31 lines
1.1 KiB
Plaintext
31 lines
1.1 KiB
Plaintext
# Generated by Chef for <%= @host[:name] %>
|
|
# FIXME: The files only exist after the certbot hook created them, meaning
|
|
# we need to run Chef a second time
|
|
<% if File.exist?("/opt/ejabberd/conf/#{@host[:name]}.crt") && File.exist?("/opt/ejabberd/conf/#{@host[:name]}.key") -%>
|
|
certfiles:
|
|
- "/opt/ejabberd/conf/<%= @host[:name] %>.crt"
|
|
- "/opt/ejabberd/conf/<%= @host[:name] %>.key"
|
|
<% end -%>
|
|
host_config:
|
|
"<%= @host[:name] %>":
|
|
sql_type: pgsql
|
|
sql_server: "<%= @sql_server %>"
|
|
sql_database: "<%= @host[:sql_database] %>"
|
|
sql_username: "ejabberd"
|
|
sql_password: "<%= @pgsql_password %>"
|
|
<% if @host[:ldap_enabled] -%>
|
|
auth_method: ldap
|
|
ldap_servers: ["<%= @ldap_server %>"]
|
|
ldap_rootdn: "<%= @ldap_rootdn %>"
|
|
ldap_password: "<%= @host[:ldap_password] %>"
|
|
ldap_encrypt: <%= @ldap_encryption_type %>
|
|
ldap_tls_verify: hard # when TLS is enabled, don't proceed if a cert is invalid
|
|
ldap_base: "ou=<%= @host[:name] %>,<%= @ldap_base %>"
|
|
ldap_filter: "(objectClass=person)"
|
|
<% end -%>
|
|
|
|
append_host_config:
|
|
"<%= @host[:name] %>":
|
|
<%= @host[:append_host_config].chomp %>
|
|
|