fedora-infra_ansible/inventory/group_vars/rabbitmq_stg

---
custom_rules: [
  # Neeed for rsync from log01 for logs.
  '-A INPUT -p tcp -m tcp -s 10.16.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
  # Inter-node traffic
  '-A INPUT -p tcp -m tcp -s 10.16.166.78 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.166.79 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.166.80 --dport 25672 -j ACCEPT',
  # Same but in RDU3
  '-A INPUT -p tcp -m tcp -s 10.16.166.78 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.166.79 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.166.80 --dport 25672 -j ACCEPT',
]
nft_custom_rules:
  # Neeed for rsync from log01 for logs.
  - 'add rule ip filter INPUT ip saddr 10.16.163.39  tcp dport 873 counter accept'
  - 'add rule ip filter INPUT ip saddr 192.168.1.59 tcp dport 873 counter accept'
  # Inter-node traffic
  - 'add rule ip filter INPUT ip saddr 10.16.166.78 tcp dport 25672 counter accept'
  - 'add rule ip filter INPUT ip saddr 10.16.166.79 tcp dport 25672 counter accept'
  - 'add rule ip filter INPUT ip saddr 10.16.166.80 tcp dport 25672 counter accept'
  # In RDU3
  - 'add rule ip filter INPUT ip saddr 10.16.166.78 tcp dport 25672 counter accept'
  - 'add rule ip filter INPUT ip saddr 10.16.166.79 tcp dport 25672 counter accept'
  - 'add rule ip filter INPUT ip saddr 10.16.166.80 tcp dport 25672 counter accept'
ipa_host_group: rabbitmq
ipa_host_group_desc: RabbitMQ service
ipa_shell_groups:
  - sysadmin-messaging
ipa_client_sudo_groups:
  - sysadmin-messaging
# Define resources for this group of hosts here.
lvm_size: 20000
mem_size: 8192
num_cpus: 2
# for systems that do not match the above - specify the same parameter in
# the host_vars/$hostname file
tcp_ports: [
  # https://www.rabbitmq.com/clustering.html#selinux-ports
  # EPMD
  4369,
  # AMQP
  5672, 5671,
  # CLI tools
  35672, 35673, 35674, 35675, 35676, 35677, 35678, 35679, 35680, 35681, 35682,
  # HTTP API
  #15672,
]
zabbix_templates:
  - group: "rabbitmq_stg" # Ansible group
    template: "RabbitMQ node by Zabbix agent" # Template name in roles/zabbix/zabbix_templates/files/templatename.json
    custom_template: false # Is the template official template bundled with Zabbix or one of our custom templates
    hostgroup: "fedora rabbitmq" # Zabbix hostgroup