diff options
| -rw-r--r-- | Makefile | 9 | ||||
| -rw-r--r-- | schema/rabbitmq.ldap.schema | 151 | ||||
| -rw-r--r-- | schema/rabbitmq.management.schema | 197 | ||||
| -rw-r--r-- | schema/rabbitmq.mqtt.schema | 190 | ||||
| -rw-r--r-- | schema/rabbitmq.stomp.schema | 84 | ||||
| -rwxr-xr-x | scripts/cuttlefish (renamed from cuttlefish) | bin | 430208 -> 430208 bytes | |||
| -rwxr-xr-x | scripts/generate-config | 3 | ||||
| -rw-r--r-- | scripts/generate-config.bat | 2 | ||||
| -rwxr-xr-x | scripts/rabbitmq-server | 24 | ||||
| -rw-r--r-- | scripts/rabbitmq-server.bat | 14 | ||||
| -rw-r--r-- | scripts/rabbitmq-service.bat | 22 | ||||
| -rw-r--r-- | scripts/rabbitmq.schema (renamed from schema/rabbitmq.config.schema) | 622 | ||||
| -rw-r--r-- | src/rabbit.erl | 20 | ||||
| -rw-r--r-- | src/rabbit_config.erl | 34 | ||||
| -rw-r--r-- | src/rabbit_prelaunch.erl | 16 |
15 files changed, 693 insertions, 695 deletions
@@ -370,7 +370,7 @@ install-erlapp: dist @# rabbitmq_server/include. $(verbose) cp -r $(DEPS_DIR)/rabbit_common/include $(DESTDIR)$(RMQ_ERLAPP_DIR) -install-scripts: build-schema +install-scripts: $(verbose) mkdir -p $(DESTDIR)$(RMQ_ERLAPP_DIR)/sbin $(inst_verbose) for script in $(SCRIPTS); do \ cp "scripts/$$script" "$(DESTDIR)$(RMQ_ERLAPP_DIR)/sbin"; \ @@ -412,12 +412,7 @@ install-windows-erlapp: dist # rabbitmq_server/include. $(verbose) cp -r $(DEPS_DIR)/rabbit_common/include $(DESTDIR)$(WINDOWS_PREFIX) -build-schema: - $(verbose) rm -rf scripts/rabbitmq.schema - $(verbose) cat schema/*.schema > scripts/rabbitmq.schema - $(verbose) cp cuttlefish scripts/cuttlefish - -install-windows-scripts: build-schema +install-windows-scripts: $(verbose) mkdir -p $(DESTDIR)$(WINDOWS_PREFIX)/sbin $(inst_verbose) for script in $(WINDOWS_SCRIPTS); do \ cp "scripts/$$script" "$(DESTDIR)$(WINDOWS_PREFIX)/sbin"; \ diff --git a/schema/rabbitmq.ldap.schema b/schema/rabbitmq.ldap.schema deleted file mode 100644 index 3de77e7353..0000000000 --- a/schema/rabbitmq.ldap.schema +++ /dev/null @@ -1,151 +0,0 @@ -% %% ---------------------------------------------------------------------------- -% %% RabbitMQ LDAP Plugin -% %% -% %% See http://www.rabbitmq.com/ldap.html for details. -% %% -% %% ---------------------------------------------------------------------------- - -% {rabbitmq_auth_backend_ldap, -% [%% -% %% Connecting to the LDAP server(s) -% %% ================================ -% %% - -% %% Specify servers to bind to. You *must* set this in order for the plugin -% %% to work properly. -% %% -% %% {servers, ["your-server-name-goes-here"]}, - -{mapping, "ldap.servers.$server", "rabbitmq_auth_backend_ldap.servers", - [{datatype, string}]}. - -{translation, "rabbitmq_auth_backend_ldap.servers", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("ldap.servers", Conf), - [ V || {_, V} <- Settings ] -end}. - -% %% Connect to the LDAP server using SSL -% %% -% %% {use_ssl, false}, - -{mapping, "ldap.use_ssl", "rabbitmq_auth_backend_ldap.use_ssl", - [{datatype, {enum, [true, false]}}]}. - -% %% Specify the LDAP port to connect to -% %% -% %% {port, 389}, - -{mapping, "ldap.port", "rabbitmq_auth_backend_ldap.port", - [{datatype, integer}]}. - -% %% LDAP connection timeout, in milliseconds or 'infinity' -% %% -% %% {timeout, infinity}, - -{mapping, "ldap.timeout", "rabbitmq_auth_backend_ldap.timeout", - [{datatype, [integer, {atom, infinity}]}]}. - -% %% Enable logging of LDAP queries. -% %% One of -% %% - false (no logging is performed) -% %% - true (verbose logging of the logic used by the plugin) -% %% - network (as true, but additionally logs LDAP network traffic) -% %% -% %% Defaults to false. -% %% -% %% {log, false}, - -{mapping, "ldap.log", "rabbitmq_auth_backend_ldap.log", - [{datatype, {enum, [true, false, network]}}]}. - -% %% -% %% Authentication -% %% ============== -% %% - -% %% Pattern to convert the username given through AMQP to a DN before -% %% binding -% %% -% %% {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"}, - -{mapping, "ldap.user_dn_pattern", "rabbitmq_auth_backend_ldap.user_dn_pattern", - [{datatype, string}]}. - -% %% Alternatively, you can convert a username to a Distinguished -% %% Name via an LDAP lookup after binding. See the documentation for -% %% full details. - -% %% When converting a username to a dn via a lookup, set these to -% %% the name of the attribute that represents the user name, and the -% %% base DN for the lookup query. -% %% -% %% {dn_lookup_attribute, "userPrincipalName"}, -% %% {dn_lookup_base, "DC=gopivotal,DC=com"}, - -{mapping, "ldap.dn_lookup_attribute", "rabbitmq_auth_backend_ldap.dn_lookup_attribute", - [{datatype, string}]}. - -{mapping, "ldap.dn_lookup_base", "rabbitmq_auth_backend_ldap.dn_lookup_base", - [{datatype, string}]}. - -% %% Controls how to bind for authorisation queries and also to -% %% retrieve the details of users logging in without presenting a -% %% password (e.g., SASL EXTERNAL). -% %% One of -% %% - as_user (to bind as the authenticated user - requires a password) -% %% - anon (to bind anonymously) -% %% - {UserDN, Password} (to bind with a specified user name and password) -% %% -% %% Defaults to 'as_user'. -% %% -% %% {other_bind, as_user}, - -{mapping, "ldap.other_bind", "rabbitmq_auth_backend_ldap.other_bind", - [{datatype, {enum, [as_user, anon]}}]}. - -{mapping, "ldap.other_bind.user_dn", "rabbitmq_auth_backend_ldap.other_bind", - [{datatype, string}]}. - -{mapping, "ldap.other_bind.password", "rabbitmq_auth_backend_ldap.other_bind", - [{datatype, string}]}. - -{translation, "rabbitmq_auth_backend_ldap.other_bind", -fun(Conf) -> - case cuttlefish:conf_get("ldap.other_bind", Conf) of - as_user -> as_user; - anon -> anon; - _ -> - User = cuttlefish:conf_get("ldap.other_bind.user_dn", Conf), - Pass = cuttlefish:conf_get("ldap.other_bind.password", Conf), - case {User, Pass} of - {undefined, _} -> as_user; - {_, undefined} -> as_user; - _ -> {User, Pass} - end - end -end}. - -% %% -% %% Authorisation -% %% ============= -% %% - -% %% The LDAP plugin can perform a variety of queries against your -% %% LDAP server to determine questions of authorisation. See -% %% http://www.rabbitmq.com/ldap.html#authorisation for more -% %% information. - -% %% Set the query to use when determining vhost access -% %% -% %% {vhost_access_query, {in_group, -% %% "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}}, - -% %% Set the query to use when determining resource (e.g., queue) access -% %% -% %% {resource_access_query, {constant, true}}, - -% %% Set queries to determine which tags a user has -% %% -% %% {tag_queries, []} -% ]}, diff --git a/schema/rabbitmq.management.schema b/schema/rabbitmq.management.schema deleted file mode 100644 index 0623ec7dd7..0000000000 --- a/schema/rabbitmq.management.schema +++ /dev/null @@ -1,197 +0,0 @@ - % %% ---------------------------------------------------------------------------- - % %% RabbitMQ Management Plugin - % %% - % %% See http://www.rabbitmq.com/management.html for details - % %% ---------------------------------------------------------------------------- - - % {rabbitmq_management, - % [%% Pre-Load schema definitions from the following JSON file. See - %% http://www.rabbitmq.com/management.html#load-definitions - %% - %% {load_definitions, "/path/to/schema.json"}, -{mapping, "management.load_definitions", "rabbitmq_management.load_definitions", - [{datatype, string}, - {validators, ["file_accessible"]}]}. - - %% Log all requests to the management HTTP API to a file. - %% - %% {http_log_dir, "/path/to/access.log"}, - -{mapping, "management.http_log_dir", "rabbitmq_management.http_log_dir", - [{datatype, string}, - {validators, ["file_accessible"]}]}. - - - %% Change the port on which the HTTP listener listens, - %% specifying an interface for the web server to bind to. - %% Also set the listener to use SSL and provide SSL options. - %% - %% {listener, [{port, 12345}, - %% {ip, "127.0.0.1"}, - %% {ssl, true}, - %% {ssl_opts, [{cacertfile, "/path/to/cacert.pem"}, - %% {certfile, "/path/to/cert.pem"}, - %% {keyfile, "/path/to/key.pem"}]}]}, - -{mapping, "management.listener.port", "rabbitmq_management.listener.port", - [{datatype, integer}]}. - -{mapping, "management.listener.ip", "rabbitmq_management.listener.ip", - [{datatype, string}, - {validators, ["is_ip"]}]}. - -{mapping, "management.listener.ssl", "rabbitmq_management.listener.ssl", - [{datatype, {enum, [true, false]}}]}. - - -%% SSL options section ======================================================== - -{mapping, "management.listener.ssl_opts.verify", "rabbitmq_management.listener.ssl_opts.verify", [ - {datatype, {enum, [verify_peer, verify_none]}}]}. - -{mapping, "management.listener.ssl_opts.fail_if_no_peer_cert", "rabbitmq_management.listener.ssl_opts.fail_if_no_peer_cert", [ - {datatype, {enum, [true, false]}}]}. - -{mapping, "management.listener.ssl_opts.cacertfile", "rabbitmq_management.listener.ssl_opts.cacertfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "management.listener.ssl_opts.certfile", "rabbitmq_management.listener.ssl_opts.certfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "management.listener.ssl_opts.cacerts.$name", "rabbitmq_management.listener.ssl_opts.cacerts", - [{datatype, string}]}. - -{translation, "rabbitmq_management.listener.ssl_opts.cacerts", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("management.listener.ssl_opts.cacerts", Conf), - [ list_to_binary(V) || {_, V} <- Settings ] -end}. - -{mapping, "management.listener.ssl_opts.cert", "rabbitmq_management.listener.ssl_opts.cert", - [{datatype, string}]}. - -{translation, "rabbitmq_management.listener.ssl_opts.cert", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("management.listener.ssl_opts.cert", Conf)) -end}. - -{mapping, "management.listener.ssl_opts.client_renegotiation", "rabbitmq_management.listener.ssl_opts.client_renegotiation", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "management.listener.ssl_opts.crl_check", "rabbitmq_management.listener.ssl_opts.crl_check", - [{datatype, [{enum, [true, false, peer, best_effort]}]}]}. - -{mapping, "management.listener.ssl_opts.depth", "rabbitmq_management.listener.ssl_opts.depth", - [{datatype, integer}, {validators, ["byte"]}]}. - -{mapping, "management.listener.ssl_opts.dh", "rabbitmq_management.listener.ssl_opts.dh", - [{datatype, string}]}. - -{translation, "rabbitmq_management.listener.ssl_opts.dh", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("management.listener.ssl_opts.dh", Conf)) -end}. - -{mapping, "management.listener.ssl_opts.dhfile", "rabbitmq_management.listener.ssl_opts.dhfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "management.listener.ssl_opts.honor_cipher_order", "rabbitmq_management.listener.ssl_opts.honor_cipher_order", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "management.listener.ssl_opts.key.RSAPrivateKey", "rabbitmq_management.listener.ssl_opts.key", - [{datatype, string}]}. - -{mapping, "management.listener.ssl_opts.key.DSAPrivateKey", "rabbitmq_management.listener.ssl_opts.key", - [{datatype, string}]}. - -{mapping, "management.listener.ssl_opts.key.PrivateKeyInfo", "rabbitmq_management.listener.ssl_opts.key", - [{datatype, string}]}. - -{translation, "rabbitmq_management.listener.ssl_opts.key", -fun(Conf) -> - case cuttlefish_variable:filter_by_prefix("management.listener.ssl_opts.key", Conf) of - [{[_,_,Key], Val}|_] -> {list_to_atom(Key), list_to_binary(Val)}; - _ -> undefined - end -end}. - -{mapping, "management.listener.ssl_opts.keyfile", "rabbitmq_management.listener.ssl_opts.keyfile", - [{datatype, string}, {validators, ["file_accessible"]}]}. - -{mapping, "management.listener.ssl_opts.log_alert", "rabbitmq_management.listener.ssl_opts.log_alert", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "management.listener.ssl_opts.password", "rabbitmq_management.listener.ssl_opts.password", - [{datatype, string}]}. - -{mapping, "management.listener.ssl_opts.psk_identity", "rabbitmq_management.listener.ssl_opts.psk_identity", - [{datatype, string}]}. - -{mapping, "management.listener.ssl_opts.reuse_sessions", "rabbitmq_management.listener.ssl_opts.reuse_sessions", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "management.listener.ssl_opts.secure_renegotiate", "rabbitmq_management.listener.ssl_opts.secure_renegotiate", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "management.listener.ssl_opts.versions.$version", "rabbitmq_management.listener.ssl_opts.versions", - [{datatype, atom}]}. - -{translation, "rabbitmq_management.listener.ssl_opts.versions", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("management.listener.ssl_opts.cacerts", Conf), - [ V || {_, V} <- Settings ] -end}. - -%% =========================================================================== - - - %% One of 'basic', 'detailed' or 'none'. See - %% http://www.rabbitmq.com/management.html#fine-stats for more details. - %% {rates_mode, basic}, -{mapping, "management.rates_mode", "rabbitmq_management.rates_mode", - [{datatype, {enum, [basic, detailed, none]}}]}. - - %% Configure how long aggregated data (such as message rates and queue - %% lengths) is retained. Please read the plugin's documentation in - %% http://www.rabbitmq.com/management.html#configuration for more - %% details. - %% - %% {sample_retention_policies, - %% [{global, [{60, 5}, {3600, 60}, {86400, 1200}]}, - %% {basic, [{60, 5}, {3600, 60}]}, - %% {detailed, [{10, 5}]}]} -% ]}, - -{mapping, "management.sample_retention_policies.$section.$interval", - "rabbitmq_management.sample_retention_policies", - [{datatype, integer}]}. - -{translation, "rabbitmq_management.sample_retention_policies", -fun(Conf) -> - Global = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.global", Conf), - Basic = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.basic", Conf), - Detailed = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.detailed", Conf), - TranslateKey = fun("minute") -> 60; - ("hour") -> 3600; - ("day") -> 86400; - (Other) -> list_to_integer(Other) - end, - TranslatePolicy = fun(Section) -> - [ {TranslateKey(Key), Val} || {[_,_,_,Key], Val} <- Section ] - end, - [{global, TranslatePolicy(Global)}, - {basic, TranslatePolicy(Basic)}, - {detailed, TranslatePolicy(Detailed)}] -end}. - -{validator, "file_accessible", "file exists", -fun(File) -> - ReadFile = file:read_file_info(File), - element(1, ReadFile) == ok -end}. - -{validator, "is_ip", "String is ip", -fun(IpStr) -> - Res = inet:parse_address(IpStr), - element(1, Res) == ok -end}.
