pool/rabbitmq-server
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 664121 from network:messaging:amqp

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/664121
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/rabbitmq-server?expand=0&rev=39
This commit is contained in:
Dominique Leuenberger 2019-01-21 09:48:27 +00:00 committed by Git OBS Bridge
commit abe43c0ff6
8 changed files with 1039 additions and 627 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
rabbitmq-env.conf
View File

@ -5,6 +5,18 @@
# combination. See the clustering on a single machine guide for details:
# http://www.rabbitmq.com/clustering.html#single-machine
#NODENAME=rabbit
#
# with the default SUSE epmd.socket we need to listen to localhost to
# properly activate the socket activation. In order to switch back to
# the clustering compatible listen to any address, run this prior removing
# this override:
#
# cat <<EOF > /etc/systemd/system/epmd.socket.d/ports.conf
# [Socket]
# ListenStream=
# ListenStream=[::]:4369
# EOF
NODENAME=rabbit@localhost
# By default RabbitMQ will bind to all interfaces, on IPv4 and IPv6 if
# available. Set this if you only want to bind to one network interface or#

3
rabbitmq-server-3.6.16.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:25b615426dc04863ed763ee92077e8544796f3963a206d3648d280678b069115
size 1483368

3
rabbitmq-server-3.7.9.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:388af73c950cbd38e1774ac7336c8b0a788512ebba6175ea16a674f252f8108d
size 2551456

99
rabbitmq-server.changes
View File

@ -1,7 +1,97 @@
-------------------------------------------------------------------
Tue Jan 8 17:51:59 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Avoid name repetition in summary. Trim filler wording from
descriptions.
-------------------------------------------------------------------
Wed Jan 02 08:46:22 UTC 2019 - Gabriele Santomaggio <gsantomaggio@suse.com>
- add the 3.7.x command line tools
-------------------------------------------------------------------
Mon Dec 17 08:07:22 UTC 2018 - Dirk Mueller <dmueller@suse.com>
- switch to 3.7.x style rabbitmq-server.conf
- Remove sd_notify dependency and replace with socat as
followup to upstream change in
https://github.com/rabbitmq/rabbitmq-server/pull/666
-------------------------------------------------------------------
Sat Dec 15 20:48:46 UTC 2018 - Dirk Mueller <dmueller@suse.com>
- listen to localhost only by default to comply to the epmd.socket
which also only listens to localhost (bsc#1087270)
-------------------------------------------------------------------
Tue Dec 4 12:38:49 UTC 2018 - matwey.kornilov@gmail.com
- Fix Source0 URL
-------------------------------------------------------------------
Fri Nov 16 15:36:12 UTC 2018 - matwey.kornilov@gmail.com
- BuildRequire elixir
- Constrain required erlang versions:
https://www.rabbitmq.com/which-erlang.html (boo#1115169)
- Drop sysexists-in-ocf.patch: upstreamed
- Update to 3.7.9 (fate#322425, bsc#1115466)
- Changes for 3.7.9:
* Bug fixes
* Usability improvements
- Changes for 3.7.8:
* Bug fixes
* Usability improvements
- Changes for 3.7.7:
* Erlang 21 compatibility
* Bug fixes
* Usability improvements
- Changes for 3.7.6:
* Bug fixes
* Usability improvements
- Changes for 3.7.5:
* Bug fixes
* Usability improvements
- Changes for 3.7.4:
* Bug fixes
* Usability improvements
- Changes for 3.7.3:
* Bug fixes
* Usability improvements
- Changes for 3.7.2:
* Bug fix in the HTTP auth backend
- Changes for 3.7.1:
* Bug fixes
- Changes for 3.7.0:
* Minimum required Erlang version is now 19.3
* Automation-friendly cluster formation
* Distributed management plugin, including minor breaking HTTP API
changes.
* Simpler, ini-style configuration format
* Per-vhost limits
* Operator policies
* Topic-based authorisation
* Cross-protocol Shovel (currently supports AMQP 0.9.1 and AMQP 1.0)
* Command-line tools are extensible via plugins
* Message store multi-tenancy
* Proxy protocol support
* Web STOMP no longer supports WebSocket emulation
* Java and .NET client releases no longer track RabbitMQ server
releases
* .NET client now supports .NET Core.
* Management plugin extensions now must target Cowboy 2.0
* Java client for RabbitMQ HTTP API
-------------------------------------------------------------------
Tue Sep 11 06:26:01 UTC 2018 - dmueller@suse.com
- update config.template to use channel_max to 0 (old default,
mitigate breakage in 3.6.16 change)
-------------------------------------------------------------------
Mon Sep 10 12:46:56 UTC 2018 - dmueller@suse.com
- update to 3.6.16:
- update to 3.6.16 (bsc#1109991):
Bug fixes:
+ Queue master locator min-masters incorrectly calculated the number of masters.
+ Maximum supported number of queue priorities (255) is now enforced
@ -12,6 +102,12 @@ shuts down or is otherwise considered to be unavailable by peers
+ Default max number of channels allowed on a connection (a.k.a. channel_max) has been lowered from 65535 to 2047.
The new default is much safer and will reduce the effect application channel leaks have on node resource consumption. This is a potentially breaking change.
-------------------------------------------------------------------
Tue Jun 12 09:56:10 UTC 2018 - jtomasiak@suse.com
- Add sysexits-in-ocf.patch to handle new rabbitmqctl exit codes
(bsc#1093046)
-------------------------------------------------------------------
Mon May 28 13:08:15 UTC 2018 - bwiedemann@suse.com
@ -636,4 +732,3 @@ Tue Jun 12 00:00:00 CEST 2007 - hubert@lshift.net
Mon May 21 00:00:00 CEST 2007 - hubert@lshift.net
- Initial build of server library of RabbitMQ package

4
rabbitmq-server.service
View File

@ -1,7 +1,7 @@
[Unit]
Description=RabbitMQ broker
After=syslog.target network.target
Requires=epmd.service
After=syslog.target network.target epmd.service
BindsTo=epmd.service
[Service]
Type=notify

45
rabbitmq-server.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package rabbitmq-server
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@ -33,13 +33,13 @@
%define _make_args DESTDIR="%{buildroot}" PREFIX="%{_prefix}" RMQ_ROOTDIR=%{_rabbit_libdir} RMQ_ERLAPP_DIR=%{_rabbit_erllibdir} MAN_INSTALL_PATH="%{_mandir}" DOC_INSTALL_DIR=%{buildroot}/%{_docdir} VERSION=%{version} V=1
Name: rabbitmq-server
Version: 3.6.16
Version: 3.7.9
Release: 0
Summary: The RabbitMQ Server
Summary: A message broker supporting AMQP, STOMP and MQTT
License: MPL-1.1
Group: System/Daemons
Url: http://www.rabbitmq.com/
Source: https://github.com/rabbitmq/rabbitmq-server/releases/download/rabbitmq_v3_6_16/rabbitmq-server-%{version}.tar.xz
Source: https://github.com/rabbitmq/rabbitmq-server/releases/download/v%{version}/rabbitmq-server-%{version}.tar.xz
Source1: rabbitmq-server.init
# This comes from: http://hg.rabbitmq.com/rabbitmq-server/raw-file/2da625c0a436/packaging/common/rabbitmq-script-wrapper
Source2: rabbitmq-script-wrapper
@ -49,8 +49,12 @@ Source5: rabbitmq-server.sysconfig
Source6: rabbitmq-server.service
Source7: rabbitmq-server.tmpfiles.d.conf
Source8: README.SUSE
Source9: rabbitmq.config.example
BuildRequires: erlang
# from https://raw.githubusercontent.com/rabbitmq/rabbitmq-server/v3.7.x/docs/rabbitmq.conf.example
Source9: rabbitmq.conf.example
BuildRequires: elixir
# https://www.rabbitmq.com/which-erlang.html
BuildRequires: erlang < 22
BuildRequires: erlang >= 19.3.6.4
BuildRequires: erlang-src
BuildRequires: fdupes
BuildRequires: libxslt
@ -74,7 +78,7 @@ Requires(pre): %insserv_prereq
BuildRequires: systemd
%{?systemd_requires}
%define have_systemd 1
Requires: erlang-sd_notify
Requires: socat
%else
Requires: %fillup_prereq
Requires: %insserv_prereq
@ -83,9 +87,8 @@ Requires: %insserv_prereq
#BuildArch: noarch
%description
RabbitMQ is an implementation of AMQP, the emerging standard for high
performance enterprise messaging. The RabbitMQ server is a robust and
scalable implementation of an AMQP broker.
