diff --git a/clients/ejabberd-1.json b/clients/ejabberd-1.json deleted file mode 100644 index 1d6a89b..0000000 --- a/clients/ejabberd-1.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "name": "ejabberd-1", - "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoVmQAEmmAWjjzi5X8Ia\n9sl2aH8Lh0AsckM0aE3hvw9lGfbNCPpYWrr0uh7R6/+13Z0OghrT3yDAZ+XfH39Y\nuGomazTzSMMOEofjepo+nXSgq4meFfX5vobYG7rpBdz1EsIT1bElHduItA2zsw9J\nFpXtGd4BjumMq1VykSTA+QaEE8byes/+groQTtXPqXf5gJMxyGlh4SU0MzmkGHaW\n8c9BPCQrV0CMiuGOGJ5mZ28HajbvSg3+bpgwThh3M5uQaQ6on1N2pvJuBypUySS6\nyc4TauocUcUsULYXq9wM8/rqDYsUah0PR0WSiOi90m5thGeBchFAmhdCvrS34FlR\nVQIDAQAB\n-----END PUBLIC KEY-----\n" -} \ No newline at end of file diff --git a/clients/ejabberd-2.json b/clients/ejabberd-2.json deleted file mode 100644 index 1d3e5f3..0000000 --- a/clients/ejabberd-2.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "name": "ejabberd-2", - "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudueTsPYnRXRu/rmMGZe\nI7LdyrWKdY9FJaRhkXR5J9Yb8QnIcDS7ZXDJsVhyQW8pZ2DuaIs5dmGYvRtmx0ol\nqHTEel01Q3/xI1blJoq4uRm639PB5M9dSJ0w+s6P5zj7rbFKpvMBYxBSK6z+gXIc\n/L1ayJ6JOssX5/tEvcvx/d4GIxof/Q+puACAXawx7W88Wl7yYWdBQ78uTPHzuMyB\n8BRYz24tki/O1fa9JijW32d3EELD0EccI3iJ+/CR4BFEEM2QdDczY/Q6Ny7h7inH\n/TdU246nvtJIx7bAZHmDIDva8YPtL27RIOQ3JqBBe7prQP5Q9MBGPyCXWAglj99a\n6QIDAQAB\n-----END PUBLIC KEY-----\n" -} \ No newline at end of file diff --git a/clients/ejabberd-3.json b/clients/ejabberd-3.json new file mode 100644 index 0000000..061b8d6 --- /dev/null +++ b/clients/ejabberd-3.json @@ -0,0 +1,4 @@ +{ + "name": "ejabberd-3", + "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14PSaCOKMDIIBbSZcmRw\nvVx95IYJ7kZGUwo8xsVJyf4o1+oKKGfvsjVBacP4DxMJ/+g58Sc/j9risD2d5Ke9\nJ93BIaspPB3bQf+w84AVDJIqvRAhbmcYEqCq1vnddXiSw5ZWplTX4dAVV8P2c++i\nb0Ork2cj1x1r/FdAgHnhuSh4HMtWyo6Zo7Uh63kX9Ag4CTAV+OPF5ZSxyQTVdL2E\n/5gomouxgxME6bnE6PmS1Abls10UARe7btT5eykW/weEIe/mJ4MLEGyqWe5bmZt2\nF4aaYdCsCNA3f6hehcCegeMkPxuG/2oSyk2TKT2c3UuAELA15rGM353Dr1hxbZoe\nRQIDAQAB\n-----END PUBLIC KEY-----\n" +} \ No newline at end of file diff --git a/clients/ejabberd-4.json b/clients/ejabberd-4.json new file mode 100644 index 0000000..14b1eaa --- /dev/null +++ b/clients/ejabberd-4.json @@ -0,0 +1,4 @@ +{ + "name": "ejabberd-4", + "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FuI13W2sft83OIWe59/\nYTfpTfKcYTCq5zAQEu87OYHHQeBAYo0W/g/qICh3qw0ie2QMPyggAezoeR5VQdLt\nkJq1X9AHqyX59YThzj7dLCCEKq+mAdriuKzNGu8eml4DRM3m+xw7jFzcwwrD8ECZ\nY+Kn7bcOtozx0mXpEm+cO2cOKmRQn0VJwAQSe6eW301iGmpR9et4hDqMjhiUiwaU\nWAqpsmP/JQMLAX2gLzwilD63VCQlcQCDq/D1m/N6bWb1L47zNAzwOCSYV92bGNDe\nRe+4gCVVLpfGWKbkjQFDraCmME7+O50WpbfowylF8gOzgl3AvnpC/LOSzT8VtMPr\nZQIDAQAB\n-----END PUBLIC KEY-----\n" +} \ No newline at end of file diff --git a/nodes/ejabberd-1.json b/nodes/ejabberd-3.json similarity index 67% rename from nodes/ejabberd-1.json rename to nodes/ejabberd-3.json index ade9b42..8733ff7 100644 --- a/nodes/ejabberd-1.json +++ b/nodes/ejabberd-3.json @@ -1,19 +1,16 @@ { - "name": "ejabberd-1", + "name": "ejabberd-3", "normal": { "knife_zero": { - "host": "10.1.1.166" - }, - "kosmos-ejabberd": { - "erlang_node": "ejabberd@draco.kosmos.org" + "host": "10.1.1.212" } }, "automatic": { - "fqdn": "ejabberd-1", + "fqdn": "ejabberd-3", "os": "linux", - "os_version": "5.4.0-54-generic", - "hostname": "ejabberd-1", - "ipaddress": "192.168.122.62", + "os_version": "5.4.0-1051-kvm", + "hostname": "ejabberd-3", + "ipaddress": "192.168.122.93", "roles": [ "ejabberd", "postgresql_client" @@ -21,7 +18,7 @@ "recipes": [ "kosmos-base", "kosmos-base::default", - "kosmos-postgresql::hostsfile", + "kosmos_postgresql::hostsfile", "kosmos-ejabberd", "kosmos-ejabberd::default", "kosmos-ejabberd::letsencrypt", @@ -51,12 +48,13 @@ "cloud": null, "chef_packages": { "chef": { - "version": "15.14.0", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.14.0/lib" + "version": "17.9.26", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/chef-17.9.26/lib", + "chef_effortless": null }, "ohai": { - "version": "15.12.0", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai" + "version": "17.9.1", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/ohai-17.9.1/lib/ohai" } } }, @@ -64,4 +62,4 @@ "recipe[kosmos-base]", "role[ejabberd]" ] -} +} \ No newline at end of file diff --git a/nodes/ejabberd-2.json b/nodes/ejabberd-4.json similarity index 67% rename from nodes/ejabberd-2.json rename to nodes/ejabberd-4.json index cbb250b..2fbc4d9 100644 --- a/nodes/ejabberd-2.json +++ b/nodes/ejabberd-4.json @@ -1,19 +1,16 @@ { - "name": "ejabberd-2", + "name": "ejabberd-4", "normal": { "knife_zero": { - "host": "10.1.1.44" - }, - "kosmos-ejabberd": { - "erlang_node": "ejabberd@centaurus.kosmos.org" + "host": "10.1.1.113" } }, "automatic": { - "fqdn": "ejabberd-2", + "fqdn": "ejabberd-4", "os": "linux", - "os_version": "5.4.0-54-generic", - "hostname": "ejabberd-2", - "ipaddress": "192.168.122.5", + "os_version": "5.4.0-1051-kvm", + "hostname": "ejabberd-4", + "ipaddress": "192.168.122.39", "roles": [ "ejabberd", "postgresql_client" @@ -21,7 +18,7 @@ "recipes": [ "kosmos-base", "kosmos-base::default", - "kosmos-postgresql::hostsfile", + "kosmos_postgresql::hostsfile", "kosmos-ejabberd", "kosmos-ejabberd::default", "kosmos-ejabberd::letsencrypt", @@ -51,12 +48,13 @@ "cloud": null, "chef_packages": { "chef": { - "version": "15.14.0", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.14.0/lib" + "version": "17.9.26", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/chef-17.9.26/lib", + "chef_effortless": null }, "ohai": { - "version": "15.12.0", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai" + "version": "17.9.1", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/ohai-17.9.1/lib/ohai" } } }, @@ -64,4 +62,4 @@ "recipe[kosmos-base]", "role[ejabberd]" ] -} +} \ No newline at end of file diff --git a/site-cookbooks/kosmos-ejabberd/metadata.rb b/site-cookbooks/kosmos-ejabberd/metadata.rb index 0131259..a47ac07 100644 --- a/site-cookbooks/kosmos-ejabberd/metadata.rb +++ b/site-cookbooks/kosmos-ejabberd/metadata.rb @@ -26,3 +26,4 @@ depends "kosmos_postgresql" depends "backup" depends "firewall" depends "tor-full" +depends "hostsfile" diff --git a/site-cookbooks/kosmos-ejabberd/recipes/default.rb b/site-cookbooks/kosmos-ejabberd/recipes/default.rb index 20181b6..8ef2b26 100644 --- a/site-cookbooks/kosmos-ejabberd/recipes/default.rb +++ b/site-cookbooks/kosmos-ejabberd/recipes/default.rb @@ -2,27 +2,6 @@ # Cookbook:: kosmos-ejabberd # Recipe:: default # -# The MIT License (MIT) -# -# Copyright:: 2019, Kosmos Developers -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. ejabberd_credentials = data_bag_item("credentials", "ejabberd") @@ -50,15 +29,25 @@ file "/opt/ejabberd/.erlang.cookie" do content ejabberd_credentials['erlang_cookie'] end +ejabberd_nodes = search(:node, "role:ejabberd") + +ejabberd_nodes.each do |n| + ip_address = n["knife_zero"]["host"] + IPAddr.new ip_address + hostsfile_entry ip_address do + hostname n["hostname"] + action :create + end +rescue IPAddr::InvalidAddressError + next +end + +ejabberd_hostnames = ejabberd_nodes.map { |n| n["hostname"] } file "/opt/ejabberd/.hosts.erlang" do mode "0644" owner "ejabberd" group "ejabberd" - content <<-EOF -"andromeda.kosmos.org". -"centaurus.kosmos.org". -"draco.kosmos.org". - EOF + content ejabberd_hostnames.map{|h| "#{h}."}.join("\n") end ruby_block "configure ERLANG_NODE" do @@ -66,7 +55,7 @@ ruby_block "configure ERLANG_NODE" do file = Chef::Util::FileEdit.new("/opt/ejabberd/conf/ejabberdctl.cfg") file.search_file_replace_line( %r{#ERLANG_NODE=ejabberd@localhost}, - "ERLAND_NODE=#{node['kosmos-ejabberd']['erlang_node']}" + "ERLANG_NODE=ejabberd@#{node['name']}" ) file.write_file end diff --git a/site-cookbooks/kosmos-ejabberd/recipes/firewall.rb b/site-cookbooks/kosmos-ejabberd/recipes/firewall.rb index 5d2ac3a..968da9b 100644 --- a/site-cookbooks/kosmos-ejabberd/recipes/firewall.rb +++ b/site-cookbooks/kosmos-ejabberd/recipes/firewall.rb @@ -2,28 +2,6 @@ # Cookbook:: kosmos-ejabberd # Recipe:: firewall # -# The MIT License (MIT) -# -# Copyright:: 2020, Kosmos Developers -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. - include_recipe "kosmos-base::firewall" firewall_rule "ejabberd" do @@ -34,12 +12,14 @@ end firewall_rule 'ejabberd_cluster' do port [4369] + source "10.1.1.0/24" protocol :tcp command :allow end firewall_rule 'erlang_cluster' do port [4200..4210] + source "10.1.1.0/24" protocol :tcp command :allow end