Permalink
Browse files

added user and vhost LWRPs, resolving COOK-583

(cherry picked from commit 7be10d0e67d8d18f6ebfc1c247c7259b001ea5a8)
  • Loading branch information...
1 parent 9545967 commit 6a43cc56b34d418cc38f2c47921482da15db7608 @mattray mattray committed with schisamo May 28, 2011
Showing with 211 additions and 21 deletions.
  1. +50 −7 rabbitmq/README.md
  2. +14 −14 rabbitmq/metadata.rb
  3. +66 −0 rabbitmq/providers/user.rb
  4. +34 −0 rabbitmq/providers/vhost.rb
  5. +25 −0 rabbitmq/resources/user.rb
  6. +22 −0 rabbitmq/resources/vhost.rb
View
@@ -1,6 +1,6 @@
Description
===========
-This is a cookbook for managing RabbitMQ with Chef. It has sane defaults, but can also be configured via attributes.
+This is a cookbook for managing RabbitMQ with Chef. It uses the default settings, but can also be configured via attributes.
Recipes
=======
@@ -12,20 +12,63 @@ cluster
-------
Configures nodes to be members of a RabbitMQ cluster, but does not actually join them.
-Limitations
-===========
-It is quite useful as is, but has several areas for improvement:
+Resources/Providers
+===================
+There are 2 LWRPs for interacting with RabbitMQ.
+
+user
+----
+Adds and deletes users, fairly simplistic permissions management.
+
+- `:add` adds a `user` with a `password`
+- `:delete` deletes a `user`
+- `:set_permissions` sets the `permissions` for a `user`, `vhost` is optional
+- `:clear_permissions` clears the permissions for a `user`
+
+### Examples
+``` ruby
+rabbitmq_user "guest" do
+ action :delete
+end
+
+rabbitmq_user "nova" do
+ password "sekret"
+ action :add
+end
+
+rabbitmq_user "nova" do
+ vhost "/nova"
+ permissions "\".*\" \".*\" \".*\""
+ action :set_permissions
+end
+```
-1) While it can create cluster configuration files, it does not currently do the dance to join the cluster members to each other.
+vhost
+-----
+Adds and deletes vhosts.
-2) There should be LWRPs for manipulating vhosts, users and the `rabbitmq-server` service. Essentially everything you'd do with rabbitmqctl.
+- `:add` adds a `vhost`
+- `:delete` deletes a `vhost`
-The rabbitmq::chef recipe was only used for the chef-server cookbook and has been moved to chef-server::rabitmq.
+### Example
+``` ruby
+rabbitmq_vhost "/nova" do
+ action :add
+end
+```
+
+Limitations
+===========
+It is quite useful as is, but clustering configuration does not currently do the dance to join the cluster members to each other.
+
+The rabbitmq::chef recipe was only used for the chef-server cookbook and has been moved to chef-server::rabbitmq.
License and Author
==================
Author:: Benjamin Black <b@b3k.us>
+
Author:: Daniel DeLeo <dan@kallistec.com>
+
Author:: Matt Ray <matt@opscode.com>
Copyright:: 2009-2011 Opscode, Inc
View
@@ -2,7 +2,7 @@
maintainer_email "cookbooks@opscode.com"
license "Apache 2.0"
description "Installs and configures RabbitMQ server"
-version "1.1"
+version "1.2"
recipe "rabbitmq", "Install and configure RabbitMQ"
recipe "rabbitmq::cluster", "Set up RabbitMQ clustering."
depends "apt", "> 1.1"
@@ -18,42 +18,42 @@
attribute "rabbitmq/nodename",
:display_name => "RabbitMQ Erlang node name",
- :description => "The Erlang node name for this server. The default is rabbit.",
- :default => "rabbit"
+ :description => "The Erlang node name for this server.",
+ :default => "node[:hostname]"
attribute "rabbitmq/address",
:display_name => "RabbitMQ server IP address",
- :description => "IP address to bind. The default is any.",
- :default => "0.0.0.0"
+ :description => "IP address to bind."
attribute "rabbitmq/port",
:display_name => "RabbitMQ server port",
- :description => "TCP port to bind. The default is 5672.",
- :default => "5672"
+ :description => "TCP port to bind."
+
+attribute "rabbitmq/config",
+ :display_name => "RabbitMQ config file to load",
+ :description => "Path to the rabbitmq.config file, if any."
attribute "rabbitmq/logdir",
:display_name => "RabbitMQ log directory",
- :description => "Path to the directory for log files. The default is /var/log/rabbitmq.",
- :default => "/var/log/rabbitmq"
+ :description => "Path to the directory for log files."
attribute "rabbitmq/mnesiadir",
:display_name => "RabbitMQ Mnesia database directory",
- :description => "Path to the directory for Mnesia database files. The default is /var/lib/rabbitmq/mnesia.",
- :default => "/var/lib/rabbitmq/mnesia"
+ :description => "Path to the directory for Mnesia database files."
attribute "rabbitmq/cluster",
:display_name => "RabbitMQ clustering",
- :description => "Whether to activate clustering. The default is no.",
+ :description => "Whether to activate clustering.",
:default => "no"
attribute "rabbitmq/cluster_config",
:display_name => "RabbitMQ clustering configuration file",
- :description => "Path to the clustering configuration file, if cluster is yes. The default is /etc/rabbitmq/rabbitmq_cluster.config.",
+ :description => "Path to the clustering configuration file, if cluster is yes.",
:default => "/etc/rabbitmq/rabbitmq_cluster.config"
attribute "rabbitmq/cluster_disk_nodes",
:display_name => "RabbitMQ cluster disk nodes",
- :description => "Array of member Erlang nodenames for the disk-based storage nodes in the cluster. The default is [].",
+ :description => "Array of member Erlang nodenames for the disk-based storage nodes in the cluster.",
:default => [],
:type => "array"
@@ -0,0 +1,66 @@
+#
+# Cookbook Name:: rabbitmq
+# Provider:: user
+#
+# Copyright 2011, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+action :add do
+ execute "rabbitmqctl add_user #{new_resource.user} #{new_resource.password}" do
+ not_if "rabbitmqctl list_users | grep #{new_resource.user}"
+ Chef::Log.info "Adding RabbitMQ user '#{new_resource.user}'."
+ new_resource.updated_by_last_action(true)
+ end
+end
+
+action :delete do
+ execute "rabbitmqctl delete_user #{new_resource.user}" do
+ only_if "rabbitmqctl list_users | grep #{new_resource.user}"
+ Chef::Log.info "Deleting RabbitMQ user '#{new_resource.user}'."
+ new_resource.updated_by_last_action(true)
+ end
+end
+
+action :set_permissions do
+ if new_resource.vhost
+ execute "rabbitmqctl set_permissions -p #{new_resource.vhost} #{new_resource.user} #{new_resource.permissions}" do
+ not_if "rabbitmqctl list_user_permissions | grep #{new_resource.user}"
+ Chef::Log.info "Setting RabbitMQ user permissions for '#{new_resource.user}' on vhost #{new_resource.vhost}."
+ new_resource.updated_by_last_action(true)
+ end
+ else
+ execute "rabbitmqctl set_permissions #{new_resource.user} #{new_resource.permissions}" do
+ not_if "rabbitmqctl list_user_permissions | grep #{new_resource.user}"
+ Chef::Log.info "Setting RabbitMQ user permissions for '#{new_resource.user}'."
+ new_resource.updated_by_last_action(true)
+ end
+ end
+end
+
+action :clear_permissions do
+ if new_resource.vhost
+ execute "rabbitmqctl clear_permissions -p #{new_resource.vhost} #{new_resource.user}" do
+ only_if "rabbitmqctl list_user_permissions | grep #{new_resource.user}"
+ Chef::Log.info "Clearing RabbitMQ user permissions for '#{new_resource.user}' from vhost #{new_resource.vhost}."
+ new_resource.updated_by_last_action(true)
+ end
+ else
+ execute "rabbitmqctl clear_permissions #{new_resource.user}" do
+ only_if "rabbitmqctl list_user_permissions | grep #{new_resource.user}"
+ Chef::Log.info "Clearing RabbitMQ user permissions for '#{new_resource.user}'."
+ new_resource.updated_by_last_action(true)
+ end
+ end
+end
@@ -0,0 +1,34 @@
+#
+# Cookbook Name:: rabbitmq
+# Provider:: vhost
+#
+# Copyright 2011, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+action :add do
+ execute "rabbitmqctl add_vhost #{new_resource.vhost}" do
+ not_if "rabbitmqctl list_vhosts | grep #{new_resource.vhost}"
+ Chef::Log.info "Adding RabbitMQ vhost '#{new_resource.vhost}'."
+ new_resource.updated_by_last_action(true)
+ end
+end
+
+action :delete do
+ execute "rabbitmqctl delete_vhost #{new_resource.vhost}" do
+ only_if "rabbitmqctl list_vhosts | grep #{new_resource.vhost}"
+ Chef::Log.info "Deleting RabbitMQ vhost '#{new_resource.vhost}'."
+ new_resource.updated_by_last_action(true)
+ end
+end
@@ -0,0 +1,25 @@
+#
+# Cookbook Name:: rabbitmq
+# Resource:: user
+#
+# Copyright 2011, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+actions :add, :delete, :set_permissions, :clear_permissions
+
+attribute :user, :kind_of => String, :name_attribute => true
+attribute :password, :kind_of => String
+attribute :vhost, :kind_of => String
+attribute :permissions, :kind_of => String
@@ -0,0 +1,22 @@
+#
+# Cookbook Name:: rabbitmq
+# Resource:: vhost
+#
+# Copyright 2011, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+actions :add, :delete
+
+attribute :vhost, :kind_of => String, :name_attribute => true

0 comments on commit 6a43cc5

Please sign in to comment.