\ No newline at end of file diff --git a/schema/rabbitmq.mqtt.schema b/schema/rabbitmq.mqtt.schema deleted file mode 100644 index 48dcc35bc5..0000000000 --- a/schema/rabbitmq.mqtt.schema +++ /dev/null @@ -1,190 +0,0 @@ -% %% ---------------------------------------------------------------------------- -% %% RabbitMQ MQTT Adapter -% %% -% %% See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md -% %% for details -% %% ---------------------------------------------------------------------------- - -% {rabbitmq_mqtt, -% [%% Set the default user name and password. Will be used as the default login -% %% if a connecting client provides no other login details. -% %% -% %% Please note that setting this will allow clients to connect without -% %% authenticating! -% %% -% %% {default_user, <<"guest">>}, -% %% {default_pass, <<"guest">>}, - -{mapping, "mqtt.default_user", "rabbitmq_mqtt.default_user", [ - {datatype, string} -]}. - -{mapping, "mqtt.default_pass", "rabbitmq_mqtt.default_pass", [ - {datatype, string} -]}. - -{translation, "rabbitmq_mqtt.default_user", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("mqtt.default_user", Conf)) -end}. - -{translation, "rabbitmq_mqtt.default_pass", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("mqtt.default_pass", Conf)) -end}. - -% %% Enable anonymous access. If this is set to false, clients MUST provide -% %% login information in order to connect. See the default_user/default_pass -% %% configuration elements for managing logins without authentication. -% %% -% %% {allow_anonymous, true}, - -{mapping, "mqtt.allow_anonymous", "rabbitmq_mqtt.allow_anonymous", - [{datatype, {enum, [true, false]}}]}. - -% %% If you have multiple chosts, specify the one to which the -% %% adapter connects. -% %% -% %% {vhost, <<"/">>}, - -{mapping, "mqtt.vhost", "rabbitmq_mqtt.vhost", [{datatype, string}]}. - -{translation, "rabbitmq_mqtt.vhost", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("mqtt.vhost", Conf)) -end}. - -% %% Specify the exchange to which messages from MQTT clients are published. -% %% -% %% {exchange, <<"amq.topic">>}, - -{mapping, "mqtt.exchange", "rabbitmq_mqtt.exchange", [{datatype, string}]}. - -{translation, "rabbitmq_mqtt.exchange", -fun(Conf) -> - list_to_binary(cuttlefish:conf_get("mqtt.exchange", Conf)) -end}. - -% %% Specify TTL (time to live) to control the lifetime of non-clean sessions. -% %% -% %% {subscription_ttl, 1800000}, -{mapping, "mqtt.subscription_ttl", "rabbitmq_mqtt.subscription_ttl", [ - {datatype, integer} -]}. - -% %% Set the prefetch count (governing the maximum number of unacknowledged -% %% messages that will be delivered). -% %% -% %% {prefetch, 10}, -{mapping, "mqtt.prefetch", "rabbitmq_mqtt.prefetch", - [{datatype, integer}]}. - -% %% TCP/SSL Configuration (as per the broker configuration). -% %% -% %% {tcp_listeners, [1883]}, -% %% {ssl_listeners, []}, - -{mapping, "mqtt.listener.tcp.$name", "rabbitmq_mqtt.tcp_listeners",[ - {datatype, [integer, ip]} -]}. - -{translation, "rabbitmq_mqtt.tcp_listeners", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("mqtt.listener.tcp", Conf), - [ V || {_, V} <- Settings ] -end}. - -{mapping, "mqtt.listener.ssl.$name", "rabbitmq_mqtt.ssl_listeners",[ - {datatype, [integer, ip]} -]}. - -{translation, "rabbitmq_mqtt.ssl_listeners", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("mqtt.listener.ssl", Conf), - [ V || {_, V} <- Settings ] -end}. - -% %% Number of Erlang processes that will accept connections for the TCP -% %% and SSL listeners. -% %% -% %% {num_tcp_acceptors, 10}, -% %% {num_ssl_acceptors, 1}, - -{mapping, "mqtt.num_acceptors.ssl", "rabbitmq_mqtt.num_ssl_acceptors", [ - {datatype, integer} -]}. - -{mapping, "mqtt.num_acceptors.tcp", "rabbitmq_mqtt.num_tcp_acceptors", [ - {datatype, integer} -]}. - - -% %% TCP/Socket options (as per the broker configuration). -% %% -% %% {tcp_listen_options, [{backlog, 128}, -% %% {nodelay, true}]} -% ]}, - - -%% TCP listener section ====================================================== - -{mapping, "mqtt.tcp_listen_option.backlog", "rabbitmq_mqtt.tcp_listen_options.backlog", [ - {datatype, integer} -]}. - -{mapping, "mqtt.tcp_listen_option.nodelay", "rabbitmq_mqtt.tcp_listen_options.nodelay", [ - {datatype, {enum, [true, false]}} -]}. - -{mapping, "mqtt.tcp_listen_option.buffer", "rabbitmq_mqtt.tcp_listen_options.buffer", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_option.delay_send", "rabbitmq_mqtt.tcp_listen_options.delay_send", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "mqtt.tcp_listen_option.dontroute", "rabbitmq_mqtt.tcp_listen_options.dontroute", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "mqtt.tcp_listen_option.exit_on_close", "rabbitmq_mqtt.tcp_listen_options.exit_on_close", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "mqtt.tcp_listen_option.fd", "rabbitmq_mqtt.tcp_listen_options.fd", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_option.high_msgq_watermark", "rabbitmq_mqtt.tcp_listen_options.high_msgq_watermark", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_option.high_watermark", "rabbitmq_mqtt.tcp_listen_options.high_watermark", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_option.keepalive", "rabbitmq_mqtt.tcp_listen_options.keepalive", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "mqtt.tcp_listen_option.low_msgq_watermark", "rabbitmq_mqtt.tcp_listen_options.low_msgq_watermark", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_option.low_watermark", "rabbitmq_mqtt.tcp_listen_options.low_watermark", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_option.port", "rabbitmq_mqtt.tcp_listen_options.port", - [{datatype, integer}, {validators, ["port"]}]}. - -{mapping, "mqtt.tcp_listen_option.priority", "rabbitmq_mqtt.tcp_listen_options.priority", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_option.recbuf", "rabbitmq_mqtt.tcp_listen_options.recbuf", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_option.send_timeout", "rabbitmq_mqtt.tcp_listen_options.send_timeout", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_option.send_timeout_close", "rabbitmq_mqtt.tcp_listen_options.send_timeout_close", - [{datatype, {enum, [true, false]}}]}. - -{mapping, "mqtt.tcp_listen_option.sndbuf", "rabbitmq_mqtt.tcp_listen_options.sndbuf", - [{datatype, integer}]}. - -{mapping, "mqtt.tcp_listen_option.tos", "rabbitmq_mqtt.tcp_listen_options.tos", - [{datatype, integer}]}. - -%% ========================================================================== diff --git a/schema/rabbitmq.stomp.schema b/schema/rabbitmq.stomp.schema deleted file mode 100644 index e7f726dd17..0000000000 --- a/schema/rabbitmq.stomp.schema +++ /dev/null @@ -1,84 +0,0 @@ -% %% ---------------------------------------------------------------------------- -% %% RabbitMQ Stomp Adapter -% %% -% %% See http://www.rabbitmq.com/stomp.html for details -% %% ---------------------------------------------------------------------------- - -% {rabbitmq_stomp, -% [%% Network Configuration - the format is generally the same as for the broker - -% %% Listen only on localhost (ipv4 & ipv6) on a specific port. -% %% {tcp_listeners, [{"127.0.0.1", 61613}, -% %% {"::1", 61613}]}, - -{mapping, "stomp.listener.tcp.