From: Luca Filipozzi <lfilipoz@emyr.net>
Date: Sun, 12 Jan 2014 11:30:06 +0000 (+0000)
Subject: Merge branch 'master' of ssh://handel.debian.org/~/dsa-puppet
X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=54d2f1e470aa904f48522aa80555e337799f392e;hp=be61dea21bf6c3d46ba6c59ca336d99fe712fcec;p=dsa-puppet.git

Merge branch 'master' of ssh://handel.debian.org/~/dsa-puppet
---

diff --git a/modules/rabbitmq/manifests/autouser.pp b/modules/rabbitmq/manifests/autouser.pp
new file mode 100644
index 00000000..90758b78
--- /dev/null
+++ b/modules/rabbitmq/manifests/autouser.pp
@@ -0,0 +1,32 @@
+# == Define: rabbitmq::autouser
+#
+# Create a user in rabbitmq automatically for debian.org hosts
+# Should automatically create a password
+#
+# === Parameters
+#
+# === Examples
+#
+#  rabbitmq::autouser { 'master.debian.org': }
+#
+define rabbitmq::autouser () {
+
+	$rabbit_password = hkdf('/etc/puppet/secret', "mq-client-${name}")
+
+	rabbitmq_user { $name:
+		admin    => false,
+		password => $rabbit_password,
+		provider => 'rabbitmqctl',
+	}
+
+	rabbitmq_user_permissions { "${name}@dsa":
+		configure_permission => '.*',
+		read_permission      => '.*',
+		write_permission     => '.*',
+		provider             => 'rabbitmqctl',
+		require              => [
+			Rabbitmq_user[$name],
+			Rabbitmq_vhost['dsa']
+		]
+	}
+}
diff --git a/modules/roles/manifests/pubsub/entities.pp b/modules/roles/manifests/pubsub/entities.pp
index 5496aed2..5248bbc7 100644
--- a/modules/roles/manifests/pubsub/entities.pp
+++ b/modules/roles/manifests/pubsub/entities.pp
@@ -66,6 +66,10 @@ class roles::pubsub::entities {
 		provider => 'rabbitmqctl',
 	}
 
+	$do_hosts = keys($site::localinfo)
+
+	rabbitmq::autouser { $do_hosts: }
+
 	rabbitmq_vhost { 'packages':
 		ensure   => present,
 		provider => 'rabbitmqctl',
@@ -192,28 +196,6 @@ class roles::pubsub::entities {
 		]
 	}
 
-	rabbitmq_user_permissions { 'mailly@dsa':
-		configure_permission => '.*',
-		read_permission      => '.*',
-		write_permission     => '.*',
-		provider             => 'rabbitmqctl',
-		require              => [
-			Rabbitmq_user['mailly'],
-			Rabbitmq_vhost['dsa']
-		]
-	}
-
-	rabbitmq_user_permissions { 'muffat@dsa':
-		configure_permission => '.*',
-		read_permission      => '.*',
-		write_permission     => '.*',
-		provider             => 'rabbitmqctl',
-		require              => [
-			Rabbitmq_user['muffat'],
-			Rabbitmq_vhost['dsa']
-		]
-	}
-
 	rabbitmq_user_permissions { 'pet-devel@pet':
 		configure_permission => '.*',
 		read_permission      => '.*',
@@ -277,11 +259,5 @@ class roles::pubsub::entities {
 		require  => Package['rabbitmq-server'],
 		notify   => Service['rabbitmq-server']
 	}
-	rabbitmq_plugin { 'rabbitmq_auth_mechanism_ssl':
-		ensure   => present,
-		provider => 'rabbitmqplugins',
-		require  => Package['rabbitmq-server'],
-		notify   => Service['rabbitmq-server']
-	}
 
 }
diff --git a/modules/samhain/templates/samhainrc.erb b/modules/samhain/templates/samhainrc.erb
index ee11c515..cecc4ccd 100644
--- a/modules/samhain/templates/samhainrc.erb
+++ b/modules/samhain/templates/samhainrc.erb
@@ -290,6 +290,7 @@ file=/etc/aliases
 file=/etc/multipath.conf
 file=/etc/static-components.conf
 file=/etc/rabbitmq/rabbitmq.config
+file=/etc/rabbitmq/enabled_plugins
 dir=/etc/bacula/storages-list.d
 dir=/etc/bacula/storage-conf.d
 dir=/etc/bacula/conf.d