91def52b97
This change updates the default heartbeat and handshake timeouts by simply doubling the default handshake timings and updating the heartbeat timeout from 60 to 640. Signed-off-by: Kevin Carter <kevin@cloudnull.com> Change-Id: I8fd7125e40b68ae1e2788602e3fa493ba7d8098d
77 lines
2.7 KiB
Django/Jinja
77 lines
2.7 KiB
Django/Jinja
|
|
collect_statistics_interval = {{ rabbitmq_collect_statistics_interval }}
|
|
|
|
log.journald = true
|
|
log.file = false
|
|
heartbeat = 640
|
|
ssl_handshake_timeout = 20000
|
|
handshake_timeout = 40000
|
|
|
|
{% for key, value in rabbitmq_port_bindings.items() %}
|
|
{% if 'tcp' in key %}
|
|
{% set _opt = 'tcp' %}
|
|
{% elif 'ssl' in key %}
|
|
{% set _opt = 'ssl' %}
|
|
{% endif %}
|
|
{% for _key, _value in value.items() %}
|
|
listeners.{{ _opt }}.{{ loop.index }} = {{ _key }}:{{ _value }}
|
|
{% endfor %}
|
|
{% endfor %}
|
|
|
|
ssl_options.certfile = {{ rabbitmq_ssl_cert }}
|
|
ssl_options.keyfile = {{ rabbitmq_ssl_key }}
|
|
{% if rabbitmq_user_ssl_ca_cert is defined -%}
|
|
ssl_options.cacertfile = {{ rabbitmq_ssl_ca_cert }}
|
|
{% endif %}
|
|
ssl_options.honor_cipher_order = true
|
|
ssl_options.honor_ecc_order = true
|
|
{% if "tlsv1.3" not in rabbitmq_ssl_tls_versions %}
|
|
ssl_options.client_renegotiation = false
|
|
ssl_options.secure_renegotiate = true
|
|
{% endif %}
|
|
{% for version in rabbitmq_ssl_tls_versions %}
|
|
ssl_options.versions.{{ loop.index }} = {{ version }}
|
|
{% endfor %}
|
|
{% for cipher in rabbitmq_ssl_ciphers %}
|
|
ssl_options.ciphers.{{ loop.index }} = {{ cipher }}
|
|
{% endfor %}
|
|
ssl_options.verify = {{ rabbitmq_ssl_verify | lower }}
|
|
ssl_options.fail_if_no_peer_cert = {{ rabbitmq_ssl_fail_if_no_peer_cert | lower }}
|
|
|
|
{% if rabbitmq_memory_high_watermark is float %}
|
|
{% set watermark_type = 'relative' %}
|
|
{% else %}
|
|
{% set watermark_type = 'absolute' %}
|
|
{% endif %}
|
|
vm_memory_high_watermark.{{ watermark_type }} = {{ rabbitmq_memory_high_watermark }}
|
|
cluster_partition_handling = {{ rabbitmq_cluster_partition_handling }}
|
|
|
|
# Management plugin configuration
|
|
|
|
{% if rabbitmq_management_ssl %}
|
|
management.ssl.ip = {{ rabbitmq_management_bind_address }}
|
|
management.ssl.port = {{ rabbitmq_management_bind_tls_port }}
|
|
management.ssl.certfile = {{ rabbitmq_ssl_cert }}
|
|
management.ssl.keyfile = {{ rabbitmq_ssl_key }}
|
|
{% if rabbitmq_user_ssl_ca_cert is defined -%}
|
|
management.ssl.cacertfile = {{ rabbitmq_ssl_ca_cert }}
|
|
{% endif %}
|
|
management.ssl.honor_cipher_order = true
|
|
management.ssl.honor_ecc_order = true
|
|
{% if "tlsv1.3" not in rabbitmq_ssl_tls_versions %}
|
|
management.ssl.client_renegotiation = false
|
|
management.ssl.secure_renegotiate = true
|
|
{% endif %}
|
|
{% for version in rabbitmq_ssl_tls_versions %}
|
|
management.ssl.versions.{{ loop.index }} = {{ version }}
|
|
{% endfor %}
|
|
{% for cipher in rabbitmq_ssl_ciphers %}
|
|
management.ssl.ciphers.{{ loop.index }} = {{ cipher }}
|
|
{% endfor %}
|
|
management.ssl.verify = {{ rabbitmq_ssl_verify | lower }}
|
|
management.ssl.fail_if_no_peer_cert = {{ rabbitmq_ssl_fail_if_no_peer_cert | lower }}
|
|
{% else %}
|
|
management.tcp.ip = {{ rabbitmq_management_bind_address }}
|
|
management.tcp.port = {{ rabbitmq_management_bind_tcp_port }}
|
|
{% endif %}
|