WIP: Replace ejabberd cluster #374

Closed
raucao wants to merge 5 commits from chore/ejabberd_cluster into master
9 changed files with 30 additions and 177 deletions

View File

@ -1,4 +0,0 @@
{
"name": "ejabberd-1",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoVmQAEmmAWjjzi5X8Ia\n9sl2aH8Lh0AsckM0aE3hvw9lGfbNCPpYWrr0uh7R6/+13Z0OghrT3yDAZ+XfH39Y\nuGomazTzSMMOEofjepo+nXSgq4meFfX5vobYG7rpBdz1EsIT1bElHduItA2zsw9J\nFpXtGd4BjumMq1VykSTA+QaEE8byes/+groQTtXPqXf5gJMxyGlh4SU0MzmkGHaW\n8c9BPCQrV0CMiuGOGJ5mZ28HajbvSg3+bpgwThh3M5uQaQ6on1N2pvJuBypUySS6\nyc4TauocUcUsULYXq9wM8/rqDYsUah0PR0WSiOi90m5thGeBchFAmhdCvrS34FlR\nVQIDAQAB\n-----END PUBLIC KEY-----\n"
}

View File

@ -1,4 +0,0 @@
{
"name": "ejabberd-2",
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudueTsPYnRXRu/rmMGZe\nI7LdyrWKdY9FJaRhkXR5J9Yb8QnIcDS7ZXDJsVhyQW8pZ2DuaIs5dmGYvRtmx0ol\nqHTEel01Q3/xI1blJoq4uRm639PB5M9dSJ0w+s6P5zj7rbFKpvMBYxBSK6z+gXIc\n/L1ayJ6JOssX5/tEvcvx/d4GIxof/Q+puACAXawx7W88Wl7yYWdBQ78uTPHzuMyB\n8BRYz24tki/O1fa9JijW32d3EELD0EccI3iJ+/CR4BFEEM2QdDczY/Q6Ny7h7inH\n/TdU246nvtJIx7bAZHmDIDva8YPtL27RIOQ3JqBBe7prQP5Q9MBGPyCXWAglj99a\n6QIDAQAB\n-----END PUBLIC KEY-----\n"
}

View File

@ -1,67 +0,0 @@
{
"name": "ejabberd-1",
"normal": {
"knife_zero": {
"host": "10.1.1.166"
},
"kosmos-ejabberd": {
"erlang_node": "ejabberd@draco.kosmos.org"
}
},
"automatic": {
"fqdn": "ejabberd-1",
"os": "linux",
"os_version": "5.4.0-54-generic",
"hostname": "ejabberd-1",
"ipaddress": "192.168.122.62",
"roles": [
"ejabberd",
"postgresql_client"
],
"recipes": [
"kosmos-base",
"kosmos-base::default",
"kosmos-postgresql::hostsfile",
"kosmos-ejabberd",
"kosmos-ejabberd::default",
"kosmos-ejabberd::letsencrypt",
"kosmos-ejabberd::backup",
"apt::default",
"timezone_iii::default",
"timezone_iii::debian",
"ntp::default",
"ntp::apparmor",
"kosmos-base::systemd_emails",
"apt::unattended-upgrades",
"kosmos-base::firewall",
"kosmos-postfix::default",
"postfix::default",
"postfix::_common",
"postfix::_attributes",
"postfix::sasl_auth",
"hostname::default",
"kosmos-ejabberd::firewall",
"tor-full::default",
"kosmos-base::letsencrypt",
"backup::default",
"logrotate::default"
],
"platform": "ubuntu",
"platform_version": "20.04",
"cloud": null,
"chef_packages": {
"chef": {
"version": "15.14.0",
"chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.14.0/lib"
},
"ohai": {
"version": "15.12.0",
"ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai"
}
}
},
"run_list": [
"recipe[kosmos-base]",
"role[ejabberd]"
]
}

