diff --git a/clients/ejabberd-2.json b/clients/ejabberd-2.json new file mode 100644 index 0000000..1d3e5f3 --- /dev/null +++ b/clients/ejabberd-2.json @@ -0,0 +1,4 @@ +{ + "name": "ejabberd-2", + "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudueTsPYnRXRu/rmMGZe\nI7LdyrWKdY9FJaRhkXR5J9Yb8QnIcDS7ZXDJsVhyQW8pZ2DuaIs5dmGYvRtmx0ol\nqHTEel01Q3/xI1blJoq4uRm639PB5M9dSJ0w+s6P5zj7rbFKpvMBYxBSK6z+gXIc\n/L1ayJ6JOssX5/tEvcvx/d4GIxof/Q+puACAXawx7W88Wl7yYWdBQ78uTPHzuMyB\n8BRYz24tki/O1fa9JijW32d3EELD0EccI3iJ+/CR4BFEEM2QdDczY/Q6Ny7h7inH\n/TdU246nvtJIx7bAZHmDIDva8YPtL27RIOQ3JqBBe7prQP5Q9MBGPyCXWAglj99a\n6QIDAQAB\n-----END PUBLIC KEY-----\n" +} \ No newline at end of file diff --git a/nodes/ejabberd-1.json b/nodes/ejabberd-1.json index c7d54b7..296c803 100644 --- a/nodes/ejabberd-1.json +++ b/nodes/ejabberd-1.json @@ -3,6 +3,9 @@ "normal": { "knife_zero": { "host": "10.147.20.166" + }, + "kosmos-ejabberd": { + "erlang_node": "ejabberd@draco.kosmos.org" } }, "automatic": { @@ -59,4 +62,4 @@ "recipe[kosmos-base]", "role[ejabberd]" ] -} \ No newline at end of file +} diff --git a/nodes/ejabberd-2.json b/nodes/ejabberd-2.json new file mode 100644 index 0000000..5e7726c --- /dev/null +++ b/nodes/ejabberd-2.json @@ -0,0 +1,65 @@ +{ + "name": "ejabberd-2", + "normal": { + "knife_zero": { + "host": "10.147.20.44" + }, + "kosmos-ejabberd": { + "erlang_node": "ejabberd@centaurus.kosmos.org" + } + }, + "automatic": { + "fqdn": "ejabberd-2", + "os": "linux", + "os_version": "5.4.0-54-generic", + "hostname": "ejabberd-2", + "ipaddress": "192.168.122.5", + "roles": [ + "ejabberd", + "postgresql_client" + ], + "recipes": [ + "kosmos-base", + "kosmos-base::default", + "kosmos-ejabberd", + "kosmos-ejabberd::default", + "kosmos-ejabberd::letsencrypt", + "kosmos-ejabberd::backup", + "apt::default", + "timezone_iii::default", + "timezone_iii::debian", + "ntp::default", + "ntp::apparmor", + "kosmos-base::systemd_emails", + "apt::unattended-upgrades", + "kosmos-base::firewall", + "kosmos-postfix::default", + "postfix::default", + "postfix::_common", + "postfix::_attributes", + "postfix::sasl_auth", + "hostname::default", + "tor-full::default", + "kosmos-base::letsencrypt", + "backup::default", + "logrotate::default" + ], + "platform": "ubuntu", + "platform_version": "20.04", + "cloud": null, + "chef_packages": { + "chef": { + "version": "15.14.0", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.14.0/lib" + }, + "ohai": { + "version": "15.12.0", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai" + } + } + }, + "run_list": [ + "recipe[kosmos-base]", + "role[ejabberd]" + ] +} diff --git a/site-cookbooks/kosmos-ejabberd/recipes/default.rb b/site-cookbooks/kosmos-ejabberd/recipes/default.rb index aabb097..0cde474 100644 --- a/site-cookbooks/kosmos-ejabberd/recipes/default.rb +++ b/site-cookbooks/kosmos-ejabberd/recipes/default.rb @@ -50,6 +50,28 @@ file "/opt/ejabberd/.erlang.cookie" do content ejabberd_credentials['erlang_cookie'] end +file "/opt/ejabberd/.hosts.erlang" do + mode "0644" + owner "ejabberd" + group "ejabberd" + content <<-EOF +"andromeda.kosmos.org". +"centaurus.kosmos.org". +"draco.kosmos.org". + EOF +end + +ruby_block "configure ERLANG_NODE" do + block do + file = Chef::Util::FileEdit.new("/opt/ejabberd/conf/ejabberdctl.cfg") + file.search_file_replace_line( + %r{#ERLANG_NODE=ejabberd@localhost}, + "ERLAND_NODE=#{node['kosmos-ejabberd']['erlang_node']}" + ) + file.write_file + end +end + postgresql_data_bag_item = data_bag_item('credentials', 'postgresql') hosts = [ @@ -203,6 +225,18 @@ unless node.chef_environment == "development" command :allow end + firewall_rule 'ejabberd_cluster' do + port [4369] + protocol :tcp + command :allow + end + + firewall_rule 'erlang_cluster' do + port [4200..4210] + protocol :tcp + command :allow + end + firewall_rule 'ejabberd_stun_turn' do port 3478 protocol :tcp