Installing and Configuring RabbitMQ on FreeBSD 14.0

RabbitMQ is an open-source message broker that facilitates communication between distributed systems using message queuing. It implements the Advanced Message Queuing Protocol (AMQP) to ensure reliable and asynchronous message exchange. Supporting various messaging paradigms such as publish/subscribe, request/reply, and point-to-point, RabbitMQ also guarantees persistence, security, and fault tolerance. These features make it a robust solution for high-throughput application environments.

This guide walks you through setting up RabbitMQ on FreeBSD 14.0 and using the web-based admin interface to manage queues.

Prerequisites

Before proceeding, make sure to:

• Deploy a FreeBSD 14.0 environment.
• Create an A record that points your domain to the instance’s public IP.
• Connect to the instance using SSH.
• Set up a non-root user account with sudo access and switch to it.

Installing RabbitMQ on FreeBSD 14.0

RabbitMQ is part of the standard FreeBSD 14.0 package repositories. You can also opt to install a specific version through the ports system or using a generic binary package. The steps below cover installation using the default pkg package manager.

Update the Package Index

$ sudo pkg update

Install the RabbitMQ Package

$ sudo pkg install -y rabbitmq

Enable RabbitMQ to Start at Boot

$ sudo sysrc rabbitmq_enable=YES

Start the RabbitMQ Service

$ sudo service rabbitmq start

Check RabbitMQ Service Status

$ sudo service rabbitmq status

Example Output:

Status of node ……
Runtime

OS PID: 1283
OS: FreeBSD
Uptime (seconds): 7
Is under maintenance?: false

Listeners

Interface: [::], port: 25672, protocol: clustering, purpose: inter-node and CLI tool communication
Interface: [::], port: 5672, protocol: amqp, purpose: AMQP 0-9-1 and AMQP 1.0
Interface: 0.0.0.0, port: 5672, protocol: amqp, purpose: AMQP 0-9-1 and AMQP 1.0

If you need an alternative configuration, consider checking out a guide for installing RabbitMQ on Ubuntu to boost your message processing capabilities.

Setting Up RabbitMQ

While RabbitMQ provides a command-line interface by default, its web-based admin console offers a user-friendly way to manage nodes and queues. Follow these steps to activate the web interface and configure administrative access.

Enable the Web Management Plugin

$ sudo rabbitmq-plugins enable rabbitmq_management

Output:

Enabling plugins on node rabbit@centron:
rabbitmq_management
The following plugins have been configured:
rabbitmq_management
rabbitmq_management_agent
rabbitmq_web_dispatch
Applying plugin configuration to rabbit@centron…
The following plugins have been enabled:
rabbitmq_management
rabbitmq_management_agent
rabbitmq_web_dispatch

set 3 plugins.
Offline change; changes will take effect at broker restart.

Create an Admin User

$ sudo -u rabbitmq rabbitmqctl add_user admin strong_password

Output:

Adding user “admin” …
Done. Don’t forget to grant the user permissions to some virtual hosts! See ‘rabbitmqctl help set_permissions’ to learn more.

Assign Administrator Role

$ sudo -u rabbitmq rabbitmqctl set_user_tags admin administrator

Output:

Setting tags for user “admin” to [administrator] …

Grant Full Permissions

$ sudo -u rabbitmq rabbitmqctl set_permissions admin ".*" ".*" ".*"

The use of “.*” in the command is a regex that grants full access to perform configure, write, and read operations.

Restart RabbitMQ

$ sudo service rabbitmq restart

Output:

Stopping rabbitmq.
Starting rabbitmq.

Securing RabbitMQ with Nginx and SSL on FreeBSD 14.0

By default, RabbitMQ makes its web-based admin interface accessible on port 15672. To enhance security, it’s advisable to route this interface through a reverse proxy and encrypt the traffic with SSL. Below are the steps to set up Nginx as the reverse proxy and configure IPFW firewall rules to allow access via SSH, HTTP, and HTTPS.

Remove the Default Guest Account

$ sudo -u rabbitmq rabbitmqctl delete_user guest

Output:
Deleting user “guest” …

Install and Enable Nginx

$ sudo pkg install -y nginx

$ sudo sysrc nginx_enable=yes

Create Directory for Virtual Hosts

$ sudo mkdir /usr/local/etc/nginx/conf.d

Configure a Virtual Host

$ sudo vi /usr/local/etc/nginx/conf.d/app.example.com.conf

Add the content below, adjusting app.example.com to match your actual domain:

server {
    listen 80;
    listen [::]:80;

    server_name app.example.com;

    location / {
        proxy_pass http://localhost:15672;
        proxy_set_header Host              $host;
        proxy_set_header Upgrade           $http_upgrade;
        proxy_set_header Connection        "upgrade";
        proxy_set_header X-Real-IP         $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host  $host;
        proxy_set_header X-Forwarded-Port  $server_port;
    }
}

This configuration establishes a virtual host that listens on port 80 and redirects traffic to RabbitMQ’s web interface on port 15672.

Modify the Main Nginx Config

$ sudo vi /usr/local/etc/nginx/nginx.conf

Insert the following directive before the closing } in the file:

include conf.d/*;

This line tells Nginx to load additional virtual host settings from the conf.d folder.

Test and Apply Nginx Configuration

$ sudo nginx -t

Output:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful

$ sudo service nginx restart

Output:
Performing sanity check on nginx configuration:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Starting nginx.

Install Certbot for SSL Encryption

$ sudo pkg install -y security/py-certbot security/py-certbot-nginx

Generate SSL Certificate with Certbot

Replace app.example.com and hello@example.com with your actual domain and email:

$ sudo certbot --nginx -d app.example.com -m hello@example.com --agree-tos

Enable Weekly SSL Certificate Renewal

$ echo weekly_certbot_enable="YES" | sudo tee -a /etc/periodic.conf

Setting Up IPFW Firewall on FreeBSD

Enable the IPFW Firewall at Boot

$ sudo sysrc firewall_enable="YES"

Output:
firewall_enable: NO -> YES

Suppress Firewall Load Messages

$ sudo sysrc firewall_quiet="YES"

Output:
firewall_quiet: NO -> YES

Set Firewall Type to Workstation

$ sudo sysrc firewall_type="workstation"

Output:
firewall_type: UNKNOWN -> workstation

Permit Common Service Ports

$ sudo sysrc firewall_myservices="ssh/tcp http/tcp https/tcp"

Output:
firewall_myservices: -> ssh/tcp http/tcp https/tcp

Allow All IPs to Access the Services

$ sudo sysrc firewall_allowservices="any"

Activate IPFW Firewall Rules

$ sudo service ipfw start

Accessing the RabbitMQ Web Console

To manage queues and nodes on your RabbitMQ server, follow these instructions to open the web-based administrative interface.

In a browser like Chrome, navigate to your RabbitMQ domain (e.g., rabbitmq.example.com):

https://your-domain.com

Once the page loads, confirm that the RabbitMQ login interface is shown. Enter the administrator credentials you created earlier to sign in.

After logging in, the RabbitMQ web interface will let you view and control tasks related to queue and node operations.

Conclusion

You’ve successfully deployed RabbitMQ on FreeBSD 14.0 and configured it for secure user authentication. As a powerful message broker, RabbitMQ can be integrated into application ecosystems to handle queuing workloads efficiently. For more advanced setup guides and details, consult the official RabbitMQ documentation.