From ad23530653e4db1b5d3d60f9e37fa5264631fc2d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= <greg@karekinian.com>
Date: Mon, 13 May 2019 17:08:21 +0200
Subject: [PATCH] Add the firewall rules for ejabberd

Includes the missing 5223 port in the andromeda_firewall recipe too
---
 site-cookbooks/kosmos-base/recipes/andromeda_firewall.rb | 2 +-
 site-cookbooks/kosmos-ejabberd/metadata.rb               | 1 +
 site-cookbooks/kosmos-ejabberd/recipes/default.rb        | 8 ++++++++
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/site-cookbooks/kosmos-base/recipes/andromeda_firewall.rb b/site-cookbooks/kosmos-base/recipes/andromeda_firewall.rb
index 3401bff..44db935 100644
--- a/site-cookbooks/kosmos-base/recipes/andromeda_firewall.rb
+++ b/site-cookbooks/kosmos-base/recipes/andromeda_firewall.rb
@@ -27,7 +27,7 @@
 # Temporary extra rules for Andromeda
 
 firewall_rule 'ejabberd' do
-  port     [5222, 5269, 5280, 5443]
+  port     [5222, 5223, 5269, 5280, 5443]
   protocol :tcp
   command  :allow
 end
diff --git a/site-cookbooks/kosmos-ejabberd/metadata.rb b/site-cookbooks/kosmos-ejabberd/metadata.rb
index 51ecc0a..bbd1886 100644
--- a/site-cookbooks/kosmos-ejabberd/metadata.rb
+++ b/site-cookbooks/kosmos-ejabberd/metadata.rb
@@ -22,3 +22,4 @@ chef_version '>= 12.14' if respond_to?(:chef_version)
 depends "kosmos-postgresql"
 depends "kosmos-base"
 depends "backup"
+depends "firewall"
diff --git a/site-cookbooks/kosmos-ejabberd/recipes/default.rb b/site-cookbooks/kosmos-ejabberd/recipes/default.rb
index b3070ba..2611fab 100644
--- a/site-cookbooks/kosmos-ejabberd/recipes/default.rb
+++ b/site-cookbooks/kosmos-ejabberd/recipes/default.rb
@@ -105,3 +105,11 @@ end
 service "ejabberd" do
   action [:enable, :start]
 end
+
+unless node.chef_environment == "development"
+  firewall_rule 'ejabberd' do
+    port     [5222, 5223, 5269, 5280, 5443]
+    protocol :tcp
+    command  :allow
+  end
+end