RabbitMQ is an implementation of an AMQP broker. AMQP is an emerging
standard for messaging.
%package plugins
Summary: Plugins for the RabbitMQ server
@ -93,11 +96,10 @@ Group: System/Daemons
Requires: rabbitmq-server = %{version}
%description plugins
RabbitMQ is an implementation of AMQP, the emerging standard for high
performance enterprise messaging. The RabbitMQ server is a robust and
scalable implementation of an AMQP broker.
RabbitMQ is an implementation of an AMQP broker. AMQP is an emerging
standard for messaging.
This package includes some plugins for the RabbitMQ server
This package includes some plugins for the RabbitMQ server.
%package -n erlang-rabbitmq-client
Summary: RabbitMQ AMQP language bindings for Erlang
@ -106,9 +108,8 @@ Requires: erlang
Provides: erlang-gen_server2 = %{version}
%description -n erlang-rabbitmq-client
RabbitMQ is an implementation of AMQP, the emerging standard for high
performance enterprise messaging. The RabbitMQ server is a robust and
scalable implementation of an AMQP broker.
RabbitMQ is an implementation of an AMQP broker. AMQP is an emerging
standard for messaging.
This package includes the RabbitMQ AMQP language bindings for Erlang.
@ -117,9 +118,13 @@ This package includes the RabbitMQ AMQP language bindings for Erlang.
cp %{SOURCE8} .
%build
# Make elixir happy with Unicode
export LANG=en_US.UTF-8
make all %{_make_args} %{?_smp_mflags}
%install
# Make elixir happy with Unicode
export LANG=en_US.UTF-8
make install %{_make_args}
mkdir -p %{buildroot}%{_sbindir}
@ -143,11 +148,12 @@ sed -i 's|@RABBITMQ_ROOT@|%{_rabbit_erllibdir}/|' %{_rabbit_wrapper}
install -p -D -m 0755 %{_rabbit_wrapper} %{buildroot}%{_sbindir}/rabbitmqctl
install -p -D -m 0755 %{_rabbit_wrapper} %{buildroot}%{_sbindir}/rabbitmq-server
install -p -D -m 0755 %{_rabbit_wrapper} %{buildroot}%{_sbindir}/rabbitmq-plugins
install -p -D -m 0755 %{_rabbit_wrapper} %{buildroot}%{_sbindir}/rabbitmq-diagnostics
install -p -D -m 0755 scripts/rabbitmq-server.ocf %{buildroot}%{_exec_prefix}/lib/ocf/resource.d/rabbitmq/rabbitmq-server
install -p -D -m 0755 scripts/rabbitmq-server-ha.ocf %{buildroot}%{_exec_prefix}/lib/ocf/resource.d/rabbitmq/rabbitmq-server-ha
# install config files
install -p -D -m 0644 %{SOURCE9} %{buildroot}/%{_sysconfdir}/rabbitmq/rabbitmq.config
install -p -D -m 0644 %{SOURCE9} %{buildroot}/%{_sysconfdir}/rabbitmq/rabbitmq.conf
install -p -D -m 0644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/rabbitmq/rabbitmq-env.conf
# Copy all necessary lib files etc.
@ -224,6 +230,7 @@ systemd-tmpfiles --create --clean /usr/lib/tmpfiles.d/rabbitmq-server.conf
%{_sbindir}/rabbitmq-server
%{_sbindir}/rabbitmqctl
%{_sbindir}/rcrabbitmq-server
%{_sbindir}/rabbitmq-diagnostics
#
%dir /usr/lib/ocf/
%dir /usr/lib/ocf/resource.d/

892
rabbitmq.conf.example Normal file
View File