$name", "rabbitmq_stomp.tcp_listeners",[ - {datatype, [integer, ip]} -]}. - -{translation, "rabbitmq_stomp.tcp_listeners", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("stomp.listener.tcp", Conf), - [ V || {_, V} <- Settings ] -end}. - -{mapping, "stomp.listener.ssl.$name", "rabbitmq_stomp.ssl_listeners",[ - {datatype, [integer, ip]} -]}. - -{translation, "rabbitmq_stomp.ssl_listeners", -fun(Conf) -> - Settings = cuttlefish_variable:filter_by_prefix("stomp.listener.ssl", Conf), - [ V || {_, V} <- Settings ] -end}. - -% %% Number of Erlang processes that will accept connections for the TCP -% %% and SSL listeners. -% %% -% %% {num_tcp_acceptors, 10}, -% %% {num_ssl_acceptors, 1}, - -{mapping, "stomp.num_acceptors.ssl", "rabbitmq_stomp.num_ssl_acceptors", [ - {datatype, integer} -]}. - -{mapping, "stomp.num_acceptors.tcp", "rabbitmq_stomp.num_tcp_acceptors", [ - {datatype, integer} -]}. - -% %% Additional SSL options - -% %% Extract a name from the client's certificate when using SSL. -% %% -% %% {ssl_cert_login, true}, - -{mapping, "stomp.ssl_cert_login", "rabbitmq_stomp.ssl_cert_login", - [{datatype, {enum, [true, false]}}]}. - -% %% Set a default user name and password. This is used as the default login -% %% whenever a CONNECT frame omits the login and passcode headers. -% %% -% %% Please note that setting this will allow clients to connect without -% %% authenticating! -% %% -% %% {default_user, [{login, "guest"}, -% %% {passcode, "guest"}]}, - -{mapping, "stomp.default_user", "rabbitmq_stomp.default_user.login", [ - {datatype, string} -]}. - -{mapping, "stomp.default_pass", "rabbitmq_stomp.default_user.passcode", [ - {datatype, string} -]}. - -% %% If a default user is configured, or you have configured use SSL client -% %% certificate based authentication, you can choose to allow clients to -% %% omit the CONNECT frame entirely. If set to true, the client is -% %% automatically connected as the default user or user supplied in the -% %% SSL certificate whenever the first frame sent on a session is not a -% %% CONNECT frame. -% %% -% %% {implicit_connect, true} -% ]}, -{mapping, "stomp.implicit_connect", "rabbitmq_stomp.implicit_connect", - [{datatype, {enum, [true, false]}}]}. diff --git a/cuttlefish b/scripts/cuttlefish Binary files differindex 90b47bc2fb..90b47bc2fb 100755 --- a/cuttlefish +++ b/scripts/cuttlefish diff --git a/scripts/generate-config b/scripts/generate-config deleted file mode 100755 index 475af2f9d2..0000000000 --- a/scripts/generate-config +++ /dev/null @@ -1,3 +0,0 @@ -rm -rf ./generated/rabbitmq.config && -./cuttlefish -s ./schema -f rabbitmq $* && -mv ./generated/rabbitmq.*.config ./generated/rabbitmq.config
\ No newline at end of file diff --git a/scripts/generate-config.bat b/scripts/generate-config.bat deleted file mode 100644 index 9cc6231d24..0000000000 --- a/scripts/generate-config.bat +++ /dev/null @@ -1,2 +0,0 @@ -@echo off -del ".\generated\rabbitmq.config" && del ".\generated\rabbitmq.*.config" && "%ERLANG_HOME%\bin\escript.exe" .\cuttlefish -i .\rabbitmq.schema %* -f rabbitmq && ren ".\generated\rabbitmq.*.config" "rabbitmq.config" diff --git a/scripts/rabbitmq-server b/scripts/rabbitmq-server index 95bf009265..8eca8b6967 100755 --- a/scripts/rabbitmq-server +++ b/scripts/rabbitmq-server @@ -58,21 +58,6 @@ esac RABBITMQ_EBIN_ROOT="${RABBITMQ_HOME}/ebin" -# generate_config() { -# rm -rf ${RABBITMQ_GENERATED_CONFIG_DIR}/generated/rabbitmq.config -# ./cuttlefish -e ${RABBITMQ_GENERATED_CONFIG_DIR} -s ./schema -c ${RABBITMQ_CONFIG_FILE}.conf -f rabbitmq -# mv ${RABBITMQ_GENERATED_CONFIG_DIR}/generated/rabbitmq.*.config ${RABBITMQ_GENERATED_CONFIG_DIR}/generated/rabbitmq.config -# } - -# if [ -f "${RABBITMQ_CONFIG_FILE}.config" ]; then -# RABBITMQ_CONFIG_FILE_ACTUAL=$RABBITMQ_CONFIG_FILE -# else -# [ -f "${RABBITMQ_CONFIG_FILE}.conf" ] && -# [ -d $RABBITMQ_GENERATED_CONFIG_DIR ] && -# generate_config && -# RABBITMQ_CONFIG_FILE_ACTUAL="${RABBITMQ_GENERATED_CONFIG_DIR}/generated/rabbitmq" -# fi - set +e RABBITMQ_CONFIG_FILE=$RABBITMQ_CONFIG_FILE \ @@ -83,8 +68,11 @@ RABBITMQ_DIST_PORT=$RABBITMQ_DIST_PORT \ -hidden \ -s rabbit_prelaunch \ ${RABBITMQ_NAME_TYPE} rabbitmqprelaunch$$ \ + -conf_dir "${RABBITMQ_GENERATED_CONFIG_DIR}" \ + -conf_gen_script "`dirname $0`/cuttlefish" \ -extra "${RABBITMQ_NODENAME}" - + +exit 89 PRELAUNCH_RESULT=$? if [ ${PRELAUNCH_RESULT} = 2 ] ; then # dist port is mentioned in config, so do not set it @@ -101,7 +89,7 @@ set -e if [ -f "${RABBITMQ_CONFIG_FILE}.config" ]; then RABBITMQ_CONFIG_ARG="-config ${RABBITMQ_CONFIG_FILE}" elif [ -f "${RABBITMQ_CONFIG_FILE}.conf" ]; then - RABBITMQ_CONFIG_ARG="-conf ${RABBITMQ_CONFIG_FILE} -conf_dir ${RABBITMQ_GENERATED_CONFIG_DIR} -conf_gen_script `dirname $0`/generate-config" + RABBITMQ_CONFIG_ARG="-conf ${RABBITMQ_CONFIG_FILE} -conf_dir ${RABBITMQ_GENERATED_CONFIG_DIR} -conf_gen_script `dirname $0`/cuttlefish" fi RABBITMQ_LISTEN_ARG= @@ -124,7 +112,7 @@ fi set -f start_rabbitmq_server() { - RABBITMQ_CONFIG_FILE_ACTUAL=$RABBITMQ_CONFIG_FILE_ACTUAL \ + RABBITMQ_CONFIG_FILE=$RABBITMQ_CONFIG_FILE \ exec ${ERL_DIR}erl \ -pa ${RABBITMQ_EBIN_ROOT} \ ${RABBITMQ_START_RABBIT} \ diff --git a/scripts/rabbitmq-server.bat b/scripts/rabbitmq-server.bat index 3e3faca535..1aa6e91320 100644 --- a/scripts/rabbitmq-server.bat +++ b/scripts/rabbitmq-server.bat @@ -43,21 +43,13 @@ set RABBITMQ_EBIN_ROOT=!RABBITMQ_HOME!\ebin set RABBITMQ_CONFIG_FILE="!RABBITMQ_CONFIG_FILE!"
-rem if not exist "!RABBITMQ_CONFIG_FILE!.config" (
-rem if exist "!RABBITMQ_CONFIG_FILE!.conf" (
-rem del "!RABBITMQ_GENERATED_CONFIG_DIR!\generated\rabbitmq.config"
-rem del "!RABBITMQ_GENERATED_CONFIG_DIR!\generated\rabbitmq.*.config"
-rem "!ERLANG_HOME!\bin\escript.exe" .\cuttlefish -e "!RABBITMQ_GENERATED_CONFIG_DIR!" -i .\rabbitmq.schema -c "!RABBITMQ_CONFIG_FILE!.conf" -f rabbitmq
-rem ren "!RABBITMQ_GENERATED_CONFIG_DIR!\generated\rabbitmq.*.config" "rabbitmq.config"
-rem set RABBITMQ_CONFIG_FILE_ACTUAL="!RABBITMQ_GENERATED_CONFIG_DIR!\generated\rabbitmq"
-rem )
-rem )
-
"!ERLANG_HOME!\bin\erl.exe" ^
-pa "!RABBITMQ_EBIN_ROOT!" ^
-noinput -hidden ^
-s rabbit_prelaunch ^
!RABBITMQ_NAME_TYPE! rabbitmqprelaunch!RANDOM!!TIME:~9! ^
+ -conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" ^
+ -conf_gen_script "%TDP0%/cuttlefish" ^
-extra "!RABBITMQ_NODENAME!"
if ERRORLEVEL 2 (
@@ -73,7 +65,7 @@ set RABBITMQ_EBIN_PATH="-pa !RABBITMQ_EBIN_ROOT!" if exist "!RABBITMQ_CONFIG_FILE!.config" (
set RABBITMQ_CONFIG_ARG=-config "!RABBITMQ_CONFIG_FILE!"
) else if exist "!RABBITMQ_CONFIG_FILE!.conf" (
- set RABBITMQ_CONFIG_ARG=-conf "!RABBITMQ_CONFIG_FILE!" -conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" -conf_gen_script "%TDP0%/generate-config.bat"
+ set RABBITMQ_CONFIG_ARG=-conf "!RABBITMQ_CONFIG_FILE!" -conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" -conf_gen_script "%TDP0%/cuttlefish"
) else (
set RABBITMQ_CONFIG_ARG=
)
diff --git a/scripts/rabbitmq-service.bat b/scripts/rabbitmq-service.bat index 9d098f20da..6b82c0dec1 100644 --- a/scripts/rabbitmq-service.bat +++ b/scripts/rabbitmq-service.bat @@ -113,22 +113,14 @@ if errorlevel 1 ( set RABBITMQ_EBIN_ROOT=!RABBITMQ_HOME!\ebin
-set RABBITMQ_CONFIG_FILE_ACTUAL="!RABBITMQ_CONFIG_FILE!"
