--- /dev/null
+# == Define: rabbitmq::autouser
+#
+# Create a user in rabbitmq automatically for debian.org hosts
+# Should automatically create a password
+#
+# === Parameters
+#
+# === Examples
+#
+# rabbitmq::autouser { 'master.debian.org': }
+#
+define rabbitmq::autouser () {
+
+ $rabbit_password = hkdf('/etc/puppet/secret', "mq-client-${name}")
+
+ rabbitmq_user { $name:
+ admin => false,
+ password => $rabbit_password,
+ provider => 'rabbitmqctl',
+ }
+
+ rabbitmq_user_permissions { "${name}@dsa":
+ configure_permission => '.*',
+ read_permission => '.*',
+ write_permission => '.*',
+ provider => 'rabbitmqctl',
+ require => [
+ Rabbitmq_user[$name],
+ Rabbitmq_vhost['dsa']
+ ]
+ }
+}
provider => 'rabbitmqctl',
}
+ $do_hosts = keys($site::localinfo)
+
+ rabbitmq::autouser { $do_hosts: }
+
rabbitmq_vhost { 'packages':
ensure => present,
provider => 'rabbitmqctl',
]
}
- rabbitmq_user_permissions { 'mailly@dsa':
- configure_permission => '.*',
- read_permission => '.*',
- write_permission => '.*',
- provider => 'rabbitmqctl',
- require => [
- Rabbitmq_user['mailly'],
- Rabbitmq_vhost['dsa']
- ]
- }
-
- rabbitmq_user_permissions { 'muffat@dsa':
- configure_permission => '.*',
- read_permission => '.*',
- write_permission => '.*',
- provider => 'rabbitmqctl',
- require => [
- Rabbitmq_user['muffat'],
- Rabbitmq_vhost['dsa']
- ]
- }
-
rabbitmq_user_permissions { 'pet-devel@pet':
configure_permission => '.*',
read_permission => '.*',
require => Package['rabbitmq-server'],
notify => Service['rabbitmq-server']
}
- rabbitmq_plugin { 'rabbitmq_auth_mechanism_ssl':
- ensure => present,
- provider => 'rabbitmqplugins',
- require => Package['rabbitmq-server'],
- notify => Service['rabbitmq-server']
- }
}