Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3766164
D2353.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
5 KB
Referenced Files
None
Subscribers
None
D2353.diff
View Options
diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls
--- a/pillar/paas/docker.sls
+++ b/pillar/paas/docker.sls
@@ -8,6 +8,7 @@
docker_aliases:
- &ipv4_docker001 51.255.124.9
+ - &ipv4_docker001_restricted 51.255.124.9
# -------------------------------------------------------------
# Images
@@ -25,7 +26,6 @@
dwellers:
# Core services
- nasqueron/mysql:5.7
- - nasqueron/rabbitmq
# Infrastructure and development services
- nasqueron/notifications
@@ -36,6 +36,7 @@
- library/redis:3.2-alpine
- library/registry
- nasqueron/mysql
+ - nasqueron/rabbitmq
# ACME DNS server
- joohoi/acme-dns
@@ -203,6 +204,12 @@
sentry_db:
credential: nasqueron.sentry.postgresql
+ rabbitmq:
+ white-rabbit:
+ ip: *ipv4_docker001_restricted
+ host: white-rabbit.nasqueron.org
+ app_port: 15672
+
redis:
sentry_redis: {}
pixelfed_redis: {}
@@ -454,9 +461,26 @@
realm: nasqueron
# -------------------------------------------------------------
- # Ports listened by XMPP
+ # Ports listened by known applications
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+rabbitmq_ports:
+ - 4369 # epmd, Erlang peer discovery service used by RabbitMQ and CLI tools
+ - 5671 # AMQP with TLS (AMQPS)
+ - 5672 # AMQP
+ - 15672 # Management UI, HTTP API, rabbitmqadmin (management plugin port)
+ - 25672 # Erlang distribution server port - Federation, rabbitmqctl
+
+ # Not implemented ports, as we don't use those protocols:
+ #
+ # - 1883 # MQTT
+ # - 8883 # MQTT with TLS
+ # - 15674 # STOMP over a WebSocket connection (rabbitmq_web_stomp plugin port)
+ # - 15675 # MQTT over a WebSocket connection (rabbitmq_web_mqtt plugin port)
+ # - 15692 # Prometheus metrics (rabbitmq_prometheus plugin port)
+ # - 61613 # STOMP
+ # - 61614 # STOMP with TLS
+
xmpp_ports:
- 3478
- 5222 # Client to server
diff --git a/roles/paas-docker/containers/rabbitmq.sls b/roles/paas-docker/containers/rabbitmq.sls
new file mode 100755
--- /dev/null
+++ b/roles/paas-docker/containers/rabbitmq.sls
@@ -0,0 +1,53 @@
+# -------------------------------------------------------------
+# Salt — Provision Docker engine
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2020-09-30
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
+{% set containers = pillar['docker_containers'][grains['id']] %}
+
+{% for instance, container in containers['rabbitmq'].items() %}
+
+# -------------------------------------------------------------
+# Storage directory
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/srv/rabbitmq/{{ instance }}/lib:
+ file.directory:
+ - user: 999
+ - group: 999
+ - makedirs: True
+
+{% if has_selinux %}
+selinux_context_rabbitmq_data_{{ instance }}:
+ selinux.fcontext_policy_present:
+ - name: /srv/rabbitmq/{{ instance }}/lib
+ - sel_type: container_file_t
+
+selinux_context_rabbitmq_data_applied_{{ instance }}:
+ selinux.fcontext_policy_applied:
+ - name: /srv/rabbitmq/{{ instance }}/lib
+{% endif %}
+
+# -------------------------------------------------------------
+# Container
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{{ instance }}:
+ docker_container.running:
+ - detach: True
+ - interactive: True
+ - image: nasqueron/rabbitmq
+ - binds:
+ - /srv/rabbitmq/{{ instance }}/lib:/var/lib/rabbitmq
+ - hostname: {{ container['host'] }}
+ - ports: {{ pillar['rabbitmq_ports'] }}
+ - port_bindings:
+{% for port in pillar['rabbitmq_ports'] %}
+ - {{ container['ip'] }}:{{ port }}:{{ port }}
+{% endfor %}
+
+{% endfor %}
diff --git a/roles/paas-docker/nginx/files/vhosts/rabbitmq.conf b/roles/paas-docker/nginx/files/vhosts/rabbitmq.conf
new file mode 100755
--- /dev/null
+++ b/roles/paas-docker/nginx/files/vhosts/rabbitmq.conf
@@ -0,0 +1,47 @@
+# -------------------------------------------------------------
+# Configuration for Docker PaaS front-end nginx
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Author: Sébastien Santoro aka Dereckson
+# Created: 2020-09-30
+# Source file: roles/paas-docker/nginx/files/vhosts/rabbitmq.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+# -------------------------------------------------------------
+# Application - {{ fqdn }}
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ fqdn }};
+
+ include includes/letsencrypt;
+
+ return 301 https://$host$request_uri;
+}
+
+server {
+ server_name {{ fqdn }};
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/letsencrypt;
+
+ location / {
+ proxy_pass http://{{ args['ip'] }}:{{ app_port }};
+ include includes/proxy_params;
+ }
+
+ root /var/wwwroot-502/_default;
+ error_page 502 /502.html;
+ location /502.html {}
+}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sat, Nov 23, 16:47 (18 h, 37 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2257079
Default Alt Text
D2353.diff (5 KB)
Attached To
Mode
D2353: Deploy RabbitMQ on docker-001
Attached
Detach File
Event Timeline
Log In to Comment