Re-enable management plugin and SSL support
This commit is contained in:
parent
546e5a7f2f
commit
24d98368b9
|
@ -124,6 +124,18 @@ def expose(port, protocol='TCP'):
|
|||
subprocess.check_call(cmd)
|
||||
|
||||
|
||||
def open_port(port, protocol='TCP'):
|
||||
expose(port, protocol)
|
||||
|
||||
|
||||
def close_port(port, protocol='TCP'):
|
||||
cmd = [
|
||||
'close-port',
|
||||
'{}/{}'.format(port, protocol)
|
||||
]
|
||||
subprocess.check_call(cmd)
|
||||
|
||||
|
||||
def juju_log(severity, message):
|
||||
cmd = [
|
||||
'juju-log',
|
||||
|
|
|
@ -1,6 +1,9 @@
|
|||
import os
|
||||
import pwd
|
||||
import grp
|
||||
import re
|
||||
import subprocess
|
||||
import glob
|
||||
import lib.utils as utils
|
||||
import apt_pkg as apt
|
||||
|
||||
|
@ -9,6 +12,7 @@ PACKAGES = ['pwgen', 'rabbitmq-server']
|
|||
RABBITMQ_CTL = '/usr/sbin/rabbitmqctl'
|
||||
COOKIE_PATH = '/var/lib/rabbitmq/.erlang.cookie'
|
||||
ENV_CONF = '/etc/rabbitmq/rabbitmq-env.conf'
|
||||
RABBITMQ_CONF = '/etc/rabbitmq/rabbitmq.config'
|
||||
|
||||
def vhost_exists(vhost):
|
||||
cmd = [RABBITMQ_CTL, 'list_vhosts']
|
||||
|
@ -127,10 +131,46 @@ def set_node_name(name):
|
|||
def get_node_name():
|
||||
if not os.path.exists(ENV_CONF):
|
||||
return None
|
||||
node_name = None
|
||||
env_conf = open(ENV_CONF, 'r').readlines()
|
||||
node_name = None
|
||||
for l in env_conf:
|
||||
if l.startswith('RABBITMQ_NODENAME'):
|
||||
node_name = l.split('=')[1].strip()
|
||||
return node_name
|
||||
|
||||
|
||||
def _manage_plugin(plugin, action):
|
||||
os.environ['HOME'] = '/root'
|
||||
_rabbitmq_plugins = \
|
||||
glob.glob('/usr/lib/rabbitmq/lib/rabbitmq_server-*/sbin/rabbitmq-plugins')[0]
|
||||
subprocess.check_call([ _rabbitmq_plugins, action, plugin])
|
||||
|
||||
|
||||
def enable_plugin(plugin):
|
||||
_manage_plugin(plugin, 'enable')
|
||||
|
||||
|
||||
def disable_plugin(plugin):
|
||||
_manage_plugin(plugin, 'disable')
|
||||
|
||||
ssl_key_file = "/etc/rabbitmq/rabbit-server-privkey.pem"
|
||||
ssl_cert_file = "/etc/rabbitmq/rabbit-server-cert.pem"
|
||||
|
||||
|
||||
def enable_ssl(ssl_key, ssl_cert, ssl_port):
|
||||
uid = pwd.getpwnam("root").pw_uid
|
||||
gid = grp.getgrnam("rabbitmq").gr_gid
|
||||
with open(ssl_key_file, 'w') as key_file:
|
||||
key_file.write(ssl_key)
|
||||
os.chmod(ssl_key_file, 0640)
|
||||
os.chown(ssl_key_file, uid, gid)
|
||||
with open(ssl_cert_file, 'w') as cert_file:
|
||||
cert_file.write(ssl_cert)
|
||||
os.chmod(ssl_cert_file, 0640)
|
||||
os.chown(ssl_cert_file, uid, gid)
|
||||
with open(RABBITMQ_CONF, 'w') as rmq_conf:
|
||||
rmq_conf.write(utils.render_template(os.path.basename(RABBITMQ_CONF),
|
||||
{ "ssl_port": ssl_port,
|
||||
"ssl_cert_file": ssl_cert_file,
|
||||
"ssl_key_file": ssl_key_file})
|
||||
)
|
||||
|
|
|
@ -249,6 +249,28 @@ def upgrade_charm():
|
|||
' from %s to %s.' % (s, d))
|
||||
shutil.move(s, d)
|
||||
|
||||
MAN_PLUGIN = 'rabbitmq_management'
|
||||
|
||||
def config_changed():
|
||||
if utils.config_get('management_plugin') == True:
|
||||
rabbit.enable_plugin(MAN_PLUGIN)
|
||||
utils.open_port(55672)
|
||||
else:
|
||||
rabbit.disable_plugin(MAN_PLUGIN)
|
||||
utils.close_port(55672)
|
||||
|
||||
if utils.config_get('ssl_enabled') == True:
|
||||
rabbit.enable_ssl(utils.config_get('ssl_key'),
|
||||
utils.config_get('ssl_cert'),
|
||||
utils.config_get('ssl_port'))
|
||||
utils.open_port(utils.config_get('ssl_port'))
|
||||
else:
|
||||
if os.path.exists(rabbit.RABBITMQ_CONF):
|
||||
os.remove(rabbit.RABBITMQ_CONF)
|
||||
utils.close_port(utils.config_get('ssl_port'))
|
||||
|
||||
utils.restart('rabbitmq-server')
|
||||
|
||||
|
||||
def pre_install_hooks():
|
||||
for f in glob.glob('exec.d/*/charm-pre-install'):
|
||||
|
@ -264,7 +286,8 @@ hooks = {
|
|||
'ha-relation-changed': ha_changed,
|
||||
'ceph-relation-joined': ceph_joined,
|
||||
'ceph-relation-changed': ceph_changed,
|
||||
'upgrade-charm': upgrade_charm
|
||||
'upgrade-charm': upgrade_charm,
|
||||
'config-changed': config_changed
|
||||
}
|
||||
|
||||
utils.do_hooks(hooks)
|
||||
|
|
Loading…
Reference in New Issue