-
-if not exist "!RABBITMQ_CONFIG_FILE!.config" (
- if exist "!RABBITMQ_CONFIG_FILE!.conf" (
- del "!RABBITMQ_GENERATED_CONFIG_DIR!\generated\rabbitmq.config"
- del "!RABBITMQ_GENERATED_CONFIG_DIR!\generated\rabbitmq.*.config"
- "!ERLANG_HOME!\bin\escript.exe" .\cuttlefish -e "!RABBITMQ_GENERATED_CONFIG_DIR!" -i .\rabbitmq.schema -c "!RABBITMQ_CONFIG_FILE!.conf" -f rabbitmq
- ren "!RABBITMQ_GENERATED_CONFIG_DIR!\generated\rabbitmq.*.config" "rabbitmq.config"
- set RABBITMQ_CONFIG_FILE_ACTUAL="!RABBITMQ_GENERATED_CONFIG_DIR!\generated\rabbitmq"
- )
-)
+set RABBITMQ_CONFIG_FILE="!RABBITMQ_CONFIG_FILE!"
"!ERLANG_HOME!\bin\erl.exe" ^
-pa "!RABBITMQ_EBIN_ROOT!" ^
-noinput -hidden ^
-s rabbit_prelaunch ^
+ -conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" ^
+ -conf_gen_script "%TDP0%/cuttlefish" ^
!RABBITMQ_NAME_TYPE! rabbitmqprelaunch!RANDOM!!TIME:~9!
if ERRORLEVEL 3 (
@@ -143,8 +135,10 @@ if ERRORLEVEL 3 ( set RABBITMQ_DIST_ARG=-kernel inet_dist_listen_min !RABBITMQ_DIST_PORT! -kernel inet_dist_listen_max !RABBITMQ_DIST_PORT!
)
-if exist "!RABBITMQ_CONFIG_FILE_ACTUAL!.config" (
- set RABBITMQ_CONFIG_ARG=-config "!RABBITMQ_CONFIG_FILE_ACTUAL!"
+if exist "!RABBITMQ_CONFIG_FILE!.config" (
+ set RABBITMQ_CONFIG_ARG=-config "!RABBITMQ_CONFIG_FILE!"
+) else if exist "!RABBITMQ_CONFIG_FILE!.conf" (
+ set RABBITMQ_CONFIG_ARG=-conf "!RABBITMQ_CONFIG_FILE!" -conf_dir "!RABBITMQ_GENERATED_CONFIG_DIR!" -conf_gen_script "%TDP0%/cuttlefish"
) else (
set RABBITMQ_CONFIG_ARG=
)
@@ -190,7 +184,7 @@ set ERLANG_SERVICE_ARGUMENTS= ^ -rabbit enabled_plugins_file \""!RABBITMQ_ENABLED_PLUGINS_FILE:\=/!"\" ^
-rabbit plugins_dir \""!RABBITMQ_PLUGINS_DIR:\=/!"\" ^
-rabbit plugins_expand_dir \""!RABBITMQ_PLUGINS_EXPAND_DIR:\=/!"\" ^
--rabbit windows_service_config \""!RABBITMQ_CONFIG_FILE_ACTUAL:\=/!"\" ^
+-rabbit windows_service_config \""!RABBITMQ_CONFIG_FILE:\=/!"\" ^
-os_mon start_cpu_sup false ^
-os_mon start_disksup false ^
-os_mon start_memsup false ^
diff --git a/schema/rabbitmq.config.schema b/scripts/rabbitmq.schema index fdf91baa59..0970697b45 100644 --- a/schema/rabbitmq.config.schema +++ b/scripts/rabbitmq.schema @@ -931,3 +931,625 @@ fun(File) -> ReadFile = file:read_file_info(File), element(1, ReadFile) == ok end}. +%% ---------------------------------------------------------------------------- +%% RabbitMQ LDAP Plugin +%% +%% See http://www.rabbitmq.com/ldap.html for details. +%% +%% ---------------------------------------------------------------------------- + +% {rabbitmq_auth_backend_ldap, +% [ +%% +%% Connecting to the LDAP server(s) +%% ================================ +%% + +%% Specify servers to bind to. You *must* set this in order for the plugin +%% to work properly. +%% +%% {servers, ["your-server-name-goes-here"]}, + +{mapping, "ldap.servers.$server", "rabbitmq_auth_backend_ldap.servers", + [{datatype, string}]}. + +{translation, "rabbitmq_auth_backend_ldap.servers", +fun(Conf) -> + Settings = cuttlefish_variable:filter_by_prefix("ldap.servers", Conf), + [ V || {_, V} <- Settings ] +end}. + +%% Connect to the LDAP server using SSL +%% +%% {use_ssl, false}, + +{mapping, "ldap.use_ssl", "rabbitmq_auth_backend_ldap.use_ssl", + [{datatype, {enum, [true, false]}}]}. + +%% Specify the LDAP port to connect to +%% +%% {port, 389}, + +{mapping, "ldap.port", "rabbitmq_auth_backend_ldap.port", + [{datatype, integer}]}. + +%% LDAP connection timeout, in milliseconds or 'infinity' +%% +%% {timeout, infinity}, + +{mapping, "ldap.timeout", "rabbitmq_auth_backend_ldap.timeout", + [{datatype, [integer, {atom, infinity}]}]}. + +%% Enable logging of LDAP queries. +%% One of +%% - false (no logging is performed) +%% - true (verbose logging of the logic used by the plugin) +%% - network (as true, but additionally logs LDAP network traffic) +%% +%% Defaults to false. +%% +%% {log, false}, + +{mapping, "ldap.log", "rabbitmq_auth_backend_ldap.log", + [{datatype, {enum, [true, false, network]}}]}. + +%% +%% Authentication +%% ============== +%% + +%% Pattern to convert the username given through AMQP to a DN before +%% binding +%% +%% {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"}, + +{mapping, "ldap.user_dn_pattern", "rabbitmq_auth_backend_ldap.user_dn_pattern", + [{datatype, string}]}. + +%% Alternatively, you can convert a username to a Distinguished +%% Name via an LDAP lookup after binding. See the documentation for +%% full details. + +%% When converting a username to a dn via a lookup, set these to +%% the name of the attribute that represents the user name, and the +%% base DN for the lookup query. +%% +%% {dn_lookup_attribute, "userPrincipalName"}, +%% {dn_lookup_base, "DC=gopivotal,DC=com"}, + +{mapping, "ldap.dn_lookup_attribute", "rabbitmq_auth_backend_ldap.dn_lookup_attribute", + [{datatype, string}]}. + +{mapping, "ldap.dn_lookup_base", "rabbitmq_auth_backend_ldap.dn_lookup_base", + [{datatype, string}]}. + +%% Controls how to bind for authorisation queries and also to +%% retrieve the details of users logging in without presenting a +%% password (e.g., SASL EXTERNAL). +%% One of +%% - as_user (to bind as the authenticated user - requires a password) +%% - anon (to bind anonymously) +%% - {UserDN, Password} (to bind with a specified user name and password) +%% +%% Defaults to 'as_user'. +%% +%% {other_bind, as_user}, + +{mapping, "ldap.other_bind", "rabbitmq_auth_backend_ldap.other_bind", + [{datatype, {enum, [as_user, anon]}}]}. + +{mapping, "ldap.other_bind.user_dn", "rabbitmq_auth_backend_ldap.other_bind", + [{datatype, string}]}. + +{mapping, "ldap.other_bind.password", "rabbitmq_auth_backend_ldap.other_bind", + [{datatype, string}]}. + +{translation, "rabbitmq_auth_backend_ldap.other_bind", +fun(Conf) -> + case cuttlefish:conf_get("ldap.other_bind", Conf) of + as_user -> as_user; + anon -> anon; + _ -> + User = cuttlefish:conf_get("ldap.other_bind.user_dn", Conf), + Pass = cuttlefish:conf_get("ldap.other_bind.password", Conf), + case {User, Pass} of + {undefined, _} -> as_user; + {_, undefined} -> as_user; + _ -> {User, Pass} + end + end +end}. + +%% +%% Authorisation +%% ============= +%% + +%% The LDAP plugin can perform a variety of queries against your +%% LDAP server to determine questions of authorisation. See +%% http://www.rabbitmq.com/ldap.html#authorisation for more +%% information. + +%% Set the query to use when determining vhost access +%% +%% {vhost_access_query, {in_group, +%% "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}}, + +%% Set the query to use when determining resource (e.g., queue) access +%% +%% {resource_access_query, {constant, true}}, + +%% Set queries to determine which tags a user has +%% +%% {tag_queries, []} +% ]}, + % %% ---------------------------------------------------------------------------- + % %% RabbitMQ Management Plugin + % %% + % %% See http://www.rabbitmq.com/management.html for details + % %% ---------------------------------------------------------------------------- + + % {rabbitmq_management, + % [%% Pre-Load schema definitions from the following JSON file. See +%% http://www.rabbitmq.com/management.html#load-definitions +%% +%% {load_definitions, "/path/to/schema.json"}, +{mapping, "management.load_definitions", "rabbitmq_management.load_definitions", + [{datatype, string}, + {validators, ["file_accessible"]}]}. + +%% Log all requests to the management HTTP API to a file. +%% +%% {http_log_dir, "/path/to/access.log"}, + +{mapping, "management.http_log_dir", "rabbitmq_management.http_log_dir", + [{datatype, string}, + {validators, ["file_accessible"]}]}. + + +%% Change the port on which the HTTP listener listens, +%% specifying an interface for the web server to bind to. +%% Also set the listener to use SSL and provide SSL options. +%% +%% {listener, [{port, 12345}, +%% {ip, "127.0.0.1"}, +%% {ssl, true}, +%% {ssl_opts, [{cacertfile, "/path/to/cacert.pem"}, +%% {certfile, "/path/to/cert.pem"}, +%% {keyfile, "/path/to/key.pem"}]}]}, + +{mapping, "management.listener.port", "rabbitmq_management.listener.port", + [{datatype, integer}]}. + +{mapping, "management.listener.ip", "rabbitmq_management.listener.ip", + [{datatype, string}, + {validators, ["is_ip"]}]}. + +{mapping, "management.listener.ssl", "rabbitmq_management.listener.ssl", + [{datatype, {enum, [true, false]}}]}. + + +%% SSL options section ======================================================== + +{mapping, "management.listener.ssl_opts.verify", "rabbitmq_management.listener.ssl_opts.verify", [ + {datatype, {enum, [verify_peer, verify_none]}}]}. + +{mapping, "management.listener.ssl_opts.fail_if_no_peer_cert", "rabbitmq_management.listener.ssl_opts.fail_if_no_peer_cert", [ + {datatype, {enum, [true, false]}}]}. + +{mapping, "management.listener.ssl_opts.cacertfile", "rabbitmq_management.listener.ssl_opts.cacertfile", + [{datatype, string}, {validators, ["file_accessible"]}]}. + +{mapping, "management.listener.ssl_opts.certfile", "rabbitmq_management.listener.ssl_opts.certfile", + [{datatype, string}, {validators, ["file_accessible"]}]}. + +{mapping, "management.listener.ssl_opts.cacerts.$name", "rabbitmq_management.listener.ssl_opts.cacerts", + [{datatype, string}]}. + +{translation, "rabbitmq_management.listener.ssl_opts.cacerts", +fun(Conf) -> + Settings = cuttlefish_variable:filter_by_prefix("management.listener.ssl_opts.cacerts", Conf), + [ list_to_binary(V) || {_, V} <- Settings ] +end}. + +{mapping, "management.listener.ssl_opts.cert", "rabbitmq_management.listener.ssl_opts.cert", + [{datatype, string}]}. + +{translation, "rabbitmq_management.listener.ssl_opts.cert", +fun(Conf) -> + list_to_binary(cuttlefish:conf_get("management.listener.ssl_opts.cert", Conf)) +end}. + +{mapping, "management.listener.ssl_opts.client_renegotiation", "rabbitmq_management.listener.ssl_opts.client_renegotiation", + [{datatype, {enum, [true, false]}}]}. + +{mapping, "management.listener.ssl_opts.crl_check", "rabbitmq_management.listener.ssl_opts.crl_check", + [{datatype, [{enum, [true, false, peer, best_effort]}]}]}. + +{mapping, "management.listener.ssl_opts.depth", "rabbitmq_management.listener.ssl_opts.depth", + [{datatype, integer}, {validators, ["byte"]}]}. + +{mapping, "management.listener.ssl_opts.dh", "rabbitmq_management.listener.ssl_opts.dh", + [{datatype, string}]}. + +{translation, "rabbitmq_management.listener.ssl_opts.dh", +fun(Conf) -> + list_to_binary(cuttlefish:conf_get("management.listener.ssl_opts.dh", Conf)) +end}. + +{mapping, "management.listener.ssl_opts.dhfile", "rabbitmq_management.listener.ssl_opts.dhfile", + [{datatype, string}, {validators, ["file_accessible"]}]}. + +{mapping, "management.listener.ssl_opts.honor_cipher_order", "rabbitmq_management.listener.ssl_opts.honor_cipher_order", + [{datatype, {enum, [true, false]}}]}. + +{mapping, "management.listener.ssl_opts.key.RSAPrivateKey", "rabbitmq_management.listener.ssl_opts.key", + [{datatype, string}]}. + +{mapping, "management.listener.ssl_opts.key.DSAPrivateKey", "rabbitmq_management.listener.ssl_opts.key", + [{datatype, string}]}. + +{mapping, "management.listener.ssl_opts.key.PrivateKeyInfo", "rabbitmq_management.listener.ssl_opts.key", + [{datatype, string}]}. + +{translation, "rabbitmq_management.listener.ssl_opts.key", +fun(Conf) -> + case cuttlefish_variable:filter_by_prefix("management.listener.ssl_opts.key", Conf) of + [{[_,_,Key], Val}|_] -> {list_to_atom(Key), list_to_binary(Val)}; + _ -> undefined + end +end}. + +{mapping, "management.listener.ssl_opts.keyfile", "rabbitmq_management.listener.ssl_opts.keyfile", + [{datatype, string}, {validators, ["file_accessible"]}]}. + +{mapping, "management.listener.ssl_opts.log_alert", "rabbitmq_management.listener.ssl_opts.log_alert", + [{datatype, {enum, [true, false]}}]}. + +{mapping, "management.listener.ssl_opts.password", "rabbitmq_management.listener.ssl_opts.password", + [{datatype, string}]}. + +{mapping, "management.listener.ssl_opts.psk_identity", "rabbitmq_management.listener.ssl_opts.psk_identity", + [{datatype, string}]}. + +{mapping, "management.listener.ssl_opts.reuse_sessions", "rabbitmq_management.listener.ssl_opts.reuse_sessions", + [{datatype, {enum, [true, false]}}]}. + +{mapping, "management.listener.ssl_opts.secure_renegotiate", "rabbitmq_management.listener.ssl_opts.secure_renegotiate", + [{datatype, {enum, [true, false]}}]}. + +{mapping, "management.listener.ssl_opts.versions.$version", "rabbitmq_management.listener.ssl_opts.versions", + [{datatype, atom}]}. + +{translation, "rabbitmq_management.listener.ssl_opts.versions", +fun(Conf) -> + Settings = cuttlefish_variable:filter_by_prefix("management.listener.ssl_opts.cacerts", Conf), + [ V || {_, V} <- Settings ] +end}. + +%% =========================================================================== + + +%% One of 'basic', 'detailed' or 'none'. See +%% http://www.rabbitmq.com/management.html#fine-stats for more details. +%% {rates_mode, basic}, +{mapping, "management.rates_mode", "rabbitmq_management.rates_mode", + [{datatype, {enum, [basic, detailed, none]}}]}. + +%% Configure how long aggregated data (such as message rates and queue +%% lengths) is retained. Please read the plugin's documentation in +%% http://www.rabbitmq.com/management.html#configuration for more +%% details. +%% +%% {sample_retention_policies, +%% [{global, [{60, 5}, {3600, 60}, {86400, 1200}]}, +%% {basic, [{60, 5}, {3600, 60}]}, +%% {detailed, [{10, 5}]}]} +% ]}, + +{mapping, "management.sample_retention_policies.$section.