Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Completely refactor configuration handling, including adding support for RABBITMQ_SSL_VERIFY and RABBITMQ_SSL_FAIL_IF_NO_PEER_CERT and better error handling #94

Merged
merged 1 commit into from
Jul 7, 2016
Merged

Completely refactor configuration handling, including adding support for RABBITMQ_SSL_VERIFY and RABBITMQ_SSL_FAIL_IF_NO_PEER_CERT and better error handling #94

merged 1 commit into from
Jul 7, 2016

Conversation

tianon
Copy link
Member

@tianon tianon commented Jul 7, 2016

Fixes #66
Closes #80
Fixes #83
Closes #84

@tianon
Copy link
Member Author

tianon commented Jul 7, 2016
edited
Loading

Example config file:

root@f097b25b2e70:/# cat /etc/rabbitmq/rabbitmq.config
[ { rabbit, [
    { loopback_users, [ ] },
    { tcp_listeners, [ ] },
    { ssl_listeners, [ 5671 ] },
    { ssl_options, [
        { fail_if_no_peer_cert, true },
        { verify, omg },
        { cacertfile, "/etc/passwd" },
        { certfile, "/etc/passwd" },
        { keyfile, "/etc/passwd" }
    ] },
    { hipe_compile, false }
] } ].

@tianon
Completely refactor configuration handling, including adding support …
ab3b8b8 
…for RABBITMQ_SSL_VERIFY and RABBITMQ_SSL_FAIL_IF_NO_PEER_CERT and better error handling
@tianon
Copy link
Member Author

tianon commented Jul 7, 2016 

$ ls
cacert.pem  cakey.pem  servercert.pem  serverkey.pem
$ docker run -it --rm -v "$PWD":/omg -e RABBITMQ_SSL_CACERTFILE=/omg/cacert.pem -e RABBITMQ_SSL_CERTFILE=/omg/servercert.pem -e RABBITMQ_SSL_KEYFILE=/omg/serverkey.pem 43bb7f68a3c6

              RabbitMQ 3.6.3. Copyright (C) 2007-2016 Pivotal Software, Inc.
  ##  ##      Licensed under the MPL.  See http://www.rabbitmq.com/
  ##  ##
  ##########  Logs: tty
  ######  ##        tty
  ##########
              Starting broker...

...

=INFO REPORT==== 7-Jul-2016::04:34:50 ===
started SSL Listener on [::]:5671
...

@yosifkit
Copy link
Member

yosifkit commented Jul 7, 2016

LGTM

@yosifkit yosifkit merged commit 87da33f into docker-library:master Jul 7, 2016
@yosifkit yosifkit deleted the config-refactor branch July 7, 2016 07:05
tianon added a commit to infosiftr/stackbrew that referenced this pull request Jul 7, 2016
@tianon
Update docker-library images
6705780 
- `drupal`: 8.1.4
- `elasticsearch`: remove unused `ELASTICSEARCH_MAJOR` (docker-library/elasticsearch#107)
- `java`: add more bits to `PATH` for `alpine` variants
- `memcached`: 1.4.28 (docker-library/memcached#10)
- `percona`: 5.7.13
- `php`: use `/etc/apache2/envvars` and thus the default, stock Debian Apache configuration (docker-library/php#251)
- `rabbitmq`: `hipe_compile` (docker-library/rabbitmq#91), 3.6.3 (docker-library/rabbitmq#93), `RABBITMQ_SSL_VERIFY` + `RABBITMQ_SSL_FAIL_IF_NO_PEER_CERT` support (docker-library/rabbitmq#94)
@tianon tianon mentioned this pull request Jul 7, 2016
Merged
@tianon tianon mentioned this pull request Apr 24, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tianon @yosifkit