Added message broker (RabbitMQ) settings

updated configuration for message broker

Change-Id: I3112fabafd1172129c5cdc4c3743b5c9685a9338
Signed-off-by: smarcet <smarcet@gmail.com>
Depends-on: https://review.opendev.org/#/c/752734

manifests/init.pp

@@ -98,6 +98,20 @@ class openstackid (
   $mail_from_name = 'no-reply@openstack.org',
   $support_email = 'support@openstack.org',
   $user_spam_processor_to = '',
+  $message_broker_exchange_name = 'message-broker',
+  $message_broker_host = '',
+  $message_broker_port = 5672,
+  $message_broker_vhost = 'databus',
+  $message_broker_login = '',
+  $message_broker_password = '',
+  $message_broker_ssl_enabled = false,
+  $message_broker_ssl_ca_file = '/etc/rabbitmq-client-ssl/ca-cert.pem',
+  $message_broker_ssl_ca_file_contents = '',
+  $message_broker_ssl_client_cert_file = '/etc/rabbitmq-client-ssl/client-cert.pem',
+  $message_broker_ssl_client_cert_file_contents = '',
+  $message_broker_ssl_client_key_file =  '/etc/rabbitmq-client-ssl/client-key.pem',
+  $message_broker_ssl_client_key_file_contents = '',
+  $message_broker_enabled = false,
 ) {
 
   # php5 packages needed for openid server
@@ -427,6 +441,55 @@ class openstackid (
     }
   }
 
+  # rabbitmq ssl connection config
+  if($message_broker_ssl_enabled and $message_broker_enabled){
+    file { '/etc/rabbitmq-client-ssl':
+      ensure => 'directory',
+      owner  => 'root',
+      group  => 'www-data',
+      mode   => '0775',
+    }
+
+    if $message_broker_ssl_ca_file_contents != '' {
+      file { $message_broker_ssl_ca_file:
+        ensure  =>  file,
+        owner   => 'root',
+        group   => 'www-data',
+        mode    => '0640',
+        content => $message_broker_ssl_ca_file_contents,
+        notify  => Class['apache::service'],
+        before  => Apache::Vhost::Custom[$vhost_name],
+        require => File['/etc/rabbitmq-client-ssl'],
+      }
+    }
+
+    if $message_broker_ssl_client_cert_file_contents != '' {
+      file { $message_broker_ssl_client_cert_file:
+        ensure  =>  file,
+        owner   => 'root',
+        group   => 'www-data',
+        mode    => '0640',
+        content => $message_broker_ssl_client_cert_file_contents,
+        notify  => Class['apache::service'],
+        before  => Apache::Vhost::Custom[$vhost_name],
+        require => File['/etc/rabbitmq-client-ssl'],
+      }
+    }
+
+    if $message_broker_ssl_client_key_file_contents != '' {
+      file { $message_broker_ssl_client_key_file:
+        ensure  =>  file,
+        owner   => 'root',
+        group   => 'www-data',
+        mode    => '0640',
+        content => $message_broker_ssl_client_key_file_contents,
+        notify  => Class['apache::service'],
+        before  => Apache::Vhost::Custom[$vhost_name],
+        require => File['/etc/rabbitmq-client-ssl'],
+      }
+    }
+  }
+
   $docroot_dirs = [ '/srv/openstackid' ]
 
   file { $docroot_dirs:

templates/.env.erb

@@ -71,4 +71,17 @@ MAIL_FROM_EMAIL="<%= @mail_from_email %>"
 MAIL_FROM_NAME="<%= @mail_from_name %>"
 
 SUPPORT_EMAIL="<%= @support_email %>"
-USER_SPAM_PROCESSOR_TO="<%= @user_spam_processor_to %>"
+USER_SPAM_PROCESSOR_TO="<%= @user_spam_processor_to %>"
+
+## RABBIT MQ
+RABBITMQ_EXCHANGE_NAME="<%= @message_broker_exchange_name %>"
+RABBITMQ_HOST="<%= @message_broker_host %>"
+RABBITMQ_PORT=<%= @message_broker_port %>
+RABBITMQ_VHOST="<%= @message_broker_vhost %>"
+RABBITMQ_LOGIN="<%= @message_broker_login %>"
+RABBITMQ_PASSWORD="<%= @message_broker_password %>"
+RABBITMQ_SSL=<%= @message_broker_ssl_enabled %>
+RABBITMQ_SSL_CAFILE==<%= @message_broker_ssl_ca_file %>
+RABBITMQ_SSL_LOCALCERT=<%= @message_broker_ssl_client_cert_file %>
+RABBITMQ_SSL_LOCALKEY=<%= @message_broker_ssl_client_key_file %>
+ENABLE_MESSAGE_BROKER=<%= @message_broker_enabled %>