· 6 years ago · Oct 17, 2019, 04:28 PM
1
2Skip to content
3
4 Why GitHub?
5
6
7
8
9Enterprise
10Explore
11
12
13
14Marketplace
15Pricing
16
17
18
19
20
21Sign in
22Sign up
23
24368
256,354
26
27 1,998
28
29rabbitmq/rabbitmq-server
30Code
31Issues 68
32Pull requests 6
33Security
34Insights
35Join GitHub today
36
37GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.
38rabbitmq-server/docs/rabbitmq.conf.example
39@Whitespirit0 Whitespirit0 Replace additional.config file by advanced.config 78943a0 28 days ago
40@michaelklishin
41@lukebakken
42@hairyhum
43@almorelle
44@acogoluegnes
45@Whitespirit0
46@spring-operator
47@notque
48@jsoref
49@Gsantomaggio
50@gerhard
51@FabianPonce
52@Duske
53@dcorbacho
54975 lines (799 sloc) 30.6 KB
55# ======================================
56# RabbitMQ broker section
57# ======================================
58
59## Related doc guide: https://rabbitmq.com/configure.html. See
60## https://rabbitmq.com/documentation.html for documentation ToC.
61
62## Networking
63## ====================
64##
65## Related doc guide: https://rabbitmq.com/networking.html.
66##
67## By default, RabbitMQ will listen on all interfaces, using
68## the standard (reserved) AMQP 0-9-1 and 1.0 port.
69##
70# listeners.tcp.default = 5672
71
72
73## To listen on a specific interface, provide an IP address with port.
74## For example, to listen only on localhost for both IPv4 and IPv6:
75##
76# IPv4
77# listeners.tcp.local = 127.0.0.1:5672
78# IPv6
79# listeners.tcp.local_v6 = ::1:5672
80
81## You can define multiple listeners using listener names
82# listeners.tcp.other_port = 5673
83# listeners.tcp.other_ip = 10.10.10.10:5672
84
85
86## TLS listeners are configured in the same fashion as TCP listeners,
87## including the option to control the choice of interface.
88##
89# listeners.ssl.default = 5671
90
91## Number of Erlang processes that will accept connections for the TCP
92## and TLS listeners.
93##
94# num_acceptors.tcp = 10
95# num_acceptors.ssl = 10
96
97
98## Maximum amount of time allowed for the AMQP 0-9-1 and AMQP 1.0 handshake
99## (performed after socket connection and TLS handshake) to complete, in milliseconds.
100##
101# handshake_timeout = 10000
102
103## Set to 'true' to perform reverse DNS lookups when accepting a
104## connection. rabbitmqctl and management UI will then display hostnames
105## instead of IP addresses. Default value is `false`.
106##
107# reverse_dns_lookups = false
108
109##
110## Security, Access Control
111## ==============
112##
113
114## Related doc guide: https://rabbitmq.com/access-control.html.
115
116## The default "guest" user is only permitted to access the server
117## via a loopback interface (e.g. localhost).
118## {loopback_users, [<<"guest">>]},
119##
120# loopback_users.guest = true
121
122## Uncomment the following line if you want to allow access to the
123## guest user from anywhere on the network.
124# loopback_users.guest = false
125
126## TLS configuration.
127##
128## Related doc guide: https://rabbitmq.com/ssl.html.
