kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 32 Pull Requests 2 Projects 2 Activity

Compare commits

base: kosmos:8a97ebf4f80e46913c20c34a951b84f5fe0e0789
Branches Tags
kosmos:master
kosmos:bugfix/substr_url_matching
kosmos:notes/ejabberd_ldap_photo
kosmos:feature/akaunting
kosmos:chore/ejabberd_service_avatar
kosmos:feature/237-gitea_gpg
kosmos:jammy_jellyfish
...
compare: kosmos:e1007f788635076284bbfddd3db8e9fcf19655a3
Branches Tags
kosmos:master
kosmos:bugfix/substr_url_matching
kosmos:notes/ejabberd_ldap_photo
kosmos:feature/akaunting
kosmos:chore/ejabberd_service_avatar
kosmos:feature/237-gitea_gpg
kosmos:jammy_jellyfish

3 Commits
8a97ebf4f8 ... e1007f7886

Author SHA1 Message Date
Râu Cao
e1007f7886
ejabberd disco config additions 2023-12-18 13:23:21 +01:00
Râu Cao
292366a77f
Domain vs realm vs IP 2023-12-18 13:23:05 +01:00
Râu Cao
ed998fc1d3
Use TCP for TLS connections 2023-12-18 13:22:34 +01:00
4 changed files with 7 additions and 5 deletions
Show Stats Expand all files Collapse all files

1
site-cookbooks/kosmos-ejabberd/attributes/default.rb
View File

@ -2,6 +2,7 @@ node.default["ejabberd"]["version"] = "23.10"
node.default["ejabberd"]["package_version"] = "1"
node.default["ejabberd"]["checksum"] = "1b02108c81e22ab28be84630d54061f0584b76d5c2702e598352269736b05e77"
node.default["ejabberd"]["turn_domain"] = "turn.kosmos.org"
node.default["ejabberd"]["stun_auth_realm"] = "kosmos.org"
node.default["ejabberd"]["stun_turn_port"] = 3478
node.default["ejabberd"]["stun_turn_port_tls"] = 5349
node.default["ejabberd"]["turn_min_port"] = 50000

4
site-cookbooks/kosmos-ejabberd/recipes/coturn.rb
View File

@ -22,8 +22,8 @@ template "/etc/turnserver.conf" do
relay_ip: node["ipaddress"],
min_port: node["ejabberd"]["turn_min_port"],
max_port: node["ejabberd"]["turn_max_port"],
realm: node["ejabberd"]["stun_auth_realm"],
static_auth_secret: credentials["stun_secret"],
realm: domain,
cert: "/etc/letsencrypt/live/#{domain}/fullchain.pem",
pkey: "/etc/letsencrypt/live/#{domain}/privkey.pem"
notifies :restart, "service[coturn]", :delayed
@ -37,7 +37,7 @@ end
firewall_rule 'ejabberd_stun_turn_tls' do
port node["ejabberd"]["stun_turn_port_tls"]
protocol :udp
protocol :tcp
command :allow
end

3
site-cookbooks/kosmos-ejabberd/recipes/default.rb
View File

@ -183,9 +183,8 @@ template "/opt/ejabberd/conf/ejabberd.yml" do
sensitive true
variables hosts: hosts,
admin_users: admin_users,
stun_auth_realm: node["ejabberd"]["turn_domain"],
turn_domain: node["ejabberd"]["turn_domain"],
stun_secret: ejabberd_credentials['stun_secret'],
turn_ip_address: node["ejabberd"]["turn_ip_address"],
stun_turn_port: node["ejabberd"]["stun_turn_port"],
stun_turn_port_tls: node["ejabberd"]["stun_turn_port_tls"],
turn_min_port: node["ejabberd"]["turn_min_port"],

4
site-cookbooks/kosmos-ejabberd/templates/ejabberd.yml.erb
View File

@ -230,6 +230,8 @@ modules:
store_current_id: true
mod_shared_roster: {}
mod_stun_disco:
offer_local_services: false
credentials_lifetime: 300
secret: <%= @stun_secret %>
services:
-
@ -242,7 +244,7 @@ modules:
host: <%= @turn_domain %>
port: <%= @stun_turn_port_tls %>
type: stuns
transport: udp
transport: tcp
restricted: false
-
host: <%= @turn_domain %>