xmpp: make the auth XMPP domain configurable
This commit is contained in:
parent
916788fd1c
commit
80a2a13b5e
|
@ -27,6 +27,7 @@ services:
|
|||
- ${CONFIG}/prosody:/config
|
||||
environment:
|
||||
- XMPP_DOMAIN
|
||||
- XMPP_AUTH_DOMAIN
|
||||
- JICOFO_COMPONENT_SECRET
|
||||
- JVB_COMPONENT_SECRET
|
||||
- JICOFO_AUTH_USER
|
||||
|
@ -44,6 +45,7 @@ services:
|
|||
- ${CONFIG}/jicofo:/config
|
||||
environment:
|
||||
- XMPP_DOMAIN
|
||||
- XMPP_AUTH_DOMAIN
|
||||
- XMPP_SERVER=xmpp.meet.jitsi
|
||||
- JICOFO_COMPONENT_SECRET
|
||||
- JICOFO_AUTH_USER
|
||||
|
@ -63,6 +65,7 @@ services:
|
|||
environment:
|
||||
- DOCKER_HOST_ADDRESS
|
||||
- XMPP_DOMAIN
|
||||
- XMPP_AUTH_DOMAIN
|
||||
- XMPP_SERVER=xmpp.meet.jitsi
|
||||
- JVB_COMPONENT_SECRET
|
||||
- JVB_STUN_SERVERS
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
CONFIG=~/tmp-cfg
|
||||
TZ=Europe/Amsterdam
|
||||
XMPP_DOMAIN=meet.jitsi
|
||||
XMPP_AUTH_DOMAIN=meet.jitsi
|
||||
JVB_COMPONENT_SECRET=s3cr3t
|
||||
JVB_STUN_SERVERS=stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302
|
||||
JICOFO_COMPONENT_SECRET=s3cr37
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=config"
|
||||
DAEMON=/usr/share/jicofo/jicofo.sh
|
||||
DAEMON_DIR=/usr/share/jicofo/
|
||||
DAEMON_OPTS="--domain=$XMPP_DOMAIN --host=$XMPP_SERVER --secret=$JICOFO_COMPONENT_SECRET --user_name=$JICOFO_AUTH_USER --user_domain="auth.$XMPP_DOMAIN" --user_password=$JICOFO_AUTH_PASSWORD"
|
||||
DAEMON_OPTS="--domain=$XMPP_DOMAIN --host=$XMPP_SERVER --secret=$JICOFO_COMPONENT_SECRET --user_name=$JICOFO_AUTH_USER --user_domain="$XMPP_AUTH_DOMAIN" --user_password=$JICOFO_AUTH_PASSWORD"
|
||||
|
||||
exec s6-setuidgid jicofo /bin/bash -c "cd $DAEMON_DIR; JAVA_SYS_PROPS=\"$JAVA_SYS_PROPS\" exec $DAEMON $DAEMON_OPTS"
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
org.jitsi.videobridge.AUTHORIZED_SOURCE_REGEXP=${JICOFO_AUTH_USER}@auth.${XMPP_DOMAIN}/.*
|
||||
org.jitsi.videobridge.AUTHORIZED_SOURCE_REGEXP=${JICOFO_AUTH_USER}@${XMPP_AUTH_DOMAIN}/.*
|
||||
org.jitsi.videobridge.TCP_HARVESTER_PORT=4443
|
||||
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=${JVB_STUN_SERVERS}
|
||||
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=
|
||||
|
|
|
@ -4,6 +4,7 @@ if [[ ! -f /config/sip-communicator.properties ]]; then
|
|||
cp /defaults/sip-communicator.properties /config
|
||||
sed -i \
|
||||
-e "s,\${XMPP_DOMAIN},$XMPP_DOMAIN,g" \
|
||||
-e "s,\${XMPP_AUTH_DOMAIN},$XMPP_AUTH_DOMAIN,g" \
|
||||
-e "s,\${JICOFO_AUTH_USER},$JICOFO_AUTH_USER,g" \
|
||||
-e "s#\${JVB_STUN_SERVERS}#$JVB_STUN_SERVERS#g" \
|
||||
/config/sip-communicator.properties
|
||||
|
|
|
@ -14,7 +14,7 @@ VirtualHost "${XMPP_DOMAIN}"
|
|||
|
||||
c2s_require_encryption = false
|
||||
|
||||
VirtualHost "auth.${XMPP_DOMAIN}"
|
||||
VirtualHost "${XMPP_AUTH_DOMAIN}"
|
||||
ssl = {
|
||||
key = "/config/certs/auth.${XMPP_DOMAIN}.key";
|
||||
certificate = "/config/certs/auth.${XMPP_DOMAIN}.crt";
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
#!/usr/bin/with-contenv bash
|
||||
|
||||
AUTH_XMPP_DOMAIN="auth.$XMPP_DOMAIN"
|
||||
PROSODY_CFG="/config/prosody.cfg.lua"
|
||||
|
||||
if [[ ! -d /config/data ]]; then
|
||||
|
@ -12,10 +11,11 @@ if [[ ! -f $PROSODY_CFG ]]; then
|
|||
cp -r /defaults/* /config
|
||||
sed -i \
|
||||
-e "s,\${XMPP_DOMAIN},$XMPP_DOMAIN,g" \
|
||||
-e "s,\${XMPP_AUTH_DOMAIN},$XMPP_AUTH_DOMAIN,g" \
|
||||
-e "s,\${JICOFO_COMPONENT_SECRET},$JICOFO_COMPONENT_SECRET,g" \
|
||||
-e "s,\${JVB_COMPONENT_SECRET},$JVB_COMPONENT_SECRET,g" \
|
||||
/config/conf.d/jitsi-meet.cfg.lua
|
||||
prosodyctl --config $PROSODY_CFG register $JICOFO_AUTH_USER $AUTH_XMPP_DOMAIN $JICOFO_AUTH_PASSWORD
|
||||
prosodyctl --config $PROSODY_CFG register $JICOFO_AUTH_USER $XMPP_AUTH_DOMAIN $JICOFO_AUTH_PASSWORD
|
||||
fi
|
||||
|
||||
mkdir /config/certs
|
||||
|
@ -25,9 +25,9 @@ if [[ ! -f /config/certs/$XMPP_DOMAIN.crt ]]; then
|
|||
echo | prosodyctl --config $PROSODY_CFG cert generate $XMPP_DOMAIN
|
||||
fi
|
||||
|
||||
if [[ ! -f /config/certs/$AUTH_XMPP_DOMAIN.crt ]]; then
|
||||
if [[ ! -f /config/certs/$XMPP_AUTH_DOMAIN.crt ]]; then
|
||||
# echo for using all default values
|
||||
echo | prosodyctl --config $PROSODY_CFG cert generate $AUTH_XMPP_DOMAIN
|
||||
echo | prosodyctl --config $PROSODY_CFG cert generate $XMPP_AUTH_DOMAIN
|
||||
fi
|
||||
|
||||
# certs vill be created in /var/lib/prosody
|
||||
|
|
Loading…
Reference in New Issue