mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-05-01 14:02:12 +08:00
24 lines
970 B
YAML
24 lines
970 B
YAML
---
|
|
user_rabbitmq_server: "rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org"
|
|
user_vhost: /pubsub
|
|
user_publish_only: true
|
|
|
|
# Read privileges:
|
|
# If publish_only: no reading. Otherwise, read from queues prefixed
|
|
# with their name and bind to the topic exchange
|
|
user_read_priv: "{{ user_publish_only|ternary('^$', '^(zmq\\.topic)|^(amq\\.topic)|(' + user_name + '.*)$') }}"
|
|
|
|
# Write privileges:
|
|
# If publish_only: only write to the exchange. Otherwise, write to
|
|
# queues prefixed with their name and any prefixes in user_write_queues,
|
|
# and publish to the topic exchange
|
|
user_write_priv: "^(amq\\.topic){% if not user_publish_only %}|({{ user_name }}.*){% for queue in user_write_queues|default([]) %}|({{ queue }}.*){% endfor %}{% endif %}$"
|
|
|
|
# Topic authorization:
|
|
# Ref: https://www.rabbitmq.com/access-control.html#topic-authorisation
|
|
user_sent_topics: .*
|
|
user_topic_permissions:
|
|
- vhost: "{{ user_vhost }}"
|
|
read_priv: .*
|
|
write_priv: "{{ user_sent_topics }}"
|