kolla-ansible/ansible/roles/rabbitmq/templates/rabbitmq.conf.j2

# NOTE(yoctozepto): rabbitmq uses the raw format (e.g. fd::) of IPv6 address;
# despite specifying port via colon, the url format (e.g. [fd::]) is not accepted
{% if rabbitmq_enable_tls | bool %}
listeners.tcp = none
listeners.ssl.1 = {{ api_interface_address }}:{{ role_rabbitmq_port }}
{% else %}
listeners.tcp.1 = {{ api_interface_address }}:{{ role_rabbitmq_port }}
{% endif %}
{# NOTE: to avoid split-brain #}
cluster_partition_handling = pause_minority

management.listener.ip = {{ api_interface_address }}
management.listener.port = {{ role_rabbitmq_management_port }}
management.load_definitions = /etc/rabbitmq/definitions.json

cluster_formation.peer_discovery_backend = rabbit_peer_discovery_classic_config
{% for host in groups[role_rabbitmq_groups] %}
cluster_formation.classic_config.nodes.{{ loop.index0 }} = rabbit@{{ hostvars[host]['ansible_hostname'] }}
{% endfor %}

{% if rabbitmq_enable_tls | bool %}
# https://www.rabbitmq.com/ssl.html
ssl_options.certfile = /etc/rabbitmq/certs/{{ project_name }}-cert.pem
ssl_options.keyfile = /etc/rabbitmq/certs/{{ project_name }}-key.pem
{% for key, value in rabbitmq_tls_options.items() %}
ssl_options.{{ key }} = {{ value }}
{% endfor %}
{% endif %}