@
   apt_key:
     url: "{{ rabbitmq_debian_repo_key }}"
     state: present
+  become: true
 
 - name: debian | adding RabbitMQ repo
   apt_repository:
     repo: "{{ rabbitmq_debian_repo }}"
     state: present
   register: "rabbitmq_repo_added"
+  become: true
 
 - name: debian | updating apt cache
   apt:
     update_cache: yes
+  become: true
   when: rabbitmq_repo_added.changed
 
 - name: debian | installing RabbitMQ server
   apt:
     name: "{{ item }}"
     state: present
+  become: true
   with_items:
     - rabbitmq-server
 
@@ -26,6 +30,7 @@
   rabbitmq_plugin:
     names: rabbitmq_management
     state: enabled
+  become: true
   notify: restart rabbitmq-server
 
 - name: debian | ensuring that the RabbitMQ service is running
@@ -33,3 +38,4 @@
     name: rabbitmq-server
     state: started
     enabled: yes
+  become: true
diff --git a/tasks/fedora.yml b/tasks/fedora.yml
index 3d92963..6ac9c03 100644
--- a/tasks/fedora.yml
+++ b/tasks/fedora.yml
@@ -3,6 +3,7 @@
   dnf:
     name: "{{ item }}"
     state: present
+  become: true
   with_items:
     - wget
 
@@ -10,30 +11,36 @@
   dnf:
     name: "erlang"
     state: present
+  become: true
 
 - name: fedora | adding RabbitMQ public GPG key
   rpm_key:
     key: "{{ rabbitmq_redhat_repo_key }}"
     state: present
+  become: true
 
 - name: fedora | downloading RabbitMQ
   get_url:
     url: "{{ rabbitmq_redhat_url }}/{{ rabbitmq_redhat_package }}"
     dest: "/opt/{{ rabbitmq_redhat_package }}"
+  become: true
 
 - name: fedora | installing RabbitMQ
   dnf:
     name: "/opt/{{ rabbitmq_redhat_package }}"
     state: present
+  become: true
 
 - name: fedora | starting and enabling RabbitMQ service
   service:
     name: "rabbitmq-server"
     state: started
     enabled: yes
+  become: true
 
 - name: fedora | enabling the RabbitMQ Management Console
   rabbitmq_plugin:
     names: rabbitmq_management
     state: enabled
   notify: restart rabbitmq-server
+  become: true
diff --git a/tasks/main.yml b/tasks/main.yml
index bd82f93..1da06c4 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -3,19 +3,30 @@
   when: ansible_os_family == "Debian"
 
 - include: redhat.yml
-  when: ansible_distribution == "CentOS" or ansible_distribution == "Red Hat Enterprise Linux"
+  when: >
+        ansible_distribution == "CentOS" or
+        ansible_distribution == "Red Hat Enterprise Linux"
 
 - include: fedora.yml
   when: ansible_distribution == "Fedora"
 
+- include: config.yml
+  when: rabbitmq_config_service
+
 - name: checking to see if already clustered
   stat: path=/etc/rabbitmq/clustered
   register: clustered
 
 - include: rabbitmq_clustering.yml
-  when: rabbitmq_enable_clustering and (clustered.stat.exists != True)
+  when: >
+        rabbitmq_enable_clustering and
+        not clustered['stat']['exists']
 
 - include: rabbitmq_ha_config.yml
-  when: rabbitmq_config_ha and rabbitmq_enable_clustering
+  when: >
+        rabbitmq_config_ha and
+        rabbitmq_enable_clustering and
+        rabbitmq_config is defined
 
 - include: rabbitmq_users.yml
+  when: rabbitmq_users is defined
diff --git a/tasks/rabbitmq_clustering.yml b/tasks/rabbitmq_clustering.yml
index 5134c50..9e48590 100644
--- a/tasks/rabbitmq_clustering.yml
+++ b/tasks/rabbitmq_clustering.yml
@@ -1,21 +1,30 @@
 ---
 - name: rabbitmq_clustering | stopping rabbitmq app
   command: rabbitmqctl stop_app
-  when: inventory_hostname != "{{ rabbitmq_master }}"
+  become: true
+  when: inventory_hostname != rabbitmq_master
 
 - name: rabbitmq_clustering | resetting rabbitmq app
   command: rabbitmqctl reset
-  when: inventory_hostname != "{{ rabbitmq_master }}"
+  become: true
+  when: inventory_hostname != rabbitmq_master
 
 - name: rabbitmq_clustering | stopping rabbitmq-server
   service:
     name: rabbitmq-server
     state: stopped
+  become: true
 
-#- name: grabbing erlang cookie
-#  shell: cat /var/lib/rabbitmq/.erlang.cookie
-#  register: rabbitmq_erlang_cookie
-#  when: inventory_hostname == "{{ rabbitmq_master }}"
+- name: rabbitmq_clustering | Capturing Erlang Cookie On Master
+  command: "cat {{ rabbitmq_erlang_cookie_file }}"
+  become: true
+  register: "rabbitmq_erlang_cookie"
+  when: inventory_hostname == rabbitmq_master
+
+- name: rabbitmq_clustering | Setting Erlang Cookie Of Master on Non-Master
+  set_fact:
+    rabbitmq_erlang_cookie: "{{ hostvars[rabbitmq_master]['rabbitmq_erlang_cookie']['stdout'] }}"
+  when: inventory_hostname != rabbitmq_master
 
