Add API permissions for akkounts VMs
Using the zerotier IP, which is the same as the knife-zero host.
This commit is contained in:
parent
8e0a66184c
commit
239b6aed51
|
@ -169,6 +169,11 @@ hosts.each do |host|
|
|||
end
|
||||
end
|
||||
|
||||
akkounts_ip_addresses = []
|
||||
search(:node, "role:akkounts").each do |node|
|
||||
akkounts_ip_addresses << node["knife_zero"]["host"]
|
||||
end
|
||||
|
||||
template "/opt/ejabberd/conf/ejabberd.yml" do
|
||||
source "ejabberd.yml.erb"
|
||||
mode 0640
|
||||
|
@ -178,7 +183,8 @@ template "/opt/ejabberd/conf/ejabberd.yml" do
|
|||
stun_auth_realm: "kosmos.org",
|
||||
turn_ip_address: node['ipaddress'],
|
||||
turn_min_port: node["kosmos-ejabberd"]["turn_min_port"],
|
||||
turn_max_port: node["kosmos-ejabberd"]["turn_max_port"]
|
||||
turn_max_port: node["kosmos-ejabberd"]["turn_max_port"],
|
||||
akkounts_ip_addresses: akkounts_ip_addresses
|
||||
notifies :run, "execute[ejabberdctl reload_config]", :delayed
|
||||
end
|
||||
|
||||
|
|
|
@ -174,6 +174,14 @@ api_permissions:
|
|||
what:
|
||||
- "status"
|
||||
- "connected_users_number"
|
||||
"akkounts":
|
||||
who:
|
||||
<% @akkounts_ip_addresses.each do |ip| -%>
|
||||
- ip: "<%= ip %>/8"
|
||||
<% end -%>
|
||||
what:
|
||||
- "add_rosteritem"
|
||||
- "delete_rosteritem"
|
||||
|
||||
language: "en"
|
||||
|
||||
|
|
Loading…
Reference in New Issue