Add ejabberd HTTP API permissions for akkounts #255
|
@ -68,7 +68,6 @@
|
|||
},
|
||||
"run_list": [
|
||||
"recipe[kosmos-base]",
|
||||
"recipe[kosmos-akkounts::default]",
|
||||
"recipe[kosmos-akkounts::nginx]"
|
||||
"role[akkounts]"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
name "akkounts"
|
||||
|
||||
default_run_list = %w(
|
||||
kosmos-akkounts::default
|
||||
kosmos-akkounts::nginx
|
||||
)
|
||||
|
||||
env_run_lists(
|
||||
'_default' => default_run_list,
|
||||
'development' => default_run_list,
|
||||
'production' => default_run_list
|
||||
)
|
|
@ -169,6 +169,11 @@ hosts.each do |host|
|
|||
end
|
||||
end
|
||||
|
||||
akkounts_ip_addresses = []
|
||||
search(:node, "role:akkounts").each do |node|
|
||||
akkounts_ip_addresses << node["knife_zero"]["host"]
|
||||
end
|
||||
|
||||
template "/opt/ejabberd/conf/ejabberd.yml" do
|
||||
source "ejabberd.yml.erb"
|
||||
mode 0640
|
||||
|
@ -178,7 +183,8 @@ template "/opt/ejabberd/conf/ejabberd.yml" do
|
|||
stun_auth_realm: "kosmos.org",
|
||||
turn_ip_address: node['ipaddress'],
|
||||
turn_min_port: node["kosmos-ejabberd"]["turn_min_port"],
|
||||
turn_max_port: node["kosmos-ejabberd"]["turn_max_port"]
|
||||
turn_max_port: node["kosmos-ejabberd"]["turn_max_port"],
|
||||
akkounts_ip_addresses: akkounts_ip_addresses
|
||||
notifies :run, "execute[ejabberdctl reload_config]", :delayed
|
||||
end
|
||||
|
||||
|
|
|
@ -32,6 +32,9 @@ s2s_ciphers: 'TLS_CIPHERS'
|
|||
c2s_protocol_options: 'TLS_OPTIONS'
|
||||
s2s_protocol_options: 'TLS_OPTIONS'
|
||||
|
||||
acme:
|
||||
auto: false
|
||||
|
||||
listen:
|
||||
-
|
||||
port: 5222
|
||||
|
@ -171,6 +174,14 @@ api_permissions:
|
|||
what:
|
||||
- "status"
|
||||
- "connected_users_number"
|
||||
"akkounts":
|
||||
who:
|
||||
<% @akkounts_ip_addresses.each do |ip| -%>
|
||||
- ip: "<%= ip %>/8"
|
||||
<% end -%>
|
||||
what:
|
||||
- "add_rosteritem"
|
||||
- "delete_rosteritem"
|
||||
|
||||
language: "en"
|
||||
|
||||
|
|
Loading…
Reference in New Issue