Cuttlefish schema for default config

1 files changed, 138 insertions, 0 deletions

diff --git a/rabbitmq.conf.d/ldap.conf b/rabbitmq.conf.d/ldap.conf
new file mode 100644
index 0000000000..2f51cbb409
--- /dev/null
+++ b/rabbitmq.conf.d/ldap.conf
@@ -0,0 +1,138 @@
+#  ## ----------------------------------------------------------------------------
+#  ## RabbitMQ LDAP Plugin
+#  ##
+#  ## See http://www.rabbitmq.com/ldap.html for details.
+#  ##
+#  ## ----------------------------------------------------------------------------
+
+
+# =======================================
+# LDAP section
+# =======================================
+
+# Should be defined in additional.conf maybe?
+
+#  {rabbitmq_auth_backend_ldap,
+#   [##
+#    ## Connecting to the LDAP server(s)
+#    ## ================================
+#    ##
+
+#    ## Specify servers to bind to. You *must* set this in order for the plugin
+#    ## to work properly.
+#    ##
+#    ## {servers, ["your-server-name-goes-here"]},
+
+ldap.servers.myserver = your-server-name-goes-here
+
+#    ## Connect to the LDAP server using SSL
+#    ##
+#    ## {use_ssl, false},
+
+ldap.use_ssl = false
+
+#    ## Specify the LDAP port to connect to
+#    ##
+#    ## {port, 389},
+
+ldap.port = 389
+
+#    ## LDAP connection timeout, in milliseconds or 'infinity'
+#    ##
+#    ## {timeout, infinity},
+
+ldap.timeout = infinity
+
+# Or number
+# ldap.timeout = 500
+
+#    ## Enable logging of LDAP queries.
+#    ## One of
+#    ##   - false (no logging is performed)
+#    ##   - true (verbose logging of the logic used by the plugin)
+#    ##   - network (as true, but additionally logs LDAP network traffic)
+#    ##
+#    ## Defaults to false.
+#    ##
+#    ## {log, false},
+
+ldap.log = false
+
+# Also can be true or network
+# ldap.log = true
+# ldap.log = network
+
+#    ##
+#    ## Authentication
+#    ## ==============
+#    ##
+
+#    ## Pattern to convert the username given through AMQP to a DN before
+#    ## binding
+#    ##
+#    ## {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"},
+
+ldap.user_dn_pattern = cn=${username},ou=People,dc=example,dc=com
+
+#    ## Alternatively, you can convert a username to a Distinguished
+#    ## Name via an LDAP lookup after binding. See the documentation for
+#    ## full details.
+
+#    ## When converting a username to a dn via a lookup, set these to
+#    ## the name of the attribute that represents the user name, and the
+#    ## base DN for the lookup query.
+#    ##
+#    ## {dn_lookup_attribute,   "userPrincipalName"},
+#    ## {dn_lookup_base,        "DC=gopivotal,DC=com"},
+
+ldap.dn_lookup_attribute = userPrincipalName
+ldap.dn_lookup_base      = DC=gopivotal,DC=com
+
+#    ## Controls how to bind for authorisation queries and also to
+#    ## retrieve the details of users logging in without presenting a
+#    ## password (e.g., SASL EXTERNAL).
+#    ## One of
+#    ##  - as_user (to bind as the authenticated user - requires a password)
+#    ##  - anon    (to bind anonymously)
+#    ##  - {UserDN, Password} (to bind with a specified user name and password)
+#    ##
+#    ## Defaults to 'as_user'.
+#    ##
+#    ## {other_bind, as_user},
+
+ldap.other_bind = as_user
+
+# Or can be more complex:
+# ldap.other_bind.user_dn  = User
+# ldap.other_bind.password = Password
+# If user_dn and password defined - other options is ignored.
+
+# -----------------------------
+# Too complex section of LDAP
+# -----------------------------
+
+#    ##
+#    ## Authorisation
+#    ## =============
+#    ##
+
+#    ## The LDAP plugin can perform a variety of queries against your
+#    ## LDAP server to determine questions of authorisation. See
+#    ## http://www.rabbitmq.com/ldap.html#authorisation for more
+#    ## information.
+
+#    ## Set the query to use when determining vhost access
+#    ##
+#    ## {vhost_access_query, {in_group,
+#    ##                       "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}},
+
+#    ## Set the query to use when determining resource (e.g., queue) access
+#    ##
+#    ## {resource_access_query, {constant, true}},
+
+#    ## Set queries to determine which tags a user has
+#    ##
+#    ## {tag_queries, []}
+#   ]},
+# -----------------------------
+