Skip to content

Instantly share code, notes, and snippets.

@hairyhum

hairyhum/rabbitmq.conf

Created January 21, 2016 12:36
Show Gist options
  • Save hairyhum/a73c30672acc55125643 to your computer and use it in GitHub Desktop.
Save hairyhum/a73c30672acc55125643 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
rabbitmq.conf
# [
# {rabbit,
# [##
## Network Connectivity
## ====================
##
## By default, RabbitMQ will listen on all interfaces, using
## the standard (reserved) AMQP port.
##
## {tcp_listeners, [5672]},
## To listen on a specific interface, provide a tuple of {IpAddress, Port}.
## For example, to listen only on localhost for both IPv4 and IPv6:
##
## {tcp_listeners, [{"127.0.0.1", 5672},
## {"::1", 5672}]},
# Define with port
listener.tcp.default = 5672
# Define with IP
# listener.tcp.local = 127.0.0.1:5672
# Define for IPv6
# listener.tcp.local_v6 = ::1:5672
## SSL listeners are configured in the same fashion as TCP listeners,
## including the option to control the choice of interface.
##
## {ssl_listeners, [5671]},
# SSL listeners are same
listener.ssl.default = 5672
## Number of Erlang processes that will accept connections for the TCP
## and SSL listeners.
##
## {num_tcp_acceptors, 10},
## {num_ssl_acceptors, 1},
num_acceptors.tcp = 10
num_acceptors.ssl = 1
## Maximum time for AMQP 0-8/0-9/0-9-1 handshake (after socket connection
## and SSL handshake), in milliseconds.
##
## {handshake_timeout, 10000},
handshake_timeout = 10000
## Set to 'true' to perform reverse DNS lookups when accepting a
## connection. Hostnames will then be shown instead of IP addresses
## in rabbitmqctl and the management plugin.
##
## {reverse_dns_lookups, true},
reverse_dns_lookups = true
# ##
# ## Security / AAA
# ## ==============
# ##
# ## The default "guest" user is only permitted to access the server
# ## via a loopback interface (e.g. localhost).
# ## {loopback_users, [<<"guest">>]},
# ##
# ## Uncomment the following line if you want to allow access to the
# ## guest user from anywhere on the network.
# ## {loopback_users, []},
# Duplicate 'guest', because cutterfish doesn't support collections
loopback_user.guest = guest
## Configuring SSL.
## See http://www.rabbitmq.com/ssl.html for full documentation.
##
## {ssl_options, [{cacertfile, "/path/to/testca/cacert.pem"},
## {certfile, "/path/to/server/cert.pem"},
## {keyfile, "/path/to/server/key.pem"},
## {verify, verify_peer},
## {fail_if_no_peer_cert, false}]},
ssl_option.verify = verify_peer
ssl_option.fail_if_no_peer_cert = false
ssl_option.cacertfile = /path/to/testca/cacert.pem
ssl_option.certfile = /path/to/server/cert.pem
ssl_option.keyfile = /path/to/server/key.pem
## Choose the available SASL mechanism(s) to expose.
## The two default (built in) mechanisms are 'PLAIN' and
## 'AMQPLAIN'. Additional mechanisms can be added via
## plugins.
##
## See http://www.rabbitmq.com/authentication.html for more details.
##
## {auth_mechanisms, ['PLAIN', 'AMQPLAIN']},
## Select an authentication database to use. RabbitMQ comes bundled
## with a built-in auth-database, based on mnesia.
##
## {auth_backends, [rabbit_auth_backend_internal]},
## Configurations supporting the rabbitmq_auth_mechanism_ssl and
## rabbitmq_auth_backend_ldap plugins.
##
## NB: These options require that the relevant plugin is enabled.
## See http://www.rabbitmq.com/plugins.html for further details.
## The RabbitMQ-auth-mechanism-ssl plugin makes it possible to
## authenticate a user based on the client's SSL certificate.
##
## To use auth-mechanism-ssl, add to or replace the auth_mechanisms
## list with the entry 'EXTERNAL'.
##
## {auth_mechanisms, ['EXTERNAL']},
## The rabbitmq_auth_backend_ldap plugin allows the broker to
## perform authentication and authorisation by deferring to an
## external LDAP server.
##
## For more information about configuring the LDAP backend, see
## http://www.rabbitmq.com/ldap.html.
##
## Enable the LDAP auth backend by adding to or replacing the
## auth_backends entry:
##
## {auth_backends, [rabbit_auth_backend_ldap]},
auth_mechanism.external = EXTERNAL
auth_backend.internal = rabbit_auth_backend_internal
# Add another backend
# auth_backend.http = rabbit_auth_backend_http
## This pertains to both the rabbitmq_auth_mechanism_ssl plugin and
## STOMP ssl_cert_login configurations. See the rabbitmq_stomp
## configuration section later in this file and the README in
## https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further
## details.
##
## To use the SSL cert's CN instead of its DN as the username
##
## {ssl_cert_login_from, common_name},
## SSL handshake timeout, in milliseconds.
##
## {ssl_handshake_timeout, 5000},
ssl_cert_login_from = common_name
ssl_handshake_timeout = 5000
## Password hashing implementation. Will only affect newly
## created users. To recalculate hash for an existing user
## it's necessary to update her password.
##
## When importing definitions exported from versions earlier
## than 3.6.0, it is possible to go back to MD5 (only do this
## as a temporary measure!) by setting this to rabbit_password_hashing_md5.
##
## To use SHA-512, set to rabbit_password_hashing_sha512.
##
## {password_hashing_module, rabbit_password_hashing_sha256},
password_hashing_module = rabbit_password_hashing_sha256
##
## Default User / VHost
## ====================
##
## On first start RabbitMQ will create a vhost and a user. These
## config items control what gets created. See
## http://www.rabbitmq.com/access-control.html for further
## information about vhosts and access control.
##
## {default_vhost, <<"/">>},
## {default_user, <<"guest">>},
## {default_pass, <<"guest">>},
## {default_permissions, [<<".*">>, <<".*">>, <<".*">>]},
default_vhost = /
default_user = guest
default_pass = guest
default_permissions.configure = .*
default_permissions.read = .*
default_permissions.write = .*
## Tags for default user
##
## For more details about tags, see the documentation for the
## Management Plugin at http://www.rabbitmq.com/management.html.
##
## {default_user_tags, [administrator]},
default_user_tags.administrator = true
##
## Additional network and protocol related configuration
## =====================================================
##
## Set the default AMQP heartbeat delay (in seconds).
##
## {heartbeat, 600},
## Set the max permissible size of an AMQP frame (in bytes).
##
## {frame_max, 131072},
## Set the max frame size the server will accept before connection
## tuning occurs
##
## {initial_frame_max, 4096},
## Set the max permissible number of channels per connection.
## 0 means "no limit".
##
## {channel_max, 128},
heartbeat = 600
frame_max = 131072
initial_frame_max = 4096
channel_max = 128
## Customising Socket Options.
##
## See (http://www.erlang.org/doc/man/inet.html#setopts-2) for
## further documentation.
##
## {tcp_listen_options, [{backlog, 128},
## {nodelay, true},
## {exit_on_close, false}]},
tcp_listen_option.backlog = 128
tcp_listen_option.nodelay = true
tcp_listen_option.exit_on_close = false
##
## Resource Limits & Flow Control
## ==============================
##
## See http://www.rabbitmq.com/memory.html for full details.
## Memory-based Flow Control threshold.
##
## {vm_memory_high_watermark, 0.4},
## Alternatively, we can set a limit (in bytes) of RAM used by the node.
##
## {vm_memory_high_watermark, {absolute, 1073741824}},
##
## Or you can set absolute value using memory units (with RabbitMQ 3.6.0+).
##
## {vm_memory_high_watermark, {absolute, "1024M"}},
##
## Supported units suffixes:
##
## k, kiB: kibibytes (2^10 bytes)
## M, MiB: mebibytes (2^20)
## G, GiB: gibibytes (2^30)
## kB: kilobytes (10^3)
## MB: megabytes (10^6)
## GB: gigabytes (10^9)
# Relative watermark
vm_memory_high_watermark.relative = 0.4
# Or absolute watermark.
# Ignored if relative is defined!
# vm_memory_high_watermark.absolute = 1024M
## Fraction of the high watermark limit at which queues start to
## page message out to disc in order to free up memory.
##
## Values greater than 0.9 can be dangerous and should be used carefully.
##
## {vm_memory_high_watermark_paging_ratio, 0.5},
vm_memory_high_watermark_paging_ratio = 0.5
## Interval (in milliseconds) at which we perform the check of the memory
## levels against the watermarks.
##
## {memory_monitor_interval, 2500},
memory_monitor_interval = 2500