@ -0,0 +1,892 @@
# ======================================
# RabbitMQ broker section
# ======================================
## Related doc guide: http://rabbitmq.com/configure.html. See
## http://rabbitmq.com/documentation.html for documentation ToC.
## Networking
## ====================
##
## Related doc guide: http://rabbitmq.com/networking.html.
##
## By default, RabbitMQ will listen on all interfaces, using
## the standard (reserved) AMQP 0-9-1 and 1.0 port.
##
# listeners.tcp.default = 5672
## To listen on a specific interface, provide an IP address with port.
## For example, to listen only on localhost for both IPv4 and IPv6:
##
# IPv4
# listeners.tcp.local = 127.0.0.1:5672
# IPv6
# listeners.tcp.local_v6 = ::1:5672
## You can define multiple listeners using listener names
# listeners.tcp.other_port = 5673
# listeners.tcp.other_ip = 10.10.10.10:5672
## TLS listeners are configured in the same fashion as TCP listeners,
## including the option to control the choice of interface.
##
# listeners.ssl.default = 5671
## Number of Erlang processes that will accept connections for the TCP
## and TLS listeners.
##
# num_acceptors.tcp = 10
# num_acceptors.ssl = 1
## Maximum time for AMQP 0-8/0-9/0-9-1 handshake (after socket connection
## and TLS handshake), in milliseconds.
##
# handshake_timeout = 10000
## Set to 'true' to perform reverse DNS lookups when accepting a
## connection. Hostnames will then be shown instead of IP addresses
## in rabbitmqctl and the management plugin.
##
# reverse_dns_lookups = true
##
## Security, Access Control
## ==============
##
## Related doc guide: http://rabbitmq.com/access-control.html.
## The default "guest" user is only permitted to access the server
## via a loopback interface (e.g. localhost).
## {loopback_users, [<<"guest">>]},
##
# loopback_users.guest = true
## Uncomment the following line if you want to allow access to the
## guest user from anywhere on the network.
# loopback_users.guest = false
## TLS configuration.
##
## Related doc guide: http://rabbitmq.com/ssl.html.
##
# ssl_options.verify = verify_peer
# ssl_options.fail_if_no_peer_cert = false
# ssl_options.cacertfile = /path/to/cacert.pem
# ssl_options.certfile = /path/to/cert.pem
# ssl_options.keyfile = /path/to/key.pem
#
# ssl_options.honor_cipher_order = true
# ssl_options.honor_ecc_order = true
# ssl_options.ciphers.1 = ECDHE-ECDSA-AES256-GCM-SHA384
# ssl_options.ciphers.2 = ECDHE-RSA-AES256-GCM-SHA384
# ssl_options.ciphers.3 = ECDHE-ECDSA-AES256-SHA384
# ssl_options.ciphers.4 = ECDHE-RSA-AES256-SHA384
# ssl_options.ciphers.5 = ECDH-ECDSA-AES256-GCM-SHA384
# ssl_options.ciphers.6 = ECDH-RSA-AES256-GCM-SHA384
# ssl_options.ciphers.7 = ECDH-ECDSA-AES256-SHA384
# ssl_options.ciphers.8 = ECDH-RSA-AES256-SHA384
# ssl_options.ciphers.9 = DHE-RSA-AES256-GCM-SHA384
# ssl_options.ciphers.10 = DHE-DSS-AES256-GCM-SHA384
# ssl_options.ciphers.11 = DHE-RSA-AES256-SHA256
# ssl_options.ciphers.12 = DHE-DSS-AES256-SHA256
# ssl_options.ciphers.13 = ECDHE-ECDSA-AES128-GCM-SHA256
# ssl_options.ciphers.14 = ECDHE-RSA-AES128-GCM-SHA256
# ssl_options.ciphers.15 = ECDHE-ECDSA-AES128-SHA256
# ssl_options.ciphers.16 = ECDHE-RSA-AES128-SHA256
# ssl_options.ciphers.17 = ECDH-ECDSA-AES128-GCM-SHA256
# ssl_options.ciphers.18 = ECDH-RSA-AES128-GCM-SHA256
# ssl_options.ciphers.19 = ECDH-ECDSA-AES128-SHA256
# ssl_options.ciphers.20 = ECDH-RSA-AES128-SHA256
# ssl_options.ciphers.21 = DHE-RSA-AES128-GCM-SHA256
# ssl_options.ciphers.22 = DHE-DSS-AES128-GCM-SHA256
# ssl_options.ciphers.23 = DHE-RSA-AES128-SHA256
# ssl_options.ciphers.24 = DHE-DSS-AES128-SHA256
# ssl_options.ciphers.25 = ECDHE-ECDSA-AES256-SHA
# ssl_options.ciphers.26 = ECDHE-RSA-AES256-SHA
# ssl_options.ciphers.27 = DHE-RSA-AES256-SHA
# ssl_options.ciphers.28 = DHE-DSS-AES256-SHA
# ssl_options.ciphers.29 = ECDH-ECDSA-AES256-SHA
# ssl_options.ciphers.30 = ECDH-RSA-AES256-SHA
# ssl_options.ciphers.31 = ECDHE-ECDSA-AES128-SHA
# ssl_options.ciphers.32 = ECDHE-RSA-AES128-SHA
# ssl_options.ciphers.33 = DHE-RSA-AES128-SHA
# ssl_options.ciphers.34 = DHE-DSS-AES128-SHA
# ssl_options.ciphers.35 = ECDH-ECDSA-AES128-SHA
# ssl_options.ciphers.36 = ECDH-RSA-AES128-SHA
## Select an authentication/authorisation backend to use.
##
## Alternative backends are provided by plugins, such as rabbitmq-auth-backend-ldap.
##
## NB: These settings require certain plugins to be enabled.
##
## Related doc guides:
##
## * http://rabbitmq.com/plugins.html
## * http://rabbitmq.com/access-control.html
##
# auth_backends.1 = rabbit_auth_backend_internal
## uses separate backends for authentication and authorisation,
## see below.
# auth_backends.1.authn = rabbit_auth_backend_ldap
# auth_backends.1.authz = rabbit_auth_backend_internal
## The rabbitmq_auth_backend_ldap plugin allows the broker to
## perform authentication and authorisation by deferring to an
## external LDAP server.
##
## Relevant doc guides:
##
## * http://rabbitmq.com/ldap.html
## * http://rabbitmq.com/access-control.html
##
## uses LDAP for both authentication and authorisation
# auth_backends.1 = rabbit_auth_backend_ldap
## uses HTTP service for both authentication and
## authorisation
# auth_backends.1 = rabbit_auth_backend_http
## uses two backends in a chain: HTTP first, then internal
# auth_backends.1 = rabbit_auth_backend_http
# auth_backends.2 = rabbit_auth_backend_internal
## Authentication
## The built-in mechanisms are 'PLAIN',
## 'AMQPLAIN', and 'EXTERNAL' Additional mechanisms can be added via
## plugins.
