ejabberd: Manual merge from parameterize branch

ejabberd/manifests/init.pp

@@ -1,111 +1,175 @@
 # Install ejabberd.
 #
-# === Global variables
+# === Parameters
 #
-#   $ejabberd_hosts:
+#   $collab:
+#       Boolean for enabling collab integration. Defaults to false.
+#
+#   $package:
+#       Ejabberd package source. Required for collab integration.
+#
+#   $hosts:
 #       Array of domains serverd by ejabberd. Defaults to [ "$homename" ].
 #
-#   $ejabberd_admin:
+#   $admins:
 #       Array of users with admin privileges.
 #
-#   $ejabberd_ssl_key:
+#   $webhosts:
-#       Path to SSL private key.
+#       Array of BOSH virtual hosts.
 #
-#   $ejabberd_ssl_cert:
+#   $auth:
-#       Path to SSL certificate.
-#
-#   $ejabberd_ssl_chain:
-#       Path to SSL certificate chain.
-#
-#   $ejabberd_muclog_datadir:
-#       Path where to store chatroom logs. Disabled by default.
-#
-#   $ejabberd_muclog_format:
-#       Chatroom log format. Valid values html or plaintext.
-#
-#   $ejabberd_auth:
 #       Authentication method or array of multiple methods.
 #       Valid values internal, external or ldap. Defaults to internal.
 #
-#   $ejabberd_extauth:
+#   $extauth:
 #       Path to external authentication command.
 #
-#   $ejabberd_ldap_server:
+#   $muclog_datadir:
+#       Path where to store chatroom logs. Disabled by default.
+#
+#   $muclog_format:
+#       Chatroom log format. Valid values html or plaintext.
+#
+#   $ssl_key:
+#       Path to SSL private key.
+#
+#   $ssl_cert:
+#       Path to SSL certificate.
+#
+#   $ssl_chain:
+#       Path to SSL certificate chain.
+#
+#   $ldap_server:
 #       Array of LDAP authentication servers.
 #
-#   $ejabberd_ldap_basedn:
+#   $ldap_basedn:
 #       LDAP base dn.
 #
-#   $ejabberd_ldap_encrypt:
+#   $ldap_encrypt:
 #       LDAP encryption. Defaults to "tls".
 #
-#   $ejabberd_ldap_port:
+#   $ldap_port:
 #       LDAP port. Defaults to 636.
 #
-#   $ejabberd_ldap_uidattr:
+#   $ldap_uid:
 #       LDAP UID attribute. Defaults to "uid".
 #
-#   $ejabberd_ldap_binddn:
+#   $ldap_rootdn:
 #       Optional bind DN.
 #
-#   $ejabberd_ldap_bindpw:
+#   $ldap_password:
 #       Bind DN password.
 #
-class ejabberd {
+class ejabberd(
+    $collab=false,
+    $package=undef,
+    $hosts=[$::homename],
+    $admins=[],
+    $webhosts=undef,
+    $auth="internal",
+    $extauth=undef,
+    $muclog_datadir=undef,
+    $muclog_format="plaintext",
+    $ssl_key="${::puppet_ssldir}/private_keys/${::homename}.pem",
+    $ssl_cert="${::puppet_ssldir}/certs/${::homename}.pem",
+    $ssl_chain=undef,
+    $ldap_server=undef,
+    $ldap_basedn=undef,
+    $ldap_encrypt="tls",
+    $ldap_port="636",
+    $ldap_uid="uid",
+    $ldap_rootdn=undef,
+    $ldap_password=undef
+) {
 
     include user::system
     realize(User["ejabberd"], Group["ejabberd"])
 
-    if !$ejabberd_hosts {
+    if ! ($muclog_format in [ "html", "plaintext" ]) {
-        $ejabberd_hosts = [ $homename ]
+        fail("Invalid value ${muclog_format} for muclog_format")
-    }
-    if !$ejabberd_admin {
-        $ejabberd_admin = []
-    }
-    if !$ejabberd_auth {
-        $ejabberd_auth = "internal"
     }
 
-    if !$ejabberd_ldap_encrypt {
+    case $::operatingsystem {
-        $ejabberd_ldap_encrypt = "tls"
+        "centos","redhat","fedora": {
-    }
+            $package_provider = "rpm"
-    if !$ejabberd_ldap_port {
+            package { ["erlang", "erlang-esasl"]:
-        $ejabberd_ldap_port = "636"
+                ensure => installed,
-    }
+                before => Package["ejabberd"],
-    if !$ejabberd_ldap_uidattr {
+            }
-        $ejabberd_ldap_uidattr = "uid"
+        }
+        "debian","ubuntu": {
+            $package_provider = "dpkg"
+            package { ["erlang", "erlang-base"]:
+                ensure => installed,
+                before => Package["ejabberd"],
+            }
+        }
+        default: { }
     }
 