## Set disk free limit (in bytes). Once free disk space reaches this
## lower bound, a disk alarm will be set - see the documentation
## listed above for more details.
##
## {disk_free_limit, 50000000},
##
## Or you can set it using memory units (same as in vm_memory_high_watermark)
## with RabbitMQ 3.6.0+.
## {disk_free_limit, "50MB"},
## {disk_free_limit, "50000kB"},
## {disk_free_limit, "2GB"},
## Alternatively, we can set a limit relative to total available RAM.
##
## Values lower than 1.0 can be dangerous and should be used carefully.
## {disk_free_limit, {mem_relative, 2.0}},
# Mem relative disk limit
disk_free_limit.relative = 2.0
# Absolute disk limit
# Ignored if relative defined
disk_free_limit.absolute = 50MB
##
## Clustering
## =====================
##
## How to respond to cluster partitions.
## See http://www.rabbitmq.com/partitions.html for further details.
##
## {cluster_partition_handling, ignore},
cluster_partition_handling = ignore
## Mirror sync batch size, in messages. Increasing this will speed
## up syncing but total batch size in bytes must not exceed 2 GiB.
## Available in RabbitMQ 3.6.0 or later.
##
## {mirroring_sync_batch_size, 4096},
mirroring_sync_batch_size = 4096
## Make clustering happen *automatically* at startup - only applied
## to nodes that have just been reset or started for the first time.
## See http://www.rabbitmq.com/clustering.html#auto-config for
## further details.
##
## {cluster_nodes, {['rabbit@my.host.com'], disc}},
cluster_nodes.disk.rabbit = rabbit@my.host.com
# Can define multiple
# cluster_nodes.disk.hare = hare@my.host.com
# Ram nodes
# Should not be defined together with disk nodes
# cluster_nodes.ram.rabbit = rabbit@my.host.com
## Interval (in milliseconds) at which we send keepalive messages
## to other cluster members. Note that this is not the same thing
## as net_ticktime; missed keepalive messages will not cause nodes
## to be considered down.
##
## {cluster_keepalive_interval, 10000},
cluster_keepalive_interval = 10000
##
## Statistics Collection
## =====================
##
## Set (internal) statistics collection granularity.
##
## {collect_statistics, none},
# Cna be none, coarse or fine
collect_statistics = none
## Statistics collection interval (in milliseconds). Increasing
## this will reduce the load on management database.
##
## {collect_statistics_interval, 5000},
collect_statistics_interval = 5000
##
## Misc/Advanced Options
## =====================
##
## NB: Change these only if you understand what you are doing!
##
## Explicitly enable/disable hipe compilation.
##
## {hipe_compile, true},
hipe_compile = true
## Timeout used when waiting for Mnesia tables in a cluster to
## become available.
##
## {mnesia_table_loading_timeout, 30000},
mnesia_table_loading_timeout = 30000
## Size in bytes below which to embed messages in the queue index. See
## http://www.rabbitmq.com/persistence-conf.html
##
## {queue_index_embed_msgs_below, 4096}
queue_index_embed_msgs_below = 4096
# ]},
# ## ----------------------------------------------------------------------------
# ## Advanced Erlang Networking/Clustering Options.
# ##
# ## See http://www.rabbitmq.com/clustering.html for details
# ## ----------------------------------------------------------------------------
# {kernel,
# [## Sets the net_kernel tick time.
# ## Please see http://erlang.org/doc/man/kernel_app.html and
# ## http://www.rabbitmq.com/nettick.html for further details.
# ##
# ## {net_ticktime, 60}
# ]},
# ======================================
# Kernel section
# ======================================
net_ticktime = 60
# ## ----------------------------------------------------------------------------
# ## RabbitMQ Management Plugin
# ##
# ## See http://www.rabbitmq.com/management.html for details
# ## ----------------------------------------------------------------------------
# {rabbitmq_management,
# [## Pre-Load schema definitions from the following JSON file. See
## http://www.rabbitmq.com/management.html#load-definitions
##
## {load_definitions, "/path/to/schema.json"},
# =======================================
# Management section
# =======================================
management.load_definitions = /path/to/schema.json
## Log all requests to the management HTTP API to a file.
##
## {http_log_dir, "/path/to/access.log"},
management.http_log_dir = /path/to/access.log
## Change the port on which the HTTP listener listens,
## specifying an interface for the web server to bind to.
## Also set the listener to use SSL and provide SSL options.
##
## {listener, [{port, 12345},
## {ip, "127.0.0.1"},
## {ssl, true},
## {ssl_opts, [{cacertfile, "/path/to/cacert.pem"},
## {certfile, "/path/to/cert.pem"},
## {keyfile, "/path/to/key.pem"}]}]},
# Maybe use IP type like in tcp_listener?
management.listener.port = 12345
management.listener.ip = 127.0.0.1
management.listener.ssl = true
management.listener.ssl_opts.cacertfile = /path/to/cacert.pem
management.listener.ssl_opts.certfile = /path/to/cert.pem
management.listener.ssl_opts.keyfile = /path/to/key.pem
## One of 'basic', 'detailed' or 'none'. See
## http://www.rabbitmq.com/management.html#fine-stats for more details.
## {rates_mode, basic},
management.rates_mode = basic
## Configure how long aggregated data (such as message rates and queue
## lengths) is retained. Please read the plugin's documentation in
## http://www.rabbitmq.com/management.html#configuration for more
## details.
##
## {sample_retention_policies,
## [{global, [{60, 5}, {3600, 60}, {86400, 1200}]},
## {basic, [{60, 5}, {3600, 60}]},
## {detailed, [{10, 5}]}]}
# ]},
# Some funny syntax
management.sample_retention_policies.global.60 = 5
management.sample_retention_policies.global.3600 = 60
management.sample_retention_policies.global.86400 = 1200
management.sample_retention_policies.basic.60 = 5
management.sample_retention_policies.basic.3600 = 60
management.sample_retention_policies.detailed.10 = 5
# Shovel is too complex for sysctl syntax. Should be defined in additinal.conf
# ## ----------------------------------------------------------------------------
# ## RabbitMQ Shovel Plugin
# ##
# ## See http://www.rabbitmq.com/shovel.html for details
# ## ----------------------------------------------------------------------------
# {rabbitmq_shovel,
# [{shovels,
# [## A named shovel worker.
# ## {my_first_shovel,
# ## [
# ## List the source broker(s) from which to consume.
# ##
# ## {sources,
# ## [## URI(s) and pre-declarations for all source broker(s).
# ## {brokers, ["amqp://user:password@host.domain/my_vhost"]},
# ## {declarations, []}
# ## ]},
# ## List the destination broker(s) to publish to.
# ## {destinations,
# ## [## A singular version of the 'brokers' element.
# ## {broker, "amqp://"},
# ## {declarations, []}
# ## ]},
# ## Name of the queue to shovel messages from.
# ##
# ## {queue, <<"your-queue-name-goes-here">>},
# ## Optional prefetch count.
# ##
# ## {prefetch_count, 10},
# ## when to acknowledge messages:
# ## - no_ack: never (auto)
# ## - on_publish: after each message is republished
# ## - on_confirm: when the destination broker confirms receipt
# ##
# ## {ack_mode, on_confirm},
# ## Overwrite fields of the outbound basic.publish.
# ##
# ## {publish_fields, [{exchange, <<"my_exchange">>},
# ## {routing_key, <<"from_shovel">>}]},
# ## Static list of basic.properties to set on re-publication.
# ##
# ## {publish_properties, [{delivery_mode, 2}]},
# ## The number of seconds to wait before attempting to
# ## reconnect in the event of a connection failure.
# ##
# ## {reconnect_delay, 2.5}
# ## ]} ## End of my_first_shovel
# ]}
# ## Rather than specifying some values per-shovel, you can specify
# ## them for all shovels here.
# ##
# ## {defaults, [{prefetch_count, 0},
# ## {ack_mode, on_confirm},
# ## {publish_fields, []},
# ## {publish_properties, [{delivery_mode, 2}]},
# ## {reconnect_delay, 2.5}]}
# ]},
# ## ----------------------------------------------------------------------------
# ## RabbitMQ Stomp Adapter
# ##
# ## See http://www.rabbitmq.com/stomp.html for details
# ## ----------------------------------------------------------------------------
# =======================================
# STOMP section
# =======================================
# {rabbitmq_stomp,
# [## Network Configuration - the format is generally the same as for the broker
# ## Listen only on localhost (ipv4 & ipv6) on a specific port.
# ## {tcp_listeners, [{"127.0.0.1", 61613},
# ## {"::1", 61613}]},
# Same as tcp_listener
stomp.listener.tcp.default = 61613
