Configure TLS for cluster

rabbitmq · Feb 18, 2025 · 6a84a62 · 6a84a62
1 parent a5fb6fe
commit 6a84a62
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 12 deletions.
diff --git a/ci/cluster/configuration/rabbitmq.conf b/ci/cluster/configuration/rabbitmq.conf
@@ -6,9 +6,9 @@ loopback_users = none
 
 listeners.ssl.default = 5671
 
-ssl_options.cacertfile = /etc/ssl/rabbitmq/ca_certificate.pem
-ssl_options.certfile   = /etc/ssl/rabbitmq/server_acogoluegnes-nuc_certificate.pem
-ssl_options.keyfile    = /etc/ssl/rabbitmq/server_acogoluegnes-nuc_key.pem
+ssl_options.cacertfile = /etc/rabbitmq/tls/ca_certificate.pem
+ssl_options.certfile   = /etc/rabbitmq/tls/server_acogoluegnes-nuc_certificate.pem
+ssl_options.keyfile    = /etc/rabbitmq/tls/server_acogoluegnes-nuc_key.pem
 ssl_options.verify     = verify_peer
 ssl_options.fail_if_no_peer_cert = false
 ssl_options.honor_cipher_order   = true

diff --git a/ci/cluster/docker-compose.yml b/ci/cluster/docker-compose.yml
@@ -14,7 +14,6 @@ services:
     tty: true
     volumes:
       - ./configuration/:/etc/rabbitmq/
-      - ../../rabbitmq-configuration/tls/:/etc/ssl/rabbitmq/
   node1:
     environment:
       - RABBITMQ_ERLANG_COOKIE='secret_cookie'
@@ -29,7 +28,6 @@ services:
     tty: true
     volumes:
       - ./configuration/:/etc/rabbitmq/
-      - ../../rabbitmq-configuration/tls/:/etc/ssl/rabbitmq/
   node2:
     environment:
       - RABBITMQ_ERLANG_COOKIE='secret_cookie'
@@ -44,6 +42,5 @@ services:
     tty: true
     volumes:
       - ./configuration/:/etc/rabbitmq/
-      - ../../rabbitmq-configuration/tls/:/etc/ssl/rabbitmq/
 networks:
   rabbitmq-cluster:
diff --git a/ci/start-cluster.sh b/ci/start-cluster.sh
@@ -15,14 +15,14 @@ mkdir -p rabbitmq-configuration/tls
 
 make -C "${PWD}"/tls-gen/basic
 
-rm -rf rabbitmq-configuration
-mkdir -p rabbitmq-configuration/tls
-cp -R "${PWD}"/tls-gen/basic/result/* rabbitmq-configuration/tls
-chmod o+r rabbitmq-configuration/tls/*
-chmod g+r rabbitmq-configuration/tls/*
+rm -rf ci/cluster/configuration/tls
+mkdir -p ci/cluster/configuration/tls
+cp -R "${PWD}"/tls-gen/basic/result/* ci/cluster/configuration/tls
+chmod o+r ci/cluster/configuration/tls/*
+chmod g+r ci/cluster/configuration/tls/*
 
 docker compose --file ci/cluster/docker-compose.yml down
-docker compose --file ci/cluster/docker-compose.yml up
+docker compose --file ci/cluster/docker-compose.yml up --detach
 
 wait_for_message rabbitmq0 "completed with"