---

# Ensure a user, queue, and bindings for that queue exist in RabbitMQ.
# This is intended to be something most applications can use, but if you need
# more flexibility, just use the rabbitmq_* modules directly.
#
# Required parameters:
#
#   - queue_username (str): the username to create in RabbitMQ, which should match the
#                           CN of the certificate.
#   - queue_name (str): The name of the queue to create. This must be prefixed
#                       with your username. For example, with a username of
#                       "bodhi", your queue could be named "bodhi_masher".
#   - queue_routing_keys (list): A list of strings to use as routing keys.
#
# Optional parameters:
#
#   - user_sent_topics (str): A regular expression that must match the topic when a
#                        message is published by this user.
#   - queue_thresholds (dict): A dictionary with two keys: "warning" and "critical".
#                        The values are numbers. Generate an alert in Nagios if
#                        the number of messages go above these values.

- name: Validate queue name {{ queue_name }}
  assert:
    that:
    - "queue_name.startswith(queue_username)"
    fail_msg: "Your queue name must be prefixed with your username"
  when: queue_username is defined
  tags:
    - fedora-messaging
    - rabbitmq_cluster

- include_role:
    name: rabbit/user
  vars:
    user_rabbitmq_server: "{{ queue_rabbitmq_server }}"
    user_vhost: "{{ queue_vhost }}"
    user_name: "{{ queue_username }}"
    user_publish_only: false
  when: queue_username is defined
  tags:
    - fedora-messaging
    - rabbitmq_cluster

- name: Create the {{ queue_name }} queue in RabbitMQ
  delegate_to: "{{ queue_rabbitmq_server }}"
  rabbitmq_queue:
    name: "{{ queue_name }}"
    vhost: "{{ queue_vhost }}"
    auto_delete: no
    durable: yes
    message_ttl: "{{ queue_message_ttl }}"
    max_priority: "{{ queue_max_priority }}"
    state: present
    login_user: admin
    login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
  tags:
    - fedora-messaging
    - rabbitmq_cluster

- name: Bind the {{ queue_name }} queue to the amq.topic exchange
  delegate_to: "{{ queue_rabbitmq_server }}"
  rabbitmq_binding:
    name: "amq.topic"
    destination: "{{ queue_name }}"
    destination_type: queue
    routing_key: "{{ routing_key }}"
    vhost: "{{ queue_vhost }}"
    state: present
    login_user: admin
    login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
  loop: "{{ queue_routing_keys }}"
  loop_control:
    loop_var: routing_key
  when: queue_routing_keys is defined
  tags:
    - fedora-messaging
    - rabbitmq_cluster

- name: Monitor the {{ queue_name }} queue in Nagios (NRPE)
  when: queue_thresholds and env == "production"
  delegate_to: "{{ queue_rabbitmq_server }}"
  ansible.builtin.template:
    src: nrpe.cfg.j2
    dest: /etc/nrpe.d/check_rabbitmq_queue_{{ queue_name }}.cfg
    owner: root
    group: root
    mode: "0644"
  notify: Restart nrpe on rabbitmq
  tags:
    - fedora-messaging
    - rabbitmq_cluster

- name: Monitor the {{ queue_name }} queue in Nagios
  when: queue_thresholds and env == "production"
  delegate_to: "{{ queue_nagios_server }}"
  ansible.builtin.template:
    src: nagios.cfg.j2
    dest: /etc/nagios/services/rabbitmq-queue-{{ queue_name }}.cfg
#  notify: Restart nagios on noc
  tags:
    - fedora-messaging
    - rabbitmq_cluster