kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 29 Pull Requests 2 Projects 2 Activity

Compare commits

base: kosmos:73e8a2c41360c3142e52a9dfd7bc4f021e610781
Branches Tags
kosmos:master
kosmos:bugfix/substr_url_matching
kosmos:notes/ejabberd_ldap_photo
kosmos:feature/akaunting
kosmos:chore/ejabberd_service_avatar
kosmos:feature/237-gitea_gpg
kosmos:jammy_jellyfish
..
compare: kosmos:dde29c4a6c1cdea110b89ecfd8ac195816d61ffa
Branches Tags
kosmos:master
kosmos:bugfix/substr_url_matching
kosmos:notes/ejabberd_ldap_photo
kosmos:feature/akaunting
kosmos:chore/ejabberd_service_avatar
kosmos:feature/237-gitea_gpg
kosmos:jammy_jellyfish

No commits in common. "73e8a2c41360c3142e52a9dfd7bc4f021e610781" and "dde29c4a6c1cdea110b89ecfd8ac195816d61ffa" have entirely different histories.
73e8a2c413 ... dde29c4a6c

3 changed files with 16 additions and 189 deletions
Show Stats Expand all files Collapse all files

23
site-cookbooks/kosmos-ejabberd/recipes/default.rb
View File

@ -65,13 +65,15 @@ file "/opt/ejabberd/.hosts.erlang" do
content ejabberd_hostnames.map{|h| "#{h}."}.join("\n") content ejabberd_hostnames.map{|h| "#{h}."}.join("\n")
end end
template "/opt/ejabberd/conf/ejabberdctl.cfg" do ruby_block "configure ERLANG_NODE" do
source "ejabberdctl.cfg.erb" block do
mode 0644 file = Chef::Util::FileEdit.new("/opt/ejabberd/conf/ejabberdctl.cfg")
owner 'ejabberd' file.search_file_replace_line(
group 'ejabberd' %r{#ERLANG_NODE=ejabberd@localhost},
variables epmd_node_name: "ejabberd@#{node['name']}" "ERLANG_NODE=ejabberd@#{node['name']}"
notifies :reload, "service[ejabberd]", :delayed )
file.write_file
end
end end
postgresql_data_bag_item = data_bag_item('credentials', 'postgresql') postgresql_data_bag_item = data_bag_item('credentials', 'postgresql')
@ -223,3 +225,10 @@ end
unless node.chef_environment == "development" unless node.chef_environment == "development"
include_recipe "kosmos-ejabberd::firewall" include_recipe "kosmos-ejabberd::firewall"
end end
firewall_rule 'ejabberd_http' do
port [80]
source "10.1.1.0/24"
protocol :tcp
command :allow
end

7
site-cookbooks/kosmos-ejabberd/recipes/firewall.rb
View File

@ -35,10 +35,3 @@ firewall_rule 'ejabberd_turn' do
protocol :udp protocol :udp
command :allow command :allow
end end
firewall_rule 'ejabberd_http' do
port [80]
source "10.1.1.0/24"
protocol :tcp
command :allow
end

