1 # = Class: roles::pubsub::entities
3 # MQ users, vhosts, policies, and permissions for pubsub hosts
7 # include roles::pubsub::entities
9 class roles::pubsub::entities {
10 include roles::pubsub::params
12 $admin_password = $roles::pubsub::params::admin_password
13 $ftp_password = $roles::pubsub::params::ftp_password
14 $buildd_password = $roles::pubsub::params::buildd_password
15 $wbadm_password = $roles::pubsub::params::wbadm_password
16 $mailadm_password = $roles::pubsub::params::mailadm_password
17 $mailly_password = $roles::pubsub::params::mailly_password
18 $muffat_password = $roles::pubsub::params::muffat_password
19 $pet_password = $roles::pubsub::params::pet_password
21 rabbitmq_user { 'admin':
23 password => $admin_password,
24 provider => 'rabbitmqctl',
27 rabbitmq_user { 'ftpteam':
29 password => $ftp_password,
30 provider => 'rabbitmqctl',
33 rabbitmq_user { 'buildd':
35 password => $buildd_password,
36 provider => 'rabbitmqctl',
39 rabbitmq_user { 'wbadm':
41 password => $wbadm_password,
42 provider => 'rabbitmqctl',
45 rabbitmq_user { 'mailadm':
47 password => $mailadm_password,
48 provider => 'rabbitmqctl',
51 rabbitmq_user { 'mailly':
53 password => $mailly_password,
54 provider => 'rabbitmqctl',
57 rabbitmq_user { 'muffat':
59 password => $muffat_password,
60 provider => 'rabbitmqctl',
63 rabbitmq_user { 'pet-devel':
65 password => $pet_password,
66 provider => 'rabbitmqctl',
69 $do_hosts = keys($site::localinfo)
71 rabbitmq::autouser { $do_hosts: }
73 rabbitmq_vhost { 'packages':
75 provider => 'rabbitmqctl',
78 rabbitmq_vhost { 'buildd':
80 provider => 'rabbitmqctl',
83 rabbitmq_vhost { 'dsa':
85 provider => 'rabbitmqctl',
88 rabbitmq_vhost { 'pet':
90 provider => 'rabbitmqctl',
93 rabbitmq_user_permissions { 'admin@/':
94 configure_permission => '.*',
95 read_permission => '.*',
96 write_permission => '.*',
97 provider => 'rabbitmqctl',
98 require => Rabbitmq_user['admin']
101 rabbitmq_user_permissions { 'admin@buildd':
102 configure_permission => '.*',
103 read_permission => '.*',
104 write_permission => '.*',
105 provider => 'rabbitmqctl',
107 Rabbitmq_user['admin'],
108 Rabbitmq_vhost['buildd']
112 rabbitmq_user_permissions { 'admin@dsa':
113 configure_permission => '.*',
114 read_permission => '.*',
115 write_permission => '.*',
116 provider => 'rabbitmqctl',
118 Rabbitmq_user['admin'],
119 Rabbitmq_vhost['dsa']
123 rabbitmq_user_permissions { 'admin@packages':
124 configure_permission => '.*',
125 read_permission => '.*',
126 write_permission => '.*',
127 provider => 'rabbitmqctl',
129 Rabbitmq_user['admin'],
130 Rabbitmq_vhost['packages']
134 rabbitmq_user_permissions { 'admin@pet':
135 configure_permission => '.*',
136 read_permission => '.*',
137 write_permission => '.*',
138 provider => 'rabbitmqctl',
140 Rabbitmq_user['admin'],
141 Rabbitmq_vhost['pet']
145 rabbitmq_user_permissions { 'ftpteam@packages':
146 configure_permission => '.*',
147 read_permission => '.*',
148 write_permission => '.*',
149 provider => 'rabbitmqctl',
151 Rabbitmq_user['ftpteam'],
152 Rabbitmq_vhost['packages']
156 rabbitmq_user_permissions { 'wbadm@packages':
157 read_permission => 'unchecked',
158 write_permission => 'wbadm',
159 provider => 'rabbitmqctl',
161 Rabbitmq_user['wbadm'],
162 Rabbitmq_vhost['packages']
166 rabbitmq_user_permissions { 'buildd@buildd':
167 configure_permission => '.*',
168 read_permission => '.*',
169 write_permission => '.*',
170 provider => 'rabbitmqctl',
172 Rabbitmq_user['buildd'],
173 Rabbitmq_vhost['buildd']
177 rabbitmq_user_permissions { 'wbadm@buildd':
178 configure_permission => '.*',
179 read_permission => '.*',
180 write_permission => '.*',
181 provider => 'rabbitmqctl',
183 Rabbitmq_user['wbadm'],
184 Rabbitmq_vhost['buildd']
188 rabbitmq_user_permissions { 'mailadm@dsa':
189 configure_permission => '.*',
190 read_permission => '.*',
191 write_permission => '.*',
192 provider => 'rabbitmqctl',
194 Rabbitmq_user['mailadm'],
195 Rabbitmq_vhost['dsa']
199 rabbitmq_user_permissions { 'mailly@dsa':
200 configure_permission => '.*',
201 read_permission => '.*',
202 write_permission => '.*',
203 provider => 'rabbitmqctl',
205 Rabbitmq_user['mailly'],
206 Rabbitmq_vhost['dsa']
210 rabbitmq_user_permissions { 'muffat@dsa':
211 configure_permission => '.*',
212 read_permission => '.*',
213 write_permission => '.*',
214 provider => 'rabbitmqctl',
216 Rabbitmq_user['muffat'],
217 Rabbitmq_vhost['dsa']
221 rabbitmq_user_permissions { 'pet-devel@pet':
222 configure_permission => '.*',
223 read_permission => '.*',
224 write_permission => '.*',
225 provider => 'rabbitmqctl',
227 Rabbitmq_user['pet-devel'],
228 Rabbitmq_vhost['pet']
232 rabbitmq_policy { 'mirror-dsa':
235 policy => '{"ha-mode":"all"}',
236 require => Rabbitmq_vhost['dsa']
239 rabbitmq_policy { 'mirror-buildd':
242 policy => '{"ha-mode":"all"}',
243 require => Rabbitmq_vhost['buildd']
246 rabbitmq_policy { 'mirror-packages':
249 policy => '{"ha-mode":"all"}',
250 require => Rabbitmq_vhost['packages']
253 rabbitmq_policy { 'mirror_pet':
256 policy => '{"ha-mode":"all"}',
257 require => Rabbitmq_vhost['pet']
260 rabbitmq_plugin { 'rabbitmq_management':
262 provider => 'rabbitmqplugins',
263 require => Package['rabbitmq-server'],
264 notify => Service['rabbitmq-server']
266 rabbitmq_plugin { 'rabbitmq_management_agent':
268 provider => 'rabbitmqplugins',
269 require => Package['rabbitmq-server'],
270 notify => Service['rabbitmq-server']
272 rabbitmq_plugin { 'rabbitmq_tracing':
274 provider => 'rabbitmqplugins',
275 require => Package['rabbitmq-server'],
276 notify => Service['rabbitmq-server']
278 rabbitmq_plugin { 'rabbitmq_management_visualiser':
280 provider => 'rabbitmqplugins',
281 require => Package['rabbitmq-server'],
282 notify => Service['rabbitmq-server']