From c97278ee8f32cf159c4f5102b4f9d610c6555a7e Mon Sep 17 00:00:00 2001
From: Zev Benjamin <zev@zulip.com>
Date: Wed, 23 Oct 2013 17:17:12 -0400
Subject: [PATCH] [manual] puppet: Make RabbitMQ and epmd only listen on
 localhost

To apply this change, we must not only do a puppet apply, but also
restart rabbitmq and epmd.  Rabbitmq is easy to restart, but epmd is
a little more annoying.  epmd is run as a side effect of starting up
rabbitmq-server, but is not stopped when rabbitmq-server is stopped.
Therefore, the correct procedure is to stop rabbitmq-server, kill
epmd (by running `epmd -kill`), and then start rabbitmq-server again.

(imported from commit a651e5363a8b9a04b713c31baef379c566d5dbfc)
---
 .../zulip/files/rabbitmq/rabbitmq-server       | 11 +++++++++++
 .../zulip/files/rabbitmq/rabbitmq.config       |  4 ++++
 .../puppet/modules/zulip/manifests/rabbit.pp   | 18 ++++++++++++++++++
 3 files changed, 33 insertions(+)
 create mode 100644 servers/puppet/modules/zulip/files/rabbitmq/rabbitmq-server
 create mode 100644 servers/puppet/modules/zulip/files/rabbitmq/rabbitmq.config

diff --git a/servers/puppet/modules/zulip/files/rabbitmq/rabbitmq-server b/servers/puppet/modules/zulip/files/rabbitmq/rabbitmq-server
new file mode 100644
index 0000000000..a1c281b888
--- /dev/null
+++ b/servers/puppet/modules/zulip/files/rabbitmq/rabbitmq-server
@@ -0,0 +1,11 @@
+# This file is sourced by /etc/init.d/rabbitmq-server. Its primary
+# reason for existing is to allow adjustment of system limits for the
+# rabbitmq-server process.
+#
+# Maximum number of open file handles. This will need to be increased
+# to handle many simultaneous connections. Refer to the system
+# documentation for ulimit (in man bash) for more information.
+#
+#ulimit -n 1024
+
+export ERL_EPMD_ADDRESS=127.0.0.1
diff --git a/servers/puppet/modules/zulip/files/rabbitmq/rabbitmq.config b/servers/puppet/modules/zulip/files/rabbitmq/rabbitmq.config
new file mode 100644
index 0000000000..07c3a5d04c
--- /dev/null
+++ b/servers/puppet/modules/zulip/files/rabbitmq/rabbitmq.config
@@ -0,0 +1,4 @@
+[{kernel, [{inet_dist_use_interface, {127,0,0,1}}]},
+ {rabbit, [{tcp_listeners, [{"127.0.0.1", 5672}]}]},
+ {rabbitmq_mochiweb, [{listeners, [{mgmt, [{ip, "127.0.0.1"},
+                                           {port, 55672}]}]}]}].
diff --git a/servers/puppet/modules/zulip/manifests/rabbit.pp b/servers/puppet/modules/zulip/manifests/rabbit.pp
index 9b3e93469a..7de7691d67 100644
--- a/servers/puppet/modules/zulip/manifests/rabbit.pp
+++ b/servers/puppet/modules/zulip/manifests/rabbit.pp
@@ -19,5 +19,23 @@ class zulip::rabbit {
     source => "puppet:///modules/zulip/cron.d/rabbitmq-numconsumers",
   }
 
+  file { "/etc/default/rabbitmq-server":
+    require => Package[rabbitmq-server],
+    ensure => file,
+    owner  => "root",
+    group  => "root",
+    mode => 644,
+    source => "puppet:///modules/zulip/rabbitmq/rabbitmq-server",
+  } 
+
+  file { "/etc/rabbitmq/rabbitmq.config":
+    require => Package[rabbitmq-server],
+    ensure => file,
+    owner  => "root",
+    group  => "root",
+    mode => 644,
+    source => "puppet:///modules/zulip/rabbitmq/rabbitmq.config",
+  }
+
   # TODO: Should also call exactly once "servers/configure-rabbitmq"
 }