 - name: rabbitmq_clustering | copy erlang cookie
   template:
@@ -24,49 +33,62 @@
     owner: rabbitmq
     group: rabbitmq
     mode: 0400
-    backup: yes #backing up in case the need to recover
-#  when: inventory_hostname != "{{ rabbitmq_master }}"
+    # backing up in case the need to recover
+    backup: yes
+  become: true
+  when: inventory_hostname != rabbitmq_master
 
 - name: rabbitmq_clustering | restarting rabbitmq-server on master
   service:
     name: rabbitmq-server
     state: restarted
-  when: inventory_hostname == "{{ rabbitmq_master }}"
+  become: true
+  when: inventory_hostname == rabbitmq_master
 
 - name: rabbitmq_clustering | starting rabbitmq app on master
   command: rabbitmqctl start_app
   register: cluster_master
-  when: inventory_hostname == "{{ rabbitmq_master }}"
+  become: true
+  when: inventory_hostname == rabbitmq_master
 
 - name: rabbitmq_clustering | sending sigterm to any running rabbitmq processes
   shell: pkill -u rabbitmq || true
-  when: inventory_hostname != "{{ rabbitmq_master }}"
+  become: true
+  when: inventory_hostname != rabbitmq_master
 
 - name: rabbitmq_clustering | restarting rabbitmq-server
   service:
     name: rabbitmq-server
     state: restarted
-  when: inventory_hostname != "{{ rabbitmq_master }}"
+  become: true
+  when: inventory_hostname != rabbitmq_master
 
 - name: rabbitmq_clustering | stopping rabbitmq app
   command: rabbitmqctl stop_app
-  when: inventory_hostname != "{{ rabbitmq_master }}"
+  become: true
+  when: inventory_hostname != rabbitmq_master
 
 - name: rabbitmq_clustering | resetting rabbitmq app
   command: rabbitmqctl reset
-  when: inventory_hostname != "{{ rabbitmq_master }}"
+  become: true
+  when: inventory_hostname != rabbitmq_master
 
 - name: rabbitmq_clustering | joining rabbitmq cluster
   command: rabbitmqctl join_cluster "rabbit@{{ hostvars[rabbitmq_master]['ansible_hostname'] }}"
   register: cluster_joined
-  when: inventory_hostname != "{{ rabbitmq_master }}"
+  become: true
+  when: inventory_hostname != rabbitmq_master
 
 - name: rabbitmq_clustering | starting rabbitmq app
   command: rabbitmqctl start_app
-  when: inventory_hostname != "{{ rabbitmq_master }}"
+  become: true
+  when: inventory_hostname != rabbitmq_master
 
 - name: rabbitmq_clustering | marking as clustered
   file:
     path: /etc/rabbitmq/clustered
     state: touch
-  when: cluster_master.changed or cluster_joined.changed
+  become: true
+  when: >
+        cluster_master['changed'] or
+        cluster_joined['changed']
diff --git a/tasks/rabbitmq_ha_config.yml b/tasks/rabbitmq_ha_config.yml
index 8811b6d..bf74957 100644
--- a/tasks/rabbitmq_ha_config.yml
+++ b/tasks/rabbitmq_ha_config.yml
@@ -6,39 +6,46 @@
 
 - name: rabbitmq_ha_config | install rabbitMQ admin
   shell: wget http://guest:guest@localhost:15672/cli/rabbitmqadmin
-  when: not rabbitmqadmin_check.stat.exists
+  become: true
+  when: not rabbitmqadmin_check['stat']['exists']
 
 - name: rabbitmq_ha_config | moving the rabbitMQ Admin
   shell: mv rabbitmqadmin /usr/sbin
-  when: not rabbitmqadmin_check.stat.exists
+  become: true
+  when: not rabbitmqadmin_check['stat']['exists']
 
 - name: rabbitmq_ha_config | making executable rabbitMQ Admin
   shell: chmod +x /usr/sbin/rabbitmqadmin
   notify: restart rabbitmq-server
-  when: not rabbitmqadmin_check.stat.exists
+  become: true
+  when: not rabbitmqadmin_check['stat']['exists']
 
 - name: rabbitmq_ha_config | creating queue(s)
-  command: rabbitmqadmin declare queue name={{ item.queue_name }} durable={{ item.durable|lower }}
+  command: rabbitmqadmin declare queue name={{ item['queue_name'] }} durable={{ item['durable']|lower }}
   run_once: true
+  become: true
   with_items: "{{ rabbitmq_config }}"
 
 - name: rabbitmq_ha_config | setting up ha on queue(s)
   rabbitmq_policy:
     name: "ha-all"
-    pattern: "{{ item.queue_name }}"
-    tags: "{{ item.tags }}"
+    pattern: "{{ item['queue_name'] }}"
+    tags: "{{ item['tags'] }}"
     state: present
   run_once: true
+  become: true
   with_items: "{{ rabbitmq_config }}"
 
