diff options
| -rw-r--r-- | defaults/main.yml | 5 | ||||
| -rw-r--r-- | tasks/main.yml | 3 | ||||
| -rw-r--r-- | tasks/rabbitmq_users.yml | 22 | ||||
| -rw-r--r-- | tasks/rabbitmq_vhosts.yml | 25 |
4 files changed, 45 insertions, 10 deletions
diff --git a/defaults/main.yml b/defaults/main.yml index 4ea3ee0..e874af1 100644 --- a/defaults/main.yml +++ b/defaults/main.yml | |||
| @@ -57,6 +57,11 @@ rabbitmq_redhat_package: "rabbitmq-server-{{ rabbitmq_redhat_version }}-1.noarch | |||
| 57 | rabbitmq_redhat_url: "http://www.rabbitmq.com/releases/rabbitmq-server/v{{ rabbitmq_redhat_version }}" | 57 | rabbitmq_redhat_url: "http://www.rabbitmq.com/releases/rabbitmq-server/v{{ rabbitmq_redhat_version }}" |
| 58 | rabbitmq_redhat_version: 3.6.1 | 58 | rabbitmq_redhat_version: 3.6.1 |
| 59 | 59 | ||
| 60 | # Define extra vhosts to be created | ||
| 61 | rabbitmq_extra_vhosts: [] | ||
| 62 | # - name: / | ||
| 63 | # state: present | ||
| 64 | |||
| 60 | # Define admin user to create in order to login to WebUI | 65 | # Define admin user to create in order to login to WebUI |
| 61 | rabbitmq_users: | 66 | rabbitmq_users: |
| 62 | - name: rabbitmqadmin | 67 | - name: rabbitmqadmin |
diff --git a/tasks/main.yml b/tasks/main.yml index 1ef08f0..a9dc4d2 100644 --- a/tasks/main.yml +++ b/tasks/main.yml | |||
| @@ -26,6 +26,9 @@ | |||
| 26 | rabbitmq_enable_clustering and | 26 | rabbitmq_enable_clustering and |
| 27 | not clustered['stat']['exists'] | 27 | not clustered['stat']['exists'] |
| 28 | 28 | ||
| 29 | - include: rabbitmq_vhosts.yml | ||
| 30 | when: rabbitmq_extra_vhosts is defined | ||
| 31 | |||
| 29 | - include: rabbitmq_ha_config.yml | 32 | - include: rabbitmq_ha_config.yml |
| 30 | when: > | 33 | when: > |
| 31 | rabbitmq_config_ha and | 34 | rabbitmq_config_ha and |
diff --git a/tasks/rabbitmq_users.yml b/tasks/rabbitmq_users.yml index 083c704..7bba65e 100644 --- a/tasks/rabbitmq_users.yml +++ b/tasks/rabbitmq_users.yml | |||
| @@ -3,11 +3,12 @@ | |||
| 3 | rabbitmq_user: | 3 | rabbitmq_user: |
| 4 | name: "{{ item['name'] }}" | 4 | name: "{{ item['name'] }}" |
| 5 | password: "{{ item['password'] }}" | 5 | password: "{{ item['password'] }}" |
| 6 | vhost: "{{ item['vhost'] }}" | 6 | vhost: "{{ item['vhost']|default(omit) }}" |
| 7 | configure_priv: "{{ item['configure_priv'] }}" | 7 | configure_priv: "{{ item['configure_priv']|default(omit) }}" |
| 8 | read_priv: "{{ item['read_priv'] }}" | 8 | read_priv: "{{ item['read_priv']|default(omit) }}" |
| 9 | write_priv: "{{ item['write_priv'] }}" | 9 | write_priv: "{{ item['write_priv']|default(omit) }}" |
| 10 | tags: "{{ item['tags'] }}" | 10 | tags: "{{ item['tags']|default(omit) }}" |
| 11 | permissions: "{{ item['permissions']|default(omit) }}" | ||
| 11 | state: present | 12 | state: present |
| 12 | become: true | 13 | become: true |
| 13 | with_items: "{{ rabbitmq_users }}" | 14 | with_items: "{{ rabbitmq_users }}" |
| @@ -20,11 +21,12 @@ | |||
| 20 | rabbitmq_user: | 21 | rabbitmq_user: |
| 21 | name: "{{ item['name'] }}" | 22 | name: "{{ item['name'] }}" |
| 22 | password: "{{ item['password'] }}" | 23 | password: "{{ item['password'] }}" |
| 23 | vhost: "{{ item['vhost'] }}" | 24 | vhost: "{{ item['vhost']|default(omit) }}" |
| 24 | configure_priv: "{{ item['configure_priv'] }}" | 25 | configure_priv: "{{ item['configure_priv']|default(omit) }}" |
| 25 | read_priv: "{{ item['read_priv'] }}" | 26 | read_priv: "{{ item['read_priv']|default(omit) }}" |
| 26 | write_priv: "{{ item['write_priv'] }}" | 27 | write_priv: "{{ item['write_priv']|default(omit) }}" |
| 27 | tags: "{{ item['tags'] }}" | 28 | tags: "{{ item['tags']|default(omit) }}" |
| 29 | permissions: "{{ item['permissions']|default(omit) }}" | ||
| 28 | state: present | 30 | state: present |
| 29 | run_once: yes | 31 | run_once: yes |
| 30 | delegate_to: "{{ rabbitmq_master }}" | 32 | delegate_to: "{{ rabbitmq_master }}" |
diff --git a/tasks/rabbitmq_vhosts.yml b/tasks/rabbitmq_vhosts.yml new file mode 100644 index 0000000..a02af62 --- /dev/null +++ b/tasks/rabbitmq_vhosts.yml | |||
| @@ -0,0 +1,25 @@ | |||
| 1 | --- | ||
| 2 | - name: rabbitmq_extra_vhosts | Create vhosts | ||
| 3 | rabbitmq_vhost: | ||
| 4 | name: "{{ item['name'] }}" | ||
| 5 | state: "{{ item['state'] }}" | ||
| 6 | with_items: "{{ rabbitmq_extra_vhosts }}" | ||
| 7 | run_once: "{{ rabbitmq_enable_clustering is defined and rabbitmq_enable_clustering }}" | ||
| 8 | register: rabbitmq_created_vhosts | ||
| 9 | |||
| 10 | - name: rabbitmq_extra_vhosts | Check guest administrator is present | ||
| 11 | command: rabbitmqctl -q list_users | ||
| 12 | become: true | ||
| 13 | run_once: "{{ rabbitmq_enable_clustering is defined and rabbitmq_enable_clustering }}" | ||
| 14 | when: rabbitmq_created_vhosts.changed | ||
| 15 | changed_when: false | ||
| 16 | register: rabbitmq_existing_users | ||
| 17 | |||
| 18 | - name: rabbitmq_extra_vhosts | Give access to new vhosts to guest administrator | ||
| 19 | command: "rabbitmqctl -q set_permissions -p {{ item['name'] }} guest '.*' '.*' '.*'" | ||
| 20 | become: true | ||
| 21 | run_once: "{{ rabbitmq_enable_clustering is defined and rabbitmq_enable_clustering }}" | ||
| 22 | with_items: "{{ rabbitmq_created_vhosts.results|selectattr('changed')|list }}" | ||
| 23 | when: | ||
| 24 | - item['state'] == 'present' | ||
| 25 | - rabbitmq_existing_users.stdout_lines | map('regex_search', '^guest\\s\\[.*administrator.*\\]$') | list | difference([None]) | length > 0 | ||