diff options
| author | Daniil Fedotov <dfedotov@pivotal.io> | 2016-02-17 11:11:57 +0000 |
|---|---|---|
| committer | Daniil Fedotov <dfedotov@pivotal.io> | 2016-02-17 11:11:57 +0000 |
| commit | 7104595588c739dc8e92671b0307adcb9b40ef2f (patch) | |
| tree | 67bfc4911d5e1a5617e13fb15effd2eb3c8f9d3b /scripts | |
| parent | 77bea34198bbbf4f67f726652e5144ca14d66601 (diff) | |
| download | rabbitmq-server-git-7104595588c739dc8e92671b0307adcb9b40ef2f.tar.gz | |
Support for plugin schemas
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/rabbitmq-defaults | 2 | ||||
| -rw-r--r-- | scripts/rabbitmq-defaults.bat | 2 | ||||
| -rw-r--r-- | scripts/rabbitmq-env | 3 | ||||
| -rwxr-xr-x | scripts/rabbitmq-server | 8 | ||||
| -rw-r--r-- | scripts/rabbitmq-server.bat | 9 | ||||
| -rw-r--r-- | scripts/rabbitmq-service.bat | 11 | ||||
| -rw-r--r-- | scripts/rabbitmq.schema | 1578 |
7 files changed, 24 insertions, 1589 deletions
diff --git a/scripts/rabbitmq-defaults b/scripts/rabbitmq-defaults index b5427eee46..b102b3619c 100644 --- a/scripts/rabbitmq-defaults +++ b/scripts/rabbitmq-defaults @@ -39,7 +39,7 @@ LOG_BASE=${SYS_PREFIX}/var/log/rabbitmq MNESIA_BASE=${SYS_PREFIX}/var/lib/rabbitmq/mnesia ENABLED_PLUGINS_FILE=${SYS_PREFIX}/etc/rabbitmq/enabled_plugins GENERATED_CONFIG_DIR=${SYS_PREFIX}/var/lib/rabbitmq/config -RABBITMQ_CONFIG_ADDITIONAL=${SYS_PREFIX}/etc/rabbitmq/additional +RABBITMQ_CONFIG_ADVANCED=${SYS_PREFIX}/etc/rabbitmq/advanced PLUGINS_DIR="${RABBITMQ_HOME}/plugins" IO_THREAD_POOL_SIZE=64 diff --git a/scripts/rabbitmq-defaults.bat b/scripts/rabbitmq-defaults.bat index 3c57b2ab34..7c351bf48a 100644 --- a/scripts/rabbitmq-defaults.bat +++ b/scripts/rabbitmq-defaults.bat @@ -42,7 +42,7 @@ set LOG_BASE=!RABBITMQ_BASE!\log set MNESIA_BASE=!RABBITMQ_BASE!\db
set ENABLED_PLUGINS_FILE=!RABBITMQ_BASE!\enabled_plugins
set GENERATED_CONFIG_DIR=!RABBITMQ_BASE!\config
-set RABBITMQ_CONFIG_ADDITIONAL=!RABBITMQ_BASE!\additional
+set RABBITMQ_CONFIG_ADVANCED=!RABBITMQ_BASE!\advanced
REM PLUGINS_DIR="${RABBITMQ_HOME}/plugins"
for /f "delims=" %%F in ("!TDP0!..\plugins") do set PLUGINS_DIR=%%~dpsF%%~nF%%~xF
diff --git a/scripts/rabbitmq-env b/scripts/rabbitmq-env index 9a2b7acc3c..a360631a19 100644 --- a/scripts/rabbitmq-env +++ b/scripts/rabbitmq-env @@ -259,7 +259,8 @@ if [ "${RABBITMQ_DEV_ENV}" ]; then RABBITMQ_ENABLED_PLUGINS_FILE="${enabled_plugins_file}" fi fi - + + if [ -d "${RABBITMQ_PLUGINS_DIR}" ]; then # RabbitMQ was started with "make run-broker" from its own # source tree. Take rabbit_common from the plugins directory. diff --git a/scripts/rabbitmq-server b/scripts/rabbitmq-server index 1b95d9efb1..9f70c7f992 100755 --- a/scripts/rabbitmq-server +++ b/scripts/rabbitmq-server @@ -70,7 +70,7 @@ RABBITMQ_DIST_PORT=$RABBITMQ_DIST_PORT \ ${RABBITMQ_NAME_TYPE} rabbitmqprelaunch$$ \ -conf_dir "${RABBITMQ_GENERATED_CONFIG_DIR}" \ -conf_script_dir "`dirname $0`" \ - -conf_additional "${RABBITMQ_CONFIG_ADDITIONAL}" \ + -conf_advanced "${RABBITMQ_CONFIG_ADVANCED}" \ -extra "${RABBITMQ_NODENAME}" PRELAUNCH_RESULT=$? @@ -89,7 +89,11 @@ set -e if [ -f "${RABBITMQ_CONFIG_FILE}.config" ]; then RABBITMQ_CONFIG_ARG="-config ${RABBITMQ_CONFIG_FILE}" elif [ -f "${RABBITMQ_CONFIG_FILE}.conf" ]; then - RABBITMQ_CONFIG_ARG="-conf ${RABBITMQ_CONFIG_FILE} -conf_dir ${RABBITMQ_GENERATED_CONFIG_DIR} -conf_script_dir `dirname $0` -conf_additional ${RABBITMQ_CONFIG_ADDITIONAL}" + RABBITMQ_CONFIG_ARG="-conf ${RABBITMQ_CONFIG_FILE} \ + -conf_dir ${RABBITMQ_GENERATED_CONFIG_DIR} \ + -conf_script_dir `dirname $0` \ + -conf_advanced ${RABBITMQ_CONFIG_ADVANCED} \ + -conf_schema_dir ${RABBITMQ_HOME}/priv/schema" fi RABBITMQ_LISTEN_ARG= diff --git a/scripts/rabbitmq-server.bat b/scripts/rabbitmq-server.bat index d2c63d2036..2064dc1474 100644 --- a/scripts/rabbitmq-server.bat +++ b/scripts/rabbitmq-server.bat @@ -50,7 +50,8 @@ set RABBITMQ_CONFIG_FILE="!RABBITMQ_CONFIG_FILE!" !RABBITMQ_NAME_TYPE! rabbitmqprelaunch!RANDOM!!TIME:~9! ^
-conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" ^
-conf_script_dir "%~dp0" ^
- -conf_additional "!RABBITMQ_CONFIG_ADDITIONAL!" ^
+ -conf_advanced "!RABBITMQ_CONFIG_ADVANCED!" ^
+ -conf_schema_dir "!RABBITMQ_HOME!\priv\schema" ^
-extra "!RABBITMQ_NODENAME!"
if ERRORLEVEL 2 (
@@ -66,7 +67,11 @@ set RABBITMQ_EBIN_PATH="-pa !RABBITMQ_EBIN_ROOT!" if exist "!RABBITMQ_CONFIG_FILE!.config" (
set RABBITMQ_CONFIG_ARG=-config "!RABBITMQ_CONFIG_FILE!"
) else if exist "!RABBITMQ_CONFIG_FILE!.conf" (
- set RABBITMQ_CONFIG_ARG=-conf "!RABBITMQ_CONFIG_FILE!" -conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" -conf_script_dir "%~dp0" -conf_additional "!RABBITMQ_CONFIG_ADDITIONAL!"