-    case $ejabberd_muclog_format {
+    if $collab == true {
-        "","html","plaintext": { }
+        if ! $package {
-        default: {
+            fail("Must define package for collab integration")
-            fail("Invalid value ${ejabberd_muclog_format} for \$ejabberd_muclog_format.")
+        }
+
+        file { "/usr/local/src/${package}":
+            ensure => present,
+            mode   => "0644",
+            owner  => "root",
+            group  => "root",
+            source => "puppet:///files/packages/${package}",
+            before => Package["ejabberd"],
+        }
+
+        Package["ejabberd"] {
+            provider => $package_provider,
+            source   => "/usr/local/src/${package}",
+        }
+
+        exec { "usermod-ejabberd":
+            path    => "/bin:/usr/bin:/sbin:/usr/sbin",
+            command => "usermod -a -G collab ejabberd",
+            unless  => "id -n -G ejabberd | grep '\\bcollab\\b'",
+            require => [ User["ejabberd"], Group["collab"] ],
+            notify  => Service["ejabberd"],
+        }
+
+        Service["ejabberd"] {
+            require => Class["wiki::collab"],
+        }
+
+        if $muclog_datadir {
+            file { $muclog_datadir:
+                ensure  => directory,
+                mode    => "2770",
+                owner   => "collab",
+                group   => "collab",
+                require => User["collab"],
+                before  => Service["ejabberd"],
+            }
         }
     }
 
     package { "ejabberd":
-        ensure  => installed,
+        ensure  => $collab ? {
+            true    => latest,
+            default => installed,
+        },
         require => [ User["ejabberd"], Group["ejabberd"] ],
     }
 
     service { "ejabberd":
-        ensure => running,
+        ensure  => running,
-        enable => true,
+        enable  => true,
-        status => "ejabberdctl status >/dev/null",
+        status  => "ejabberdctl status >/dev/null",
+        restart => "ejabberdctl restart >/dev/null",
     }
 
     include ssl
 
-    if !$ejabberd_ssl_key {
-        $ejabberd_ssl_key = "${puppet_ssldir}/private_keys/${homename}.pem"
-    }
-    if !$ejabberd_ssl_cert {
-        $ejabberd_ssl_cert = "${puppet_ssldir}/certs/${homename}.pem"
-    }
-
     file { "${ssl::private}/ejabberd.key":
         ensure => present,
-        source => $ejabberd_ssl_key,
+        source => $ssl_key,
         mode   => "0600",
         owner  => "root",
         group  => "root",
@@ -113,16 +177,16 @@ class ejabberd {
     }
     file { "${ssl::certs}/ejabberd.crt":
         ensure => present,
-        source => $ejabberd_ssl_cert,
+        source => $ssl_cert,
         mode   => "0644",
         owner  => "root",
         group  => "root",
         notify => Exec["generate-ejabberd-pem"],
     }
-    if $ejabberd_ssl_chain {
+    if $ssl_chain {
         file { "${ssl::certs}/ejabberd.chain.crt":
             ensure => present,
-            source => $ejabberd_ssl_chain,
+            source => $ssl_chain,
             mode   => "0644",
             owner  => "root",
             group  => "root",
@@ -164,24 +228,17 @@ class ejabberd {
         "debian", "ubuntu": {
             augeas { "set-ejabberd-default":
                 context => "/files/etc/default/ejabberd",
-                changes => [ "set POLL true",
+                changes => [ "set POLL true", "set SMP auto" ],
-                             "set SMP auto", ],
+                require => Package["ejabberd"],
                 notify  => Service["ejabberd"],
             }
         }
+        default: { }
     }
 
     $htdocs = "/usr/share/ejabberd/htdocs"
 
-    define configwebhost($htdocs) {
+    if $webhosts {
-        file { "/srv/www/https/${name}/bosh":
-            ensure  => link,
-            target  => $htdocs,
-            require => File["/srv/www/https/${name}"],
-        }
-    }
-
-    if $ejabberd_webhosts {
         include apache::mod::proxy
         include apache::mod::proxy_http
         include apache::mod::rewrite
@@ -213,7 +270,7 @@ class ejabberd {
             proto => "tcp",
         }
 
-        configwebhost { $ejabberd_webhosts:
+        ejabberd::configwebhost { $webhosts:
             htdocs => $htdocs,
         }
     }
@@ -221,68 +278,14 @@ class ejabberd {
 }
 
