diff --git a/docker/rabbitmq/docker-compose-rabbitmq-3.7.8-management.yml b/docker/rabbitmq/docker-compose-rabbitmq-3.7.8-management.yml new file mode 100644 index 0000000..7b2d98d --- /dev/null +++ b/docker/rabbitmq/docker-compose-rabbitmq-3.7.8-management.yml @@ -0,0 +1,18 @@ +version: '3' +services: + rabbitmq: + image: registry.cn-hangzhou.aliyuncs.com/zhengqing/rabbitmq:3.7.8-management # 原镜像`rabbitmq:3.7.8-management` 【 注:该版本包含了web控制页面 】 + container_name: rabbitmq # 容器名为'rabbitmq' + hostname: my-rabbit + restart: unless-stopped # 指定容器退出后的重启策略为始终重启,但是不考虑在Docker守护进程启动时就已经停止了的容器 + environment: # 设置环境变量,相当于docker run命令中的-e + TZ: Asia/Shanghai + LANG: en_US.UTF-8 + RABBITMQ_DEFAULT_VHOST: my_vhost # 主机名 + RABBITMQ_DEFAULT_USER: admin # 登录账号 + RABBITMQ_DEFAULT_PASS: admin # 登录密码 + volumes: # 数据卷挂载路径设置,将本机目录映射到容器目录 + - "./rabbitmq/data:/var/lib/rabbitmq" + ports: # 映射端口 + - "5672:5672" + - "15672:15672" diff --git a/docker/rabbitmq/docker-compose-rabbitmq-cluster.yml b/docker/rabbitmq/docker-compose-rabbitmq-cluster.yml new file mode 100644 index 0000000..165e5f5 --- /dev/null +++ b/docker/rabbitmq/docker-compose-rabbitmq-cluster.yml @@ -0,0 +1,47 @@ +# 环境变量可参考: https://www.rabbitmq.com/configure.html +# https://github.com/rabbitmq/rabbitmq-server/blob/master/deps/rabbit/docs/rabbitmq.conf.example +# https://www.rabbitmq.com/clustering.html#erlang-cookie +version: '3' + +# 网桥 -> 方便相互通讯 +networks: + rabbitmq: + driver: bridge + +services: + rabbitmq-1: + image: registry.cn-hangzhou.aliyuncs.com/zhengqing/rabbitmq:3.9.1-management # 镜像`rabbitmq:3.9.1-management` 【 注:该版本包含了web控制页面 】 + container_name: rabbitmq-1 # 容器名为'rabbitmq-1' + hostname: my-rabbit-1 + restart: unless-stopped # 指定容器退出后的重启策略为始终重启,但是不考虑在Docker守护进程启动时就已经停止了的容器 + environment: # 设置环境变量,相当于docker run命令中的-e + TZ: Asia/Shanghai + LANG: en_US.UTF-8 + volumes: # 数据卷挂载路径设置,将本机目录映射到容器目录 + - "./rabbitmq-cluster/rabbitmq-1/config/rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf" + - "./rabbitmq-cluster/rabbitmq-1/data:/var/lib/rabbitmq" + - "./rabbitmq-cluster/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez:/opt/rabbitmq/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez" + - "./rabbitmq-cluster/.erlang.cookie:/var/lib/rabbitmq/.erlang.cookie" + ports: # 映射端口 + - "5672:5672" + - "15672:15672" + networks: + - rabbitmq + + rabbitmq-2: + image: registry.cn-hangzhou.aliyuncs.com/zhengqing/rabbitmq:3.9.1-management # 镜像`rabbitmq:3.9.1-management` 【 注:该版本包含了web控制页面 】 + container_name: rabbitmq-2 # 容器名为'rabbitmq-2' + hostname: my-rabbit-2 + restart: unless-stopped # 指定容器退出后的重启策略为始终重启,但是不考虑在Docker守护进程启动时就已经停止了的容器 + environment: # 设置环境变量,相当于docker run命令中的-e + TZ: Asia/Shanghai + LANG: en_US.UTF-8 + volumes: # 数据卷挂载路径设置,将本机目录映射到容器目录 + - "./rabbitmq-cluster/rabbitmq-2/config/rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf" + - "./rabbitmq-cluster/rabbitmq-2/data:/var/lib/rabbitmq" + - "./rabbitmq-cluster/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez:/opt/rabbitmq/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez" + - "./rabbitmq-cluster/.erlang.cookie:/var/lib/rabbitmq/.erlang.cookie" + ports: # 映射端口 + - "5673:5672" + networks: + - rabbitmq diff --git a/docker/rabbitmq/docker-compose-rabbitmq.yml b/docker/rabbitmq/docker-compose-rabbitmq.yml new file mode 100644 index 0000000..8f8639a --- /dev/null +++ b/docker/rabbitmq/docker-compose-rabbitmq.yml @@ -0,0 +1,21 @@ +# 环境变量可参考: https://www.rabbitmq.com/configure.html +# https://github.com/rabbitmq/rabbitmq-server/blob/master/deps/rabbit/docs/rabbitmq.conf.example +version: '3' +services: + rabbitmq: + image: registry.cn-hangzhou.aliyuncs.com/zhengqing/rabbitmq:3.9.15-management # 镜像`rabbitmq:3.9.1-management` 【 注:该版本包含了web控制页面 】 + container_name: rabbitmq # 容器名为'rabbitmq' + hostname: my-rabbit + restart: unless-stopped # 指定容器退出后的重启策略为始终重启,但是不考虑在Docker守护进程启动时就已经停止了的容器 + environment: # 设置环境变量,相当于docker run命令中的-e + TZ: Asia/Shanghai + LANG: en_US.UTF-8 + volumes: # 数据卷挂载路径设置,将本机目录映射到容器目录 + - "./rabbitmq/config/rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf" + - "./rabbitmq/config/10-default-guest-user.conf:/etc/rabbitmq/conf.d/10-default-guest-user.conf" + - "./rabbitmq/data:/var/lib/rabbitmq" + - "./rabbitmq/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez:/opt/rabbitmq/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez" +# - "./rabbitmq/log:/var/log/rabbitmq" + ports: # 映射端口 + - "5672:5672" + - "15672:15672" diff --git a/docker/rabbitmq/rabbitmq-cluster/.erlang.cookie b/docker/rabbitmq/rabbitmq-cluster/.erlang.cookie new file mode 100644 index 0000000..35c330d --- /dev/null +++ b/docker/rabbitmq/rabbitmq-cluster/.erlang.cookie @@ -0,0 +1 @@ +rabbit-cookie diff --git a/docker/rabbitmq/rabbitmq-cluster/init-rabbitmq.sh b/docker/rabbitmq/rabbitmq-cluster/init-rabbitmq.sh new file mode 100644 index 0000000..fa9dcd2 --- /dev/null +++ b/docker/rabbitmq/rabbitmq-cluster/init-rabbitmq.sh @@ -0,0 +1,44 @@ +#!/bin/bash + + +#################################### +# @description 添加RabbitMQ节点到集群 +# 可参考 https://www.rabbitmq.com/clustering.html#creating-ram +# @params $? => 代表上一个命令执行后的退出状态: 0->成功,1->失败 +# @example => sh init-rabbitmq.sh +# @author topsuder +# @date 2022/11/16 14:24 +#################################### + + +# reset first node +echo "Reset first rabbitmq node." +docker exec rabbitmq-1 /bin/bash -c 'rabbitmqctl stop_app' +docker exec rabbitmq-1 /bin/bash -c 'rabbitmqctl reset' +docker exec rabbitmq-1 /bin/bash -c 'rabbitmqctl start_app' + + +# build cluster +echo "Starting to build rabbitmq cluster with two ram nodes." +docker exec rabbitmq-2 /bin/bash -c 'rabbitmqctl stop_app' +docker exec rabbitmq-2 /bin/bash -c 'rabbitmqctl reset' +# 参数“--ram”表示设置为内存节点,忽略此参数默认为磁盘节点 +docker exec rabbitmq-2 /bin/bash -c 'rabbitmqctl join_cluster rabbit@my-rabbit-1' +# docker exec rabbitmq-2 /bin/bash -c 'rabbitmqctl join_cluster --ram rabbit@my-rabbit-1' +docker exec rabbitmq-2 /bin/bash -c 'rabbitmqctl start_app' + + +# check cluster status +#echo "Check cluster status:" +#docker exec rabbitmq-1 /bin/bash -c 'rabbitmqctl cluster_status' +#docker exec rabbitmq-2 /bin/bash -c 'rabbitmqctl cluster_status' + + +#echo "Starting to create user." +#docker exec rabbitmq-1 /bin/bash -c 'rabbitmqctl add_user admin admin@123' + +#echo "Set tags for new user." +#docker exec rabbitmq-1 /bin/bash -c 'rabbitmqctl set_user_tags admin administrator' + +#echo "Grant permissions to new user." +#docker exec rabbitmq-1 /bin/bash -c "rabbitmqctl set_permissions -p '/' admin '.*' '.*' '.*'" diff --git a/docker/rabbitmq/rabbitmq-cluster/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez b/docker/rabbitmq/rabbitmq-cluster/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez new file mode 100644 index 0000000..2301a0d Binary files /dev/null and b/docker/rabbitmq/rabbitmq-cluster/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez differ diff --git a/docker/rabbitmq/rabbitmq-cluster/rabbitmq-1/config/rabbitmq.conf b/docker/rabbitmq/rabbitmq-cluster/rabbitmq-1/config/rabbitmq.conf new file mode 100644 index 0000000..93e6315 --- /dev/null +++ b/docker/rabbitmq/rabbitmq-cluster/rabbitmq-1/config/rabbitmq.conf @@ -0,0 +1,8 @@ +# 环境变量可参考 https://www.rabbitmq.com/configure.html +default_vhost = my_vhost +default_user = admin +default_pass = admin +default_user_tags.administrator = true +default_permissions.configure = .* +default_permissions.read = .* +default_permissions.write = .* diff --git a/docker/rabbitmq/rabbitmq-cluster/rabbitmq-2/config/rabbitmq.conf b/docker/rabbitmq/rabbitmq-cluster/rabbitmq-2/config/rabbitmq.conf new file mode 100644 index 0000000..93e6315 --- /dev/null +++ b/docker/rabbitmq/rabbitmq-cluster/rabbitmq-2/config/rabbitmq.conf @@ -0,0 +1,8 @@ +# 环境变量可参考 https://www.rabbitmq.com/configure.html +default_vhost = my_vhost +default_user = admin +default_pass = admin +default_user_tags.administrator = true +default_permissions.configure = .* +default_permissions.read = .* +default_permissions.write = .* diff --git a/docker/rabbitmq/rabbitmq/config/10-default-guest-user.conf b/docker/rabbitmq/rabbitmq/config/10-default-guest-user.conf new file mode 100644 index 0000000..960e347 --- /dev/null +++ b/docker/rabbitmq/rabbitmq/config/10-default-guest-user.conf @@ -0,0 +1,8 @@ +## DEFAULT SETTINGS ARE NOT MEANT TO BE TAKEN STRAIGHT INTO PRODUCTION +## see https://www.rabbitmq.com/configure.html for further information +## on configuring RabbitMQ + +## allow access to the guest user from anywhere on the network +## https://www.rabbitmq.com/access-control.html#loopback-users +## https://www.rabbitmq.com/production-checklist.html#users +## loopback_users.guest = false diff --git a/docker/rabbitmq/rabbitmq/config/rabbitmq.conf b/docker/rabbitmq/rabbitmq/config/rabbitmq.conf new file mode 100644 index 0000000..93e6315 --- /dev/null +++ b/docker/rabbitmq/rabbitmq/config/rabbitmq.conf @@ -0,0 +1,8 @@ +# 环境变量可参考 https://www.rabbitmq.com/configure.html +default_vhost = my_vhost +default_user = admin +default_pass = admin +default_user_tags.administrator = true +default_permissions.configure = .* +default_permissions.read = .* +default_permissions.write = .* diff --git a/docker/rabbitmq/rabbitmq/config/rabbitmq_bak.conf b/docker/rabbitmq/rabbitmq/config/rabbitmq_bak.conf new file mode 100644 index 0000000..99e551f --- /dev/null +++ b/docker/rabbitmq/rabbitmq/config/rabbitmq_bak.conf @@ -0,0 +1,1060 @@ +# ====================================== +# RabbitMQ broker section +# ====================================== + +## Related doc guide: https://rabbitmq.com/configure.html. See +## https://rabbitmq.com/documentation.html for documentation ToC. + +## Networking +## ==================== +## +## Related doc guide: https://rabbitmq.com/networking.html. +## +## By default, RabbitMQ will listen on all interfaces, using +## the standard (reserved) AMQP 0-9-1 and 1.0 port. +## +# listeners.tcp.default = 5672 + + +## To listen on a specific interface, provide an IP address with port. +## For example, to listen only on localhost for both IPv4 and IPv6: +## +# IPv4 +# listeners.tcp.local = 127.0.0.1:5672 +# IPv6 +# listeners.tcp.local_v6 = ::1:5672 + +## You can define multiple listeners using listener names +# listeners.tcp.other_port = 5673 +# listeners.tcp.other_ip = 10.10.10.10:5672 + + +## TLS listeners are configured in the same fashion as TCP listeners, +## including the option to control the choice of interface. +## +# listeners.ssl.default = 5671 + +## It is possible to disable regular TCP (non-TLS) listeners. Clients +## not configured to use TLS and the correct TLS-enabled port won't be able +## to connect to this node. +# listeners.tcp = none + +## Number of Erlang processes that will accept connections for the TCP +## and TLS listeners. +## +# num_acceptors.tcp = 10 +# num_acceptors.ssl = 10 + +## Socket writer will force GC every so many bytes transferred. +## Default is 1 GiB (`1000000000`). Set to 'off' to disable. +## +# socket_writer.gc_threshold = 1000000000 +# +## To disable: +# socket_writer.gc_threshold = off + +## Maximum amount of time allowed for the AMQP 0-9-1 and AMQP 1.0 handshake +## (performed after socket connection and TLS handshake) to complete, in milliseconds. +## +# handshake_timeout = 10000 + +## Set to 'true' to perform reverse DNS lookups when accepting a +## connection. rabbitmqctl and management UI will then display hostnames +## instead of IP addresses. Default value is `false`. +## +# reverse_dns_lookups = false + +## +## Security, Access Control +## ============== +## + +## Related doc guide: https://rabbitmq.com/access-control.html. + +## The default "guest" user is only permitted to access the server +## via a loopback interface (e.g. localhost). +## {loopback_users, [<<"guest">>]}, +## +# loopback_users.guest = true + +## Uncomment the following line if you want to allow access to the +## guest user from anywhere on the network. +# loopback_users.guest = false + +## TLS configuration. +## +## Related doc guide: https://rabbitmq.com/ssl.html. +## +# listeners.ssl.1 = 5671 +# +# ssl_options.verify = verify_peer +# ssl_options.fail_if_no_peer_cert = false +# ssl_options.cacertfile = /path/to/cacert.pem +# ssl_options.certfile = /path/to/cert.pem +# ssl_options.keyfile = /path/to/key.pem +# +# ssl_options.honor_cipher_order = true +# ssl_options.honor_ecc_order = true +# +## These are highly recommended for TLSv1.2 but cannot be used +## with TLSv1.3. If TLSv1.3 is enabled, these lines MUST be removed. +# ssl_options.client_renegotiation = false +# ssl_options.secure_renegotiate = true +# +## Limits what TLS versions the server enables for client TLS +## connections. See https://www.rabbitmq.com/ssl.html#tls-versions for details. +## +## Cutting edge TLS version which requires recent client runtime +## versions and has no cipher suite in common with earlier TLS versions. +# ssl_options.versions.1 = tlsv1.3 +## Enables TLSv1.2 for best compatibility +# ssl_options.versions.2 = tlsv1.2 +## Older TLS versions have known vulnerabilities and are being phased out +## from wide use. + +## Limits what cipher suites the server will use for client TLS +## connections. Narrowing this down can prevent some clients +## from connecting. +## If TLSv1.3 is enabled and cipher suites are overridden, TLSv1.3-specific +## cipher suites must also be explicitly enabled. +## See https://www.rabbitmq.com/ssl.html#cipher-suites and https://wiki.openssl.org/index.php/TLS1.3#Ciphersuites +## for details. +# +## The example below uses TLSv1.3 cipher suites only +# +# ssl_options.ciphers.1 = TLS_AES_256_GCM_SHA384 +# ssl_options.ciphers.2 = TLS_AES_128_GCM_SHA256 +# ssl_options.ciphers.3 = TLS_CHACHA20_POLY1305_SHA256 +# ssl_options.ciphers.4 = TLS_AES_128_CCM_SHA256 +# ssl_options.ciphers.5 = TLS_AES_128_CCM_8_SHA256 +# +## The example below uses TLSv1.2 cipher suites only +# +# ssl_options.ciphers.1 = ECDHE-ECDSA-AES256-GCM-SHA384 +# ssl_options.ciphers.2 = ECDHE-RSA-AES256-GCM-SHA384 +# ssl_options.ciphers.3 = ECDHE-ECDSA-AES256-SHA384 +# ssl_options.ciphers.4 = ECDHE-RSA-AES256-SHA384 +# ssl_options.ciphers.5 = ECDH-ECDSA-AES256-GCM-SHA384 +# ssl_options.ciphers.6 = ECDH-RSA-AES256-GCM-SHA384 +# ssl_options.ciphers.7 = ECDH-ECDSA-AES256-SHA384 +# ssl_options.ciphers.8 = ECDH-RSA-AES256-SHA384 +# ssl_options.ciphers.9 = DHE-RSA-AES256-GCM-SHA384 +# ssl_options.ciphers.10 = DHE-DSS-AES256-GCM-SHA384 +# ssl_options.ciphers.11 = DHE-RSA-AES256-SHA256 +# ssl_options.ciphers.12 = DHE-DSS-AES256-SHA256 +# ssl_options.ciphers.13 = ECDHE-ECDSA-AES128-GCM-SHA256 +# ssl_options.ciphers.14 = ECDHE-RSA-AES128-GCM-SHA256 +# ssl_options.ciphers.15 = ECDHE-ECDSA-AES128-SHA256 +# ssl_options.ciphers.16 = ECDHE-RSA-AES128-SHA256 +# ssl_options.ciphers.17 = ECDH-ECDSA-AES128-GCM-SHA256 +# ssl_options.ciphers.18 = ECDH-RSA-AES128-GCM-SHA256 +# ssl_options.ciphers.19 = ECDH-ECDSA-AES128-SHA256 +# ssl_options.ciphers.20 = ECDH-RSA-AES128-SHA256 +# ssl_options.ciphers.21 = DHE-RSA-AES128-GCM-SHA256 +# ssl_options.ciphers.22 = DHE-DSS-AES128-GCM-SHA256 +# ssl_options.ciphers.23 = DHE-RSA-AES128-SHA256 +# ssl_options.ciphers.24 = DHE-DSS-AES128-SHA256 +# ssl_options.ciphers.25 = ECDHE-ECDSA-AES256-SHA +# ssl_options.ciphers.26 = ECDHE-RSA-AES256-SHA +# ssl_options.ciphers.27 = DHE-RSA-AES256-SHA +# ssl_options.ciphers.28 = DHE-DSS-AES256-SHA +# ssl_options.ciphers.29 = ECDH-ECDSA-AES256-SHA +# ssl_options.ciphers.30 = ECDH-RSA-AES256-SHA +# ssl_options.ciphers.31 = ECDHE-ECDSA-AES128-SHA +# ssl_options.ciphers.32 = ECDHE-RSA-AES128-SHA +# ssl_options.ciphers.33 = DHE-RSA-AES128-SHA +# ssl_options.ciphers.34 = DHE-DSS-AES128-SHA +# ssl_options.ciphers.35 = ECDH-ECDSA-AES128-SHA +# ssl_options.ciphers.36 = ECDH-RSA-AES128-SHA + +# ssl_options.bypass_pem_cache = true + +## Select an authentication/authorisation backend to use. +## +## Alternative backends are provided by plugins, such as rabbitmq-auth-backend-ldap. +## +## NB: These settings require certain plugins to be enabled. +## +## Related doc guides: +## +## * https://rabbitmq.com/plugins.html +## * https://rabbitmq.com/access-control.html +## + +# auth_backends.1 = rabbit_auth_backend_internal + +## uses separate backends for authentication and authorisation, +## see below. +# auth_backends.1.authn = rabbit_auth_backend_ldap +# auth_backends.1.authz = rabbit_auth_backend_internal + +## The rabbitmq_auth_backend_ldap plugin allows the broker to +## perform authentication and authorisation by deferring to an +## external LDAP server. +## +## Relevant doc guides: +## +## * https://rabbitmq.com/ldap.html +## * https://rabbitmq.com/access-control.html +## +## uses LDAP for both authentication and authorisation +# auth_backends.1 = rabbit_auth_backend_ldap + +## uses HTTP service for both authentication and +## authorisation +# auth_backends.1 = rabbit_auth_backend_http + +## uses two backends in a chain: HTTP first, then internal +# auth_backends.1 = rabbit_auth_backend_http +# auth_backends.2 = rabbit_auth_backend_internal + +## Authentication +## The built-in mechanisms are 'PLAIN', +## 'AMQPLAIN', and 'EXTERNAL' Additional mechanisms can be added via +## plugins. +## +## Related doc guide: https://rabbitmq.com/authentication.html. +## +# auth_mechanisms.1 = PLAIN +# auth_mechanisms.2 = AMQPLAIN + +## The rabbitmq-auth-mechanism-ssl plugin makes it possible to +## authenticate a user based on the client's x509 (TLS) certificate. +## Related doc guide: https://rabbitmq.com/authentication.html. +## +## To use auth-mechanism-ssl, the EXTERNAL mechanism should +## be enabled: +## +# auth_mechanisms.1 = PLAIN +# auth_mechanisms.2 = AMQPLAIN +# auth_mechanisms.3 = EXTERNAL + +## To force x509 certificate-based authentication on all clients, +## exclude all other mechanisms (note: this will disable password-based +## authentication even for the management UI!): +## +# auth_mechanisms.1 = EXTERNAL + +## This pertains to both the rabbitmq-auth-mechanism-ssl plugin and +## STOMP ssl_cert_login configurations. See the RabbitMQ STOMP plugin +## configuration section later in this file and the README in +## https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further +## details. +## +## To use the TLS cert's CN instead of its DN as the username +## +# ssl_cert_login_from = common_name + +## TLS handshake timeout, in milliseconds. +## +# ssl_handshake_timeout = 5000 + + +## Cluster name +## +# cluster_name = dev3.eng.megacorp.local + +## Password hashing implementation. Will only affect newly +## created users. To recalculate hash for an existing user +## it's necessary to update her password. +## +## To use SHA-512, set to rabbit_password_hashing_sha512. +## +# password_hashing_module = rabbit_password_hashing_sha256 + +## When importing definitions exported from versions earlier +## than 3.6.0, it is possible to go back to MD5 (only do this +## as a temporary measure!) by setting this to rabbit_password_hashing_md5. +## +# password_hashing_module = rabbit_password_hashing_md5 + +## +## Default User / VHost +## ==================== +## + +## On first start RabbitMQ will create a vhost and a user. These +## config items control what gets created. +## Relevant doc guide: https://rabbitmq.com/access-control.html +## +# default_vhost = / +# default_user = guest +# default_pass = guest + +# default_permissions.configure = .* +# default_permissions.read = .* +# default_permissions.write = .