stomp.listener.ssl.default = 61614
# ## Number of Erlang processes that will accept connections for the TCP
# ## and SSL listeners.
# ##
# ## {num_tcp_acceptors, 10},
# ## {num_ssl_acceptors, 1},
stomp.num_acceptors.tcp = 10
stomp.num_acceptors.ssl = 1
# ## Additional SSL options
# ## Extract a name from the client's certificate when using SSL.
# ##
# ## {ssl_cert_login, true},
stomp.ssl_cert_login = true
# ## Set a default user name and password. This is used as the default login
# ## whenever a CONNECT frame omits the login and passcode headers.
# ##
# ## Please note that setting this will allow clients to connect without
# ## authenticating!
# ##
# ## {default_user, [{login, "guest"},
# ## {passcode, "guest"}]},
# Same syntax as AMQP
stomp.default_user = guest
stomp.default_pass = guest
# ## If a default user is configured, or you have configured use SSL client
# ## certificate based authentication, you can choose to allow clients to
# ## omit the CONNECT frame entirely. If set to true, the client is
# ## automatically connected as the default user or user supplied in the
# ## SSL certificate whenever the first frame sent on a session is not a
# ## CONNECT frame.
# ##
# ## {implicit_connect, true}
# ]},
stomp.implicit_connect = true
# ## ----------------------------------------------------------------------------
# ## RabbitMQ MQTT Adapter
# ##
# ## See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md
# ## for details
# ## ----------------------------------------------------------------------------
# =======================================
# MQTT section
# =======================================
# {rabbitmq_mqtt,
# [## Set the default user name and password. Will be used as the default login
# ## if a connecting client provides no other login details.
# ##
# ## Please note that setting this will allow clients to connect without
# ## authenticating!
# ##
# ## {default_user, <<"guest">>},
# ## {default_pass, <<"guest">>},
mqtt.default_user = guest
mqtt.default_pass = guest
# ## Enable anonymous access. If this is set to false, clients MUST provide
# ## login information in order to connect. See the default_user/default_pass
# ## configuration elements for managing logins without authentication.
# ##
# ## {allow_anonymous, true},
mqtt.allow_anonymous = true
# ## If you have multiple chosts, specify the one to which the
# ## adapter connects.
# ##
# ## {vhost, <<"/">>},
mqtt.vhost = /
# ## Specify the exchange to which messages from MQTT clients are published.
# ##
# ## {exchange, <<"amq.topic">>},
mqtt.exchange = amq.topic
# ## Specify TTL (time to live) to control the lifetime of non-clean sessions.
# ##
# ## {subscription_ttl, 1800000},
mqtt.subscription_ttl = 1800000
# ## Set the prefetch count (governing the maximum number of unacknowledged
# ## messages that will be delivered).
# ##
# ## {prefetch, 10},
mqtt.prefetch = 10
# ## TCP/SSL Configuration (as per the broker configuration).
# ##
# ## {tcp_listeners, [1883]},
# ## {ssl_listeners, []},
# Same as amqp tcp_listener
mqtt.listener.tcp.default = 1883
# Same as amqp ssl_listener
mqtt.listener.ssl.default = 1884
# ## Number of Erlang processes that will accept connections for the TCP
# ## and SSL listeners.
# ##
# ## {num_tcp_acceptors, 10},
# ## {num_ssl_acceptors, 1},
mqtt.num_acceptors.tcp = 10
mqtt.num_acceptors.ssl = 1
# ## TCP/Socket options (as per the broker configuration).
# ##
# ## {tcp_listen_options, [{backlog, 128},
# ## {nodelay, true}]}
# ]},
mqtt.tcp_listen_option.backlog = 128
mqtt.tcp_listen_option.nodelay = true
# ## ----------------------------------------------------------------------------
# ## RabbitMQ AMQP 1.0 Support
# ##
# ## See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md
# ## for details
# ## ----------------------------------------------------------------------------
# =======================================
# AMQP_1 section
# =======================================
# {rabbitmq_amqp1_0,
# [## Connections that are not authenticated with SASL will connect as this
# ## account. See the README for more information.
# ##
# ## Please note that setting this will allow clients to connect without
# ## authenticating!
# ##
# ## {default_user, "guest"},
amqp1.default_user = guest
# ## Enable protocol strict mode. See the README for more information.
# ##
# ## {protocol_strict_mode, false}
# ]},
amqp1.protocol_strict_mode = false
# ## ----------------------------------------------------------------------------
# ## RabbitMQ LDAP Plugin
# ##
# ## See http://www.rabbitmq.com/ldap.html for details.
# ##
# ## ----------------------------------------------------------------------------
# =======================================
# LDAP section
# =======================================
# Should be defined in additional.conf maybe?
# {rabbitmq_auth_backend_ldap,
# [##
# ## Connecting to the LDAP server(s)
# ## ================================
# ##
# ## Specify servers to bind to. You *must* set this in order for the plugin
# ## to work properly.
# ##
# ## {servers, ["your-server-name-goes-here"]},
ldap.servers.myserver = your-server-name-goes-here
# ## Connect to the LDAP server using SSL
# ##
# ## {use_ssl, false},
ldap.use_ssl = false
# ## Specify the LDAP port to connect to
# ##
# ## {port, 389},
ldap.port = 389
# ## LDAP connection timeout, in milliseconds or 'infinity'
# ##
# ## {timeout, infinity},
ldap.timeout = infinity
# Or number
# ldap.timeout = 500
# ## Enable logging of LDAP queries.
# ## One of
# ## - false (no logging is performed)
# ## - true (verbose logging of the logic used by the plugin)
# ## - network (as true, but additionally logs LDAP network traffic)
# ##
# ## Defaults to false.
# ##
# ## {log, false},
ldap.log = false
# Also can be true or network
# ldap.log = true
# ldap.log = network
# ##
# ## Authentication
# ## ==============
# ##
# ## Pattern to convert the username given through AMQP to a DN before
# ## binding
# ##
# ## {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"},
ldap.user_dn_pattern = cn=${username},ou=People,dc=example,dc=com
# ## Alternatively, you can convert a username to a Distinguished
# ## Name via an LDAP lookup after binding. See the documentation for
# ## full details.
# ## When converting a username to a dn via a lookup, set these to
# ## the name of the attribute that represents the user name, and the
# ## base DN for the lookup query.
# ##
# ## {dn_lookup_attribute, "userPrincipalName"},
# ## {dn_lookup_base, "DC=gopivotal,DC=com"},
ldap.dn_lookup_attribute = userPrincipalName
ldap.dn_lookup_base = DC=gopivotal,DC=com
# ## Controls how to bind for authorisation queries and also to
# ## retrieve the details of users logging in without presenting a
# ## password (e.g., SASL EXTERNAL).
# ## One of
# ## - as_user (to bind as the authenticated user - requires a password)
# ## - anon (to bind anonymously)
# ## - {UserDN, Password} (to bind with a specified user name and password)
# ##
# ## Defaults to 'as_user'.
# ##
# ## {other_bind, as_user},
ldap.other_bind = as_user