##
## Related doc guide: http://rabbitmq.com/authentication.html.
##
# auth_mechanisms.1 = PLAIN
# auth_mechanisms.2 = AMQPLAIN
## The rabbitmq-auth-mechanism-ssl plugin makes it possible to
## authenticate a user based on the client's x509 (TLS) certificate.
## Related doc guide: http://rabbitmq.com/authentication.html.
##
## To use auth-mechanism-ssl, the EXTERNAL mechanism should
## be enabled:
##
# auth_mechanisms.1 = PLAIN
# auth_mechanisms.2 = AMQPLAIN
# auth_mechanisms.3 = EXTERNAL
## To force x509 certificate-based authentication on all clients,
## exclude all other mechanisms (note: this will disable password-based
## authentication even for the management UI!):
##
# auth_mechanisms.1 = EXTERNAL
## This pertains to both the rabbitmq-auth-mechanism-ssl plugin and
## STOMP ssl_cert_login configurations. See the RabbitMQ STOMP plugin
## configuration section later in this file and the README in
## https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further
## details.
##
## To use the TLS cert's CN instead of its DN as the username
##
# ssl_cert_login_from = common_name
## TLS handshake timeout, in milliseconds.
##
# ssl_handshake_timeout = 5000
## Password hashing implementation. Will only affect newly
## created users. To recalculate hash for an existing user
## it's necessary to update her password.
##
## To use SHA-512, set to rabbit_password_hashing_sha512.
##
# password_hashing_module = rabbit_password_hashing_sha256
## When importing definitions exported from versions earlier
## than 3.6.0, it is possible to go back to MD5 (only do this
## as a temporary measure!) by setting this to rabbit_password_hashing_md5.
##
# password_hashing_module = rabbit_password_hashing_md5
##
## Default User / VHost
## ====================
##
## On first start RabbitMQ will create a vhost and a user. These
## config items control what gets created.
## Relevant doc guide: http://rabbitmq.com/access-control.html
##
# default_vhost = /
# default_user = guest
# default_pass = guest
# default_permissions.configure = .*
# default_permissions.read = .*
# default_permissions.write = .*
## Tags for default user
##
## For more details about tags, see the documentation for the
## Management Plugin at http://rabbitmq.com/management.html.
##
# default_user_tags.administrator = true
## Define other tags like this:
# default_user_tags.management = true
# default_user_tags.custom_tag = true
##
## Additional network and protocol related configuration
## =====================================================
##
## Set the default AMQP 0-9-1 heartbeat interval (in seconds).
## Related doc guides:
##
## * http://rabbitmq.com/heartbeats.html
## * http://rabbitmq.com/networking.html
##
# heartbeat = 60
## Set the max permissible size of an AMQP frame (in bytes).
##
# frame_max = 131072
## Set the max frame size the server will accept before connection
## tuning occurs
##
# initial_frame_max = 4096
## Set the max permissible number of channels per connection.
## 0 means "no limit".
##
# channel_max = 128
## Customising TCP Listener (Socket) Configuration.
##
## Related doc guides:
##
## * http://rabbitmq.com/networking.html
## * http://www.erlang.org/doc/man/inet.html#setopts-2
##
# tcp_listen_options.backlog = 128
# tcp_listen_options.nodelay = true
# tcp_listen_options.exit_on_close = false
#
# tcp_listen_options.keepalive = true
# tcp_listen_options.send_timeout = 15000
#
# tcp_listen_options.buffer = 196608
# tcp_listen_options.sndbuf = 196608
# tcp_listen_options.recbuf = 196608
##
## Resource Limits & Flow Control
## ==============================
##
## Related doc guide: http://rabbitmq.com/memory.html.
## Memory-based Flow Control threshold.
##
# vm_memory_high_watermark.relative = 0.4
## Alternatively, we can set a limit (in bytes) of RAM used by the node.
##
# vm_memory_high_watermark.absolute = 1073741824
## Or you can set absolute value using memory units (with RabbitMQ 3.6.0+).
## Absolute watermark will be ignored if relative is defined!
##
# vm_memory_high_watermark.absolute = 2GB
##
## Supported units suffixes:
##
## kb, KB: kibibytes (2^10 bytes)
## mb, MB: mebibytes (2^20)
## gb, GB: gibibytes (2^30)
## Fraction of the high watermark limit at which queues start to
## page message out to disc in order to free up memory.
## For example, when vm_memory_high_watermark is set to 0.4 and this value is set to 0.5,
## paging can begin as early as when 20% of total available RAM is used by the node.
##
## Values greater than 1.0 can be dangerous and should be used carefully.
##
## One alternative to this is to use durable queues and publish messages
## as persistent (delivery mode = 2). With this combination queues will
## move messages to disk much more rapidly.
##
## Another alternative is to configure queues to page all messages (both
## persistent and transient) to disk as quickly
## as possible, see http://rabbitmq.com/lazy-queues.html.
##
# vm_memory_high_watermark_paging_ratio = 0.5
## Selects Erlang VM memory consumption calculation strategy. Can be `allocated`, `rss` or `legacy` (aliased as `erlang`),