 - name: rabbitmq_ha_config | creating exchange(s)
-  command: rabbitmqadmin declare exchange name={{ item.exchange_name }} type={{ item.type }}
+  command: rabbitmqadmin declare exchange name={{ item['exchange_name'] }} type={{ item['type'] }}
   run_once: true
+  become: true
   with_items: "{{ rabbitmq_config }}"
-  when: item.exchange_name is defined
+  when: item['exchange_name'] is defined
 
 - name: rabbitmq_ha_config | creating binding(s)
-  command: rabbitmqadmin declare binding source={{ item.exchange_name }} destination_type="queue" destination={{ item.queue_name }} routing_key={{ item.routing_key }}
+  command: rabbitmqadmin declare binding source={{ item['exchange_name'] }} destination_type="queue" destination={{ item['queue_name'] }} routing_key={{ item['routing_key'] }}
   run_once: true
+  become: true
   with_items: "{{ rabbitmq_config }}"
-  when: item.exchange_name is defined
+  when: item['exchange_name'] is defined
diff --git a/tasks/rabbitmq_users.yml b/tasks/rabbitmq_users.yml
index 8bce8b2..98e45e2 100644
--- a/tasks/rabbitmq_users.yml
+++ b/tasks/rabbitmq_users.yml
@@ -1,27 +1,34 @@
 ---
 - name: rabbitmq_users | creating rabbitmq users
   rabbitmq_user:
-    name: "{{ item.name }}"
-    password: "{{ item.password }}"
-    vhost: "{{ item.vhost }}"
-    configure_priv: "{{ item.configure_priv }}"
-    read_priv: "{{ item.read_priv }}"
-    write_priv: "{{ item.write_priv }}"
-    tags: "{{ item.tags }}"
+    name: "{{ item['name'] }}"
+    password: "{{ item['password'] }}"
+    vhost: "{{ item['vhost'] }}"
+    configure_priv: "{{ item['configure_priv'] }}"
+    read_priv: "{{ item['read_priv'] }}"
+    write_priv: "{{ item['write_priv'] }}"
+    tags: "{{ item['tags'] }}"
     state: present
+  become: true
   with_items: "{{ rabbitmq_users }}"
-  when: (rabbitmq_enable_clustering is defined and not rabbitmq_enable_clustering) or rabbitmq_enable_clustering is not defined
+  when: >
+        (rabbitmq_enable_clustering is defined and
+          not rabbitmq_enable_clustering) or
+          rabbitmq_enable_clustering is not defined
 
 - name: rabbitmq_users | creating rabbitmq users
   rabbitmq_user:
-    name: "{{ item.name }}"
-    password: "{{ item.password }}"
-    vhost: "{{ item.vhost }}"
-    configure_priv: "{{ item.configure_priv }}"
-    read_priv: "{{ item.read_priv }}"
-    write_priv: "{{ item.write_priv }}"
-    tags: "{{ item.tags }}"
+    name: "{{ item['name'] }}"
+    password: "{{ item['password'] }}"
+    vhost: "{{ item['vhost'] }}"
+    configure_priv: "{{ item['configure_priv'] }}"
+    read_priv: "{{ item['read_priv'] }}"
+    write_priv: "{{ item['write_priv'] }}"
+    tags: "{{ item['tags'] }}"
     state: present
   run_once: yes
+  become: true
   with_items: "{{ rabbitmq_users }}"
-  when: (rabbitmq_enable_clustering is defined and rabbitmq_enable_clustering)
+  when: >
+        rabbitmq_enable_clustering is defined and
+          rabbitmq_enable_clustering
diff --git a/tasks/redhat.yml b/tasks/redhat.yml
index 484597d..afa714c 100644
--- a/tasks/redhat.yml
+++ b/tasks/redhat.yml
@@ -3,6 +3,7 @@
   yum:
     name: "{{ item }}"
     state: present
+  become: true
   with_items:
     - epel-release
     - wget
@@ -11,30 +12,36 @@
   yum:
     name: "erlang"
     state: present
+  become: true
 
 - name: redhat | adding RabbitMQ public GPG key
   rpm_key:
     key: "{{ rabbitmq_redhat_repo_key }}"
     state: present
+  become: true
 
 - name: redhat | downloading RabbitMQ
   get_url:
     url: "{{ rabbitmq_redhat_url }}/{{ rabbitmq_redhat_package }}"
     dest: "/opt/{{ rabbitmq_redhat_package }}"
+  become: true
 
 - name: redhat | installing RabbitMQ
   yum:
     name: "/opt/{{ rabbitmq_redhat_package }}"
     state: present
+  become: true
 
 - name: redhat | starting and enabling RabbitMQ service
   service:
     name: "rabbitmq-server"
     state: started
     enabled: yes
+  become: true
 
