pool/rabbitmq-server
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- switch to 3.7.x style rabbitmq-server.conf

Browse Source 
- Remove sd_notify dependency and replace with socat as
  followup to upstream change in
  https://github.com/rabbitmq/rabbitmq-server/pull/666

OBS-URL: https://build.opensuse.org/package/show/network:messaging:amqp/rabbitmq-server?expand=0&rev=104
This commit is contained in:
Dirk Mueller 2018-12-17 08:08:10 +00:00 committed by Git OBS Bridge
parent 56af504eb6
commit 2b2a17ea64
4 changed files with 904 additions and 848 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
rabbitmq-server.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Mon Dec 17 08:07:22 UTC 2018 - Dirk Mueller <dmueller@suse.com>
- switch to 3.7.x style rabbitmq-server.conf
- Remove sd_notify dependency and replace with socat as
followup to upstream change in
https://github.com/rabbitmq/rabbitmq-server/pull/666
-------------------------------------------------------------------
Sat Dec 15 20:48:46 UTC 2018 - Dirk Mueller <dmueller@suse.com>

7
rabbitmq-server.spec
View File

@ -49,7 +49,8 @@ Source5: rabbitmq-server.sysconfig
Source6: rabbitmq-server.service
Source7: rabbitmq-server.tmpfiles.d.conf
Source8: README.SUSE
Source9: rabbitmq.config.example
# from https://raw.githubusercontent.com/rabbitmq/rabbitmq-server/v3.7.x/docs/rabbitmq.conf.example
Source9: rabbitmq.conf.example
BuildRequires: elixir
# https://www.rabbitmq.com/which-erlang.html
BuildRequires: erlang < 22
@ -77,7 +78,7 @@ Requires(pre): %insserv_prereq
BuildRequires: systemd
%{?systemd_requires}
%define have_systemd 1
Requires: erlang-sd_notify
Requires: socat
%else
Requires: %fillup_prereq
Requires: %insserv_prereq
@ -154,7 +155,7 @@ install -p -D -m 0755 scripts/rabbitmq-server.ocf %{buildroot}%{_exec_prefix}/li
install -p -D -m 0755 scripts/rabbitmq-server-ha.ocf %{buildroot}%{_exec_prefix}/lib/ocf/resource.d/rabbitmq/rabbitmq-server-ha
# install config files
install -p -D -m 0644 %{SOURCE9} %{buildroot}/%{_sysconfdir}/rabbitmq/rabbitmq.config
install -p -D -m 0644 %{SOURCE9} %{buildroot}/%{_sysconfdir}/rabbitmq/rabbitmq.conf
install -p -D -m 0644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/rabbitmq/rabbitmq-env.conf
# Copy all necessary lib files etc.

892
rabbitmq.conf.example Normal file
View File

@ -0,0 +1,892 @@
# ======================================
# RabbitMQ broker section
# ======================================
## Related doc guide: http://rabbitmq.com/configure.html. See
## http://rabbitmq.com/documentation.html for documentation ToC.
## Networking
## ====================
##
## Related doc guide: http://rabbitmq.com/networking.html.
##
## By default, RabbitMQ will listen on all interfaces, using
## the standard (reserved) AMQP 0-9-1 and 1.0 port.
##
# listeners.tcp.default = 5672
## To listen on a specific interface, provide an IP address with port.
## For example, to listen only on localhost for both IPv4 and IPv6:
##
# IPv4
# listeners.tcp.local = 127.0.0.1:5672
# IPv6
# listeners.tcp.local_v6 = ::1:5672
## You can define multiple listeners using listener names
# listeners.tcp.other_port = 5673
# listeners.tcp.other_ip = 10.10.10.10:5672
## TLS listeners are configured in the same fashion as TCP listeners,
## including the option to control the choice of interface.
##
# listeners.ssl.default = 5671
## Number of Erlang processes that will accept connections for the TCP
## and TLS listeners.
##
# num_acceptors.tcp = 10
# num_acceptors.ssl = 1
## Maximum time for AMQP 0-8/0-9/0-9-1 handshake (after socket connection
## and TLS handshake), in milliseconds.
##
# handshake_timeout = 10000
## Set to 'true' to perform reverse DNS lookups when accepting a
## connection. Hostnames will then be shown instead of IP addresses
## in rabbitmqctl and the management plugin.
##
# reverse_dns_lookups = true
##
## Security, Access Control
## ==============
##
## Related doc guide: http://rabbitmq.com/access-control.html.
## The default "guest" user is only permitted to access the server
## via a loopback interface (e.g. localhost).
## {loopback_users, [<<"guest">>]},
##
# loopback_users.guest = true
## Uncomment the following line if you want to allow access to the
## guest user from anywhere on the network.
# loopback_users.guest = false
## TLS configuration.
##
## Related doc guide: http://rabbitmq.com/ssl.html.
##
# ssl_options.verify = verify_peer
# ssl_options.fail_if_no_peer_cert = false
# ssl_options.cacertfile = /path/to/cacert.pem
# ssl_options.certfile = /path/to/cert.pem
# ssl_options.keyfile = /path/to/key.pem
#
# ssl_options.honor_cipher_order = true
# ssl_options.honor_ecc_order = true
# ssl_options.ciphers.1 = ECDHE-ECDSA-AES256-GCM-SHA384
# ssl_options.ciphers.2 = ECDHE-RSA-AES256-GCM-SHA384
# ssl_options.ciphers.3 = ECDHE-ECDSA-AES256-SHA384
# ssl_options.ciphers.4 = ECDHE-RSA-AES256-SHA384
# ssl_options.ciphers.5 = ECDH-ECDSA-AES256-GCM-SHA384
# ssl_options.ciphers.6 = ECDH-RSA-AES256-GCM-SHA384
# ssl_options.ciphers.7 = ECDH-ECDSA-AES256-SHA384
# ssl_options.ciphers.8 = ECDH-RSA-AES256-SHA384
# ssl_options.ciphers.9 = DHE-RSA-AES256-GCM-SHA384
# ssl_options.ciphers.10 = DHE-DSS-AES256-GCM-SHA384
# ssl_options.ciphers.11 = DHE-RSA-AES256-SHA256
# ssl_options.ciphers.12 = DHE-DSS-AES256-SHA256
# ssl_options.ciphers.13 = ECDHE-ECDSA-AES128-GCM-SHA256
# ssl_options.ciphers.14 = ECDHE-RSA-AES128-GCM-SHA256
# ssl_options.ciphers.15 = ECDHE-ECDSA-AES128-SHA256
# ssl_options.ciphers.16 = ECDHE-RSA-AES128-SHA256
# ssl_options.ciphers.17 = ECDH-ECDSA-AES128-GCM-SHA256
# ssl_options.ciphers.18 = ECDH-RSA-AES128-GCM-SHA256
# ssl_options.ciphers.19 = ECDH-ECDSA-AES128-SHA256
# ssl_options.ciphers.20 = ECDH-RSA-AES128-SHA256
# ssl_options.ciphers.21 = DHE-RSA-AES128-GCM-SHA256
# ssl_options.ciphers.22 = DHE-DSS-AES128-GCM-SHA256
# ssl_options.ciphers.23 = DHE-RSA-AES128-SHA256
# ssl_options.ciphers.24 = DHE-DSS-AES128-SHA256
# ssl_options.ciphers.25 = ECDHE-ECDSA-AES256-SHA
# ssl_options.ciphers.26 = ECDHE-RSA-AES256-SHA
# ssl_options.ciphers.27 = DHE-RSA-AES256-SHA
# ssl_options.ciphers.28 = DHE-DSS-AES256-SHA
# ssl_options.ciphers.29 = ECDH-ECDSA-AES256-SHA
# ssl_options.ciphers.30 = ECDH-RSA-AES256-SHA
# ssl_options.ciphers.31 = ECDHE-ECDSA-AES128-SHA
# ssl_options.ciphers.32 = ECDHE-RSA-AES128-SHA
# ssl_options.ciphers.33 = DHE-RSA-AES128-SHA
# ssl_options.ciphers.34 = DHE-DSS-AES128-SHA
# ssl_options.ciphers.35 = ECDH-ECDSA-AES128-SHA
# ssl_options.ciphers.36 = ECDH-RSA-AES128-SHA
## Select an authentication/authorisation backend to use.
##
## Alternative backends are provided by plugins, such as rabbitmq-auth-backend-ldap.
##
## NB: These settings require certain plugins to be enabled.
##
## Related doc guides:
##
## * http://rabbitmq.com/plugins.html
## * http://rabbitmq.com/access-control.html
##
# auth_backends.1 = rabbit_auth_backend_internal
## uses separate backends for authentication and authorisation,
## see below.
# auth_backends.1.authn = rabbit_auth_backend_ldap
# auth_backends.1.authz = rabbit_auth_backend_internal
## The rabbitmq_auth_backend_ldap plugin allows the broker to
## perform authentication and authorisation by deferring to an
## external LDAP server.
##
## Relevant doc guides:
##
## * http://rabbitmq.com/ldap.html
## * http://rabbitmq.com/access-control.html
##
## uses LDAP for both authentication and authorisation
# auth_backends.1 = rabbit_auth_backend_ldap
## uses HTTP service for both authentication and
## authorisation
# auth_backends.1 = rabbit_auth_backend_http
## uses two backends in a chain: HTTP first, then internal
# auth_backends.1 = rabbit_auth_backend_http
# auth_backends.2 = rabbit_auth_backend_internal
## Authentication
## The built-in mechanisms are 'PLAIN',
## 'AMQPLAIN', and 'EXTERNAL' Additional mechanisms can be added via
## plugins.
##
## Related doc guide: http://rabbitmq.com/authentication.html.
##
# auth_mechanisms.1 = PLAIN
# auth_mechanisms.2 = AMQPLAIN
## The rabbitmq-auth-mechanism-ssl plugin makes it possible to
## authenticate a user based on the client's x509 (TLS) certificate.
## Related doc guide: http://rabbitmq.com/authentication.html.
##
## To use auth-mechanism-ssl, the EXTERNAL mechanism should
## be enabled:
##
# auth_mechanisms.1 = PLAIN
# auth_mechanisms.2 = AMQPLAIN
# auth_mechanisms.3 = EXTERNAL
## To force x509 certificate-based authentication on all clients,
## exclude all other mechanisms (note: this will disable password-based
## authentication even for the management UI!):
##
# auth_mechanisms.1 = EXTERNAL
## This pertains to both the rabbitmq-auth-mechanism-ssl plugin and
## STOMP ssl_cert_login configurations. See the RabbitMQ STOMP plugin
## configuration section later in this file and the README in
## https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further
## details.
##
## To use the TLS cert's CN instead of its DN as the username
##
# ssl_cert_login_from = common_name
## TLS handshake timeout, in milliseconds.
##
# ssl_handshake_timeout = 5000
## Password hashing implementation. Will only affect newly
## created users. To recalculate hash for an existing user
## it's necessary to update her password.
##
## To use SHA-512, set to rabbit_password_hashing_sha512.
##
# password_hashing_module = rabbit_password_hashing_sha256
## When importing definitions exported from versions earlier
## than 3.6.0, it is possible to go back to MD5 (only do this
## as a temporary measure!) by setting this to rabbit_password_hashing_md5.
##
# password_hashing_module = rabbit_password_hashing_md5
##
## Default User / VHost
## ====================
##
## On first start RabbitMQ will create a vhost and a user. These
## config items control what gets created.
## Relevant doc guide: http://rabbitmq.com/access-control.html
##
# default_vhost = /
# default_user = guest
# default_pass = guest
# default_permissions.configure = .*
# default_permissions.read = .*
# default_permissions.write = .*
## Tags for default user
##
## For more details about tags, see the documentation for the
## Management Plugin at http://rabbitmq.com/management.html.
##
# default_user_tags.administrator = true
## Define other tags like this:
# default_user_tags.management = true
# default_user_tags.custom_tag = true
##
## Additional network and protocol related configuration
## =====================================================
##
## Set the default AMQP 0-9-1 heartbeat interval (in seconds).
## Related doc guides:
##
## * http://rabbitmq.com/heartbeats.html
## * http://rabbitmq.com/networking.html
##
# heartbeat = 60
## Set the max permissible size of an AMQP frame (in bytes).
##
# frame_max = 131072
## Set the max frame size the server will accept before connection
## tuning occurs
##
# initial_frame_max = 4096
## Set the max permissible number of channels per connection.
## 0 means "no limit".
##
# channel_max = 128
## Customising TCP Listener (Socket) Configuration.
##
## Related doc guides:
##
## * http://rabbitmq.com/networking.html
## * http://www.erlang.org/doc/man/inet.html#setopts-2
##
# tcp_listen_options.backlog = 128
# tcp_listen_options.nodelay = true
# tcp_listen_options.exit_on_close = false
#
# tcp_listen_options.keepalive = true
# tcp_listen_options.send_timeout = 15000
#
# tcp_listen_options.buffer = 196608
# tcp_listen_options.sndbuf = 196608
# tcp_listen_options.recbuf = 196608
##
## Resource Limits & Flow Control
## ==============================
##
## Related doc guide: http://rabbitmq.com/memory.html.
## Memory-based Flow Control threshold.
##
# vm_memory_high_watermark.relative = 0.4
## Alternatively, we can set a limit (in bytes) of RAM used by the node.
##
# vm_memory_high_watermark.absolute = 1073741824
## Or you can set absolute value using memory units (with RabbitMQ 3.6.0+).
## Absolute watermark will be ignored if relative is defined!
##
# vm_memory_high_watermark.absolute = 2GB
##
## Supported units suffixes:
##
## kb, KB: kibibytes (2^10 bytes)
## mb, MB: mebibytes (2^20)
## gb, GB: gibibytes (2^30)
## Fraction of the high watermark limit at which queues start to
## page message out to disc in order to free up memory.
## For example, when vm_memory_high_watermark is set to 0.4 and this value is set to 0.5,
## paging can begin as early as when 20% of total available RAM is used by the node.
##
## Values greater than 1.0 can be dangerous and should be used carefully.
##
## One alternative to this is to use durable queues and publish messages
## as persistent (delivery mode = 2). With this combination queues will
## move messages to disk much more rapidly.
##
## Another alternative is to configure queues to page all messages (both
## persistent and transient) to disk as quickly
## as possible, see http://rabbitmq.com/lazy-queues.html.
##
# vm_memory_high_watermark_paging_ratio = 0.5
## Selects Erlang VM memory consumption calculation strategy. Can be `allocated`, `rss` or `legacy` (aliased as `erlang`),
