puppet: Always set the RabbitMQ nodename to zulip@localhost.

This is required in order to lock down the RabbitMQ port to only
listen on localhost.  If the nodename is `rabbit@hostname`, in most
circumstances the hostname will resolve to an external IP, which the
rabbitmq port will not be bound to.

Installs which used `rabbit@hostname`, due to RabbitMQ having been
installed before Zulip, would not have functioned if the host or
RabbitMQ service was restarted, as the localhost restrictions in the
RabbitMQ configuration would have made rabbitmqctl (and Zulip cron
jobs that call it) unable to find the rabbitmq server.

The previous commit ensures that configure-rabbitmq is re-run after
the nodename has changed.  However, rabbitmq needs to be stopped
before `rabbitmq-env.conf` is changed; we use an `onlyif` on an `exec`
to print the warning about the node change, and let the subsequent
config change and notify of the service and configure-rabbitmq to
complete the re-configuration.

docs/overview/changelog.md

@@ -7,6 +7,11 @@ up-to-date list of raw changes.
 
 ## Zulip 4.x series
 
+- Removed the `rabbitmq.nodename` configuration in `zulip.conf`; all
+  RabbitMQ instances will be reconfigured to have a nodename of
+  `zulip@localhost`. You can remove this setting from your
+  `zulip.conf` configuration file, if it exists.
+
 ## Zulip 4.8 -- 2021-12-01
 
 - CVE-2021-43791: Zulip could fail to enforce expiration dates

docs/production/deployment.md

@@ -641,12 +641,6 @@ connections.
 The version of PostgreSQL that is in use. Do not set by hand; use the
 [PostgreSQL upgrade tool](../production/upgrade-or-modify.html#upgrading-postgresql).
 
-### `[rabbitmq]`
-
-#### `nodename`
-
-The name used to identify the local RabbitMQ server; do not modify.
-
 ### `[memcached]`
 
 #### `memory`