$interval", + "rabbitmq_management.sample_retention_policies", + [{datatype, integer}]}. + +{translation, "rabbitmq_management.sample_retention_policies", +fun(Conf) -> + Global = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.global", Conf), + Basic = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.basic", Conf), + Detailed = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.detailed", Conf), + TranslateKey = fun("minute") -> 60; + ("hour") -> 3600; + ("day") -> 86400; + (Other) -> list_to_integer(Other) + end, + TranslatePolicy = fun(Section) -> + [ {TranslateKey(Key), Val} || {[_,_,_,Key], Val} <- Section ] + end, + [{global, TranslatePolicy(Global)}, + {basic, TranslatePolicy(Basic)}, + {detailed, TranslatePolicy(Detailed)}] +end}. + +{validator, "file_accessible", "file exists", +fun(File) -> + ReadFile = file:read_file_info(File), + element(1, ReadFile) == ok +end}. + +{validator, "is_ip", "String is ip", +fun(IpStr) -> + Res = inet:parse_address(IpStr), + element(1, Res) == ok +end}.%% ---------------------------------------------------------------------------- +%% RabbitMQ MQTT Adapter +%% +%% See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md +%% for details +%% ---------------------------------------------------------------------------- + +% {rabbitmq_mqtt, +% [%% Set the default user name and password. Will be used as the default login +%% if a connecting client provides no other login details. +%% +%% Please note that setting this will allow clients to connect without +%% authenticating! +%% +%% {default_user, <<"guest">>}, +%% {default_pass, <<"guest">>}, + +{mapping, "mqtt.default_user", "rabbitmq_mqtt.default_user", [ + {datatype, string} +]}. + +{mapping, "mqtt.default_pass", "rabbitmq_mqtt.default_pass", [ + {datatype, string} +]}. + +{translation, "rabbitmq_mqtt.default_user", +fun(Conf) -> + list_to_binary(cuttlefish:conf_get("mqtt.default_user", Conf)) +end}. + +{translation, "rabbitmq_mqtt.default_pass", +fun(Conf) -> + list_to_binary(cuttlefish:conf_get("mqtt.default_pass", Conf)) +end}. + +%% Enable anonymous access. If this is set to false, clients MUST provide +%% login information in order to connect. See the default_user/default_pass +%% configuration elements for managing logins without authentication. +%% +%% {allow_anonymous, true}, + +{mapping, "mqtt.allow_anonymous", "rabbitmq_mqtt.allow_anonymous", + [{datatype, {enum, [true, false]}}]}. + +%% If you have multiple chosts, specify the one to which the +%% adapter connects. +%% +%% {vhost, <<"/">>}, + +{mapping, "mqtt.vhost", "rabbitmq_mqtt.vhost", [{datatype, string}]}. + +{translation, "rabbitmq_mqtt.vhost", +fun(Conf) -> + list_to_binary(cuttlefish:conf_get("mqtt.vhost", Conf)) +end}. + +%% Specify the exchange to which messages from MQTT clients are published. +%% +%% {exchange, <<"amq.topic">>}, + +{mapping, "mqtt.exchange", "rabbitmq_mqtt.exchange", [{datatype, string}]}. + +{translation, "rabbitmq_mqtt.exchange", +fun(Conf) -> + list_to_binary(cuttlefish:conf_get("mqtt.exchange", Conf)) +end}. + +%% Specify TTL (time to live) to control the lifetime of non-clean sessions. +%% +%% {subscription_ttl, 1800000}, +{mapping, "mqtt.subscription_ttl", "rabbitmq_mqtt.subscription_ttl", [ + {datatype, integer} +]}. + +%% Set the prefetch count (governing the maximum number of unacknowledged +%% messages that will be delivered). +%% +%% {prefetch, 10}, +{mapping, "mqtt.prefetch", "rabbitmq_mqtt.prefetch", + [{datatype, integer}]}. + +%% TCP/SSL Configuration (as per the broker configuration). +%% +%% {tcp_listeners, [1883]}, +%% {ssl_listeners, []}, + +{mapping, "mqtt.listener.tcp.$name", "rabbitmq_mqtt.tcp_listeners",[ + {datatype, [integer, ip]} +]}. + +{translation, "rabbitmq_mqtt.tcp_listeners", +fun(Conf) -> + Settings = cuttlefish_variable:filter_by_prefix("mqtt.listener.tcp", Conf), + [ V || {_, V} <- Settings ] +end}. + +{mapping, "mqtt.listener.ssl.$name", "rabbitmq_mqtt.ssl_listeners",[ + {datatype, [integer, ip]} +]}. + +{translation, "rabbitmq_mqtt.ssl_listeners", +fun(Conf) -> + Settings = cuttlefish_variable:filter_by_prefix("mqtt.listener.ssl", Conf), + [ V || {_, V} <- Settings ] +end}. + +%% Number of Erlang processes that will accept connections for the TCP +%% and SSL listeners. +%% +%% {num_tcp_acceptors, 10}, +%% {num_ssl_acceptors, 1}, + +{mapping, "mqtt.num_acceptors.ssl", "rabbitmq_mqtt.num_ssl_acceptors", [ + {datatype, integer} +]}. + +{mapping, "mqtt.num_acceptors.tcp", "rabbitmq_mqtt.num_tcp_acceptors", [ + {datatype, integer} +]}. + + +%% TCP/Socket options (as per the broker configuration). +%% +%% {tcp_listen_options, [{backlog, 128}, +%% {nodelay, true}]} +% ]}, + + +%% TCP listener section ====================================================== + +{mapping, "mqtt.tcp_listen_option.backlog", "rabbitmq_mqtt.tcp_listen_options.backlog", [ + {datatype, integer} +]}. + +{mapping, "mqtt.tcp_listen_option.nodelay", "rabbitmq_mqtt.tcp_listen_options.nodelay", [ + {datatype, {enum, [true, false]}} +]}. + +{mapping, "mqtt.tcp_listen_option.buffer", "rabbitmq_mqtt.tcp_listen_options.buffer", + [{datatype, integer}]}. + +{mapping, "mqtt.tcp_listen_option.delay_send", "rabbitmq_mqtt.tcp_listen_options.delay_send", + [{datatype, {enum, [true, false]}}]}. + +{mapping, "mqtt.tcp_listen_option.dontroute", "rabbitmq_mqtt.tcp_listen_options.dontroute", + [{datatype, {enum, [true, false]}}]}. + +{mapping, "mqtt.tcp_listen_option.exit_on_close", "rabbitmq_mqtt.tcp_listen_options.exit_on_close", + [{datatype, {enum, [true, false]}}]}. + +{mapping, "mqtt.tcp_listen_option.fd", "rabbitmq_mqtt.tcp_listen_options.fd", + [{datatype, integer}]}. + +{mapping, "mqtt.tcp_listen_option.high_msgq_watermark", "rabbitmq_mqtt.tcp_listen_options.high_msgq_watermark", + [{datatype, integer}]}. + +{mapping, "mqtt.tcp_listen_option.high_watermark", "rabbitmq_mqtt.tcp_listen_options.high_watermark", + [{datatype, integer}]}. + +{mapping, "mqtt.tcp_listen_option.keepalive", "rabbitmq_mqtt.tcp_listen_options.keepalive", + [{datatype, {enum, [true, false]}}]}. + +{mapping, "mqtt.tcp_listen_option.low_msgq_watermark", "rabbitmq_mqtt.tcp_listen_options.low_msgq_watermark", + [{datatype, integer}]}. + +{mapping, "mqtt.tcp_listen_option.low_watermark", "rabbitmq_mqtt.tcp_listen_options.low_watermark", + [{datatype, integer}]}. + +{mapping, "mqtt.tcp_listen_option.port", "rabbitmq_mqtt.tcp_listen_options.port", + [{datatype, integer}, {validators, ["port"]}]}. + +{mapping, "mqtt.tcp_listen_option.priority", "rabbitmq_mqtt.tcp_listen_options.priority", + [{datatype, integer}]}. + +{mapping, "mqtt.tcp_listen_option.recbuf", "rabbitmq_mqtt.tcp_listen_options.recbuf", + [{datatype, integer}]}. + +{mapping, "mqtt.tcp_listen_option.send_timeout", "rabbitmq_mqtt.tcp_listen_options.send_timeout", + [{datatype, integer}]}. + +{mapping, "mqtt.tcp_listen_option.send_timeout_close", "rabbitmq_mqtt.tcp_listen_options.send_timeout_close", + [{datatype, {enum, [true, false]}}]}. + +{mapping, "mqtt.tcp_listen_option.sndbuf", "rabbitmq_mqtt.tcp_listen_options.sndbuf", + [{datatype, integer}]}. + +{mapping, "mqtt.tcp_listen_option.tos", "rabbitmq_mqtt.tcp_listen_options.tos", + [{datatype, integer}]}. + +%% ========================================================================== +%% ---------------------------------------------------------------------------- +%% RabbitMQ Stomp Adapter +%% +%% See http://www.rabbitmq.com/stomp.html for details +%% ---------------------------------------------------------------------------- + +% {rabbitmq_stomp, +% [%% Network Configuration - the format is generally the same as for the broker + +%% Listen only on localhost (ipv4 & ipv6) on a specific port. +%% {tcp_listeners, [{"127.0.0.1", 61613}, +%% {"::1", 61613}]}, + +{mapping, "stomp.listener.tcp.