 
-# Install ejabberd with collab customizations.
+# Enable bosh on virtual host.
 #
-# === Global variables
+define ejabberd::configwebhost($htdocs) {
-#
-#   $ejabberd_package:
-#       Name of ejabberd package with collab patches.
-#
-class ejabberd::collab inherits ejabberd {
 
-    if !$ejabberd_package {
+    file { "/srv/www/https/${name}/bosh":
-        fail("Must define \$ejabberd_package")
+        ensure  => link,
-    }
+        target  => $htdocs,
-
+        require => File["/srv/www/https/${name}"],
-    exec { "usermod-ejabberd":
-        path    => "/bin:/usr/bin:/sbin:/usr/sbin",
-        command => "usermod -a -G collab ejabberd",
-        unless  => "id -n -G ejabberd | grep '\\bcollab\\b'",
-        require => [ User["ejabberd"], Group["collab"] ],
-    }
-
-    case $::operatingsystem {
-        "centos","redhat","fedora": {
-            package { ["erlang", "erlang-esasl"]:
-                ensure => installed,
-                before => Package["ejabberd"],
-            }
-        }
-        "debian","ubuntu": {
-            package { ["erlang", "erlang-base"]:
-                ensure => installed,
-                before => Package["ejabberd"],
-            }
-        }
-    }
-    file { "/usr/local/src/${ejabberd_package}":
-        ensure => present,
-        mode   => "0644",
-        owner  => "root",
-        group  => "root",
-        source => "puppet:///files/packages/${ejabberd_package}",
-        before => Package["ejabberd"],
-    }
-    Package["ejabberd"] {
-        provider => $::operatingsystem ? {
-            "centos" => "rpm",
-            "redhat" => "rpm",
-            "fedora" => "rpm",
-            "debian" => "dpkg",
-            "ubuntu" => "dpkg",
-        },
-        source   => "/usr/local/src/${ejabberd_package}",
-    }
-
-    if $ejabberd_muclog_datadir {
-        file { $ejabberd_muclog_datadir:
-            ensure  => directory,
-            mode    => "2770",
-            owner   => "collab",
-            group   => "collab",
-            require => User["collab"],
-            before  => Service["ejabberd"],
-        }
     }
 
 }
@@ -290,40 +293,35 @@ class ejabberd::collab inherits ejabberd {
 
 # Install ejabberd backup cron script.
 #
-# === Global variables
+# === Parameters
 #
-#   $ejabberd_backup_datadir:
+#   $datadir:
-#       Path where to store the backups.
+#       Path where to store the backups. Defaults to "/srv/ejabberd-backup".
 #
-class ejabberd::backup {
+class ejabberd::backup($datadir="/srv/ejabberd-backup") {
 
-    if ! $ejabberd_backup_datadir {
+    file { $datadir:
-        $ejabberd_backup_datadir = "/srv/ejabberd-backup"
+        ensure => directory,
-    }
+        mode   => "0700",
-
+        owner  => "root",
-    file { $ejabberd_backup_datadir:
+        group  => "root",
-        ensure  => directory,
-        mode    => "0700",
-        owner   => "root",
-        group   => "root",
     }
 
     file { "/usr/local/sbin/ejabberd-backup":
         ensure  => present,
-        content => template("ejabberd/ejabberd-backup.erb"),
         mode    => "0755",
         owner   => "root",
         group   => "root",
+        content => template("ejabberd/ejabberd-backup.erb"),
     }
 
     cron { "ejabberd-backup":
         ensure  => present,
         command => "/usr/local/sbin/ejabberd-backup",
         user    => "root",
-        minute  => 15,
+        minute  => "15",
-        hour    => 21,
+        hour    => "21",
-        require => File[ $ejabberd_backup_datadir,
+        require => File[$datadir, "/usr/local/sbin/ejabberd-backup"],
-                         "/usr/local/sbin/ejabberd-backup" ],
     }
 
 }

ejabberd/templates/ejabberd-backup.erb

@@ -25,7 +25,7 @@
 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-DESTDIR="<%= @ejabberd_backup_datadir %>"
+DESTDIR="<%= @datadir %>"
 
 if [ ! -d ${DESTDIR} ]; then
     echo "ERR: ejabberd backup directory [${DESTDIR}] does not exist" 1>&2

ejabberd/templates/ejabberd.cfg.erb

@@ -89,8 +89,8 @@ override_acls.
 %% You can define one or several, for example:
 %% {hosts, ["example.net", "example.com", "example.org"]}.
 %%
-<% @ejabberd_hosts.map! { |host| '"%s"' % host } -%>
+<% @hosts.map! { |host| '"%s"' % host } -%>
-{hosts, [<%= @ejabberd_hosts.join(", ") %>]}.
+{hosts, [<%= @hosts.join(", ") %>]}.
 
 %%
 %% route_subdomains: Delegate subdomains to other XMPP servers.
@@ -213,25 +213,25 @@ override_acls.
 %%%.   ==============
 %%%'   AUTHENTICATION
 
-<% if @ejabberd_auth.is_a?(Array) -%>
+<% if @auth.is_a?(Array) -%>
-{auth_method, [<%= @ejabberd_auth.join(", ") %>]}.
+{auth_method, [<%= @auth.join(", ") %>]}.
 <% else -%>
-{auth_method, <%= @ejabberd_auth %>}.
+{auth_method, <%= @auth %>}.
 <% end -%>
-<% if @ejabberd_extauth -%>
+<% if @extauth -%>
-{extauth_program, "<%= @ejabberd_extauth %>"}.
+{extauth_program, "<%= @extauth %>"}.
 <% end -%>
-<% if @ejabberd_ldap_server -%>
+<% if @ldap_server -%>
-<% @ejabberd_ldap_server.map! { |server| '"%s"' % server } -%>
+<% @ldap_server.map! { |server| '"%s"' % server } -%>
-{ldap_servers, [<%= @ejabberd_ldap_server.join(", ") %>]}.
+{ldap_servers, [<%= @ldap_server.join(", ") %>]}.
-{ldap_base, "<%= @ejabberd_ldap_basedn %>"}.
+{ldap_base, "<%= @ldap_basedn %>"}.
-{ldap_encrypt, <%= @ejabberd_ldap_encrypt %>}.
+{ldap_encrypt, <%= @ldap_encrypt %>}.
-{ldap_port, <%= @ejabberd_ldap_port %>}.
+{ldap_port, <%= @ldap_port %>}.
-{ldap_uids, [{"<%= @ejabberd_ldap_uidattr %>", "%u"}]}.
+{ldap_uids, [{"<%= @ldap_uid %>", "%u"}]}.
 {ldap_filter, "(!(loginShell=/sbin/nologin))"}.
-<%   if @ejabberd_ldap_binddn -%>
+<%   if @ldap_rootdn and @ldap_password -%>
-{ldap_rootdn, "<%= @ejabberd_ldap_binddn %>"}.
+{ldap_rootdn, "<%= @ldap_rootdn %>"}.
-{ldap_password, "<%= @ejabberd_ldap_bindpw %>"}.
+{ldap_password, "<%= @ldap_password %>"}.
 <%   end -%>
 <% end -%>
 
@@ -391,7 +391,7 @@ override_acls.
 %%
 %%{acl, admin, {user, "aleksey", "localhost"}}.
 %%{acl, admin, {user, "ermine", "example.org"}}.
-<% @ejabberd_admin.each do |admin|
+<% @admins.each do |admin|
 user, host = admin.split("@") -%>
 {acl, admin, {user, "<%= user %>", "<%= host %>"}}.
 <% end -%>
@@ -429,7 +429,7 @@ user, host = admin.split("@") -%>
 %%%'   ACCESS RULES
 
 %% Maximum number of simultaneous sessions allowed for a single user:
-{access, max_user_sessions, [{100, all}]}.
+{access, max_user_sessions, [{1000, all}]}.
 
 %% Maximum number of offline messages that users can have:
 {access, max_user_offline_messages, [{5000, admin}, {100, all}]}.
@@ -558,25 +558,22 @@ user, host = admin.split("@") -%>
 		      {allow_user_invites, true},
 		      {anonymous, false},
 		      {public, false},
-<% if @ejabberd_muclog_datadir -%>
+<% if @muclog_datadir -%>
-		      {logging, true}
+		      {logging, true},
 <% else -%>
-		      {logging, false}
+		      {logging, false},
 <% end -%>
+		      {max_users, 1000}
 		    ]
 		  }
 		 ]},
   %%{mod_muc_log,[]},
-<% if @ejabberd_muclog_datadir -%>
+<% if @muclog_datadir -%>
   {mod_muc_log,  [
-		  {access_log, muc},
+		  {access_log, muc_admin},
-		  {outdir, "<%= @ejabberd_muclog_datadir %>"},
+		  {file_format, <%= @muclog_format %>},
-		  {dirtype, subdirs},
+		  {outdir, "<%= @muclog_datadir %>"},
-<% if @ejabberd_muclog_format -%>
+		  {timezone, universal}
-		  {file_format, <%= @ejabberd_muclog_format %>},
-<% end -%>
-		  {cssfile, false},
-		  {top_link, {"/jabber-logs/", "Back to Logs"}}
 		 ]},
 <% end -%>
   {mod_offline,  [{access_max_user_messages, max_user_offline_messages}]},