+ set RABBITMQ_CONFIG_ARG=-conf "!RABBITMQ_CONFIG_FILE!" ^
+ -conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" ^
+ -conf_script_dir "%~dp0" ^
+ -conf_advanced "!RABBITMQ_CONFIG_ADVANCED!" ^
+ -conf_schema_dir "!RABBITMQ_HOME!\priv\schema"
) else (
set RABBITMQ_CONFIG_ARG=
)
diff --git a/scripts/rabbitmq-service.bat b/scripts/rabbitmq-service.bat index 8de3330f2c..78ca812e8d 100644 --- a/scripts/rabbitmq-service.bat +++ b/scripts/rabbitmq-service.bat @@ -122,7 +122,8 @@ set RABBITMQ_CONFIG_FILE="!RABBITMQ_CONFIG_FILE!" -s rabbit_prelaunch ^
-conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" ^
-conf_script_dir "!TDP0!" ^
- -conf_additional "!RABBITMQ_CONFIG_ADDITIONAL!" ^
+ -conf_advanced "!RABBITMQ_CONFIG_ADVANCED!" ^
+ -conf_schema_dir "!RABBITMQ_HOME!\priv\schema" ^
!RABBITMQ_NAME_TYPE! rabbitmqprelaunch!RANDOM!!TIME:~9!
if ERRORLEVEL 3 (
@@ -140,11 +141,13 @@ if ERRORLEVEL 3 ( if exist "!RABBITMQ_CONFIG_FILE!.config" (
set RABBITMQ_CONFIG_ARG=-config "!RABBITMQ_CONFIG_FILE!"
) else if exist "!RABBITMQ_CONFIG_FILE!.conf" (
- set RABBITMQ_CONFIG_ARG=-conf "!RABBITMQ_CONFIG_FILE!" -conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" -conf_script_dir "!TDP0!" -conf_additional "!RABBITMQ_CONFIG_ADDITIONAL!"
-) else (
rem Always specify generated config arguments, we cannot
rem assume generated file is available
- set RABBITMQ_CONFIG_ARG=-conf "!RABBITMQ_CONFIG_FILE!" -conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" -conf_script_dir "!TDP0!" -conf_additional "!RABBITMQ_CONFIG_ADDITIONAL!"
+ set RABBITMQ_CONFIG_ARG=-conf "!RABBITMQ_CONFIG_FILE!" ^
+ -conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" ^
+ -conf_script_dir "!TDP0!" ^
+ -conf_advanced "!RABBITMQ_CONFIG_ADVANCED!" ^
+ -conf_schema_dir "!RABBITMQ_HOME!\priv\schema"
)
set RABBITMQ_LISTEN_ARG=
diff --git a/scripts/rabbitmq.schema b/scripts/rabbitmq.schema deleted file mode 100644 index b7663700cc..0000000000 --- a/scripts/rabbitmq.schema +++ /dev/null @@ -1,1578 +0,0 @@ -% ============================== -% Rabbit app section -% ============================== - -%% -%% Network Connectivity -%% ==================== -%% - -%% By default, RabbitMQ will listen on all interfaces, using -%% the standard (reserved) AMQP port. -%% -%% {tcp_listeners, [5672]}, -%% To listen on a specific interface, provide a tuple of {IpAddress, Port}. -%% For example, to listen only on localhost for both IPv4 and IPv6: -%% -%% {tcp_listeners, [{"127.0.0.1", 5672}, -%% {"::1", 5672}]}, - -{mapping, "listeners.tcp.$name", "rabbit.tcp_listeners",[ - {datatype, [integer, ip]} -]}. - -{translation, "rabbit.tcp_listeners", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("listeners.tcp", Conf), - [ V || {_, V} <- Settings ] -end}. - -%% SSL listeners are configured in the same fashion as TCP listeners, -%% including the option to control the choice of interface. -%% -%% {ssl_listeners, [5671]}, - -{mapping, "listeners.ssl.$name", "rabbit.ssl_listeners",[ - {datatype, [integer, ip]} -]}. - -{translation, "rabbit.ssl_listeners", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("listeners.ssl", Conf), - [ V || {_, V} <- Settings ] -end}. - -%% Number of Erlang processes that will accept connections for the TCP -%% and SSL listeners. -%% -%% {num_tcp_acceptors, 10}, -%% {num_ssl_acceptors, 1}, - -{mapping, "num_acceptors.ssl", "rabbit.num_ssl_acceptors", [ - {datatype, integer} -]}. - -{mapping, "num_acceptors.tcp", "rabbit.num_tcp_acceptors", [ - {datatype, integer} -]}. - - -%% Maximum time for AMQP 0-8/0-9/0-9-1 handshake (after socket connection -%% and SSL handshake), in milliseconds. -%% -%% {handshake_timeout, 10000}, - -{mapping, "handshake_timeout", "rabbit.handshake_timeout", [ - {datatype, integer} -]}. - -%% Set to 'true' to perform reverse DNS lookups when accepting a -%% connection. Hostnames will then be shown instead of IP addresses -%% in rabbitmqctl and the management plugin. -%% -%% {reverse_dns_lookups, true}, - -{mapping, "reverse_dns_lookups", "rabbit.reverse_dns_lookups", [ - {datatype, {enum, [true, false]}} -]}. - -{mapping, "erlang.K", "vm_args.+K", [ - {default, "true"}, - {level, advanced} -]}. - -%% -%% Security / AAA -%% ============== -%% - -%% The default "guest" user is only permitted to access the server -%% via a loopback interface (e.g. localhost). -%% {loopback_users, [<<"guest">>]}, -%% -%% Uncomment the following line if you want to allow access to the -%% guest user from anywhere on the network. -%% {loopback_users, []}, - -{mapping, "loopback_users.$user", "rabbit.loopback_users", [ - {datatype, atom} -]}. - -{translation, "rabbit.loopback_users", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("loopback_users", Conf), - [ list_to_binary(U) || {["loopback_users", U], V} <- Settings, V == true ] -end}. - -%% Configuring SSL. -%% See http://www.rabbitmq.com/ssl.html for full documentation. -%% -%% {ssl_options, [{cacertfile, "/path/to/testca/cacert.pem"}, -%% {certfile, "/path/to/server/cert.pem"}, -%% {keyfile, "/path/to/server/key.pem"}, -%% {verify, verify_peer}, -%% {fail_if_no_peer_cert, false}]}, - -%% SSL options section ======================================================== - -{mapping, "ssl_options.verify", "rabbit.ssl_options.verify", [ - {datatype, {enum, [verify_peer, verify_none]}}]}. - -{mapping, "ssl_options.fail_if_no_peer_cert", "rabbit.ssl_options.fail_if_no_peer_cert", [ - {datatype, {enum, [true, false]}}]}. - -{mapping, "ssl_options.cacertfile", "rabbit.ssl_options.cacertfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "ssl_options.certfile", "rabbit.ssl_options.certfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "ssl_options.cacerts.$name", "rabbit.ssl_options.cacerts", - [{datatype, string}]}. - -{translation, "rabbit.ssl_options.cacerts", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("ssl_options.cacerts", Conf), - [ list_to_binary(V) || {_, V} <- Settings ] -end}. - -{mapping, "ssl_options.cert", "rabbit.ssl_options.cert", - [{datatype, string}]}. - -{translation, "rabbit.ssl_options.cert", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("ssl_options.cert", Conf)) -end}. - -{mapping, "ssl_options.client_renegotiation", "rabbit.ssl_options.client_renegotiation", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "ssl_options.crl_check", "rabbit.ssl_options.crl_check", - [{datatype, [{enum, [true, false, peer, best_effort]}]}]}. - -{mapping, "ssl_options.depth", "rabbit.ssl_options.depth", - [{datatype, integer}, {validators, ["byte"]}]}. - -{mapping, "ssl_options.dh", "rabbit.ssl_options.dh", - [{datatype, string}]}. - -{translation, "rabbit.ssl_options.dh", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("ssl_options.dh", Conf)) -end}. - -{mapping, "ssl_options.dhfile", "rabbit.ssl_options.dhfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "ssl_options.honor_cipher_order", "rabbit.ssl_options.honor_cipher_order", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "ssl_options.key.RSAPrivateKey", "rabbit.ssl_options.key", - [{datatype, string}]}. - -{mapping, "ssl_options.key.DSAPrivateKey", "rabbit.ssl_options.key", - [{datatype, string}]}. - -{mapping, "ssl_options.key.PrivateKeyInfo", "rabbit.ssl_options.key", - [{datatype, string}]}. - -{translation, "rabbit.ssl_options.key", -fun(Conf) -> - case cuttlefish_variable:filter_by_prefix("ssl_options.key", Conf) of - [{[_,_,Key], Val}|_] -> {list_to_atom(Key), list_to_binary(Val)}; - _ -> undefined - end -end}. - -{mapping, "ssl_options.keyfile", "rabbit.ssl_options.keyfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "ssl_options.log_alert", "rabbit.ssl_options.log_alert", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "ssl_options.password", "rabbit.ssl_options.password", - [{datatype, string}]}. - -{mapping, "ssl_options.psk_identity", "rabbit.ssl_options.psk_identity", - [{datatype, string}]}. - -{mapping, "ssl_options.reuse_sessions", "rabbit.ssl_options.reuse_sessions", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "ssl_options.secure_renegotiate", "rabbit.ssl_options.secure_renegotiate", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "ssl_options.versions.