kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

Merge branch 'master' into feature/160-postgres_replication

Browse Source
This commit is contained in:
Greg Karékinian 2020-05-14 15:06:00 +02:00
commit fbf610a643
4 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nodes/andromeda.kosmos.org.json
View File

@ -19,7 +19,7 @@
"automatic": { "automatic": {
"fqdn": "andromeda.kosmos.org", "fqdn": "andromeda.kosmos.org",
"os": "linux", "os": "linux",
"os_version": "4.15.0-74-generic", "os_version": "4.15.0-96-generic",
"hostname": "andromeda", "hostname": "andromeda",
"ipaddress": "46.4.18.160", "ipaddress": "46.4.18.160",
"roles": [ "roles": [

2
site-cookbooks/kosmos-ejabberd/attributes/default.rb
View File

@ -1,5 +1,7 @@
node.default["kosmos-ejabberd"]["version"] = "20.04" node.default["kosmos-ejabberd"]["version"] = "20.04"
node.default["kosmos-ejabberd"]["checksum"] = "5377ff18960a399e661fa23f4a1d9f57c78d4579ed108c52b8f68e7cd9268868" node.default["kosmos-ejabberd"]["checksum"] = "5377ff18960a399e661fa23f4a1d9f57c78d4579ed108c52b8f68e7cd9268868"
node.default["kosmos-ejabberd"]["turn_min_port"] = 49152
node.default["kosmos-ejabberd"]["turn_max_port"] = 59152
node.override["tor"]["HiddenServices"]["ejabberd"] = { node.override["tor"]["HiddenServices"]["ejabberd"] = {
"HiddenServicePorts" => [ "HiddenServicePorts" => [

12
site-cookbooks/kosmos-ejabberd/recipes/default.rb
View File

@ -154,7 +154,11 @@ template "/opt/ejabberd/conf/ejabberd.yml" do
sensitive true sensitive true
variables pgsql_password: postgresql_data_bag_item['ejabberd_user_password'], variables pgsql_password: postgresql_data_bag_item['ejabberd_user_password'],
hosts: hosts, hosts: hosts,
admin_users: admin_users admin_users: admin_users,
stun_auth_realm: "kosmos.org",
turn_ip_address: node['ipaddress'],
turn_min_port: node["kosmos-ejabberd"]["turn_min_port"],
turn_max_port: node["kosmos-ejabberd"]["turn_max_port"]
notifies :run, "execute[ejabberdctl reload_config]", :delayed notifies :run, "execute[ejabberdctl reload_config]", :delayed
end end
@ -206,6 +210,12 @@ unless node.chef_environment == "development"
protocol :udp protocol :udp
command :allow command :allow
end end
firewall_rule 'ejabberd_turn' do
port node["kosmos-ejabberd"]["turn_min_port"]..node["kosmos-ejabberd"]["turn_max_port"]
protocol :udp
command :allow
end
end end
# #

6
site-cookbooks/kosmos-ejabberd/templates/ejabberd.yml.erb
View File

@ -78,9 +78,11 @@ listen:
port: 3478 port: 3478
transport: udp transport: udp
module: ejabberd_stun module: ejabberd_stun
auth_realm: <%= @stun_auth_realm %>
use_turn: true use_turn: true
## The server's public IPv4 address: turn_ip: <%= @turn_ip_address %>
# turn_ip: 203.0.113.3 turn_min_port: <%= @turn_min_port %>
turn_max_port: <%= @turn_max_port %>
s2s_use_starttls: optional s2s_use_starttls: optional