## Introduced in 3.6.11. `rss` is the default as of 3.6.12.
## See https://github.com/rabbitmq/rabbitmq-server/issues/1223 and rabbitmq/rabbitmq-common#224 for background.
# vm_memory_calculation_strategy = rss
## Interval (in milliseconds) at which we perform the check of the memory
## levels against the watermarks.
##
# memory_monitor_interval = 2500
## The total memory available can be calculated from the OS resources
## - default option - or provided as a configuration parameter.
# total_memory_available_override_value = 2GB
## Set disk free limit (in bytes). Once free disk space reaches this
## lower bound, a disk alarm will be set - see the documentation
## listed above for more details.
##
## Absolute watermark will be ignored if relative is defined!
# disk_free_limit.absolute = 50000
## Or you can set it using memory units (same as in vm_memory_high_watermark)
## with RabbitMQ 3.6.0+.
# disk_free_limit.absolute = 500KB
# disk_free_limit.absolute = 50mb
# disk_free_limit.absolute = 5GB
## Alternatively, we can set a limit relative to total available RAM.
##
## Values lower than 1.0 can be dangerous and should be used carefully.
# disk_free_limit.relative = 2.0
##
## Clustering
## =====================
##
# cluster_partition_handling = ignore
## pause_if_all_down strategy require additional configuration
# cluster_partition_handling = pause_if_all_down
## Recover strategy. Can be either 'autoheal' or 'ignore'
# cluster_partition_handling.pause_if_all_down.recover = ignore
## Node names to check
# cluster_partition_handling.pause_if_all_down.nodes.1 = rabbit@localhost
# cluster_partition_handling.pause_if_all_down.nodes.2 = hare@localhost
## Mirror sync batch size, in messages. Increasing this will speed
## up syncing but total batch size in bytes must not exceed 2 GiB.
## Available in RabbitMQ 3.6.0 or later.
##
# mirroring_sync_batch_size = 4096
## Make clustering happen *automatically* at startup. Only applied
## to nodes that have just been reset or started for the first time.
##
## Relevant doc guide: http://rabbitmq.com//cluster-formation.html
##
# cluster_formation.peer_discovery_backend = rabbit_peer_discovery_classic_config
#
# cluster_formation.classic_config.nodes.1 = rabbit1@hostname
# cluster_formation.classic_config.nodes.2 = rabbit2@hostname
# cluster_formation.classic_config.nodes.3 = rabbit3@hostname
# cluster_formation.classic_config.nodes.4 = rabbit4@hostname
## DNS-based peer discovery. This backend will list A records
## of the configured hostname and perform reverse lookups for
## the addresses returned.
# cluster_formation.peer_discovery_backend = rabbit_peer_discovery_dns
# cluster_formation.dns.hostname = discovery.eng.example.local
## This node's type can be configured. If you are not sure
## what node type to use, always use 'disc'.
# cluster_formation.node_type = disc
## Interval (in milliseconds) at which we send keepalive messages
## to other cluster members. Note that this is not the same thing
## as net_ticktime; missed keepalive messages will not cause nodes
## to be considered down.
##
# cluster_keepalive_interval = 10000
##
## Statistics Collection
## =====================
##
## Set (internal) statistics collection granularity.
##
## Can be none, coarse or fine
# collect_statistics = none
# collect_statistics = coarse
## Statistics collection interval (in milliseconds). Increasing
## this will reduce the load on management database.
##
# collect_statistics_interval = 5000
##
## Misc/Advanced Options
## =====================
##
## NB: Change these only if you understand what you are doing!
##
## Explicitly enable/disable hipe compilation.
##
# hipe_compile = false
## Timeout used when waiting for Mnesia tables in a cluster to
## become available.
##
# mnesia_table_loading_retry_timeout = 30000
## Retries when waiting for Mnesia tables in the cluster startup. Note that
## this setting is not applied to Mnesia upgrades or node deletions.
##
# mnesia_table_loading_retry_limit = 10
## Size in bytes below which to embed messages in the queue index.
## Related doc guide: http://rabbitmq.com/persistence-conf.html
##
# queue_index_embed_msgs_below = 4096
## You can also set this size in memory units
##
# queue_index_embed_msgs_below = 4kb
## Whether or not to enable background periodic forced GC runs for all
## Erlang processes on the node in "waiting" state.
##
## Disabling background GC may reduce latency for client operations,
## keeping it enabled may reduce median RAM usage by the binary heap
## (see https://www.erlang-solutions.com/blog/erlang-garbage-collector.html).
##
## Before trying this option, please take a look at the memory
## breakdown (http://www.rabbitmq.com/memory-use.html).
##
# background_gc_enabled = false
## Target (desired) interval (in milliseconds) at which we run background GC.
## The actual interval will vary depending on how long it takes to execute
## the operation (can be higher than this interval). Values less than
## 30000 milliseconds are not recommended.
##
# background_gc_target_interval = 60000
## Whether or not to enable proxy protocol support.
## Once enabled, clients cannot directly connect to the broker
## anymore. They must connect through a load balancer that sends the
## proxy protocol header to the broker at connection time.
## This setting applies only to AMQP clients, other protocols
## like MQTT or STOMP have their own setting to enable proxy protocol.
## See the plugins documentation for more information.
##
# proxy_protocol = false
## ----------------------------------------------------------------------------
## Advanced Erlang Networking/Clustering Options.
##
## Related doc guide: http://rabbitmq.com/clustering.html
## ----------------------------------------------------------------------------
# ======================================
# Kernel section
# ======================================
## Timeout used to detect peer unavailability, including CLI tools.
## Related doc guide: https://www.rabbitmq.com/nettick.html.
##
# net_ticktime = 60
## Inter-node communication port range.
## Related doc guide: https://www.rabbitmq.com/networking.html#epmd-inet-dist-port-range.
##
# inet_dist_listen_min = 25672
# inet_dist_listen_max = 25692
## ----------------------------------------------------------------------------
## RabbitMQ Management Plugin
##
## Related doc guide: http://rabbitmq.com/management.html.
## ----------------------------------------------------------------------------
# =======================================
# Management section
# =======================================
## Preload schema definitions from the following JSON file.
## Related doc guide: http://rabbitmq.com/management.html#load-definitions.
##
# management.load_definitions = /path/to/exported/definitions.json
## Log all requests to the management HTTP API to a file.
##
# management.http_log_dir = /path/to/access.log
## Change the port on which the HTTP listener listens,
## specifying an interface for the web server to bind to.
## Also set the listener to use TLS and provide TLS options.
##
# management.listener.port = 15672
# management.listener.ip = 127.0.0.1
# management.listener.ssl = true
# management.listener.ssl_opts.cacertfile = /path/to/cacert.pem
# management.listener.ssl_opts.certfile = /path/to/cert.pem
# management.listener.ssl_opts.keyfile = /path/to/key.pem
## One of 'basic', 'detailed' or 'none'. See
## http://rabbitmq.com/management.html#fine-stats for more details.