$version", "rabbit.ssl_options.versions", - [{datatype, atom}]}. - -{translation, "rabbit.ssl_options.versions", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("ssl_options.cacerts", Conf), - [ V || {_, V} <- Settings ] -end}. - -%% =========================================================================== - -%% Choose the available SASL mechanism(s) to expose. -%% The two default (built in) mechanisms are 'PLAIN' and -%% 'AMQPLAIN'. Additional mechanisms can be added via -%% plugins. -%% -%% See http://www.rabbitmq.com/authentication.html for more details. -%% -%% {auth_mechanisms, ['PLAIN', 'AMQPLAIN']}, - -{mapping, "auth_mechanisms.$name", "rabbit.auth_mechanisms", [ - {datatype, atom}]}. - -{translation, "rabbit.auth_mechanisms", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("auth_mechanisms", Conf), - [ V || {_, V} <- Settings ] -end}. - - -%% Select an authentication database to use. RabbitMQ comes bundled -%% with a built-in auth-database, based on mnesia. -%% -%% {auth_backends, [rabbit_auth_backend_internal]}, - -{translation, "rabbit.auth_backends", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("auth_backends", Conf), - BackendModule = fun - (internal) -> rabbit_auth_backend_internal; - (ldap) -> rabbit_auth_backend_ldap; - (http) -> rabbit_auth_backend_http; - (amqp) -> rabbit_auth_backend_amqp; - (dummy) -> rabbit_auth_backend_dummy; - (Other) when is_atom(Other) -> Other; - (_) -> cuttlefish:invalid("Invalid auth backend") - end, - AuthBackends = [ {Num, {default, BackendModule(V)}} || {["auth_backends", Num], V} <- Settings ], - AuthNBackends = [ {Num, {authn, BackendModule(V)}} || {["auth_backends", Num, "authn"], V} <- Settings ], - AuthZBackends = [ {Num, {authz, BackendModule(V)}} || {["auth_backends", Num, "authz"], V} <- Settings ], - Backends = lists:foldl( - fun({NumStr, {Type, V}}, Acc) -> - Num = case catch list_to_integer(NumStr) of - N when is_integer(N) -> N; - Err -> - cuttlefish:invalid( - iolist_to_binary(io_lib:format( - "Auth backend number should be integer ~p", [Err]))) - end, - NewVal = case dict:find(Num, Acc) of - {ok, {AuthN, AuthZ}} -> - case {Type, AuthN, AuthZ} of - {authn, undefined, _} -> - {V, AuthZ}; - {authz, _, undefined} -> - {AuthN, V}; - _ -> - cuttlefish:invalid( - iolist_to_binary( - io_lib:format( - "Auth backend already defined for ~pth ~p backend", - [Num, Type]))) - end; - error -> - case Type of - authn -> {V, undefined}; - authz -> {undefined, V}; - default -> {V, V} - end - end, - dict:store(Num, NewVal, Acc) - end, - dict:new(), - AuthBackends ++ AuthNBackends ++ AuthZBackends), - lists:map( - fun - ({Num, {undefined, AuthZ}}) -> - cuttlefish:warn( - io_lib:format( - "Auth backend undefined for ~pth authz backend. Using ~p", - [Num, AuthZ])), - {AuthZ, AuthZ}; - ({Num, {AuthN, undefined}}) -> - cuttlefish:warn( - io_lib:format( - "Auth backend undefined for ~pth authn backend. Using ~p", - [Num, AuthN])), - {AuthN, AuthN}; - ({_Num, {Auth, Auth}}) -> Auth; - ({_Num, {AuthN, AuthZ}}) -> {AuthN, AuthZ} - end, - lists:keysort(1, dict:to_list(Backends))) -end}. - -{mapping, "auth_backends.$num", "rabbit.auth_backends", [ - {datatype, atom} -]}. - -{mapping, "auth_backends.$num.authn", "rabbit.auth_backends",[ - {datatype, atom} -]}. - -{mapping, "auth_backends.$num.authz", "rabbit.auth_backends",[ - {datatype, atom} -]}. - -%% This pertains to both the rabbitmq_auth_mechanism_ssl plugin and -%% STOMP ssl_cert_login configurations. See the rabbitmq_stomp -%% configuration section later in this file and the README in -%% https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further -%% details. -%% -%% To use the SSL cert's CN instead of its DN as the username -%% -%% {ssl_cert_login_from, common_name}, - -{mapping, "ssl_cert_login_from", "rabbit.ssl_cert_login_from", [ - {datatype, {enum, [distinguished_name, common_name]}} -]}. - -%% SSL handshake timeout, in milliseconds. -%% -%% {ssl_handshake_timeout, 5000}, - -{mapping, "ssl_handshake_timeout", "rabbit.ssl_handshake_timeout", [ - {datatype, integer} -]}. - -%% Password hashing implementation. Will only affect newly -%% created users. To recalculate hash for an existing user -%% it's necessary to update her password. -%% -%% When importing definitions exported from versions earlier -%% than 3.6.0, it is possible to go back to MD5 (only do this -%% as a temporary measure!) by setting this to rabbit_password_hashing_md5. -%% -%% To use SHA-512, set to rabbit_password_hashing_sha512. -%% -%% {password_hashing_module, rabbit_password_hashing_sha256}, - -{mapping, "password_hashing_module", "rabbit.password_hashing_module", [ - {datatype, atom} -]}. - -%% -%% Default User / VHost -%% ==================== -%% - -%% On first start RabbitMQ will create a vhost and a user. These -%% config items control what gets created. See -%% http://www.rabbitmq.com/access-control.html for further -%% information about vhosts and access control. -%% -%% {default_vhost, <<"/">>}, -%% {default_user, <<"guest">>}, -%% {default_pass, <<"guest">>}, -%% {default_permissions, [<<".*">>, <<".*">>, <<".*">>]}, - -{mapping, "default_vhost", "rabbit.default_vhost", [ - {datatype, string} -]}. - -{translation, "rabbit.default_vhost", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("default_vhost", Conf)) -end}. - -{mapping, "default_user", "rabbit.default_user", [ - {datatype, string} -]}. - -{translation, "rabbit.default_user", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("default_user", Conf)) -end}. - -{mapping, "default_pass", "rabbit.default_pass", [ - {datatype, string} -]}. - -{translation, "rabbit.default_pass", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("default_pass", Conf)) -end}. - -{mapping, "default_permissions.configure", "rabbit.default_permissions", [ - {datatype, string} -]}. - -{mapping, "default_permissions.read", "rabbit.default_permissions", [ - {datatype, string} -]}. - -{mapping, "default_permissions.write", "rabbit.default_permissions", [ - {datatype, string} -]}. - -{translation, "rabbit.default_permissions", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("default_permissions", Conf), - Configure = proplists:get_value(["default_permissions", "configure"], Settings), - Read = proplists:get_value(["default_permissions", "read"], Settings), - Write = proplists:get_value(["default_permissions", "write"], Settings), - [list_to_binary(Configure), list_to_binary(Read), list_to_binary(Write)] -end}. - -%% Tags for default user -%% -%% For more details about tags, see the documentation for the -%% Management Plugin at http://www.rabbitmq.com/management.html. -%% -%% {default_user_tags, [administrator]}, - -{mapping, "default_user_tags.