129##
130# ssl_options.verify = verify_peer
131# ssl_options.fail_if_no_peer_cert = false
132# ssl_options.cacertfile = /path/to/cacert.pem
133# ssl_options.certfile = /path/to/cert.pem
134# ssl_options.keyfile = /path/to/key.pem
135#
136# ssl_options.honor_cipher_order = true
137# ssl_options.honor_ecc_order = true
138
139# ssl_options.ciphers.1 = ECDHE-ECDSA-AES256-GCM-SHA384
140# ssl_options.ciphers.2 = ECDHE-RSA-AES256-GCM-SHA384
141# ssl_options.ciphers.3 = ECDHE-ECDSA-AES256-SHA384
142# ssl_options.ciphers.4 = ECDHE-RSA-AES256-SHA384
143# ssl_options.ciphers.5 = ECDH-ECDSA-AES256-GCM-SHA384
144# ssl_options.ciphers.6 = ECDH-RSA-AES256-GCM-SHA384
145# ssl_options.ciphers.7 = ECDH-ECDSA-AES256-SHA384
146# ssl_options.ciphers.8 = ECDH-RSA-AES256-SHA384
147# ssl_options.ciphers.9 = DHE-RSA-AES256-GCM-SHA384
148# ssl_options.ciphers.10 = DHE-DSS-AES256-GCM-SHA384
149# ssl_options.ciphers.11 = DHE-RSA-AES256-SHA256
150# ssl_options.ciphers.12 = DHE-DSS-AES256-SHA256
151# ssl_options.ciphers.13 = ECDHE-ECDSA-AES128-GCM-SHA256
152# ssl_options.ciphers.14 = ECDHE-RSA-AES128-GCM-SHA256
153# ssl_options.ciphers.15 = ECDHE-ECDSA-AES128-SHA256
154# ssl_options.ciphers.16 = ECDHE-RSA-AES128-SHA256
155# ssl_options.ciphers.17 = ECDH-ECDSA-AES128-GCM-SHA256
156# ssl_options.ciphers.18 = ECDH-RSA-AES128-GCM-SHA256
157# ssl_options.ciphers.19 = ECDH-ECDSA-AES128-SHA256
158# ssl_options.ciphers.20 = ECDH-RSA-AES128-SHA256
159# ssl_options.ciphers.21 = DHE-RSA-AES128-GCM-SHA256
160# ssl_options.ciphers.22 = DHE-DSS-AES128-GCM-SHA256
161# ssl_options.ciphers.23 = DHE-RSA-AES128-SHA256
162# ssl_options.ciphers.24 = DHE-DSS-AES128-SHA256
163# ssl_options.ciphers.25 = ECDHE-ECDSA-AES256-SHA
164# ssl_options.ciphers.26 = ECDHE-RSA-AES256-SHA
165# ssl_options.ciphers.27 = DHE-RSA-AES256-SHA
166# ssl_options.ciphers.28 = DHE-DSS-AES256-SHA
167# ssl_options.ciphers.29 = ECDH-ECDSA-AES256-SHA
168# ssl_options.ciphers.30 = ECDH-RSA-AES256-SHA
169# ssl_options.ciphers.31 = ECDHE-ECDSA-AES128-SHA
170# ssl_options.ciphers.32 = ECDHE-RSA-AES128-SHA
171# ssl_options.ciphers.33 = DHE-RSA-AES128-SHA
172# ssl_options.ciphers.34 = DHE-DSS-AES128-SHA
173# ssl_options.ciphers.35 = ECDH-ECDSA-AES128-SHA
174# ssl_options.ciphers.36 = ECDH-RSA-AES128-SHA
175
176## Select an authentication/authorisation backend to use.
177##
178## Alternative backends are provided by plugins, such as rabbitmq-auth-backend-ldap.
179##
180## NB: These settings require certain plugins to be enabled.
181##
182## Related doc guides:
183##
184## * https://rabbitmq.com/plugins.html
185## * https://rabbitmq.com/access-control.html
186##
187
188# auth_backends.1 = rabbit_auth_backend_internal
189
190## uses separate backends for authentication and authorisation,
191## see below.
192# auth_backends.1.authn = rabbit_auth_backend_ldap
193# auth_backends.1.authz = rabbit_auth_backend_internal
194
195## The rabbitmq_auth_backend_ldap plugin allows the broker to
196## perform authentication and authorisation by deferring to an
197## external LDAP server.
198##
199## Relevant doc guides:
200##
201## * https://rabbitmq.com/ldap.html
202## * https://rabbitmq.com/access-control.html
203##
204## uses LDAP for both authentication and authorisation
205# auth_backends.1 = rabbit_auth_backend_ldap
206
207## uses HTTP service for both authentication and
208## authorisation
209# auth_backends.1 = rabbit_auth_backend_http
210
211## uses two backends in a chain: HTTP first, then internal
212# auth_backends.1 = rabbit_auth_backend_http
213# auth_backends.2 = rabbit_auth_backend_internal
214
215## Authentication
216## The built-in mechanisms are 'PLAIN',
217## 'AMQPLAIN', and 'EXTERNAL' Additional mechanisms can be added via
218## plugins.
219##
220## Related doc guide: https://rabbitmq.com/authentication.html.
221##
222# auth_mechanisms.1 = PLAIN
223# auth_mechanisms.2 = AMQPLAIN
224
225## The rabbitmq-auth-mechanism-ssl plugin makes it possible to
226## authenticate a user based on the client's x509 (TLS) certificate.
227## Related doc guide: https://rabbitmq.com/authentication.html.