 - name: redhat | enabling the RabbitMQ Management Console
   rabbitmq_plugin:
     names: rabbitmq_management
     state: enabled
   notify: restart rabbitmq-server
+  become: true
diff --git a/templates/etc/rabbitmq/rabbitmq.config b/templates/etc/rabbitmq/rabbitmq.config
new file mode 100644
index 0000000..221da01
--- /dev/null
+++ b/templates/etc/rabbitmq/rabbitmq.config
@@ -0,0 +1,677 @@
+%% -*- mode: erlang -*-
+%% ----------------------------------------------------------------------------
+%% RabbitMQ Sample Configuration File.
+%%
+%% See http://www.rabbitmq.com/configure.html for details.
+%% ----------------------------------------------------------------------------
+[
+ {rabbit,
+  [%%
+   %% Network Connectivity
+   %% ====================
+   %%
+
+   %% By default, RabbitMQ will listen on all interfaces, using
+   %% the standard (reserved) AMQP port.
+   %%
+   %% {tcp_listeners, [5672]},
+
+   %% To listen on a specific interface, provide a tuple of {IpAddress, Port}.
+   %% For example, to listen only on localhost for both IPv4 and IPv6:
+   %%
+   %% {tcp_listeners, [{"127.0.0.1", 5672},
+   %%                  {"::1",       5672}]},
+
+   %% SSL listeners are configured in the same fashion as TCP listeners,
+   %% including the option to control the choice of interface.
+   %%
+   %% {ssl_listeners, [5671]},
+
+   %% Number of Erlang processes that will accept connections for the TCP
+   %% and SSL listeners.
+   %%
+   %% {num_tcp_acceptors, 10},
+   %% {num_ssl_acceptors, 1},
+
+   %% Maximum time for AMQP 0-8/0-9/0-9-1 handshake (after socket connection
+   %% and SSL handshake), in milliseconds.
+   %%
+   %% {handshake_timeout, 10000},
+
+   %% Log levels (currently just used for connection logging).
+   %% One of 'debug', 'info', 'warning', 'error' or 'none', in decreasing
+   %% order of verbosity. Defaults to 'info'.
+   %%
+   %% {log_levels, [{connection, info}, {channel, info}]},
+
+   %% Set to 'true' to perform reverse DNS lookups when accepting a
+   %% connection. Hostnames will then be shown instead of IP addresses
+   %% in rabbitmqctl and the management plugin.
+   %%
+   %% {reverse_dns_lookups, true},
+
+   %%
+   %% Security / AAA
+   %% ==============
+   %%
+
+   %% The default "guest" user is only permitted to access the server
+   %% via a loopback interface (e.g. localhost).
+   %% {loopback_users, [<<"guest">>]},
+   %%
+   %% Uncomment the following line if you want to allow access to the
+   %% guest user from anywhere on the network.
+   %% {loopback_users, []},
+
+   %% Configuring SSL.
+   %% See http://www.rabbitmq.com/ssl.html for full documentation.
+   %%
+   %% {ssl_options, [{cacertfile,           "/path/to/testca/cacert.pem"},
+   %%                {certfile,             "/path/to/server/cert.pem"},
+   %%                {keyfile,              "/path/to/server/key.pem"},
+   %%                {verify,               verify_peer},
+   %%                {fail_if_no_peer_cert, false}]},
+
+   %% Choose the available SASL mechanism(s) to expose.
+   %% The two default (built in) mechanisms are 'PLAIN' and
+   %% 'AMQPLAIN'. Additional mechanisms can be added via
+   %% plugins.
+   %%
+   %% See http://www.rabbitmq.com/authentication.html for more details.
+   %%
+   %% {auth_mechanisms, ['PLAIN', 'AMQPLAIN']},
+
+   %% Select an authentication database to use. RabbitMQ comes bundled
+   %% with a built-in auth-database, based on mnesia.
+   %%
+   %% {auth_backends, [rabbit_auth_backend_internal]},
+
+   %% Configurations supporting the rabbitmq_auth_mechanism_ssl and
+   %% rabbitmq_auth_backend_ldap plugins.
+   %%
+   %% NB: These options require that the relevant plugin is enabled.
+   %% See http://www.rabbitmq.com/plugins.html for further details.
+
+   %% The RabbitMQ-auth-mechanism-ssl plugin makes it possible to
+   %% authenticate a user based on the client's SSL certificate.
+   %%
+   %% To use auth-mechanism-ssl, add to or replace the auth_mechanisms
+   %% list with the entry 'EXTERNAL'.
+   %%
+   %% {auth_mechanisms, ['EXTERNAL']},
+
+   %% The rabbitmq_auth_backend_ldap plugin allows the broker to
+   %% perform authentication and authorisation by deferring to an
+   %% external LDAP server.
+   %%
+   %% For more information about configuring the LDAP backend, see
+   %% http://www.rabbitmq.com/ldap.html.
+   %%
+   %% Enable the LDAP auth backend by adding to or replacing the
+   %% auth_backends entry:
+   %%
+   %% {auth_backends, [rabbit_auth_backend_ldap]},
+
+   %% This pertains to both the rabbitmq_auth_mechanism_ssl plugin and
+   %% STOMP ssl_cert_login configurations. See the rabbitmq_stomp
+   %% configuration section later in this file and the README in