# management.rates_mode = basic
## Configure how long aggregated data (such as message rates and queue
## lengths) is retained. Please read the plugin's documentation in
## http://rabbitmq.com/management.html#configuration for more
## details.
## Your can use 'minute', 'hour' and 'day' keys or integer key (in seconds)
# management.sample_retention_policies.global.minute = 5
# management.sample_retention_policies.global.hour = 60
# management.sample_retention_policies.global.day = 1200
# management.sample_retention_policies.basic.minute = 5
# management.sample_retention_policies.basic.hour = 60
# management.sample_retention_policies.detailed.10 = 5
## ----------------------------------------------------------------------------
## RabbitMQ Shovel Plugin
##
## Related doc guide: http://rabbitmq.com/shovel.html
## ----------------------------------------------------------------------------
## Shovel plugin config example is defined in additional.config file
## ----------------------------------------------------------------------------
## RabbitMQ STOMP Plugin
##
## Related doc guide: http://rabbitmq.com/stomp.html
## ----------------------------------------------------------------------------
# =======================================
# STOMP section
# =======================================
## Network Configuration. The format is generally the same as for the core broker.
##
# stomp.listeners.tcp.default = 61613
## Same for ssl listeners
##
# stomp.listeners.ssl.default = 61614
## Number of Erlang processes that will accept connections for the TCP
## and TLS listeners.
##
# stomp.num_acceptors.tcp = 10
# stomp.num_acceptors.ssl = 1
## Additional TLS options
## Extract a name from the client's certificate when using TLS.
##
# stomp.ssl_cert_login = true
## Set a default user name and password. This is used as the default login
## whenever a CONNECT frame omits the login and passcode headers.
##
## Please note that setting this will allow clients to connect without
## authenticating!
##
# stomp.default_user = guest
# stomp.default_pass = guest
## If a default user is configured, or you have configured use TLS client
## certificate based authentication, you can choose to allow clients to
## omit the CONNECT frame entirely. If set to true, the client is
## automatically connected as the default user or user supplied in the
## TLS certificate whenever the first frame sent on a session is not a
## CONNECT frame.
##
# stomp.implicit_connect = true
## Whether or not to enable proxy protocol support.
## Once enabled, clients cannot directly connect to the broker
## anymore. They must connect through a load balancer that sends the
## proxy protocol header to the broker at connection time.
## This setting applies only to STOMP clients, other protocols
## like MQTT or AMQP have their own setting to enable proxy protocol.
## See the plugins or broker documentation for more information.
##
# stomp.proxy_protocol = false
## ----------------------------------------------------------------------------
## RabbitMQ MQTT Adapter
##
## See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md
## for details
## ----------------------------------------------------------------------------
# =======================================
# MQTT section
# =======================================
## Set the default user name and password used for anonymous connections (when client
## provides no credentials). Anonymous connections are highly discouraged!
##
# mqtt.default_user = guest
# mqtt.default_pass = guest
## Enable anonymous connections. If this is set to false, clients MUST provide
## credentials in order to connect. See also the mqtt.default_user/mqtt.default_pass
## keys. Anonymous connections are highly discouraged!
##
# mqtt.allow_anonymous = true
## If you have multiple vhosts, specify the one to which the
## adapter connects.
##
# mqtt.vhost = /
## Specify the exchange to which messages from MQTT clients are published.
##
# mqtt.exchange = amq.topic
## Specify TTL (time to live) to control the lifetime of non-clean sessions.
##
# mqtt.subscription_ttl = 1800000
## Set the prefetch count (governing the maximum number of unacknowledged
## messages that will be delivered).
##
# mqtt.prefetch = 10
## TCP/SSL Configuration (as per the broker configuration).
##
# mqtt.listeners.tcp.default = 1883
## Same for ssl listener
##
# mqtt.listeners.ssl.default = 1884
## Number of Erlang processes that will accept connections for the TCP
## and TLS listeners.
##
# mqtt.num_acceptors.tcp = 10
# mqtt.num_acceptors.ssl = 10
## TCP listener options (as per the broker configuration).
##
# mqtt.tcp_listen_options.backlog = 128
# mqtt.tcp_listen_options.nodelay = true
## Whether or not to enable proxy protocol support.
## Once enabled, clients cannot directly connect to the broker
## anymore. They must connect through a load balancer that sends the
## proxy protocol header to the broker at connection time.
## This setting applies only to STOMP clients, other protocols
## like STOMP or AMQP have their own setting to enable proxy protocol.
## See the plugins or broker documentation for more information.
##
# mqtt.proxy_protocol = false
## ----------------------------------------------------------------------------
## RabbitMQ AMQP 1.0 Support
##
## See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md.
## ----------------------------------------------------------------------------
# =======================================
# AMQP 1.0 section
# =======================================
## Connections that are not authenticated with SASL will connect as this
## account. See the README for more information.
##
## Please note that setting this will allow clients to connect without
## authenticating!
##
# amqp1_0.default_user = guest
## Enable protocol strict mode. See the README for more information.
##
# amqp1_0.protocol_strict_mode = false
## Logging settings.
##
## See http://rabbitmq.com/logging.html and https://github.com/erlang-lager/lager for details.
##
## Log direcrory, taken from the RABBITMQ_LOG_BASE env variable by default.
##
# log.dir = /var/log/rabbitmq
## Logging to file. Can be false or a filename.
## Default:
# log.file = rabbit.log
## To disable logging to a file
# log.file = false
## Log level for file logging
##
# log.file.level = info
## File rotation config. No rotation by default.
## DO NOT SET rotation date to ''. Leave the value unset if "" is the desired value
# log.file.rotation.date = $D0
# log.file.rotation.size = 0
## Logging to console (can be true or false)
##
# log.console = false
## Log level for console logging
##
# log.console.level = info
## Logging to the amq.rabbitmq.log exchange (can be true or false)
##
# log.exchange = false
## Log level to use when logging to the amq.rabbitmq.log exchange
##
# log.exchange.level = info
## ----------------------------------------------------------------------------
## RabbitMQ LDAP Plugin
##
## Related doc guide: http://rabbitmq.com/ldap.html.
##
## ----------------------------------------------------------------------------
# =======================================
# LDAP section
# =======================================
##
## Connecting to the LDAP server(s)
## ================================
##
## Specify servers to bind to. You *must* set this in order for the plugin
## to work properly.
