diff --git a/pikatasks/settings.py b/pikatasks/settings.py
index 1b6c58c5cee73c8de800029e710930af0ef43def..c8fb803b1b9e8ed6f449de69c02de5b7725a6f6f 100644
--- a/pikatasks/settings.py
+++ b/pikatasks/settings.py
@@ -11,7 +11,8 @@ from datetime import timedelta
# stuff you want to change:
-BROKER = "localhost"
+BROKER_HOST = "localhost"
+BROKER_PORT = "5672"
VIRTUAL_HOST = "vhost"
USERNAME = "user"
PASSWORD = "password"
@@ -20,6 +21,15 @@ CLIENT_EXCHANGE_NAME = "" # empty string -> amq.default exchange
WORKER_TASK_PROCESSES = 10 # this many processes will be executing tasks
+SSL_ENABLED = True
+SSL_CONF = {
+ # # See ssl.wrap_socket() documentation: https://docs.python.org/3.6/library/ssl.html#ssl.wrap_socket
+ # "keyfile": "/foo/client/key.pem",
+ # "certfile": "/foo/client/cert.pem",
+ # "ca_certs": "/foo/ca/cacert.pem",
+ # "ssl_version": ssl.PROTOCOL_TLSv1_2,
+ # "cert_reqs": ssl.CERT_NONE,
+}
# stuff you might want to change sometimes:
RPC_TIMEOUT = timedelta(seconds=10) # affects client behaviour and message TTL
diff --git a/pikatasks/utils.py b/pikatasks/utils.py
index 82fb2701b4a3e24d9c7db90f4049ab1ac8f7e867..cacf23158f7ea0fc3e81f20f936d2b15e60d6f30 100644
--- a/pikatasks/utils.py
+++ b/pikatasks/utils.py
@@ -17,10 +17,16 @@ def deserialize(binary):
def get_pika_connection_parameters():
return pika.ConnectionParameters(
- host=settings.BROKER,
+ host=settings.BROKER_HOST,
+ port=int(settings.BROKER_PORT),
virtual_host=settings.VIRTUAL_HOST,
- credentials=pika.PlainCredentials(username=settings.USERNAME, password=settings.PASSWORD),
+ credentials=pika.PlainCredentials(
+ username=settings.USERNAME,
+ password=settings.PASSWORD
+ ),
blocked_connection_timeout=settings.BLOCKED_CONNECTION_TIMEOUT.total_seconds(), # TODO: causes a warning when closing connections
+ ssl=settings.SSL_ENABLED,
+ ssl_options=settings.SSL_CONF,
)