fedora-infra_ansible/inventory/group_vars/rabbitmq

---
custom_rules: [
  # Neeed for rsync from log01 for logs.
  '-A INPUT -p tcp -m tcp -s 10.16.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
  # Inter-node traffic
  '-A INPUT -p tcp -m tcp -s 10.16.163.78 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.163.79 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.163.80 --dport 25672 -j ACCEPT',
  # Same but in RDU3
  '-A INPUT -p tcp -m tcp -s 10.16.163.78 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.163.79 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.163.80 --dport 25672 -j ACCEPT',
]
nft_custom_rules:
  # Neeed for rsync from log01 for logs.
  - 'add rule ip filter INPUT ip saddr 10.16.163.39  tcp dport 873 counter accept'
  - 'add rule ip filter INPUT ip saddr 192.168.1.59 tcp dport 873 counter accept'
  # Inter-node traffic
  - 'add rule ip filter INPUT ip saddr 10.16.163.78 tcp dport 25672 counter accept'
  - 'add rule ip filter INPUT ip saddr 10.16.163.79 tcp dport 25672 counter accept'
  - 'add rule ip filter INPUT ip saddr 10.16.163.80 tcp dport 25672 counter accept'
  # In RDU3
  - 'add rule ip filter INPUT ip saddr 10.16.163.78 tcp dport 25672 counter accept'
  - 'add rule ip filter INPUT ip saddr 10.16.163.79 tcp dport 25672 counter accept'
  - 'add rule ip filter INPUT ip saddr 10.16.163.80 tcp dport 25672 counter accept'
ipa_host_group: rabbitmq
ipa_host_group_desc: RabbitMQ service
ipa_shell_groups:
  - sysadmin-messaging
ipa_client_sudo_groups:
  - sysadmin-messaging
mem_size: 8192
primary_auth_source: ipa
tcp_ports: [
  # https://www.rabbitmq.com/clustering.html#selinux-ports
  # EPMD
  4369,
  # AMQP
  5672, 5671,
  # CLI tools
  35672, 35673, 35674, 35675, 35676, 35677, 35678, 35679, 35680, 35681, 35682,
  # HTTP API
  #15672,
]
zabbix_templates:
  - group: "rabbitmq" # Ansible group
    template: "RabbitMQ node by Zabbix agent" # Template name in roles/zabbix/zabbix_templates/files/templatename.json
    custom_template: false # Is the template official template bundled with Zabbix or one of our custom templates
    hostgroup: "fedora rabbitmq" # Zabbix hostgroup

## CentOS monitoring
# Zabbix server instance
centos_zabbix_server: mon.centos.org
# Name of the RabbitMQ host in Zabbix
centos_zabbix_host: rabbitmq.fedora
centos_zabbix_queues:
  - centos-stream-robosignatory