Skip to content

Change the default Rabbitmq username and password #20

New issue
New issue
Open
Open
Change the default Rabbitmq username and password#20
@zagrosbingol

Description

@zagrosbingol
zagrosbingol
opened on Oct 30, 2024

Hello,

Hope all is well?

A great idea from a security wise perspective is to change the rabbitmq default username and password located in:
docker-compose.yml

See the following code:

version: '3'

services:
  db:
    image: postgres:latest
    restart: always
    command: "-c max_connections=512"
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: postgres
      POSTGRES_DB: postgres
    volumes:
      - db_data:/var/lib/postgresql/data
  pgbouncer:
    image: edoburu/pgbouncer:latest
    environment:
      - DB_HOST=db
      - DB_PORT=5432
      - DB_USER=postgres
      - DB_PASSWORD=postgres
      - AUTH_TYPE=scram-sha-256
      - DEFAULT_POOL_SIZE=512
      - MAX_CLIENT_CONN=10000
      - POOL_MODE=transaction
  rabbitmq:
    image: rabbitmq:3-management-alpine
    restart: always
    volumes:
      - mq_data:/var/lib/rabbitmq/
    healthcheck:
      test: rabbitmq-diagnostics -q ping
      interval: 30s
      timeout: 60s
      retries: 5
  web:
    build: .
    restart: always
    image: ghcr.io/bitthebyte/monitorizer:main
    command: /webserver-entrypoint.sh
    environment:
      POSTGRES_HOST: pgbouncer
      CELERY_BROKER_URL: 'amqp://guest:guest@rabbitmq:5672'
    ports:
      - "8000:8000"
    depends_on:
      - db
      - rabbitmq

  beat_worker:
    restart: always
    image: ghcr.io/bitthebyte/monitorizer:main
    command: celery -A monitorizer.server beat -l info
    depends_on:
      - db
      - rabbitmq
    environment:
      CELERY_BROKER_URL: 'amqp://guest:guest@rabbitmq:5672'
      POSTGRES_HOST: pgbouncer

  report_worker:
    restart: always
    image: ghcr.io/bitthebyte/monitorizer:main
    command: celery -A monitorizer.server worker -Q reports -l info
    depends_on:
      - db
      - rabbitmq
    environment:
      CELERY_BROKER_URL: 'amqp://guest:guest@rabbitmq:5672'
      POSTGRES_HOST: pgbouncer

  job_worker:
    restart: always
    privileged: true
    image: ghcr.io/bitthebyte/monitorizer:main
    command: celery -A monitorizer.server worker -Q default -l info
    depends_on:
      - db
      - rabbitmq
    environment:
      CELERY_BROKER_URL: 'amqp://guest:guest@rabbitmq:5672'
      POSTGRES_HOST: pgbouncer
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /home/.monitorizer:/home/.monitorizer:shared

volumes:
  db_data:
  mq_data:

Is it possible to randomize or do anything that can be changed or add a note in readme.md to let users know that a change of password shall be made in order to avoid attacks.

Thank you for all youre work and warm regards,

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions