143 lines
5.6 KiB
Bash
Executable File
143 lines
5.6 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# RabbitMQ Management API Setup Script
|
|
# Configures user permissions for non-destructive DLQ message peeking
|
|
|
|
set -e
|
|
|
|
echo "╔════════════════════════════════════════════════════════════╗"
|
|
echo "║ RabbitMQ Management API Setup ║"
|
|
echo "╚════════════════════════════════════════════════════════════╝"
|
|
echo ""
|
|
|
|
# Get RabbitMQ user from environment or use default
|
|
RABBITMQ_USER=${QUEUE_USR:-agm}
|
|
RABBITMQ_PASS=${QUEUE_PWD:-Ag@Rabbit2024}
|
|
RABBITMQ_VHOST=${QUEUE_VHOST:-/}
|
|
MGMT_PORT=${RABBITMQ_MGMT_PORT:-15672}
|
|
|
|
echo "Configuration:"
|
|
echo " User: $RABBITMQ_USER"
|
|
echo " VHost: $RABBITMQ_VHOST"
|
|
echo " Mgmt Port: $MGMT_PORT"
|
|
echo ""
|
|
|
|
# Step 1: Check if Management plugin is enabled
|
|
echo "──────────────────────────────────────────────────────────"
|
|
echo "Step 1: Checking Management plugin..."
|
|
|
|
if rabbitmq-plugins list | grep -q '\[E\*\] rabbitmq_management'; then
|
|
echo "✓ Management plugin is already enabled"
|
|
else
|
|
echo "⚠ Management plugin not enabled. Enabling..."
|
|
sudo rabbitmq-plugins enable rabbitmq_management
|
|
echo "✓ Management plugin enabled"
|
|
echo " Note: RabbitMQ may need restart for changes to take effect"
|
|
fi
|
|
echo ""
|
|
|
|
# Step 2: Check current user tags
|
|
echo "──────────────────────────────────────────────────────────"
|
|
echo "Step 2: Checking user permissions..."
|
|
|
|
USER_INFO=$(sudo rabbitmqctl list_users | grep "^${RABBITMQ_USER}" || echo "")
|
|
|
|
if [ -z "$USER_INFO" ]; then
|
|
echo "✗ User '$RABBITMQ_USER' not found!"
|
|
echo " Creating user..."
|
|
sudo rabbitmqctl add_user "$RABBITMQ_USER" "$RABBITMQ_PASS"
|
|
echo "✓ User created"
|
|
USER_INFO=$(sudo rabbitmqctl list_users | grep "^${RABBITMQ_USER}")
|
|
fi
|
|
|
|
echo " Current: $USER_INFO"
|
|
|
|
# Check if user has monitoring or management tag
|
|
if echo "$USER_INFO" | grep -qE '\[(monitoring|management|administrator)'; then
|
|
echo "✓ User already has Management API access"
|
|
else
|
|
echo "⚠ User lacks Management API tags. Adding 'monitoring' tag..."
|
|
sudo rabbitmqctl set_user_tags "$RABBITMQ_USER" monitoring
|
|
echo "✓ Added 'monitoring' tag to user"
|
|
|
|
NEW_INFO=$(sudo rabbitmqctl list_users | grep "^${RABBITMQ_USER}")
|
|
echo " Updated: $NEW_INFO"
|
|
fi
|
|
echo ""
|
|
|
|
# Step 3: Verify vhost permissions
|
|
echo "──────────────────────────────────────────────────────────"
|
|
echo "Step 3: Verifying vhost permissions..."
|
|
|
|
PERMS=$(sudo rabbitmqctl list_permissions -p "$RABBITMQ_VHOST" | grep "^${RABBITMQ_USER}" || echo "")
|
|
|
|
if [ -z "$PERMS" ]; then
|
|
echo "⚠ User has no permissions on vhost '$RABBITMQ_VHOST'. Setting..."
|
|
sudo rabbitmqctl set_permissions -p "$RABBITMQ_VHOST" "$RABBITMQ_USER" ".*" ".*" ".*"
|
|
echo "✓ Permissions set"
|
|
else
|
|
echo "✓ User has permissions: $PERMS"
|
|
fi
|
|
echo ""
|
|
|
|
# Step 4: Test Management API access
|
|
echo "──────────────────────────────────────────────────────────"
|
|
echo "Step 4: Testing Management API access..."
|
|
|
|
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" \
|
|
-u "${RABBITMQ_USER}:${RABBITMQ_PASS}" \
|
|
"http://localhost:${MGMT_PORT}/api/overview" 2>/dev/null || echo "000")
|
|
|
|
if [ "$HTTP_CODE" = "200" ]; then
|
|
echo "✓ Management API access successful!"
|
|
|
|
# Get RabbitMQ version
|
|
RABBITMQ_VERSION=$(curl -s -u "${RABBITMQ_USER}:${RABBITMQ_PASS}" \
|
|
"http://localhost:${MGMT_PORT}/api/overview" 2>/dev/null | \
|
|
grep -o '"rabbitmq_version":"[^"]*"' | cut -d'"' -f4 || echo "unknown")
|
|
|
|
echo " RabbitMQ Version: $RABBITMQ_VERSION"
|
|
echo " Management UI: http://localhost:${MGMT_PORT}"
|
|
|
|
elif [ "$HTTP_CODE" = "401" ]; then
|
|
echo "✗ Authentication failed (401)"
|
|
echo " Possible causes:"
|
|
echo " - Incorrect password"
|
|
echo " - User tags not updated yet (may need RabbitMQ restart)"
|
|
echo " - Try: sudo systemctl restart rabbitmq-server"
|
|
exit 1
|
|
|
|
elif [ "$HTTP_CODE" = "000" ]; then
|
|
echo "✗ Connection refused"
|
|
echo " Possible causes:"
|
|
echo " - Management plugin not fully started"
|
|
echo " - RabbitMQ not running"
|
|
echo " - Firewall blocking port $MGMT_PORT"
|
|
echo " - Try: sudo systemctl status rabbitmq-server"
|
|
exit 1
|
|
|
|
else
|
|
echo "✗ Unexpected HTTP code: $HTTP_CODE"
|
|
exit 1
|
|
fi
|
|
echo ""
|
|
|
|
# Summary
|
|
echo "══════════════════════════════════════════════════════════"
|
|
echo "Setup Complete!"
|
|
echo "══════════════════════════════════════════════════════════"
|
|
echo ""
|
|
echo "Management API Configuration:"
|
|
echo " URL: http://localhost:${MGMT_PORT}"
|
|
echo " Username: $RABBITMQ_USER"
|
|
echo " Password: ****"
|
|
echo " Tags: monitoring (or better)"
|
|
echo ""
|
|
echo "Test DLQ messages endpoint:"
|
|
echo " curl -u ${RABBITMQ_USER}:**** \\"
|
|
echo " 'http://localhost:4100/api/dlq/dev_partner_tasks/messages?limit=10'"
|
|
echo ""
|
|
echo "Or test with script:"
|
|
echo " node tests/test_dlq_mgmt_api.js"
|
|
echo ""
|