* + +## Tags for default user +## +## For more details about tags, see the documentation for the +## Management Plugin at https://rabbitmq.com/management.html. +## +# default_user_tags.administrator = true + +## Define other tags like this: +# default_user_tags.management = true +# default_user_tags.custom_tag = true + +## +## Additional network and protocol related configuration +## ===================================================== +## + +## Set the server AMQP 0-9-1 heartbeat timeout in seconds. +## RabbitMQ nodes will send heartbeat frames at roughly +## the (timeout / 2) interval. Two missed heartbeats from +## a client will close its connection. +## +## Values lower than 6 seconds are very likely to produce +## false positives and are not recommended. +## +## Related doc guides: +## +## * https://rabbitmq.com/heartbeats.html +## * https://rabbitmq.com/networking.html +## +# heartbeat = 60 + +## Set the max permissible size of an AMQP frame (in bytes). +## +# frame_max = 131072 + +## Set the max frame size the server will accept before connection +## tuning occurs +## +# initial_frame_max = 4096 + +## Set the max permissible number of channels per connection. +## 0 means "no limit". +## +# channel_max = 128 + +## Customising TCP Listener (Socket) Configuration. +## +## Related doc guides: +## +## * https://rabbitmq.com/networking.html +## * https://www.erlang.org/doc/man/inet.html#setopts-2 +## + +# tcp_listen_options.backlog = 128 +# tcp_listen_options.nodelay = true +# tcp_listen_options.exit_on_close = false +# +# tcp_listen_options.keepalive = true +# tcp_listen_options.send_timeout = 15000 +# +# tcp_listen_options.buffer = 196608 +# tcp_listen_options.sndbuf = 196608 +# tcp_listen_options.recbuf = 196608 + +## +## Resource Limits & Flow Control +## ============================== +## +## Related doc guide: https://rabbitmq.com/memory.html. + +## Memory-based Flow Control threshold. +## +# vm_memory_high_watermark.relative = 0.4 + +## Alternatively, we can set a limit (in bytes) of RAM used by the node. +## +# vm_memory_high_watermark.absolute = 1073741824 + +## Or you can set absolute value using memory units (with RabbitMQ 3.6.0+). +## Absolute watermark will be ignored if relative is defined! +## +# vm_memory_high_watermark.absolute = 2GB +## +## Supported unit symbols: +## +## k, kiB: kibibytes (2^10 - 1,024 bytes) +## M, MiB: mebibytes (2^20 - 1,048,576 bytes) +## G, GiB: gibibytes (2^30 - 1,073,741,824 bytes) +## kB: kilobytes (10^3 - 1,000 bytes) +## MB: megabytes (10^6 - 1,000,000 bytes) +## GB: gigabytes (10^9 - 1,000,000,000 bytes) + + + +## Fraction of the high watermark limit at which queues start to +## page message out to disc in order to free up memory. +## For example, when vm_memory_high_watermark is set to 0.4 and this value is set to 0.5, +## paging can begin as early as when 20% of total available RAM is used by the node. +## +## Values greater than 1.0 can be dangerous and should be used carefully. +## +## One alternative to this is to use durable queues and publish messages +## as persistent (delivery mode = 2). With this combination queues will +## move messages to disk much more rapidly. +## +## Another alternative is to configure queues to page all messages (both +## persistent and transient) to disk as quickly +## as possible, see https://rabbitmq.com/lazy-queues.html. +## +# vm_memory_high_watermark_paging_ratio = 0.5 + +## Selects Erlang VM memory consumption calculation strategy. Can be `allocated`, `rss` or `legacy` (aliased as `erlang`), +## Introduced in 3.6.11. `rss` is the default as of 3.6.12. +## See https://github.com/rabbitmq/rabbitmq-server/issues/1223 and rabbitmq/rabbitmq-common#224 for background. +# vm_memory_calculation_strategy = rss + +## Interval (in milliseconds) at which we perform the check of the memory +## levels against the watermarks. +## +# memory_monitor_interval = 2500 + +## The total memory available can be calculated from the OS resources +## - default option - or provided as a configuration parameter. +# total_memory_available_override_value = 2GB + +## Set disk free limit (in bytes). Once free disk space reaches this +## lower bound, a disk alarm will be set - see the documentation +## listed above for more details. +## +## Absolute watermark will be ignored if relative is defined! +# disk_free_limit.absolute = 50000 + +## Or you can set it using memory units (same as in vm_memory_high_watermark) +## with RabbitMQ 3.6.0+. +# disk_free_limit.absolute = 500KB +# disk_free_limit.absolute = 50mb +# disk_free_limit.absolute = 5GB + +## Alternatively, we can set a limit relative to total available RAM. +## +## Values lower than 1.0 can be dangerous and should be used carefully. +# disk_free_limit.relative = 2.0 + +## +## Clustering +## ===================== +## +# cluster_partition_handling = ignore + +## Pauses all nodes on the minority side of a partition. The cluster +## MUST have an odd number of nodes (3, 5, etc) +# cluster_partition_handling = pause_minority + +## pause_if_all_down strategy require additional configuration +# cluster_partition_handling = pause_if_all_down + +## Recover strategy. Can be either 'autoheal' or 'ignore' +# cluster_partition_handling.pause_if_all_down.recover = ignore + +## Node names to check +# cluster_partition_handling.pause_if_all_down.nodes.1 = rabbit@localhost +# cluster_partition_handling.pause_if_all_down.nodes.2 = hare@localhost + +## Mirror sync batch size, in messages. Increasing this will speed +## up syncing but total batch size in bytes must not exceed 2 GiB. +## Available in RabbitMQ 3.6.0 or later. +## +# mirroring_sync_batch_size = 4096 + +## Make clustering happen *automatically* at startup. Only applied +## to nodes that have just been reset or started for the first time. +## +## Relevant doc guide: https://rabbitmq.com//cluster-formation.html +## + +# cluster_formation.peer_discovery_backend = rabbit_peer_discovery_classic_config +# +# cluster_formation.classic_config.nodes.1 = rabbit1@hostname +# cluster_formation.classic_config.nodes.2 = rabbit2@hostname +# cluster_formation.classic_config.nodes.3 = rabbit3@hostname +# cluster_formation.classic_config.nodes.4 = rabbit4@hostname + +## DNS-based peer discovery. This backend will list A records +## of the configured hostname and perform reverse lookups for +## the addresses returned. + +# cluster_formation.peer_discovery_backend = rabbit_peer_discovery_dns +# cluster_formation.dns.hostname = discovery.eng.example.local + +## This node's type can be configured. If you are not sure +## what node type to use, always use 'disc'. +# cluster_formation.node_type = disc + +## Interval (in milliseconds) at which we send keepalive messages +## to other cluster members. Note that this is not the same thing +## as net_ticktime; missed keepalive messages will not cause nodes +## to be considered down. +## +# cluster_keepalive_interval = 10000 + +## +## Statistics Collection +## ===================== +## + +## Statistics collection interval (in milliseconds). Increasing +## this will reduce the load on management database. +## +# collect_statistics_interval = 5000 + +## Fine vs. coarse statistics +# +# This value is no longer meant to be configured directly. +# +# See https://www.rabbitmq.com/management.html#fine-stats. + +## +## Ra Settings +## ===================== +## +# raft.segment_max_entries = 65536 +# raft.wal_max_size_bytes = 1048576 +# raft.wal_max_batch_size = 4096 +# raft.snapshot_chunk_size = 1000000 + +## +## Misc/Advanced Options +## ===================== +## +## NB: Change these only if you understand what you are doing! +## + +## Timeout used when waiting for Mnesia tables in a cluster to +## become available. +## +# mnesia_table_loading_retry_timeout = 30000 + +## Retries when waiting for Mnesia tables in the cluster startup. Note that +## this setting is not applied to Mnesia upgrades or node deletions. +## +# mnesia_table_loading_retry_limit = 10 + +## Size in bytes below which to embed messages in the queue index. +## Related doc guide: https://rabbitmq.com/persistence-conf.html +## +# queue_index_embed_msgs_below = 4096 + +## You can also set this size in memory units +## +# queue_index_embed_msgs_below = 4kb + +## Whether or not to enable background periodic forced GC runs for all +## Erlang processes on the node in "waiting" state. +## +## Disabling background GC may reduce latency for client operations, +## keeping it enabled may reduce median RAM usage by the binary heap +## (see https://www.erlang-solutions.com/blog/erlang-garbage-collector.html). +## +## Before trying this option, please take a look at the memory +## breakdown (https://www.rabbitmq.com/memory-use.html). +## +# background_gc_enabled = false + +## Target (desired) interval (in milliseconds) at which we run background GC. +## The actual interval will vary depending on how long it takes to execute +## the operation (can be higher than this interval). Values less than +## 30000 milliseconds are not recommended. +## +# background_gc_target_interval = 60000 + +## Whether or not to enable proxy protocol support. +## Once enabled, clients cannot directly connect to the broker +## anymore. They must connect through a load balancer that sends the +## proxy protocol header to the broker at connection time. +## This setting applies only to AMQP clients, other protocols +## like MQTT or STOMP have their own setting to enable proxy protocol. +## See the plugins documentation for more information. +## +# proxy_protocol = false + +## Overriden product name and version. +## They are set to "RabbitMQ" and the release version by default. +# product.name = RabbitMQ +# product.version = 1.2.3 + +## "Message of the day" file. +## Its content is used to expand the logged and printed banners. +## Default to /etc/rabbitmq/motd on Unix, %APPDATA%\RabbitMQ\motd.txt +## on Windows. +# motd_file = /etc/rabbitmq/motd + +## Consumer timeout +## If a message delivered to a consumer has not been acknowledge before this timer +## triggers the channel will be force closed by the broker. This ensure that +## faultly consumers that never ack will not hold on to messages indefinitely. +## +# consumer_timeout = 900000 + +## ---------------------------------------------------------------------------- +## Advanced Erlang Networking/Clustering Options. +## +## Related doc guide: https://rabbitmq.com/clustering.html +## ---------------------------------------------------------------------------- + +# ====================================== +# Kernel section +# ====================================== + +## Timeout used to detect peer unavailability, including CLI tools. +## Related doc guide: https://www.rabbitmq.com/nettick.html. +## +# net_ticktime = 60 + +## Inter-node communication port range. +## The parameters inet_dist_listen_min and inet_dist_listen_max +## can be configured in the classic config format only. +## Related doc guide: https://www.rabbitmq.com/networking.html#epmd-inet-dist-port-range. + + +## ---------------------------------------------------------------------------- +## RabbitMQ Management Plugin +## +## Related doc guide: https://rabbitmq.com/management.html. +## ---------------------------------------------------------------------------- + +# ======================================= +# Management section +# ======================================= + +## Preload schema definitions from the following JSON file. +## Related doc guide: https://rabbitmq.com/management.html#load-definitions. +## +# management.load_definitions = /path/to/exported/definitions.json + +## Log all requests to the management HTTP API to a file. +## +# management.http_log_dir = /path/to/access.log + +## HTTP listener and embedded Web server settings. +# ## See https://rabbitmq.com/management.html for details. +# +# management.tcp.port = 15672 +# management.tcp.ip = 0.0.0.0 +# +# management.tcp.shutdown_timeout = 7000 +# management.tcp.max_keepalive = 120 +# management.tcp.idle_timeout = 120 +# management.tcp.inactivity_timeout = 120 +# management.tcp.request_timeout = 120 +# management.tcp.compress = true + +## HTTPS listener settings. +## See https://rabbitmq.com/management.html and https://rabbitmq.com/ssl.html for details. +## +# management.ssl.port = 15671 +# management.ssl.cacertfile = /path/to/ca_certificate.pem +# management.ssl.certfile = /path/to/server_certificate.pem +# management.ssl.keyfile = /path/to/server_key.pem + +## More TLS options +# management.ssl.honor_cipher_order = true +# management.ssl.honor_ecc_order = true + +## These are highly recommended for TLSv1.2 but cannot be used +## with TLSv1.3. If TLSv1.3 is enabled, these lines MUST be removed. +# management.ssl.client_renegotiation = false +# management.ssl.secure_renegotiate = true + +## Supported TLS versions +# management.ssl.versions.1 = tlsv1.2 + +## Cipher suites the server is allowed to use +# management.ssl.ciphers.1 = ECDHE-ECDSA-AES256-GCM-SHA384 +# management.ssl.ciphers.2 = ECDHE-RSA-AES256-GCM-SHA384 +# management.ssl.ciphers.3 = ECDHE-ECDSA-AES256-SHA384 +# management.ssl.ciphers.4 = ECDHE-RSA-AES256-SHA384 +# management.ssl.ciphers.5 = ECDH-ECDSA-AES256-GCM-SHA384 +# management.ssl.ciphers.6 = ECDH-RSA-AES256-GCM-SHA384 +# management.ssl.ciphers.7 = ECDH-ECDSA-AES256-SHA384 +# management.ssl.ciphers.8 = ECDH-RSA-AES256-SHA384 +# management.ssl.ciphers.9 = DHE-RSA-AES256-GCM-SHA384 + +## URL path prefix for HTTP API and management UI +# management.path_prefix = /a-prefix + +## One of 'basic', 'detailed' or 'none'. See +## https://rabbitmq.com/management.html#fine-stats for more details. +# management.rates_mode = basic + +## Configure how long aggregated data (such as message rates and queue +## lengths) is retained. Please read the plugin's documentation in +## https://rabbitmq.com/management.html#configuration for more +## details. +## Your can use 'minute', 'hour' and 'day' keys or integer key (in seconds) +# management.sample_retention_policies.global.minute = 5 +# management.sample_retention_policies.global.hour = 60 +# management.sample_retention_policies.global.day = 1200 + +# management.sample_retention_policies.basic.minute = 5 +# management.sample_retention_policies.basic.hour = 60 + +# management.sample_retention_policies.detailed.10 = 5 + +## ---------------------------------------------------------------------------- +## RabbitMQ Shovel Plugin +## +## Related doc guide: https://rabbitmq.com/shovel.html +## ---------------------------------------------------------------------------- + +## See advanced.config.example for a Shovel plugin example + + +## ---------------------------------------------------------------------------- +## RabbitMQ STOMP Plugin +## +## Related doc guide: https://rabbitmq.com/stomp.html +## ---------------------------------------------------------------------------- + +# ======================================= +# STOMP section +# ======================================= + +## See https://rabbitmq.com/stomp.html for details. + +## TCP listeners. +## +# stomp.listeners.tcp.1 = 127.0.0.1:61613 +# stomp.listeners.tcp.2 = ::1:61613 + +## TCP listener settings +## +# stomp.tcp_listen_options.backlog = 2048 +# stomp.tcp_listen_options.recbuf = 131072 +# stomp.tcp_listen_options.sndbuf = 131072 +# +# stomp.tcp_listen_options.keepalive = true +# stomp.tcp_listen_options.nodelay = true +# +# stomp.tcp_listen_options.exit_on_close = true +# stomp.tcp_listen_options.send_timeout = 120 + +## Proxy protocol support +## +# stomp.proxy_protocol = false + +## TLS listeners +## See https://rabbitmq.com/stomp.html and https://rabbitmq.com/ssl.html for details. +# stomp.listeners.ssl.default = 61614 +# +# ssl_options.cacertfile = path/to/cacert.pem +# ssl_options.certfile = path/to/cert.pem +# ssl_options.keyfile = path/to/key.pem +# ssl_options.verify = verify_peer +# ssl_options.fail_if_no_peer_cert = true + + +## Number of Erlang processes that will accept connections for the TCP +## and TLS listeners. +## +# stomp.num_acceptors.tcp = 10 +# stomp.num_acceptors.ssl = 1 + +## Additional TLS options + +## Extract a name from the client's certificate when using TLS. +## +# stomp.ssl_cert_login = true + +## Set a default user name and password. This is used as the default login +## whenever a CONNECT frame omits the login and passcode headers. +## +## Please note that setting this will allow clients to connect without +## authenticating! +## +# stomp.default_user = guest +# stomp.default_pass = guest + +## If a default user is configured, or you have configured use TLS client +## certificate based authentication, you can choose to allow clients to +## omit the CONNECT frame entirely. If set to true, the client is +## automatically connected as the default user or user supplied in the +## TLS certificate whenever the first frame sent on a session is not a +## CONNECT frame. +## +# stomp.implicit_connect = true + +## Whether or not to enable proxy protocol support. +## Once enabled, clients cannot directly connect to the broker +## anymore. They must connect through a load balancer that sends the +## proxy protocol header to the broker at connection time. +## This setting applies only to STOMP clients, other protocols +## like MQTT or AMQP have their own setting to enable proxy protocol. +## See the plugins or broker documentation for more information. +## +# stomp.proxy_protocol = false + +## ---------------------------------------------------------------------------- +## RabbitMQ MQTT Adapter +## +## See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md +## for details +## ---------------------------------------------------------------------------- + +# ======================================= +# MQTT section +# ======================================= + +## TCP listener settings. +## +# mqtt.listeners.tcp.1 = 127.0.0.1:61613 +# mqtt.listeners.tcp.2 = ::1:61613 + +## TCP listener options (as per the broker configuration). +## +# mqtt.tcp_listen_options.backlog = 4096 +# mqtt.tcp_listen_options.recbuf = 131072 +# mqtt.tcp_listen_options.sndbuf = 131072 +# +# mqtt.tcp_listen_options.keepalive = true +# mqtt.tcp_listen_options.nodelay = true +# +# mqtt.tcp_listen_options.exit_on_close = true +# mqtt.tcp_listen_options.send_timeout = 120 + +## TLS listener settings +## ## See https://rabbitmq.com/mqtt.html and https://rabbitmq.com/ssl.html for details. +# +# mqtt.listeners.ssl.default = 8883 +# +# ssl_options.cacertfile = /path/to/tls/ca_certificate_bundle.pem +# ssl_options.certfile = /path/to/tls/server_certificate.pem +# ssl_options.keyfile = /path/to/tls/server_key.pem +# ssl_options.verify = verify_peer +# ssl_options.fail_if_no_peer_cert = true +# + + +## Number of Erlang processes that will accept connections for the TCP +## and TLS listeners. +## +# mqtt.num_acceptors.tcp = 10 +# mqtt.num_acceptors.ssl = 10 + +## Whether or not to enable proxy protocol support. +## Once enabled, clients cannot directly connect to the broker +## anymore. They must connect through a load balancer that sends the +## proxy protocol header to the broker at connection time. +## This setting applies only to STOMP clients, other protocols +## like STOMP or AMQP have their own setting to enable proxy protocol. +## See the plugins or broker documentation for more information. +## +# mqtt.proxy_protocol = false + +## Set the default user name and password used for anonymous connections (when client +## provides no credentials). Anonymous connections are highly discouraged! +## +# mqtt.default_user = guest +# mqtt.default_pass = guest + +## Enable anonymous connections. If this is set to false, clients MUST provide +## credentials in order to connect. See also the mqtt.default_user/mqtt.default_pass +## keys. Anonymous connections are highly discouraged! +## +# mqtt.allow_anonymous = true + +## If you have multiple vhosts, specify the one to which the +## adapter connects. +## +# mqtt.vhost = / + +## Specify the exchange to which messages from MQTT clients are published. +## +# mqtt.exchange = amq.topic + +## Specify TTL (time to live) to control the lifetime of non-clean sessions. +## +# mqtt.subscription_ttl = 1800000 + +## Set the prefetch count (governing the maximum number of unacknowledged +## messages that will be delivered). +## +# mqtt.prefetch = 10 + + +## ---------------------------------------------------------------------------- +## RabbitMQ AMQP 1.0 Support +## +## See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md. +## ---------------------------------------------------------------------------- + +# ======================================= +# AMQP 1.0 section +# ======================================= + + +## Connections that are not authenticated with SASL will connect as this +## account. See the README for more information. +## +## Please note that setting this will allow clients to connect without +## authenticating! +## +# amqp1_0.default_user = guest + +## Enable protocol strict mode. See the README for more information. +## +# amqp1_0.protocol_strict_mode = false + +## Logging settings. +## +## See https://rabbitmq.com/logging.html for details. +## + +## Log directory, taken from the RABBITMQ_LOG_BASE env variable by default. +## +# log.dir = /var/log/rabbitmq + +## Logging to file. Can be false or a filename. +## Default: +# log.file = rabbit.log + +## To disable logging to a file +# log.file = false + +## Log level for file logging +## +# log.file.level = info + +## File rotation config. No rotation by default. +## DO NOT SET rotation date to ''. Leave the value unset if "" is the desired value +# log.file.rotation.date = $D0 +# log.file.rotation.size = 0 + +## Logging to console (can be true or false) +## +# log.console = false + +## Log level for console logging +## +# log.console.level = info + +## Logging to the amq.rabbitmq.log exchange (can be true or false) +## +# log.exchange = false + +## Log level to use when logging to the amq.rabbitmq.log exchange +## +# log.exchange.level = info + + + +## ---------------------------------------------------------------------------- +## RabbitMQ LDAP Plugin +## +## Related doc guide: https://rabbitmq.com/ldap.html. +## +## ---------------------------------------------------------------------------- + +# ======================================= +# LDAP section +# ======================================= + +## +## Connecting to the LDAP server(s) +## ================================ +## + +## Specify servers to bind to. You *must* set this in order for the plugin +## to work properly. +## +# auth_ldap.servers.1 = your-server-name-goes-here + +## You can define multiple servers +# auth_ldap.servers.2 = your-other-server + +## Connect to the LDAP server using TLS +## +# auth_ldap.use_ssl = false + +## Specify the LDAP port to connect to +## +# auth_ldap.port = 389 + +## LDAP connection timeout, in milliseconds or 'infinity' +## +# auth_ldap.timeout = infinity + +## Or number +# auth_ldap.timeout = 500 + +## Enable logging of LDAP queries. +## One of +## - false (no logging is performed) +## - true (verbose logging of the logic used by the plugin) +## - network (as true, but additionally logs LDAP network traffic) +## +## Defaults to false. +## +# auth_ldap.log = false + +## Also can be true or network +# auth_ldap.log = true +# auth_ldap.log = network + +## +## Authentication +## ============== +## + +## Pattern to convert the username given through AMQP to a DN before +## binding +## +# auth_ldap.user_dn_pattern = cn=${username},ou=People,dc=example,dc=com + +## Alternatively, you can convert a username to a Distinguished +## Name via an LDAP lookup after binding. See the documentation for +## full details. + +## When converting a username to a dn via a lookup, set these to +## the name of the attribute that represents the user name, and the +## base DN for the lookup query. +## +# auth_ldap.dn_lookup_attribute = userPrincipalName +# auth_ldap.dn_lookup_base = DC=gopivotal,DC=com + +## Controls how to bind for authorisation queries and also to +## retrieve the details of users logging in without presenting a +## password (e.g., SASL EXTERNAL). +## One of +## - as_user (to bind as the authenticated user - requires a password) +## - anon (to bind anonymously) +## - {UserDN, Password} (to bind with a specified user name and password) +## +## Defaults to 'as_user'. +## +# auth_ldap.other_bind = as_user + +## Or can be more complex: +# auth_ldap.other_bind.user_dn = User +# auth_ldap.other_bind.password = Password + +## If user_dn and password defined - other options is ignored. + +# ----------------------------- +# Too complex section of LDAP +# ----------------------------- + +## +## Authorisation +## ============= +## + +## The LDAP plugin can perform a variety of queries against your +## LDAP server to determine questions of authorisation. +## +## Related doc guide: https://rabbitmq.com/ldap.html#authorisation. + +## Following configuration should be defined in advanced.config file +## DO NOT UNCOMMENT THESE LINES! + +## Set the query to use when determining vhost access +## +## {vhost_access_query, {in_group, +## "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}}, + +## Set the query to use when determining resource (e.g., queue) access +## +## {resource_access_query, {constant, true}}, + +## Set queries to determine which tags a user has +## +## {tag_queries, []} +# ]}, +# ----------------------------- diff --git a/docker/rabbitmq/rabbitmq/config/rabbitmq_bak.config b/docker/rabbitmq/rabbitmq/config/rabbitmq_bak.config new file mode 100644 index 0000000..0169efa --- /dev/null +++ b/docker/rabbitmq/rabbitmq/config/rabbitmq_bak.config @@ -0,0 +1,925 @@ +%% -*- mode: erlang -*- +%% ---------------------------------------------------------------------------- +%% Classic RabbitMQ configuration format example. +%% This format should be considered DEPRECATED. +%% +%% Users of RabbitMQ 3.7.x +%% or later should prefer the new style format (rabbitmq.conf) +%% in combination with an advanced.config file (as needed). +%% +%% Related doc guide: https://www.rabbitmq.com/configure.html. See +%% https://rabbitmq.com/documentation.html for documentation ToC. +%% ---------------------------------------------------------------------------- +[ + {rabbit, + [%% + %% Networking + %% ==================== + %% + %% Related doc guide: https://www.rabbitmq.com/networking.html. + + %% By default, RabbitMQ will listen on all interfaces, using + %% the standard (reserved) AMQP port. + %% + %% {tcp_listeners, [5672]}, + + %% To listen on a specific interface, provide a tuple of {IpAddress, Port}. + %% For example, to listen only on localhost for both IPv4 and IPv6: + %% + %% {tcp_listeners, [{"127.0.0.1", 5672}, + %% {"::1", 5672}]}, + + %% TLS listeners are configured in the same fashion as TCP listeners, + %% including the option to control the choice of interface. + %% + %% {ssl_listeners, [5671]}, + + %% Number of Erlang processes that will accept connections for the TCP + %% and TLS listeners. + %% + %% {num_tcp_acceptors, 10}, + %% {num_ssl_acceptors, 1}, + + %% Maximum time for AMQP 0-8/0-9/0-9-1 handshake (after socket connection + %% and TLS handshake), in milliseconds. + %% + %% {handshake_timeout, 10000}, + + %% Set to 'true' to perform reverse DNS lookups when accepting a + %% connection. Hostnames will then be shown instead of IP addresses + %% in rabbitmqctl and the management plugin. + %% + %% {reverse_dns_lookups, false}, + + %% + %% Security, Access Control + %% ======================== + %% + %% Related doc guide: https://www.rabbitmq.com/access-control.html. + + %% The default "guest" user is only permitted to access the server + %% via a loopback interface (e.g. localhost). + %% {loopback_users, [<<"guest">>]}, + %% + %% Uncomment the following line if you want to allow access to the + %% guest user from anywhere on the network. + %% {loopback_users, []}, + + + %% TLS configuration. + %% + %% Related doc guide: https://www.rabbitmq.com/ssl.html. + %% + %% {ssl_options, [{cacertfile, "/path/to/testca/cacert.pem"}, + %% {certfile, "/path/to/server/cert.pem"}, + %% {keyfile, "/path/to/server/key.pem"}, + %% {verify, verify_peer}, + %% {fail_if_no_peer_cert, false}]}, + + %% Choose the available SASL mechanism(s) to expose. + %% The two default (built in) mechanisms are 'PLAIN' and + %% 'AMQPLAIN'. Additional mechanisms can be added via + %% plugins. + %% + %% Related doc guide: https://www.rabbitmq.com/authentication.html. + %% + %% {auth_mechanisms, ['PLAIN', 'AMQPLAIN']}, + + %% Select an authentication database to use. RabbitMQ comes bundled + %% with a built-in auth-database, based on mnesia. + %% + %% {auth_backends, [rabbit_auth_backend_internal]}, + + %% Configurations supporting the rabbitmq_auth_mechanism_ssl and + %% rabbitmq_auth_backend_ldap plugins. + %% + %% NB: These options require that the relevant plugin is enabled. + %% Related doc guide: https://www.rabbitmq.com/plugins.html for further details. + + %% The RabbitMQ-auth-mechanism-ssl plugin makes it possible to + %% authenticate a user based on the client's TLS certificate. + %% + %% To use auth-mechanism-ssl, add to or replace the auth_mechanisms + %% list with the entry 'EXTERNAL'. + %% + %% {auth_mechanisms, ['EXTERNAL']}, + + %% The rabbitmq_auth_backend_ldap plugin allows the broker to + %% perform authentication and authorisation by deferring to an + %% external LDAP server. + %% + %% For more information about configuring the LDAP backend, see + %% https://www.rabbitmq.com/ldap.html. + %% + %% Enable the LDAP auth backend by adding to or replacing the + %% auth_backends entry: + %% + %% {auth_backends, [rabbit_auth_backend_ldap]}, + + %% This pertains to both the rabbitmq_auth_mechanism_ssl plugin and + %% STOMP ssl_cert_login configurations. See the rabbitmq_stomp + %% configuration section later in this file and the README in + %% https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further + %% details. + %% + %% To use the TLS cert's CN instead of its DN as the username + %% + %% {ssl_cert_login_from, distinguished_name}, + + %% TLS handshake timeout, in milliseconds. + %% + %% {ssl_handshake_timeout, 5000}, + + %% Makes RabbitMQ accept SSLv3 client connections by default. + %% DO NOT DO THIS IF YOU CAN HELP IT. + %% + %% {ssl_allow_poodle_attack, false}, + + %% Password hashing implementation. Will only affect newly + %% created users. To recalculate hash for an existing user + %% it's necessary to update her password. + %% + %% When importing definitions exported from versions earlier + %% than 3.6.0, it is possible to go back to MD5 (only do this + %% as a temporary measure!) by setting this to rabbit_password_hashing_md5. + %% + %% To use SHA-512, set to rabbit_password_hashing_sha512. + %% + %% {password_hashing_module, rabbit_password_hashing_sha256}, + + %% Configuration entry encryption. + %% Related doc guide: https://www.rabbitmq.com/configure.html#configuration-encryption + %% + %% To specify the passphrase in the configuration file: + %% + %% {config_entry_decoder, [{passphrase, <<"mypassphrase">>}]} + %% + %% To specify the passphrase in an external file: + %% + %% {config_entry_decoder, [{passphrase, {file, "/path/to/passphrase/file"}}]} + %% + %% To make the broker request the passphrase when it starts: + %% + %% {config_entry_decoder, [{passphrase, prompt}]} + %% + %% To change encryption settings: + %% + %% {config_entry_decoder, [{cipher, aes_cbc256}, + %% {hash, sha512}, + %% {iterations, 1000}]} + + %% + %% Default User / VHost + %% ==================== + %% + + %% On first start RabbitMQ will create a vhost and a user. These + %% config items control what gets created. See + %% https://www.rabbitmq.com/access-control.html for further + %% information about vhosts and access control. + %% + %% {default_vhost, <<"/">>}, + %% {default_user, <<"guest">>}, + %% {default_pass, <<"guest">>}, + %% {default_permissions, [<<".