root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Use Osiris helper to configure stream replication over TLS 

References rabbitmq/osiris#16
This commit is contained in:
Arnaud Cogoluègnes 2021-10-11 17:26:50 +02:00
parent 7d57a5e7fb
commit 6d23b2846c
No known key found for this signature in database
GPG Key ID: D5C8C4DFAD43AFA8
1 changed files with 27 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
deps/rabbit/apps/rabbitmq_prelaunch/src/rabbit_prelaunch_conf.erl vendored
View File

@ -89,6 +89,14 @@ get_config_state() ->
set_default_config() -> set_default_config() ->
?LOG_DEBUG("Setting default config", ?LOG_DEBUG("Setting default config",
#{domain => ?RMQLOG_DOMAIN_PRELAUNCH}), #{domain => ?RMQLOG_DOMAIN_PRELAUNCH}),
OsirisConfig =
case osiris_util:get_replication_configuration_from_tls_dist(
fun osiris_log/3) of
[] ->
[];
OsirisTlsReplicationConfig ->
[{osiris, OsirisTlsReplicationConfig}]
end,
Config = [ Config = [
{ra, {ra,
[ [
@ -114,9 +122,20 @@ set_default_config() ->
{heap_word_limit, 0}, {heap_word_limit, 0},
{busy_port, false}, {busy_port, false},
{busy_dist_port, true}]} {busy_dist_port, true}]}
| OsirisConfig
], ],
apply_erlang_term_based_config(Config). apply_erlang_term_based_config(Config).
osiris_log(debug, Fmt, Args) ->
?LOG_DEBUG(Fmt, Args,
#{domain => ?RMQLOG_DOMAIN_PRELAUNCH});
osiris_log(warn, Fmt, Args) ->
?LOG_WARNING(Fmt, Args,
#{domain => ?RMQLOG_DOMAIN_PRELAUNCH});
osiris_log(_, Fmt, Args) ->
?LOG_INFO(Fmt, Args,
#{domain => ?RMQLOG_DOMAIN_PRELAUNCH}).
find_actual_main_config_file(#{main_config_file := File}) -> find_actual_main_config_file(#{main_config_file := File}) ->
case filelib:is_regular(File) of case filelib:is_regular(File) of
true -> true ->
@ -401,10 +420,11 @@ apply_app_env_vars(_, []) ->
ok. ok.
log_app_env_var(password = Var, _) -> log_app_env_var(password = Var, _) ->
?LOG_DEBUG(" - ~s = ~p", [Var, "********"], ?LOG_DEBUG(" - ~s = ********", [Var],
#{domain => ?RMQLOG_DOMAIN_PRELAUNCH}); #{domain => ?RMQLOG_DOMAIN_PRELAUNCH});
log_app_env_var(Var, Value) when is_list(Value) -> log_app_env_var(Var, Value) when is_list(Value) ->
% to redact sensitive entries, e.g. {password,"********"} for stream replication over TLS %% To redact sensitive entries,
%% e.g. {password,"********"} for stream replication over TLS
Redacted = redact_env_var(Value), Redacted = redact_env_var(Value),
?LOG_DEBUG(" - ~s = ~p", [Var, Redacted], ?LOG_DEBUG(" - ~s = ~p", [Var, Redacted],
#{domain => ?RMQLOG_DOMAIN_PRELAUNCH}); #{domain => ?RMQLOG_DOMAIN_PRELAUNCH});
@ -418,11 +438,11 @@ redact_env_var(Value) ->
Value. Value.
redact_env_var([], Acc) -> redact_env_var([], Acc) ->
Acc; lists:reverse(Acc);
redact_env_var([{password, _V} | T], Acc) -> redact_env_var([{password, _Value} | Rest], Acc) ->
redact_env_var(T, Acc ++ [{password, "********"}]); redact_env_var(Rest, Acc ++ [{password, "********"}]);
redact_env_var([H | T], Acc) -> redact_env_var([AppVar | Rest], Acc) ->
redact_env_var(T, Acc ++ [H]). redact_env_var(Rest, [AppVar | Acc]).
set_credentials_obfuscation_secret() -> set_credentials_obfuscation_secret() ->
?LOG_DEBUG( ?LOG_DEBUG(