# Or can be more complex:
# ldap.other_bind.user_dn = User
# ldap.other_bind.password = Password
# If user_dn and password defined - other options is ignored.
# -----------------------------
# Too complex section of LDAP
# -----------------------------
# ##
# ## Authorisation
# ## =============
# ##
# ## The LDAP plugin can perform a variety of queries against your
# ## LDAP server to determine questions of authorisation. See
# ## http://www.rabbitmq.com/ldap.html#authorisation for more
# ## information.
# ## Set the query to use when determining vhost access
# ##
# ## {vhost_access_query, {in_group,
# ## "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}},
# ## Set the query to use when determining resource (e.g., queue) access
# ##
# ## {resource_access_query, {constant, true}},
# ## Set queries to determine which tags a user has
# ##
# ## {tag_queries, []}
# ]},
# -----------------------------
# ## Lager controls logging.
# ## See https://github.com/basho/lager for more documentation
# {lager, [
# ##
# ## Log direcrory, taken from the RABBITMQ_LOG_BASE env variable by default.
# ## {log_root, "/var/log/rabbitmq"},
# ##
# ## All log messages go to the default "sink" configured with
# ## the `handlers` parameter. By default, it has a single
# ## lager_file_backend handler writing messages to "$nodename.log"
# ## (ie. the value of $RABBIT_LOGS).
# ## {handlers, [
# ## {lager_file_backend, [{file, "rabbit.log"},
# ## {level, info},
# ## {date, ""},
# ## {size, 0}]}
# ## ]},
# ##
# ## Extra sinks are used in RabbitMQ to categorize messages. By
# ## default, those extra sinks are configured to forward messages
# ## to the default sink (see above). "rabbit_log_lager_event"
# ## is the default category where all RabbitMQ messages without
# ## a category go. Messages in the "channel" category go to the
# ## "rabbit_channel_lager_event" Lager extra sink, and so on.
# ## {extra_sinks, [
# ## {rabbit_log_lager_event, [{handlers, [
# ## {lager_forwarder_backend,
# ## [lager_event, info]}]}]},
# ## {rabbit_channel_lager_event, [{handlers, [
# ## {lager_forwarder_backend,
# ## [lager_event, info]}]}]},
# ## {rabbit_conection_lager_event, [{handlers, [
# ## {lager_forwarder_backend,
# ## [lager_event, info]}]}]},
# ## {rabbit_mirroring_lager_event, [{handlers, [
# ## {lager_forwarder_backend,
# ## [lager_event, info]}]}]}
# ## ]}
# ]}
# ].
log.dir = /var/log/rabbitmq
log.console = false
log.console.level = info
log.file = rabbit.log
log.file.level = info
log.file.rotation.date = ""
log.file.rotation.size = 0
# Possible:
log.syslog = false
log.syslog.identity = rabbitmq
log.syslog.level = info
log.syslog.facility = daemon
Raw
rabbitmq.schema
%% -*- mode: erlang -*-
%% ----------------------------------------------------------------------------
%% RabbitMQ Sample Configuration File.
%%
%% See http://www.rabbitmq.com/configure.html for details.
%% ----------------------------------------------------------------------------
% [
% {rabbit,
% [%%
%% Network Connectivity
%% ====================
%%
%% By default, RabbitMQ will listen on all interfaces, using
%% the standard (reserved) AMQP port.
%%
%% {tcp_listeners, [5672]},
%% To listen on a specific interface, provide a tuple of {IpAddress, Port}.
%% For example, to listen only on localhost for both IPv4 and IPv6:
%%
%% {tcp_listeners, [{"127.0.0.1", 5672},
%% {"::1", 5672}]},
{mapping, "listener.tcp.$name", "rabbit.tcp_listeners",[
{default, 5672},
{datatype, [integer, ip]},
{include_default, "all"}
]}.
{translation, "rabbit.tcp_listeners",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("listener.tcp", Conf),
[ V || {_, V} <- Settings ]
end}.
%% SSL listeners are configured in the same fashion as TCP listeners,
%% including the option to control the choice of interface.
%%
%% {ssl_listeners, [5671]},
{mapping, "listener.ssl.$name", "rabbit.ssl_listeners",[
{default, 5672},
{datatype, [integer, ip]},
{include_default, "all"}
]}.
{translation, "rabbit.ssl_listeners",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("listener.ssl", Conf),
[ V || {_, V} <- Settings ]
end}.
%% Number of Erlang processes that will accept connections for the TCP
%% and SSL listeners.
%%
%% {num_tcp_acceptors, 10},
%% {num_ssl_acceptors, 1},
{mapping, "num_acceptors.ssl", "rabbit.num_ssl_acceptors", [
{default, 10},
{datatype, integer}
]}.
{mapping, "num_acceptors.tcp", "rabbit.num_tcp_acceptors", [
{default, 10},
{datatype, integer}
]}.
%% Maximum time for AMQP 0-8/0-9/0-9-1 handshake (after socket connection
%% and SSL handshake), in milliseconds.
%%
%% {handshake_timeout, 10000},
{mapping, "handshake_timeout", "rabbit.handshake_timeout", [
{default, 10000},
{datatype, integer}
]}.
%% Set to 'true' to perform reverse DNS lookups when accepting a
%% connection. Hostnames will then be shown instead of IP addresses
%% in rabbitmqctl and the management plugin.
%%
%% {reverse_dns_lookups, true},
{mapping, "reverse_dns_lookups", "rabbit.reverse_dns_lookups", [
{default, true},
{datatype, {enum, [true, false]}}
]}.
{mapping, "erlang.K", "vm_args.+K", [
{default, "true"},
{level, advanced}
]}.
%%
%% Security / AAA
%% ==============
%%
%% The default "guest" user is only permitted to access the server
%% via a loopback interface (e.g. localhost).
%% {loopback_users, [<<"guest">>]},
%%
%% Uncomment the following line if you want to allow access to the
%% guest user from anywhere on the network.
%% {loopback_users, []},
{mapping, "loopback_user.$user", "rabbit.loopback_users", [
{default, <<"guest">>},
{datatype, string},
{include_default, "guest"}
]}.
{translation, "rabbit.loopback_users",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("loopback_user", Conf),
[ list_to_binary(V) || {_, V} <- Settings ]
end}.
%% Configuring SSL.
%% See http://www.rabbitmq.com/ssl.html for full documentation.
%%
%% {ssl_options, [{cacertfile, "/path/to/testca/cacert.pem"},
%% {certfile, "/path/to/server/cert.pem"},
%% {keyfile, "/path/to/server/key.pem"},
%% {verify, verify_peer},
%% {fail_if_no_peer_cert, false}]},
{mapping, "ssl_option.verify", "rabbit.ssl_options", [
{datatype, atom}]}.
{mapping, "ssl_option.fail_if_no_peer_cert", "rabbit.ssl_options", [
{datatype, {enum, [true, false]}}]}.
{mapping, "ssl_option.$option", "rabbit.ssl_options", [
{datatype, string}]}.
{translation, "rabbit.ssl_options",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("ssl_option", Conf),
[ {list_to_atom(K), V} || {["ssl_option", K], V} <- Settings ]
end}.
%% Choose the available SASL mechanism(s) to expose.
%% The two default (built in) mechanisms are 'PLAIN' and
%% 'AMQPLAIN'. Additional mechanisms can be added via
%% plugins.
%%
%% See http://www.rabbitmq.com/authentication.html for more details.
%%
%% {auth_mechanisms, ['PLAIN', 'AMQPLAIN']},
%% Select an authentication database to use. RabbitMQ comes bundled
%% with a built-in auth-database, based on mnesia.
%%
%% {auth_backends, [rabbit_auth_backend_internal]},
%% Configurations supporting the rabbitmq_auth_mechanism_ssl and
%% rabbitmq_auth_backend_ldap plugins.
%%
%% NB: These options require that the relevant plugin is enabled.
%% See http://www.rabbitmq.com/plugins.html for further details.
%% The RabbitMQ-auth-mechanism-ssl plugin makes it possible to
%% authenticate a user based on the client's SSL certificate.
%%
%% To use auth-mechanism-ssl, add to or replace the auth_mechanisms
%% list with the entry 'EXTERNAL'.
%%
%% {auth_mechanisms, ['EXTERNAL']},
%% The rabbitmq_auth_backend_ldap plugin allows the broker to
%% perform authentication and authorisation by deferring to an
%% external LDAP server.
%%
%% For more information about configuring the LDAP backend, see
%% http://www.rabbitmq.com/ldap.html.
%%
%% Enable the LDAP auth backend by adding to or replacing the
%% auth_backends entry:
%%
%% {auth_backends, [rabbit_auth_backend_ldap]},
{mapping, "auth_mechanism.$name", "rabbit.auth_mechanisms", [
{datatype, atom}]}.
{translation, "rabbit.auth_mechanisms",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("auth_mechanism", Conf),
[ V || {_, V} <- Settings ]
end}.
{mapping, "auth_backend.$name", "rabbit.auth_backends", [
{datatype, atom}
]}.
{translation, "rabbit.auth_backends",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("auth_backend", Conf),
[ V || {_, V} <- Settings ]
end}.
%% This pertains to both the rabbitmq_auth_mechanism_ssl plugin and
%% STOMP ssl_cert_login configurations. See the rabbitmq_stomp
%% configuration section later in this file and the README in
%% https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further
%% details.
%%
%% To use the SSL cert's CN instead of its DN as the username
%%
%% {ssl_cert_login_from, common_name},
%% SSL handshake timeout, in milliseconds.
%%
%% {ssl_handshake_timeout, 5000},
{mapping, "ssl_cert_login_from", "rabbit.ssl_cert_login_from", [
{datatype, atom}
]}.
{mapping, "ssl_handshake_timeout", "rabbit.ssl_handshake_timeout", [
{datatype, integer}
]}.
%% Password hashing implementation. Will only affect newly
%% created users. To recalculate hash for an existing user
%% it's necessary to update her password.