+   %% https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further
+   %% details.
+   %%
+   %% To use the SSL cert's CN instead of its DN as the username
+   %%
+   %% {ssl_cert_login_from, common_name},
+
+   %% SSL handshake timeout, in milliseconds.
+   %%
+   %% {ssl_handshake_timeout, 5000},
+
+   %% Password hashing implementation. Will only affect newly
+   %% created users. To recalculate hash for an existing user
+   %% it's necessary to update her password.
+   %%
+   %% {password_hashing_module, rabbit_password_hashing_sha256},
+
+   %% Configuration entry encryption.
+   %% See http://www.rabbitmq.com/configure.html#configuration-encryption
+   %%
+   %% To specify the passphrase in the configuration file:
+   %%
+   %% {config_entry_decoder, [{passphrase, <<"mypassphrase">>}]}
+   %%
+   %% To specify the passphrase in an external file:
+   %%
+   %% {config_entry_decoder, [{passphrase, {file, "/path/to/passphrase/file"}}]}
+   %%
+   %% To make the broker request the passphrase when it starts:
+   %%
+   %% {config_entry_decoder, [{passphrase, prompt}]}
+   %%
+   %% To change encryption settings:
+   %%
+   %% {config_entry_decoder, [{cipher,     aes_cbc256},
+   %%                         {hash,       sha512},
+   %%                         {iterations, 1000}]}
+
+   %%
+   %% Default User / VHost
+   %% ====================
+   %%
+
+   %% On first start RabbitMQ will create a vhost and a user. These
+   %% config items control what gets created. See
+   %% http://www.rabbitmq.com/access-control.html for further
+   %% information about vhosts and access control.
+   %%
+   %% {default_vhost,       <<"/">>},
+   %% {default_user,        <<"guest">>},
+   %% {default_pass,        <<"guest">>},
+   %% {default_permissions, [<<".*">>, <<".*">>, <<".*">>]},
+
+   %% Tags for default user
+   %%
+   %% For more details about tags, see the documentation for the
+   %% Management Plugin at http://www.rabbitmq.com/management.html.
+   %%
+   %% {default_user_tags, [administrator]},
+
+   %%
+   %% Additional network and protocol related configuration
+   %% =====================================================
+   %%
+
+   %% Set the default AMQP heartbeat delay (in seconds).
+   %%
+   %% {heartbeat, 60},
+
+   %% Set the max permissible size of an AMQP frame (in bytes).
+   %%
+   %% {frame_max, 131072},
+
+   %% Set the max frame size the server will accept before connection
+   %% tuning occurs
+   %%
+   %% {initial_frame_max, 4096},
+
+   %% Set the max permissible number of channels per connection.
+   %% 0 means "no limit".
+   %%
+   %% {channel_max, 128},
+
+   %% Customising Socket Options.
+   %%
+   %% See (http://www.erlang.org/doc/man/inet.html#setopts-2) for
+   %% further documentation.
+   %%
+   %% {tcp_listen_options, [{backlog,       128},
+   %%                       {nodelay,       true},
+   %%                       {exit_on_close, false}]},
+
+   %%
+   %% Resource Limits & Flow Control
+   %% ==============================
+   %%
+   %% See http://www.rabbitmq.com/memory.html for full details.
+
+   %% Memory-based Flow Control threshold.
+   %%
+   %% {vm_memory_high_watermark, 0.4},
+
+   %% Alternatively, we can set a limit (in bytes) of RAM used by the node.
+   %%
+   %% {vm_memory_high_watermark, {absolute, 1073741824}},
+   %%
+   %% Or you can set absolute value using memory units.
+   %%
+   %% {vm_memory_high_watermark, {absolute, "1024M"}},
+   %%
+   %% Supported units suffixes:
+   %%
+   %% k, kiB: kibibytes (2^10 bytes)
+   %% M, MiB: mebibytes (2^20)
+   %% G, GiB: gibibytes (2^30)
+   %% kB: kilobytes (10^3)
+   %% MB: megabytes (10^6)
+   %% GB: gigabytes (10^9)
+
+   %% Fraction of the high watermark limit at which queues start to
+   %% page message out to disc in order to free up memory.
+   %%
+   %% Values greater than 0.9 can be dangerous and should be used carefully.
+   %%
+   %% {vm_memory_high_watermark_paging_ratio, 0.5},
+
+   %% Interval (in milliseconds) at which we perform the check of the memory
+   %% levels against the watermarks.
+   %%
+   %% {memory_monitor_interval, 2500},
+
+   %% Set disk free limit (in bytes). Once free disk space reaches this
+   %% lower bound, a disk alarm will be set - see the documentation
+   %% listed above for more details.
+   %%
+   %% {disk_free_limit, 50000000},
+   %%
+   %% Or you can set it using memory units (same as in vm_memory_high_watermark)
+   %% {disk_free_limit, "50MB"},
+   %% {disk_free_limit, "50000kB"},
+   %% {disk_free_limit, "2GB"},
+
+   %% Alternatively, we can set a limit relative to total available RAM.
+   %%
+   %% Values lower than 1.0 can be dangerous and should be used carefully.
+   %% {disk_free_limit, {mem_relative, 2.0}},
+
+   %%
