add docker support

5 files changed, 193 insertions, 0 deletions

diff --git a/docker/pre/01_write_certifiates_from_env.sh b/docker/pre/01_write_certifiates_from_env.sh
new file mode 100755
index 000000000..a42c2e306
--- /dev/null
+++ b/docker/pre/01_write_certifiates_from_env.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+set -e
+
+source "${EJABBERD_HOME}/docker/lib/base_config.sh"
+source "${EJABBERD_HOME}/docker/lib/config.sh"
+source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
+source "${EJABBERD_HOME}/docker/lib/functions.sh"
+
+# Instead of having to mount a direction, specify the ssl certs
+# via environment variables:
+# `EJABBERD_SSLCERT_HOST` and `EJABBERD_SSLCERT_{domain_name}`.
+# For example: `EJABBERD_SSLCERT_EXAMPLE_COM`.
+
+write_file_from_env() {
+    log "Writing $1 to $2"
+    mkdir -p "$(dirname $2)"
+    log "${!1}" > $2
+}
+
+# Write the host certificate
+is_set ${EJABBERD_SSLCERT_HOST} \
+  && write_file_from_env "EJABBERD_SSLCERT_HOST" ${SSLCERTHOST}
+
+# Write the domain certificates for each XMPP_DOMAIN
+for xmpp_domain in ${XMPP_DOMAIN} ; do
+    var="EJABBERD_SSLCERT_$(echo $xmpp_domain | awk '{print toupper($0)}' | sed 's/\./_/g;s/-/_/g')"
+    if is_set ${!var} ; then
+        file_exist "${SSLCERTDIR}/${xmpp_domain}.pem" \
+          || write_file_from_env "$var" "${SSLCERTDIR}/${xmpp_domain}.pem"
+    fi
+done
+
+
+exit 0
diff --git a/docker/pre/02_make_snakeoil_certificates.sh b/docker/pre/02_make_snakeoil_certificates.sh
new file mode 100755
index 000000000..d8eeec937
--- /dev/null
+++ b/docker/pre/02_make_snakeoil_certificates.sh
@@ -0,0 +1,75 @@
+#!/bin/bash
+set -e
+
+source "${EJABBERD_HOME}/docker/lib/base_config.sh"
+source "${EJABBERD_HOME}/docker/lib/config.sh"
+source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
+source "${EJABBERD_HOME}/docker/lib/functions.sh"
+
+
+make_snakeoil_certificate() {
+    local domain=$1
+    local certfile=$2
+
+    openssl req -subj "/CN=${domain}" \
+                -new \
+                -newkey rsa:4096 \
+                -days 365 \
+                -nodes \
+                -x509 \
+                -keyout /tmp/selfsigned.key \
+                -out /tmp/selfsigned.crt
+
+    log "Writing ssl cert and private key to '${certfile}'..."
+    cat /tmp/selfsigned.crt /tmp/selfsigned.key > ${certfile}
+    rm /tmp/selfsigned.crt /tmp/selfsigned.key
+}
+
+
+make_host_snakeoil_certificate() {
+    local IFS=@
+    local domain='localhost'
+    local erlang_node=${ERLANG_NODE}
+
+    if is_true ${erlang_node} ; then
+        domain=${HOSTNAME}
+    elif is_set ${erlang_node} ; then
+        set ${erlang_node}
+        local nodehost=$2
+        if is_zero ${nodehost} ; then
+            domain=${HOSTNAME}
+        else
+            domain=${nodehost}
+        fi
+    fi
+
+    log "Generating snakeoil ssl cert for ${domain}..."
+
+    make_snakeoil_certificate ${domain} ${SSLCERTHOST}
+}
+
+
+make_domain_snakeoil_certificate() {
+    local domain=$1
+    local certfile=$2
+
+    log "Generating snakeoil ssl cert for ${domain}..."
+
+    make_snakeoil_certificate ${domain} ${certfile}
+}
+
+
+# generate host ssl cert if missing
+file_exist ${SSLCERTHOST} \
+  || make_host_snakeoil_certificate
+
+
+# generate xmmp domain ssl certificates if missing
+for xmpp_domain in ${XMPP_DOMAIN} ; do
+  domain_certfile="${SSLCERTDIR}/${xmpp_domain}.pem"
+  file_exist ${domain_certfile} \
+    || make_domain_snakeoil_certificate ${xmpp_domain} ${domain_certfile}
+done
+
+
+exit 0
diff --git a/docker/pre/03_make_dhparam.sh b/docker/pre/03_make_dhparam.sh
new file mode 100755
index 000000000..d897b2789
--- /dev/null
+++ b/docker/pre/03_make_dhparam.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+set -e
+
+source "${EJABBERD_HOME}/docker/lib/base_config.sh"
+source "${EJABBERD_HOME}/docker/lib/config.sh"
+source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
+source "${EJABBERD_HOME}/docker/lib/functions.sh"
+
+make_dhparam() {
+	local dhfile=$1
+	local bits=$2
+
+	log "Writing dh file to '${dhfile}'..."
+	openssl dhparam -out ${dhfile} ${bits}
+}
+
+if is_true ${EJABBERD_DHPARAM} ; then
+	file_exist ${SSLDHPARAM} \
+		|| make_dhparam ${SSLDHPARAM} 4096
+fi
+
+exit 0
diff --git a/docker/pre/10_erlang_cookie.sh b/docker/pre/10_erlang_cookie.sh
new file mode 100755
index 000000000..2c08a64fb
--- /dev/null
+++ b/docker/pre/10_erlang_cookie.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+source "${EJABBERD_HOME}/docker/lib/base_config.sh"
+source "${EJABBERD_HOME}/docker/lib/config.sh"
+source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
+source "${EJABBERD_HOME}/docker/lib/functions.sh"
+
+
+set_erlang_cookie() {
+    chmod 600 ${ERLANGCOOKIEFILE}
+    log "Set erlang cookie to ${ERLANG_COOKIE}..."
+    echo ${ERLANG_COOKIE} > ${ERLANGCOOKIEFILE}
+    chmod 400 ${ERLANGCOOKIEFILE}
+}
+
+
+file_exist ${FIRST_START_DONE_FILE} \
+    && exit 0
+
+
+# set erlang cookie if ERLANG_COOKIE is set in environemt
+is_set ${ERLANG_COOKIE} \
+    && set_erlang_cookie
+
+
+exit 0
diff --git a/docker/pre/20_ejabberd_config.sh b/docker/pre/20_ejabberd_config.sh
new file mode 100755
index 000000000..230a1981b
--- /dev/null
+++ b/docker/pre/20_ejabberd_config.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+set -e
+
+source "${EJABBERD_HOME}/docker/lib/base_config.sh"
+source "${EJABBERD_HOME}/docker/lib/config.sh"
+source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
+source "${EJABBERD_HOME}/docker/lib/functions.sh"
+
+
+make_config() {
+    local filename=$1
+    local template="${CONFIGTMPDIR}/${filename}.tpl"
+    local configfile="${CONFIGDIR}/${filename}"
+
+    file_exist $configfile \
+        && return 1
+
+    if [ ! -e ${configfile} ]; then
+        log "Generating ${configfile} config file..."
+        cat $template \
+        | python -c "${PYTHON_JINJA2}" \
+        > $configfile
+    else
+        echo "File ${configfile} exists."
+    fi
+}
+
+
+# /opt/ejabberd/conf/ejabberd.yml
+make_config "ejabberd.yml"
+
+# /opt/ejabberd/conf/ejabberdctl.cfg
+make_config "ejabberdctl.cfg"
+
+
+exit 0