%%
%% When importing definitions exported from versions earlier
%% than 3.6.0, it is possible to go back to MD5 (only do this
%% as a temporary measure!) by setting this to rabbit_password_hashing_md5.
%%
%% To use SHA-512, set to rabbit_password_hashing_sha512.
%%
%% {password_hashing_module, rabbit_password_hashing_sha256},
{mapping, "password_hashing_module", "rabbit.password_hashing_module", [
{datatype, atom}
]}.
%%
%% Default User / VHost
%% ====================
%%
%% On first start RabbitMQ will create a vhost and a user. These
%% config items control what gets created. See
%% http://www.rabbitmq.com/access-control.html for further
%% information about vhosts and access control.
%%
%% {default_vhost, <<"/">>},
%% {default_user, <<"guest">>},
%% {default_pass, <<"guest">>},
%% {default_permissions, [<<".*">>, <<".*">>, <<".*">>]},
{mapping, "default_vhost", "rabbit.default_vhost", [
{datatype, string}
]}.
{mapping, "default_user", "rabbit.default_user", [
{datatype, string}
]}.
{mapping, "default_pass", "rabbit.default_pass", [
{datatype, string}
]}.
{mapping, "default_permissions.configure", "rabbit.default_permissions", [
{default, ".*"},
{datatype, string}
]}.
{mapping, "default_permissions.read", "rabbit.default_permissions", [
{default, ".*"},
{datatype, string}
]}.
{mapping, "default_permissions.write", "rabbit.default_permissions", [
{default, ".*"},
{datatype, string}
]}.
{translation, "rabbit.default_permissions",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("default_permissions", Conf),
Configure = proplists:get_value(["default_permissions", "configure"], Settings),
Read = proplists:get_value(["default_permissions", "read"], Settings),
Write = proplists:get_value(["default_permissions", "write"], Settings),
[list_to_binary(Configure), list_to_binary(Read), list_to_binary(Write)]
end}.
%% Tags for default user
%%
%% For more details about tags, see the documentation for the
%% Management Plugin at http://www.rabbitmq.com/management.html.
%%
%% {default_user_tags, [administrator]},
{mapping, "default_user_tags.$tag", "rabbit.default_user_tags",
[{datatype, {enum, [true, false]}}]}.
%%
%% Additional network and protocol related configuration
%% =====================================================
%%
%% Set the default AMQP heartbeat delay (in seconds).
%%
%% {heartbeat, 600},
%% Set the max permissible size of an AMQP frame (in bytes).
%%
%% {frame_max, 131072},
%% Set the max frame size the server will accept before connection
%% tuning occurs
%%
%% {initial_frame_max, 4096},
%% Set the max permissible number of channels per connection.
%% 0 means "no limit".
%%
%% {channel_max, 128},
{mapping, "heartbeat", "rabbit.heartbeat", [{datatype, integer}]}.
{mapping, "frame_max", "rabbit.frame_max", [{datatype, integer}]}.
{mapping, "initial_frame_max", "rabbit.initial_frame_max", [{datatype, integer}]}.
{mapping, "channel_max", "rabbit.channel_max", [{datatype, integer}]}.
%% Customising Socket Options.
%%
%% See (http://www.erlang.org/doc/man/inet.html#setopts-2) for
%% further documentation.
%%
%% {tcp_listen_options, [{backlog, 128},
%% {nodelay, true},
%% {exit_on_close, false}]},
{mapping, "tcp_listen_option.backlog", "rabbit.tcp_listen_options", [
{datatype, integer}
]}.
{mapping, "tcp_listen_option.$option", "rabbit.tcp_listen_options", [
{datatype, {enum, [true, false]}}
]}.
{translation, "rabbit.tcp_listen_options",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("tcp_listen_option", Conf),
[ V || {_, V} <- Settings ]
end}.
%%
%% Resource Limits & Flow Control
%% ==============================
%%
%% See http://www.rabbitmq.com/memory.html for full details.
%% Memory-based Flow Control threshold.
%%
%% {vm_memory_high_watermark, 0.4},
%% Alternatively, we can set a limit (in bytes) of RAM used by the node.
%%
%% {vm_memory_high_watermark, {absolute, 1073741824}},
%%
%% Or you can set absolute value using memory units (with RabbitMQ 3.6.0+).
%%
%% {vm_memory_high_watermark, {absolute, "1024M"}},
%%
%% Supported units suffixes:
%%
%% k, kiB: kibibytes (2^10 bytes)
%% M, MiB: mebibytes (2^20)
%% G, GiB: gibibytes (2^30)
%% kB: kilobytes (10^3)
%% MB: megabytes (10^6)
%% GB: gigabytes (10^9)
{mapping, "vm_memory_high_watermark.relative", "rabbit.vm_memory_high_watermark", [
{default, 0.4},
{datatype, float}]}.
{mapping, "vm_memory_high_watermark.absolute", "rabbit.vm_memory_high_watermark", [
{datatype, [integer, string]}]}.
{translation, "rabbit.vm_memory_high_watermark",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("vm_memory_high_watermark", Conf),
Absolute = proplists:get_value(["vm_memory_high_watermark", "absolute"], Settings),
Relative = proplists:get_value(["vm_memory_high_watermark", "relative"], Settings),
case {Absolute, Relative} of
{undefined, undefined} -> cuttlefish:invalid("No vm watermark defined");
{_, undefined} -> {absolute, Absolute};
_ -> Relative
end
end}.
%% Fraction of the high watermark limit at which queues start to
%% page message out to disc in order to free up memory.
%%
%% Values greater than 0.9 can be dangerous and should be used carefully.
%%
%% {vm_memory_high_watermark_paging_ratio, 0.5},
{mapping, "vm_memory_high_watermark_paging_ratio",
"rabbit.vm_memory_high_watermark_paging_ratio",
[{datatype, float}]}.
%% Interval (in milliseconds) at which we perform the check of the memory
%% levels against the watermarks.
%%
%% {memory_monitor_interval, 2500},
{mapping, "memory_monitor_interval", "rabbit.memory_monitor_interval", [{datatype, integer}]}.
%% Set disk free limit (in bytes). Once free disk space reaches this
%% lower bound, a disk alarm will be set - see the documentation
%% listed above for more details.
%%
%% {disk_free_limit, 50000000},
%%
%% Or you can set it using memory units (same as in vm_memory_high_watermark)
%% with RabbitMQ 3.6.0+.
%% {disk_free_limit, "50MB"},
%% {disk_free_limit, "50000kB"},
%% {disk_free_limit, "2GB"},
%% Alternatively, we can set a limit relative to total available RAM.
%%
%% Values lower than 1.0 can be dangerous and should be used carefully.
%% {disk_free_limit, {mem_relative, 2.0}},
{mapping, "disk_free_limit.relative", "rabbit.disk_free_limit", [
{default, 0.4},
{datatype, float}]}.
{mapping, "disk_free_limit.absolute", "rabbit.disk_free_limit", [
{datatype, [integer, string]}]}.
{translation, "rabbit.disk_free_limit",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("disk_free_limit", Conf),
Absolute = proplists:get_value(["disk_free_limit", "absolute"], Settings),
Relative = proplists:get_value(["disk_free_limit", "relative"], Settings),
case {Absolute, Relative} of
{undefined, undefined} -> cuttlefish:invalid("No disk limit defined");
{_, undefined} -> Absolute;
_ -> {mem_relative, Relative}
end
end}.
%%
%% Clustering
%% =====================
%%
%% How to respond to cluster partitions.
%% See http://www.rabbitmq.com/partitions.html for further details.
%%
%% {cluster_partition_handling, ignore},
{mapping, "cluster_partition_handling", "rabbit.cluster_partition_handling", [{datatype, atom}]}.
%% Mirror sync batch size, in messages. Increasing this will speed
%% up syncing but total batch size in bytes must not exceed 2 GiB.
%% Available in RabbitMQ 3.6.0 or later.
%%
%% {mirroring_sync_batch_size, 4096},
{mapping, "mirroring_sync_batch_size", "rabbit.mirroring_sync_batch_size", [{datatype, integer}]}.
%% Make clustering happen *automatically* at startup - only applied
%% to nodes that have just been reset or started for the first time.
%% See http://www.rabbitmq.com/clustering.html#auto-config for
%% further details.
%%
%% {cluster_nodes, {['rabbit@my.host.com'], disc}},
{mapping, "cluster_nodes.disk.$node", "rabbit.cluster_nodes", [{datatype, atom}]}.