*">>, <<".*">>, <<".*">>]}, + + %% Tags for default user + %% + %% Related doc guide: https://www.rabbitmq.com/management.html. + %% + %% {default_user_tags, [administrator]}, + + %% + %% Additional network and protocol related configuration + %% ===================================================== + %% + + %% Sets the default AMQP 0-9-1 heartbeat timeout in seconds. + %% Values lower than 6 can produce false positives and are not + %% recommended. + %% + %% Related doc guides: + %% + %% * https://www.rabbitmq.com/heartbeats.html + %% * https://www.rabbitmq.com/networking.html + %% + %% {heartbeat, 60}, + + %% Set the max permissible size of an AMQP frame (in bytes). + %% + %% {frame_max, 131072}, + + %% Set the max frame size the server will accept before connection + %% tuning occurs + %% + %% {initial_frame_max, 4096}, + + %% Set the max permissible number of channels per connection. + %% 0 means "no limit". + %% + %% {channel_max, 0}, + + %% Set the max permissible number of client connections to the node. + %% `infinity` means "no limit". + %% + %% This limit applies to client connections to all listeners (regardless of + %% the protocol, whether TLS is used and so on). CLI tools and inter-node + %% connections are exempt. + %% + %% When client connections are rapidly opened in succession, it is possible + %% for the total connection count to go slightly higher than the configured limit. + %% The limit works well as a general safety measure. + %% + %% Clients that are hitting the limit will see their TCP connections fail or time out. + %% + %% Introduced in 3.6.13. + %% + %% Related doc guide: https://www.rabbitmq.com/networking.html. + %% + %% {connection_max, infinity}, + + %% TCP socket options. + %% + %% Related doc guide: https://www.rabbitmq.com/networking.html. + %% + %% {tcp_listen_options, [{backlog, 128}, + %% {nodelay, true}, + %% {exit_on_close, false}]}, + + %% + %% Resource Limits & Flow Control + %% ============================== + %% + %% Related doc guide: https://www.rabbitmq.com/memory.html, https://www.rabbitmq.com/memory-use.html. + + %% Memory-based Flow Control threshold. + %% + %% {vm_memory_high_watermark, 0.4}, + + %% Alternatively, we can set a limit (in bytes) of RAM used by the node. + %% + %% {vm_memory_high_watermark, {absolute, 1073741824}}, + %% + %% Or you can set absolute value using memory units (with RabbitMQ 3.6.0+). + %% + %% {vm_memory_high_watermark, {absolute, "1024M"}}, + %% + %% Supported unit symbols: + %% + %% k, kiB: kibibytes (2^10 - 1,024 bytes) + %% M, MiB: mebibytes (2^20 - 1,048,576 bytes) + %% G, GiB: gibibytes (2^30 - 1,073,741,824 bytes) + %% kB: kilobytes (10^3 - 1,000 bytes) + %% MB: megabytes (10^6 - 1,000,000 bytes) + %% GB: gigabytes (10^9 - 1,000,000,000 bytes) + + %% Fraction of the high watermark limit at which queues start to + %% page message out to disc in order to free up memory. + %% For example, when vm_memory_high_watermark is set to 0.4 and this value is set to 0.5, + %% paging can begin as early as when 20% of total available RAM is used by the node. + %% + %% Values greater than 1.0 can be dangerous and should be used carefully. + %% + %% One alternative to this is to use durable queues and publish messages + %% as persistent (delivery mode = 2). With this combination queues will + %% move messages to disk much more rapidly. + %% + %% Another alternative is to configure queues to page all messages (both + %% persistent and transient) to disk as quickly + %% as possible, see https://www.rabbitmq.com/lazy-queues.html. + %% + %% {vm_memory_high_watermark_paging_ratio, 0.5}, + + %% Selects Erlang VM memory consumption calculation strategy. Can be `allocated`, `rss` or `legacy` (aliased as `erlang`), + %% Introduced in 3.6.11. `rss` is the default as of 3.6.12. + %% See https://github.com/rabbitmq/rabbitmq-server/issues/1223 and rabbitmq/rabbitmq-common#224 for background. + %% {vm_memory_calculation_strategy, rss}, + + %% Interval (in milliseconds) at which we perform the check of the memory + %% levels against the watermarks. + %% + %% {memory_monitor_interval, 2500}, + + %% The total memory available can be calculated from the OS resources + %% - default option - or provided as a configuration parameter: + %% {total_memory_available_override_value, "5000MB"}, + + %% Set disk free limit (in bytes). Once free disk space reaches this + %% lower bound, a disk alarm will be set - see the documentation + %% listed above for more details. + %% + %% {disk_free_limit, 50000000}, + %% + %% Or you can set it using memory units (same as in vm_memory_high_watermark) + %% with RabbitMQ 3.6.0+. + %% {disk_free_limit, "50MB"}, + %% {disk_free_limit, "50000kB"}, + %% {disk_free_limit, "2GB"}, + + %% Alternatively, we can set a limit relative to total available RAM. + %% + %% Values lower than 1.0 can be dangerous and should be used carefully. + %% {disk_free_limit, {mem_relative, 2.0}}, + + %% + %% Clustering + %% ===================== + %% + + %% Queue master location strategy: + %% * <<"min-masters">> + %% * <<"client-local">> + %% * <<"random">> + %% + %% Related doc guide: https://www.rabbitmq.com/ha.html#queue-master-location + %% + %% {queue_master_locator, <<"client-local">>}, + + %% Batch size (number of messages) used during eager queue mirror synchronisation. + %% Related doc guide: https://www.rabbitmq.com/ha.html#batch-sync. When average message size is relatively large + %% (say, 10s of kilobytes or greater), reducing this value will decrease peak amount + %% of RAM used by newly joining nodes that need eager synchronisation. + %% + %% {mirroring_sync_batch_size, 4096}, + + %% Enables flow control between queue mirrors. + %% Disabling this can be dangerous and is not recommended. + %% When flow control is disabled, queue masters can outpace mirrors and not allow mirrors to catch up. + %% Mirrors will end up using increasingly more RAM, eventually triggering a memory alarm. + %% + %% {mirroring_flow_control, true}, + + %% Additional server properties to announce to connecting clients. + %% + %% {server_properties, []}, + + %% How to respond to cluster partitions. + %% Related doc guide: https://www.rabbitmq.com/partitions.html + %% + %% {cluster_partition_handling, ignore}, + + %% Mirror sync batch size, in messages. Increasing this will speed + %% up syncing but total batch size in bytes must not exceed 2 GiB. + %% Available in RabbitMQ 3.6.0 or later. + %% + %% {mirroring_sync_batch_size, 4096}, + + %% Make clustering happen *automatically* at startup - only applied + %% to nodes that have just been reset or started for the first time. + %% Related doc guide: https://www.rabbitmq.com/clustering.html#auto-config + %% + %% {cluster_nodes, {['rabbit@my.host.com'], disc}}, + + %% Interval (in milliseconds) at which we send keepalive messages + %% to other cluster members. Note that this is not the same thing + %% as net_ticktime; missed keepalive messages will not cause nodes + %% to be considered down. + %% + %% {cluster_keepalive_interval, 10000}, + + %% + %% Statistics Collection + %% ===================== + %% + + %% Set (internal) statistics collection granularity. + %% + %% {collect_statistics, none}, + + %% Statistics collection interval (in milliseconds). Increasing + %% this will reduce the load on management database. + %% + %% {collect_statistics_interval, 5000}, + + %% Enables vhosts tracing. + %% + %% {trace_vhosts, []}, + + %% Explicitly enable/disable HiPE compilation. + %% + %% {hipe_compile, false}, + + %% Number of delegate processes to use for intra-cluster communication. + %% On a node which is part of cluster, has more than 16 cores and plenty of network bandwidth, + %% it may make sense to increase this value. + %% + %% {delegate_count, 16}, + + %% Number of times to retry while waiting for internal database tables (Mnesia tables) to sync + %% from a peer. In deployments where nodes can take a long time to boot, this value + %% may need increasing. + %% + %% {mnesia_table_loading_retry_limit, 10}, + + %% Amount of time in milliseconds which this node will wait for internal database tables (Mnesia tables) to sync + %% from a peer. In deployments where nodes can take a long time to boot, this value + %% may need increasing. + %% + %% {mnesia_table_loading_retry_timeout, 30000}, + + %% Size in bytes below which to embed messages in the queue index. + %% Related doc guide: https://www.rabbitmq.com/persistence-conf.html + %% + %% {queue_index_embed_msgs_below, 4096}, + + %% Maximum number of queue index entries to keep in journal + %% Related doc guide: https://www.rabbitmq.com/persistence-conf.html. + %% + %% {queue_index_max_journal_entries, 32768}, + + %% Number of credits that a queue process is given by the message store + %% By default, a queue process is given 4000 message store credits, + %% and then 800 for every 800 messages that it processes. + %% + %% {msg_store_credit_disc_bound, {4000, 800}}, + + %% Minimum number of messages with their queue position held in RAM required + %% to trigger writing their queue position to disk. + %% + %% This value MUST be higher than the initial msg_store_credit_disc_bound value, + %% otherwise paging performance may worsen. + %% + %% {msg_store_io_batch_size, 4096}, + + %% Number of credits that a connection, channel or queue are given. + %% + %% By default, every connection, channel or queue is given 400 credits, + %% and then 200 for every 200 messages that it sends to a peer process. + %% Increasing these values may help with throughput but also can be