228##
229## To use auth-mechanism-ssl, the EXTERNAL mechanism should
230## be enabled:
231##
232# auth_mechanisms.1 = PLAIN
233# auth_mechanisms.2 = AMQPLAIN
234# auth_mechanisms.3 = EXTERNAL
235
236## To force x509 certificate-based authentication on all clients,
237## exclude all other mechanisms (note: this will disable password-based
238## authentication even for the management UI!):
239##
240# auth_mechanisms.1 = EXTERNAL
241
242## This pertains to both the rabbitmq-auth-mechanism-ssl plugin and
243## STOMP ssl_cert_login configurations. See the RabbitMQ STOMP plugin
244## configuration section later in this file and the README in
245## https://github.com/rabbitmq/rabbitmq-auth-mechanism-ssl for further
246## details.
247##
248## To use the TLS cert's CN instead of its DN as the username
249##
250# ssl_cert_login_from = common_name
251
252## TLS handshake timeout, in milliseconds.
253##
254# ssl_handshake_timeout = 5000
255
256
257## Cluster name
258##
259# cluster_name = dev3.eng.megacorp.local
260
261## Password hashing implementation. Will only affect newly
262## created users. To recalculate hash for an existing user
263## it's necessary to update her password.
264##
265## To use SHA-512, set to rabbit_password_hashing_sha512.
266##
267# password_hashing_module = rabbit_password_hashing_sha256
268
269## When importing definitions exported from versions earlier
270## than 3.6.0, it is possible to go back to MD5 (only do this
271## as a temporary measure!) by setting this to rabbit_password_hashing_md5.
272##
273# password_hashing_module = rabbit_password_hashing_md5
274
275##
276## Default User / VHost
277## ====================
278##
279
280## On first start RabbitMQ will create a vhost and a user. These
281## config items control what gets created.
282## Relevant doc guide: https://rabbitmq.com/access-control.html
283##
284# default_vhost = /
285# default_user = guest
286# default_pass = guest
287
288# default_permissions.configure = .*
289# default_permissions.read = .*
290# default_permissions.write = .*
291
292## Tags for default user
293##
294## For more details about tags, see the documentation for the
295## Management Plugin at https://rabbitmq.com/management.html.
296##
297# default_user_tags.administrator = true
298
299## Define other tags like this:
300# default_user_tags.management = true
301# default_user_tags.custom_tag = true
302
303##
304## Additional network and protocol related configuration
305## =====================================================
306##
307
308## Set the default AMQP 0-9-1 heartbeat interval (in seconds).
309## Related doc guides:
310##
311## * https://rabbitmq.com/heartbeats.html
312## * https://rabbitmq.com/networking.html
313##
314# heartbeat = 60
315
316## Set the max permissible size of an AMQP frame (in bytes).
317##
318# frame_max = 131072
319
320## Set the max frame size the server will accept before connection
321## tuning occurs
322##
323# initial_frame_max = 4096
324
325## Set the max permissible number of channels per connection.
326## 0 means "no limit".
327##
328# channel_max = 128
329
330## Customising TCP Listener (Socket) Configuration.
331##
332## Related doc guides:
333##
334## * https://rabbitmq.com/networking.html
335## * https://www.erlang.org/doc/man/inet.html#setopts-2
336##
337
338# tcp_listen_options.backlog = 128
339# tcp_listen_options.nodelay = true
340# tcp_listen_options.exit_on_close = false
341#
342# tcp_listen_options.keepalive = true
343# tcp_listen_options.send_timeout = 15000
344#
345# tcp_listen_options.buffer = 196608
346# tcp_listen_options.sndbuf = 196608
347# tcp_listen_options.recbuf = 196608
348
349##
350## Resource Limits & Flow Control
351## ==============================
352##
353## Related doc guide: https://rabbitmq.com/memory.html.
354
355## Memory-based Flow Control threshold.
356##
357# vm_memory_high_watermark.relative = 0.4
358
359## Alternatively, we can set a limit (in bytes) of RAM used by the node.
360##
361# vm_memory_high_watermark.absolute = 1073741824
362
363## Or you can set absolute value using memory units (with RabbitMQ 3.6.0+).
364## Absolute watermark will be ignored if relative is defined!
365##
366# vm_memory_high_watermark.absolute = 2GB
367##
368## Supported unit symbols:
369##
370## k, kiB: kibibytes (2^10 - 1,024 bytes)
371## M, MiB: mebibytes (2^20 - 1,048,576 bytes)
372## G, GiB: gibibytes (2^30 - 1,073,741,824 bytes)
373## kB: kilobytes (10^3 - 1,000 bytes)
374## MB: megabytes (10^6 - 1,000,000 bytes)
375## GB: gigabytes (10^9 - 1,000,000,000 bytes)
376
377
378
379## Fraction of the high watermark limit at which queues start to
380## page message out to disc in order to free up memory.
381## For example, when vm_memory_high_watermark is set to 0.4 and this value is set to 0.5,
382## paging can begin as early as when 20% of total available RAM is used by the node.
383##
384## Values greater than 1.0 can be dangerous and should be used carefully.
385##
386## One alternative to this is to use durable queues and publish messages
387## as persistent (delivery mode = 2). With this combination queues will
388## move messages to disk much more rapidly.
389##
390## Another alternative is to configure queues to page all messages (both
391## persistent and transient) to disk as quickly
392## as possible, see https://rabbitmq.com/lazy-queues.html.
393##
394# vm_memory_high_watermark_paging_ratio = 0.5
395
396## Selects Erlang VM memory consumption calculation strategy. Can be `allocated`, `rss` or `legacy` (aliased as `erlang`),
397## Introduced in 3.6.11. `rss` is the default as of 3.6.12.
398## See https://github.com/rabbitmq/rabbitmq-server/issues/1223 and rabbitmq/rabbitmq-common#224 for background.
399# vm_memory_calculation_strategy = rss
400
401## Interval (in milliseconds) at which we perform the check of the memory
402## levels against the watermarks.
403##
404# memory_monitor_interval = 2500
405
406## The total memory available can be calculated from the OS resources
407## - default option - or provided as a configuration parameter.
408# total_memory_available_override_value = 2GB
409
410## Set disk free limit (in bytes). Once free disk space reaches this
411## lower bound, a disk alarm will be set - see the documentation
412## listed above for more details.
413##
414## Absolute watermark will be ignored if relative is defined!
415# disk_free_limit.absolute = 50000
416
417## Or you can set it using memory units (same as in vm_memory_high_watermark)
418## with RabbitMQ 3.6.0+.
419# disk_free_limit.absolute = 500KB
420# disk_free_limit.absolute = 50mb
421# disk_free_limit.absolute = 5GB
422
423## Alternatively, we can set a limit relative to total available RAM.
424##
425## Values lower than 1.0 can be dangerous and should be used carefully.
426# disk_free_limit.relative = 2.0
427
428##
429## Clustering
430## =====================
431##
432# cluster_partition_handling = ignore
433
434## pause_if_all_down strategy require additional configuration
435# cluster_partition_handling = pause_if_all_down
436
437## Recover strategy. Can be either 'autoheal' or 'ignore'
438# cluster_partition_handling.pause_if_all_down.recover = ignore
439
440## Node names to check
441# cluster_partition_handling.pause_if_all_down.nodes.1 = rabbit@localhost
442# cluster_partition_handling.pause_if_all_down.nodes.2 = hare@localhost
443
444## Mirror sync batch size, in messages. Increasing this will speed
445## up syncing but total batch size in bytes must not exceed 2 GiB.
446## Available in RabbitMQ 3.6.0 or later.
447##
448# mirroring_sync_batch_size = 4096
449
450## Make clustering happen *automatically* at startup. Only applied
451## to nodes that have just been reset or started for the first time.
452##
453## Relevant doc guide: https://rabbitmq.com//cluster-formation.html
454##
455
456# cluster_formation.peer_discovery_backend = rabbit_peer_discovery_classic_config
457#
458# cluster_formation.classic_config.nodes.1 = rabbit1@hostname
459# cluster_formation.classic_config.nodes.2 = rabbit2@hostname
460# cluster_formation.classic_config.nodes.3 = rabbit3@hostname
461# cluster_formation.classic_config.nodes.4 = rabbit4@hostname
462
463## DNS-based peer discovery. This backend will list A records
464## of the configured hostname and perform reverse lookups for
465## the addresses returned.
466
467# cluster_formation.peer_discovery_backend = rabbit_peer_discovery_dns
468# cluster_formation.dns.hostname = discovery.eng.example.local
469
470## This node's type can be configured. If you are not sure
471## what node type to use, always use 'disc'.
472# cluster_formation.node_type = disc
473
474## Interval (in milliseconds) at which we send keepalive messages
475## to other cluster members. Note that this is not the same thing
476## as net_ticktime; missed keepalive messages will not cause nodes
477## to be considered down.
478##
479# cluster_keepalive_interval = 10000
480
481##
482## Statistics Collection
483## =====================
484##
485
486## Set (internal) statistics collection granularity.
487##
488## Can be none, coarse or fine
489# collect_statistics = none
490
491# collect_statistics = coarse
492
493## Statistics collection interval (in milliseconds). Increasing
494## this will reduce the load on management database.
495##
496# collect_statistics_interval = 5000
497
498##
499## Misc/Advanced Options
500## =====================
501##
502## NB: Change these only if you understand what you are doing!
503##
504
505## Explicitly enable/disable hipe compilation.
506##
507# hipe_compile = false
508
509## Timeout used when waiting for Mnesia tables in a cluster to
510## become available.
511##
512# mnesia_table_loading_retry_timeout = 30000
513
514## Retries when waiting for Mnesia tables in the cluster startup. Note that
515## this setting is not applied to Mnesia upgrades or node deletions.
516##
517# mnesia_table_loading_retry_limit = 10
518
519## Size in bytes below which to embed messages in the queue index.
520## Related doc guide: https://rabbitmq.com/persistence-conf.html
521##
522# queue_index_embed_msgs_below = 4096
523
524## You can also set this size in memory units
525##
526# queue_index_embed_msgs_below = 4kb
527
528## Whether or not to enable background periodic forced GC runs for all
529## Erlang processes on the node in "waiting" state.
530##
531## Disabling background GC may reduce latency for client operations,
532## keeping it enabled may reduce median RAM usage by the binary heap
533## (see https://www.erlang-solutions.com/blog/erlang-garbage-collector.html).
534##
535## Before trying this option, please take a look at the memory
536## breakdown (https://www.rabbitmq.com/memory-use.html).
537##
538# background_gc_enabled = false
539
540## Target (desired) interval (in milliseconds) at which we run background GC.
541## The actual interval will vary depending on how long it takes to execute
542## the operation (can be higher than this interval). Values less than
543## 30000 milliseconds are not recommended.
544##
545# background_gc_target_interval = 60000
546
547## Whether or not to enable proxy protocol support.
548## Once enabled, clients cannot directly connect to the broker
549## anymore. They must connect through a load balancer that sends the
550## proxy protocol header to the broker at connection time.
551## This setting applies only to AMQP clients, other protocols
552## like MQTT or STOMP have their own setting to enable proxy protocol.
553## See the plugins documentation for more information.
554##
555# proxy_protocol = false
556
557## ----------------------------------------------------------------------------
558## Advanced Erlang Networking/Clustering Options.
559##
560## Related doc guide: https://rabbitmq.com/clustering.html
561## ----------------------------------------------------------------------------
562
563# ======================================
564# Kernel section
565# ======================================
566
567## Timeout used to detect peer unavailability, including CLI tools.
568## Related doc guide: https://www.rabbitmq.com/nettick.html.
569##
570# net_ticktime = 60
571
572## Inter-node communication port range.
573## The parameters inet_dist_listen_min and inet_dist_listen_max
574## can be configured in the classic config format only.
575## Related doc guide: https://www.rabbitmq.com/networking.html#epmd-inet-dist-port-range.
576
577
578## ----------------------------------------------------------------------------
579## RabbitMQ Management Plugin
580##
581## Related doc guide: https://rabbitmq.com/management.html.
582## ----------------------------------------------------------------------------
583
584# =======================================
585# Management section
586# =======================================
587
588## Preload schema definitions from the following JSON file.
589## Related doc guide: https://rabbitmq.com/management.html#load-definitions.
590##
591# management.load_definitions = /path/to/exported/definitions.json
592
593## Log all requests to the management HTTP API to a file.
594##
595# management.http_log_dir = /path/to/access.log
596
597## HTTP listener and embedded Web server settings.
598# ## See https://rabbitmq.com/management.html for details.
599#
600# management.tcp.port = 15672
601# management.tcp.ip = 0.0.0.0
602#
603# management.tcp.shutdown_timeout = 7000
604# management.tcp.max_keepalive = 120
605# management.tcp.idle_timeout = 120
606# management.tcp.inactivity_timeout = 120
607# management.tcp.request_timeout = 120
608# management.tcp.compress = true
609
610## HTTPS listener settings.
611## See https://rabbitmq.com/management.html and https://rabbitmq.com/ssl.html for details.