{translation, "rabbit.cluster_nodes",
fun(Conf) ->
DiskNodes = [ V || {_, V} <- cuttlefish_variable:filter_by_prefix("cluster_nodes.disk", Conf)],
RamNodes = [ V || {_, V} <- cuttlefish_variable:filter_by_prefix("cluster_nodes.ram", Conf)],
case {DiskNodes, RamNodes} of
{_, []} -> {DiskNodes, disk};
{[], _} -> {RamNodes, ram}
end
end}.
%% Interval (in milliseconds) at which we send keepalive messages
%% to other cluster members. Note that this is not the same thing
%% as net_ticktime; missed keepalive messages will not cause nodes
%% to be considered down.
%%
%% {cluster_keepalive_interval, 10000},
{mapping, "cluster_keepalive_interval", "rabbit.cluster_keepalive_interval", [{datatype, integer}]}.
%%
%% Statistics Collection
%% =====================
%%
%% Set (internal) statistics collection granularity.
%%
%% {collect_statistics, none},
{mapping, "collect_statistics", "rabbit.collect_statistics",
[{datatype, {enum, [none, coarse, fine]}}]}.
%% Statistics collection interval (in milliseconds). Increasing
%% this will reduce the load on management database.
%%
%% {collect_statistics_interval, 5000},
{mapping, "collect_statistics_interval", "rabbit.collect_statistics_interval",
[{datatype, integer}]}.
%%
%% Misc/Advanced Options
%% =====================
%%
%% NB: Change these only if you understand what you are doing!
%%
%% Explicitly enable/disable hipe compilation.
%%
%% {hipe_compile, true},
{mapping, "hipe_compile", "rabbit.hipe_compile",
[{datatype, {enum, [true, false]}}]}.
%% Timeout used when waiting for Mnesia tables in a cluster to
%% become available.
%%
%% {mnesia_table_loading_timeout, 30000},
{mapping, "mnesia_table_loading_timeout", "rabbit.mnesia_table_loading_timeout",
[{datatype, integer}]}.
%% Size in bytes below which to embed messages in the queue index. See
%% http://www.rabbitmq.com/persistence-conf.html
%%
%% {queue_index_embed_msgs_below, 4096}
{mapping, "queue_index_embed_msgs_below", "rabbit.queue_index_embed_msgs_below",
[{datatype, integer}]}.
% ]},
% %% ----------------------------------------------------------------------------
% %% Advanced Erlang Networking/Clustering Options.
% %%
% %% See http://www.rabbitmq.com/clustering.html for details
% %% ----------------------------------------------------------------------------
% {kernel,
% [%% Sets the net_kernel tick time.
% %% Please see http://erlang.org/doc/man/kernel_app.html and
% %% http://www.rabbitmq.com/nettick.html for further details.
% %%
% %% {net_ticktime, 60}
% ]},
{mapping, "net_ticktime", "kernel.net_ticktime", [{datatype, integer}]}.
% %% ----------------------------------------------------------------------------
% %% RabbitMQ Management Plugin
% %%
% %% See http://www.rabbitmq.com/management.html for details
% %% ----------------------------------------------------------------------------
% {rabbitmq_management,
% [%% Pre-Load schema definitions from the following JSON file. See
%% http://www.rabbitmq.com/management.html#load-definitions
%%
%% {load_definitions, "/path/to/schema.json"},
{mapping, "management.load_definitions", "rabbitmq_management.load_definitions",
[{datatype, string}]}.
%% Log all requests to the management HTTP API to a file.
%%
%% {http_log_dir, "/path/to/access.log"},
{mapping, "management.http_log_dir", "rabbitmq_management.http_log_dir",
[{datatype, string}]}.
%% Change the port on which the HTTP listener listens,
%% specifying an interface for the web server to bind to.
%% Also set the listener to use SSL and provide SSL options.
%%
%% {listener, [{port, 12345},
%% {ip, "127.0.0.1"},
%% {ssl, true},
%% {ssl_opts, [{cacertfile, "/path/to/cacert.pem"},
%% {certfile, "/path/to/cert.pem"},
%% {keyfile, "/path/to/key.pem"}]}]},
{mapping, "management.listener.ssl_opts.$option", "rabbitmq_management.listener.ssl_opts",
[{datatype, string}]}.
{mapping, "management.listener.port", "rabbitmq_management.listener.port",
[{datatype, integer}]}.
{mapping, "management.listener.ip", "rabbitmq_management.listener.ip",
[{datatype, string}]}.
{mapping, "management.listener.ssl", "rabbitmq_management.listener.ssl",
[{datatype, {enum, [true, false]}}]}.
{translation, "rabbitmq_management.listener.ssl",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("management.listener.ssl_opts", Conf),
[ {list_to_atom(K), V} || {["management","listener","ssl_opts", K], V} <- Settings ]
end}.
%% One of 'basic', 'detailed' or 'none'. See
%% http://www.rabbitmq.com/management.html#fine-stats for more details.
%% {rates_mode, basic},
{mapping, "management.rates_mode", "rabbitmq_management.rates_mode",
[{datatype, {enum, [basic, detailed, none]}}]}.
%% Configure how long aggregated data (such as message rates and queue
%% lengths) is retained. Please read the plugin's documentation in
%% http://www.rabbitmq.com/management.html#configuration for more
%% details.
%%
%% {sample_retention_policies,
%% [{global, [{60, 5}, {3600, 60}, {86400, 1200}]},
%% {basic, [{60, 5}, {3600, 60}]},
%% {detailed, [{10, 5}]}]}
% ]},
{mapping, "management.sample_retention_policies.$section.$interval",
"rabbitmq_management.sample_retention_policies",
[{datatype, integer}]}.
{translation, "rabbitmq_management.sample_retention_policies",
fun(Conf) ->
Global = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.global", Conf),
Basic = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.basic", Conf),
Detailed = cuttlefish_variable:filter_by_prefix("management.sample_retention_policies.detailed", Conf),
TranslatePolicy = fun(Section) ->
[ {list_to_integer(Key), Val} || {[_,_,_,Key], Val} <- Section ]
end,
[{global, TranslatePolicy(Global)},
{basic, TranslatePolicy(Basic)},
{detailed, TranslatePolicy(Detailed)}]
end}.
% %% ----------------------------------------------------------------------------
% %% RabbitMQ Shovel Plugin
% %%
% %% See http://www.rabbitmq.com/shovel.html for details
% %% ----------------------------------------------------------------------------
% {rabbitmq_shovel,
% [{shovels,
% [%% A named shovel worker.
% %% {my_first_shovel,
% %% [
% %% List the source broker(s) from which to consume.
% %%
% %% {sources,
% %% [%% URI(s) and pre-declarations for all source broker(s).
% %% {brokers, ["amqp://user:password@host.domain/my_vhost"]},
% %% {declarations, []}
% %% ]},
% %% List the destination broker(s) to publish to.
% %% {destinations,
% %% [%% A singular version of the 'brokers' element.
% %% {broker, "amqp://"},
% %% {declarations, []}
% %% ]},
% %% Name of the queue to shovel messages from.
% %%
% %% {queue, <<"your-queue-name-goes-here">>},
% %% Optional prefetch count.
% %%
% %% {prefetch_count, 10},
% %% when to acknowledge messages:
% %% - no_ack: never (auto)
% %% - on_publish: after each message is republished
% %% - on_confirm: when the destination broker confirms receipt
% %%
% %% {ack_mode, on_confirm},
% %% Overwrite fields of the outbound basic.publish.
% %%
% %% {publish_fields, [{exchange, <<"my_exchange">>},
% %% {routing_key, <<"from_shovel">>}]},
% %% Static list of basic.properties to set on re-publication.
% %%
% %% {publish_properties, [{delivery_mode, 2}]},
% %% The number of seconds to wait before attempting to
% %% reconnect in the event of a connection failure.
% %%
% %% {reconnect_delay, 2.5}
% %% ]} %% End of my_first_shovel
% ]}
% %% Rather than specifying some values per-shovel, you can specify
% %% them for all shovels here.
% %%
% %% {defaults, [{prefetch_count, 0},
% %% {ack_mode, on_confirm},
% %% {publish_fields, []},
% %% {publish_properties, [{delivery_mode, 2}]},
% %% {reconnect_delay, 2.5}]}
% ]},
% %% ----------------------------------------------------------------------------
% %% RabbitMQ Stomp Adapter
% %%
% %% See http://www.rabbitmq.com/stomp.html for details
% %% ----------------------------------------------------------------------------
% {rabbitmq_stomp,
% [%% Network Configuration - the format is generally the same as for the broker
% %% Listen only on localhost (ipv4 & ipv6) on a specific port.
