kirby/documentation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add rabbitmq ansible role

Browse Source
This commit is contained in:
kirby
2025-05-22 17:13:15 +02:00
parent 1a541ff03a
commit 8bc817540d
11 changed files with 454 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

117
ansible/roles/rabbitmq/tasks/config.yml Normal file
View File

@@ -0,0 +1,117 @@
---
- name: Deploy rabbitmq config file
ansible.builtin.template:
src: rabbitmq.conf.j2
dest: /etc/rabbitmq/rabbitmq.conf
mode: 0644
owner: rabbitmq
group: rabbitmq
notify: Restart Rabbitmq
tags: config
- name: Deploy rabbitmq env file
ansible.builtin.template:
src: rabbitmq-env.conf.j2
dest: /etc/rabbitmq/rabbitmq-env.conf
mode: 0644
owner: rabbitmq
group: rabbitmq
notify: Restart Rabbitmq
tags: config
- name: Enabling Rabbitmq plugins
community.rabbitmq.rabbitmq_plugin:
name: "{{ rabbitmq_plugins }}"
state: enabled
tags: config
- name: Delete guest user
community.rabbitmq.rabbitmq_user:
user: guest
state: absent
tags: config
- name: Create vhosts
community.rabbitmq.rabbitmq_vhost:
name: "{{ item }}"
state: present
with_items: "{{ rabbitmq_vhosts }}"
tags: config,users,vhosts
- name: Create admin user
community.rabbitmq.rabbitmq_user:
user: "{{ rabbitmq_admin_username }}"
password: "{{ rabbitmq_admin_password }}"
vhost: "{{ item }}"
configure_priv: .*
read_priv: .*
write_priv: .*
state: present
tags: administrator
tags: config
with_items: "{{ rabbitmq_vhosts }}"
- name: Create checkmk user
community.rabbitmq.rabbitmq_user:
user: "{{ rabbitmq_checkmk_username }}"
password: "{{ rabbitmq_checkmk_password }}"
vhost: /
configure_priv: ""
read_priv: .*
write_priv: ""
state: present
tags: monitoring
tags: config
- name: Create exchanges
community.rabbitmq.rabbitmq_exchange:
name: "{{ item.name }}"
type: "{{ item.type }}"
vhost: "{{ item.vhost }}"
state: present
login_user: "{{ rabbitmq_admin_username }}"
login_password: "{{ rabbitmq_admin_password }}"
with_items: "{{ rabbitmq_exchanges }}"
tags: config,exchanges
- name: Create queues
community.rabbitmq.rabbitmq_queue:
login_user: "{{ rabbitmq_admin_username }}"
login_password: "{{ rabbitmq_admin_password }}"
state: "{{ item.state | default('present')}}"
vhost: "{{ item.vhost }}"
name: "{{ item.name }}"
durable: "{{ item.durable | default(true) }}"
dead_letter_exchange: "{{ item.dead_letter_exchange | default() }}"
dead_letter_routing_key: "{{ item.dead_letter_routing_key | default() }}"
arguments: "{{ item.arguments | default({}) }}"
with_items: "{{ rabbitmq_queues }}"
tags: config,queues
- name: Create bindings
community.rabbitmq.rabbitmq_binding:
login_user: "{{ rabbitmq_admin_username }}"
login_password: "{{ rabbitmq_admin_password }}"
state: "{{ item.state |default('present') }}"
vhost: "{{ item.vhost }}"
name: "{{ item.name }}"
destination: "{{ item.destination }}"
destination_type: "{{ item.destination_type }}"
routing_key: "{{ item.routing_key }}"
arguments: "{{ item.arguments | default({}) }}"
with_items: "{{ rabbitmq_bindings }}"
tags: config,bindings
- name: Create app users
community.rabbitmq.rabbitmq_user:
user: "{{ item.username }}"
password: "{{ item.password }}"
vhost: "{{ item.vhost }}"
read_priv: "{{ item.read_priv | default('.*') }}"
write_priv: "{{ item.write_priv | default('.*') }}"
configure_priv: "{{ item.configure_priv | default('.*') }}"
state: present
tags: monitoring,management
with_items: "{{ rabbitmq_app_users }}"
tags: config,users

