Support for configuring the rabbitmq_management web UI

When rabbitmq::admin_enable => true, then also configure RabbitMQ to enable
the rabbitmq_management web UI, running on rabbitmq::management_port.
Or, if ssl => true, then configure it as an SSL listener on
rabbitmq::ssl_management_port.

Also added a ssl_port parameter which defines the SSL port for RabbitMQ
service itself.  Previously, the rabbitmq::ssl_management_port parameter
was used for the RabbitMQ service SSL bind port.  So this potentially
breaks people who are currently using this module to configure RabbitMQ
for SSL on a non-standard port.  (They need to use the ssl_port parmeter
now, instead of ssl_management_port.)  Not exactly sure the best way
to approach a solution to that.

manifests/config.pp

@@ -1,5 +1,6 @@
 class rabbitmq::config {
 
+  $admin_enable               = $rabbitmq::admin_enable
   $cluster_disk_nodes         = $rabbitmq::cluster_disk_nodes
   $cluster_node_type          = $rabbitmq::cluster_node_type
   $cluster_nodes              = $rabbitmq::cluster_nodes
@@ -12,6 +13,7 @@
   $env_config                 = $rabbitmq::env_config
   $env_config_path            = $rabbitmq::env_config_path
   $erlang_cookie              = $rabbitmq::erlang_cookie
+  $management_port            = $rabbitmq::management_port
   $node_ip_address            = $rabbitmq::node_ip_address
   $plugin_dir                 = $rabbitmq::plugin_dir
   $port                       = $rabbitmq::port
@@ -21,6 +23,7 @@
   $ssl_cacert                 = $rabbitmq::ssl_cacert
   $ssl_cert                   = $rabbitmq::ssl_cert
   $ssl_key                    = $rabbitmq::ssl_key
+  $ssl_port                   = $rabbitmq::ssl_port
   $ssl_management_port        = $rabbitmq::ssl_management_port
   $ssl_stomp_port             = $rabbitmq::ssl_stomp_port
   $ssl_verify                 = $rabbitmq::ssl_verify

manifests/init.pp

@@ -33,6 +33,7 @@
   $ssl_cacert                 = $rabbitmq::params::ssl_cacert,
   $ssl_cert                   = $rabbitmq::params::ssl_cert,
   $ssl_key                    = $rabbitmq::params::ssl_key,
+  $ssl_port                   = $rabbitmq::params::ssl_port,
   $ssl_management_port        = $rabbitmq::params::ssl_management_port,
   $ssl_stomp_port             = $rabbitmq::params::ssl_stomp_port,
   $ssl_verify                 = $rabbitmq::params::ssl_verify,
@@ -91,7 +92,7 @@
   validate_string($ssl_cacert)
   validate_string($ssl_cert)
   validate_string($ssl_key)
-  validate_string($ssl_management_port)
+  validate_re($ssl_port, '\d+')
   validate_re($ssl_management_port, '\d+')
   validate_string($ssl_stomp_port)
   validate_re($ssl_stomp_port, '\d+')

manifests/params.pp

@@ -77,7 +77,8 @@
   $ssl_cacert                 = 'UNSET'
   $ssl_cert                   = 'UNSET'
   $ssl_key                    = 'UNSET'
-  $ssl_management_port        = '5671'
+  $ssl_port                   = '5671'
+  $ssl_management_port        = '15671'
   $ssl_stomp_port             = '6164'
   $ssl_verify                 = 'verify_none'
   $ssl_fail_if_no_peer_cert   = 'false'

spec/classes/rabbitmq_spec.rb

@@ -325,7 +325,7 @@
       describe 'ssl options' do
         let(:params) {
           { :ssl => true,
-            :ssl_management_port => 3141,
+            :ssl_port => 3141,
             :ssl_cacert => '/path/to/cacert',
             :ssl_cert => '/path/to/cert',
             :ssl_key => '/path/to/key'
@@ -362,6 +362,88 @@
         end
       end
 
+      describe 'ssl admin options' do
+        let(:params) {
+          { :ssl => true,
+            :ssl_management_port => 3141,
+            :ssl_cacert => '/path/to/cacert',
+            :ssl_cert => '/path/to/cert',
+            :ssl_key => '/path/to/key',
+            :admin_enable => true
+        } }
+
+        it 'should set rabbitmq_management ssl options to specified values' do
+          contain_file('rabbitmq.config').with({
+            'content' => %r|\{rabbitmq_management, \[.*
+                          \{listener, \[.*
+                          \{port, 3141\},.*
+                          \{ssl, true\},.*
+                          \{ssl_opts, \[\{cacertfile, "/path/to/cacert"\},.*
+                          \{certfile, "/path/to/cert"\},.*
+                          \{keyfile, "/path/to/key"\}\]\}.*
+                          \]\}|,
+          })
+        end
+      end
+
+      describe 'admin without ssl' do
+        let(:params) {
+          { :ssl => false,
+            :management_port => 3141,
+            :admin_enable => true
+        } }
+
+        it 'should set rabbitmq_management  options to specified values' do
+          contain_file('rabbitmq.config').with({
+            'content' => /\{rabbitmq_management, \[.*
+                          \{listener, \[.*
+                          \{port, 3141\},.*
+                          \]\}/,
+          })
+        end
+      end
+
+      describe 'ssl admin options' do
+        let(:params) {
+          { :ssl => true,
+            :ssl_management_port => 3141,
+            :ssl_cacert => '/path/to/cacert',
+            :ssl_cert => '/path/to/cert',
+            :ssl_key => '/path/to/key',
+            :admin_enable => true
+        } }
+
+        it 'should set rabbitmq_management ssl options to specified values' do
+          contain_file('rabbitmq.config').with({
+            'content' => %r|\{rabbitmq_management, \[.*
+                          \{listener, \[.*
+                          \{port, 3141\},.*
+                          \{ssl, true\},.*
+                          \{ssl_opts, \[\{cacertfile, "/path/to/cacert"\},.*
+                          \{certfile, "/path/to/cert"\},.*
+                          \{keyfile, "/path/to/key"\}\]\}.*
+                          \]\}|,
+          })
+        end
+      end
+
+      describe 'admin without ssl' do
+        let(:params) {
+          { :ssl => false,
+            :management_port => 3141,
+            :admin_enable => true
+        } }
+
+        it 'should set rabbitmq_management  options to specified values' do
+          contain_file('rabbitmq.config').with({
+            'content' => /\{rabbitmq_management, \[.*
+                          \{listener, \[.*
+                          \{port, 3141\},.*
+                          \]\}/,
+          })
+        end
+      end
+
       describe 'config_variables options' do
         let(:params) {{ :config_variables => {
             'hipe_compile'                  => true,

templates/rabbitmq.config.erb

@@ -13,7 +13,7 @@
     {tcp_listeners, []},
 <%- end -%>
 <%- if @ssl -%>
-    {ssl_listeners, [<%= @ssl_management_port %>]},
+    {ssl_listeners, [<%= @ssl_port %>]},
     {ssl_options, [{cacertfile,"<%= @ssl_cacert %>"},
                     {certfile,"<%= @ssl_cert %>"},
                     {keyfile,"<%= @ssl_key %>"},
@@ -32,6 +32,21 @@
     <%= @config_kernel_variables.sort.map{|k,v| "{#{k}, #{v}}"}.join(",\n    ") %>
   ]}
 <%- end -%>
+<%- if @admin_enable -%>,
+  {rabbitmq_management, [
+    {listener, [
+<%- if @ssl -%>
+      {port, <%= @ssl_management_port %>},
+      {ssl, true},
+      {ssl_opts, [{cacertfile, "<%= @ssl_cacert %>"},
+                  {certfile, "<%= @ssl_cert %>"},
+                  {keyfile, "<%= @ssl_key %>"}]}
+<%- else -%>
+      {port, <%= @management_port %>}
+<%- end -%>
+    ]}
+  ]}
+<%- end -%>
 <% if @config_stomp -%>,
 % Configure the Stomp Plugin listening port
   {rabbitmq_stomp, [