% %% {tcp_listeners, [{"127.0.0.1", 61613},
% %% {"::1", 61613}]},
{mapping, "stomp.listener.tcp.$name", "rabbitmq_stomp.tcp_listeners",[
{default, 61613},
{datatype, [integer, ip]},
{include_default, "all"}
]}.
{translation, "rabbitmq_stomp.tcp_listeners",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("stomp.listener.tcp", Conf),
[ V || {_, V} <- Settings ]
end}.
{mapping, "stomp.listener.ssl.$name", "rabbitmq_stomp.ssl_listeners",[
{default, 61614},
{datatype, [integer, ip]},
{include_default, "all"}
]}.
{translation, "rabbitmq_stomp.ssl_listeners",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("stomp.listener.ssl", Conf),
[ V || {_, V} <- Settings ]
end}.
% %% Number of Erlang processes that will accept connections for the TCP
% %% and SSL listeners.
% %%
% %% {num_tcp_acceptors, 10},
% %% {num_ssl_acceptors, 1},
{mapping, "stomp.num_acceptors.ssl", "rabbitmq_stomp.num_ssl_acceptors", [
{default, 10},
{datatype, integer}
]}.
{mapping, "stomp.num_acceptors.tcp", "rabbitmq_stomp.num_tcp_acceptors", [
{default, 10},
{datatype, integer}
]}.
% %% Additional SSL options
% %% Extract a name from the client's certificate when using SSL.
% %%
% %% {ssl_cert_login, true},
{mapping, "stomp.ssl_cert_login", "rabbitmq_stomp.ssl_cert_login",
[{datatype, {enum, [true, false]}}]}.
% %% Set a default user name and password. This is used as the default login
% %% whenever a CONNECT frame omits the login and passcode headers.
% %%
% %% Please note that setting this will allow clients to connect without
% %% authenticating!
% %%
% %% {default_user, [{login, "guest"},
% %% {passcode, "guest"}]},
{mapping, "stomp.default_user", "rabbitmq_stomp.default_user.login", [
{datatype, string}
]}.
{mapping, "stomp.default_pass", "rabbitmq_stomp.default_user.passcode", [
{datatype, string}
]}.
% %% If a default user is configured, or you have configured use SSL client
% %% certificate based authentication, you can choose to allow clients to
% %% omit the CONNECT frame entirely. If set to true, the client is
% %% automatically connected as the default user or user supplied in the
% %% SSL certificate whenever the first frame sent on a session is not a
% %% CONNECT frame.
% %%
% %% {implicit_connect, true}
% ]},
{mapping, "stomp.implicit_connect", "rabbitmq_stomp.implicit_connect",
[{datatype, {enum, [true, false]}}]}.
% %% ----------------------------------------------------------------------------
% %% RabbitMQ MQTT Adapter
% %%
% %% See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md
% %% for details
% %% ----------------------------------------------------------------------------
% {rabbitmq_mqtt,
% [%% Set the default user name and password. Will be used as the default login
% %% if a connecting client provides no other login details.
% %%
% %% Please note that setting this will allow clients to connect without
% %% authenticating!
% %%
% %% {default_user, <<"guest">>},
% %% {default_pass, <<"guest">>},
{mapping, "mqtt.default_user", "rabbitmq_mqtt.default_user", [
{datatype, string}
]}.
{mapping, "mqtt.default_pass", "rabbitmq_mqtt.default_pass", [
{datatype, string}
]}.
% %% Enable anonymous access. If this is set to false, clients MUST provide
% %% login information in order to connect. See the default_user/default_pass
% %% configuration elements for managing logins without authentication.
% %%
% %% {allow_anonymous, true},
{mapping, "mqtt.allow_anonymous", "rabbitmq_mqtt.allow_anonymous",
[{datatype, {enum, [true, false]}}]}.
% %% If you have multiple chosts, specify the one to which the
% %% adapter connects.
% %%
% %% {vhost, <<"/">>},
{mapping, "mqtt.vhost", "rabbitmq_mqtt.vhost", [{datatype, string}]}.
{translation, "rabbitmq_mqtt.vhost",
fun(Conf) ->
list_to_binary(cuttlefish:conf_get("mqtt.vhost", Conf))
end}.
% %% Specify the exchange to which messages from MQTT clients are published.
% %%
% %% {exchange, <<"amq.topic">>},
{mapping, "mqtt.exchange", "rabbitmq_mqtt.exchange", [{datatype, string}]}.
{translation, "rabbitmq_mqtt.exchange",
fun(Conf) ->
list_to_binary(cuttlefish:conf_get("mqtt.exchange", Conf))
end}.
% %% Specify TTL (time to live) to control the lifetime of non-clean sessions.
% %%
% %% {subscription_ttl, 1800000},
{mapping, "mqtt.subscription_ttl", "rabbitmq_mqtt.subscription_ttl",
[{datatype, integer}]}.
% %% Set the prefetch count (governing the maximum number of unacknowledged
% %% messages that will be delivered).
% %%
% %% {prefetch, 10},
{mapping, "mqtt.prefetch", "rabbitmq_mqtt.prefetch",
[{datatype, integer}]}.
% %% TCP/SSL Configuration (as per the broker configuration).
% %%
% %% {tcp_listeners, [1883]},
% %% {ssl_listeners, []},
{mapping, "mqtt.listener.tcp.$name", "rabbitmq_mqtt.tcp_listeners",[
{default, 1883},
{datatype, [integer, ip]},
{include_default, "all"}
]}.
{translation, "rabbitmq_mqtt.tcp_listeners",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("mqtt.listener.tcp", Conf),
[ V || {_, V} <- Settings ]
end}.
{mapping, "mqtt.listener.ssl.$name", "rabbitmq_mqtt.ssl_listeners",[
{default, 1884},
{datatype, [integer, ip]},
{include_default, "all"}
]}.
{translation, "rabbitmq_mqtt.ssl_listeners",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("mqtt.listener.ssl", Conf),
[ V || {_, V} <- Settings ]
end}.
% %% Number of Erlang processes that will accept connections for the TCP
% %% and SSL listeners.
% %%
% %% {num_tcp_acceptors, 10},
% %% {num_ssl_acceptors, 1},
{mapping, "mqtt.num_acceptors.ssl", "rabbitmq_mqtt.num_ssl_acceptors", [
{default, 10},
{datatype, integer}
]}.
{mapping, "mqtt.num_acceptors.tcp", "rabbitmq_mqtt.num_tcp_acceptors", [
{default, 10},
{datatype, integer}
]}.
% %% TCP/Socket options (as per the broker configuration).
% %%
% %% {tcp_listen_options, [{backlog, 128},
% %% {nodelay, true}]}
% ]},
{mapping, "mqtt.tcp_listen_option.backlog", "rabbitmq_mqtt.tcp_listen_options", [
{datatype, integer}
]}.
{mapping, "mqtt.tcp_listen_option.$option", "rabbitmq_mqtt.tcp_listen_options", [
{datatype, {enum, [true, false]}}
]}.
{translation, "rabbitmq_mqtt.tcp_listen_options",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("mqtt.tcp_listen_option", Conf),
[ V || {_, V} <- Settings ]
end}.
% %% ----------------------------------------------------------------------------
% %% RabbitMQ AMQP 1.0 Support
% %%
% %% See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md
% %% for details
% %% ----------------------------------------------------------------------------
% {rabbitmq_amqp1_0,
% [%% Connections that are not authenticated with SASL will connect as this
% %% account. See the README for more information.
% %%
% %% Please note that setting this will allow clients to connect without
% %% authenticating!
% %%
% %% {default_user, "guest"},
{mapping, "amqp1.default_user", "rabbitmq_amqp1_0.default_user",
[{datatype, string}]}.
% %% Enable protocol strict mode. See the README for more information.
% %%
% %% {protocol_strict_mode, false}
% ]},
{mapping, "amqp1.protocol_strict_mode", "rabbitmq_amqp1_0.protocol_strict_mode",
[{datatype, {enum, [true, false]}}]}.
% %% ----------------------------------------------------------------------------
% %% RabbitMQ LDAP Plugin
% %%
% %% See http://www.rabbitmq.com/ldap.html for details.
% %%
% %% ----------------------------------------------------------------------------
% {rabbitmq_auth_backend_ldap,
% [%%
% %% Connecting to the LDAP server(s)
% %% ================================
% %%
% %% Specify servers to bind to. You *must* set this in order for the plugin
% %% to work properly.
% %%
% %% {servers, ["your-server-name-goes-here"]},
{mapping, "ldap.servers.$server", "rabbitmq_auth_backend_ldap.servers",
[{datatype, string}]}.
