Fully operational on Debian Stretch

FORMULA

@@ -0,0 +1,10 @@
+name: prosody
+os: Debian, Ubuntu
+os_family: Debian
+version: 0.5.0
+release: 1
+minimum_version: 2016.11.2
+summary: Formula for installing and configuring Prosody XMPP server
+description: Formula for installing and configuring Prosody XMPP server.
+	Configuration enables (by default.yaml):
+  - TLS for client to server and server to server connections

README.md

@@ -1,2 +1,12 @@
 # saltstack-prosody-formula
 Formula for installing and configuring Prosody XMPP server with Saltstack
+
+See the full [Salt Formulas installation and usage 
+instructions](https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html).
+
+## Usage
+See pillar.example and defaults.yaml for example configuration.
+
+## Testing
+Tested with:
+* Debian Stretch (9.0)

pillar.example

@@ -0,0 +1,6 @@
+# For more vriables available then those below please have a look into
+#   prosody/defaults.yaml file
+prosody:
+  vhost: xmpp.mydomain.com
+  ssl_cert_path: /etc/prosody/certs/fullchain1.pem
+  ssl_key_path: /etc/prosody/certs/privkey1.pem

prosody/config.sls

@@ -0,0 +1,30 @@
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{% from "prosody/map.jinja" import prosody with context %}
+
+prosody-config-augeas:
+  augeas.change:
+    - context: /files/etc/prosody/prosody.cfg.lua
+    - changes:
+      - set c2s_require_encryption {{prosody.c2s_encryption}}
+      - set s2s_secure_auth {{prosody.s2s_sec_auth}}
+#    - watch_in:
+#      - service: prosody
+
+/etc/prosody/prosody.cfg.lua:
+  file.uncomment:
+    - char: --
+    - regex: s2s_insecure_domains
+#    - watch_in:
+#      - service: prosody
+
+/etc/prosody/conf.avail/xmpp.{{prosody.vhost}}.cfg.lua:
+  file.managed:
+    - template: jinja
+    - source: salt://prosody/files/vhost.cfg.lua.jinja
+    - mode: 755
+    - require:
+      - pkg: prosody
+#    - watch_in:
+#      - service: prosody

prosody/defaults.yaml

@@ -0,0 +1,9 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+prosody:
+  package: prosody
+  vhost: example.org
+  ssl_cert_path: /etc/prosody/certs/localhost.crt
+  ssl_key_path: /etc/prosody/certs/localhost.key
+  c2s_encryption: true
+  s2s_sec_auth: true

prosody/files/vhost.cfg.lua.jinja

@@ -0,0 +1,15 @@
+{% from "prosody/map.jinja" import prosody with context -%}
+VirtualHost "{{prosody.vhost}}"
+        enabled = true
+        ssl = {
+            key = "{{prosody.ssl_key_path}}";
+            certificate = "{{prosody.ssl_cert_path}}";
+        }
+
+Component "conference.{{prosody.vhost}}" "muc"
+        restrict_room_creation = "local"
+
+modules_enabled = {
+	-- listening on 5582
+	"admin_telnet"; -- Enable mod_admin_telnet
+}

prosody/init.sls

@@ -0,0 +1,6 @@
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+  - prosody.install
+  - prosody.config

prosody/install.sls

@@ -0,0 +1,8 @@
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{% from "prosody/map.jinja" import prosody with context %}
+
+prosody-server:
+  pkg.installed:
+    - name: {{prosody.package}}

prosody/map.jinja

@@ -0,0 +1,34 @@
+# -*- coding: utf-8 -*-
+# vim: ft=jinja
+
+{## Start with  defaults from defaults.sls ##}
+{% import_yaml 'prosody/defaults.yaml' as default_settings %}
+
+{##
+Setup variable using grains['os_family'] based logic, only add key:values
+here that differ from whats in defaults.yaml
+##}
+{%
+  set os_family_map = salt['grains.filter_by'](
+    {
+      'Debian'  : {},
+      'Suse'    : {},
+      'Arch'    : {},
+      'RedHat'  : {},
+      'FreeBSD' : {},
+    },
+    grain="os_family",
+    merge=salt['pillar.get']('prosody:lookup')
+  )
+%}
+{## Merge the flavor_map to the default settings ##}
+{% do default_settings.prosody.update(os_family_map) %}
+
+{## Merge in prosody:lookup pillar ##}
+{%
+  set prosody = salt['pillar.get'](
+    'prosody',
+    default=default_settings.prosody,
+    merge=True
+  )
+%}