+   %% Misc/Advanced Options
+   %% =====================
+   %%
+   %% NB: Change these only if you understand what you are doing!
+   %%
+
+   %% To announce custom properties to clients on connection:
+   %%
+   %% {server_properties, []},
+
+   %% How to respond to cluster partitions.
+   %% See http://www.rabbitmq.com/partitions.html for further details.
+   %%
+   %% {cluster_partition_handling, ignore},
+
+   %% Make clustering happen *automatically* at startup - only applied
+   %% to nodes that have just been reset or started for the first time.
+   %% See http://www.rabbitmq.com/clustering.html#auto-config for
+   %% further details.
+   %%
+   %% {cluster_nodes, {['rabbit@my.host.com'], disc}},
+
+   %% Interval (in milliseconds) at which we send keepalive messages
+   %% to other cluster members. Note that this is not the same thing
+   %% as net_ticktime; missed keepalive messages will not cause nodes
+   %% to be considered down.
+   %%
+   %% {cluster_keepalive_interval, 10000},
+
+   %% Set (internal) statistics collection granularity.
+   %%
+   %% {collect_statistics, none},
+
+   %% Statistics collection interval (in milliseconds).
+   %%
+   %% {collect_statistics_interval, 5000},
+
+   %% Explicitly enable/disable hipe compilation.
+   %%
+   %% {hipe_compile, true},
+
+   %% Number of times to retry while waiting for Mnesia tables in a cluster to
+   %% become available.
+   %%
+   %% {mnesia_table_loading_retry_limit, 10},
+
+   %% Time to wait per retry for Mnesia tables in a cluster to become
+   %% available.
+   %%
+   %% {mnesia_table_loading_retry_timeout, 30000},
+
+   %% Size in bytes below which to embed messages in the queue index. See
+   %% http://www.rabbitmq.com/persistence-conf.html
+   %%
+   %% {queue_index_embed_msgs_below, 4096},
+
+   %% Whether or not to enable background GC.
+   %%
+   %% {background_gc_enabled, true},
+   %%
+   %% Interval (in milliseconds) at which we run background GC.
+   %%
+   %% {background_gc_target_interval, 60000}
+
+  ]},
+
+ %% ----------------------------------------------------------------------------
+ %% Advanced Erlang Networking/Clustering Options.
+ %%
+ %% See http://www.rabbitmq.com/clustering.html for details
+ %% ----------------------------------------------------------------------------
+ {kernel,
+  [%% Sets the net_kernel tick time.
+   %% Please see http://erlang.org/doc/man/kernel_app.html and
+   %% http://www.rabbitmq.com/nettick.html for further details.
+   %%
+   %% {net_ticktime, 60}
+  ]},
+
+ %% ----------------------------------------------------------------------------
+ %% RabbitMQ Management Plugin
+ %%
+ %% See http://www.rabbitmq.com/management.html for details
+ %% ----------------------------------------------------------------------------
+
+ {rabbitmq_management,
+  [%% Pre-Load schema definitions from the following JSON file. See
+   %% http://www.rabbitmq.com/management.html#load-definitions
+   %%
+   %% {load_definitions, "/path/to/schema.json"},
+
+   %% Log all requests to the management HTTP API to a file.
+   %%
+   %% {http_log_dir, "/path/to/access.log"},
+
+   %% Change the port on which the HTTP listener listens,
+   %% specifying an interface for the web server to bind to.
+   %% Also set the listener to use SSL and provide SSL options.
+   %%
+   %% {listener, [{port,     12345},
+   %%             {ip,       "127.0.0.1"},
+   %%             {ssl,      true},
+   %%             {ssl_opts, [{cacertfile, "/path/to/cacert.pem"},
+   %%                         {certfile,   "/path/to/cert.pem"},
+   %%                         {keyfile,    "/path/to/key.pem"}]}]},
+
+   %% One of 'basic', 'detailed' or 'none'. See
+   %% http://www.rabbitmq.com/management.html#fine-stats for more details.
+   %% {rates_mode, basic},
+
+   %% Configure how long aggregated data (such as message rates and queue
+   %% lengths) is retained. Please read the plugin's documentation in
+   %% http://www.rabbitmq.com/management.html#configuration for more
+   %% details.
+   %%
+   %% {sample_retention_policies,
+   %%  [{global,   [{60, 5}, {3600, 60}, {86400, 1200}]},
+   %%   {basic,    [{60, 5}, {3600, 60}]},
+   %%   {detailed, [{10, 5}]}]}
+  ]},
+
+ %% ----------------------------------------------------------------------------
+ %% RabbitMQ Shovel Plugin
+ %%
+ %% See http://www.rabbitmq.com/shovel.html for details
+ %% ----------------------------------------------------------------------------
+
+ {rabbitmq_shovel,
+  [{shovels,
+    [%% A named shovel worker.
+     %% {my_first_shovel,
+     %%  [
+
+     %% List the source broker(s) from which to consume.
+     %%
+     %%   {sources,
+     %%    [%% URI(s) and pre-declarations for all source broker(s).
