Skip to content

No default vhost or user created if definition.json exists #365

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
vincenzodnp opened this issue Sep 2, 2019 · 9 comments
Closed

No default vhost or user created if definition.json exists #365

vincenzodnp opened this issue Sep 2, 2019 · 9 comments

Comments

@vincenzodnp
Copy link

Hello there.
I'm trying to apply a definitions.json file to a rabbitmq 3.7 management container.
Here my Dockerfile

FROM rabbitmq:3-management
ADD definitions.json /etc/rabbitmq/definitions.json

and here my definitions.json file

{
  "vhosts":[
        {"name": "/"}
  ],
  "policies":[
        {"vhost":"/","name":"ha","pattern":"^test-", "definition":{"ha-mode":"all","ha-sync-mode":"automatic","ha-sync-batch-size":5}}
  ]
}

When I run the container, it starts correctly but no default user and password are set.

rabbitmqctl list_users
Listing users ...

even if
rabbitmqctl environments shows:

{default_permissions,[<<".*">>,<<".*">>,<<".*">>]},
{default_user,<<"guest">>},
{default_user_tags,[administrator]},
{default_vhost,<<"/">>},

I have tried also to run the container with RABBITMQ_DEFAULT_USER and RABBITMQ_DEFAULT_PASS variables, but no luck.

If I remove the vhosts section in definitions.json . container doesn' start and shows error
{error,<<"Please create virtual host \"\" prior to importing definitions.">>}

So has definitions.json precedence instead of rabbitmq.conf? Why empty database is not initialized BEFORE import definitions.json?
Thanks
Vincenzo
@vincenzodnp
Copy link
Author

PS: If I use a complete definitions.json file, with users, permissions, vhost and policies sections, all is working as expected

@wglambert
Copy link

https://www.rabbitmq.com/management.html#load-definitions

if you start from a completely reset broker, use of this option will prevent the usual default user / virtual host / permissions from being created.

Using environment variables modifies the rabbitmq.conf correctly, but they're not interpreted with the definitions.json being used

$ docker run -d --rm -p 8080:15672 -e RABBITMQ_DEFAULT_USER=user -e RABBITMQ_DEFAULT_PASS=password --name rabbit rabbitmq:test
8599aa036285a73822da5837c6e132825ba94a3429f9e143bc29057598945670

$ docker exec rabbit cat /etc/rabbitmq/rabbitmq.conf
loopback_users.guest = false
listeners.tcp.default = 5672
default_pass = password
default_user = user
management.listener.port = 15672
management.listener.ssl = false
management.load_definitions = /etc/rabbitmq/definitions.json

$ docker exec rabbit rabbitmqctl list_users
Listing users ...

@tianon
Copy link
Member

tianon commented Sep 5, 2019

Closing as this is the intentional behavior of RabbitMQ upstream. 👍

@tianon tianon closed this as completed Sep 5, 2019
@vincenzodnp
Copy link
Author

Thanks for the answers.

@andilabs
Copy link

andilabs commented Oct 5, 2021

@vincenzodnp could you show how your fully pleged defintions.json looks like to create default user with pass?

@vincenzodnp
Copy link
Author

I used this:

  "vhosts":[
        {"name": "${RABBITMQ_DEFAULT_VHOST}"}
  ],
  "users": [
        { "name": "${RABBITMQ_DEFAULT_USER}", "password": "${RABBITMQ_DEFAULT_PASS}", "tags": "administrator" }
  ],
  "permissions":[
        { "user": "${RABBITMQ_DEFAULT_USER}", "vhost": "${RABBITMQ_DEFAULT_VHOST}", "configure": ".*", "write": ".*", "read": ".*" }
  ],
  "policies":[
        {"vhost":"${RABBITMQ_DEFAULT_VHOST}","name":"lagoon-ha","pattern":"${RABBITMQ_DEFAULT_HA_PATTERN}", "definition":{"ha-mode":"exactly","ha-params":2,"ha-sync-mode":"automatic","ha-sync-batch-size":5}}
  ]
}

@javsalgar javsalgar mentioned this issue Jul 6, 2022
Closed
@jason-leeee
Copy link

I used this:

  "vhosts":[
        {"name": "${RABBITMQ_DEFAULT_VHOST}"}
  ],
  "users": [
        { "name": "${RABBITMQ_DEFAULT_USER}", "password": "${RABBITMQ_DEFAULT_PASS}", "tags": "administrator" }
  ],
  "permissions":[
        { "user": "${RABBITMQ_DEFAULT_USER}", "vhost": "${RABBITMQ_DEFAULT_VHOST}", "configure": ".*", "write": ".*", "read": ".*" }
  ],
  "policies":[
        {"vhost":"${RABBITMQ_DEFAULT_VHOST}","name":"lagoon-ha","pattern":"${RABBITMQ_DEFAULT_HA_PATTERN}", "definition":{"ha-mode":"exactly","ha-params":2,"ha-sync-mode":"automatic","ha-sync-batch-size":5}}
  ]
}

Had the same issue and this solved it!

@v-bulynkin
Copy link

v-bulynkin commented Aug 9, 2023
edited
Loading

I've tried using ${RABBITMQ_DEFAULT_USER} and ${RABBITMQ_DEFAULT_PASS} in definitions.json as shown above and now I have login ${RABBITMQ_DEFAULT_USER} and password ${RABBITMQ_DEFAULT_PASS} (literally).
What's wrong?

From logs:

2023-08-09 10:21:20.631595+00:00 [info] <0.424.0> Created user '${RABBITMQ_DEFAULT_USER}'
2023-08-09 10:21:20.680225+00:00 [info] <0.424.0> Successfully set permissions for user '${RABBITMQ_DEFAULT_USER}' in virtual host '/' to '.*', '.*', '.*'

@lukebakken
Copy link
Collaborator

@v-bulynkin I have no idea how the method in this comment ever worked. Templating the definitons.json file is not supported.

Please start a new discussion and we can assist you. Attach your complete Dockerfile and all other files necessary to demonstrate what you are trying to accomplish. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@tianon @lukebakken @andilabs @vincenzodnp @wglambert @v-bulynkin @jason-leeee