View File

@ -1,67 +0,0 @@
{
"name": "ejabberd-2",
"normal": {
"knife_zero": {
"host": "10.1.1.44"
},
"kosmos-ejabberd": {
"erlang_node": "ejabberd@centaurus.kosmos.org"
}
},
"automatic": {
"fqdn": "ejabberd-2",
"os": "linux",
"os_version": "5.4.0-54-generic",
"hostname": "ejabberd-2",
"ipaddress": "192.168.122.5",
"roles": [
"ejabberd",
"postgresql_client"
],
"recipes": [
"kosmos-base",
"kosmos-base::default",
"kosmos-postgresql::hostsfile",
"kosmos-ejabberd",
"kosmos-ejabberd::default",
"kosmos-ejabberd::letsencrypt",
"kosmos-ejabberd::backup",
"apt::default",
"timezone_iii::default",
"timezone_iii::debian",
"ntp::default",
"ntp::apparmor",
"kosmos-base::systemd_emails",
"apt::unattended-upgrades",
"kosmos-base::firewall",
"kosmos-postfix::default",
"postfix::default",
"postfix::_common",
"postfix::_attributes",
"postfix::sasl_auth",
"hostname::default",
"kosmos-ejabberd::firewall",
"tor-full::default",
"kosmos-base::letsencrypt",
"backup::default",
"logrotate::default"
],
"platform": "ubuntu",
"platform_version": "20.04",
"cloud": null,
"chef_packages": {
"chef": {
"version": "15.14.0",
"chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.14.0/lib"
},
"ohai": {
"version": "15.12.0",
"ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai"
}
}
},
"run_list": [
"recipe[kosmos-base]",
"role[ejabberd]"
]
}

View File

@ -47,6 +47,7 @@
}
},
"run_list": [
"recipe[kosmos-base]"
"recipe[kosmos-base]",
"role[ejabberd]"
]
}
}

View File

@ -47,6 +47,7 @@
}
},
"run_list": [
"recipe[kosmos-base]"
"recipe[kosmos-base]",
"role[ejabberd]"
]
}
}

View File

@ -26,3 +26,4 @@ depends "kosmos_postgresql"
depends "backup"
depends "firewall"
depends "tor-full"
depends "hostsfile"

View File

@ -29,15 +29,25 @@ file "/opt/ejabberd/.erlang.cookie" do
content ejabberd_credentials['erlang_cookie']
end
ejabberd_nodes = search(:node, "role:ejabberd")
ejabberd_nodes.each do |n|
ip_address = n["knife_zero"]["host"]
IPAddr.new ip_address
hostsfile_entry ip_address do
hostname n["hostname"]
action :create
end
rescue IPAddr::InvalidAddressError
next
end
ejabberd_hostnames = ejabberd_nodes.map { |n| n["hostname"] }
file "/opt/ejabberd/.hosts.erlang" do
mode "0644"
owner "ejabberd"
group "ejabberd"
content <<-EOF
"andromeda.kosmos.org".
"centaurus.kosmos.org".
"draco.kosmos.org".
EOF
content ejabberd_hostnames.join(".\n")
end
ruby_block "configure ERLANG_NODE" do
@ -45,7 +55,7 @@ ruby_block "configure ERLANG_NODE" do
file = Chef::Util::FileEdit.new("/opt/ejabberd/conf/ejabberdctl.cfg")
file.search_file_replace_line(
%r{#ERLANG_NODE=ejabberd@localhost},
"ERLANG_NODE=#{node['kosmos-ejabberd']['erlang_node']}"
"ERLANG_NODE=ejabberd@#{node['name']}"
)
file.write_file
end
@ -157,7 +167,8 @@ template "/opt/ejabberd/conf/ejabberd.yml" do
end
execute "ejabberdctl reload_config" do
command "/opt/ejabberd-#{ejabberd_version}/bin/ejabberdctl reload_config"
# command "/opt/ejabberd-#{ejabberd_version}/bin/ejabberdctl reload_config"
command ""
action :nothing
end
@ -170,7 +181,7 @@ file "/lib/systemd/system/ejabberd.service" do
content lazy { IO.read("/opt/ejabberd-#{ejabberd_version}/bin/ejabberd.service") }
action :nothing
notifies :run, "execute[systemctl daemon-reload]", :immediately
notifies :restart, "service[ejabberd]", :delayed
# notifies :restart, "service[ejabberd]", :delayed
end
execute "systemctl daemon-reload" do
@ -189,7 +200,8 @@ end
end
service "ejabberd" do
action [:enable, :start]
action [:enable]
# action [:enable, :start]
end
unless node.chef_environment == "development"

View File

@ -2,28 +2,6 @@
# Cookbook:: kosmos-ejabberd
# Recipe:: firewall
#
# The MIT License (MIT)
#
# Copyright:: 2020, Kosmos Developers
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe "kosmos-base::firewall"
firewall_rule "ejabberd" do
@ -34,12 +12,14 @@ end
firewall_rule 'ejabberd_cluster' do
port [4369]
source "10.1.1.0/24"
protocol :tcp
command :allow
end
firewall_rule 'erlang_cluster' do
port [4200..4210]
source "10.1.1.0/24"
protocol :tcp
command :allow
end