Commit Graph

27 Commits

Author SHA1 Message Date
Clark Boylan 8056acae28 Retire this repo
The opendev project has been moving away from puppet and this is one of
the puppet modules that is no longer used. To simplify things for us we
are taking the extra step of retiring this repo.

Change-Id: I83a8d643adacd41947203604fdad1b0cc544c680
2022-02-17 11:58:54 -08:00
Matthew Treinish e05b5f283d
Update set allow_anonymous flag to be explicitly true
In newer mosquitto version the default for the allow_anonymous config
flag was changed from true to a conditional true. It defaults to false
if you have certain auth methods enabled. Since the config generated by
puppet-mosquitto has these auth methods enabled the implicit value of
true changed to false when we upgraded the mosquitto version. This
commit fixes this case by explicitly setting allow_anonymous to be true
so that we allow anonymous connections so we can have the public
read only access to the firehose.

Change-Id: I6fceb1daf55b0e3a7345461dca1c4c7ef5a80440
2020-09-09 09:53:07 -04:00
OpenDev Sysadmins 0c6ea529f8 OpenDev Migration Patch
This commit was bulk generated and pushed by the OpenDev sysadmins
as a part of the Git hosting and code review systems migration
detailed in these mailing list posts:

http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003603.html
http://lists.openstack.org/pipermail/openstack-discuss/2019-April/004920.html

Attempts have been made to correct repository namespaces and
hostnames based on simple pattern matching, but it's possible some
were updated incorrectly or missed entirely. Please reach out to us
via the contact information listed at https://opendev.org/ with any
questions you may have.
2019-04-19 19:26:04 +00:00
Ian Wienand 2e9fd8f107 Replace openstack.org git:// URLs with https://
This is a mechanically generated change to replace openstack.org
git:// URLs with https:// equivalents.

This is in aid of a planned future move of the git hosting
infrastructure to a self-hosted instance of gitea (https://gitea.io),
which does not support the git wire protocol at this stage.

This update should result in no functional change.

For more information see the thread at

 http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003825.html

Change-Id: Ib79fb33e194b1bee06e699b21188b9d89fac7a49
2019-03-24 20:35:41 +00:00
Colleen Murphy a0c52d6bc7 Update Gemfile for Zuulv3
The logic in the Gemfile was relying on Zuulv2 variables to find out
whether the spec helper gem was already available on disk, and since
Zuulv3 has changed things it was failing to find it and downloading the
master version instead. This patch ensures the Gemfile looks for the gem
in the right place when running in CI.

Change-Id: I23fff7944ce28021fbe671abe9a2f90df5063c2b
2018-07-12 09:57:45 +02:00
Matthew Treinish 8d235f4e54
Actually listen to websockets on websockets tls listener
This commit updates a small oversight in the tls websockets listener
configuration. It previously wasn't specifying the websockets protocol
which meant we were defaulting to use the mqtt protocol. That means when
configured the websockets tls port wasn't using websokets at all. This
commit fixes the oversight and makes sure we set the proper protocol.

Change-Id: I37fb86361bb49c46bd9ff864baaf840468051e51
2018-04-16 14:20:12 -04:00
Jeremy Stanley 57e6ced8ca Correct enable_tls_websocket in config template
Use the correct name for enable_tls_websocket in the mosquitto.conf
template instead of the previously incorrect enable_websocket_tls.

Change-Id: Ia167130e416e3f2cc583a79ff2af4cd2eddc572a
2018-04-16 16:26:45 +00:00
Zuul 9e87fa9e61 Merge "Use the mosquitto ppa for ubuntu packages" 2018-03-05 14:16:58 +00:00
Matthew Treinish b146c5e886 Use the mosquitto ppa for ubuntu packages
The ubuntu package is a couple releases out of date even in Xenial
and we're hitting some random crashes with the version we're
running. Hopefully a newer version will fix it. Switching to the PPA
will get us the same version slated for inclusion in Ubuntu 18.04
LTS (Bionic) until we have an opportunity to upgrade the server.

Change-Id: Ie4b6170db670e3284d6bd069a13d4a6468507c76
2018-02-27 13:03:16 +00:00
Matthew Treinish d641406a28
Make websocket tls independent
Currently there is no way to independtly disable the encrypted
websockets connection from the mqtt tls listener. This commit switches
this to be the new enable_websocket_tls flag which will be used to
independtly control whether we deploy an encypted websockets port.

Change-Id: I2bb806210dbe5c40cfda5ac205f3659c2085f0e1
2018-02-26 05:50:23 -05:00
Colleen Murphy 6ecbac2e86 Depend on helper gem for spec_helper_acceptance
Instead of keeping a local copy of spec_helper_acceptance.rb and
requiring updates to all modules for any change, we can move it into the
common helper gem and require it from there. This will make it easier to
create and review changes that affect all puppet modules. Also change
the Gemfile to look for the gem in the local workspace if running in a
zuul environment.

Change-Id: Ie9b05a68417283d78402680dc6b218e620f77263
2017-08-18 10:41:44 +02:00
Colleen Murphy e0e977495d Update beaker setup for xenial
Add a xenial nodeset and update the spec helper to install puppet 3 from
the Ubuntu repos instead of from puppetlabs.

