Migrate ejabberd uploads to mod_s3_upload and Garage

In addition to installing and configuring the new module, this also
enables public access to the S3 API via `bucket-name.s3.kosmos.org` as
well as Web access on `bucket-name.web.s3.kosmos.org` (when enabled).

Also includes some drive-by improvements to Chef attribute naming and
usage.

Co-authored-by: Greg Karékinian <greg@karekinian.com>

nodes/ejabberd-4.json

@@ -1,5 +1,6 @@
 {
   "name": "ejabberd-4",
+  "chef_environment": "production",
   "normal": {
     "knife_zero": {
       "host": "10.1.1.113"
@@ -16,7 +17,8 @@
       "kvm_guest",
       "ldap_client",
       "ejabberd",
-      "postgresql_client"
+      "postgresql_client",
+      "garage_gateway"
     ],
     "recipes": [
       "kosmos-base",
@@ -24,6 +26,9 @@
       "kosmos_kvm::guest",
       "kosmos-dirsrv::hostsfile",
       "kosmos_postgresql::hostsfile",
+      "kosmos_garage",
+      "kosmos_garage::default",
+      "kosmos_garage::firewall_rpc",
       "kosmos-ejabberd::letsencrypt",
       "kosmos-ejabberd",
       "kosmos-ejabberd::default",
@@ -41,22 +46,22 @@
       "postfix::_attributes",
       "postfix::sasl_auth",
       "hostname::default",
+      "firewall::default",
       "kosmos-base::letsencrypt",
-      "kosmos-ejabberd::firewall",
-      "tor-full::default"
+      "kosmos-ejabberd::firewall"
     ],
     "platform": "ubuntu",
     "platform_version": "20.04",
     "cloud": null,
     "chef_packages": {
       "chef": {
-        "version": "17.9.26",
-        "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/chef-17.9.26/lib",
+        "version": "18.3.0",
+        "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.3.0/lib",
         "chef_effortless": null
       },
       "ohai": {
-        "version": "17.9.1",
-        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/ohai-17.9.1/lib/ohai"
+        "version": "18.1.4",
+        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai"
       }
     }
   },
@@ -66,4 +71,4 @@
     "role[ldap_client]",
     "role[ejabberd]"
   ]
-}
+}

nodes/ejabberd-8.json

@@ -1,5 +1,6 @@
 {
   "name": "ejabberd-8",
+  "chef_environment": "production",
   "normal": {
     "knife_zero": {
       "host": "10.1.1.123"
@@ -16,7 +17,8 @@
       "kvm_guest",
       "ldap_client",
       "ejabberd",
-      "postgresql_client"
+      "postgresql_client",
+      "garage_gateway"
     ],
     "recipes": [
       "kosmos-base",
@@ -24,6 +26,9 @@
       "kosmos_kvm::guest",
       "kosmos-dirsrv::hostsfile",
       "kosmos_postgresql::hostsfile",
+      "kosmos_garage",
+      "kosmos_garage::default",
+      "kosmos_garage::firewall_rpc",
       "kosmos-ejabberd::letsencrypt",
       "kosmos-ejabberd",
       "kosmos-ejabberd::default",
@@ -41,22 +46,22 @@
       "postfix::_attributes",
       "postfix::sasl_auth",
       "hostname::default",
+      "firewall::default",
       "kosmos-base::letsencrypt",
-      "kosmos-ejabberd::firewall",
-      "tor-full::default"
+      "kosmos-ejabberd::firewall"
     ],
     "platform": "ubuntu",
     "platform_version": "20.04",
     "cloud": null,
     "chef_packages": {
       "chef": {
-        "version": "17.10.3",
-        "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/chef-17.10.3/lib",
+        "version": "18.3.0",
+        "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.3.0/lib",
         "chef_effortless": null
       },
       "ohai": {
-        "version": "17.9.0",
-        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/ohai-17.9.0/lib/ohai"
+        "version": "18.1.4",
+        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai"
       }
     }
   },
@@ -66,4 +71,4 @@
     "role[ldap_client]",
     "role[ejabberd]"
   ]
-}
+}