$tag", "rabbit.default_user_tags", - [{datatype, {enum, [true, false]}}]}. - -{translation, "rabbit.default_user_tags", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("default_user_tags", Conf), - [ list_to_atom(Key) || {[_,Key], Val} <- Settings, Val == true ] -end}. - -%% -%% Additional network and protocol related configuration -%% ===================================================== -%% - -%% Set the default AMQP heartbeat delay (in seconds). -%% -%% {heartbeat, 600}, - -{mapping, "heartbeat", "rabbit.heartbeat", [{datatype, integer}]}. - -%% Set the max permissible size of an AMQP frame (in bytes). -%% -%% {frame_max, 131072}, - -{mapping, "frame_max", "rabbit.frame_max", [{datatype, bytesize}]}. - -%% Set the max frame size the server will accept before connection -%% tuning occurs -%% -%% {initial_frame_max, 4096}, - -{mapping, "initial_frame_max", "rabbit.initial_frame_max", [{datatype, bytesize}]}. - -%% Set the max permissible number of channels per connection. -%% 0 means "no limit". -%% -%% {channel_max, 128}, - -{mapping, "channel_max", "rabbit.channel_max", [{datatype, integer}]}. - -%% Customising Socket Options. -%% -%% See (http://www.erlang.org/doc/man/inet.html#setopts-2) for -%% further documentation. -%% -%% {tcp_listen_options, [{backlog, 128}, -%% {nodelay, true}, -%% {exit_on_close, false}]}, - -%% TCP listener section ====================================================== - -{mapping, "tcp_listen_options.backlog", "rabbit.tcp_listen_options.backlog", [ - {datatype, integer} -]}. - -{mapping, "tcp_listen_options.nodelay", "rabbit.tcp_listen_options.nodelay", [ - {datatype, {enum, [true, false]}} -]}. - -{mapping, "tcp_listen_options.buffer", "rabbit.tcp_listen_options.buffer", - [{datatype, integer}]}. - -{mapping, "tcp_listen_options.delay_send", "rabbit.tcp_listen_options.delay_send", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "tcp_listen_options.dontroute", "rabbit.tcp_listen_options.dontroute", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "tcp_listen_options.exit_on_close", "rabbit.tcp_listen_options.exit_on_close", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "tcp_listen_options.fd", "rabbit.tcp_listen_options.fd", - [{datatype, integer}]}. - -{mapping, "tcp_listen_options.high_msgq_watermark", "rabbit.tcp_listen_options.high_msgq_watermark", - [{datatype, integer}]}. - -{mapping, "tcp_listen_options.high_watermark", "rabbit.tcp_listen_options.high_watermark", - [{datatype, integer}]}. - -{mapping, "tcp_listen_options.keepalive", "rabbit.tcp_listen_options.keepalive", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "tcp_listen_options.low_msgq_watermark", "rabbit.tcp_listen_options.low_msgq_watermark", - [{datatype, integer}]}. - -{mapping, "tcp_listen_options.low_watermark", "rabbit.tcp_listen_options.low_watermark", - [{datatype, integer}]}. - -{mapping, "tcp_listen_options.port", "rabbit.tcp_listen_options.port", - [{datatype, integer}, {validators, ["port"]}]}. - -{mapping, "tcp_listen_options.priority", "rabbit.tcp_listen_options.priority", - [{datatype, integer}]}. - -{mapping, "tcp_listen_options.recbuf", "rabbit.tcp_listen_options.recbuf", - [{datatype, integer}]}. - -{mapping, "tcp_listen_options.send_timeout", "rabbit.tcp_listen_options.send_timeout", - [{datatype, integer}]}. - -{mapping, "tcp_listen_options.send_timeout_close", "rabbit.tcp_listen_options.send_timeout_close", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "tcp_listen_options.sndbuf", "rabbit.tcp_listen_options.sndbuf", - [{datatype, integer}]}. - -{mapping, "tcp_listen_options.tos", "rabbit.tcp_listen_options.tos", - [{datatype, integer}]}. - -%% ========================================================================== - -%% -%% Resource Limits & Flow Control -%% ============================== -%% -%% See http://www.rabbitmq.com/memory.html for full details. - -%% Memory-based Flow Control threshold. -%% -%% {vm_memory_high_watermark, 0.4}, - -%% Alternatively, we can set a limit (in bytes) of RAM used by the node. -%% -%% {vm_memory_high_watermark, {absolute, 1073741824}}, -%% -%% Or you can set absolute value using memory units (with RabbitMQ 3.6.0+). -%% -%% {vm_memory_high_watermark, {absolute, "1024M"}}, -%% -%% Supported units suffixes: -%% -%% kb, KB: kibibytes (2^10 bytes) -%% mb, MB: mebibytes (2^20) -%% gb, GB: gibibytes (2^30) - -{mapping, "vm_memory_high_watermark.relative", "rabbit.vm_memory_high_watermark", [ - {datatype, float}]}. - -{mapping, "vm_memory_high_watermark.absolute", "rabbit.vm_memory_high_watermark", [ - {datatype, [integer, string]}]}. - - -{translation, "rabbit.vm_memory_high_watermark", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("vm_memory_high_watermark", Conf), - Absolute = proplists:get_value(["vm_memory_high_watermark", "absolute"], Settings), - Relative = proplists:get_value(["vm_memory_high_watermark", "relative"], Settings), - case {Absolute, Relative} of - {undefined, undefined} -> cuttlefish:invalid("No vm watermark defined"); - {_, undefined} -> {absolute, Absolute}; - _ -> Relative - end -end}. - -%% Fraction of the high watermark limit at which queues start to -%% page message out to disc in order to free up memory. -%% -%% Values greater than 0.9 can be dangerous and should be used carefully. -%% -%% {vm_memory_high_watermark_paging_ratio, 0.5}, - -{mapping, "vm_memory_high_watermark_paging_ratio", - "rabbit.vm_memory_high_watermark_paging_ratio", - [{datatype, float}, {validators, ["less_than_1"]}]}. - -%% Interval (in milliseconds) at which we perform the check of the memory -%% levels against the watermarks. -%% -%% {memory_monitor_interval, 2500}, - -{mapping, "memory_monitor_interval", "rabbit.memory_monitor_interval", - [{datatype, integer}]}. - -%% Set disk free limit (in bytes). Once free disk space reaches this -%% lower bound, a disk alarm will be set - see the documentation -%% listed above for more details. -%% -%% {disk_free_limit, 50000000}, -%% -%% Or you can set it using memory units (same as in vm_memory_high_watermark) -%% with RabbitMQ 3.6.0+. -%% {disk_free_limit, "50MB"}, -%% {disk_free_limit, "50000kB"}, -%% {disk_free_limit, "2GB"}, - -%% Alternatively, we can set a limit relative to total available RAM. -%% -%% Values lower than 1.0 can be dangerous and should be used carefully. -%% {disk_free_limit, {mem_relative, 2.0}}, - -{mapping, "disk_free_limit.relative", "rabbit.disk_free_limit", [ - {datatype, float}]}. - -{mapping, "disk_free_limit.absolute", "rabbit.disk_free_limit", [ - {datatype, [integer, string]}]}. - - -{translation, "rabbit.disk_free_limit", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("disk_free_limit", Conf), - Absolute = proplists:get_value(["disk_free_limit", "absolute"], Settings), - Relative = proplists:get_value(["disk_free_limit", "relative"], Settings), - case {Absolute, Relative} of - {undefined, undefined} -> cuttlefish:invalid("No disk limit defined"); - {_, undefined} -> Absolute; - _ -> {mem_relative, Relative} - end -end}. - -%% -%% Clustering -%% ===================== -%% - -%% How to respond to cluster partitions. -%% See http://www.rabbitmq.com/partitions.html for further details. -%% -%% {cluster_partition_handling, ignore}, - -{mapping, "cluster_partition_handling", "rabbit.cluster_partition_handling", - [{datatype, {enum, [ignore, pause_minority, autoheal, pause_if_all_down]}}]}. - -{mapping, "cluster_partition_handling.pause_if_all_down.recover", - "rabbit.cluster_partition_handling", - [{datatype, {enum, [ignore, autoheal]}}]}. - -{mapping, "cluster_partition_handling.pause_if_all_down.node.