612##
613# management.ssl.port = 15671
614# management.ssl.cacertfile = /path/to/ca_certificate.pem
615# management.ssl.certfile = /path/to/server_certificate.pem
616# management.ssl.keyfile = /path/to/server_key.pem
617
618## More TLS options
619# management.ssl.honor_cipher_order = true
620# management.ssl.honor_ecc_order = true
621# management.ssl.client_renegotiation = false
622# management.ssl.secure_renegotiate = true
623
624## Supported TLS versions
625# management.ssl.versions.1 = tlsv1.2
626# management.ssl.versions.2 = tlsv1.1
627
628## Cipher suites the server is allowed to use
629# management.ssl.ciphers.1 = ECDHE-ECDSA-AES256-GCM-SHA384
630# management.ssl.ciphers.2 = ECDHE-RSA-AES256-GCM-SHA384
631# management.ssl.ciphers.3 = ECDHE-ECDSA-AES256-SHA384
632# management.ssl.ciphers.4 = ECDHE-RSA-AES256-SHA384
633# management.ssl.ciphers.5 = ECDH-ECDSA-AES256-GCM-SHA384
634# management.ssl.ciphers.6 = ECDH-RSA-AES256-GCM-SHA384
635# management.ssl.ciphers.7 = ECDH-ECDSA-AES256-SHA384
636# management.ssl.ciphers.8 = ECDH-RSA-AES256-SHA384
637# management.ssl.ciphers.9 = DHE-RSA-AES256-GCM-SHA384
638
639
640
641## One of 'basic', 'detailed' or 'none'. See
642## https://rabbitmq.com/management.html#fine-stats for more details.
643# management.rates_mode = basic
644
645## Configure how long aggregated data (such as message rates and queue
646## lengths) is retained. Please read the plugin's documentation in
647## https://rabbitmq.com/management.html#configuration for more
648## details.
649## Your can use 'minute', 'hour' and 'day' keys or integer key (in seconds)
650# management.sample_retention_policies.global.minute = 5
651# management.sample_retention_policies.global.hour = 60
652# management.sample_retention_policies.global.day = 1200
653
654# management.sample_retention_policies.basic.minute = 5
655# management.sample_retention_policies.basic.hour = 60
656
657# management.sample_retention_policies.detailed.10 = 5
658
659## ----------------------------------------------------------------------------
660## RabbitMQ Shovel Plugin
661##
662## Related doc guide: https://rabbitmq.com/shovel.html
663## ----------------------------------------------------------------------------
664
665## See advanced.config.example for a Shovel plugin example
666
667
668## ----------------------------------------------------------------------------
669## RabbitMQ STOMP Plugin
670##
671## Related doc guide: https://rabbitmq.com/stomp.html
672## ----------------------------------------------------------------------------
673
674# =======================================
675# STOMP section
676# =======================================
677
678## See https://rabbitmq.com/stomp.html for details.
679
680## TCP listeners.
681##
682# stomp.listeners.tcp.1 = 127.0.0.1:61613
683# stomp.listeners.tcp.2 = ::1:61613
684
685## TCP listener settings
686##
687# stomp.tcp_listen_options.backlog = 2048
688# stomp.tcp_listen_options.recbuf = 131072
689# stomp.tcp_listen_options.sndbuf = 131072
690#
691# stomp.tcp_listen_options.keepalive = true
692# stomp.tcp_listen_options.nodelay = true
693#
694# stomp.tcp_listen_options.exit_on_close = true
695# stomp.tcp_listen_options.send_timeout = 120
696
697## Proxy protocol support
698##
699# stomp.proxy_protocol = false
700
701## TLS listeners
702## See https://rabbitmq.com/stomp.html and https://rabbitmq.com/ssl.html for details.
703# stomp.listeners.ssl.default = 61614
704#
705# ssl_options.cacertfile = path/to/cacert.pem
706# ssl_options.certfile = path/to/cert.pem
707# ssl_options.keyfile = path/to/key.pem
708# ssl_options.verify = verify_peer
709# ssl_options.fail_if_no_peer_cert = true
710
711
712## Number of Erlang processes that will accept connections for the TCP
713## and TLS listeners.
714##
715# stomp.num_acceptors.tcp = 10
716# stomp.num_acceptors.ssl = 1
717
718## Additional TLS options
719
720## Extract a name from the client's certificate when using TLS.
721##
722# stomp.ssl_cert_login = true
723
724## Set a default user name and password. This is used as the default login
725## whenever a CONNECT frame omits the login and passcode headers.
726##
727## Please note that setting this will allow clients to connect without
728## authenticating!
729##
730# stomp.default_user = guest
731# stomp.default_pass = guest
732
733## If a default user is configured, or you have configured use TLS client
734## certificate based authentication, you can choose to allow clients to
735## omit the CONNECT frame entirely. If set to true, the client is
736## automatically connected as the default user or user supplied in the
737## TLS certificate whenever the first frame sent on a session is not a
738## CONNECT frame.
739##
740# stomp.implicit_connect = true
741
742## Whether or not to enable proxy protocol support.
743## Once enabled, clients cannot directly connect to the broker
744## anymore. They must connect through a load balancer that sends the
745## proxy protocol header to the broker at connection time.
746## This setting applies only to STOMP clients, other protocols
747## like MQTT or AMQP have their own setting to enable proxy protocol.
748## See the plugins or broker documentation for more information.
749##
750# stomp.proxy_protocol = false
751
752## ----------------------------------------------------------------------------
753## RabbitMQ MQTT Adapter
754##
755## See https://github.com/rabbitmq/rabbitmq-mqtt/blob/stable/README.md
756## for details
757## ----------------------------------------------------------------------------
758
759# =======================================
760# MQTT section
761# =======================================
762
763## TCP listener settings.
764##
765# mqtt.listeners.tcp.1 = 127.0.0.1:61613
766# mqtt.listeners.tcp.2 = ::1:61613
767
768## TCP listener options (as per the broker configuration).
769##
770# mqtt.tcp_listen_options.backlog = 4096
771# mqtt.tcp_listen_options.recbuf = 131072
772# mqtt.tcp_listen_options.sndbuf = 131072
773#
774# mqtt.tcp_listen_options.keepalive = true
775# mqtt.tcp_listen_options.nodelay = true
776#
777# mqtt.tcp_listen_options.exit_on_close = true
778# mqtt.tcp_listen_options.send_timeout = 120
779
780## TLS listener settings
781## ## See https://rabbitmq.com/mqtt.html and https://rabbitmq.com/ssl.html for details.
782#
783# mqtt.listeners.ssl.default = 8883
784#
785# ssl_options.cacertfile = /path/to/tls/ca_certificate_bundle.pem
786# ssl_options.certfile = /path/to/tls/server_certificate.pem
787# ssl_options.keyfile = /path/to/tls/server_key.pem
788# ssl_options.verify = verify_peer
789# ssl_options.fail_if_no_peer_cert = true
790#
791
792
793## Number of Erlang processes that will accept connections for the TCP
794## and TLS listeners.
795##
796# mqtt.num_acceptors.tcp = 10
797# mqtt.num_acceptors.ssl = 10
798
799## Whether or not to enable proxy protocol support.
800## Once enabled, clients cannot directly connect to the broker
801## anymore. They must connect through a load balancer that sends the
802## proxy protocol header to the broker at connection time.
803## This setting applies only to STOMP clients, other protocols
804## like STOMP or AMQP have their own setting to enable proxy protocol.
805## See the plugins or broker documentation for more information.
806##
807# mqtt.proxy_protocol = false
808
809## Set the default user name and password used for anonymous connections (when client
810## provides no credentials). Anonymous connections are highly discouraged!
811##
812# mqtt.default_user = guest
813# mqtt.default_pass = guest
814
815## Enable anonymous connections. If this is set to false, clients MUST provide
816## credentials in order to connect. See also the mqtt.default_user/mqtt.default_pass
817## keys. Anonymous connections are highly discouraged!
818##
819# mqtt.allow_anonymous = true
820
821## If you have multiple vhosts, specify the one to which the
822## adapter connects.
823##
824# mqtt.vhost = /
825
826## Specify the exchange to which messages from MQTT clients are published.
827##
828# mqtt.exchange = amq.topic
829
830## Specify TTL (time to live) to control the lifetime of non-clean sessions.
831##
832# mqtt.subscription_ttl = 1800000
833
834## Set the prefetch count (governing the maximum number of unacknowledged
835## messages that will be delivered).
836##
837# mqtt.prefetch = 10
838
839
840## ----------------------------------------------------------------------------
841## RabbitMQ AMQP 1.0 Support
842##
843## See https://github.com/rabbitmq/rabbitmq-amqp1.0/blob/stable/README.md.
844## ----------------------------------------------------------------------------
845
846# =======================================
847# AMQP 1.0 section
848# =======================================
849
850
851## Connections that are not authenticated with SASL will connect as this
852## account. See the README for more information.
853##
854## Please note that setting this will allow clients to connect without
855## authenticating!
856##
857# amqp1_0.default_user = guest
858
859## Enable protocol strict mode. See the README for more information.
860##
861# amqp1_0.protocol_strict_mode = false
862
863## Logging settings.
864##
865## See https://rabbitmq.com/logging.html and https://github.com/erlang-lager/lager for details.
866##
867
868## Log directory, taken from the RABBITMQ_LOG_BASE env variable by default.
869##
870# log.dir = /var/log/rabbitmq
871
872## Logging to file. Can be false or a filename.
873## Default:
874# log.file = rabbit.log
875
876## To disable logging to a file
877# log.file = false
878
879## Log level for file logging
880##
881# log.file.level = info
882
883## File rotation config. No rotation by default.
884## DO NOT SET rotation date to ''. Leave the value unset if "" is the desired value
885# log.file.rotation.date = $D0
886# log.file.rotation.size = 0
887
888## Logging to console (can be true or false)
889##
890# log.console = false
891
892## Log level for console logging
893##
894# log.console.level = info
895
896## Logging to the amq.rabbitmq.log exchange (can be true or false)
897##
898# log.exchange = false
899
900## Log level to use when logging to the amq.rabbitmq.log exchange
901##
902# log.exchange.level = info
903
904
905
906## ----------------------------------------------------------------------------
907## RabbitMQ LDAP Plugin
908##
909## Related doc guide: https://rabbitmq.com/ldap.html.
910##
911## ----------------------------------------------------------------------------
912
913# =======================================
914# LDAP section
915# =======================================
916
917##
918## Connecting to the LDAP server(s)
919## ================================
920##
921
922## Specify servers to bind to. You *must* set this in order for the plugin
923## to work properly.
924##
925# auth_ldap.servers.1 = your-server-name-goes-here
926
927## You can define multiple servers
928# auth_ldap.servers.2 = your-other-server
929
930## Connect to the LDAP server using TLS
931##
932# auth_ldap.use_ssl = false
933
934## Specify the LDAP port to connect to
935##
936# auth_ldap.port = 389
937
938## LDAP connection timeout, in milliseconds or 'infinity'
939##
940# auth_ldap.timeout = infinity
941
942## Or number
943# auth_ldap.timeout = 500
944
945## Enable logging of LDAP queries.
946## One of
947## - false (no logging is performed)
948## - true (verbose logging of the logic used by the plugin)
949## - network (as true, but additionally logs LDAP network traffic)
950##
951## Defaults to false.
952##
953# auth_ldap.log = false
954
955## Also can be true or network
956# auth_ldap.log = true
957# auth_ldap.log = network
958
959##
960## Authentication
961## ==============
962##
963
964## Pattern to convert the username given through AMQP to a DN before
965## binding
966##
967# auth_ldap.user_dn_pattern = cn=${username},ou=People,dc=example,dc=com
968
969## Alternatively, you can convert a username to a Distinguished
970## Name via an LDAP lookup after binding. See the documentation for
971## full details.
972
973## When converting a username to a dn via a lookup, set these to
974## the name of the attribute that represents the user name, and the
975## base DN for the lookup query.
976##
977# auth_ldap.dn_lookup_attribute = userPrincipalName
978# auth_ldap.dn_lookup_base = DC=gopivotal,DC=com
979
980## Controls how to bind for authorisation queries and also to
981## retrieve the details of users logging in without presenting a
982## password (e.g., SASL EXTERNAL).
983## One of
984## - as_user (to bind as the authenticated user - requires a password)
985## - anon (to bind anonymously)
986## - {UserDN, Password} (to bind with a specified user name and password)
987##
988## Defaults to 'as_user'.
989##
990# auth_ldap.other_bind = as_user
991
992## Or can be more complex:
993# auth_ldap.other_bind.user_dn = User
994# auth_ldap.other_bind.password = Password
995
996## If user_dn and password defined - other options is ignored.
997
998# -----------------------------
999# Too complex section of LDAP
1000# -----------------------------
1001
1002##
1003## Authorisation
1004## =============
1005##
1006
1007## The LDAP plugin can perform a variety of queries against your
1008## LDAP server to determine questions of authorisation.
1009##
1010## Related doc guide: https://rabbitmq.com/ldap.html#authorisation.
1011
1012## Following configuration should be defined in advanced.config file
1013## DO NOT UNCOMMENT THESE LINES!
1014
1015## Set the query to use when determining vhost access
1016##
1017## {vhost_access_query, {in_group,
1018## "ou=${vhost}-users,ou=vhosts,dc=example,dc=com"}},
1019
1020## Set the query to use when determining resource (e.g., queue) access
1021##
1022## {resource_access_query, {constant, true}},
1023
1024## Set queries to determine which tags a user has
1025##
1026## {tag_queries, []}
1027# ]},