Merge pull request 'Improve ejabberd HTTP API configs and access' (#483) from bugfix/ejabberd_api_access into master
Reviewed-on: #483
This commit is contained in:
commit
a44fa31951
|
@ -84,7 +84,7 @@ end
|
|||
ejabberd_private_ip_addresses.each do |ip_address|
|
||||
IPAddr.new ip_address
|
||||
hostsfile_entry ip_address do
|
||||
hostname 'xmpp.kosmos.org'
|
||||
hostname 'xmpp.kosmos.local'
|
||||
action :create
|
||||
end
|
||||
rescue IPAddr::InvalidAddressError
|
||||
|
@ -93,7 +93,7 @@ rescue IPAddr::InvalidAddressError
|
|||
end
|
||||
|
||||
if ejabberd_private_ip_addresses.size > 0
|
||||
env[:ejabberd_api_url] = 'https://xmpp.kosmos.org:5443/api'
|
||||
env[:ejabberd_api_url] = "http://xmpp.kosmos.local/api"
|
||||
end
|
||||
|
||||
systemd_unit "akkounts.service" do
|
||||
|
|
|
@ -186,6 +186,7 @@ template "/opt/ejabberd/conf/ejabberd.yml" do
|
|||
stun_turn_port: node["kosmos-ejabberd"]["stun_turn_port"],
|
||||
turn_min_port: node["kosmos-ejabberd"]["turn_min_port"],
|
||||
turn_max_port: node["kosmos-ejabberd"]["turn_max_port"],
|
||||
private_ip_address: node["knife_zero"]["host"],
|
||||
akkounts_ip_addresses: akkounts_ip_addresses
|
||||
notifies :reload, "service[ejabberd]", :delayed
|
||||
end
|
||||
|
@ -198,6 +199,13 @@ unless node.chef_environment == "development"
|
|||
include_recipe "kosmos-ejabberd::firewall"
|
||||
end
|
||||
|
||||
firewall_rule 'ejabberd_http' do
|
||||
port [80]
|
||||
source "10.1.1.0/24"
|
||||
protocol :tcp
|
||||
command :allow
|
||||
end
|
||||
|
||||
#
|
||||
# Tor hidden service
|
||||
#
|
||||
|
|
|
@ -61,6 +61,14 @@ listen:
|
|||
use_proxy_protocol: true
|
||||
max_stanza_size: 131072
|
||||
shaper: s2s_shaper
|
||||
-
|
||||
port: 80
|
||||
ip: "<%= @private_ip_address %>"
|
||||
module: ejabberd_http
|
||||
request_handlers:
|
||||
"/api": mod_http_api
|
||||
tls: false
|
||||
captcha: false
|
||||
-
|
||||
port: 5443
|
||||
ip: "::"
|
||||
|
@ -69,7 +77,6 @@ listen:
|
|||
request_handlers:
|
||||
"/ws": ejabberd_http_ws
|
||||
"/bosh": mod_bosh
|
||||
"/api": mod_http_api
|
||||
"/upload": mod_http_upload
|
||||
"/admin": ejabberd_web_admin
|
||||
custom_headers:
|
||||
|
|
Loading…
Reference in New Issue