From 41a7169862ea9594780381ef3c4702c7e201e41d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nguy=E1=BB=85n=20=C4=90=E1=BB=A9c=20Chi=E1=BA=BFn?= Date: Mon, 22 Aug 2022 23:10:32 +0700 Subject: [PATCH] [bitnami/rabbitmq] Support additional virtual host via RABBITMQ_VHOSTS (#2061) * [bitnami/rabbitmq] Support additional virtual host via RABBITMQ_VHOSTS Signed-off-by: Nobi * [bitnami/rabbitmq] Grant permission user to vhosts Signed-off-by: Nobi Signed-off-by: Nobi --- .../rootfs/opt/bitnami/scripts/librabbitmq.sh | 51 +++++++++++++++++++ .../opt/bitnami/scripts/rabbitmq-env.sh | 4 ++ .../rootfs/opt/bitnami/scripts/librabbitmq.sh | 51 +++++++++++++++++++ .../opt/bitnami/scripts/rabbitmq-env.sh | 4 ++ bitnami/rabbitmq/README.md | 1 + 5 files changed, 111 insertions(+) diff --git a/bitnami/rabbitmq/3.10/debian-11/rootfs/opt/bitnami/scripts/librabbitmq.sh b/bitnami/rabbitmq/3.10/debian-11/rootfs/opt/bitnami/scripts/librabbitmq.sh index 123c8427b8e3..d08c6ec841ec 100644 --- a/bitnami/rabbitmq/3.10/debian-11/rootfs/opt/bitnami/scripts/librabbitmq.sh +++ b/bitnami/rabbitmq/3.10/debian-11/rootfs/opt/bitnami/scripts/librabbitmq.sh @@ -718,6 +718,48 @@ rabbitmq_join_cluster() { debug_execute "${RABBITMQ_BIN_DIR}/rabbitmqctl" start_app } +######################## +# Declare a new virtual host +# Globals: +# BITNAMI_DEBUG +# RABBITMQ_BIN_DIR +# Arguments: +# $1 - Name +# Returns: +# None +######################### +rabbitmq_declare_vhost() { + local name="${1:?name is required}" + debug "Declaring vhost '${name}'..." + + if ! debug_execute "${RABBITMQ_BIN_DIR}/rabbitmqctl" add_vhost -- "${name}"; then + error "Couldn't declared vhost '${name}'." + return 1 + fi +} + +######################## +# Allow a user to access a virtual host +# Globals: +# BITNAMI_DEBUG +# RABBITMQ_BIN_DIR +# Arguments: +# $1 - User +# $2 - Vhost +# Returns: +# None +######################### +rabbitmq_set_user_vhost_permission() { + local user="${1:?user is required}" + local vhost="${2:?vhost is required}" + debug "Assigning permissions to user '${user}' to access vhost '${vhost}'..." + + if ! debug_execute "${RABBITMQ_BIN_DIR}/rabbitmqctl" set_permissions --vhost "${vhost}" "${user}" ".*" ".*" ".*"; then + error "Couldn't assigned perrmissions to user '${user}' to access vhost '${vhost}'." + return 1 + fi +} + ######################## # Ensure RabbitMQ is initialized # Globals: @@ -781,6 +823,15 @@ rabbitmq_initialize() { rabbitmq_change_password "$RABBITMQ_USERNAME" "$RABBITMQ_PASSWORD" fi + if [[ -n "${RABBITMQ_VHOSTS:-}" ]]; then + for vhost in ${RABBITMQ_VHOSTS}; do + rabbitmq_declare_vhost "${vhost}" + if [[ -n "${RABBITMQ_USERNAME}" ]]; then + rabbitmq_set_user_vhost_permission "${RABBITMQ_USERNAME}" "${vhost}" + fi + done + fi + if [[ "$RABBITMQ_NODE_TYPE" != "stats" ]] && [[ -n "$RABBITMQ_CLUSTER_NODE_NAME" ]]; then rabbitmq_join_cluster "$RABBITMQ_CLUSTER_NODE_NAME" "$RABBITMQ_NODE_TYPE" fi diff --git a/bitnami/rabbitmq/3.10/debian-11/rootfs/opt/bitnami/scripts/rabbitmq-env.sh b/bitnami/rabbitmq/3.10/debian-11/rootfs/opt/bitnami/scripts/rabbitmq-env.sh index 64835847d8ea..5fa07892f893 100644 --- a/bitnami/rabbitmq/3.10/debian-11/rootfs/opt/bitnami/scripts/rabbitmq-env.sh +++ b/bitnami/rabbitmq/3.10/debian-11/rootfs/opt/bitnami/scripts/rabbitmq-env.sh @@ -39,6 +39,7 @@ rabbitmq_env_vars=( RABBITMQ_NODE_PORT_NUMBER RABBITMQ_NODE_TYPE RABBITMQ_VHOST + RABBITMQ_VHOSTS RABBITMQ_CLUSTER_REBALANCE RABBITMQ_CLUSTER_REBALANCE_ATTEMPTS RABBITMQ_USERNAME @@ -138,6 +139,9 @@ export RABBITMQ_USERNAME="${RABBITMQ_USERNAME:-user}" RABBITMQ_PASSWORD="${RABBITMQ_PASSWORD:-"${RABBITMQ_DEFAULT_PASS:-}"}" export RABBITMQ_PASSWORD="${RABBITMQ_PASSWORD:-bitnami}" +# RabbitMQ vhosts +export RABBITMQ_VHOSTS="${RABBITMQ_VHOSTS:-}" + # Force boot cluster export