## Introduced in 3.6.11. `rss` is the default as of 3.6.12.
## See https://github.com/rabbitmq/rabbitmq-server/issues/1223 and rabbitmq/rabbitmq-common#224 for background.
# vm_memory_calculation_strategy = rss
## Interval (in milliseconds) at which we perform the check of the memory
## levels against the watermarks.
##
# memory_monitor_interval = 2500
## The total memory available can be calculated from the OS resources
## - default option - or provided as a configuration parameter.
# total_memory_available_override_value = 2GB
## Set disk free limit (in bytes). Once free disk space reaches this
## lower bound, a disk alarm will be set - see the documentation
## listed above for more details.
##
## Absolute watermark will be ignored if relative is defined!
# disk_free_limit.absolute = 50000
## Or you can set it using memory units (same as in vm_memory_high_watermark)
## with RabbitMQ 3.6.0+.
# disk_free_limit.absolute = 500KB
# disk_free_limit.absolute = 50mb
# disk_free_limit.absolute = 5GB
## Alternatively, we can set a limit relative to total available RAM.
##
## Values lower than 1.0 can be dangerous and should be used carefully.
# disk_free_limit.relative = 2.0
##
## Clustering
## =====================
##
# cluster_partition_handling = ignore
## pause_if_all_down strategy require additional configuration
# cluster_partition_handling = pause_if_all_down
## Recover strategy. Can be either 'autoheal' or 'ignore'
# cluster_partition_handling.pause_if_all_down.recover = ignore
## Node names to check
# cluster_partition_handling.pause_if_all_down.nodes.1 = rabbit@localhost
# cluster_partition_handling.pause_if_all_down.nodes.2 = hare@localhost
## Mirror sync batch size, in messages. Increasing this will speed
## up syncing but total batch size in bytes must not exceed 2 GiB.
## Available in RabbitMQ 3.6.0 or later.
##
# mirroring_sync_batch_size = 4096
## Make clustering happen *automatically* at startup. Only applied
## to nodes that have just been reset or started for the first time.
##
## Relevant doc guide: http://rabbitmq.com//cluster-formation.html
##
# cluster_formation.peer_discovery_backend = rabbit_peer_discovery_classic_config
#
# cluster_formation.classic_config.nodes.1 = rabbit1@hostname
# cluster_formation.classic_config.nodes.2 = rabbit2@hostname
# cluster_formation.classic_config.nodes.3 = rabbit3@hostname
# cluster_formation.classic_config.nodes.4 = rabbit4@hostname
## DNS-based peer discovery. This backend will list A records
## of the configured hostname and perform reverse lookups for
## the addresses returned.
# cluster_formation.peer_discovery_backend = rabbit_peer_discovery_dns
# cluster_formation.dns.hostname = discovery.eng.example.local
## This node's type can be configured. If you are not sure
## what node type to use, always use 'disc'.
# cluster_formation.node_type = disc
## Interval (in milliseconds) at which we send keepalive messages
## to other cluster members. Note that this is not the same thing
## as net_ticktime; missed keepalive messages will not cause nodes
## to be considered down.
##
# cluster_keepalive_interval = 10000
##
## Statistics Collection
## =====================
##
## Set (internal) statistics collection granularity.
##
## Can be none, coarse or fine
# collect_statistics = none
# collect_statistics = coarse
## Statistics collection interval (in milliseconds). Increasing
## this will reduce the load on management database.
##
# collect_statistics_interval = 5000
##
## Misc/Advanced Options
## =====================
##
## NB: Change these only if you understand what you are doing!
##
## Explicitly enable/disable hipe compilation.
##
# hipe_compile = false
## Timeout used when waiting for Mnesia tables in a cluster to
## become available.
##
# mnesia_table_loading_retry_timeout = 30000
## Retries when waiting for Mnesia tables in the cluster startup. Note that
## this setting is not applied to Mnesia upgrades or node deletions.
##
# mnesia_table_loading_retry_limit = 10
## Size in bytes below which to embed messages in the queue index.
## Related doc guide: http://rabbitmq.com/persistence-conf.html
##
# queue_index_embed_msgs_below = 4096
## You can also set this size in memory units
##
# queue_index_embed_msgs_below = 4kb
## Whether or not to enable background periodic forced GC runs for all
## Erlang processes on the node in "waiting" state.
##
## Disabling background GC may reduce latency for client operations,
## keeping it enabled may reduce median RAM usage by the binary heap
## (see https://www.erlang-solutions.com/blog/erlang-garbage-collector.html).
##
## Before trying this option, please take a look at the memory
## breakdown (http://www.rabbitmq.com/memory-use.html).
##
# background_gc_enabled = false
## Target (desired) interval (in milliseconds) at which we run background GC.
## The actual interval will vary depending on how long it takes to execute
## the operation (can be higher than this interval). Values less than
## 30000 milliseconds are not recommended.
##
# background_gc_target_interval = 60000
## Whether or not to enable proxy protocol support.
## Once enabled, clients cannot directly connect to the broker
## anymore. They must connect through a load balancer that sends the
## proxy protocol header to the broker at connection time.
## This setting applies only to AMQP clients, other protocols
## like MQTT or STOMP have their own setting to enable proxy protocol.
## See the plugins documentation for more information.
##
# proxy_protocol = false
## ----------------------------------------------------------------------------
## Advanced Erlang Networking/Clustering Options.
##
## Related doc guide: http://rabbitmq.com/clustering.html
## ----------------------------------------------------------------------------
# ======================================
# Kernel section
# ======================================
## Timeout used to detect peer unavailability, including CLI tools.
## Related doc guide: https://www.rabbitmq.com/nettick.html.
##
# net_ticktime = 60
## Inter-node communication port range.
## Related doc guide: https://www.rabbitmq.com/networking.html#epmd-inet-dist-port-range.
##
# inet_dist_listen_min = 25672
# inet_dist_listen_max = 25692
## ----------------------------------------------------------------------------
## RabbitMQ Management Plugin
##
## Related doc guide: http://rabbitmq.com/management.html.
## ----------------------------------------------------------------------------
# =======================================
# Management section
# =======================================
## Preload schema definitions from the following JSON file.
## Related doc guide: http://rabbitmq.com/management.html#load-definitions.
##
# management.load_definitions = /path/to/exported/definitions.json
## Log all requests to the management HTTP API to a file.
##
# management.http_log_dir = /path/to/access.log
## Change the port on which the HTTP listener listens,
## specifying an interface for the web server to bind to.
## Also set the listener to use TLS and provide TLS options.
##
# management.listener.port = 15672
# management.listener.ip = 127.0.0.1
# management.listener.ssl = true
# management.listener.ssl_opts.cacertfile = /path/to/cacert.pem
# management.listener.ssl_opts.certfile = /path/to/cert.pem
# management.listener.ssl_opts.keyfile = /path/to/key.pem
## One of 'basic', 'detailed' or 'none'. See
## http://rabbitmq.com/management.html#fine-stats for more details.
# management.rates_mode = basic
## Configure how long aggregated data (such as message rates and queue
## lengths) is retained. Please read the plugin's documentation in
## http://rabbitmq.com/management.html#configuration for more
## details.
## Your can use 'minute', 'hour' and 'day' keys or integer key (in seconds)
# management.sample_retention_policies.global.minute = 5
# management.sample_retention_policies.global.hour = 60
# management.sample_retention_policies.global.day = 1200
# management.sample_retention_policies.basic.minute = 5
# management.sample_retention_policies.basic.hour = 60
# management.sample_retention_policies.detailed.10 = 5
## ----------------------------------------------------------------------------
## RabbitMQ Shovel Plugin
##
## Related doc guide: http://rabbitmq.com/shovel.html
## ----------------------------------------------------------------------------
## Shovel plugin config example is defined in additional.config file
## ----------------------------------------------------------------------------
## RabbitMQ STOMP Plugin
##
## Related doc guide: http://rabbitmq.com/stomp.html
## ----------------------------------------------------------------------------
# =======================================
# STOMP section
# =======================================
## Network Configuration. The format is generally the same as for the core broker.
##
# stomp.listeners.tcp.default = 61613
## Same for ssl listeners
##
# stomp.listeners.ssl.default = 61614
## Number of Erlang processes that will accept connections for the TCP
## and TLS listeners.
##
# stomp.num_acceptors.tcp = 10
# stomp.num_acceptors.ssl = 1
## Additional TLS options
## Extract a name from the client's certificate when using TLS.
##
# stomp.ssl_cert_login = true
## Set a default user name and password. This is used as the default login
## whenever a CONNECT frame omits the login and passcode headers.
##
## Please note that setting this will allow clients to connect without
## authenticating!
##
# stomp.default_user = guest
# stomp.default_pass = guest
## If a default user is configured, or you have configured use TLS client
## certificate based authentication, you can choose to allow clients to
## omit the CONNECT frame entirely. If set to true, the client is
## automatically connected as the default user or user supplied in the
## TLS certificate whenever the first frame sent on a session is not a
## CONNECT frame.
##
# stomp.implicit_connect = true
## Whether or not to enable proxy protocol support.
## Once enabled, clients cannot directly connect to the broker
## anymore. They must connect through a load balancer that sends the
## proxy protocol header to the broker at connection time.