##
# auth_ldap.servers.1 = your-server-name-goes-here
## You can define multiple servers
# auth_ldap.servers.2 = your-other-server
## Connect to the LDAP server using TLS
##
# auth_ldap.use_ssl = false
## Specify the LDAP port to connect to
##
# auth_ldap.port = 389
## LDAP connection timeout, in milliseconds or 'infinity'
##
# auth_ldap.timeout = infinity
## Or number
# auth_ldap.timeout = 500
## Enable logging of LDAP queries.
## One of
## - false (no logging is performed)
## - true (verbose logging of the logic used by the plugin)
## - network (as true, but additionally logs LDAP network traffic)
##
## Defaults to false.
##
# auth_ldap.log = false
## Also can be true or network
# auth_ldap.log = true
# auth_ldap.log = network
##
## Authentication
## ==============
##
## Pattern to convert the username given through AMQP to a DN before
## binding
##
# auth_ldap.user_dn_pattern = cn=${username},ou=People,dc=example,dc=com
## Alternatively, you can convert a username to a Distinguished
## Name via an LDAP lookup after binding. See the documentation for
## full details.
## When converting a username to a dn via a lookup, set these to
## the name of the attribute that represents the user name, and the
## base DN for the lookup query.
##
# auth_ldap.dn_lookup_attribute = userPrincipalName
# auth_ldap.dn_lookup_base = DC=gopivotal,DC=com
## Controls how to bind for authorisation queries and also to
## retrieve the details of users logging in without presenting a
## password (e.g., SASL EXTERNAL).
## One of
## - as_user (to bind as the authenticated user - requires a password)
## - anon (to bind anonymously)
## - {UserDN, Password} (to bind with a specified user name and password)
##
## Defaults to 'as_user'.
##
# auth_ldap.other_bind = as_user
## Or can be more complex:
# auth_ldap.other_bind.user_dn = User
# auth_ldap.other_bind.password = Password
## If user_dn and password defined - other options is ignored.
# -----------------------------
# Too complex section of LDAP
# -----------------------------
##
## Authorisation
## =============
##
## The LDAP plugin can perform a variety of queries against your
## LDAP server to determine questions of authorisation.
##
## Related doc guide: http://rabbitmq.com/ldap.html#authorisation.
## Following configuration should be defined in additional.config file
## DO NOT UNCOMMENT THIS LINES!
## Set the query to use when determining vhost access
##
## {vhost_access_query, {in_group,
## "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}},
## Set the query to use when determining resource (e.g., queue) access
##
## {resource_access_query, {constant, true}},
## Set queries to determine which tags a user has
##
## {tag_queries, []}
# ]},
# -----------------------------

845
rabbitmq.config.example
View File

@ -1,845 +0,0 @@
%% -*- mode: erlang -*-
%% ----------------------------------------------------------------------------
%% RabbitMQ Sample Configuration File.
%%
%% Related doc guide: http://www.rabbitmq.com/configure.html. See
%% http://rabbitmq.com/documentation.html for documentation ToC.
%% ----------------------------------------------------------------------------
[
{rabbit,
[
%% Networking
%% ====================
%%
%% Related doc guide: http://www.rabbitmq.com/networking.html.
%% By default, RabbitMQ will listen on all interfaces, using
%% the standard (reserved) AMQP port.
%%
%% {tcp_listeners, [5672]},
%% To listen on a specific interface, provide a tuple of {IpAddress, Port}.
%% For example, to listen only on localhost for both IPv4 and IPv6:
%%
%% {tcp_listeners, [{"127.0.0.1", 5672},
%% {"::1", 5672}]},
%% TLS listeners are configured in the same fashion as TCP listeners,
%% including the option to control the choice of interface.
%%
%% {ssl_listeners, [5671]},
%% Number of Erlang processes that will accept connections for the TCP
%% and TLS listeners.
%%
%% {num_tcp_acceptors, 10},
%% {num_ssl_acceptors, 1},
%% Maximum time for AMQP 0-8/0-9/0-9-1 handshake (after socket connection
%% and TLS handshake), in milliseconds.
%%
%% {handshake_timeout, 10000},
%% Log levels in decreasing order of verbosity:
%% * 'debug'
%% * 'info'
%% * 'warning'
%% * 'error'
%% * 'none'
%% Defaults to '{connection, info}'
%%
%% {log_levels, [{channel, info}, {connection, info}, {federation, info}, {mirroring, info}]},
%% Set to 'true' to perform reverse DNS lookups when accepting a
%% connection. Hostnames will then be shown instead of IP addresses
%% in rabbitmqctl and the management plugin.
%%
%% {reverse_dns_lookups, false},
%%
%% Security, Access Control
%% ========================
%%
%% Related doc guide: http://www.rabbitmq.com/access-control.html.
%% The default "guest" user is only permitted to access the server
%% via a loopback interface (e.g. localhost).
%% {loopback_users, [<<"guest">>]},
%%
%% Uncomment the following line if you want to allow access to the
%% guest user from anywhere on the network.
%% {loopback_users, []},
%% TLS configuration.
%%
%% Related doc guide: http://www.rabbitmq.com/ssl.html.
%%
%% {ssl_options, [{cacertfile, "/path/to/testca/cacert.pem"},
%% {certfile, "/path/to/server/cert.pem"},
%% {keyfile, "/path/to/server/key.pem"},
%% {verify, verify_peer},
%% {fail_if_no_peer_cert, false}]},
%% Choose the available SASL mechanism(s) to expose.
%% The two default (built in) mechanisms are 'PLAIN' and
%% 'AMQPLAIN'. Additional mechanisms can be added via
%% plugins.
%%
%% Related doc guide: http://www.rabbitmq.com/authentication.html.
%%
%% {auth_mechanisms, ['PLAIN', 'AMQPLAIN']},
%% Select an authentication database to use. RabbitMQ comes bundled
%% with a built-in auth-database, based on mnesia.
%%
%% {auth_backends, [rabbit_auth_backend_internal]},
%% Configurations supporting the rabbitmq_auth_mechanism_ssl and
%% rabbitmq_auth_backend_ldap plugins.
%%
%% NB: These options require that the relevant plugin is enabled.
%% Related doc guide: http://www.rabbitmq.com/plugins.html for further details.
%% The RabbitMQ-auth-mechanism-ssl plugin makes it possible to
%% authenticate a user based on the client's TLS certificate.
%%
%% To use auth-mechanism-ssl, add to or replace the auth_mechanisms
%% list with the entry 'EXTERNAL'.
%%
%% {auth_mechanisms, ['EXTERNAL']},
%% The rabbitmq_auth_backend_ldap plugin allows the broker to
%% perform authentication and authorisation by deferring to an
%% external LDAP server.
%%
%% For more information about configuring the LDAP backend, see
%% http://www.rabbitmq.com/ldap.html.
%%
%% Enable the LDAP auth backend by adding to or replacing the
%% auth_backends entry:
%%
%% {auth_backends, [rabbit_auth_backend_ldap]},
%% This pertains to both the rabbitmq_auth_mechanism_ssl plugin and
%% STOMP ssl_cert_login configurations. See the rabbitmq_stomp
%% configuration section later in this file and the README in
%% https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further
%% details.
%%
%% To use the TLS cert's CN instead of its DN as the username
%%
%% {ssl_cert_login_from, distinguished_name},
%% TLS handshake timeout, in milliseconds.
%%
%% {ssl_handshake_timeout, 5000},
%% Makes RabbitMQ accept SSLv3 client connections by default.
%% DO NOT DO THIS IF YOU CAN HELP IT.
%%
%% {ssl_allow_poodle_attack, false},
%% Password hashing implementation. Will only affect newly
%% created users. To recalculate hash for an existing user
%% it's necessary to update her password.
%%
%% {password_hashing_module, rabbit_password_hashing_sha256},
%% Configuration entry encryption.
%% Related doc guide: http://www.rabbitmq.com/configure.html#configuration-encryption
%%
%% To specify the passphrase in the configuration file:
%%
%% {config_entry_decoder, [{passphrase, <<"mypassphrase">>}]}
%%
%% To specify the passphrase in an external file:
%%
%% {config_entry_decoder, [{passphrase, {file, "/path/to/passphrase/file"}}]}
%%
%% To make the broker request the passphrase when it starts:
%%
%% {config_entry_decoder, [{passphrase, prompt}]}
%%
%% To change encryption settings:
%%
%% {config_entry_decoder, [{cipher, aes_cbc256},
%% {hash, sha512},
%% {iterations, 1000}]}
%%
%% Default User / VHost
%% ====================
%%
%% On first start RabbitMQ will create a vhost and a user. These
%% config items control what gets created. See
%% http://www.rabbitmq.com/access-control.html for further
%% information about vhosts and access control.
%%
%% {default_vhost, <<"/">>},
%% {default_user, <<"guest">>},
%% {default_pass, <<"guest">>},
%% {default_permissions, [<<".*">>, <<".*">>, <<".*">>]},
%% Tags for default user
%%
%% Related doc guide: http://www.rabbitmq.com/management.html.
%%
%% {default_user_tags, [administrator]},
%%
%% Additional network and protocol related configuration
%% =====================================================
%%
%% Sets the default AMQP 0-9-1 heartbeat timeout in seconds.
%% Values lower than 6 can produce false positives and are not
%% recommended.
%%
%% Related doc guides:
%%
%% * http://www.rabbitmq.com/heartbeats.html
%% * http://www.rabbitmq.com/networking.html
%%
%% {heartbeat, 60},
%% Set the max permissible size of an AMQP frame (in bytes).
%%
%% {frame_max, 131072},
%% Set the max frame size the server will accept before connection
%% tuning occurs
%%
%% {initial_frame_max, 4096},
%% Set the max permissible number of channels per connection.
%% 0 means "no limit".
%%
{channel_max, 0},
%% Set the max permissible number of client connections to the node.
%% `infinity` means "no limit".
%%
%% This limit applies to client connections to all listeners (regardless of
%% the protocol, whether TLS is used and so on). CLI tools and inter-node
%% connections are exempt.
%%
%% When client connections are rapidly opened in succession, it is possible
%% for the total connection count to go slightly higher than the configured limit.
%% The limit works well as a general safety measure.
%%
%% Clients that are hitting the limit will see their TCP connections fail or time out.
%%
%% Introduced in 3.6.13.
%%
%% Related doc guide: http://www.rabbitmq.com/networking.html.
%%
%% {connection_max, infinity},
%% TCP socket options.
%%
%% Related doc guide: http://www.rabbitmq.com/networking.html.
%%
%% {tcp_listen_options, [{backlog, 128},
%% {nodelay, true},
%% {exit_on_close, false}]},
%%
%% Resource Limits & Flow Control
%% ==============================
%%
%% Related doc guide: http://www.rabbitmq.com/memory.html, http://www.rabbitmq.com/memory-use.html.
%% Memory-based Flow Control threshold.
%%
%% {vm_memory_high_watermark, 0.4},
%% Alternatively, we can set a limit (in bytes) of RAM used by the node.
%%
%% {vm_memory_high_watermark, {absolute, 1073741824}},
%%
%% Or you can set absolute value using memory units.
%%
%% {vm_memory_high_watermark, {absolute, "1024M"}},
%%
%% Supported units suffixes:
%%
%% k, kiB: kibibytes (2^10 bytes)
%% M, MiB: mebibytes (2^20)
%% G, GiB: gibibytes (2^30)
%% kB: kilobytes (10^3)
%% MB: megabytes (10^6)
%% GB: gigabytes (10^9)
%% Fraction of the high watermark limit at which queues start to
%% page message out to disc in order to free up memory.
%% For example, when vm_memory_high_watermark is set to 0.4 and this value is set to 0.5,
%% paging can begin as early as when 20% of total available RAM is used by the node.
%%
%% Values greater than 1.0 can be dangerous and should be used carefully.
%%
%% One alternative to this is to use durable queues and publish messages
%% as persistent (delivery mode = 2). With this combination queues will
%% move messages to disk much more rapidly.
%%
%% Another alternative is to configure queues to page all messages (both
%% persistent and transient) to disk as quickly
%% as possible, see http://www.rabbitmq.com/lazy-queues.html.
%%
%% {vm_memory_high_watermark_paging_ratio, 0.5},
%% Selects Erlang VM memory consumption calculation strategy. Can be `allocated`, `rss` or `legacy` (aliased as `erlang`),
%% Introduced in 3.6.11. `rss` is the default as of 3.6.12.
%% See https://github.com/rabbitmq/rabbitmq-server/issues/1223 and rabbitmq/rabbitmq-common#224 for background.
%% {vm_memory_calculation_strategy, rss},
%% Interval (in milliseconds) at which we perform the check of the memory
%% levels against the watermarks.
%%
%% {memory_monitor_interval, 2500},
%% The total memory available can be calculated from the OS resources
%% - default option - or provided as a configuration parameter:
%% {total_memory_available_override_value, "5000MB"},
%% Set disk free limit (in bytes). Once free disk space reaches this
%% lower bound, a disk alarm will be set - see the documentation
%% listed above for more details.
%%
%% {disk_free_limit, 50000000},
%%
%% Or you can set it using memory units (same as in vm_memory_high_watermark)
%% {disk_free_limit, "50MB"},
%% {disk_free_limit, "50000kB"},
%% {disk_free_limit, "2GB"},
%% Alternatively, we can set a limit relative to total available RAM.
%%
%% Values lower than 1.0 can be dangerous and should be used carefully.
%% {disk_free_limit, {mem_relative, 2.0}},
%%
%% Misc/Advanced Options
%% =====================
%%
%% NB: Change these only if you understand what you are doing!
%%
%% Queue master location strategy:
%% * <<"min-masters">>
%% * <<"client-local">>
%% * <<"random">>
%%
%% Related doc guide: https://www.rabbitmq.com/ha.html#queue-master-location
%%
%% {queue_master_locator, <<"client-local">>},
%% Batch size (number of messages) used during eager queue mirror synchronisation.
%% Related doc guide: https://www.rabbitmq.com/ha.html#batch-sync. When average message size is relatively large
%% (say, 10s of kilobytes or greater), reducing this value will decrease peak amount
%% of RAM used by newly joining nodes that need eager synchronisation.
%%
%% {mirroring_sync_batch_size, 4096},
%% Enables flow control between queue mirrors.
%% Disabling this can be dangerous and is not recommended.
%% When flow control is disablied, queue masters can outpace mirrors and not allow mirrors to catch up.
%% Mirrors will end up using increasingly more RAM, eventually triggering a memory alarm.
%%
%% {mirroring_flow_control, true},
%% Additional server properties to announce to connecting clients.
%%
%% {server_properties, []},
%% How to respond to cluster partitions.
%% Related doc guide: http://www.rabbitmq.com/partitions.html
%%
%% {cluster_partition_handling, ignore},
%% Make clustering happen *automatically* at startup - only applied
%% to nodes that have just been reset or started for the first time.
%% Related doc guide: http://www.rabbitmq.com/clustering.html#auto-config
%%
%% {cluster_nodes, {['rabbit@my.host.com'], disc}},
%% Interval (in milliseconds) at which we send keepalive messages
%% to other cluster members. Note that this is not the same thing
%% as net_ticktime; missed keepalive messages will not cause nodes
%% to be considered down.
%%
%% {cluster_keepalive_interval, 10000},
%% Set (internal) statistics collection granularity.
%%
%% {collect_statistics, none},
%% Statistics collection interval (in milliseconds).
%%
%% {collect_statistics_interval, 5000},
%% Enables vhosts tracing.
%%
%% {trace_vhosts, []},
%% Explicitly enable/disable HiPE compilation.
%%
%% {hipe_compile, false},
%% Number of delegate processes to use for intra-cluster communication.
%% On a node which is part of cluster, has more than 16 cores and plenty of network bandwidth,
%% it may make sense to increase this value.
%%
%% {delegate_count, 16},
%% Number of times to retry while waiting for internal database tables (Mnesia tables) to sync
%% from a peer. In deployments where nodes can take a long time to boot, this value
%% may need increasing.
%%
%% {mnesia_table_loading_retry_limit, 10},
%% Amount of time in milliseconds which this node will wait for internal database tables (Mnesia tables) to sync
%% from a peer. In deployments where nodes can take a long time to boot, this value
%% may need increasing.
%%
%% {mnesia_table_loading_retry_timeout, 30000},
%% Size in bytes below which to embed messages in the queue index.
%% Related doc guide: http://www.rabbitmq.com/persistence-conf.html
%%
%% {queue_index_embed_msgs_below, 4096},
%% Maximum number of queue index entries to keep in journal
%% Related doc guide: http://www.rabbitmq.com/persistence-conf.html.
%%
%% {queue_index_max_journal_entries, 32768},
%% Number of credits that a queue process is given by the message store
%% By default, a queue process is given 4000 message store credits,
%% and then 800 for every 800 messages that it processes.
%%
%% {msg_store_credit_disc_bound, {4000, 800}},
%% Minimum number of messages with their queue position held in RAM required
%% to trigger writing their queue position to disk.
%%
%% This value MUST be higher than the initial msg_store_credit_disc_bound value,
%% otherwise paging performance may worsen.
%%
%% {msg_store_io_batch_size, 4096},
%% Number of credits that a connection, channel or queue are given.
%%
%% By default, every connection, channel or queue is given 400 credits,
%% and then 200 for every 200 messages that it sends to a peer process.
%% Increasing these values may help with throughput but also can be dangerous:
%% high credit flow values are no different from not having flow control at all.
%%
%% Related doc guide: https://www.rabbitmq.com/blog/2015/10/06/new-credit-flow-settings-on-rabbitmq-3-5-5/
%% and http://alvaro-videla.com/2013/09/rabbitmq-internals-credit-flow-for-erlang-processes.html.
%%
%% {credit_flow_default_credit, {400, 200}},
%% Number of milliseconds before a channel operation times out.
%%
%% {channel_operation_timeout, 15000},
%% Number of queue operations required to trigger an explicit garbage collection.
%% Increasing this value may reduce CPU load and increase peak RAM consumption of queues.
%%
%% {queue_explicit_gc_run_operation_threshold, 1000},
%% Number of lazy queue operations required to trigger an explicit garbage collection.
%% Increasing this value may reduce CPU load and increase peak RAM consumption of lazy queues.
%%
%% {lazy_queue_explicit_gc_run_operation_threshold, 1000},
%% Number of times disk monitor will retry free disk space queries before
%% giving up.
%%
%% {disk_monitor_failure_retries, 10},
%% Milliseconds to wait between disk monitor retries on failures.
%%
%% {disk_monitor_failure_retry_interval, 120000},
%% Whether or not to enable background GC.
%%
%% {background_gc_enabled, false},
%% Interval (in milliseconds) at which we run background GC.
%%
%% {background_gc_target_interval, 60000},
%% Message store operations are stored in a sequence of files called segments.
%% This controls max size of a segment file.
%% Increasing this value may speed up (sequential) disk writes but will slow down segment GC process.
%% DO NOT CHANGE THIS for existing installations.
%%
%% {msg_store_file_size_limit, 16777216},
%% Whether or not to enable file write buffering.
%%
%% {fhc_write_buffering, true},
%% Whether or not to enable file read buffering. Enabling
%% this may slightly speed up reads but will also increase
%% node's memory consumption, in particular on boot.
%%
{fhc_read_buffering, false}
]},
%% ----------------------------------------------------------------------------
%% Advanced Erlang Networking/Clustering Options.
%%
%% Related doc guide: http://www.rabbitmq.com/clustering.html
%% ----------------------------------------------------------------------------
{kernel,
[%% Sets the net_kernel tick time.
%% Please see http://erlang.org/doc/man/kernel_app.html and
%% http://www.rabbitmq.com/nettick.html for further details.
%%
%% {net_ticktime, 60}
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ Management Plugin
%%
%% Related doc guide: http://www.rabbitmq.com/management.html
%% ----------------------------------------------------------------------------
{rabbitmq_management,
[%% Preload schema definitions from a previously exported definitions file. See
%% http://www.rabbitmq.com/management.html#load-definitions
%%
%% {load_definitions, "/path/to/exported/definitions.json"},
%% Log all requests to the management HTTP API to a directory.
%%
%% {http_log_dir, "/path/to/rabbitmq/logs/http"},
%% Change the port on which the HTTP listener listens,
%% specifying an interface for the web server to bind to.
%% Also set the listener to use TLS and provide TLS options.
%%
%% {listener, [{port, 12345},
%% {ip, "127.0.0.1"},
%% {ssl, true},
%% {ssl_opts, [{cacertfile, "/path/to/cacert.pem"},
%% {certfile, "/path/to/cert.pem"},
%% {keyfile, "/path/to/key.pem"}]}]},
%% One of 'basic', 'detailed' or 'none'. See
%% http://www.rabbitmq.com/management.html#fine-stats for more details.
%% {rates_mode, basic},
%% Configure how long aggregated data (such as message rates and queue
%% lengths) is retained. Please read the plugin's documentation in
%% http://www.rabbitmq.com/management.html#configuration for more
%% details.
%%
%% {sample_retention_policies,
%% [{global, [{60, 5}, {3600, 60}, {86400, 1200}]},
%% {basic, [{60, 5}, {3600, 60}]},
%% {detailed, [{10, 5}]}]}
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ Shovel Plugin
%%
%% Related doc guide: http://www.rabbitmq.com/shovel.html
%% ----------------------------------------------------------------------------
{rabbitmq_shovel,
[{shovels,
[%% A named shovel worker.
%% {my_first_shovel,
%% [
%% List the source broker(s) from which to consume.
%%
%% {sources,
%% [%% URI(s) and pre-declarations for all source broker(s).
%% {brokers, ["amqp://user:password@host.domain/my_vhost"]},
%% {declarations, []}
%% ]},
%% List the destination broker(s) to publish to.
%% {destinations,
%% [%% A singular version of the 'brokers' element.
%% {broker, "amqp://"},
%% {declarations, []}
%% ]},
%% Name of the queue to shovel messages from.
