ansible/inventory/group_vars/rabbitmq

---
tcp_ports: [
    # https://www.rabbitmq.com/clustering.html#selinux-ports
    # EPMD
    4369,
    # AMQP
    5672,
    5671,
    # CLI tools
    35672,
    35673,
    35674,
    35675,
    35676,
    35677,
    35678,
    35679,
    35680,
    35681,
    35682,
    # HTTP API
    #15672,
]

custom_rules: [
    # Neeed for rsync from log01 for logs.
    '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT',
    '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
    # Inter-node traffic
    '-A INPUT -p tcp -m tcp -s 10.3.163.78 --dport 25672 -j ACCEPT',
    '-A INPUT -p tcp -m tcp -s 10.3.163.79 --dport 25672 -j ACCEPT',
    '-A INPUT -p tcp -m tcp -s 10.3.163.80 --dport 25672 -j ACCEPT',
]

fas_client_groups: sysadmin-main,sysadmin-messaging
sudoers: "{{ private }}/files/sudo/rabbitmq-sudoers"