Move each vhost to its own config file
This commit is contained in:
Greg Karékinian
parent
463664448c
commit
38f39af2a4
@ -104,6 +104,12 @@ modules:
|
|||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|
||||||
|
ldap_domain = node['kosmos-dirsrv']['master_hostname']
|
||||||
|
ldap_encryption_type = node.chef_environment == "development" ? "none" : "tls"
|
||||||
|
ldap_base = "cn=users,dc=kosmos,dc=org"
|
||||||
|
|
||||||
|
admin_users = ejabberd_credentials['admins']
|
||||||
|
|
||||||
hosts.each do |host|
|
hosts.each do |host|
|
||||||
postgresql_database host[:sql_database] do
|
postgresql_database host[:sql_database] do
|
||||||
owner 'ejabberd'
|
owner 'ejabberd'
|
||||||
@ -116,14 +122,21 @@ hosts.each do |host|
|
|||||||
command "psql #{host[:sql_database]}} < #{Chef::Config[:file_cache_path]}/pg.sql"
|
command "psql #{host[:sql_database]}} < #{Chef::Config[:file_cache_path]}/pg.sql"
|
||||||
action :nothing
|
action :nothing
|
||||||
end
|
end
|
||||||
|
|
||||||
|
template "/opt/ejabberd/conf/#{host[:name]}.yml" do
|
||||||
|
source "vhost.yml.erb"
|
||||||
|
mode 0640
|
||||||
|
owner 'ejabberd'
|
||||||
|
group 'ejabberd'
|
||||||
|
sensitive true
|
||||||
|
variables pgsql_password: postgresql_data_bag_item['ejabberd_user_password'],
|
||||||
|
host: host,
|
||||||
|
ldap_base: ldap_base,
|
||||||
|
ldap_server: ldap_domain,
|
||||||
|
ldap_encryption_type: ldap_encryption_type
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
ldap_domain = node['kosmos-dirsrv']['master_hostname']
|
|
||||||
ldap_encryption_type = node.chef_environment == "development" ? "none" : "tls"
|
|
||||||
ldap_base = "cn=users,dc=kosmos,dc=org"
|
|
||||||
|
|
||||||
admin_users = ejabberd_credentials['admins']
|
|
||||||
|
|
||||||
template "/opt/ejabberd/conf/ejabberd.yml" do
|
template "/opt/ejabberd/conf/ejabberd.yml" do
|
||||||
source "ejabberd.yml.erb"
|
source "ejabberd.yml.erb"
|
||||||
mode 0640
|
mode 0640
|
||||||
|
|||||||
@ -6,40 +6,10 @@ log_rotate_count: 1
|
|||||||
|
|
||||||
log_rate_limit: 100
|
log_rate_limit: 100
|
||||||
|
|
||||||
hosts:
|
|
||||||
<% @hosts.each do |host| -%>
|
<% @hosts.each do |host| -%>
|
||||||
- "<%= host[:name] %>"
|
include_config_file: "/opt/ejabberd/conf/<%= host[:name] %>.yml"
|
||||||
<% end -%>
|
<% end -%>
|
||||||
|
|
||||||
host_config:
|
|
||||||
<% @hosts.each do |host| -%>
|
|
||||||
"<%= host[:name] %>":
|
|
||||||
sql_type: pgsql
|
|
||||||
sql_server: "localhost"
|
|
||||||
sql_database: "<%= host[:sql_database] %>"
|
|
||||||
sql_username: "ejabberd"
|
|
||||||
sql_password: "<%= @pgsql_password %>"
|
|
||||||
<% if host[:ldap_enabled] -%>
|
|
||||||
auth_method: ldap
|
|
||||||
ldap_servers: ["<%= @ldap_server %>"]
|
|
||||||
ldap_rootdn: "cn=xmpp,ou=<%= host[:name] %>,<%= @ldap_base %>"
|
|
||||||
ldap_password: "<%= host[:ldap_password] %>"
|
|
||||||
ldap_encrypt: <%= @ldap_encryption_type %>
|
|
||||||
ldap_tls_verify: hard # when TLS is enabled, don't proceed if a cert is invalid
