DevOps/ansible-role-ejabberd
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Eric Meehan
2026-02-06 14:49:53 -05:00
commit 50b3aaf8ba
11 changed files with 742 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
tasks/.main.yml.swp Normal file
View File

Binary file not shown.

610
tasks/main.yml Normal file
View File

@@ -0,0 +1,610 @@
#SPDX-License-Identifier: MIT-0
---
# tasks file for ansible-role-ejabberd
- name: namespace
k8s:
state: present
definition:
apiVersion: v1
kind: Namespace
metadata:
name: "{{ ejabberd_namespace }}"
- name: certificate
k8s:
state: present
definition:
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: ssl
namespace: "{{ ejabberd_namespace }}"
spec:
secretName: ssl
privateKey:
algorithm: RSA
encoding: PKCS1
size: 2048
duration: 2160h # 90d
renewBefore: 360h # 15d
isCA: false
usages:
- server auth
- client auth
subject:
organizations:
- EOM
commonName: eom.dev
dnsNames:
- ejabberd.eom.dev
issuerRef:
name: ca-issuer
kind: ClusterIssuer
- name: configmap
k8s:
state: present
definition:
apiVersion: v1
kind: ConfigMap
metadata:
name: config
namespace: "{{ ejabberd_namespace }}"
data:
ejabberd.yml: "{{ lookup('template', 'ejabberd.yml.j2') }}"
- name: pvc for data
k8s:
state: present
definition:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
namespace: "{{ ejabberd_namespace }}"
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "{{ ejabberd_pvc_size_data }}"
- name: pvc for db
k8s:
state: present
definition:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: db
namespace: "{{ ejabberd_namespace }}"
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "{{ ejabberd_pvc_size_db }}"
- name: deployment for ejabberd
k8s:
definition:
apiVersion: v1
kind: Deployment
metadata:
name: ejabberd
namespace: "{{ ejabberd_namespace }}"
spec:
replicas: 1
selector:
matchLabels:
app: ejabberd
template:
metadata:
labels:
app: ejabberd
spec:
containers:
- name: ejabberd
image: ejabberd/ecs
env:
- name: EJABBERD_MACRO_ADMIN
value: "{{ ejabberd_macro_admin }}"
- name: EJABBERD_MACRO_PASSWORD
value: "{{ ejabberd_macro_password }}"
volumeMounts:
- name: certs
mountPath: /etc/letsencrypt
- name: config
mountPath: /opt/ejabberd/conf/ejabberd.yml
subPath: ejabberd.yml
- name: data
mountPath: /opt/ejabberd/upload
- name: db
mountPath: /opt/ejabberd/database
ports:
- containerPort: 5222
- containerPort: 5269
- containerPort: 5280
- containerPort: 5443
- containerPort: 1880
- containerPort: 1883
- containerPort: 50000
- containerPort: 50001
- containerPort: 50002
- containerPort: 50003
- containerPort: 50004
- containerPort: 50005
- containerPort: 50006
- containerPort: 50007
- containerPort: 50008
- containerPort: 50009
- containerPort: 50010
- containerPort: 50011
- containerPort: 50012
- containerPort: 50013
- containerPort: 50014
- containerPort: 50015
- containerPort: 50016
- containerPort: 50017
- containerPort: 50018
- containerPort: 50019
- containerPort: 50020
- containerPort: 50021
- containerPort: 50022
- containerPort: 50023
- containerPort: 50024
- containerPort: 50025
- containerPort: 50026
- containerPort: 50027
- containerPort: 50028
- containerPort: 50029
- containerPort: 50030
- containerPort: 50031
- containerPort: 50032
- containerPort: 50033
- containerPort: 50034
- containerPort: 50035
- containerPort: 50036
- containerPort: 50037
- containerPort: 50038
- containerPort: 50039
- containerPort: 50040
- containerPort: 50041
- containerPort: 50042
- containerPort: 50043
- containerPort: 50044
