RabbitMQ connector + password change message handler (#4560)

Author: shepilov

cozy.example.yaml

@@ -530,3 +530,24 @@ contexts:
           - src: /logos/1_partner.png
             alt: Partner n°1
             type: secondary
+
+rabbitmq:
+  enabled: true
+  url: amqp://guest:guest@localhost:5672/
+  tls:
+    # root_ca: /etc/ssl/certs/ca.pem
+    insecure_skip_validation: false
+  exchanges:
+    - name: auth
+      kind: topic
+      durable: true
+      declare_exchange: true
+      dlx_name: auth.dlx
+      queues:
+        - name: user.password.updated
+          declare: true
+          prefetch: 8
+          delivery_limit: 5
+          bindings:
+            - password.changed
+

docs/rabbitmq.md

@@ -0,0 +1,209 @@
+## RabbitMQ
+
+Integration with RabbitMQ: configuration, topology, and handler semantics.
+
+### Overview
+
+Cozy Stack can consume messages from RabbitMQ and dispatch them to Go handlers. The consumer is managed by a background manager which:
+
+- establishes and monitors the AMQP connection (with optional TLS),
+- declares exchanges and queues (if configured to do so),
+- binds queues to routing keys,
+- starts per-queue consumers with QoS and redelivery limits,
+- dispatches deliveries to queue-specific handlers.
+
+### Configuration
+
+RabbitMQ is configured in `cozy.yaml` under the `rabbitmq` key.
+
+Key fields:
+
+- `enabled`: Enable the consumer.
+- `url`: AMQP URL, e.g. `amqp://guest:guest@localhost:5672/`.
+- `tls`: Optional TLS settings (`root_ca`, `insecure_skip_validation`, `server_name`).
+- `exchanges[]`: List of exchanges the stack should consume from.
+  - `name`: Exchange name.
+  - `kind`: Exchange type (e.g. `topic`).
+  - `durable`: Whether the exchange is durable.
+  - `declare_exchange`: If true, the exchange is declared on startup.
+  - `dlx_name`, `dlq_name`: Optional defaults for queues under this exchange.
+  - `queues[]`: List of queues to consume.
+    - `name`: Queue name.
+    - `bindings[]`: Routing keys to bind to the exchange.
+    - `declare`: If true, declare the queue on startup.
+    - `prefetch`: Per-consumer QoS prefetch.
+    - `delivery_limit`: x-delivery-limit for quorum queues.
+    - `dlx_name`, `dlq_name`: Optional overrides per queue.
+
+Example:
+
+```yaml
+rabbitmq:
+  enabled: true
+  url: amqp://guest:guest@localhost:5672/
+  tls:
+    # root_ca: /etc/ssl/certs/ca.pem
+    insecure_skip_validation: false
+    # server_name: rabbit.internal
+  exchanges:
+    - name: auth
+      kind: topic
+      durable: true
+      declare_exchange: true
+      queues:
+        - name: user.password.updated
+          declare: true
+          prefetch: 8
+          delivery_limit: 5
+          bindings:
+            - password.changed
+        - name: user.created
+          declare: true
+          prefetch: 8
+          delivery_limit: 5
+          bindings:
+            - user.created
+```
+
+### Handlers
+
+Handlers implement a simple interface:
+
+```go
+type Handler interface {
+    Handle(ctx context.Context, d amqp.Delivery) error
+}
+```
+
+Returning `nil` acknowledges the message. Returning a non-nil error causes the message to be requeued (subject to broker policies and delivery limits).
+
+Queue names are mapped to handlers in the stack. For example:
+
+- `user.password.updated` → updates an instance passphrase when a `password.changed` routing key is received.
+- `user.created` → validates and processes user creation events.
+
+Message schemas are JSON and validated in the handler. Example payload for `user.password.updated`:
+
+```json
+{
+  "twakeId": "string",
+  "iterations": 100000,
+  "hash": "base64",
+  "publicKey": "base64",
+  "privateKey": "cipherString",
+  "key": "cipherString",
+  "timestamp": 1726040000,
+  "domain": "example.cozy.cloud"
+}
+```
+
+Example payload for `user.created`:
+
+```json
+{
+  "twakeId": "string",
+  "mobile": "string",
+  "internalEmail": "string",
+  "iterations": 100000,
+  "hash": "base64",
+  "publicKey": "base64",
+  "privateKey": "cipherString",
+  "key": "cipherString",
+  "timestamp": 1726040000
+}
+```
+
+### Lifecycle
+
+On startup, if `rabbitmq.enabled` is true:
+
+1. The manager creates an AMQP connection (TLS if configured) and retries with exponential backoff.
+2. It declares configured exchanges and queues (if `declare_*` flags are set).
+3. It binds queues to their routing keys and starts consumers.
+4. It exposes a readiness channel internally so tests can wait until consumption is active.
+5. It monitors the connection and restarts consumers upon reconnection.
+
+### Adding a new queue handler
+
+Follow these steps to introduce a new queue and its handler.
+
+1) Define the message schema and the handler
+
+Create a handler type that implements the `Handle(ctx, d)` method and an accompanying message struct.
+
+```go
+// Example message payload consumed from the queue
+type ExampleEvent struct {
+    ID        string `json:"id"`
+    Action    string `json:"action"`
+    Timestamp int64  `json:"timestamp"`
+}
+
+// ExampleHandler processes ExampleEvent messages
+type ExampleHandler struct{}
+
+func NewExampleHandler() *ExampleHandler { return &ExampleHandler{} }
+
+func (h *ExampleHandler) Handle(ctx context.Context, d amqp.Delivery) error {
+    var msg ExampleEvent
+    if err := json.Unmarshal(d.Body, &msg); err != nil {
+        return fmt.Errorf("example: invalid payload: %w", err)
+    }
+    if msg.ID == "" {
+        return fmt.Errorf("example: missing id")
+    }
+    // TODO: implement business logic
+    return nil // ack
+}
+```
+
+2) Register the handler for a queue name
+
+Map the queue name to the handler so the manager knows which handler to use. This usually happens where queues are built from config.
+
+```go
+switch configQueue.Name {
+case "example.queue":
+    handler = NewExampleHandler()
+}
+```
+
+3) Configure the exchange and queue in `cozy.yaml`
+
+Add the queue under an exchange with the routing keys to bind.
+
+```yaml
+rabbitmq:
+  enabled: true
+  url: amqp://guest:guest@localhost:5672/
+  exchanges:
+    - name: auth
+      kind: topic
+      durable: true
+      declare_exchange: true
+      queues:
+        - name: example.queue
+          declare: true
+          prefetch: 8
+          delivery_limit: 5
+          bindings:
+            - example.created
+            - example.updated
+```
+
+4) Publish a message (example)
+
+```go
+ch.PublishWithContext(ctx,
+    "auth",            // exchange
+    "example.created", // routing key
+    false, false,
+    amqp.Publishing{
+        DeliveryMode: amqp.Persistent,
+        ContentType:  "application/json",
+        Body:         []byte(`{"id":"123","action":"created","timestamp":1726040000}`),
+    },
+)
+```
+
+

docs/toc.yml

@@ -51,6 +51,7 @@
     - "/realtime - Realtime": ./realtime.md
     - "/remote - Proxy for remote data/API": ./remote.md
     - " /remote/nextcloud - NextCloud": ./nextcloud.md
+    - "/rabbitmq - RabbitMQ integration": ./rabbitmq.md
     - "/settings - Settings": ./settings.md
     - " /settings - Terms of Services": ./user-action-required.md
     - "/sharings - Sharing": ./sharing.md

go.mod

@@ -36,6 +36,7 @@ require (
 	github.com/oschwald/maxminddb-golang v1.13.1
 	github.com/pquerna/otp v1.4.0
 	github.com/prometheus/client_golang v1.18.0
+	github.com/rabbitmq/amqp091-go v1.9.0
 	github.com/redis/go-redis/v9 v9.4.0
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/sideshow/apns2 v0.23.0
@@ -44,6 +45,7 @@ require (
 	github.com/spf13/cobra v1.8.1
 	github.com/spf13/viper v1.19.0
 	github.com/stretchr/testify v1.9.0
+	github.com/testcontainers/testcontainers-go v0.31.0
 	github.com/ugorji/go/codec v1.2.12
 	github.com/yuin/goldmark v1.7.4
 	golang.org/x/crypto v0.31.0
@@ -65,22 +67,36 @@ require (
 	cloud.google.com/go/iam v1.1.7 // indirect
 	cloud.google.com/go/longrunning v0.5.6 // indirect
 	cloud.google.com/go/storage v1.40.0 // indirect
+	dario.cat/mergo v1.0.0 // indirect
+	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
 	github.com/MicahParks/keyfunc v1.9.0 // indirect
+	github.com/Microsoft/go-winio v0.6.1 // indirect
+	github.com/Microsoft/hcsshim v0.11.4 // indirect
 	github.com/TylerBrock/colorjson v0.0.0-20200706003622-8a50f05110d2 // indirect
 	github.com/ajg/form v1.5.1 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
+	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/containerd/containerd v1.7.15 // indirect
+	github.com/containerd/log v0.1.0 // indirect
+	github.com/cpuguy83/dockercfg v0.3.1 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
+	github.com/distribution/reference v0.5.0 // indirect
+	github.com/docker/docker v25.0.5+incompatible // indirect
+	github.com/docker/go-connections v0.5.0 // indirect
+	github.com/docker/go-units v0.5.0 // indirect
 	github.com/fatih/color v1.15.0 // indirect
 	github.com/fatih/structs v1.1.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/go-logr/logr v1.4.1 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/go-ole/go-ole v1.2.6 // indirect
 	github.com/gobwas/glob v0.2.3 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
 	github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
 	github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 // indirect
@@ -97,16 +113,26 @@ require (
 	github.com/jonas-p/go-shp v0.1.1 // indirect
 	github.com/klauspost/compress v1.17.2 // indirect
 	github.com/labstack/gommon v0.4.2 // indirect
+	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
 	github.com/magiconair/properties v1.8.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/moby/patternmatcher v0.6.0 // indirect
+	github.com/moby/sys/sequential v0.5.0 // indirect
+	github.com/moby/sys/user v0.1.0 // indirect
+	github.com/moby/term v0.5.0 // indirect
+	github.com/morikuni/aec v1.0.0 // indirect
 	github.com/onsi/ginkgo v1.16.5 // indirect
 	github.com/onsi/gomega v1.18.1 // indirect
+	github.com/opencontainers/go-digest v1.0.0 // indirect
+	github.com/opencontainers/image-spec v1.1.0 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.2 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
+	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
 	github.com/prometheus/client_model v0.5.0 // indirect
 	github.com/prometheus/common v0.45.0 // indirect
 	github.com/prometheus/procfs v0.12.0 // indirect
@@ -115,11 +141,15 @@ require (
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
 	github.com/sanity-io/litter v1.5.5 // indirect
 	github.com/sergi/go-diff v1.3.1 // indirect
+	github.com/shirou/gopsutil/v3 v3.23.12 // indirect
+	github.com/shoenig/go-m1cpu v0.1.6 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
 	github.com/spf13/cast v1.6.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/stretchr/objx v0.5.2 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
+	github.com/tklauser/go-sysconf v0.3.12 // indirect
+	github.com/tklauser/numcpus v0.6.1 // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fasthttp v1.44.0 // indirect
 	github.com/valyala/fasttemplate v1.2.2 // indirect
@@ -129,6 +159,7 @@ require (
 	github.com/yalp/jsonpath v0.0.0-20180802001716-5cc68e5049a0 // indirect
 	github.com/yudai/gojsondiff v1.0.0 // indirect
 	github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82 // indirect
+	github.com/yusufpapurcu/wmi v1.2.3 // indirect
 	go.opencensus.io v0.24.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
@@ -138,8 +169,10 @@ require (
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.9.0 // indirect
 	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
+	golang.org/x/mod v0.17.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
+	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
 	google.golang.org/appengine/v2 v2.0.2 // indirect
 	google.golang.org/genproto v0.0.0-20240401170217-c3f982113cda // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20240513163218-0867130af1f8 // indirect