Add some ssl options

Author: rnurgaliyev

defaults/main.yml

@@ -23,6 +23,13 @@ rabbitmq_server_key                           : "files/rabbitmq_server_key.pem"
 rabbitmq_server_cert                          : "files/rabbitmq_server_cert.pem"
 rabbitmq_ssl                                  : true
 
+# SSL Configuration
+rabbitmq_copy_ssl_files                       : true
+rabbitmq_use_ssl_cn_as_login                  : false
+
+# Authentication mechanisms (not set by default)
+# rabbitmq_auth_mechanisms                    : [ 'PLAIN', 'AMQPLAIN' ]
+
 ## Optional logging
 ##  none, error, warnings, info, debug
 # rabbitmq_log_level                           :

tasks/configuration.yml

@@ -7,7 +7,7 @@
     group="rabbitmq"
     mode=0750
     state="directory"
-  when: rabbitmq_ssl
+  when: rabbitmq_ssl and rabbitmq_copy_ssl_files
 
 - name: configuration | copy the ssl certificates
   copy:
@@ -24,7 +24,7 @@
       dest: "{{ rabbitmq_conf_ssl_options_keyfile }}"
     - src: "{{ rabbitmq_server_cert }}"
       dest: "{{ rabbitmq_conf_ssl_options_certfile }}"
-  when: rabbitmq_ssl
+  when: rabbitmq_ssl and rabbitmq_copy_ssl_files
 
 - name: configuration | generate the configuration of rabbitmq
   template:

templates/rabbitmq.config.j2

@@ -24,6 +24,12 @@
     {tcp_listeners, []}{% if rabbitmq_ssl %},
 {% endif %}
 {% endif %}
+{% if rabbitmq_auth_mechanisms is defined %}
+    {auth_mechanisms, [ {% for authmech in rabbitmq_auth_mechanisms %}'{{authmech}}'{% if not loop.last %},{% endif %}{% endfor %} ]},
+{% endif %}
+{% if rabbitmq_use_ssl_cn_as_login %}
+    {ssl_cert_login_from, common_name},
+{% endif %}
 {% if rabbitmq_ssl %}
     {ssl_listeners, [{"{{ rabbitmq_conf_ssl_listeners_address }}", {{ rabbitmq_conf_ssl_listeners_port }}}]},
     {ssl_options, [