## This setting applies only to STOMP clients, other protocols
## like MQTT or AMQP have their own setting to enable proxy protocol.
## See the plugins or broker documentation for more information.
##
# stomp.proxy_protocol = false
## ----------------------------------------------------------------------------
## RabbitMQ MQTT Adapter
##
## See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md
## for details
## ----------------------------------------------------------------------------
# =======================================
# MQTT section
# =======================================
## Set the default user name and password used for anonymous connections (when client
## provides no credentials). Anonymous connections are highly discouraged!
##
# mqtt.default_user = guest
# mqtt.default_pass = guest
## Enable anonymous connections. If this is set to false, clients MUST provide
## credentials in order to connect. See also the mqtt.default_user/mqtt.default_pass
## keys. Anonymous connections are highly discouraged!
##
# mqtt.allow_anonymous = true
## If you have multiple vhosts, specify the one to which the
## adapter connects.
##
# mqtt.vhost = /
## Specify the exchange to which messages from MQTT clients are published.
##
# mqtt.exchange = amq.topic
## Specify TTL (time to live) to control the lifetime of non-clean sessions.
##
# mqtt.subscription_ttl = 1800000
## Set the prefetch count (governing the maximum number of unacknowledged
## messages that will be delivered).
##
# mqtt.prefetch = 10
## TCP/SSL Configuration (as per the broker configuration).
##
# mqtt.listeners.tcp.default = 1883
## Same for ssl listener
##
# mqtt.listeners.ssl.default = 1884
## Number of Erlang processes that will accept connections for the TCP
## and TLS listeners.
##
# mqtt.num_acceptors.tcp = 10
# mqtt.num_acceptors.ssl = 10
## TCP listener options (as per the broker configuration).
##
# mqtt.tcp_listen_options.backlog = 128
# mqtt.tcp_listen_options.nodelay = true
## Whether or not to enable proxy protocol support.
## Once enabled, clients cannot directly connect to the broker
## anymore. They must connect through a load balancer that sends the
## proxy protocol header to the broker at connection time.
## This setting applies only to STOMP clients, other protocols
## like STOMP or AMQP have their own setting to enable proxy protocol.
## See the plugins or broker documentation for more information.
##
# mqtt.proxy_protocol = false
## ----------------------------------------------------------------------------
## RabbitMQ AMQP 1.0 Support
##
## See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md.
## ----------------------------------------------------------------------------
# =======================================
# AMQP 1.0 section
# =======================================
## Connections that are not authenticated with SASL will connect as this
## account. See the README for more information.
##
## Please note that setting this will allow clients to connect without
## authenticating!
##
# amqp1_0.default_user = guest
## Enable protocol strict mode. See the README for more information.
##
# amqp1_0.protocol_strict_mode = false
## Logging settings.
##
## See http://rabbitmq.com/logging.html and https://github.com/erlang-lager/lager for details.
##
## Log direcrory, taken from the RABBITMQ_LOG_BASE env variable by default.
##
# log.dir = /var/log/rabbitmq
## Logging to file. Can be false or a filename.
## Default:
# log.file = rabbit.log
## To disable logging to a file
# log.file = false
## Log level for file logging
##
# log.file.level = info
## File rotation config. No rotation by default.
## DO NOT SET rotation date to ''. Leave the value unset if "" is the desired value
# log.file.rotation.date = $D0
# log.file.rotation.size = 0
## Logging to console (can be true or false)
##
# log.console = false
## Log level for console logging
##
# log.console.level = info
## Logging to the amq.rabbitmq.log exchange (can be true or false)
##
# log.exchange = false
## Log level to use when logging to the amq.rabbitmq.log exchange
##
# log.exchange.level = info
## ----------------------------------------------------------------------------
## RabbitMQ LDAP Plugin
##
## Related doc guide: http://rabbitmq.com/ldap.html.
##
## ----------------------------------------------------------------------------
# =======================================
# LDAP section
# =======================================
##
## Connecting to the LDAP server(s)
## ================================
##
## Specify servers to bind to. You *must* set this in order for the plugin
## to work properly.
##
# auth_ldap.servers.1 = your-server-name-goes-here
## You can define multiple servers
# auth_ldap.servers.2 = your-other-server
## Connect to the LDAP server using TLS
##
# auth_ldap.use_ssl = false
## Specify the LDAP port to connect to
##
# auth_ldap.port = 389
## LDAP connection timeout, in milliseconds or 'infinity'
##
# auth_ldap.timeout = infinity
## Or number
# auth_ldap.timeout = 500
## Enable logging of LDAP queries.
## One of
## - false (no logging is performed)
## - true (verbose logging of the logic used by the plugin)
## - network (as true, but additionally logs LDAP network traffic)
##
## Defaults to false.
##
# auth_ldap.log = false
## Also can be true or network
# auth_ldap.log = true
# auth_ldap.log = network
##
## Authentication
## ==============
##
## Pattern to convert the username given through AMQP to a DN before
## binding
##
# auth_ldap.user_dn_pattern = cn=${username},ou=People,dc=example,dc=com
## Alternatively, you can convert a username to a Distinguished
## Name via an LDAP lookup after binding. See the documentation for
## full details.
## When converting a username to a dn via a lookup, set these to
## the name of the attribute that represents the user name, and the
## base DN for the lookup query.
##
# auth_ldap.dn_lookup_attribute = userPrincipalName
# auth_ldap.dn_lookup_base = DC=gopivotal,DC=com
## Controls how to bind for authorisation queries and also to
## retrieve the details of users logging in without presenting a
## password (e.g., SASL EXTERNAL).
## One of
## - as_user (to bind as the authenticated user - requires a password)
## - anon (to bind anonymously)
## - {UserDN, Password} (to bind with a specified user name and password)
##
## Defaults to 'as_user'.
##
# auth_ldap.other_bind = as_user
## Or can be more complex:
# auth_ldap.other_bind.user_dn = User
# auth_ldap.other_bind.password = Password
## If user_dn and password defined - other options is ignored.
# -----------------------------
# Too complex section of LDAP
# -----------------------------
##
## Authorisation
## =============
##
## The LDAP plugin can perform a variety of queries against your
## LDAP server to determine questions of authorisation.
##
## Related doc guide: http://rabbitmq.com/ldap.html#authorisation.
## Following configuration should be defined in additional.config file
## DO NOT UNCOMMENT THIS LINES!
## Set the query to use when determining vhost access
##
## {vhost_access_query, {in_group,
## "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}},
## Set the query to use when determining resource (e.g., queue) access
##
## {resource_access_query, {constant, true}},
## Set queries to determine which tags a user has
##
## {tag_queries, []}
# ]},
# -----------------------------

594
rabbitmq.config.example
View File

@ -1,594 +0,0 @@
%% -*- mode: erlang -*-
%% ----------------------------------------------------------------------------
%% RabbitMQ Sample Configuration File.
%%
%% See http://www.rabbitmq.com/configure.html for details.
%% ----------------------------------------------------------------------------
[
{rabbit,
[%%
%% Network Connectivity
%% ====================
%%
%% By default, RabbitMQ will listen on all interfaces, using
%% the standard (reserved) AMQP port.
%%
%% {tcp_listeners, [5672]},
%% To listen on a specific interface, provide a tuple of {IpAddress, Port}.
%% For example, to listen only on localhost for both IPv4 and IPv6:
%%
%% {tcp_listeners, [{"127.0.0.1", 5672},
%% {"::1", 5672}]},
%% SSL listeners are configured in the same fashion as TCP listeners,
%% including the option to control the choice of interface.
%%
%% {ssl_listeners, [5671]},
%% Maximum time for AMQP 0-8/0-9/0-9-1 handshake (after socket connection
%% and SSL handshake), in milliseconds.
%%
%% {handshake_timeout, 10000},
%% Log levels (currently just used for connection logging).
%% One of 'debug', 'info', 'warning', 'error' or 'none', in decreasing
%% order of verbosity. Defaults to 'info'.
%%
%% {log_levels, [{connection, info}, {channel, info}]},
%% Set to 'true' to perform reverse DNS lookups when accepting a
%% connection. Hostnames will then be shown instead of IP addresses
%% in rabbitmqctl and the management plugin.
%%
%% {reverse_dns_lookups, true},
%%
%% Security / AAA
%% ==============
%%
%% The default "guest" user is only permitted to access the server
%% via a loopback interface (e.g. localhost).
%% {loopback_users, [<<"guest">>]},
%%
%% Uncomment the following line if you want to allow access to the
%% guest user from anywhere on the network.
%% {loopback_users, []},
%% Configuring SSL.
%% See http://www.rabbitmq.com/ssl.html for full documentation.
%%
%% {ssl_options, [{cacertfile, "/path/to/testca/cacert.pem"},
%% {certfile, "/path/to/server/cert.pem"},
%% {keyfile, "/path/to/server/key.pem"},
%% {verify, verify_peer},
%% {fail_if_no_peer_cert, false}]},
%% Choose the available SASL mechanism(s) to expose.
%% The two default (built in) mechanisms are 'PLAIN' and
%% 'AMQPLAIN'. Additional mechanisms can be added via
%% plugins.
%%
%% See http://www.rabbitmq.com/authentication.html for more details.
%%
%% {auth_mechanisms, ['PLAIN', 'AMQPLAIN']},
%% Select an authentication database to use. RabbitMQ comes bundled
%% with a built-in auth-database, based on mnesia.
%%
%% {auth_backends, [rabbit_auth_backend_internal]},
%% Configurations supporting the rabbitmq_auth_mechanism_ssl and
%% rabbitmq_auth_backend_ldap plugins.
%%
%% NB: These options require that the relevant plugin is enabled.
