1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Merge pull request #2034 from chrishoffman/rabbitmq

Adding rabbitmq modules
This commit is contained in:
Michael DeHaan 2013-02-09 09:04:33 -08:00
commit fa44f49afb
3 changed files with 395 additions and 0 deletions

View file

@ -0,0 +1,34 @@
---
- hosts: rabbitmq
sudo: true
vars:
rabbitmq_version: 3.0.2-1
tasks:
- name: ensure python-software-properties is installed
apt: pkg=python-software-properties state=installed
- name: add rabbitmq official apt repository
apt_repository: repo='deb http://www.rabbitmq.com/debian/ testing main' state=present
- name: install rabbitmq
apt: pkg=rabbitmq-server=$rabbitmq_version state=installed force=yes
- name: enable rabbitmq plugins
rabbitmq_plugin: names=rabbitmq_management,rabbitmq_tracing state=enabled
notify:
- restart rabbitmq
- name: add users
rabbitmq_user: user=$item password=changeme tags=monitoring,$item vhost="/" configure_priv=".*" write_priv=".*" read_priv=".*" state=present
with_items:
- user1
- user2
- name: remove default guest user
rabbitmq_user: user=guest state=absent
handlers:
- name: restart rabbitmq
service: name=rabbitmq-server state=restarted

116
library/rabbitmq_plugin Normal file
View file

@ -0,0 +1,116 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
# (c) 2013, Chatham Financial <oss@chathamfinancial.com>
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
DOCUMENTATION = '''
---
module: rabbitmq_plugin
short_description: Adds or removes users to RabbitMQ
description:
- Enables or disables RabbitMQ plugins
version_added: 1.1
author: Chris Hoffman
options:
names:
description:
- Comma-separated list of plugin names
required: true
default: null
aliases: [name]
new_only:
description:
- Only enable missing plugins
- Does not disable plugins that are not in the names list
required: false
default: no
choices: [yes, no]
state:
description:
- Specify if pluginss are to be enabled or disabled
required: false
default: enabled
choices: [enabled, disabled]
examples:
- code: rabbitmq_plugin names=rabbitmq_management state=enabled
description: Enables the rabbitmq_management plugin
'''
class RabbitMqPlugins(object):
def __init__(self, module):
self.module = module
def _exec(self, args):
cmd = ["rabbitmq-plugins"]
rc, out, err = self.module.run_command(cmd + args, check_rc=True)
return out.splitlines()
def get_all(self):
return self._exec(["list", "-E", "-m"])
def enable(self, name):
if not self.module.check_mode:
self._exec(["enable", name])
def disable(self, name):
if not self.module.check_mode:
self._exec(["disable", name])
def main():
arg_spec = dict(
names=dict(required=True, aliases=['name']),
new_only=dict(default='no', choices=BOOLEANS),
state=dict(default='enabled', choices=['enabled', 'disabled'])
)
module = AnsibleModule(
argument_spec=arg_spec,
supports_check_mode=True
)
names = module.params['names'].split(',')
new_only = module.boolean(module.params['new_only'])
state = module.params['state']
rabbitmq_plugins = RabbitMqPlugins(module)
enabled_plugins = rabbitmq_plugins.get_all()
enabled = []
disabled = []
if state == 'enabled':
if not new_only:
for plugin in enabled_plugins:
if plugin not in names:
rabbitmq_plugins.disable(plugin)
disabled.append(plugin)
for name in names:
if name not in enabled_plugins:
rabbitmq_plugins.enable(name)
enabled.append(name)
else:
for plugin in enabled_plugins:
if plugin in names:
rabbitmq_plugins.disable(plugin)
disabled.append(plugin)
changed = len(enabled) > 0 or len(disabled) > 0
module.exit_json(changed=changed, enabled=enabled, disabled=disabled)
# this is magic, see lib/ansible/module_common.py
#<<INCLUDE_ANSIBLE_MODULE_COMMON>>
main()