156
ansible/roles/rabbitmq/tasks/install.yml Normal file
View File

@@ -0,0 +1,156 @@
---
- name: Install requirements
ansible.builtin.apt:
name: "{{ item }}"
state: present
with_items:
- gnupg
- curl
- apt-transport-https
- debian-keyring
tags: install,conf
- name: Import cloudsmith key (Rabbitmq-server)
ansible.builtin.get_url:
url: "https://dl.cloudsmith.io/public/rabbitmq/rabbitmq-server/gpg.9F4587F226208342.key"
dest: "/usr/share/keyrings/rabbitmq.9F4587F226208342.asc"
mode: 0644
force: true
tags: install
- name: Import cloudsmith key (Erlang)
ansible.builtin.get_url:
url: "https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key"
dest: "/usr/share/keyrings/rabbitmq.E495BB49CC4BBE5B.gpg"
mode: 0644
force: true
tags: install
- name: Import cloudsmith key (Erlang) - 2
ansible.builtin.get_url:
url: "https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key"
dest: "/usr/share/keyrings/rabbitmq.9F4587F226208342.gpg"
mode: 0644
force: true
tags: install
- name: Add rabbitmq repository
ansible.builtin.apt_repository:
filename: rabbitmq
repo: "{{ item }}"
with_items:
- 'deb [arch=amd64 signed-by=/usr/share/keyrings/rabbitmq.E495BB49CC4BBE5B.gpg] https://ppa1.rabbitmq.com/rabbitmq/rabbitmq-erlang/deb/debian bookworm main'
- 'deb-src [signed-by=/usr/share/keyrings/rabbitmq.E495BB49CC4BBE5B.gpg] https://ppa1.rabbitmq.com/rabbitmq/rabbitmq-erlang/deb/debian bookworm main'
- 'deb [arch=amd64 signed-by=/usr/share/keyrings/rabbitmq.E495BB49CC4BBE5B.gpg] https://ppa2.rabbitmq.com/rabbitmq/rabbitmq-erlang/deb/debian bookworm main'
- 'deb-src [signed-by=/usr/share/keyrings/rabbitmq.E495BB49CC4BBE5B.gpg] https://ppa2.rabbitmq.com/rabbitmq/rabbitmq-erlang/deb/debian bookworm main'
- 'deb [arch=amd64 signed-by=/usr/share/keyrings/rabbitmq.9F4587F226208342.gpg] https://ppa1.rabbitmq.com/rabbitmq/rabbitmq-server/deb/debian bookworm main'
- 'deb-src [signed-by=/usr/share/keyrings/rabbitmq.9F4587F226208342.gpg] https://ppa1.rabbitmq.com/rabbitmq/rabbitmq-server/deb/debian bookworm main'
- 'deb [arch=amd64 signed-by=/usr/share/keyrings/rabbitmq.9F4587F226208342.gpg] https://ppa2.rabbitmq.com/rabbitmq/rabbitmq-server/deb/debian bookworm main'
- 'deb-src [signed-by=/usr/share/keyrings/rabbitmq.9F4587F226208342.gpg] https://ppa2.rabbitmq.com/rabbitmq/rabbitmq-server/deb/debian bookworm main'
tags: install
- name: Install Erlang packages
ansible.builtin.apt:
name: "{{ item }}"
state: present
with_items:
- erlang-base
- erlang-asn1
- erlang-crypto
- erlang-eldap
- erlang-ftp
- erlang-inets
- erlang-mnesia
- erlang-os-mon
- erlang-parsetools
- erlang-public-key
- erlang-runtime-tools
- erlang-snmp
- erlang-ssl
- erlang-syntax-tools
- erlang-tftp
- erlang-tools
- erlang-xmerl
tags: install
- name: Install rabbitmq-server
ansible.builtin.apt:
name: "rabbitmq-server"
state: present
tags: install
- name: Hold rabbitmq and Erlang packages
ansible.builtin.dpkg_selections:
name: "{{ item }}"
selection: hold
with_items:
- rabbitmq-server
- erlang-base
tags: install
- name: Create systemd rabbit override directory
ansible.builtin.file:
path: "/etc/systemd/system/rabbitmq-server.service.d"
state: directory
owner: root
group: root
mode: 0755
tags: install
- name: Set LimitNOFILE
ansible.builtin.copy:
src: limits.conf
dest: "/etc/systemd/system/rabbitmq-server.service.d/limits.conf"
mode: 0644
owner: root
group: root
tags: install
notify:
- Daemon_reload
- Restart Rabbitmq
- name: Set Erlang cookie
ansible.builtin.template:
src: erlang.cookie
dest: /var/lib/rabbitmq/.erlang.cookie
owner: rabbitmq
group: rabbitmq
mode: 0400
tags: install
notify: Restart Rabbitmq
- name: Ensure rabbitmq-server service is enabled
ansible.builtin.systemd_service:
name: rabbitmq-server.service
enabled: true
tags: install
- name: Deploy rabbitmq config file
ansible.builtin.template:
src: rabbitmq.conf.j2
dest: /etc/rabbitmq/rabbitmq.conf
mode: 0644
owner: rabbitmq
group: rabbitmq
notify: Restart Rabbitmq
tags: install
- name: Deploy rabbitmq env file
ansible.builtin.template:
src: rabbitmq-env.conf.j2
dest: /etc/rabbitmq/rabbitmq-env.conf
mode: 0644
owner: rabbitmq
group: rabbitmq
notify: Restart Rabbitmq
tags: install
- name: Deploy logrotate conf
ansible.builtin.copy:
src: logrotate
dest: /etc/logrotate.d/rabbitmq-server
mode: 0644
user: root
group: root
tags: install

9
ansible/roles/rabbitmq/tasks/main.yml Normal file
View File

@@ -0,0 +1,9 @@
---
- name: Import install tasks
ansible.builtin.include_tasks: install.yml
tags: install
- name: Import config tasks
ansible.builtin.include_tasks: config.yml
tags: config,users,queues,vhosts,exchanges,bindings