%% See http://www.rabbitmq.com/plugins.html for further details.
%% The RabbitMQ-auth-mechanism-ssl plugin makes it possible to
%% authenticate a user based on the client's SSL certificate.
%%
%% To use auth-mechanism-ssl, add to or replace the auth_mechanisms
%% list with the entry 'EXTERNAL'.
%%
%% {auth_mechanisms, ['EXTERNAL']},
%% The rabbitmq_auth_backend_ldap plugin allows the broker to
%% perform authentication and authorisation by deferring to an
%% external LDAP server.
%%
%% For more information about configuring the LDAP backend, see
%% http://www.rabbitmq.com/ldap.html.
%%
%% Enable the LDAP auth backend by adding to or replacing the
%% auth_backends entry:
%%
%% {auth_backends, [rabbit_auth_backend_ldap]},
%% This pertains to both the rabbitmq_auth_mechanism_ssl plugin and
%% STOMP ssl_cert_login configurations. See the rabbitmq_stomp
%% configuration section later in this file and the README in
%% https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further
%% details.
%%
%% To use the SSL cert's CN instead of its DN as the username
%%
%% {ssl_cert_login_from, common_name},
%% SSL handshake timeout, in milliseconds.
%%
%% {ssl_handshake_timeout, 5000},
%%
%% Default User / VHost
%% ====================
%%
%% On first start RabbitMQ will create a vhost and a user. These
%% config items control what gets created. See
%% http://www.rabbitmq.com/access-control.html for further
%% information about vhosts and access control.
%%
%% {default_vhost, <<"/">>},
%% {default_user, <<"guest">>},
%% {default_pass, <<"guest">>},
%% {default_permissions, [<<".*">>, <<".*">>, <<".*">>]},
%% Tags for default user
%%
%% For more details about tags, see the documentation for the
%% Management Plugin at http://www.rabbitmq.com/management.html.
%%
%% {default_user_tags, [administrator]},
%%
%% Additional network and protocol related configuration
%% =====================================================
%%
%% Set the default AMQP heartbeat delay (in seconds).
%%
%% {heartbeat, 600},
%% Set the max permissible size of an AMQP frame (in bytes).
%%
%% {frame_max, 131072},
%% Set the max permissible number of channels per connection.
%% 0 means "no limit".
%%
%% {channel_max, 128},
%% Customising Socket Options.
%%
%% See (http://www.erlang.org/doc/man/inet.html#setopts-2) for
%% further documentation.
%%
%% {tcp_listen_options, [binary,
%% {packet, raw},
%% {reuseaddr, true},
%% {backlog, 128},
%% {nodelay, true},
%% {exit_on_close, false}]},
%%
%% Resource Limits & Flow Control
%% ==============================
%%
%% See http://www.rabbitmq.com/memory.html for full details.
%% Memory-based Flow Control threshold.
%%
%% {vm_memory_high_watermark, 0.4},
%% Alternatively, we can set a limit (in bytes) of RAM used by the node.
%%
%% {vm_memory_high_watermark, {absolute, 1073741824}},
%% Fraction of the high watermark limit at which queues start to
%% page message out to disc in order to free up memory.
%%
%% {vm_memory_high_watermark_paging_ratio, 0.5},
%% Set disk free limit (in bytes). Once free disk space reaches this
%% lower bound, a disk alarm will be set - see the documentation
%% listed above for more details.
%%
%% {disk_free_limit, 50000000},
%% Alternatively, we can set a limit relative to total available RAM.
%%
%% {disk_free_limit, {mem_relative, 1.0}},
%%
%% Misc/Advanced Options
%% =====================
%%
%% NB: Change these only if you understand what you are doing!
%%
%% To announce custom properties to clients on connection:
%%
%% {server_properties, []},
%% How to respond to cluster partitions.
%% See http://www.rabbitmq.com/partitions.html for further details.
%%
%% {cluster_partition_handling, ignore},
%% Make clustering happen *automatically* at startup - only applied
%% to nodes that have just been reset or started for the first time.
%% See http://www.rabbitmq.com/clustering.html#auto-config for
%% further details.
%%
%% {cluster_nodes, {['rabbit@my.host.com'], disc}},
%% Interval (in milliseconds) at which we send keepalive messages
%% to other cluster members. Note that this is not the same thing
%% as net_ticktime; missed keepalive messages will not cause nodes
%% to be considered down.
%%
%% {cluster_keepalive_interval, 10000},
%% Set (internal) statistics collection granularity.
%%
%% {collect_statistics, none},
%% Statistics collection interval (in milliseconds).
%%
%% {collect_statistics_interval, 5000},
%% Explicitly enable/disable hipe compilation.
%%
%% {hipe_compile, true},
%% Timeout used when waiting for Mnesia tables in a cluster to
%% become available.
%%
%% {mnesia_table_loading_timeout, 30000},
%% Size in bytes below which to embed messages in the queue index. See
%% http://www.rabbitmq.com/persistence-conf.html
%%
%% {queue_index_embed_msgs_below, 4096}
]},
%% ----------------------------------------------------------------------------
%% Advanced Erlang Networking/Clustering Options.
%%
%% See http://www.rabbitmq.com/clustering.html for details
%% ----------------------------------------------------------------------------
{kernel,
[%% Sets the net_kernel tick time.
%% Please see http://erlang.org/doc/man/kernel_app.html and
%% http://www.rabbitmq.com/nettick.html for further details.
%%
%% {net_ticktime, 60}
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ Management Plugin
%%
%% See http://www.rabbitmq.com/management.html for details
%% ----------------------------------------------------------------------------
{rabbitmq_management,
[%% Pre-Load schema definitions from the following JSON file. See
%% http://www.rabbitmq.com/management.html#load-definitions
%%
%% {load_definitions, "/path/to/schema.json"},
%% Log all requests to the management HTTP API to a file.
%%
%% {http_log_dir, "/path/to/access.log"},
%% Change the port on which the HTTP listener listens,
%% specifying an interface for the web server to bind to.
%% Also set the listener to use SSL and provide SSL options.
%%
%% {listener, [{port, 12345},
%% {ip, "127.0.0.1"},
%% {ssl, true},
%% {ssl_opts, [{cacertfile, "/path/to/cacert.pem"},
%% {certfile, "/path/to/cert.pem"},
%% {keyfile, "/path/to/key.pem"}]}]},
%% One of 'basic', 'detailed' or 'none'. See
%% http://www.rabbitmq.com/management.html#fine-stats for more details.
%% {rates_mode, basic},
%% Configure how long aggregated data (such as message rates and queue
%% lengths) is retained. Please read the plugin's documentation in
%% http://www.rabbitmq.com/management.html#configuration for more
%% details.
%%
%% {sample_retention_policies,
%% [{global, [{60, 5}, {3600, 60}, {86400, 1200}]},
%% {basic, [{60, 5}, {3600, 60}]},
%% {detailed, [{10, 5}]}]}
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ Shovel Plugin
%%
%% See http://www.rabbitmq.com/shovel.html for details
%% ----------------------------------------------------------------------------
{rabbitmq_shovel,
[{shovels,
[%% A named shovel worker.
%% {my_first_shovel,
%% [
%% List the source broker(s) from which to consume.
