zulip/scripts/setup/configure-rabbitmq

#!/usr/bin/env bash
#
# Delete the "guest" default user and replace it with a Zulip user
# with a real password
set -eu

# If the RabbitMQ distribution cookie is insecure, reset it and
# restart RabbitMQ.
"$(dirname "$0")/generate-rabbitmq-cookie"

RABBITMQ_USERNAME=$("$(dirname "$0")/../get-django-setting" RABBITMQ_USERNAME)
RABBITMQ_PASSWORD=$("$(dirname "$0")/../get-django-setting" RABBITMQ_PASSWORD)

# Wait for RabbitMQ to start up
retries=29
# Could use rabbitmqctl await_startup when we upgrade to 3.7.11.
while ! rabbitmqctl -q await_online_nodes 1 2>/dev/null; do
    if ((retries == 29)); then
        echo "Waiting for RabbitMQ to start up..."
    fi
    sleep 1
    if ! ((retries -= 1)); then
        rabbitmqctl -q await_online_nodes 1
        break
    fi
done

rabbitmqctl delete_user "$RABBITMQ_USERNAME" || true
rabbitmqctl delete_user zulip || true
rabbitmqctl delete_user guest || true
rabbitmqctl add_user "$RABBITMQ_USERNAME" "$RABBITMQ_PASSWORD"
rabbitmqctl set_user_tags "$RABBITMQ_USERNAME" administrator
rabbitmqctl set_permissions -p / "$RABBITMQ_USERNAME" '.*' '.*' '.*'
Add support for running OpenBSD in development environment. 2016-01-12 13:08:43 +01:00			`#!/usr/bin/env bash`
[manual] Use rabbitmq queue to process UserActivity. Before this is deployed, we need to install rabbitmq and pika on the target server (see the puppet part of this commit for how). When this is deployed, we need to start the new user activity bot: ./manage.py process_user_activity in the screen session on the relevant server, or user_activity logs won't be processed (which will eventually result in all users getting notifications about how their mirrors are out of date). (imported from commit 44d605aca0290bef2c94fb99267e15e26b21673b) 2013-01-11 21:16:42 +01:00			`#`
Change Humbug => Zulip in text/comments. (imported from commit 2f9d73431ae40e1b9e9e11bc2f4f62f566ae758a) 2013-08-06 21:32:15 +02:00			`# Delete the "guest" default user and replace it with a Zulip user`
[manual] Use rabbitmq queue to process UserActivity. Before this is deployed, we need to install rabbitmq and pika on the target server (see the puppet part of this commit for how). When this is deployed, we need to start the new user activity bot: ./manage.py process_user_activity in the screen session on the relevant server, or user_activity logs won't be processed (which will eventually result in all users getting notifications about how their mirrors are out of date). (imported from commit 44d605aca0290bef2c94fb99267e15e26b21673b) 2013-01-11 21:16:42 +01:00			`# with a real password`
configure-rabbitmq: Set -u, and not -x. 2021-12-17 01:39:34 +01:00			`set -eu`
[manual] Use rabbitmq queue to process UserActivity. Before this is deployed, we need to install rabbitmq and pika on the target server (see the puppet part of this commit for how). When this is deployed, we need to start the new user activity bot: ./manage.py process_user_activity in the screen session on the relevant server, or user_activity logs won't be processed (which will eventually result in all users getting notifications about how their mirrors are out of date). (imported from commit 44d605aca0290bef2c94fb99267e15e26b21673b) 2013-01-11 21:16:42 +01:00
CVE-2021-43799: Set a secure Erlang cookie. The RabbitMQ docs state ([1]): RabbitMQ nodes and CLI tools (e.g. rabbitmqctl) use a cookie to determine whether they are allowed to communicate with each other. [...] The cookie is just a string of alphanumeric characters up to 255 characters in size. It is usually stored in a local file. ...and goes on to state (emphasis ours): If the file does not exist, Erlang VM will try to create one with a randomly generated value when the RabbitMQ server starts up. Using such generated cookie files are appropriate in development environments only. The auto-generated cookie does not use cryptographic sources of randomness, and generates 20 characters of `[A-Z]`. Because of a semi-predictable seed, the entropy of this password is thus less than the idealized 26^20 = 94 bits of entropy; in actuality, it is 36 bits of entropy, or potentially as low as 20 if the performance of the server is known. These sizes are well within the scope of remote brute-force attacks. On provision, install, and upgrade, replace the default insecure 20-character Erlang cookie with a cryptographically secure 255-character string (the max length allowed). [1] https://www.rabbitmq.com/clustering.html#erlang-cookie 2021-12-07 21:55:38 +01:00			`# If the RabbitMQ distribution cookie is insecure, reset it and`
