# Podman rabbitmq

- [Podman rabbitmq](#podman-rabbitmq)
  - [Setup rabbitmq Project](#setup-rabbitmq-project)
  - [Install rabbitmq](#install-rabbitmq)
    - [Expose rabbitmq](#expose-rabbitmq)
      - [firewalld](#firewalld)
  - [Backup rabbitmq](#backup-rabbitmq)
  - [Upgrade rabbitmq](#upgrade-rabbitmq)
    - [Upgrade Quadlets](#upgrade-quadlets)
  - [Uninstall](#uninstall)
  - [Notes](#notes)
    - [SELinux](#selinux)

## Setup rabbitmq Project

- [x] Copy and rename this folder to active/container_foobar
- [x] Find and replace rabbitmq with the name of the service.
- [ ] Create the rootless user to run the podman containers
- [ ] Write the compose.yaml spec for your service
- [ ] Convert the compose.yaml spec to a quadlet
- [ ] Install the quadlet on the podman server
- [ ] Expose the quadlet service
- [ ] Install a backup service and timer

## Install rabbitmq

<https://hub.docker.com/_/rabbitmq/>

```bash
ssh rabbitmq mkdir /srv/rabbitmq
scp active/container_rabbitmq/example.env rabbitmq:/srv/rabbitmq/rabbitmq.env
scp active/container_rabbitmq/rabbitmq-compose.yaml rabbitmq:
ssh rabbitmq docker compose -f rabbitmq-compose.yaml up
```

List queues

```bash
docker exec -it rabbitmq rabbitmqctl list_queues
```

### Expose rabbitmq

1. If you need a domain, follow the [DDNS instructions](/active/container_ddns/ddns.md#install-a-new-ddns-service)
2. For a web service, follow the [Caddy instructions](/active/container_caddy/caddy.md#adding-a-new-caddy-record)
3. Finally, follow your OS's guide for opening ports via its firewall service.

#### firewalld

```bash
# command to get current active zone and default zone
firewall-cmd --get-active-zones
firewall-cmd --get-default-zone

# command to open 443 on tcp
firewall-cmd --permanent --zone=<zone> --add-port=443/tcp

# command to open 80 and 443 on tcp and udp
firewall-cmd --permanent --zone=<zone> --add-port={80,443}/{tcp,udp}

# command to list available services and then open http and https
firewall-cmd --get-services
firewall-cmd --permanent --zone=<zone> --add-service={http,https}
```

## Backup rabbitmq

Follow the [Borg Backup instructions](/active/systemd_borg/borg.md#set-up-a-client-for-backup)

## Upgrade rabbitmq

### Upgrade Quadlets

Upgrades should be a repeat of [writing the compose spec](#convert-rabbitmq-compose-spec-to-quadlets) and [installing the quadlets](#start-and-enable-your-systemd-quadlet)

```bash
export PODMAN_SERVER=
scp -r quadlets/. $PODMAN_SERVER$:/home/rabbitmq/.config/containers/systemd/
ssh rabbitmq systemctl --user daemon-reload
ssh rabbitmq systemctl --user restart rabbitmq
```

## Uninstall

```bash
# Stop the user's services
systemctl --user disable podman-restart
podman container stop --all
systemctl --user disable --now podman.socket
systemctl --user disable --now podman-auto-update.timer

# Delete the user (this won't delete their home directory)
# userdel might spit out an error like:
# userdel: user rabbitmq is currently used by process 591255
# kill those processes and try again
userdel rabbitmq
```

## Notes

### SELinux

<https://blog.christophersmart.com/2021/01/31/podman-volumes-and-selinux/>

:z allows a container to share a mounted volume with all other containers.

:Z allows a container to reserve a mounted volume and prevents any other container from accessing.