%%
%% {sources,
%% [%% URI(s) and pre-declarations for all source broker(s).
%% {brokers, ["amqp://user:password@host.domain/my_vhost"]},
%% {declarations, []}
%% ]},
%% List the destination broker(s) to publish to.
%% {destinations,
%% [%% A singular version of the 'brokers' element.
%% {broker, "amqp://"},
%% {declarations, []}
%% ]},
%% Name of the queue to shovel messages from.
%%
%% {queue, <<"your-queue-name-goes-here">>},
%% Optional prefetch count.
%%
%% {prefetch_count, 10},
%% when to acknowledge messages:
%% - no_ack: never (auto)
%% - on_publish: after each message is republished
%% - on_confirm: when the destination broker confirms receipt
%%
%% {ack_mode, on_confirm},
%% Overwrite fields of the outbound basic.publish.
%%
%% {publish_fields, [{exchange, <<"my_exchange">>},
%% {routing_key, <<"from_shovel">>}]},
%% Static list of basic.properties to set on re-publication.
%%
%% {publish_properties, [{delivery_mode, 2}]},
%% The number of seconds to wait before attempting to
%% reconnect in the event of a connection failure.
%%
%% {reconnect_delay, 2.5}
%% ]} %% End of my_first_shovel
]}
%% Rather than specifying some values per-shovel, you can specify
%% them for all shovels here.
%%
%% {defaults, [{prefetch_count, 0},
%% {ack_mode, on_confirm},
%% {publish_fields, []},
%% {publish_properties, [{delivery_mode, 2}]},
%% {reconnect_delay, 2.5}]}
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ Stomp Adapter
%%
%% See http://www.rabbitmq.com/stomp.html for details
%% ----------------------------------------------------------------------------
{rabbitmq_stomp,
[%% Network Configuration - the format is generally the same as for the broker
%% Listen only on localhost (ipv4 & ipv6) on a specific port.
%% {tcp_listeners, [{"127.0.0.1", 61613},
%% {"::1", 61613}]},
%% Listen for SSL connections on a specific port.
%% {ssl_listeners, [61614]},
%% Additional SSL options
%% Extract a name from the client's certificate when using SSL.
%%
%% {ssl_cert_login, true},
%% Set a default user name and password. This is used as the default login
%% whenever a CONNECT frame omits the login and passcode headers.
%%
%% Please note that setting this will allow clients to connect without
%% authenticating!
%%
%% {default_user, [{login, "guest"},
%% {passcode, "guest"}]},
%% If a default user is configured, or you have configured use SSL client
%% certificate based authentication, you can choose to allow clients to
%% omit the CONNECT frame entirely. If set to true, the client is
%% automatically connected as the default user or user supplied in the
%% SSL certificate whenever the first frame sent on a session is not a
%% CONNECT frame.
%%
%% {implicit_connect, true}
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ MQTT Adapter
%%
%% See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md
%% for details
%% ----------------------------------------------------------------------------
{rabbitmq_mqtt,
[%% Set the default user name and password. Will be used as the default login
%% if a connecting client provides no other login details.
%%
%% Please note that setting this will allow clients to connect without
%% authenticating!
%%
%% {default_user, <<"guest">>},
%% {default_pass, <<"guest">>},
%% Enable anonymous access. If this is set to false, clients MUST provide
%% login information in order to connect. See the default_user/default_pass
%% configuration elements for managing logins without authentication.
%%
%% {allow_anonymous, true},
%% If you have multiple chosts, specify the one to which the
%% adapter connects.
%%
%% {vhost, <<"/">>},
%% Specify the exchange to which messages from MQTT clients are published.
%%
%% {exchange, <<"amq.topic">>},
%% Specify TTL (time to live) to control the lifetime of non-clean sessions.
%%
%% {subscription_ttl, 1800000},
%% Set the prefetch count (governing the maximum number of unacknowledged
%% messages that will be delivered).
%%
%% {prefetch, 10},
%% TCP/SSL Configuration (as per the broker configuration).
%%
%% {tcp_listeners, [1883]},
%% {ssl_listeners, []},
%% TCP/Socket options (as per the broker configuration).
%%
%% {tcp_listen_options, [binary,
%% {packet, raw},
%% {reuseaddr, true},
%% {backlog, 128},
%% {nodelay, true}]}
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ AMQP 1.0 Support
%%
%% See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md
%% for details
%% ----------------------------------------------------------------------------
{rabbitmq_amqp1_0,
[%% Connections that are not authenticated with SASL will connect as this
%% account. See the README for more information.
%%
%% Please note that setting this will allow clients to connect without
%% authenticating!
%%
%% {default_user, "guest"},
%% Enable protocol strict mode. See the README for more information.
%%
%% {protocol_strict_mode, false}
]},
%% ----------------------------------------------------------------------------
%% RabbitMQ LDAP Plugin
%%
%% See http://www.rabbitmq.com/ldap.html for details.
%%
%% ----------------------------------------------------------------------------
{rabbitmq_auth_backend_ldap,
[%%
%% Connecting to the LDAP server(s)
%% ================================
%%
%% Specify servers to bind to. You *must* set this in order for the plugin
%% to work properly.
%%
%% {servers, ["your-server-name-goes-here"]},
%% Connect to the LDAP server using SSL
%%
%% {use_ssl, false},
%% Specify the LDAP port to connect to
%%
%% {port, 389},
%% LDAP connection timeout, in milliseconds or 'infinity'
%%
%% {timeout, infinity},
%% Enable logging of LDAP queries.
%% One of
%% - false (no logging is performed)
%% - true (verbose logging of the logic used by the plugin)
%% - network (as true, but additionally logs LDAP network traffic)
%%
%% Defaults to false.
%%
%% {log, false},
%%
%% Authentication
%% ==============
%%
%% Pattern to convert the username given through AMQP to a DN before
%% binding
%%
%% {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"},
%% Alternatively, you can convert a username to a Distinguished
%% Name via an LDAP lookup after binding. See the documentation for
%% full details.
%% When converting a username to a dn via a lookup, set these to
%% the name of the attribute that represents the user name, and the
%% base DN for the lookup query.
%%
%% {dn_lookup_attribute, "userPrincipalName"},
%% {dn_lookup_base, "DC=gopivotal,DC=com"},
%% Controls how to bind for authorisation queries and also to
%% retrieve the details of users logging in without presenting a
%% password (e.g., SASL EXTERNAL).
%% One of
%% - as_user (to bind as the authenticated user - requires a password)
%% - anon (to bind anonymously)
%% - {UserDN, Password} (to bind with a specified user name and password)
%%
%% Defaults to 'as_user'.
%%
%% {other_bind, as_user},
%%
%% Authorisation
%% =============
%%
%% The LDAP plugin can perform a variety of queries against your
%% LDAP server to determine questions of authorisation. See
%% http://www.rabbitmq.com/ldap.html#authorisation for more
%% information.
%% Set the query to use when determining vhost access
%%
%% {vhost_access_query, {in_group,
%% "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}},
%% Set the query to use when determining resource (e.g., queue) access
%%
%% {resource_access_query, {constant, true}},
%% Set queries to determine which tags a user has
%%
%% {tag_queries, []}
]}
].