dangerous: + %% high credit flow values are no different from not having flow control at all. + %% + %% Related doc guide: https://www.rabbitmq.com/blog/2015/10/06/new-credit-flow-settings-on-rabbitmq-3-5-5/ + %% and http://alvaro-videla.com/2013/09/rabbitmq-internals-credit-flow-for-erlang-processes.html. + %% + %% {credit_flow_default_credit, {400, 200}}, + + %% Number of milliseconds before a channel operation times out. + %% + %% {channel_operation_timeout, 15000}, + + %% Number of queue operations required to trigger an explicit garbage collection. + %% Increasing this value may reduce CPU load and increase peak RAM consumption of queues. + %% + %% {queue_explicit_gc_run_operation_threshold, 1000}, + + %% Number of lazy queue operations required to trigger an explicit garbage collection. + %% Increasing this value may reduce CPU load and increase peak RAM consumption of lazy queues. + %% + %% {lazy_queue_explicit_gc_run_operation_threshold, 1000}, + + %% Number of times disk monitor will retry free disk space queries before + %% giving up. + %% + %% {disk_monitor_failure_retries, 10}, + + %% Milliseconds to wait between disk monitor retries on failures. + %% + %% {disk_monitor_failure_retry_interval, 120000}, + + %% Whether or not to enable background periodic forced GC runs for all + %% Erlang processes on the node in "waiting" state. + %% + %% Disabling background GC may reduce latency for client operations, + %% keeping it enabled may reduce median RAM usage by the binary heap + %% (see https://www.erlang-solutions.com/blog/erlang-garbage-collector.html). + %% + %% Before enabling this option, please take a look at the memory + %% breakdown (https://www.rabbitmq.com/memory-use.html). + %% + %% {background_gc_enabled, false}, + + %% Interval (in milliseconds) at which we run background GC. + %% + %% {background_gc_target_interval, 60000}, + + %% Message store operations are stored in a sequence of files called segments. + %% This controls max size of a segment file. + %% Increasing this value may speed up (sequential) disk writes but will slow down segment GC process. + %% DO NOT CHANGE THIS for existing installations. + %% + %% {msg_store_file_size_limit, 16777216}, + + %% Whether or not to enable file write buffering. + %% + %% {fhc_write_buffering, true}, + + %% Whether or not to enable file read buffering. Enabling + %% this may slightly speed up reads but will also increase + %% node's memory consumption, in particular on boot. + %% + %% {fhc_read_buffering, false} + + ]}, + + %% ---------------------------------------------------------------------------- + %% Advanced Erlang Networking/Clustering Options. + %% + %% Related doc guide: https://www.rabbitmq.com/clustering.html + %% ---------------------------------------------------------------------------- + {kernel, + [%% Sets the net_kernel tick time. + %% Please see http://erlang.org/doc/man/kernel_app.html and + %% https://www.rabbitmq.com/nettick.html for further details. + %% + %% {net_ticktime, 60} + ]}, + + %% ---------------------------------------------------------------------------- + %% RabbitMQ Management Plugin + %% + %% Related doc guide: https://www.rabbitmq.com/management.html + %% ---------------------------------------------------------------------------- + + {rabbitmq_management, + [%% Preload schema definitions from a previously exported definitions file. See + %% https://www.rabbitmq.com/management.html#load-definitions + %% + %% {load_definitions, "/path/to/exported/definitions.json"}, + + %% Log all requests to the management HTTP API to a directory. + %% + %% {http_log_dir, "/path/to/rabbitmq/logs/http"}, + + %% Change the port on which the HTTP listener listens, + %% specifying an interface for the web server to bind to. + %% Also set the listener to use TLS and provide TLS options. + %% + %% {listener, [{port, 12345}, + %% {ip, "127.0.0.1"}, + %% {ssl, true}, + %% {ssl_opts, [{cacertfile, "/path/to/cacert.pem"}, + %% {certfile, "/path/to/cert.pem"}, + %% {keyfile, "/path/to/key.pem"}]}]}, + + %% One of 'basic', 'detailed' or 'none'. See + %% https://www.rabbitmq.com/management.html#fine-stats for more details. + %% {rates_mode, basic}, + + %% Configure how long aggregated data (such as message rates and queue + %% lengths) is retained. Please read the plugin's documentation in + %% https://www.rabbitmq.com/management.html#configuration for more + %% details. + %% + %% {sample_retention_policies, + %% [{global, [{60, 5}, {3600, 60}, {86400, 1200}]}, + %% {basic, [{60, 5}, {3600, 60}]}, + %% {detailed, [{10, 5}]}]} + ]}, + + %% ---------------------------------------------------------------------------- + %% RabbitMQ Shovel Plugin + %% + %% Related doc guide: https://www.rabbitmq.com/shovel.html + %% ---------------------------------------------------------------------------- + + {rabbitmq_shovel, + [{shovels, + [%% A named shovel worker. + %% {my_first_shovel, + %% [ + + %% List the source broker(s) from which to consume. + %% + %% {sources, + %% [%% URI(s) and pre-declarations for all source broker(s). + %% {brokers, ["amqp://user:password@host.domain/my_vhost"]}, + %% {declarations, []} + %% ]}, + + %% List the destination broker(s) to publish to. + %% {destinations, + %% [%% A singular version of the 'brokers' element. + %% {broker, "amqp://"}, + %% {declarations, []} + %% ]}, + + %% Name of the queue to shovel messages from. + %% + %% {queue, <<"your-queue-name-goes-here">>}, + + %% Optional prefetch count. + %% + %% {prefetch_count, 10}, + + %% when to acknowledge messages: + %% - no_ack: never (auto) + %% - on_publish: after each message is republished + %% - on_confirm: when the destination broker confirms receipt + %% + %% {ack_mode, on_confirm}, + + %% Overwrite fields of the outbound basic.publish. + %% + %% {publish_fields, [{exchange, <<"my_exchange">>}, + %% {routing_key, <<"from_shovel">>}]}, + + %% Static list of basic.properties to set on re-publication. + %% + %% {publish_properties, [{delivery_mode, 2}]}, + + %% The number of seconds to wait before attempting to + %% reconnect in the event of a connection failure. + %% + %% {reconnect_delay, 2.5} + + %% ]} %% End of my_first_shovel + ]} + %% Rather than specifying some values per-shovel, you can specify + %% them for all shovels here. + %% + %% {defaults, [{prefetch_count, 0}, + %% {ack_mode, on_confirm}, + %% {publish_fields, []}, + %% {publish_properties, [{delivery_mode, 2}]}, + %% {reconnect_delay, 2.5}]} + ]}, + + %% ---------------------------------------------------------------------------- + %% RabbitMQ STOMP Plugin + %% + %% Related doc guide: https://www.rabbitmq.com/stomp.html + %% ---------------------------------------------------------------------------- + + {rabbitmq_stomp, + [%% Network Configuration - the format is generally the same as for the broker + + %% Listen only on localhost (ipv4 & ipv6) on a specific port. + %% {tcp_listeners, [{"127.0.0.1", 61613}, + %% {"::1", 61613}]}, + + %% Listen for TLS connections on a specific port. + %% {ssl_listeners, [61614]}, + + %% Number of Erlang processes that will accept connections for the TCP + %% and TLS listeners. + %% + %% {num_tcp_acceptors, 10}, + %% {num_ssl_acceptors, 1}, + + %% Additional TLS options + + %% Extract a name from the client's certificate when using TLS. + %% + %% {ssl_cert_login, true}, + + %% Set a default user name and password. This is used as the default login + %% whenever a CONNECT frame omits the login and passcode headers. + %% + %% Please note that setting this will allow clients to connect without + %% authenticating! + %% + %% {default_user, [{login, "guest"}, + %% {passcode, "guest"}]}, + + %% If a default user is configured, or you have configured use TLS client + %% certificate based authentication, you can choose to allow clients to + %% omit the CONNECT frame entirely. If set to true, the client is + %% automatically connected as the default user or user supplied in the + %% TLS certificate whenever the first frame sent on a session is not a + %% CONNECT frame. + %% + %% {implicit_connect, true}, + + %% Whether or not to enable proxy protocol support. + %% Once enabled, clients cannot directly connect to the broker + %% anymore. They must connect through a load balancer that sends the + %% proxy protocol header to the broker at connection time. + %% This setting applies only to STOMP clients, other protocols + %% like MQTT or AMQP have their own setting to enable proxy protocol. + %% See the plugins or broker documentation for more information. + %% + %% {proxy_protocol, false} + ]}, + + %% ---------------------------------------------------------------------------- + %% RabbitMQ MQTT Plugin + %% + %% Related doc guide: https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md + %% + %% ---------------------------------------------------------------------------- + + {rabbitmq_mqtt, + [%% Set the default user name and password. Will be used as the default login + %% if a connecting client provides no other login details. + %% + %% Please note that setting this will allow clients to connect without + %% authenticating! + %% + %% {default_user, <<"guest">>}, + %% {default_pass, <<"guest">>}, + + %% Enable anonymous access. If this is set to false, clients MUST provide + %% login information in order to connect. See the default_user/default_pass + %% configuration elements for managing logins without authentication. + %% + %% {allow_anonymous, true}, + + %% If you have multiple chosts, specify the one to which the + %% adapter connects. + %% + %% {vhost, <<"/">>}, + + %% Specify the exchange to which messages from MQTT clients are published. + %% + %% {exchange, <<"amq.topic">>}, + + %% Specify TTL (time to live) to control the lifetime of non-clean sessions. + %% + %% {subscription_ttl, 1800000}, + + %% Set the prefetch count (governing the maximum number of unacknowledged + %% messages that will be delivered). + %% + %% {prefetch, 10}, + + %% TLS listeners. + %% See https://www.rabbitmq.com/networking.html + %% + %% {tcp_listeners, [1883]}, + %% {ssl_listeners, []}, + + %% Number of Erlang processes that will accept connections for the TCP + %% and TLS listeners. + %% See https://www.rabbitmq.com/networking.html + %% + %% {num_tcp_acceptors, 10}, + %% {num_ssl_acceptors, 1}, + + %% TCP socket options. + %% See https://www.rabbitmq.com/networking.html + %% + %% {tcp_listen_options, [ + %% {backlog, 128}, + %% {linger, {true, 0}}, + %% {exit_on_close, false} + %% ]}, + + %% Whether or not to enable proxy protocol support. + %% Once enabled, clients cannot directly connect to the broker + %% anymore. They must connect through a load balancer that sends the + %% proxy protocol header to the broker at connection time. + %% This setting applies only to MQTT clients, other protocols + %% like STOMP or AMQP have their own setting to enable proxy protocol. + %% See the plugins or broker documentation for more information. + %% + %% {proxy_protocol, false} + ]}, + + %% ---------------------------------------------------------------------------- + %% RabbitMQ AMQP 1.0 Support + %% + %% Related doc guide: https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md + %% + %% ---------------------------------------------------------------------------- + + {rabbitmq_amqp1_0, + [%% Connections that are not authenticated with SASL will connect as this + %% account. See the README for more information. + %% + %% Please note that setting this will allow clients to connect without + %% authenticating! + %% + %% {default_user, "guest"}, + + %% Enable protocol strict mode. See the README for more information. + %% + %% {protocol_strict_mode, false} + ]}, + + %% ---------------------------------------------------------------------------- + %% RabbitMQ LDAP Plugin + %% + %% Related doc guide: https://www.rabbitmq.com/ldap.html. + %% + %% ---------------------------------------------------------------------------- + + {rabbitmq_auth_backend_ldap, + [%% + %% Connecting to the LDAP server(s) + %% ================================ + %% + + %% Specify servers to bind to. You *must* set this in order for the plugin + %% to work properly. + %% + %% {servers, ["your-server-name-goes-here"]}, + + %% Connect to the LDAP server using TLS + %% + %% {use_ssl, false}, + + %% Specify the LDAP port to connect to + %% + %% {port, 389}, + + %% LDAP connection timeout, in milliseconds or 'infinity' + %% + %% {timeout, infinity}, + + %% Enable logging of LDAP queries. + %% One of + %% - false (no logging is performed) + %% - true (verbose logging of the logic used by the plugin) + %% - network (as true, but additionally logs LDAP network traffic) + %% + %% Defaults to false. + %% + %% {log, false}, + + %% + %% Authentication + %% ============== + %% + + %% Pattern to convert the username given through AMQP to a DN before + %% binding + %% + %% {user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"}, + + %% Alternatively, you can convert a username to a Distinguished + %% Name via an LDAP lookup after binding. See the documentation for + %% full details. + + %% When converting a username to a dn via a lookup, set these to + %% the name of the attribute that represents the user name, and the + %% base DN for the lookup query. + %% + %% {dn_lookup_attribute, "userPrincipalName"}, + %% {dn_lookup_base, "DC=gopivotal,DC=com"}, + + %% Controls how to bind for authorisation queries and also to + %% retrieve the details of users logging in without presenting a + %% password (e.g., SASL EXTERNAL). + %% One of + %% - as_user (to bind as the authenticated user - requires a password) + %% - anon (to bind anonymously) + %% - {UserDN, Password} (to bind with a specified user name and password) + %% + %% Defaults to 'as_user'. + %% + %% {other_bind, as_user}, + + %% + %% Authorisation + %% ============= + %% + + %% The LDAP plugin can perform a variety of queries against your + %% LDAP server to determine questions of authorisation. See + %% https://www.rabbitmq.com/ldap.html#authorisation for more + %% information. + + %% Set the query to use when determining vhost access + %% + %% {vhost_access_query, {in_group, + %% "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}}, + + %% Set the query to use when determining resource (e.g., queue) access + %% + %% {resource_access_query, {constant, true}}, + + %% Set queries to determine which tags a user has + %% + %% {tag_queries, []} + ]}, + + %% Lager controls logging. + %% See https://github.com/basho/lager for more documentation + {lager, [ + %% + %% Log directory, taken from the RABBITMQ_LOG_BASE env variable by default. + %% {log_root, "/var/log/rabbitmq"}, + %% + %% All log messages go to the default "sink" configured with + %% the `handlers` parameter. By default, it has a single + %% lager_file_backend handler writing messages to "$nodename.log" + %% (ie. the value of $RABBIT_LOGS). + %% {handlers, [ + %% {lager_file_backend, [{file, "rabbit.log"}, + %% {level, info}, + %% {date, ""}, + %% {size, 0}]} + %% ]}, + %% + %% Extra sinks are used in RabbitMQ to categorize messages. By + %% default, those extra sinks are configured to forward messages + %% to the default sink (see above). "rabbit_log_lager_event" + %% is the default category where all RabbitMQ messages without + %% a category go. Messages in the "channel" category go to the + %% "rabbit_channel_lager_event" Lager extra sink, and so on. + %% {extra_sinks, [ + %% {rabbit_log_lager_event, [{handlers, [ + %% {lager_forwarder_backend, + %% [lager_event, info]}]}]}, + %% {rabbit_channel_lager_event, [{handlers, [ + %% {lager_forwarder_backend, + %% [lager_event, info]}]}]}, + %% {rabbit_connection_lager_event, [{handlers, [ + %% {lager_forwarder_backend, + %% [lager_event, info]}]}]}, + %% {rabbit_mirroring_lager_event, [{handlers, [ + %% {lager_forwarder_backend, + %% [lager_event, info]}]}]} + %% ]} + ]} +]. diff --git a/docker/rabbitmq/rabbitmq/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez b/docker/rabbitmq/rabbitmq/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez new file mode 100644 index 0000000..2301a0d Binary files /dev/null and b/docker/rabbitmq/rabbitmq/plugins/rabbitmq_delayed_message_exchange-3.9.0.ez differ diff --git a/docker/rocketmq/docker-compose-rocketmq.yml b/docker/rocketmq/docker-compose-rocketmq.yml new file mode 100644 index 0000000..42a8649 --- /dev/null +++ b/docker/rocketmq/docker-compose-rocketmq.yml @@ -0,0 +1,59 @@ +version: '3.5' +services: + # mq服务 + rocketmq_server: + image: foxiswho/rocketmq:server + container_name: rocketmq_server + ports: + - 9876:9876 + volumes: + - ./rocketmq/rocketmq_server/logs:/opt/logs + - ./rocketmq/rocketmq_server/store:/opt/store + networks: + rocketmq: + aliases: + - rocketmq_server + + # mq中间件 + rocketmq_broker: + image: foxiswho/rocketmq:broker + container_name: rocketmq_broker + ports: + - 10909:10909 + - 10911:10911 + volumes: + - ./rocketmq/rocketmq_broker/logs:/opt/logs + - ./rocketmq/rocketmq_broker/store:/opt/store + - ./rocketmq/rocketmq_broker/conf/broker.conf:/etc/rocketmq/broker.conf + environment: + NAMESRV_ADDR: "rocketmq_server:9876" + JAVA_OPTS: " -Duser.home=/opt" + JAVA_OPT_EXT: "-server -Xms128m -Xmx128m -Xmn128m" + command: mqbroker -c /etc/rocketmq/broker.conf + depends_on: + - rocketmq_server + networks: + rocketmq: + aliases: + - rocketmq_broker + + # mq可视化控制台 + rocketmq_console_ng: + image: styletang/rocketmq-console-ng + container_name: rocketmq_console_ng + ports: + - 9002:8080 + environment: + JAVA_OPTS: "-Drocketmq.namesrv.addr=rocketmq_server:9876 -Dcom.rocketmq.sendMessageWithVIPChannel=false" + depends_on: + - rocketmq_server + networks: + rocketmq: + aliases: + - rocketmq_console_ng + +#容器通信network +networks: + rocketmq: + name: rocketmq + driver: bridge diff --git a/docker/rocketmq/rocketmq/rocketmq_broker/conf/broker.conf b/docker/rocketmq/rocketmq/rocketmq_broker/conf/broker.conf new file mode 100644 index 0000000..d73c117 --- /dev/null +++ b/docker/rocketmq/rocketmq/rocketmq_broker/conf/broker.conf @@ -0,0 +1,96 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# 所属集群名字 +brokerClusterName=DefaultCluster + +# broker 名字,注意此处不同的配置文件填写的不一样,如果在 broker-a.properties 使用: broker-a, +# 在 broker-b.properties 使用: broker-b +brokerName=broker-a + +# 0 表示 Master,> 0 表示 Slave +brokerId=0 + +# nameServer地址,分号分割 +# namesrvAddr=rocketmq-nameserver1:9876;rocketmq-nameserver2:9876 + +# 启动IP,如果 docker 报 com.alibaba.rocketmq.remoting.exception.RemotingConnectException: connect to <192.168.0.88:10909> failed +# 解决方式1 加上一句 producer.setVipChannelEnabled(false);,解决方式2 brokerIP1 设置宿主机IP,不要使用docker 内部IP +# brokerIP1=192.168.0.88 + +# 在发送消息时,自动创建服务器不存在的topic,默认创建的队列数 +defaultTopicQueueNums=4 + +# 是否允许 Broker 自动创建 Topic,建议线下开启,线上关闭 !!!这里仔细看是 false,false,false +autoCreateTopicEnable=true + +# 是否允许 Broker 自动创建订阅组,建议线下开启,线上关闭 +autoCreateSubscriptionGroup=true + +# Broker 对外服务的监听端口 +listenPort=10911 + +# 删除文件时间点,默认凌晨4点 +deleteWhen=04 + +# 文件保留时间,默认48小时 +fileReservedTime=120 + +# commitLog 每个文件的大小默认1G +mapedFileSizeCommitLog=1073741824 + +# ConsumeQueue 每个文件默认存 30W 条,根据业务情况调整 +mapedFileSizeConsumeQueue=300000 + +# destroyMapedFileIntervalForcibly=120000 +# redeleteHangedFileInterval=120000 +# 检测物理文件磁盘空间 +diskMaxUsedSpaceRatio=88 +# 存储路径 +# storePathRootDir=/home/ztztdata/rocketmq-all-4.1.0-incubating/store +# commitLog 存储路径 +# storePathCommitLog=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/commitlog +# 消费队列存储 +# storePathConsumeQueue=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/consumequeue +# 消息索引存储路径 +# storePathIndex=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/index +# checkpoint 文件存储路径 +# storeCheckpoint=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/checkpoint +# abort 文件存储路径 +# abortFile=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/abort +# 限制的消息大小 +maxMessageSize=65536 + +# flushCommitLogLeastPages=4 +# flushConsumeQueueLeastPages=2 +# flushCommitLogThoroughInterval=10000 +# flushConsumeQueueThoroughInterval=60000 + +# Broker 的角色 +# - ASYNC_MASTER 异步复制Master +# - SYNC_MASTER 同步双写Master +# - SLAVE +brokerRole=ASYNC_MASTER + +# 刷盘方式 +# - ASYNC_FLUSH 异步刷盘 +# - SYNC_FLUSH 同步刷盘 +flushDiskType=ASYNC_FLUSH + +# 发消息线程池数量 +# sendMessageThreadPoolNums=128 +# 拉消息线程池数量 +# pullMessageThreadPoolNums=128