+     %%     {brokers, ["amqp://user:password@host.domain/my_vhost"]},
+     %%     {declarations, []}
+     %%    ]},
+
+     %% List the destination broker(s) to publish to.
+     %%   {destinations,
+     %%    [%% A singular version of the 'brokers' element.
+     %%     {broker, "amqp://"},
+     %%     {declarations, []}
+     %%    ]},
+
+     %% Name of the queue to shovel messages from.
+     %%
+     %% {queue, <<"your-queue-name-goes-here">>},
+
+     %% Optional prefetch count.
+     %%
+     %% {prefetch_count, 10},
+
+     %% when to acknowledge messages:
+     %% - no_ack: never (auto)
+     %% - on_publish: after each message is republished
+     %% - on_confirm: when the destination broker confirms receipt
+     %%
+     %% {ack_mode, on_confirm},
+
+     %% Overwrite fields of the outbound basic.publish.
+     %%
+     %% {publish_fields, [{exchange,    <<"my_exchange">>},
+     %%                   {routing_key, <<"from_shovel">>}]},
+
+     %% Static list of basic.properties to set on re-publication.
+     %%
+     %% {publish_properties, [{delivery_mode, 2}]},
+
+     %% The number of seconds to wait before attempting to
+     %% reconnect in the event of a connection failure.
+     %%
+     %% {reconnect_delay, 2.5}
+
+     %% ]} %% End of my_first_shovel
+    ]}
+   %% Rather than specifying some values per-shovel, you can specify
+   %% them for all shovels here.
+   %%
+   %% {defaults, [{prefetch_count,     0},
+   %%             {ack_mode,           on_confirm},
+   %%             {publish_fields,     []},
+   %%             {publish_properties, [{delivery_mode, 2}]},
+   %%             {reconnect_delay,    2.5}]}
+  ]},
+
+ %% ----------------------------------------------------------------------------
+ %% RabbitMQ Stomp Adapter
+ %%
+ %% See http://www.rabbitmq.com/stomp.html for details
+ %% ----------------------------------------------------------------------------
+
+ {rabbitmq_stomp,
+  [%% Network Configuration - the format is generally the same as for the broker
+
+   %% Listen only on localhost (ipv4 & ipv6) on a specific port.
+   %% {tcp_listeners, [{"127.0.0.1", 61613},
+   %%                  {"::1",       61613}]},
+
+   %% Listen for SSL connections on a specific port.
+   %% {ssl_listeners, [61614]},
+
+   %% Number of Erlang processes that will accept connections for the TCP
+   %% and SSL listeners.
+   %%
+   %% {num_tcp_acceptors, 10},
+   %% {num_ssl_acceptors, 1},
+
+   %% Additional SSL options
+
+   %% Extract a name from the client's certificate when using SSL.
+   %%
+   %% {ssl_cert_login, true},
+
+   %% Set a default user name and password. This is used as the default login
+   %% whenever a CONNECT frame omits the login and passcode headers.
+   %%
+   %% Please note that setting this will allow clients to connect without
+   %% authenticating!
+   %%
+   %% {default_user, [{login,    "guest"},
+   %%                 {passcode, "guest"}]},
+
+   %% If a default user is configured, or you have configured use SSL client
+   %% certificate based authentication, you can choose to allow clients to
+   %% omit the CONNECT frame entirely. If set to true, the client is
+   %% automatically connected as the default user or user supplied in the
+   %% SSL certificate whenever the first frame sent on a session is not a
+   %% CONNECT frame.
+   %%
+   %% {implicit_connect, true}
+  ]},
+
+ %% ----------------------------------------------------------------------------
+ %% RabbitMQ MQTT Adapter
+ %%
+ %% See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md
+ %% for details
+ %% ----------------------------------------------------------------------------
+
+ {rabbitmq_mqtt,
+  [%% Set the default user name and password. Will be used as the default login
+   %% if a connecting client provides no other login details.
+   %%
+   %% Please note that setting this will allow clients to connect without
+   %% authenticating!
+   %%
+   %% {default_user, <<"guest">>},
+   %% {default_pass, <<"guest">>},
+
+   %% Enable anonymous access. If this is set to false, clients MUST provide
+   %% login information in order to connect. See the default_user/default_pass
+   %% configuration elements for managing logins without authentication.
+   %%
+   %% {allow_anonymous, true},
+
+   %% If you have multiple chosts, specify the one to which the
+   %% adapter connects.
+   %%
+   %% {vhost, <<"/">>},
+
+   %% Specify the exchange to which messages from MQTT clients are published.
+   %%
+   %% {exchange, <<"amq.topic">>},
+
+   %% Specify TTL (time to live) to control the lifetime of non-clean sessions.
+   %%
+   %% {subscription_ttl, 1800000},
+
+   %% Set the prefetch count (governing the maximum number of unacknowledged