245
library/rabbitmq_user Normal file
View file

@ -0,0 +1,245 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
# (c) 2013, Chatham Financial <oss@chathamfinancial.com>
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
DOCUMENTATION = '''
---
module: rabbitmq_user
short_description: Adds or removes users to RabbitMQ
description:
- Add or remove users to RabbitMQ and assign permissions
version_added: 1.1
author: Chris Hoffman
options:
user:
description:
- Name of user to add
required: true
default: null
aliases: [username, name]
password:
description:
- Password of user to add
required: false
default: null
tags:
description:
- User tags specified as comma delimited
required: false
default: null
vhost:
description:
- vhost to apply access privileges.
required: false
default: /
configure_priv:
description:
- Regular expression to restrict configure actions on a resource
for the specified vhost.
- By default all actions are restricted.
required: false
default: ^$
write_priv:
description:
- Regular expression to restrict configure actions on a resource
for the specified vhost.
- By default all actions are restricted.
required: false
default: ^$
read_priv:
description:
- Regular expression to restrict configure actions on a resource
for the specified vhost.
- By default all actions are restricted.
required: false
default: ^$
force:
description:
- Deletes and recreates the user.
required: false
default: no
choices: [yes, no]
state:
description:
- Specify if user is to be added or removed
required: false
default: present
choices: [present, absent]
examples:
- code: rabbitmq_user user=joe password=changeme vhost="/" configure_priv=".*" read_priv=".*" write_priv=".*" state=present
description: Add user to server and assign full access control
'''
class RabbitMqUser(object):
def __init__(self, module, username, password, tags, vhost, configure_priv, write_priv, read_priv):
self.module = module
self.username = username
self.password = password
if tags is None:
self.tags = []
else:
self.tags = tags.split(',')
permissions = dict(
vhost=vhost,
configure_priv=configure_priv,
write_priv=write_priv,
read_priv=read_priv
)
self.permissions = permissions
self._tags = None
self._permissions = None
def _exec(self, args):
cmd = ["rabbitmqctl", "-q"]
rc, out, err = self.module.run_command(cmd + args, check_rc=True)
return out.splitlines()
def get(self):
users = self._exec(["list_users"])
for user_tag in users:
user, tags = user_tag.split('\t')
if user == self.username:
for c in ['[',']',' ']:
tags = tags.replace(c, '')
if tags != '':
self._tags = tags.split(',')
else:
self._tags = []
self._permissions = self._get_permissions()
return True
return False
def _get_permissions(self):
perms_out = self._exec(["list_user_permissions", self.username])
for perm in perms_out:
vhost, configure_priv, write_priv, read_priv = perm.split('\t')
if vhost == self.permissions['vhost']:
return dict(vhost=vhost, configure_priv=configure_priv, write_priv=write_priv, read_priv=read_priv)
return dict()
def add(self):
if not self.module.check_mode:
self._exec(["add_user", self.username, self.password])
def delete(self):
if not self.module.check_mode:
self._exec(["delete_user", self.username])
def set_tags(self):
if not self.module.check_mode:
self._exec(["set_user_tags", self.username] + self.tags)
def set_permissions(self):
if not self.module.check_mode:
cmd = ["set_permissions"]
cmd.append('-p')
cmd.append(self.permissions['vhost'])
cmd.append(self.username)
cmd.append(self.permissions['configure_priv'])
cmd.append(self.permissions['write_priv'])
cmd.append(self.permissions['read_priv'])
self._exec(cmd)
def has_tags_modifications(self):
if (not self._tags and len(self.tags) > 0) or (not self.tags and len(self._tags) > 0):
return True
else:
for tag in self._tags:
if tag not in self.tags:
return True
for tag in self.tags:
if tag not in self._tags:
return True
return False
def has_permissions_modifications(self):
return self._permissions != self.permissions
def main():
arg_spec = dict(
user=dict(required=True, aliases=['username', 'name']),
password=dict(default=None),
tags=dict(default=None),
vhost=dict(default='/'),
configure_priv=dict(default='^$'),
write_priv=dict(default='^$'),
read_priv=dict(default='^$'),
force=dict(default='no', choices=BOOLEANS),
state=dict(default='present', choices=['present', 'absent'])
)
module = AnsibleModule(
argument_spec=arg_spec,
supports_check_mode=True
)
username = module.params['user']
password = module.params['password']
tags = module.params['tags']
vhost = module.params['vhost']
configure_priv = module.params['configure_priv']
write_priv = module.params['write_priv']
read_priv = module.params['read_priv']
force = module.boolean(module.params['force'])
state = module.params['state']
rabbitmq_user = RabbitMqUser(module, username, password, tags, vhost, configure_priv, write_priv, read_priv)
changed = False
if rabbitmq_user.get():
if state == 'absent':
rabbitmq_user.delete()
changed = True
else:
if force:
rabbitmq_user.delete()
rabbitmq_user.add()
rabbitmq_user.get()
changed = True
if rabbitmq_user.has_tags_modifications():
rabbitmq_user.set_tags()
changed = True
if rabbitmq_user.has_permissions_modifications():
rabbitmq_user.set_permissions()
changed = True
elif state == 'present':
rabbitmq_user.add()
rabbitmq_user.set_tags()
rabbitmq_user.set_permissions()
changed = True
module.exit_json(changed=changed)
# this is magic, see lib/ansible/module_common.py
#<<INCLUDE_ANSIBLE_MODULE_COMMON>>
main()