			`# restart RabbitMQ.`
configure-rabbitmq: Remove use of sudo. It already runs as root everywhere except in provision_inner, so move the sudo there. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-04-16 01:05:21 +02:00			`"$(dirname "$0")/generate-rabbitmq-cookie"`
CVE-2021-43799: Set a secure Erlang cookie. The RabbitMQ docs state ([1]): RabbitMQ nodes and CLI tools (e.g. rabbitmqctl) use a cookie to determine whether they are allowed to communicate with each other. [...] The cookie is just a string of alphanumeric characters up to 255 characters in size. It is usually stored in a local file. ...and goes on to state (emphasis ours): If the file does not exist, Erlang VM will try to create one with a randomly generated value when the RabbitMQ server starts up. Using such generated cookie files are appropriate in development environments only. The auto-generated cookie does not use cryptographic sources of randomness, and generates 20 characters of `[A-Z]`. Because of a semi-predictable seed, the entropy of this password is thus less than the idealized 26^20 = 94 bits of entropy; in actuality, it is 36 bits of entropy, or potentially as low as 20 if the performance of the server is known. These sizes are well within the scope of remote brute-force attacks. On provision, install, and upgrade, replace the default insecure 20-character Erlang cookie with a cryptographically secure 255-character string (the max length allowed). [1] https://www.rabbitmq.com/clustering.html#erlang-cookie 2021-12-07 21:55:38 +01:00
Move bin/get-django-setting to scripts/. 2016-05-08 04:02:32 +02:00			`RABBITMQ_USERNAME=$("$(dirname "$0")/../get-django-setting" RABBITMQ_USERNAME)`
			`RABBITMQ_PASSWORD=$("$(dirname "$0")/../get-django-setting" RABBITMQ_PASSWORD)`
configure-rabbitmq: Allow running as root. This makes it possible to run this in production without access to sudo. 2019-03-15 01:08:55 +01:00
configure-rabbitmq: Wait for RabbitMQ to start up. Fixes an occasional failure in ‘vagrant up --provision’. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-10-16 00:14:26 +02:00			`# Wait for RabbitMQ to start up`
configure-rabbitmq: Increase startup timeout. Starting RabbitMQ at boot seems to have gotten slower, which broke ‘vagrant up --provision’. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-12-03 21:03:16 +01:00			`retries=29`
configure-rabbitmq: Use rabbitmqctl await_online_nodes. rabbitmqctl ping only checks that the Erlang process is registered with epmd. There’s a window after that where the rabbit app is still starting inside it. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-03-12 22:40:49 +01:00			`# Could use rabbitmqctl await_startup when we upgrade to 3.7.11.`
configure-rabbitmq: Remove use of sudo. It already runs as root everywhere except in provision_inner, so move the sudo there. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-04-16 01:05:21 +02:00			`while ! rabbitmqctl -q await_online_nodes 1 2>/dev/null; do`
configure-rabbitmq: Use rabbitmqctl await_online_nodes. rabbitmqctl ping only checks that the Erlang process is registered with epmd. There’s a window after that where the rabbit app is still starting inside it. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-03-12 22:40:49 +01:00			`if ((retries == 29)); then`
			`echo "Waiting for RabbitMQ to start up..."`
			`fi`
configure-rabbitmq: Wait for RabbitMQ to start up. Fixes an occasional failure in ‘vagrant up --provision’. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-10-16 00:14:26 +02:00			`sleep 1`
			`if ! ((retries -= 1)); then`
configure-rabbitmq: Remove use of sudo. It already runs as root everywhere except in provision_inner, so move the sudo there. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-04-16 01:05:21 +02:00			`rabbitmqctl -q await_online_nodes 1`
configure-rabbitmq: Wait for RabbitMQ to start up. Fixes an occasional failure in ‘vagrant up --provision’. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-10-16 00:14:26 +02:00			`break`
			`fi`
			`done`

configure-rabbitmq: Remove use of sudo. It already runs as root everywhere except in provision_inner, so move the sudo there. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2022-04-16 01:05:21 +02:00			`rabbitmqctl delete_user "$RABBITMQ_USERNAME" \|\| true`
			`rabbitmqctl delete_user zulip \|\| true`
			`rabbitmqctl delete_user guest \|\| true`
			`rabbitmqctl add_user "$RABBITMQ_USERNAME" "$RABBITMQ_PASSWORD"`
			`rabbitmqctl set_user_tags "$RABBITMQ_USERNAME" administrator`
			`rabbitmqctl set_permissions -p / "$RABBITMQ_USERNAME" '.' '.' '.*'`