diff --git a/rabbitmq/install.sls b/rabbitmq/install.sls index 963d7d5f..f1a23fee 100644 --- a/rabbitmq/install.sls +++ b/rabbitmq/install.sls @@ -43,7 +43,18 @@ rabbitmq_repo: ## deb [arch=amd64 signed-by=/usr/share/keyrings/com.rabbitmq.team.gpg] https://deb1.rabbitmq.com/rabbitmq-server/{{ grains["os"].lower() }}/{{ grains["oscodename"] }} {{ grains["oscodename"] }} main deb [arch=amd64 signed-by=/usr/share/keyrings/com.rabbitmq.team.gpg] https://deb2.rabbitmq.com/rabbitmq-server/{{ grains["os"].lower() }}/{{ grains["oscodename"] }} {{ grains["oscodename"] }} main - + + {#- Optional: enable all feature flags on the currently-installed broker before any + upgrade. Required before upgrading to a major RabbitMQ version that drops support + for older feature-flag states. Safe no-op on fresh installs (onlyif skips when the + broker is not yet up). #} + {%- if pillar["rabbitmq"].get("enable_all_feature_flag", False) %} +rabbit_enable_feature_flag: + cmd.run: + - name: rabbitmqctl enable_feature_flag all + - onlyif: rabbitmqctl status 2>/dev/null | grep -q Uptime + {%- endif %} + rabbit_pkg: {%- if "version" in pillar["rabbitmq"] %} {%- if pillar["rabbitmq"]["version"] == "latest" %} @@ -116,6 +127,45 @@ rabbit_service_4: cmd.run: - name: systemctl daemon-reload + {#- Download community plugin .ez files BEFORE the broker restart, so all .ez referenced + by /etc/rabbitmq/enabled_plugins are on disk when the broker starts. Otherwise + rabbitmq-plugins enable for any other plugin fails with plugins_not_found for the + community ones that are already recorded as enabled. #} + {%- for plugin in pillar["rabbitmq"].get("plugins", []) %} + {%- if plugin is mapping %} +rabbit_plugin_{{ loop.index }}_download: + cmd.run: + - name: | + set -eo pipefail + RMQVER=$(dpkg-query -W -f='${Version}' rabbitmq-server | sed -E 's/^[0-9]+://;s/[-+~].*//') + DEST_DIR="/usr/lib/rabbitmq/lib/rabbitmq_server-${RMQVER}/plugins" + DEST_FILE="${DEST_DIR}/$(basename '{{ plugin["url"] }}')" + # remove stale copies of this plugin from both the active versioned dir and the + # system-wide /usr/lib/rabbitmq/plugins dir. -type f leaves bundled-plugin dirs + # like amqp10_client-3.13.6/ untouched. ! -path "$DEST_FILE" preserves our target + # if it is already at the requested version. + # Default pattern is the safe `-*` (versioned files only). Set + # `force_cleanup: True` on the pillar entry to widen it to `-*` so any file + # with the plugin name prefix is removed (e.g. `.bak`, `-foo`). + for D in "$DEST_DIR" "/usr/lib/rabbitmq/plugins"; do + [ -d "$D" ] || continue + {%- if plugin.get("force_cleanup", False) %} + find "$D" -maxdepth 1 -type f -name '{{ plugin["name"] }}-*' ! -path "$DEST_FILE" -print -delete + {%- else %} + find "$D" -maxdepth 1 -type f -name '{{ plugin["name"] }}-[0-9]*' ! -path "$DEST_FILE" -print -delete + {%- endif %} + done + if [ ! -f "$DEST_FILE" ]; then + curl -fsSL -o "${DEST_FILE}.tmp" '{{ plugin["url"] }}' + mv "${DEST_FILE}.tmp" "$DEST_FILE" + chmod 644 "$DEST_FILE" + echo "downloaded $(basename '{{ plugin["url"] }}')" + fi + - require: + - pkg: rabbit_pkg + {%- endif %} + {%- endfor %} + rabbit_service_5: cmd.run: - name: service rabbitmq-server restart @@ -138,9 +188,17 @@ rabbit_fix_salt_module: timeout 2m bash -c 'salt-call saltutil.refresh_modules'; } || true {%- for plugin in pillar["rabbitmq"].get("plugins", []) %} + {%- if plugin is mapping %} +rabbit_plugin_{{ loop.index }}: + rabbitmq_plugin.enabled: + - name: '{{ plugin["name"] }}' + - require: + - cmd: rabbit_plugin_{{ loop.index }}_download + {%- else %} rabbit_plugin_{{ loop.index }}: rabbitmq_plugin.enabled: - name: {{ plugin }} + {%- endif %} {%- endfor %} {% endif %} diff --git a/rabbitmq/pillar.example b/rabbitmq/pillar.example index 20b87d88..bc6b9744 100644 --- a/rabbitmq/pillar.example +++ b/rabbitmq/pillar.example @@ -3,6 +3,7 @@ rabbitmq: version: 4.2.3 # optional, specific version or latest, if omitted, install latest first, then keep it without upgrades #local_ip: 1.2.3.4 # optional, make sure /etc/hosts has short hostname resolution to this local IP, otherwise rabbitmq will not start, if omitted, 127.0.1.1 is used + #enable_all_feature_flag: True # optional, runs `rabbitmqctl enable_feature_flag all` BEFORE the package upgrade on the currently-installed broker; required before upgrading across major versions that drop older feature-flag states. Skipped silently on fresh installs. config: # optional - 'key = val' # see https://github.com/rabbitmq/rabbitmq-server/blob/v3.7.x/docs/rabbitmq.conf.example, each item is copied as is admin: @@ -14,6 +15,17 @@ rabbitmq: acme_account: example.com # acme state account plugins: # optional - rabbitmq_management + # community plugin, downloaded as .ez and enabled. Pick a URL whose plugin version + # matches RabbitMQ major.minor (RabbitMQ 4.2.x -> plugin 4.2.x). The on-disk filename + # is derived from the URL via basename. Removing the entry stops managing it; disable + # manually on the host if needed. + # Cleanup of stale copies runs in both /usr/lib/rabbitmq/lib/rabbitmq_server-/plugins + # and /usr/lib/rabbitmq/plugins. By default only files matching the safe pattern + # `-*` are removed. Set force_cleanup: True to widen the pattern to + # `-*` so files like `.bak` or `-foo` are also removed. + - name: rabbitmq_delayed_message_exchange + url: https://github.com/rabbitmq/rabbitmq-delayed-message-exchange/releases/download/v4.2.0/rabbitmq_delayed_message_exchange-4.2.0.ez + #force_cleanup: True # optional, default False vhosts: - name: vhost_a present: True