$name", "rabbitmq_stomp.tcp_listeners",[ + {datatype, [integer, ip]} +]}. + +{translation, "rabbitmq_stomp.tcp_listeners", +fun(Conf) -> + Settings = cuttlefish_variable:filter_by_prefix("stomp.listener.tcp", Conf), + [ V || {_, V} <- Settings ] +end}. + +{mapping, "stomp.listener.ssl.$name", "rabbitmq_stomp.ssl_listeners",[ + {datatype, [integer, ip]} +]}. + +{translation, "rabbitmq_stomp.ssl_listeners", +fun(Conf) -> + Settings = cuttlefish_variable:filter_by_prefix("stomp.listener.ssl", Conf), + [ V || {_, V} <- Settings ] +end}. + +%% Number of Erlang processes that will accept connections for the TCP +%% and SSL listeners. +%% +%% {num_tcp_acceptors, 10}, +%% {num_ssl_acceptors, 1}, + +{mapping, "stomp.num_acceptors.ssl", "rabbitmq_stomp.num_ssl_acceptors", [ + {datatype, integer} +]}. + +{mapping, "stomp.num_acceptors.tcp", "rabbitmq_stomp.num_tcp_acceptors", [ + {datatype, integer} +]}. + +%% Additional SSL options + +%% Extract a name from the client's certificate when using SSL. +%% +%% {ssl_cert_login, true}, + +{mapping, "stomp.ssl_cert_login", "rabbitmq_stomp.ssl_cert_login", + [{datatype, {enum, [true, false]}}]}. + +%% Set a default user name and password. This is used as the default login +%% whenever a CONNECT frame omits the login and passcode headers. +%% +%% Please note that setting this will allow clients to connect without +%% authenticating! +%% +%% {default_user, [{login, "guest"}, +%% {passcode, "guest"}]}, + +{mapping, "stomp.default_user", "rabbitmq_stomp.default_user.login", [ + {datatype, string} +]}. + +{mapping, "stomp.default_pass", "rabbitmq_stomp.default_user.passcode", [ + {datatype, string} +]}. + +%% If a default user is configured, or you have configured use SSL client +%% certificate based authentication, you can choose to allow clients to +%% omit the CONNECT frame entirely. If set to true, the client is +%% automatically connected as the default user or user supplied in the +%% SSL certificate whenever the first frame sent on a session is not a +%% CONNECT frame. +%% +%% {implicit_connect, true} +% ]}, +{mapping, "stomp.implicit_connect", "rabbitmq_stomp.implicit_connect", + [{datatype, {enum, [true, false]}}]}. diff --git a/src/rabbit.erl b/src/rabbit.erl index 23f5fa77b3..f2f08ff495 100644 --- a/src/rabbit.erl +++ b/src/rabbit.erl @@ -272,14 +272,16 @@ start() -> boot() -> start_it(fun() -> - % case rabbit_config:prepare_config() of - % ok -> ok; - % {error, Reason} -> - % log_boot_error_and_exit( - % generate_config_file, - % "~nConfig file generation failed ~p", - % [Reason]) - % end, + case rabbit_config:prepare_config() of + {ok, ConfigFile} -> + rabbit_config:update_app_config(ConfigFile); + {error, Reason} -> + log_boot_error_and_exit( + generate_config_file, + "~nConfig file generation failed ~p", + [Reason]); + ok -> ok + end, ok = ensure_application_loaded(), HipeResult = rabbit_hipe:maybe_hipe_compile(), ok = start_logger(), @@ -817,7 +819,7 @@ config_files() -> config_setting() -> case application:get_env(rabbit, windows_service_config) of {ok, File1} -> File1; - undefined -> case os:getenv("RABBITMQ_CONFIG_FILE_ACTUAL") of + undefined -> case os:getenv("RABBITMQ_CONFIG_FILE") of false -> none; File2 -> File2 end diff --git a/src/rabbit_config.erl b/src/rabbit_config.erl index 5e75223f63..2ceb11a27d 100644 --- a/src/rabbit_config.erl +++ b/src/rabbit_config.erl @@ -1,10 +1,16 @@ -module(rabbit_config). --export([generate_config_file/3, prepare_config/0]). +-export([generate_config_file/3, prepare_config/0, prepare_config/1, update_app_config/1]). prepare_config() -> - case {init:get_argument(conf), init:get_argument(conf_dir), init:get_argument(conf_gen_script)} of - {{ok, Configs}, {ok, ConfDir}, {ok, ConfScript}} -> + case init:get_argument(conf) of + {ok, Configs} -> prepare_config(Configs); + _ -> ok + end. + +prepare_config(Configs) -> + case {init:get_argument(conf_dir), init:get_argument(conf_gen_script)} of + {{ok, ConfDir}, {ok, ConfScript}} -> ConfFiles = [Config++".conf" || [Config] <- Configs, rabbit_file:is_file(Config ++ ".conf")], @@ -13,8 +19,7 @@ prepare_config() -> _ -> case generate_config_file(ConfFiles, ConfDir, ConfScript) of {ok, GeneratedConfigFile} -> - ok = application_controller:change_application_data( - [], [GeneratedConfigFile]); + {ok, GeneratedConfigFile}; {error, Reason} -> {error, Reason} end @@ -22,12 +27,25 @@ prepare_config() -> _ -> ok end. +update_app_config(ConfigFile) -> + ok = application_controller:change_application_data([], [ConfigFile]). + generate_config_file(ConfFiles, ConfDir, ConfScript) -> - rabbit_file:recursive_delete(filename:join([ConfDir, "generated"])), - Command = [ ConfScript, " -e ", ConfDir, [[" -c ", ConfFile] || ConfFile <- ConfFiles]], + SchemaFile = filename:join([filename:dirname(ConfScript), "rabbitmq.schema"]), + GeneratedDir = filename:join([ConfDir, "generated"]), + rabbit_file:recursive_delete([GeneratedDir]), + Command = lists:concat(["escript ", ConfScript, + " -f rabbitmq -i ", SchemaFile, + " -e ", ConfDir, + [[" -c ", ConfFile] || ConfFile <- ConfFiles]]), Result = rabbit_misc:os_cmd(Command), case string:str(Result, " -config ") of 0 -> {error, {generaion_error, Result}}; - _ -> {ok, filename:join([ConfDir, "generated", "rabbitmq.config"])} + _ -> + [OutFile] = rabbit_file:wildcard("rabbitmq.*.config", GeneratedDir), + ResultFile = filename:join([GeneratedDir, "rabbitmq.config"]), + Ren = rabbit_file:rename(filename:join([GeneratedDir, OutFile]), + ResultFile), + {ok, ResultFile} end.
\ No newline at end of file diff --git a/src/rabbit_prelaunch.erl b/src/rabbit_prelaunch.erl index 5ecdd75acc..9fb7e8b16c 100644 --- a/src/rabbit_prelaunch.erl +++ b/src/rabbit_prelaunch.erl @@ -83,7 +83,7 @@ dist_port_set_check() -> false -> ok; File -> - case file:consult(File ++ ".config") of + case get_config(File) of {ok, [Config]} -> Kernel = pget(kernel, Config, []), case {pget(inet_dist_listen_min, Kernel, none), @@ -98,6 +98,20 @@ dist_port_set_check() -> end end. +get_config(File) -> + case rabbit_file:is_file(File ++ ".config") of + true -> file:consult(File ++ ".config"); + false -> + case rabbit_file:is_file(File ++ ".conf") of + true -> + case rabbit_config:prepare_config([[File]]) of + {ok, ConfigFile} -> file:consult(ConfigFile); + Other -> {error, generation_error} + end; + false -> {error, enoent} + end + end. + dist_port_range_check() -> case os:getenv("RABBITMQ_DIST_PORT") of false -> ok; |