%%
%% {queue, <<"your-queue-name-goes-here">>},
%% Optional prefetch count.
%%
%% {prefetch_count, 10},
%% when to acknowledge messages:
%% - no_ack: never (auto)
%% - on_publish: after each message is republished
%% - on_confirm: when the destination broker confirms receipt
%%
%% {ack_mode, on_confirm},
%% Overwrite fields of the outbound basic.publish.
%%
%% {publish_fields, [{exchange, <<"my_exchange">>},
%% {routing_key, <<"from_shovel">>}]},
%% Static list of basic.properties to set on re-publication.
%%
%% {publish_properties, [{delivery_mode, 2}]},
%% The number of seconds to wait before attempting to
%% reconnect in the event of a connection failure.
%%
%% {reconnect_delay, 2.5}
%% ]} %% End of my_first_shovel
]}
%% Rather than specifying some values per-shovel, you can specify
%% them for all shovels here.
%%
%% {defaults, [{prefetch_count, 0},
%% {ack_mode, on_confirm},
%% {publish_fields, []},
%% {publish_properties, [{delivery_mode, 2}]},
%% {reconnect_delay, 2.5}]}
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ STOMP Plugin
%%
%% Related doc guide: http://www.rabbitmq.com/stomp.html
%% ----------------------------------------------------------------------------
{rabbitmq_stomp,
[%% Network Configuration - the format is generally the same as for the broker
%% Listen only on localhost (ipv4 & ipv6) on a specific port.
%% {tcp_listeners, [{"127.0.0.1", 61613},
%% {"::1", 61613}]},
%% Listen for TLS connections on a specific port.
%% {ssl_listeners, [61614]},
%% Number of Erlang processes that will accept connections for the TCP
%% and TLS listeners.
%%
%% {num_tcp_acceptors, 10},
%% {num_ssl_acceptors, 1},
%% Additional TLS options
%% Extract a name from the client's certificate when using TLS.
%%
%% {ssl_cert_login, true},
%% Set a default user name and password. This is used as the default login
%% whenever a CONNECT frame omits the login and passcode headers.
%%
%% Please note that setting this will allow clients to connect without
%% authenticating!
%%
%% {default_user, [{login, "guest"},
%% {passcode, "guest"}]},
%% If a default user is configured, or you have configured use TLS client
%% certificate based authentication, you can choose to allow clients to
%% omit the CONNECT frame entirely. If set to true, the client is
%% automatically connected as the default user or user supplied in the
%% TLS certificate whenever the first frame sent on a session is not a
%% CONNECT frame.
%%
%% {implicit_connect, true}
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ MQTT Plugin
%%
%% Related doc guide: https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md
%%
%% ----------------------------------------------------------------------------
{rabbitmq_mqtt,
[%% Set the default user name and password. Will be used as the default login
%% if a connecting client provides no other login details.
%%
%% Please note that setting this will allow clients to connect without
%% authenticating!
%%
%% {default_user, <<"guest">>},
%% {default_pass, <<"guest">>},
%% Enable anonymous access. If this is set to false, clients MUST provide
%% login information in order to connect. See the default_user/default_pass
%% configuration elements for managing logins without authentication.
%%
%% {allow_anonymous, true},
%% If you have multiple chosts, specify the one to which the
%% adapter connects.
%%
%% {vhost, <<"/">>},
%% Specify the exchange to which messages from MQTT clients are published.
%%
%% {exchange, <<"amq.topic">>},
%% Specify TTL (time to live) to control the lifetime of non-clean sessions.
%%
%% {subscription_ttl, 1800000},
%% Set the prefetch count (governing the maximum number of unacknowledged
%% messages that will be delivered).
%%
%% {prefetch, 10},
%% TLS listeners.
%% See http://www.rabbitmq.com/networking.html
%%
%% {tcp_listeners, [1883]},
%% {ssl_listeners, []},
%% Number of Erlang processes that will accept connections for the TCP
%% and TLS listeners.
%% See http://www.rabbitmq.com/networking.html
%%
%% {num_tcp_acceptors, 10},
%% {num_ssl_acceptors, 1},
%% TCP socket options.
%% See http://www.rabbitmq.com/networking.html
%%
%% {tcp_listen_options, [
%% {backlog, 128},
%% {linger, {true, 0}},
%% {exit_on_close, false}
%% ]},
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ AMQP 1.0 Support
%%
%% Related doc guide: https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md
%%
%% ----------------------------------------------------------------------------
{rabbitmq_amqp1_0,
[%% Connections that are not authenticated with SASL will connect as this
%% account. See the README for more information.
%%
%% Please note that setting this will allow clients to connect without
%% authenticating!
%%
%% {default_user, "guest"},
%% Enable protocol strict mode. See the README for more information.
%%
%% {protocol_strict_mode, false}
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ LDAP Plugin
%%
%% Related doc guide: http://www.rabbitmq.com/ldap.html.
%%
%% ----------------------------------------------------------------------------
{rabbitmq_auth_backend_ldap,
[%%
%% Connecting to the LDAP server(s)
%% ================================
%%
%% Specify servers to bind to. You *must* set this in order for the plugin
%% to work properly.
%%
%% {servers, ["your-server-name-goes-here"]},
%% Connect to the LDAP server using TLS
%%
%% {use_ssl, false},
%% Specify the LDAP port to connect to
%%
%% {port, 389},
%% LDAP connection timeout, in milliseconds or 'infinity'
%%
%% {timeout, infinity},
%% Enable logging of LDAP queries.
%% One of
%% - false (no logging is performed)
%% - true (verbose logging of the logic used by the plugin)
%% - network (as true, but additionally logs LDAP network traffic)
%%
%% Defaults to false.
%%
%% {log, false},
%%
%% Authentication
%% ==============
%%
%% Pattern to convert the username given through AMQP to a DN before
%% binding
%%
%% {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"},
%% Alternatively, you can convert a username to a Distinguished
%% Name via an LDAP lookup after binding. See the documentation for
%% full details.
%% When converting a username to a dn via a lookup, set these to
%% the name of the attribute that represents the user name, and the
%% base DN for the lookup query.
%%
%% {dn_lookup_attribute, "userPrincipalName"},
%% {dn_lookup_base, "DC=gopivotal,DC=com"},
%% Controls how to bind for authorisation queries and also to
%% retrieve the details of users logging in without presenting a
%% password (e.g., SASL EXTERNAL).
%% One of
%% - as_user (to bind as the authenticated user - requires a password)
%% - anon (to bind anonymously)
%% - {UserDN, Password} (to bind with a specified user name and password)
%%
%% Defaults to 'as_user'.
%%
%% {other_bind, as_user},
%%
%% Authorisation
%% =============
%%
%% The LDAP plugin can perform a variety of queries against your
%% LDAP server to determine questions of authorisation. See
%% http://www.rabbitmq.com/ldap.html#authorisation for more
%% information.
%% Set the query to use when determining vhost access
%%
%% {vhost_access_query, {in_group,
%% "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}},
%% Set the query to use when determining resource (e.g., queue) access
%%
%% {resource_access_query, {constant, true}},
%% Set queries to determine which tags a user has
%%
%% {tag_queries, []}
]}
].