From ac31b5331dc67bb1011c39fce146494fc0779cb0 Mon Sep 17 00:00:00 2001
From: aoliveir <adriano.oliveira@windriver.com>
Date: Thu, 12 May 2022 21:57:45 +0000
Subject: [PATCH] Debian: Remove default puppet-rabbitmq config

In Debian version 8.5.0-6 of puppet-rabbitmq package, there is
a default (new) loopback users configuration that restricts the
connection to the broker via loopback interface.
Also, the tcp_listen_options default config is already added via
starlingx amqp puppet manifest code (amqp.pp).
Therefore, both default package configurations have been changed,
via patch, to match starlingx's default behavior and code.

Test Plan:

PASS: rabbit-server-config package successfully built
PASS: Debian image successfully built
PASS: AIO-SX successfully installed
PASS: AIO-SX successfully bootstrapped
PASS: AIO-SX successfully unlocked
PASS: Checked via sm-dump rabbitmq started (removed UAR 32 and 33)
PASS: Checked that no ACCESS_REFUSED auth PLAIN error was raised

Story: 2009965
Task: 45354

Depends-On: https://review.opendev.org/c/starlingx/config-files/+/841345

Signed-off-by: Adriano Oliveira <adriano.oliveira@windriver.com>
Change-Id: I0b9f2bf64eba733bd1aece4c12683c0b9cd2135f
---
 ...uppet-rabbitmq-default-configuration.patch | 58 +++++++++++++++++++
 .../debian/patches/series                     |  1 +
 2 files changed, 59 insertions(+)
 create mode 100644 config/puppet-modules/puppet-rabbitmq-8.5.0/debian/patches/0005-Adjust-puppet-rabbitmq-default-configuration.patch

diff --git a/config/puppet-modules/puppet-rabbitmq-8.5.0/debian/patches/0005-Adjust-puppet-rabbitmq-default-configuration.patch b/config/puppet-modules/puppet-rabbitmq-8.5.0/debian/patches/0005-Adjust-puppet-rabbitmq-default-configuration.patch
new file mode 100644
index 000000000..1dca927a4
--- /dev/null
+++ b/config/puppet-modules/puppet-rabbitmq-8.5.0/debian/patches/0005-Adjust-puppet-rabbitmq-default-configuration.patch
@@ -0,0 +1,58 @@
+From dfdbc429ece1393227c045356fe255982f71bf7a Mon Sep 17 00:00:00 2001
+From: Adriano Oliveira <adriano.oliveira@windriver.com>
+Date: Thu, 12 May 2022 13:30:49 -0700
+Subject: [PATCH] Adjust puppet rabbitmq default configuration
+
+Remove loopback users restriction and tcp_listen_options
+configuration
+
+Signed-off-by: Adriano Oliveira <adriano.oliveira@windriver.com>
+---
+ templates/rabbitmq.config.erb | 24 +-----------------------
+ 1 file changed, 1 insertion(+), 23 deletions(-)
+
+diff --git a/templates/rabbitmq.config.erb b/templates/rabbitmq.config.erb
+index af45aa8..51d5292 100644
+--- a/templates/rabbitmq.config.erb
++++ b/templates/rabbitmq.config.erb
+@@ -8,7 +8,7 @@
+ <%- if @heartbeat -%>
+     {heartbeat, <%=@heartbeat%>},
+ <% end -%>
+-    {loopback_users, [<%= @loopback_users.map { |u| "<<\"#{u}\">>" }.join(', ') %>]},
++    {loopback_users, []},
+ <% if @auth_backends -%>
+     {auth_backends, [<%= @auth_backends.map { |v| "#{v}" }.join(', ') %>]},
+ <% elsif @ldap_auth -%>
+@@ -18,28 +18,6 @@
+     {cluster_nodes, {[<%= @cluster_nodes.map { |n| "\'rabbit@#{n}\'" }.join(', ') %>], <%= @cluster_node_type %>}},
+     {cluster_partition_handling, <%= @cluster_partition_handling %>},
+ <% end -%>
+-    {tcp_listen_options, [
+-         <%- unless @config_ranch -%>
+-         binary,
+-         {packet,        raw},
+-         {reuseaddr,     true},
+-         <%- end -%>
+-         <%- if @tcp_keepalive -%>
+-         {keepalive,     true},
+-         <%- end -%>
+-         <%- if @tcp_backlog -%>
+-         {backlog,       <%= @tcp_backlog %>},
+-         <%- end -%>
+-         <%- if @tcp_sndbuf -%>
+-         {sndbuf,       <%= @tcp_sndbuf %>},
+-         <%- end -%>
+-         <%- if @tcp_recbuf -%>
+-         {recbuf,       <%= @tcp_recbuf %>},
+-         <%- end -%>
+-         {nodelay,       true},
+-         {linger,        {true, 0}},
+-         {exit_on_close, false}
+-    ]},
+ <%- if @collect_statistics_interval -%>
+     {collect_statistics_interval, <%= @collect_statistics_interval %>},
+ <%- end -%>
+-- 
+2.17.1
+
diff --git a/config/puppet-modules/puppet-rabbitmq-8.5.0/debian/patches/series b/config/puppet-modules/puppet-rabbitmq-8.5.0/debian/patches/series
index 41aec6743..42be6e613 100644
--- a/config/puppet-modules/puppet-rabbitmq-8.5.0/debian/patches/series
+++ b/config/puppet-modules/puppet-rabbitmq-8.5.0/debian/patches/series
@@ -2,3 +2,4 @@
 0002-Changed-cipher-specification-to-open.patch
 0003-Remove-the-rabbitmq_nodename-fact.patch
 0004-Remove-incompatible-dependencies.patch
+0005-Adjust-puppet-rabbitmq-default-configuration.patch