RABBITMQ_FORCE_BOOT="${RABBITMQ_FORCE_BOOT:-no}" diff --git a/bitnami/rabbitmq/3.9/debian-11/rootfs/opt/bitnami/scripts/librabbitmq.sh b/bitnami/rabbitmq/3.9/debian-11/rootfs/opt/bitnami/scripts/librabbitmq.sh index 123c8427b8e3..d08c6ec841ec 100644 --- a/bitnami/rabbitmq/3.9/debian-11/rootfs/opt/bitnami/scripts/librabbitmq.sh +++ b/bitnami/rabbitmq/3.9/debian-11/rootfs/opt/bitnami/scripts/librabbitmq.sh @@ -718,6 +718,48 @@ rabbitmq_join_cluster() { debug_execute "${RABBITMQ_BIN_DIR}/rabbitmqctl" start_app } +######################## +# Declare a new virtual host +# Globals: +# BITNAMI_DEBUG +# RABBITMQ_BIN_DIR +# Arguments: +# $1 - Name +# Returns: +# None +######################### +rabbitmq_declare_vhost() { + local name="${1:?name is required}" + debug "Declaring vhost '${name}'..." + + if ! debug_execute "${RABBITMQ_BIN_DIR}/rabbitmqctl" add_vhost -- "${name}"; then + error "Couldn't declared vhost '${name}'." + return 1 + fi +} + +######################## +# Allow a user to access a virtual host +# Globals: +# BITNAMI_DEBUG +# RABBITMQ_BIN_DIR +# Arguments: +# $1 - User +# $2 - Vhost +# Returns: +# None +######################### +rabbitmq_set_user_vhost_permission() { + local user="${1:?user is required}" + local vhost="${2:?vhost is required}" + debug "Assigning permissions to user '${user}' to access vhost '${vhost}'..." + + if ! debug_execute "${RABBITMQ_BIN_DIR}/rabbitmqctl" set_permissions --vhost "${vhost}" "${user}" ".*" ".*" ".*"; then + error "Couldn't assigned perrmissions to user '${user}' to access vhost '${vhost}'." + return 1 + fi +} + ######################## # Ensure RabbitMQ is initialized # Globals: @@ -781,6 +823,15 @@ rabbitmq_initialize() { rabbitmq_change_password "$RABBITMQ_USERNAME" "$RABBITMQ_PASSWORD" fi + if [[ -n "${RABBITMQ_VHOSTS:-}" ]]; then + for vhost in ${RABBITMQ_VHOSTS}; do + rabbitmq_declare_vhost "${vhost}" + if [[ -n "${RABBITMQ_USERNAME}" ]]; then + rabbitmq_set_user_vhost_permission "${RABBITMQ_USERNAME}" "${vhost}" + fi + done + fi + if [[ "$RABBITMQ_NODE_TYPE" != "stats" ]] && [[ -n "$RABBITMQ_CLUSTER_NODE_NAME" ]]; then rabbitmq_join_cluster "$RABBITMQ_CLUSTER_NODE_NAME" "$RABBITMQ_NODE_TYPE" fi diff --git a/bitnami/rabbitmq/3.9/debian-11/rootfs/opt/bitnami/scripts/rabbitmq-env.sh b/bitnami/rabbitmq/3.9/debian-11/rootfs/opt/bitnami/scripts/rabbitmq-env.sh index 64835847d8ea..5fa07892f893 100644 --- a/bitnami/rabbitmq/3.9/debian-11/rootfs/opt/bitnami/scripts/rabbitmq-env.sh +++ b/bitnami/rabbitmq/3.9/debian-11/rootfs/opt/bitnami/scripts/rabbitmq-env.sh @@ -39,6 +39,7 @@ rabbitmq_env_vars=( RABBITMQ_NODE_PORT_NUMBER RABBITMQ_NODE_TYPE RABBITMQ_VHOST + RABBITMQ_VHOSTS RABBITMQ_CLUSTER_REBALANCE RABBITMQ_CLUSTER_REBALANCE_ATTEMPTS RABBITMQ_USERNAME @@ -138,6 +139,9 @@ export RABBITMQ_USERNAME="${RABBITMQ_USERNAME:-user}" RABBITMQ_PASSWORD="${RABBITMQ_PASSWORD:-"${RABBITMQ_DEFAULT_PASS:-}"}" export RABBITMQ_PASSWORD="${RABBITMQ_PASSWORD:-bitnami}" +# RabbitMQ vhosts +export RABBITMQ_VHOSTS="${RABBITMQ_VHOSTS:-}" + # Force boot cluster export RABBITMQ_FORCE_BOOT="${RABBITMQ_FORCE_BOOT:-no}" diff --git a/bitnami/rabbitmq/README.md b/bitnami/rabbitmq/README.md index db04dacf33f5..994e11ddec96 100644 --- a/bitnami/rabbitmq/README.md +++ b/bitnami/rabbitmq/README.md @@ -190,6 +190,7 @@ Available variables: #### Node and cluster configuration * `RABBITMQ_VHOST`: RabbitMQ application vhost. Default: **/** +* `RABBITMQ_VHOSTS`: List of additional virtual host (vhost), separated by space. E.g.: **/shared /prioritized /tasks** * `RABBITMQ_USERNAME`: RabbitMQ application username. Default: **user** * `RABBITMQ_PASSWORD`: RabbitMQ application password. Default: **bitnami** * `RABBITMQ_SECURE_PASSWORD`: Whether to set the RabbitMQ password securely. This is incompatible with loading external RabbitMQ definitions. Default: **no**