mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-05-02 14:30:45 +08:00
72789a919f
This was useful when we had clusters in iad2 and rdu3, but it didn't actually quite work then and it definitely doesn't now. :) Datacenters like 'aws' do not have their own clusters, they use the one in rdu3. So, just switch it back to hard coding. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
24 lines
955 B
YAML
24 lines
955 B
YAML
---
|
|
user_rabbitmq_server: "rabbitmq01{{ env_suffix }}.rdu3.fedoraproject.org"
|
|
user_vhost: /pubsub
|
|
user_publish_only: true
|
|
|
|
# Read privileges:
|
|
# If publish_only: no reading. Otherwise, read from queues prefixed
|
|
# with their name and bind to the topic exchange
|
|
user_read_priv: "{{ user_publish_only|ternary('^$', '^(amq\\.topic)|(' + user_name + '.*)$') }}"
|
|
|
|
# Write privileges:
|
|
# If publish_only: only write to the exchange. Otherwise, write to
|
|
# queues prefixed with their name and any prefixes in user_write_queues,
|
|
# and publish to the topic exchange
|
|
user_write_priv: "^(amq\\.topic){% if not user_publish_only %}|({{ user_name }}.*){% for queue in user_write_queues|default([]) %}|({{ queue }}.*){% endfor %}{% endif %}$"
|
|
|
|
# Topic authorization:
|
|
# Ref: https://www.rabbitmq.com/access-control.html#topic-authorisation
|
|
user_sent_topics: .*
|
|
user_topic_permissions:
|
|
- vhost: "{{ user_vhost }}"
|
|
read_priv: .*
|
|
write_priv: "{{ user_sent_topics }}"
|