#
# Cookbook:: kosmos-ejabberd
# Recipe:: firewall
#
include_recipe "kosmos-base::firewall"

firewall_rule "ejabberd" do
  port     [5222, 5223, 5269, 5443]
  protocol :tcp
  command  :allow
end

firewall_rule 'ejabberd_cluster' do
  port     [4369]
  source   "10.1.1.0/24"
  protocol :tcp
  command  :allow
end

firewall_rule 'erlang_cluster' do
  port     [4200..4210]
  source   "10.1.1.0/24"
  protocol :tcp
  command  :allow
end

firewall_rule 'ejabberd_stun_turn' do
  port     node["ejabberd"]["stun_turn_port"]
  protocol :udp
  command  :allow
end

firewall_rule 'ejabberd_turn' do
  port     node["ejabberd"]["turn_min_port"]..node["ejabberd"]["turn_max_port"]
  protocol :udp
  command  :allow
end