- containerPort: 50045
- containerPort: 50046
- containerPort: 50047
- containerPort: 50048
- containerPort: 50049
- containerPort: 50050
- containerPort: 50051
- containerPort: 50052
- containerPort: 50053
- containerPort: 50054
- containerPort: 50055
- containerPort: 50056
- containerPort: 50057
- containerPort: 50058
- containerPort: 50059
- containerPort: 50060
- containerPort: 50061
- containerPort: 50062
- containerPort: 50063
- containerPort: 50064
- containerPort: 50065
- containerPort: 50066
- containerPort: 50067
- containerPort: 50068
- containerPort: 50069
- containerPort: 50070
- containerPort: 50071
- containerPort: 50072
- containerPort: 50073
- containerPort: 50074
- containerPort: 50075
- containerPort: 50076
- containerPort: 50077
- containerPort: 50078
- containerPort: 50079
- containerPort: 50080
- containerPort: 50081
- containerPort: 50082
- containerPort: 50083
- containerPort: 50084
- containerPort: 50085
- containerPort: 50086
- containerPort: 50087
- containerPort: 50088
- containerPort: 50089
- containerPort: 50090
- containerPort: 50091
- containerPort: 50092
- containerPort: 50093
- containerPort: 50094
- containerPort: 50095
- containerPort: 50096
- containerPort: 50097
- containerPort: 50098
- containerPort: 50099
- containerPort: 5210
- containerPort: 4369
- containerPort: 4370
- containerPort: 4371
- containerPort: 4372
- containerPort: 4373
- containerPort: 4374
- containerPort: 4375
- containerPort: 4376
- containerPort: 4377
- containerPort: 4378
- containerPort: 4379
- containerPort: 4380
- containerPort: 4381
- containerPort: 4382
- containerPort: 4383
- containerPort: 4384
- containerPort: 4385
- containerPort: 4386
- containerPort: 4387
- containerPort: 4388
- containerPort: 4389
- containerPort: 4390
- containerPort: 4391
- containerPort: 4392
- containerPort: 4393
- containerPort: 4394
- containerPort: 4395
- containerPort: 4396
- containerPort: 4397
- containerPort: 4398
- containerPort: 4399
volumes:
- name: data
persistentVolumeClaim:
claimName: data
- name: config
configMap:
name: config
- name: db
persistentVolumeClaim:
claimName: db
- name: service for ejabberd
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: ejabberd
namespace: "{{ ejabberd_namespace }}"
spec:
selector:
app: ejabberd
ports:
- port: 5222
name: xmpp
- port: 5269
name: federation
- port: 5280
name: admin
- port: 5443
name: http
- port: 1880
name: admin2
- port: 1883
name: mqtt
- port: 5478
name: stun
- port: 50000
name: turn50000
- port: 50001
name: turn50001
- port: 50002
name: turn50002
- port: 50003
name: turn50003
- port: 50004
name: turn50004
- port: 50005
name: turn50005
- port: 50006
name: turn50006
- port: 50007
name: turn50007
- port: 50008
name: turn50008
- port: 50009
name: turn50009
- port: 50010
name: turn50010
- port: 50011
name: turn50011
- port: 50012
name: turn50012
- port: 50013
name: turn50013
- port: 50014
name: turn50014
- port: 50015
name: turn50015
- port: 50016
name: turn50016
- port: 50017
name: turn50017
- port: 50018
name: turn50018
- port: 50019
name: turn50019
- port: 50020
name: turn50020
- port: 50021
name: turn50021
- port: 50022
name: turn50022
- port: 50023
name: turn50023
- port: 50024
name: turn50024
- port: 50025
name: turn50025
- port: 50026
name: turn50026
- port: 50027
name: turn50027
- port: 50028
name: turn50028
- port: 50029
name: turn50029
- port: 50030
name: turn50030
- port: 50031
name: turn50031
- port: 50032
name: turn50032
- port: 50033
name: turn50033