Change-Id: I579159f1046eba50daa13da9ec352f6b2e9e02f8
2017-06-11 21:00:12 +02:00
Matthew Treinish a67fd5536d
Disable notice log level messages
This commit turns off notice log level messages from in the mosquitto
log. It turns out this is the level that writes all the incoming
connection messages and ends up spamming the logs like crazy.

Change-Id: Id62eb834cfe697acd09bf9da4e85250e7366f9b6
2017-05-01 21:21:57 -04:00
Matthew Treinish d0db8613af
Decrease logging verbosity
Things are working fairly well and we don't need to the super verbose
logging to debug things not starting. This commit decreases the
verbosity to just info and above.

Change-Id: I1803d6f47ca771351fc14d894abad39a417643a1
2017-05-01 20:27:33 -04:00
Matthew Treinish bd766c78d0
Add system stats topics to public readonly acl
This commit adds the system stats topic to the acl for anonymous read
only access. It'll be useful to let us collect metrics about our MQTT
usage.

Change-Id: I90a444790080dc263e3edfac1f649ab8e20e0f43
2017-04-03 15:36:07 -04:00
Matthew Treinish a686b0f0bd
Fix puppet-lint issue
It looks like our puppet-lint version changed and now the server.pp file
is failing. This commit updates that so it passes puppet-lint and
enables us to land changes again.

Change-Id: Ie71e4217852bddae0e1a5235c0182ed97de73454
2017-04-03 15:36:06 -04:00
Matthew Treinish ad313e76b7
Add more logging
This commit add more logging levels to the mosquitto logs, we're
experiencing random crashing on the mosquitto daemon and the logs are
less than useful. Hopefully adding all the log levels will provide us
with enough information to debug this case when it inevitably happens
again. (although I'm not holding my breath)

Change-Id: I4b5c919dac5cb225d348545dc67ab4f55a8febc1
2016-09-21 09:39:20 -04:00
Jeremy Stanley 801c9ada97 Fix typo for websocket_tls_port
The websocket_tls_port variable referenced in the configuration
template should match the spelling of our corresponding class
parameter.

Change-Id: I1fa0e98534524dbb0a0512a23e0d1a4337dafec8
2016-08-10 18:24:30 +00:00
Matthew Treinish 23e5990b74
Add support for configuring tls ports
This commit adds support for enabling tls encrypted port listeners.
If enable_tls is set you can specify the cert files necessary and
mosquitto will be configured to setup additional ports that are
encryped in addition to the unencrypted ports.

Change-Id: I7c77285e347d8c1b2c3318360258246b78f885a8
2016-08-09 09:54:08 -04:00
Matthew Treinish 695d94cc3c Enable real logging
This commit turns on logging for INFO+ levels, incoming connections,
and also turns on timestamps in the log file. This should be useful
for actually being able to debug issues.

Change-Id: I489df9b602ef2f0389d055a102612db3990a7ddc
2016-08-02 15:44:54 -04:00
Matthew Treinish 30a782d0b5
Remove trailing whitespace from mosquitto.conf template
This commit fixes the trailing whitespace in the mosquitto.conf
template file. This was originally created by copy and pasting the
sample config file which obviously had some stray whitespace.

Change-Id: I36fc8c6877bcc432a19b9d69ba9750f550b6bd3d
2016-07-28 09:16:23 -04:00
Matthew Treinish b0ab19c7c6
Add websocket listner to mosquitto
This commit adds configuring a websocket listener to the mosquitto
config. By default it will listen on port 80. The next step will be
enabling an ssl/tls encrypted websocket port too.

Change-Id: Ibec91fd0abc637ea7087872cab1ec8487c73acae
2016-07-27 19:04:15 -04:00
Matthew Treinish e6e978cae7
Add basic permissions and security
This commit adds configuring some basic security. It enables
anonymous read only access (which is important for this use case)
also setups a privileged user which has global readwrite on the
broker. Eventually we can move to a more fine grained permission
model with per service and per topic write permission, but this is
a sane starting point.

Change-Id: I546007f1f4fc57d9edd54294a27c2cd726a134db
2016-07-27 18:43:42 -04:00
Matthew Treinish 623eab68ef
Remove unused config.pp manifest
This commit removes the config.pp manifest which was from the
cookiecutter, but not used anywhere.

Change-Id: I51f735ea63c0f2bd26ce3d5ff1d46786e9b8bd6d
2016-07-27 12:04:13 -04:00
Matthew Treinish 5b97169e50
Make things work
This patch gets to a point where mosquitto is installed and configured
with sane defaults. The next step is to add configurability to the
point necessary for the infra use case.
2016-07-25 16:22:36 -04:00
Matthew Treinish c5f32fc7a4
Add basic setup formula to module
This commit adds a config template and the basic setup we need for
actually installing and configuring mosquitto. The next step is to
fill in the details of the config file and tunables from puppet.
2016-07-18 18:18:51 -04:00
Matthew Treinish bc4053f2e6
Initial cookiecutter commit 2016-07-18 18:00:03 -04:00