Merge pull request 'Replace ejabberd cluster' (#375) from chore/ejabberd_cluster into master

Reviewed-on: #375

clients/ejabberd-1.json

@@ -1,4 +0,0 @@
-{
-  "name": "ejabberd-1",
-  "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoVmQAEmmAWjjzi5X8Ia\n9sl2aH8Lh0AsckM0aE3hvw9lGfbNCPpYWrr0uh7R6/+13Z0OghrT3yDAZ+XfH39Y\nuGomazTzSMMOEofjepo+nXSgq4meFfX5vobYG7rpBdz1EsIT1bElHduItA2zsw9J\nFpXtGd4BjumMq1VykSTA+QaEE8byes/+groQTtXPqXf5gJMxyGlh4SU0MzmkGHaW\n8c9BPCQrV0CMiuGOGJ5mZ28HajbvSg3+bpgwThh3M5uQaQ6on1N2pvJuBypUySS6\nyc4TauocUcUsULYXq9wM8/rqDYsUah0PR0WSiOi90m5thGeBchFAmhdCvrS34FlR\nVQIDAQAB\n-----END PUBLIC KEY-----\n"
-}

clients/ejabberd-2.json

@@ -1,4 +0,0 @@
-{
-  "name": "ejabberd-2",
-  "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudueTsPYnRXRu/rmMGZe\nI7LdyrWKdY9FJaRhkXR5J9Yb8QnIcDS7ZXDJsVhyQW8pZ2DuaIs5dmGYvRtmx0ol\nqHTEel01Q3/xI1blJoq4uRm639PB5M9dSJ0w+s6P5zj7rbFKpvMBYxBSK6z+gXIc\n/L1ayJ6JOssX5/tEvcvx/d4GIxof/Q+puACAXawx7W88Wl7yYWdBQ78uTPHzuMyB\n8BRYz24tki/O1fa9JijW32d3EELD0EccI3iJ+/CR4BFEEM2QdDczY/Q6Ny7h7inH\n/TdU246nvtJIx7bAZHmDIDva8YPtL27RIOQ3JqBBe7prQP5Q9MBGPyCXWAglj99a\n6QIDAQAB\n-----END PUBLIC KEY-----\n"
-}

clients/ejabberd-3.json

@@ -0,0 +1,4 @@
+{
+  "name": "ejabberd-3",
+  "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14PSaCOKMDIIBbSZcmRw\nvVx95IYJ7kZGUwo8xsVJyf4o1+oKKGfvsjVBacP4DxMJ/+g58Sc/j9risD2d5Ke9\nJ93BIaspPB3bQf+w84AVDJIqvRAhbmcYEqCq1vnddXiSw5ZWplTX4dAVV8P2c++i\nb0Ork2cj1x1r/FdAgHnhuSh4HMtWyo6Zo7Uh63kX9Ag4CTAV+OPF5ZSxyQTVdL2E\n/5gomouxgxME6bnE6PmS1Abls10UARe7btT5eykW/weEIe/mJ4MLEGyqWe5bmZt2\nF4aaYdCsCNA3f6hehcCegeMkPxuG/2oSyk2TKT2c3UuAELA15rGM353Dr1hxbZoe\nRQIDAQAB\n-----END PUBLIC KEY-----\n"
+}

clients/ejabberd-4.json

@@ -0,0 +1,4 @@
+{
+  "name": "ejabberd-4",
+  "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FuI13W2sft83OIWe59/\nYTfpTfKcYTCq5zAQEu87OYHHQeBAYo0W/g/qICh3qw0ie2QMPyggAezoeR5VQdLt\nkJq1X9AHqyX59YThzj7dLCCEKq+mAdriuKzNGu8eml4DRM3m+xw7jFzcwwrD8ECZ\nY+Kn7bcOtozx0mXpEm+cO2cOKmRQn0VJwAQSe6eW301iGmpR9et4hDqMjhiUiwaU\nWAqpsmP/JQMLAX2gLzwilD63VCQlcQCDq/D1m/N6bWb1L47zNAzwOCSYV92bGNDe\nRe+4gCVVLpfGWKbkjQFDraCmME7+O50WpbfowylF8gOzgl3AvnpC/LOSzT8VtMPr\nZQIDAQAB\n-----END PUBLIC KEY-----\n"
+}

nodes/ejabberd-3.json

@@ -1,19 +1,16 @@
 {
-  "name": "ejabberd-1",
+  "name": "ejabberd-3",
   "normal": {
     "knife_zero": {
-      "host": "10.1.1.166"
-    },
-    "kosmos-ejabberd": {
-      "erlang_node": "ejabberd@draco.kosmos.org"
+      "host": "10.1.1.212"
     }
   },
   "automatic": {
-    "fqdn": "ejabberd-1",
+    "fqdn": "ejabberd-3",
     "os": "linux",
-    "os_version": "5.4.0-54-generic",
-    "hostname": "ejabberd-1",
-    "ipaddress": "192.168.122.62",
+    "os_version": "5.4.0-1051-kvm",
+    "hostname": "ejabberd-3",
+    "ipaddress": "192.168.122.93",
     "roles": [
       "ejabberd",
       "postgresql_client"
@@ -21,7 +18,7 @@
     "recipes": [
       "kosmos-base",
       "kosmos-base::default",
-      "kosmos-postgresql::hostsfile",
+      "kosmos_postgresql::hostsfile",
       "kosmos-ejabberd",
       "kosmos-ejabberd::default",
       "kosmos-ejabberd::letsencrypt",
@@ -51,12 +48,13 @@
     "cloud": null,
     "chef_packages": {
       "chef": {
-        "version": "15.14.0",
-        "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.14.0/lib"
+        "version": "17.9.26",
+        "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/chef-17.9.26/lib",
+        "chef_effortless": null
       },
       "ohai": {
-        "version": "15.12.0",
-        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai"
+        "version": "17.9.1",
+        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/ohai-17.9.1/lib/ohai"
       }
     }
   },
@@ -64,4 +62,4 @@
     "recipe[kosmos-base]",
     "role[ejabberd]"
   ]
-}
+}

nodes/ejabberd-4.json

@@ -1,19 +1,16 @@
 {
-  "name": "ejabberd-2",
+  "name": "ejabberd-4",
   "normal": {
     "knife_zero": {
-      "host": "10.1.1.44"
-    },
-    "kosmos-ejabberd": {
-      "erlang_node": "ejabberd@centaurus.kosmos.org"
+      "host": "10.1.1.113"
     }
   },
   "automatic": {
-    "fqdn": "ejabberd-2",
+    "fqdn": "ejabberd-4",
     "os": "linux",
-    "os_version": "5.4.0-54-generic",
-    "hostname": "ejabberd-2",
-    "ipaddress": "192.168.122.5",
+    "os_version": "5.4.0-1051-kvm",
+    "hostname": "ejabberd-4",
+    "ipaddress": "192.168.122.39",
     "roles": [
       "ejabberd",
       "postgresql_client"
@@ -21,7 +18,7 @@
     "recipes": [
       "kosmos-base",
       "kosmos-base::default",
-      "kosmos-postgresql::hostsfile",
+      "kosmos_postgresql::hostsfile",
       "kosmos-ejabberd",
       "kosmos-ejabberd::default",
       "kosmos-ejabberd::letsencrypt",
@@ -51,12 +48,13 @@
     "cloud": null,
     "chef_packages": {
       "chef": {
-        "version": "15.14.0",
-        "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.14.0/lib"
+        "version": "17.9.26",
+        "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/chef-17.9.26/lib",
+        "chef_effortless": null
       },
       "ohai": {
-        "version": "15.12.0",
-        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai"
+        "version": "17.9.1",
+        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/ohai-17.9.1/lib/ohai"
       }
     }
   },
@@ -64,4 +62,4 @@
     "recipe[kosmos-base]",
     "role[ejabberd]"
   ]
-}
+}

site-cookbooks/kosmos-ejabberd/metadata.rb

@@ -26,3 +26,4 @@ depends "kosmos_postgresql"
 depends "backup"
 depends "firewall"
 depends "tor-full"
+depends "hostsfile"

site-cookbooks/kosmos-ejabberd/recipes/default.rb

@@ -2,27 +2,6 @@
 # Cookbook:: kosmos-ejabberd
 # Recipe:: default
 #
-# The MIT License (MIT)
-#
-# Copyright:: 2019, Kosmos Developers
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
 
 ejabberd_credentials = data_bag_item("credentials", "ejabberd")
 
@@ -50,15 +29,25 @@ file "/opt/ejabberd/.erlang.cookie" do
   content ejabberd_credentials['erlang_cookie']
 end
 
+ejabberd_nodes = search(:node, "role:ejabberd")
+
+ejabberd_nodes.each do |n|
+  ip_address = n["knife_zero"]["host"]
+  IPAddr.new ip_address
+  hostsfile_entry ip_address do
+    hostname n["hostname"]
+    action :create
+  end
+rescue IPAddr::InvalidAddressError
+  next
+end
+
+ejabberd_hostnames = ejabberd_nodes.map { |n| n["hostname"] }
 file "/opt/ejabberd/.hosts.erlang" do
   mode "0644"
   owner "ejabberd"
   group "ejabberd"
-  content <<-EOF
-"andromeda.kosmos.org".
-"centaurus.kosmos.org".
-"draco.kosmos.org".
-  EOF
+  content ejabberd_hostnames.map{|h| "#{h}."}.join("\n")
 end
 
 ruby_block "configure ERLANG_NODE" do
@@ -66,7 +55,7 @@ ruby_block "configure ERLANG_NODE" do
     file = Chef::Util::FileEdit.new("/opt/ejabberd/conf/ejabberdctl.cfg")
     file.search_file_replace_line(
       %r{#ERLANG_NODE=ejabberd@localhost},
-      "ERLAND_NODE=#{node['kosmos-ejabberd']['erlang_node']}"
+      "ERLANG_NODE=ejabberd@#{node['name']}"
     )
     file.write_file
   end

site-cookbooks/kosmos-ejabberd/recipes/firewall.rb

@@ -2,28 +2,6 @@
 # Cookbook:: kosmos-ejabberd
 # Recipe:: firewall
 #
-# The MIT License (MIT)
-#
-# Copyright:: 2020, Kosmos Developers
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-
 include_recipe "kosmos-base::firewall"
 
 firewall_rule "ejabberd" do
@@ -34,12 +12,14 @@ end
 
 firewall_rule 'ejabberd_cluster' do
   port     [4369]
+  source   "10.1.1.0/24"
   protocol :tcp
   command  :allow
 end
 
 firewall_rule 'erlang_cluster' do
   port     [4200..4210]
+  source   "10.1.1.0/24"
   protocol :tcp
   command  :allow
 end