#
# Cookbook:: kosmos-ejabberd
# Recipe:: nginx
#

include_recipe "kosmos-base::firewall"

ejabberd_hosts = []
search(:node, "role:ejabberd").each do |node|
  ejabberd_hosts << node["knife_zero"]["host"]
end

ejabberd_hosts.each do |ip_address|
  IPAddr.new ip_address
rescue IPAddr::InvalidAddressError
  ejabberd_hosts.delete ip_address
  next
end

template "#{node['nginx']['dir']}/streams-available/ejabberd" do
  source "nginx_conf_streams.erb"
  owner 'www-data'
  mode 0640
  # variables ejabberd_hosts: ejabberd_hosts
  variables ejabberd_hosts: ["10.1.1.113"],
            stun_turn_port: node["kosmos-ejabberd"]["stun_turn_port"],
            turn_min_port: node["kosmos-ejabberd"]["turn_min_port"],
            turn_max_port: node["kosmos-ejabberd"]["turn_max_port"]
  notifies :reload, 'service[nginx]', :delayed
end

nginx_stream "ejabberd" do
  action :enable
end

firewall_rule "ejabberd" do
  port     [5222, 5223, 5269, 5443]
  protocol :tcp
  command  :allow
end

firewall_rule 'ejabberd_stun_turn' do
  port     node["kosmos-ejabberd"]["stun_turn_port"]
  protocol :udp
  command  :allow
end

firewall_rule 'ejabberd_turn' do
  port     node["kosmos-ejabberd"]["turn_min_port"]..node["kosmos-ejabberd"]["turn_max_port"]
  protocol :udp
  command  :allow
end