nodes/fornax.kosmos.org.json

@@ -42,6 +42,7 @@
       "kosmos_drone::nginx",
       "kosmos-ejabberd::nginx",
       "kosmos_garage::nginx_web",
+      "kosmos_garage::nginx_s3",
       "kosmos_gitea::nginx",
       "kosmos_gitea::nginx_ssh",
       "kosmos_rsk::nginx_testnet",

nodes/garage-2.json

@@ -23,7 +23,8 @@
       "kosmos_kvm::guest",
       "kosmos_garage",
       "kosmos_garage::default",
-      "kosmos_garage::firewall",
+      "kosmos_garage::firewall_rpc",
+      "kosmos_garage::firewall_apis",
       "apt::default",
       "timezone_iii::default",
       "timezone_iii::debian",
@@ -38,21 +39,20 @@
       "postfix::_attributes",
       "postfix::sasl_auth",
       "hostname::default",
-      "firewall::default",
-      "chef-sugar::default"
+      "firewall::default"
     ],
     "platform": "ubuntu",
     "platform_version": "20.04",
     "cloud": null,
     "chef_packages": {
       "chef": {
-        "version": "17.10.3",
-        "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/chef-17.10.3/lib",
+        "version": "18.3.0",
+        "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.3.0/lib",
         "chef_effortless": null
       },
       "ohai": {
-        "version": "17.9.0",
-        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/ohai-17.9.0/lib/ohai"
+        "version": "18.1.4",
+        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai"
       }
     }
   },

nodes/garage-3.json

@@ -23,7 +23,8 @@
       "kosmos_kvm::guest",
       "kosmos_garage",
       "kosmos_garage::default",
-      "kosmos_garage::firewall",
+      "kosmos_garage::firewall_rpc",
+      "kosmos_garage::firewall_apis",
       "apt::default",
       "timezone_iii::default",
       "timezone_iii::debian",
@@ -38,21 +39,20 @@
       "postfix::_attributes",
       "postfix::sasl_auth",
       "hostname::default",
-      "firewall::default",
-      "chef-sugar::default"
+      "firewall::default"
     ],
     "platform": "ubuntu",
     "platform_version": "20.04",
     "cloud": null,
     "chef_packages": {
       "chef": {
-        "version": "17.10.3",
-        "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/chef-17.10.3/lib",
+        "version": "18.3.0",
+        "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.3.0/lib",
         "chef_effortless": null
       },
       "ohai": {
-        "version": "17.9.0",
-        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/ohai-17.9.0/lib/ohai"
+        "version": "18.1.4",
+        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai"
       }
     }
   },

nodes/garage-5.json

@@ -0,0 +1,64 @@
+{
+  "name": "garage-5",
+  "chef_environment": "production",
+  "normal": {
+    "knife_zero": {
+      "host": "10.1.1.33"
+    }
+  },
+  "automatic": {
+    "fqdn": "garage-5",
+    "os": "linux",
+    "os_version": "5.15.0-84-generic",
+    "hostname": "garage-5",
+    "ipaddress": "192.168.122.55",
+    "roles": [
+      "base",
+      "kvm_guest",
+      "garage_node"
+    ],
+    "recipes": [
+      "kosmos-base",
+      "kosmos-base::default",
+      "kosmos_kvm::guest",
+      "kosmos_garage",
+      "kosmos_garage::default",
+      "kosmos_garage::firewall_rpc",
+      "kosmos_garage::firewall_apis",
+      "apt::default",
+      "timezone_iii::default",
+      "timezone_iii::debian",
+      "ntp::default",
+      "ntp::apparmor",
+      "kosmos-base::systemd_emails",
+      "apt::unattended-upgrades",
+      "kosmos-base::firewall",
+      "kosmos-postfix::default",
+      "postfix::default",
+      "postfix::_common",
+      "postfix::_attributes",
+      "postfix::sasl_auth",
+      "hostname::default",
+      "firewall::default"
+    ],
+    "platform": "ubuntu",
+    "platform_version": "22.04",
+    "cloud": null,
+    "chef_packages": {
+      "chef": {
+        "version": "18.3.0",
+        "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.3.0/lib",
+        "chef_effortless": null
+      },
+      "ohai": {
+        "version": "18.1.4",
+        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai"
+      }
+    }
+  },
+  "run_list": [
+    "role[base]",
+    "role[kvm_guest]",
+    "role[garage_node]"
+  ]
+}