{translation, "rabbitmq_auth_backend_ldap.servers",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("ldap.servers", Conf),
[ V || {_, V} <- Settings ]
end}.
% %% Connect to the LDAP server using SSL
% %%
% %% {use_ssl, false},
{mapping, "ldap.use_ssl", "rabbitmq_auth_backend_ldap.use_ssl",
[{datatype, {enum, [true, false]}}]}.
% %% Specify the LDAP port to connect to
% %%
% %% {port, 389},
{mapping, "ldap.port", "rabbitmq_auth_backend_ldap.port",
[{datatype, integer}]}.
% %% LDAP connection timeout, in milliseconds or 'infinity'
% %%
% %% {timeout, infinity},
{mapping, "ldap.timeout", "rabbitmq_auth_backend_ldap.timeout",
[{datatype, [integer, {atom, infinity}]}]}.
% %% Enable logging of LDAP queries.
% %% One of
% %% - false (no logging is performed)
% %% - true (verbose logging of the logic used by the plugin)
% %% - network (as true, but additionally logs LDAP network traffic)
% %%
% %% Defaults to false.
% %%
% %% {log, false},
{mapping, "ldap.log", "rabbitmq_auth_backend_ldap.log",
[{datatype, {enum, [true, false, network]}}]}.
% %%
% %% Authentication
% %% ==============
% %%
% %% Pattern to convert the username given through AMQP to a DN before
% %% binding
% %%
% %% {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"},
{mapping, "ldap.user_dn_pattern", "rabbitmq_auth_backend_ldap.user_dn_pattern",
[{datatype, string}]}.
% %% Alternatively, you can convert a username to a Distinguished
% %% Name via an LDAP lookup after binding. See the documentation for
% %% full details.
% %% When converting a username to a dn via a lookup, set these to
% %% the name of the attribute that represents the user name, and the
% %% base DN for the lookup query.
% %%
% %% {dn_lookup_attribute, "userPrincipalName"},
% %% {dn_lookup_base, "DC=gopivotal,DC=com"},
{mapping, "ldap.dn_lookup_attribute", "rabbitmq_auth_backend_ldap.dn_lookup_attribute",
[{datatype, string}]}.
{mapping, "ldap.dn_lookup_base", "rabbitmq_auth_backend_ldap.dn_lookup_base",
[{datatype, string}]}.
% %% Controls how to bind for authorisation queries and also to
% %% retrieve the details of users logging in without presenting a
% %% password (e.g., SASL EXTERNAL).
% %% One of
% %% - as_user (to bind as the authenticated user - requires a password)
% %% - anon (to bind anonymously)
% %% - {UserDN, Password} (to bind with a specified user name and password)
% %%
% %% Defaults to 'as_user'.
% %%
% %% {other_bind, as_user},
{mapping, "ldap.other_bind", "rabbitmq_auth_backend_ldap.other_bind",
[{datatype, {enum, [as_user, anon]}},
{default, as_user}]}.
{mapping, "ldap.other_bind.user_dn", "rabbitmq_auth_backend_ldap.other_bind",
[{datatype, string}]}.
{mapping, "ldap.other_bind.password", "rabbitmq_auth_backend_ldap.other_bind",
[{datatype, string}]}.
{translation, "rabbit_auth_backend_ldap.other_bind",
fun(Conf) ->
case cuttlefish:conf_get("ldap.other_bind", Conf) of
as_user -> as_user;
anon -> anon;
_ ->
User = cuttlefish:conf_get("ldap.other_bind.user_dn", Conf),
Pass = cuttlefish:conf_get("ldap.other_bind.password", Conf),
case {User, Pass} of
{undefined, _} -> as_user;
{_, undefined} -> as_user;
_ -> {User, Pass}
end
end
end}.
% %%
% %% Authorisation
% %% =============
% %%
% %% The LDAP plugin can perform a variety of queries against your
% %% LDAP server to determine questions of authorisation. See
% %% http://www.rabbitmq.com/ldap.html#authorisation for more
% %% information.
% %% Set the query to use when determining vhost access
% %%
% %% {vhost_access_query, {in_group,
% %% "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}},
% %% Set the query to use when determining resource (e.g., queue) access
% %%
% %% {resource_access_query, {constant, true}},
% %% Set queries to determine which tags a user has
% %%
% %% {tag_queries, []}
% ]},
% %% Lager controls logging.
% %% See https://github.com/basho/lager for more documentation
% {lager, [
% %%
% %% Log direcrory, taken from the RABBITMQ_LOG_BASE env variable by default.
% %% {log_root, "/var/log/rabbitmq"},
% %%
% %% All log messages go to the default "sink" configured with
% %% the `handlers` parameter. By default, it has a single
% %% lager_file_backend handler writing messages to "$nodename.log"
% %% (ie. the value of $RABBIT_LOGS).
% %% {handlers, [
% %% {lager_file_backend, [{file, "rabbit.log"},
% %% {level, info},
% %% {date, ""},
% %% {size, 0}]}
% %% ]},
% %%
% %% Extra sinks are used in RabbitMQ to categorize messages. By
% %% default, those extra sinks are configured to forward messages
% %% to the default sink (see above). "rabbit_log_lager_event"
% %% is the default category where all RabbitMQ messages without
% %% a category go. Messages in the "channel" category go to the
% %% "rabbit_channel_lager_event" Lager extra sink, and so on.
% %% {extra_sinks, [
% %% {rabbit_log_lager_event, [{handlers, [
% %% {lager_forwarder_backend,
% %% [lager_event, info]}]}]},
% %% {rabbit_channel_lager_event, [{handlers, [
% %% {lager_forwarder_backend,
% %% [lager_event, info]}]}]},
% %% {rabbit_conection_lager_event, [{handlers, [
% %% {lager_forwarder_backend,
% %% [lager_event, info]}]}]},
% %% {rabbit_mirroring_lager_event, [{handlers, [
% %% {lager_forwarder_backend,
% %% [lager_event, info]}]}]}
% %% ]}
% ]}
% ].
{mapping, "log.dir", "lager.log_root", [{datatype, string}]}.
{mapping, "log.console", "lager.handlers", [
{datatype, {enum, [true, false]}},
{default, false}
]}.
{mapping, "log.syslog", "lager.handlers", [
{datatype, {enum, [true, false]}},
{default, false}
]}.
{mapping, "log.file", "lager.handlers", [
{datatype, [{enum, [false]}, string]},
{default, "rabbitmq.log"}
]}.
{mapping, "log.file.level", "lager.handlers", [
{datatype, {enum, [debug, info, warning, error]}},
{default, info}
]}.
{mapping, "log.$handler.level", "lager.handlers", [
{datatype, {enum, [debug, info, warning, error]}},
{default, info}
]}.
{mapping, "log.file.rotation.date", "lager.handlers", [
{datatype, string},
{default, ""}
]}.
{mapping, "log.file.rotation.size", "lager.handlers", [
{datatype, integer},
{default, 0}
]}.
{mapping, "log.file.rotation.count", "lager.handlers", [
{datatype, integer},
{default, 10}
]}.
{mapping, "log.syslog.identity", "lager.handlers", [
{datatype, string}
]}.
{mapping, "log.syslog.facility", "lager.handlers", [
{datatype, atom}
]}.
{translation, "lager.handlers",
fun(Conf) ->
ConsoleHandler = case cuttlefish:conf_get("log.console", Conf) of
true ->
ConsoleLevel = cuttlefish:conf_get("log.console.level", Conf),
[{lager_console_backend, ConsoleLevel}];
false -> []
end,
FileHandler = case cuttlefish:conf_get("log.file", Conf) of
false -> [];
File ->
FileLevel = cuttlefish:conf_get("log.file.level", Conf),
RotationDate = cuttlefish:conf_get("log.file.rotation.date", Conf),
RotationSize = cuttlefish:conf_get("log.file.rotation.size", Conf),
RotationCount = cuttlefish:conf_get("log.file.rotation.count", Conf),
[{lager_file_backend, [{file, File},
{level, FileLevel},
{date, RotationDate},
{size, RotationSize},
{count, RotationCount}]}]
end,
SyslogHandler = case cuttlefish:conf_get("log.syslog", Conf) of
false -> [];
true ->
SyslogLevel = cuttlefish:conf_get("log.syslog.level", Conf),
Identity = cuttlefish:conf_get("log.syslog.identity", Conf),
Facility = cuttlefish:conf_get("log.syslog.facility", Conf),
[{lager_syslog_backend, [Identity, Facility, SyslogLevel]}]
end,
ConsoleHandler ++ FileHandler ++ SyslogHandler
end}.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment