diff --git a/roles/rabbitmq_cluster/tasks/main.yml b/roles/rabbitmq_cluster/tasks/main.yml index 7559c539f6..d30f9ddb69 100644 --- a/roles/rabbitmq_cluster/tasks/main.yml +++ b/roles/rabbitmq_cluster/tasks/main.yml @@ -124,72 +124,6 @@ - rabbitmq_cluster - config -# Users with the "monitoring" tag have read-only access vhosts, connections, -# channels, node-level resource usage, and cluster stats. -- name: Create the Nagios monitoring user in staging - rabbitmq_user: - user: nagios-monitoring - password: "{{ rabbitmq_monitoring_password_staging }}" - update_password: always - permissions: - - vhost: / - configure_priv: "^$" - read_priv: "^$" - write_priv: "^$" - - vhost: /pubsub - configure_priv: "^$" - read_priv: "^$" - write_priv: "^$" - - vhost: /public_pubsub - configure_priv: "^$" - read_priv: "^$" - write_priv: "^$" - - vhost: /bodhi - configure_priv: "^$" - read_priv: "^$" - write_priv: "^$" - - vhost: /odcs - configure_priv: "^$" - read_priv: "^$" - write_priv: "^$" - tags: monitoring - when: env == "staging" and inventory_hostname.startswith('rabbitmq01') - tags: - - rabbitmq_cluster - - config - -- name: Create the Nagios monitoring user in production - rabbitmq_user: - user: nagios-monitoring - password: "{{ rabbitmq_monitoring_password_production }}" - update_password: always - permissions: - - vhost: / - configure_priv: "^$" - read_priv: "^$" - write_priv: "^$" - - vhost: /pubsub - configure_priv: "^$" - read_priv: "^$" - write_priv: "^$" - - vhost: /public_pubsub - configure_priv: "^$" - read_priv: "^$" - write_priv: "^$" - - vhost: /bodhi - configure_priv: "^$" - read_priv: "^$" - write_priv: "^$" - - vhost: /odcs - configure_priv: "^$" - read_priv: "^$" - write_priv: "^$" - tags: monitoring - when: env == "production" and inventory_hostname.startswith('rabbitmq01') - tags: - - rabbitmq_cluster - - config - - name: Configure the pubsub virtual host rabbitmq_vhost: @@ -271,6 +205,72 @@ - rabbitmq_cluster - config +# Users with the "monitoring" tag have read-only access vhosts, connections, +# channels, node-level resource usage, and cluster stats. +- name: Create the Nagios monitoring user in staging + rabbitmq_user: + user: nagios-monitoring + password: "{{ rabbitmq_monitoring_password_staging }}" + update_password: always + permissions: + - vhost: / + configure_priv: "^$" + read_priv: "^$" + write_priv: "^$" + - vhost: /pubsub + configure_priv: "^$" + read_priv: "^$" + write_priv: "^$" + - vhost: /public_pubsub + configure_priv: "^$" + read_priv: "^$" + write_priv: "^$" + - vhost: /bodhi + configure_priv: "^$" + read_priv: "^$" + write_priv: "^$" + - vhost: /odcs + configure_priv: "^$" + read_priv: "^$" + write_priv: "^$" + tags: monitoring + when: env == "staging" and inventory_hostname.startswith('rabbitmq01') + tags: + - rabbitmq_cluster + - config + +- name: Create the Nagios monitoring user in production + rabbitmq_user: + user: nagios-monitoring + password: "{{ rabbitmq_monitoring_password_production }}" + update_password: always + permissions: + - vhost: / + configure_priv: "^$" + read_priv: "^$" + write_priv: "^$" + - vhost: /pubsub + configure_priv: "^$" + read_priv: "^$" + write_priv: "^$" + - vhost: /public_pubsub + configure_priv: "^$" + read_priv: "^$" + write_priv: "^$" + - vhost: /bodhi + configure_priv: "^$" + read_priv: "^$" + write_priv: "^$" + - vhost: /odcs + configure_priv: "^$" + read_priv: "^$" + write_priv: "^$" + tags: monitoring + when: env == "production" and inventory_hostname.startswith('rabbitmq01') + tags: + - rabbitmq_cluster + - config + - name: Create the zmq.topic exchange in /public_pubsub run_once: true delegate_to: "rabbitmq01{{ env_suffix }}.phx2.fedoraproject.org"