$name", - "rabbit.cluster_partition_handling", - [{datatype, atom}]}. - -{translation, "rabbit.cluster_partition_handling", -fun(Conf) -> - case cuttlefish:conf_get("cluster_partition_handling", Conf) of - pause_if_all_down -> - PauseIfAllDownNodes = cuttlefish_variable:filter_by_prefix( - "cluster_partition_handling.pause_if_all_down.node", - Conf), - case PauseIfAllDownNodes of - [] -> - cuttlefish:invalid("Nodes required for pause_if_all_down"); - _ -> - Nodes = [ V || {K,V} <- PauseIfAllDownNodes ], - PauseIfAllDownRecover = cuttlefish:conf_get( - "cluster_partition_handling.pause_if_all_down.recover", - Conf), - case PauseIfAllDownRecover of - Recover when Recover == ignore; Recover == autoheal -> - {pause_if_all_down, Nodes, Recover}; - Invalid -> - cuttlefish:invalid("Recover strategy required for pause_if_all_down") - end - end; - Other -> Other - end -end}. - -%% Mirror sync batch size, in messages. Increasing this will speed -%% up syncing but total batch size in bytes must not exceed 2 GiB. -%% Available in RabbitMQ 3.6.0 or later. -%% -%% {mirroring_sync_batch_size, 4096}, - -{mapping, "mirroring_sync_batch_size", "rabbit.mirroring_sync_batch_size", - [{datatype, bytesize}, {validators, ["size_less_than_2G"]}]}. - -%% Make clustering happen *automatically* at startup - only applied -%% to nodes that have just been reset or started for the first time. -%% See http://www.rabbitmq.com/clustering.html#auto-config for -%% further details. -%% -%% {cluster_nodes, {['rabbit@my.host.com'], disc}}, - -{mapping, "cluster_nodes.disc.$node", "rabbit.cluster_nodes", - [{datatype, atom}]}. - -{mapping, "cluster_nodes.ram.$node", "rabbit.cluster_nodes", - [{datatype, atom}]}. - -{translation, "rabbit.cluster_nodes", -fun(Conf) -> - DiskNodes = [ V || {_, V} <- cuttlefish_variable:filter_by_prefix("cluster_nodes.disc", Conf)], - RamNodes = [ V || {_, V} <- cuttlefish_variable:filter_by_prefix("cluster_nodes.ram", Conf)], - - case {DiskNodes, RamNodes} of - {_, []} -> {DiskNodes, disc}; - {[], _} -> {RamNodes, ram} - end -end}. - - -%% Interval (in milliseconds) at which we send keepalive messages -%% to other cluster members. Note that this is not the same thing -%% as net_ticktime; missed keepalive messages will not cause nodes -%% to be considered down. -%% -%% {cluster_keepalive_interval, 10000}, - -{mapping, "cluster_keepalive_interval", "rabbit.cluster_keepalive_interval", - [{datatype, integer}]}. - -%% -%% Statistics Collection -%% ===================== -%% - -%% Set (internal) statistics collection granularity. -%% -%% {collect_statistics, none}, - -{mapping, "collect_statistics", "rabbit.collect_statistics", - [{datatype, {enum, [none, coarse, fine]}}]}. - -%% Statistics collection interval (in milliseconds). Increasing -%% this will reduce the load on management database. -%% -%% {collect_statistics_interval, 5000}, - -{mapping, "collect_statistics_interval", "rabbit.collect_statistics_interval", - [{datatype, integer}]}. - -%% -%% Misc/Advanced Options -%% ===================== -%% -%% NB: Change these only if you understand what you are doing! -%% - -%% Explicitly enable/disable hipe compilation. -%% -%% {hipe_compile, true}, - -{mapping, "hipe_compile", "rabbit.hipe_compile", - [{datatype, {enum, [true, false]}}]}. - -%% Timeout used when waiting for Mnesia tables in a cluster to -%% become available. -%% -%% {mnesia_table_loading_timeout, 30000}, - -{mapping, "mnesia_table_loading_timeout", "rabbit.mnesia_table_loading_timeout", - [{datatype, integer}]}. - -%% Size in bytes below which to embed messages in the queue index. See -%% http://www.rabbitmq.com/persistence-conf.html -%% -%% {queue_index_embed_msgs_below, 4096} - -{mapping, "queue_index_embed_msgs_below", "rabbit.queue_index_embed_msgs_below", - [{datatype, bytesize}]}. - -%% ---------------------------------------------------------------------------- -%% Advanced Erlang Networking/Clustering Options. -%% -%% See http://www.rabbitmq.com/clustering.html for details -%% ---------------------------------------------------------------------------- -%% Sets the net_kernel tick time. -%% Please see http://erlang.org/doc/man/kernel_app.html and -%% http://www.rabbitmq.com/nettick.html for further details. -%% -%% {kernel, [{net_ticktime, 60}]}, -{mapping, "kernel.net_ticktime", "kernel.net_ticktime", - [{datatype, integer}]}. - -{mapping, "kernel.inet_dist_listen_min", "kernel.inet_dist_listen_min", - [{datatype, integer}]}. - -{mapping, "kernel.inet_dist_listen_max", "kernel.inet_dist_listen_max", - [{datatype, integer}]}. - -%% ---------------------------------------------------------------------------- -%% RabbitMQ AMQP 1.0 Support -%% -%% See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md -%% for details -%% ---------------------------------------------------------------------------- - -% {rabbitmq_amqp1_0,[ -%% Connections that are not authenticated with SASL will connect as this -%% account. See the README for more information. -%% -%% Please note that setting this will allow clients to connect without -%% authenticating! -%% -%% {default_user, "guest"}, -{mapping, "amqp1_0.default_user", "rabbitmq_amqp1_0.default_user", - [{datatype, string}]}. -%% Enable protocol strict mode. See the README for more information. -%% -%% {protocol_strict_mode, false} -% ]}, -{mapping, "amqp1_0.protocol_strict_mode", "rabbitmq_amqp1_0.protocol_strict_mode", - [{datatype, {enum, [true, false]}}]}. - - -% ========================== -% Lager section -% ========================== - -{mapping, "log.dir", "lager.log_root", [ - {datatype, string}, - {validators, ["dir_writable"]}]}. - -{mapping, "log.console", "lager.handlers", [ - {datatype, {enum, [true, false]}} -]}. - -{mapping, "log.syslog", "lager.handlers", [ - {datatype, {enum, [true, false]}} -]}. -{mapping, "log.file", "lager.handlers", [ - {datatype, [{enum, [false]}, string]} -]}. - -{mapping, "log.file.level", "lager.handlers", [ - {datatype, {enum, [debug, info, warning, error]}} -]}. -{mapping, "log.$handler.level", "lager.handlers", [ - {datatype, {enum, [debug, info, warning, error]}} -]}. -{mapping, "log.file.rotation.date", "lager.handlers", [ - {datatype, string} -]}. -{mapping, "log.file.rotation.size", "lager.handlers", [ - {datatype, integer} -]}. -{mapping, "log.file.rotation.count", "lager.handlers", [ - {datatype, integer} -]}. - -{mapping, "log.syslog.identity", "lager.handlers", [ - {datatype, string} -]}. -{mapping, "log.syslog.facility", "lager.handlers", [ - {datatype, atom} -]}. - -{translation, "lager.handlers", -fun(Conf) -> - ConsoleHandler = case cuttlefish:conf_get("log.console", Conf, false) of - true -> - ConsoleLevel = cuttlefish:conf_get("log.console.level", Conf, info), - [{lager_console_backend, ConsoleLevel}]; - false -> [] - end, - FileHandler = case cuttlefish:conf_get("log.file", Conf, false) of - false -> []; - File -> - FileLevel = cuttlefish:conf_get("log.file.level", Conf, info), - RotationDate = cuttlefish:conf_get("log.file.rotation.date", Conf, ""), - RotationSize = cuttlefish:conf_get("log.file.rotation.size", Conf, 0), - RotationCount = cuttlefish:conf_get("log.file.rotation.count", Conf, 10), - [{lager_file_backend, [{file, File}, - {level, FileLevel}, - {date, RotationDate}, - {size, RotationSize}, - {count, RotationCount}]}] - end, - SyslogHandler = case cuttlefish:conf_get("log.syslog", Conf, false) of - false -> []; - true -> - SyslogLevel = cuttlefish:conf_get("log.syslog.level", Conf, info), - Identity = cuttlefish:conf_get("log.syslog.identity", Conf), - Facility = cuttlefish:conf_get("log.syslog.facility", Conf), - [{lager_syslog_backend, [Identity, Facility, SyslogLevel]}] - end, - case ConsoleHandler ++ FileHandler ++ SyslogHandler of - [] -> undefined; - Other -> Other - end -end}. - - -% =============================== -% Validators -% =============================== - -{validator, "size_less_than_2G", "Byte size should be less than 2G and greater than 0", -fun(Size) when is_integer(Size) -> - Size > 0 andalso Size < 2147483648 -end}. - -{validator, "less_than_1", "Flooat is not beetween 0 and 1", -fun(Float) when is_float(Float) -> - Float > 0 andalso Float < 1 -end}. - -{validator, "port", "Invalid port number", -fun(Port) when is_integer(Port) -> - Port > 0 andalso Port < 65535 -end}. - -{validator, "byte", "Integer is not 0<i<255", -fun(Int) when is_integer(Int) -> - Int > 0 andalso Int < 255 -end}. - -{validator, "dir_writable", "Cannot create file in dir", -fun(Dir) -> - TestFile = filename:join(Dir, "test_file"), - file:delete(TestFile), - Res = ok == file:write_file(TestFile, <<"test">>), - file:delete(TestFile), - Res -end}. - -{validator, "file_accessible", "file doesnt exist", -fun(File) -> - ReadFile = file:read_file_info(File), - element(1, ReadFile) == ok -end}. -%% ---------------------------------------------------------------------------- -%% RabbitMQ LDAP Plugin -%% -%% See http://www.rabbitmq.com/ldap.html for details. -%% -%% ---------------------------------------------------------------------------- - -% {rabbitmq_auth_backend_ldap, -% [ -%% -%% Connecting to the LDAP server(s) -%% ================================ -%% - -%% Specify servers to bind to. You *must* set this in order for the plugin -%% to work properly. -%% -%% {servers, ["your-server-name-goes-here"]}, - -{mapping, "ldap.servers.$server", "rabbitmq_auth_backend_ldap.servers", - [{datatype, string}]}. - -{translation, "rabbitmq_auth_backend_ldap.servers", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("ldap.servers", Conf), - [ V || {_, V} <- Settings ] -end}. - -%% Connect to the LDAP server using SSL -%% -%% {use_ssl, false}, - -{mapping, "ldap.use_ssl", "rabbitmq_auth_backend_ldap.use_ssl", - [{datatype, {enum, [true, false]}}]}. - -%% Specify the LDAP port to connect to -%% -%% {port, 389}, - -{mapping, "ldap.port", "rabbitmq_auth_backend_ldap.port", - [{datatype, integer}]}. - -%% LDAP connection timeout, in milliseconds or 'infinity' -%% -%% {timeout, infinity}, - -{mapping, "ldap.timeout", "rabbitmq_auth_backend_ldap.timeout", - [{datatype, [integer, {atom, infinity}]}]}. - -%% Enable logging of LDAP queries. -%% One of -%% - false (no logging is performed) -%% - true (verbose logging of the logic used by the plugin) -%% - network (as true, but additionally logs LDAP network traffic) -%% -%% Defaults to false. -%% -%% {log, false}, - -{mapping, "ldap.log", "rabbitmq_auth_backend_ldap.log", - [{datatype, {enum, [true, false, network]}}]}. - -%% -%% Authentication -%% ============== -%% - -%% Pattern to convert the username given through AMQP to a DN before -%% binding -%% -%% {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"}, - -{mapping, "ldap.user_dn_pattern", "rabbitmq_auth_backend_ldap.user_dn_pattern", - [{datatype, string}]}. - -%% Alternatively, you can convert a username to a Distinguished -%% Name via an LDAP lookup after binding. See the documentation for -%% full details. - -%% When converting a username to a dn via a lookup, set these to -%% the name of the attribute that represents the user name, and the -%% base DN for the lookup query. -%% -%% {dn_lookup_attribute, "userPrincipalName"}, -%% {dn_lookup_base, "DC=gopivotal,DC=com"}, - -{mapping, "ldap.dn_lookup_attribute", "rabbitmq_auth_backend_ldap.dn_lookup_attribute", - [{datatype, string}]}. - -{mapping, "ldap.dn_lookup_base", "rabbitmq_auth_backend_ldap.dn_lookup_base", - [{datatype, string}]}. - -%% Controls how to bind for authorisation queries and also to -%% retrieve the details of users logging in without presenting a -%% password (e.g., SASL EXTERNAL). -%% One of -%% - as_user (to bind as the authenticated user - requires a password) -%% - anon (to bind anonymously) -%% - {UserDN, Password} (to bind with a specified user name and password) -%% -%% Defaults to 'as_user'. -%% -%% {other_bind, as_user}, - -{mapping, "ldap.other_bind", "rabbitmq_auth_backend_ldap.other_bind", - [{datatype, {enum, [as_user, anon]}}]}. - -{mapping, "ldap.other_bind.user_dn", "rabbitmq_auth_backend_ldap.other_bind", - [{datatype, string}]}. - -{mapping, "ldap.other_bind.password", "rabbitmq_auth_backend_ldap.other_bind", - [{datatype, string}]}. - -{translation, "rabbitmq_auth_backend_ldap.other_bind", -fun(Conf) -> - case cuttlefish:conf_get("ldap.other_bind", Conf) of - as_user -> as_user; - anon -> anon; - _ -> - User = cuttlefish:conf_get("ldap.other_bind.user_dn", Conf), - Pass = cuttlefish:conf_get("ldap.other_bind.password", Conf), - case {User, Pass} of - {undefined, _} -> as_user; - {_, undefined} -> as_user; - _ -> {User, Pass} - end - end -end}. - -%% -%% Authorisation -%% ============= -%% - -%% The LDAP plugin can perform a variety of queries against your -%% LDAP server to determine questions of authorisation. See -%% http://www.rabbitmq.com/ldap.html#authorisation for more -%% information. - -%% Set the query to use when determining vhost access -%% -%% {vhost_access_query, {in_group, -%% "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}}, - -%% Set the query to use when determining resource (e.g., queue) access -%% -%% {resource_access_query, {constant, true}}, - -%% Set queries to determine which tags a user has -%% -%% {tag_queries, []} -% ]}, - % %% ---------------------------------------------------------------------------- - % %% RabbitMQ Management Plugin - % %% - % %% See http://www.rabbitmq.com/management.html for details - % %% ---------------------------------------------------------------------------- - - % {rabbitmq_management, - % [%% Pre-Load schema definitions from the following JSON file. See -%% http://www.rabbitmq.com/management.html#load-definitions -%% -%% {load_definitions, "/path/to/schema.json"}, -{mapping, "management.load_definitions", "rabbitmq_management.load_definitions", - [{datatype, string}, - {validators, ["file_accessible"]}]}. - -%% Log all requests to the management HTTP API to a file. -%% -%% {http_log_dir, "/path/to/access.log"}, - -{mapping, "management.http_log_dir", "rabbitmq_management.http_log_dir", - [{datatype, string}, - {validators, ["file_accessible"]}]}. - - -%% Change the port on which the HTTP listener listens, -%% specifying an interface for the web server to bind to. -%% Also set the listener to use SSL and provide SSL options. -%% -%% {listener, [{port, 12345}, -%% {ip, "127.0.0.1"}, -%% {ssl, true}, -%% {ssl_opts, [{cacertfile, "/path/to/cacert.pem"}, -%% {certfile, "/path/to/cert.pem"}, -%% {keyfile, "/path/to/key.pem"}]}]}, - -{mapping, "management.listeners.port", "rabbitmq_management.listeners.port", - [{datatype, integer}]}. - -{mapping, "management.listeners.ip", "rabbitmq_management.listeners.ip", - [{datatype, string}, - {validators, ["is_ip"]}]}. - -{mapping, "management.listeners.ssl", "rabbitmq_management.listeners.ssl", - [{datatype, {enum, [true, false]}}]}. - - -%% SSL options section ======================================================== - -{mapping, "management.listeners.ssl_opts.verify", "rabbitmq_management.listeners.ssl_opts.verify", [ - {datatype, {enum, [verify_peer, verify_none]}}]}. - -{mapping, "management.listeners.ssl_opts.fail_if_no_peer_cert", "rabbitmq_management.listeners.ssl_opts.fail_if_no_peer_cert", [ - {datatype, {enum, [true, false]}}]}. - -{mapping, "management.listeners.ssl_opts.cacertfile", "rabbitmq_management.listeners.ssl_opts.cacertfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "management.listeners.ssl_opts.certfile", "rabbitmq_management.listeners.ssl_opts.certfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "management.listeners.ssl_opts.cacerts.