+   %% messages that will be delivered).
+   %%
+   %% {prefetch, 10},
+
+   %% TCP/SSL Configuration (as per the broker configuration).
+   %%
+   %% {tcp_listeners, [1883]},
+   %% {ssl_listeners, []},
+
+   %% Number of Erlang processes that will accept connections for the TCP
+   %% and SSL listeners.
+   %%
+   %% {num_tcp_acceptors, 10},
+   %% {num_ssl_acceptors, 1},
+
+   %% TCP/Socket options (as per the broker configuration).
+   %%
+   %% {tcp_listen_options, [{backlog,   128},
+   %%                       {nodelay,   true}]}
+  ]},
+
+ %% ----------------------------------------------------------------------------
+ %% RabbitMQ AMQP 1.0 Support
+ %%
+ %% See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md
+ %% for details
+ %% ----------------------------------------------------------------------------
+
+ {rabbitmq_amqp1_0,
+  [%% Connections that are not authenticated with SASL will connect as this
+   %% account. See the README for more information.
+   %%
+   %% Please note that setting this will allow clients to connect without
+   %% authenticating!
+   %%
+   %% {default_user, "guest"},
+
+   %% Enable protocol strict mode. See the README for more information.
+   %%
+   %% {protocol_strict_mode, false}
+  ]},
+
+ %% ----------------------------------------------------------------------------
+ %% RabbitMQ LDAP Plugin
+ %%
+ %% See http://www.rabbitmq.com/ldap.html for details.
+ %%
+ %% ----------------------------------------------------------------------------
+
+ {rabbitmq_auth_backend_ldap,
+  [%%
+   %% Connecting to the LDAP server(s)
+   %% ================================
+   %%
+
+   %% Specify servers to bind to. You *must* set this in order for the plugin
+   %% to work properly.
+   %%
+   %% {servers, ["your-server-name-goes-here"]},
+
+   %% Connect to the LDAP server using SSL
+   %%
+   %% {use_ssl, false},
+
+   %% Specify the LDAP port to connect to
+   %%
+   %% {port, 389},
+
+   %% LDAP connection timeout, in milliseconds or 'infinity'
+   %%
+   %% {timeout, infinity},
+
+   %% Enable logging of LDAP queries.
+   %% One of
+   %%   - false (no logging is performed)
+   %%   - true (verbose logging of the logic used by the plugin)
+   %%   - network (as true, but additionally logs LDAP network traffic)
+   %%
+   %% Defaults to false.
+   %%
+   %% {log, false},
+
+   %%
+   %% Authentication
+   %% ==============
+   %%
+
+   %% Pattern to convert the username given through AMQP to a DN before
+   %% binding
+   %%
+   %% {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"},
+
+   %% Alternatively, you can convert a username to a Distinguished
+   %% Name via an LDAP lookup after binding. See the documentation for
+   %% full details.
+
+   %% When converting a username to a dn via a lookup, set these to
+   %% the name of the attribute that represents the user name, and the
+   %% base DN for the lookup query.
+   %%
+   %% {dn_lookup_attribute,   "userPrincipalName"},
+   %% {dn_lookup_base,        "DC=gopivotal,DC=com"},
+
+   %% Controls how to bind for authorisation queries and also to
+   %% retrieve the details of users logging in without presenting a
+   %% password (e.g., SASL EXTERNAL).
+   %% One of
+   %%  - as_user (to bind as the authenticated user - requires a password)
+   %%  - anon    (to bind anonymously)
+   %%  - {UserDN, Password} (to bind with a specified user name and password)
+   %%
+   %% Defaults to 'as_user'.
+   %%
+   %% {other_bind, as_user},
+
+   %%
+   %% Authorisation
+   %% =============
+   %%
+
+   %% The LDAP plugin can perform a variety of queries against your
+   %% LDAP server to determine questions of authorisation. See
+   %% http://www.rabbitmq.com/ldap.html#authorisation for more
+   %% information.
+
+   %% Set the query to use when determining vhost access
+   %%
+   %% {vhost_access_query, {in_group,
+   %%                       "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}},
+
+   %% Set the query to use when determining resource (e.g., queue) access
+   %%
+   %% {resource_access_query, {constant, true}},
+
+   %% Set queries to determine which tags a user has
+   %%
+   %% {tag_queries, []}
+  ]}
+].
diff --git a/templates/etc/rabbitmq/rabbitmq.config.j2 b/templates/etc/rabbitmq/rabbitmq.config.j2
new file mode 100644
index 0000000..97ae132
--- /dev/null
+++ b/templates/etc/rabbitmq/rabbitmq.config.j2
@@ -0,0 +1,9 @@
+[
+ {rabbit, [
+{% if rabbitmq_listeners is not defined %}
+   {tcp_listeners, [{{ rabbitmq_listen_port }}]}
+{% elif rabbitmq_listeners is defined %}
+   {tcp_listeners, [{% for item in rabbitmq_listeners %}{"{{ item }}", {{ rabbitmq_listen_port }}}{% if not loop.last %}, {% endif %}{% endfor %}]}
+{% endif %}
+  ]}
+].