175
site-cookbooks/kosmos-ejabberd/templates/ejabberdctl.cfg.erb
View File

@ -1,175 +0,0 @@
#
# In this file you can configure options that are passed by ejabberdctl
# to the erlang runtime system when starting ejabberd
#
#' POLL: Kernel polling ([true|false])
#
# The kernel polling option requires support in the kernel.
# Additionally, you need to enable this feature while compiling Erlang.
#
# Default: true
#
#POLL=true
#.
#' SMP: SMP support ([enable|auto|disable])
#
# Explanation in Erlang/OTP documentation:
# enable: starts the Erlang runtime system with SMP support enabled.
# This may fail if no runtime system with SMP support is available.
# auto: starts the Erlang runtime system with SMP support enabled if it
# is available and more than one logical processor are detected.
# disable: starts a runtime system without SMP support.
#
# Default: enable
#
#SMP=enable
#.
#' ERL_MAX_PORTS: Maximum number of simultaneously open Erlang ports
#
# ejabberd consumes two or three ports for every connection, either
# from a client or from another Jabber server. So take this into
# account when setting this limit.
#
# Default: 32000
# Maximum: 268435456
#
#ERL_MAX_PORTS=32000
#.
#' FIREWALL_WINDOW: Range of allowed ports to pass through a firewall
#
# If Ejabberd is configured to run in cluster, and a firewall is blocking ports,
# it's possible to make Erlang use a defined range of port (instead of dynamic
# ports) for node communication.
#
# Default: not defined
# Example: 4200-4210
#
FIREWALL_WINDOW=4200-4210
#.
#' INET_DIST_INTERFACE: IP address where this Erlang node listens other nodes
#
# This communication is used by ejabberdctl command line tool,
# and in a cluster of several ejabberd nodes.
#
# Default: 0.0.0.0
#
#INET_DIST_INTERFACE=127.0.0.1
#.
#' ERL_EPMD_ADDRESS: IP addresses where epmd listens for connections
#
# IMPORTANT: This option works only in Erlang/OTP R14B03 and newer.
#
# This environment variable may be set to a comma-separated
# list of IP addresses, in which case the epmd daemon
# will listen only on the specified address(es) and on the
# loopback address (which is implicitly added to the list if it
# has not been specified). The default behaviour is to listen on
# all available IP addresses.
#
# Default: 0.0.0.0
#
#ERL_EPMD_ADDRESS=127.0.0.1
#.
#' ERL_PROCESSES: Maximum number of Erlang processes
#
# Erlang consumes a lot of lightweight processes. If there is a lot of activity
# on ejabberd so that the maximum number of processes is reached, people will
# experience greater latency times. As these processes are implemented in
# Erlang, and therefore not related to the operating system processes, you do
# not have to worry about allowing a huge number of them.
#
# Default: 250000
# Maximum: 268435456
#
#ERL_PROCESSES=250000
#.
#' ERL_MAX_ETS_TABLES: Maximum number of ETS and Mnesia tables
#
# The number of concurrent ETS and Mnesia tables is limited. When the limit is
# reached, errors will appear in the logs:
# ** Too many db tables **
# You can safely increase this limit when starting ejabberd. It impacts memory
# consumption but the difference will be quite small.
#
# Default: 1400
#
#ERL_MAX_ETS_TABLES=1400
#.
#' ERL_OPTIONS: Additional Erlang options
#
# The next variable allows to specify additional options passed to erlang while
# starting ejabberd. Some useful options are -noshell, -detached, -heart. When
# ejabberd is started from an init.d script options -noshell and -detached are
# added implicitly. See erl(1) for more info.
#
# It might be useful to add "-pa /usr/local/lib/ejabberd/ebin" if you
# want to add local modules in this path.
#
# Default: ""
#
#ERL_OPTIONS=""
#.
#' ERLANG_NODE: Erlang node name
#
# The next variable allows to explicitly specify erlang node for ejabberd
# It can be given in different formats:
# ERLANG_NODE=ejabberd
# Lets erlang add hostname to the node (ejabberd uses short name in this case)
# ERLANG_NODE=ejabberd@hostname
# Erlang uses node name as is (so make sure that hostname is a real
# machine hostname or you'll not be able to control ejabberd)
# ERLANG_NODE=ejabberd@hostname.domainname
# The same as previous, but erlang will use long hostname
# (see erl (1) manual for details)
#
# Default: ejabberd@localhost
#
ERLANG_NODE=<%= @epmd_node_name %>
#.
#' EJABBERD_PID_PATH: ejabberd PID file
#
# Indicate the full path to the ejabberd Process identifier (PID) file.
# If this variable is defined, ejabberd writes the PID file when starts,
# and deletes it when stops.
# Remember to create the directory and grant write permission to ejabberd.
#
# Default: don't write PID file
#
#EJABBERD_PID_PATH=/var/run/ejabberd/ejabberd.pid
#.
#' CONTRIB_MODULES_PATH: contributed ejabberd modules path
#
# Specify the full path to the contributed ejabberd modules. If the path is not
# defined, ejabberd will use ~/.ejabberd-modules in home of user running ejabberd.
#
# Default: $HOME/.ejabberd-modules
#
#CONTRIB_MODULES_PATH=/opt/ejabberd-modules
#.
#' CONTRIB_MODULES_CONF_DIR: configuration directory for contributed modules
#
# Specify the full path to the configuration directory for contributed ejabberd
# modules. In order to configure a module named mod_foo, a mod_foo.yml file can
# be created in this directory. This file will then be used instead of the
# default configuration file provided with the module.
#
# Default: $CONTRIB_MODULES_PATH/conf
#
#CONTRIB_MODULES_CONF_DIR=/etc/ejabberd/modules
#.
#'
# vim: foldmarker=#',#. foldmethod=marker: