Commit Graph

39 Commits

Author SHA1 Message Date
raucao 2ea5b30224 Upgrade ejabberd to 25.08
Co-authored-by: Greg Karékinian <greg@karekinian.com>
2025-09-21 12:45:20 +02:00
raucao 03f1d16998 Update SQL Schema automatically on ejabberd upgrades
Co-authored-by: Greg Karékinian <greg@karekinian.com>
2025-09-16 16:07:10 +02:00
raucao 6534086df2 Update logger configuration
* Remove unused/deprecated options
* Hide user IPs
* Set level to "info"

Co-authored-by: Greg Karékinian <greg@karekinian.com>
2025-09-16 16:07:00 +02:00
raucao 160134bd86 Allow more ejabberd API calls from akkounts 2025-05-16 15:17:43 +04:00
raucao b1bb5d0625 Use default value for STUN credentials lifetime 2025-01-14 15:30:42 -05:00
raucao fe581c348a Fix bookmarks disappearing for XMPP users
The limit for PEP nodes was ridiculously low. No idea why, but it means
users were only able to save 10 items (e.g. channel bookmarks) at once.
2024-10-16 12:34:31 +02:00
raucao 210a83a686 Increase max user offline messages for ejabberd 2024-02-04 15:47:55 +02:00
raucao e1007f7886 ejabberd disco config additions 2023-12-18 13:23:21 +01:00
raucao ed998fc1d3 Use TCP for TLS connections 2023-12-18 13:22:34 +01:00
raucao 8a97ebf4f8 Use domain instead of IP, add TLS endpoints 2023-12-17 17:57:49 +01:00
raucao 1576a8e731 Set up coturn, switch from ejabberd in production
https://github.com/coturn/coturn
2023-12-17 15:20:11 +01:00
Râu Cao cc6cebb8a2 Increase TURN throughput allowance 2023-12-05 18:20:27 +01:00
Râu Cao abc168ebf1 Upgrade ejabberd to 23.10, enable anonymous occupant IDs 2023-11-01 12:29:23 +01:00
Râu Cao 65d71d6a73 Migrate ejabberd uploads to mod_s3_upload and Garage
In addition to installing and configuring the new module, this also
enables public access to the S3 API via `bucket-name.s3.kosmos.org` as
well as Web access on `bucket-name.web.s3.kosmos.org` (when enabled).

Also includes some drive-by improvements to Chef attribute naming and
usage.

Co-authored-by: Greg Karékinian <greg@karekinian.com>
2023-10-10 17:55:55 +02:00
Râu Cao efb07ad3c1 Allow akkounts to set private XML storage data
Enables kosmos/akkounts#116
2023-04-19 17:32:30 +02:00
Râu Cao 797dd241e0 Improve ejabberd HTTP API configs and access
Move the listener to a separate endpoint on port 80, which is only
accessible from the private network. Change accounts.kosmos.org to use
the new endpoint via a `.local` domain instead of faking external
access.
2023-04-03 15:38:40 +02:00
Râu Cao 6e31c7a79b Use proxy protocol 2023-03-24 16:35:23 +07:00
Râu Cao 89865bcd2a Allow send_message endpoint from akkounts 2023-01-12 15:37:08 +08:00
basti a85415ef48 Fix MUC service/domains not being announced
Only subdomains of `hosts` are automatically announced, but other
domains have to be added manually via the `extra_domains` disco module
config.

fixes #413
2022-06-03 18:07:50 +02:00
basti a1e2c21bcb Fix abuse address info in XMPP service discovery
It wasn't replacing the @HOST@ placeholder with the actual vhost domain.
2022-05-31 11:32:55 +02:00
basti c158f845f0 Configure STUN/TURN for ejabberd and nginx proxy 2022-05-11 15:27:49 +02:00
basti 74cf26846e Fix ejabberd API permission for akkounts VMs
It should have been using a /32, not a /8 subnet, in order to only allow
the akkounts VM(s) to use the API endpoints without further
authorization.
2021-01-12 18:06:16 +01:00
basti 239b6aed51 Add API permissions for akkounts VMs
Using the zerotier IP, which is the same as the knife-zero host.
2020-12-08 20:00:31 +01:00
basti 56d9144ad6 Disable ACME
Throws a warning when reloading the config, because it is enabled by
default, but not configured entirely. Disabling it explicitly removes
the warning.
2020-12-08 14:30:29 +01:00
Greg Karékinian 085bd8abd5 Move TURN port to a different range
It landed on a port used by PostgreSQL. Also switch STUN/TURN to TCP
because HAProxy does not support UDP.

Closes #240
2020-11-25 16:36:07 +01:00
basti f39f953b8a Configure ejabberd nodes for HTTP upload service 2020-11-24 15:44:59 +01:00
basti 4448ec2173 Configure TURN properly
Was missing a couple of necessary properties, and is now using an
explicit port range for TURN, and opening those ports in UFW.
2020-05-02 14:07:14 +02:00
basti ef2fa2da72 Configure STUN/TURN
Configures built-in STUN/TURN support, and adds the new service discovery
module for it.
2020-05-01 16:25:38 +02:00
Greg Karékinian 56adfa37fb Fix a warning in the config
Migrate the web admin to a request handler
2020-02-17 17:26:55 +01:00
Greg Karékinian c2b2b6f08b Fix the vhost template
hosts must be defined in the main config file
2020-02-17 15:04:08 +01:00
Greg Karékinian 38f39af2a4 Move each vhost to its own config file 2020-02-17 13:20:54 +01:00
Greg Karékinian 55eb95ae73 Verify the TLS server's certificate
Do not proceed if a certificate is invalid
2020-02-14 13:56:52 +01:00
Greg Karékinian 49d01991fd Enable LDAP on the XMPP 5apps.com vhost
Refactor the ejabberd config file to remove hardcoded values about the
vhosts

Refs #123
2020-02-12 17:40:38 +01:00
Greg Karékinian 544f4b78f4 Change the MUC domain for the kosmos.org XMPP server to kosmos.chat 2019-09-19 15:57:54 +02:00
Greg Karékinian 0fa9e6cbb7 Set the uploads dir inside of /opt/ejabberd instead of /var/www
/var/www is intended for nginx/apache

I have copied over the old directories manually on Andromeda before
running this code

Fixes #80
2019-07-19 12:47:42 +02:00
Greg Karékinian 0be63e5935 Fix the config file when no TLS certs exist 2019-05-14 11:31:42 +02:00
Greg Karékinian d9390a4b92 Don't use a concatenated cert for kosmos.org anymore 2019-05-13 18:53:45 +02:00
Greg Karékinian 88204ea91b Update the config to the current one running on andromeda 2019-05-13 17:59:04 +02:00
Greg Karékinian 9346188ca7 Initial kosmos-ejabberd cookbook 2019-04-17 10:11:52 +02:00