$name", "rabbitmq_management.listeners.ssl_opts.cacerts", - [{datatype, string}]}. - -{translation, "rabbitmq_management.listeners.ssl_opts.cacerts", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("management.listeners.ssl_opts.cacerts", Conf), - [ list_to_binary(V) || {_, V} <- Settings ] -end}. - -{mapping, "management.listeners.ssl_opts.cert", "rabbitmq_management.listeners.ssl_opts.cert", - [{datatype, string}]}. - -{translation, "rabbitmq_management.listeners.ssl_opts.cert", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("management.listeners.ssl_opts.cert", Conf)) -end}. - -{mapping, "management.listeners.ssl_opts.client_renegotiation", "rabbitmq_management.listeners.ssl_opts.client_renegotiation", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "management.listeners.ssl_opts.crl_check", "rabbitmq_management.listeners.ssl_opts.crl_check", - [{datatype, [{enum, [true, false, peer, best_effort]}]}]}. - -{mapping, "management.listeners.ssl_opts.depth", "rabbitmq_management.listeners.ssl_opts.depth", - [{datatype, integer}, {validators, ["byte"]}]}. - -{mapping, "management.listeners.ssl_opts.dh", "rabbitmq_management.listeners.ssl_opts.dh", - [{datatype, string}]}. - -{translation, "rabbitmq_management.listeners.ssl_opts.dh", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("management.listeners.ssl_opts.dh", Conf)) -end}. - -{mapping, "management.listeners.ssl_opts.dhfile", "rabbitmq_management.listeners.ssl_opts.dhfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "management.listeners.ssl_opts.honor_cipher_order", "rabbitmq_management.listeners.ssl_opts.honor_cipher_order", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "management.listeners.ssl_opts.key.RSAPrivateKey", "rabbitmq_management.listeners.ssl_opts.key", - [{datatype, string}]}. - -{mapping, "management.listeners.ssl_opts.key.DSAPrivateKey", "rabbitmq_management.listeners.ssl_opts.key", - [{datatype, string}]}. - -{mapping, "management.listeners.ssl_opts.key.PrivateKeyInfo", "rabbitmq_management.listeners.ssl_opts.key", - [{datatype, string}]}. - -{translation, "rabbitmq_management.listeners.ssl_opts.key", -fun(Conf) -> - case cuttlefish_variable:filter_by_prefix("management.listeners.ssl_opts.key", Conf) of - [{[_,_,Key], Val}|_] -> {list_to_atom(Key), list_to_binary(Val)}; - _ -> undefined - end -end}. - -{mapping, "management.listeners.ssl_opts.keyfile", "rabbitmq_management.listeners.ssl_opts.keyfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "management.listeners.ssl_opts.log_alert", "rabbitmq_management.listeners.ssl_opts.log_alert", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "management.listeners.ssl_opts.password", "rabbitmq_management.listeners.ssl_opts.password", - [{datatype, string}]}. - -{mapping, "management.listeners.ssl_opts.psk_identity", "rabbitmq_management.listeners.ssl_opts.psk_identity", - [{datatype, string}]}. - -{mapping, "management.listeners.ssl_opts.reuse_sessions", "rabbitmq_management.listeners.ssl_opts.reuse_sessions", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "management.listeners.ssl_opts.secure_renegotiate", "rabbitmq_management.listeners.ssl_opts.secure_renegotiate", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "management.listeners.ssl_opts.versions.$version", "rabbitmq_management.listeners.ssl_opts.versions", - [{datatype, atom}]}. - -{translation, "rabbitmq_management.listeners.ssl_opts.versions", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("management.listeners.ssl_opts.cacerts", Conf), - [ V || {_, V} <- Settings ] -end}. - -%% =========================================================================== - - -%% One of 'basic', 'detailed' or 'none'. See -%% http://www.rabbitmq.com/management.html#fine-stats for more details. -%% {rates_mode, basic}, -{mapping, "management.rates_mode", "rabbitmq_management.rates_mode", - [{datatype, {enum, [basic, detailed, none]}}]}. - -%% Configure how long aggregated data (such as message rates and queue -%% lengths) is retained. Please read the plugin's documentation in -%% http://www.rabbitmq.com/management.html#configuration for more -%% details. -%% -%% {sample_retention_policies, -%% [{global, [{60, 5}, {3600, 60}, {86400, 1200}]}, -%% {basic, [{60, 5}, {3600, 60}]}, -%% {detailed, [{10, 5}]}]} -% ]}, - -{mapping, "management.sample_retention_policies.$section.$interval", - "rabbitmq_management.sample_retention_policies", - [{datatype, integer}]}. - -{translation, "rabbitmq_management.sample_retention_policies", -fun(Conf) -> - Global = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.global", Conf), - Basic = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.basic", Conf), - Detailed = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.detailed", Conf), - TranslateKey = fun("minute") -> 60; - ("hour") -> 3600; - ("day") -> 86400; - (Other) -> list_to_integer(Other) - end, - TranslatePolicy = fun(Section) -> - [ {TranslateKey(Key), Val} || {[_,_,_,Key], Val} <- Section ] - end, - [{global, TranslatePolicy(Global)}, - {basic, TranslatePolicy(Basic)}, - {detailed, TranslatePolicy(Detailed)}] -end}. - -{validator, "file_accessible", "file exists", -fun(File) -> - ReadFile = file:read_file_info(File), - element(1, ReadFile) == ok -end}. - -{validator, "is_ip", "String is ip", -fun(IpStr) -> - Res = inet:parse_address(IpStr), - element(1, Res) == ok -end}.%% ---------------------------------------------------------------------------- -%% RabbitMQ MQTT Adapter -%% -%% See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md -%% for details -%% ---------------------------------------------------------------------------- - -% {rabbitmq_mqtt, -% [%% Set the default user name and password. Will be used as the default login -%% if a connecting client provides no other login details. -%% -%% Please note that setting this will allow clients to connect without -%% authenticating! -%% -%% {default_user, <<"guest">>}, -%% {default_pass, <<"guest">>}, - -{mapping, "mqtt.default_user", "rabbitmq_mqtt.default_user", [ - {datatype, string} -]}. - -{mapping, "mqtt.default_pass", "rabbitmq_mqtt.default_pass", [ - {datatype, string} -]}. - -{translation, "rabbitmq_mqtt.default_user", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("mqtt.default_user", Conf)) -end}. - -{translation, "rabbitmq_mqtt.default_pass", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("mqtt.default_pass", Conf)) -end}. - -%% Enable anonymous access. If this is set to false, clients MUST provide -%% login information in order to connect. See the default_user/default_pass -%% configuration elements for managing logins without authentication. -%% -%% {allow_anonymous, true}, - -{mapping, "mqtt.allow_anonymous", "rabbitmq_mqtt.allow_anonymous", - [{datatype, {enum, [true, false]}}]}. - -%% If you have multiple chosts, specify the one to which the -%% adapter connects. -%% -%% {vhost, <<"/">>}, - -{mapping, "mqtt.vhost", "rabbitmq_mqtt.vhost", [{datatype, string}]}. - -{translation, "rabbitmq_mqtt.vhost", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("mqtt.vhost", Conf)) -end}. - -%% Specify the exchange to which messages from MQTT clients are published. -%% -%% {exchange, <<"amq.topic">>}, - -{mapping, "mqtt.exchange", "rabbitmq_mqtt.exchange", [{datatype, string}]}. - -{translation, "rabbitmq_mqtt.exchange", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("mqtt.exchange", Conf)) -end}. - -%% Specify TTL (time to live) to control the lifetime of non-clean sessions. -%% -%% {subscription_ttl, 1800000}, -{mapping, "mqtt.subscription_ttl", "rabbitmq_mqtt.subscription_ttl", [ - {datatype, integer} -]}. - -%% Set the prefetch count (governing the maximum number of unacknowledged -%% messages that will be delivered). -%% -%% {prefetch, 10}, -{mapping, "mqtt.prefetch", "rabbitmq_mqtt.prefetch", - [{datatype, integer}]}. - -%% TCP/SSL Configuration (as per the broker configuration). -%% -%% {tcp_listeners, [1883]}, -%% {ssl_listeners, []}, - -{mapping, "mqtt.listeners.tcp.$name", "rabbitmq_mqtt.tcp_listeners",[ - {datatype, [integer, ip]} -]}. - -{translation, "rabbitmq_mqtt.tcp_listeners", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("mqtt.listeners.tcp", Conf), - [ V || {_, V} <- Settings ] -end}. - -{mapping, "mqtt.listeners.ssl.$name", "rabbitmq_mqtt.ssl_listeners",[ - {datatype, [integer, ip]} -]}. - -{translation, "rabbitmq_mqtt.ssl_listeners", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("mqtt.listeners.ssl", Conf), - [ V || {_, V} <- Settings ] -end}. - -%% Number of Erlang processes that will accept connections for the TCP -%% and SSL listeners. -%% -%% {num_tcp_acceptors, 10}, -%% {num_ssl_acceptors, 1}, - -{mapping, "mqtt.num_acceptors.ssl", "rabbitmq_mqtt.num_ssl_acceptors", [ - {datatype, integer} -]}. - -{mapping, "mqtt.num_acceptors.tcp", "rabbitmq_mqtt.num_tcp_acceptors", [ - {datatype, integer} -]}. - - -%% TCP/Socket options (as per the broker configuration). -%% -%% {tcp_listen_options, [{backlog, 128}, -%% {nodelay, true}]} -% ]}, - - -%% TCP listener section ====================================================== - -{mapping, "mqtt.tcp_listen_options.backlog", "rabbitmq_mqtt.tcp_listen_options.backlog", [ - {datatype, integer} -]}. - -{mapping, "mqtt.tcp_listen_options.nodelay", "rabbitmq_mqtt.tcp_listen_options.nodelay", [ - {datatype, {enum, [true, false]}} -]}. - -{mapping, "mqtt.tcp_listen_options.buffer", "rabbitmq_mqtt.tcp_listen_options.buffer", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_options.delay_send", "rabbitmq_mqtt.tcp_listen_options.delay_send", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "mqtt.tcp_listen_options.dontroute", "rabbitmq_mqtt.tcp_listen_options.dontroute", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "mqtt.tcp_listen_options.exit_on_close", "rabbitmq_mqtt.tcp_listen_options.exit_on_close", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "mqtt.tcp_listen_options.fd", "rabbitmq_mqtt.tcp_listen_options.fd", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_options.high_msgq_watermark", "rabbitmq_mqtt.tcp_listen_options.high_msgq_watermark", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_options.high_watermark", "rabbitmq_mqtt.tcp_listen_options.high_watermark", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_options.keepalive", "rabbitmq_mqtt.tcp_listen_options.keepalive", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "mqtt.tcp_listen_options.low_msgq_watermark", "rabbitmq_mqtt.tcp_listen_options.low_msgq_watermark", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_options.low_watermark", "rabbitmq_mqtt.tcp_listen_options.low_watermark", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_options.port", "rabbitmq_mqtt.tcp_listen_options.port", - [{datatype, integer}, {validators, ["port"]}]}. - -{mapping, "mqtt.tcp_listen_options.priority", "rabbitmq_mqtt.tcp_listen_options.priority", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_options.recbuf", "rabbitmq_mqtt.tcp_listen_options.recbuf", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_options.send_timeout", "rabbitmq_mqtt.tcp_listen_options.send_timeout", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_options.send_timeout_close", "rabbitmq_mqtt.tcp_listen_options.send_timeout_close", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "mqtt.tcp_listen_options.sndbuf", "rabbitmq_mqtt.tcp_listen_options.sndbuf", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_options.tos", "rabbitmq_mqtt.tcp_listen_options.tos", - [{datatype, integer}]}. - -%% ========================================================================== -%% ---------------------------------------------------------------------------- -%% RabbitMQ Stomp Adapter -%% -%% See http://www.rabbitmq.com/stomp.html for details -%% ---------------------------------------------------------------------------- - -% {rabbitmq_stomp, -% [%% Network Configuration - the format is generally the same as for the broker - -%% Listen only on localhost (ipv4 & ipv6) on a specific port. -%% {tcp_listeners, [{"127.0.0.1", 61613}, -%% {"::1", 61613}]}, - -{mapping, "stomp.listeners.tcp.$name", "rabbitmq_stomp.tcp_listeners",[ - {datatype, [integer, ip]} -]}. - -{translation, "rabbitmq_stomp.tcp_listeners", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("stomp.listeners.tcp", Conf), - [ V || {_, V} <- Settings ] -end}. - -{mapping, "stomp.listeners.ssl.$name", "rabbitmq_stomp.ssl_listeners",[ - {datatype, [integer, ip]} -]}. - -{translation, "rabbitmq_stomp.ssl_listeners", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("stomp.listeners.ssl", Conf), - [ V || {_, V} <- Settings ] -end}. - -%% Number of Erlang processes that will accept connections for the TCP -%% and SSL listeners. -%% -%% {num_tcp_acceptors, 10}, -%% {num_ssl_acceptors, 1}, - -{mapping, "stomp.num_acceptors.ssl", "rabbitmq_stomp.num_ssl_acceptors", [ - {datatype, integer} -]}. - -{mapping, "stomp.num_acceptors.tcp", "rabbitmq_stomp.num_tcp_acceptors", [ - {datatype, integer} -]}. - -%% Additional SSL options - -%% Extract a name from the client's certificate when using SSL. -%% -%% {ssl_cert_login, true}, - -{mapping, "stomp.ssl_cert_login", "rabbitmq_stomp.ssl_cert_login", - [{datatype, {enum, [true, false]}}]}. - -%% Set a default user name and password. This is used as the default login -%% whenever a CONNECT frame omits the login and passcode headers. -%% -%% Please note that setting this will allow clients to connect without -%% authenticating! -%% -%% {default_user, [{login, "guest"}, -%% {passcode, "guest"}]}, - -{mapping, "stomp.default_user", "rabbitmq_stomp.default_user.login", [ - {datatype, string} -]}. - -{mapping, "stomp.default_pass", "rabbitmq_stomp.default_user.passcode", [ - {datatype, string} -]}. - -%% If a default user is configured, or you have configured use SSL client -%% certificate based authentication, you can choose to allow clients to -%% omit the CONNECT frame entirely. If set to true, the client is -%% automatically connected as the default user or user supplied in the -%% SSL certificate whenever the first frame sent on a session is not a -%% CONNECT frame. -%% -%% {implicit_connect, true} -% ]}, -{mapping, "stomp.implicit_connect", "rabbitmq_stomp.implicit_connect", - [{datatype, {enum, [true, false]}}]}. - -%% ========================================================================== -%% ---------------------------------------------------------------------------- -%% RabbitMQ HTTP Authorization -%% -%% ---------------------------------------------------------------------------- - -{mapping, "http.user_path", "rabbitmq_auth_backend_http.user_path", - [{datatype, string}, {validators, ["uri"]}]}. - -{mapping, "http.vhost_path", "rabbitmq_auth_backend_http.vhost_path", - [{datatype, string}, {validators, ["uri"]}]}. - -{mapping, "http.resource_path", "rabbitmq_auth_backend_http.resource_path", - [{datatype, string}, {validators, ["uri"]}]}. - - |