|
|
||||||
ldap_base: "ou=<%= host[:name] %>,<%= @ldap_base %>"
|
|
||||||
ldap_filter: "(nsRole=cn=xmpp_role,ou=<%= host[:name] %>,<%= @ldap_base %>)"
|
|
||||||
<% end -%>
|
|
||||||
<% end -%>
|
|
||||||
|
|
||||||
<% if @hosts.any? { |host| File.exist?("/opt/ejabberd/conf/#{host[:name]}.crt") && File.exist?("/opt/ejabberd/conf/#{host[:name]}.key") } -%>
|
|
||||||
certfiles:
|
|
||||||
<% @hosts.each do |host| -%>
|
|
||||||
<% if File.exist?("/opt/ejabberd/conf/#{host[:name]}.crt") && File.exist?("/opt/ejabberd/conf/#{host[:name]}.key") -%>
|
|
||||||
- "/opt/ejabberd/conf/<%= host[:name] %>.crt"
|
|
||||||
- "/opt/ejabberd/conf/<%= host[:name] %>.key"
|
|
||||||
<% end -%>
|
|
||||||
<% end -%>
|
|
||||||
<% end -%>
|
|
||||||
ca_file: "/opt/ejabberd/conf/cacert.pem"
|
ca_file: "/opt/ejabberd/conf/cacert.pem"
|
||||||
|
|
||||||
define_macro:
|
define_macro:
|
||||||
@ -248,12 +218,6 @@ modules:
|
|||||||
mod_s2s_dialback: {}
|
mod_s2s_dialback: {}
|
||||||
mod_http_api: {}
|
mod_http_api: {}
|
||||||
|
|
||||||
append_host_config:
|
|
||||||
<% @hosts.each do |host| -%>
|
|
||||||
"<%= host[:name] %>":
|
|
||||||
<%= host[:append_host_config].chomp %>
|
|
||||||
<% end -%>
|
|
||||||
|
|
||||||
allow_contrib_modules: true
|
allow_contrib_modules: true
|
||||||
|
|
||||||
### Local Variables:
|
### Local Variables:
|
||||||
|
|||||||
31
site-cookbooks/kosmos-ejabberd/templates/vhost.yml.erb
Normal file
31
site-cookbooks/kosmos-ejabberd/templates/vhost.yml.erb
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
# Generated by Chef for <%= @host[:name] %>
|
||||||
|
hosts:
|
||||||
|
- "<%= @host[:name] %>"
|
||||||
|
|
||||||
|
<% if File.exist?("/opt/ejabberd/conf/#{@host[:name]}.crt") && File.exist?("/opt/ejabberd/conf/#{@host[:name]}.key") -%>
|
||||||
|
certfiles:
|
||||||
|
- "/opt/ejabberd/conf/<%= @host[:name] %>.crt"
|
||||||
|
- "/opt/ejabberd/conf/<%= @host[:name] %>.key"
|
||||||
|
<% end -%>
|
||||||
|
host_config:
|
||||||
|
"<%= @host[:name] %>":
|
||||||
|
sql_type: pgsql
|
||||||
|
sql_server: "localhost"
|
||||||
|
sql_database: "<%= @host[:sql_database] %>"
|
||||||
|
sql_username: "ejabberd"
|
||||||
|
sql_password: "<%= @pgsql_password %>"
|
||||||
|
<% if @host[:ldap_enabled] -%>
|
||||||
|
auth_method: ldap
|
||||||
|
ldap_servers: ["<%= @ldap_server %>"]
|
||||||
|
ldap_rootdn: "cn=xmpp,ou=<%= @host[:name] %>,<%= @ldap_base %>"
|
||||||
|
ldap_password: "<%= @host[:ldap_password] %>"
|
||||||
|
ldap_encrypt: <%= @ldap_encryption_type %>
|
||||||
|
ldap_tls_verify: hard # when TLS is enabled, don't proceed if a cert is invalid
|
||||||
|
ldap_base: "ou=<%= @host[:name] %>,<%= @ldap_base %>"
|
||||||
|
ldap_filter: "(nsRole=cn=xmpp_role,ou=<%= @host[:name] %>,<%= @ldap_base %>)"
|
||||||
|
<% end -%>
|
||||||
|
|
||||||
|
append_host_config:
|
||||||
|
"<%= @host[:name] %>":
|
||||||
|
<%= @host[:append_host_config].chomp %>
|
||||||
|
|
||||||
Loading…
x
Reference in New Issue
Block a user