- port: 50034
name: turn50034
- port: 50035
name: turn50035
- port: 50036
name: turn50036
- port: 50037
name: turn50037
- port: 50038
name: turn50038
- port: 50039
name: turn50039
- port: 50040
name: turn50040
- port: 50041
name: turn50041
- port: 50042
name: turn50042
- port: 50043
name: turn50043
- port: 50044
name: turn50044
- port: 50045
name: turn50045
- port: 50046
name: turn50046
- port: 50047
name: turn50047
- port: 50048
name: turn50048
- port: 50049
name: turn50049
- port: 50050
name: turn50050
- port: 50051
name: turn50051
- port: 50052
name: turn50052
- port: 50053
name: turn50053
- port: 50054
name: turn50054
- port: 50055
name: turn50055
- port: 50056
name: turn50056
- port: 50057
name: turn50057
- port: 50058
name: turn50058
- port: 50059
name: turn50059
- port: 50060
name: turn50060
- port: 50061
name: turn50061
- port: 50062
name: turn50062
- port: 50063
name: turn50063
- port: 50064
name: turn50064
- port: 50065
name: turn50065
- port: 50066
name: turn50066
- port: 50067
name: turn50067
- port: 50068
name: turn50068
- port: 50069
name: turn50069
- port: 50070
name: turn50070
- port: 50071
name: turn50071
- port: 50072
name: turn50072
- port: 50073
name: turn50073
- port: 50074
name: turn50074
- port: 50075
name: turn50075
- port: 50076
name: turn50076
- port: 50077
name: turn50077
- port: 50078
name: turn50078
- port: 50079
name: turn50079
- port: 50080
name: turn50080
- port: 50081
name: turn50081
- port: 50082
name: turn50082
- port: 50083
name: turn50083
- port: 50084
name: turn50084
- port: 50085
name: turn50085
- port: 50086
name: turn50086
- port: 50087
name: turn50087
- port: 50088
name: turn50088
- port: 50089
name: turn50089
- port: 50090
name: turn50090
- port: 50091
name: turn50091
- port: 50092
name: turn50092
- port: 50093
name: turn50093
- port: 50094
name: turn50094
- port: 50095
name: turn50095
- port: 50096
name: turn50096
- port: 50097
name: turn50097
- port: 50098
name: turn50098
- port: 50099
name: turn50099
- port: 7777
name: socks5
- port: 5210
name: erlang
- port: 4369
name: epmd4369
- port: 4370
name: epmd4370
- port: 4371
name: epmd4371
- port: 4372
name: epmd4372
- port: 4373
name: epmd4373
- port: 4374
name: epmd4374
- port: 4375
name: epmd4375
- port: 4376
name: epmd4376
- port: 4377
name: epmd4377
- port: 4378
name: epmd4378
- port: 4379
name: epmd4379
- port: 4380
name: epmd4380
- port: 4381
name: epmd4381
- port: 4382
name: epmd4382
- port: 4383
name: epmd4383
- port: 4384
name: epmd4384
- port: 4385
name: epmd4385
- port: 4386
name: epmd4386
- port: 4387
name: epmd4387
- port: 4388
name: epmd4388
- port: 4389
name: epmd4389
- port: 4390
name: epmd4390
- port: 4391
name: epmd4391
- port: 4392
name: epmd4392
- port: 4393
name: epmd4393
- port: 4394
name: epmd4394
- port: 4395
name: epmd4395
- port: 4396
name: epmd4396
- port: 4397
name: epmd4397
- port: 4398
name: epmd4398
- port: 4399
name: epmd4399
type: LoadBalancer
- name: onionservice
k8s:
definition:
apiVersion: tor.k8s.torproject.org/v1alpha2
kind: OnionService
metadata:
name: ejabberd
namespace: "{{ ejabberd_namespace }}"
spec:
version: 3
rules:
- port:
number: 5222
backend:
service:
name: ejabberd
port:
number: 5222
- name: ingress
k8s:
state: present
definition:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: ca-issuer
name: ejabberd
namespace: "{{ ejabberd_namespace }}"
spec:
ingressClassName: nginx
rules:
- host: ejabberd.eom.dev
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: ejabberd
port:
number: 5280