chef/site-cookbooks/kosmos-ejabberd/recipes/nginx.rb

#
# Cookbook:: kosmos-ejabberd
# Recipe:: nginx
#

include_recipe "kosmos-base::firewall"

ejabberd_hosts = []
search(:node, "role:ejabberd").each do |node|
  ejabberd_hosts << node["knife_zero"]["host"]
end

ejabberd_hosts.each do |ip_address|
  IPAddr.new ip_address
rescue IPAddr::InvalidAddressError
  ejabberd_hosts.delete ip_address
  next
end

openresty_stream "ejabberd" do
  template "nginx_conf_streams.erb"
  variables ejabberd_hosts: ["10.1.1.113"],
            stun_turn_port: node["ejabberd"]["stun_turn_port"],
            turn_min_port: node["ejabberd"]["turn_min_port"],
            turn_max_port: node["ejabberd"]["turn_max_port"]
  action :enable
end

firewall_rule 'ejabberd_stun_turn' do
  port     node["ejabberd"]["stun_turn_port"]
  protocol :udp
  command  :allow
end

firewall_rule 'ejabberd_turn' do
  port     node["ejabberd"]["turn_min_port"]..node["ejabberd"]["turn_max_port"]
  protocol :udp
  command  :allow
end