site-cookbooks/kosmos-akkounts/recipes/default.rb

@@ -84,7 +84,7 @@ end
 ejabberd_private_ip_addresses.each do |ip_address|
   IPAddr.new ip_address
   hostsfile_entry ip_address do
-    hostname 'xmpp.kosmos.org'
+    hostname 'xmpp.kosmos.local'
     action :create
   end
 rescue IPAddr::InvalidAddressError
@@ -93,7 +93,7 @@ rescue IPAddr::InvalidAddressError
 end
 
 if ejabberd_private_ip_addresses.size > 0
-  env[:ejabberd_api_url] = 'https://xmpp.kosmos.org:5443/api'
+  env[:ejabberd_api_url] = "http://xmpp.kosmos.local/api"
 end
 
 systemd_unit "akkounts.service" do

site-cookbooks/kosmos-ejabberd/recipes/default.rb

@@ -186,6 +186,7 @@ template "/opt/ejabberd/conf/ejabberd.yml" do
             stun_turn_port: node["kosmos-ejabberd"]["stun_turn_port"],
             turn_min_port: node["kosmos-ejabberd"]["turn_min_port"],
             turn_max_port: node["kosmos-ejabberd"]["turn_max_port"],
+            private_ip_address: node["knife_zero"]["host"],
             akkounts_ip_addresses: akkounts_ip_addresses
   notifies :reload, "service[ejabberd]", :delayed
 end
@@ -198,6 +199,13 @@ unless node.chef_environment == "development"
   include_recipe "kosmos-ejabberd::firewall"
 end
 
+firewall_rule 'ejabberd_http' do
+  port     [80]
+  source   "10.1.1.0/24"
+  protocol :tcp
+  command  :allow
+end
+
 #
 # Tor hidden service
 #

site-cookbooks/kosmos-ejabberd/templates/ejabberd.yml.erb

@@ -61,6 +61,14 @@ listen:
     use_proxy_protocol: true
     max_stanza_size: 131072
     shaper: s2s_shaper
+  -
+    port: 80
+    ip: "<%= @private_ip_address %>"
+    module: ejabberd_http
+    request_handlers:
+      "/api": mod_http_api
+    tls: false
+    captcha: false
   -
     port: 5443
     ip: "::"
@@ -69,7 +77,6 @@ listen:
     request_handlers:
       "/ws": ejabberd_http_ws
       "/bosh": mod_bosh
-      "/api": mod_http_api
       "/upload": mod_http_upload
       "/admin": ejabberd_web_admin
     custom_headers: