xmpp: make the auth XMPP domain configurable

2018-03-28 08:42:09 +02:00 · 2018-03-28 08:42:09 +02:00 · 80a2a13b5e
parent 916788fd1c
commit 80a2a13b5e
7 changed files with 12 additions and 7 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -27,6 +27,7 @@ services:
            - ${CONFIG}/prosody:/config
        environment:
            - XMPP_DOMAIN
+            - XMPP_AUTH_DOMAIN
            - JICOFO_COMPONENT_SECRET
            - JVB_COMPONENT_SECRET
            - JICOFO_AUTH_USER
@ -44,6 +45,7 @@ services:
            - ${CONFIG}/jicofo:/config
        environment:
            - XMPP_DOMAIN
+            - XMPP_AUTH_DOMAIN
            - XMPP_SERVER=xmpp.meet.jitsi
            - JICOFO_COMPONENT_SECRET
            - JICOFO_AUTH_USER
@ -63,6 +65,7 @@ services:
        environment:
            - DOCKER_HOST_ADDRESS
            - XMPP_DOMAIN
+            - XMPP_AUTH_DOMAIN
            - XMPP_SERVER=xmpp.meet.jitsi
            - JVB_COMPONENT_SECRET
            - JVB_STUN_SERVERS
--- a/env.example
+++ b/env.example
@ -1,6 +1,7 @@
 CONFIG=~/tmp-cfg
 TZ=Europe/Amsterdam
 XMPP_DOMAIN=meet.jitsi
+XMPP_AUTH_DOMAIN=meet.jitsi
 JVB_COMPONENT_SECRET=s3cr3t
 JVB_STUN_SERVERS=stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302
 JICOFO_COMPONENT_SECRET=s3cr37
--- a/jicofo/rootfs/etc/services.d/jicofo/run
+++ b/jicofo/rootfs/etc/services.d/jicofo/run
@ -3,7 +3,7 @@
 JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=config"
 DAEMON=/usr/share/jicofo/jicofo.sh
 DAEMON_DIR=/usr/share/jicofo/
-DAEMON_OPTS="--domain=$XMPP_DOMAIN --host=$XMPP_SERVER --secret=$JICOFO_COMPONENT_SECRET --user_name=$JICOFO_AUTH_USER --user_domain="auth.$XMPP_DOMAIN" --user_password=$JICOFO_AUTH_PASSWORD"
+DAEMON_OPTS="--domain=$XMPP_DOMAIN --host=$XMPP_SERVER --secret=$JICOFO_COMPONENT_SECRET --user_name=$JICOFO_AUTH_USER --user_domain="$XMPP_AUTH_DOMAIN" --user_password=$JICOFO_AUTH_PASSWORD"

 exec s6-setuidgid jicofo /bin/bash -c "cd $DAEMON_DIR; JAVA_SYS_PROPS=\"$JAVA_SYS_PROPS\" exec $DAEMON $DAEMON_OPTS"

--- a/jvb/rootfs/defaults/sip-communicator.properties
+++ b/jvb/rootfs/defaults/sip-communicator.properties
@ -1,4 +1,4 @@
-org.jitsi.videobridge.AUTHORIZED_SOURCE_REGEXP=${JICOFO_AUTH_USER}@auth.${XMPP_DOMAIN}/.*
+org.jitsi.videobridge.AUTHORIZED_SOURCE_REGEXP=${JICOFO_AUTH_USER}@${XMPP_AUTH_DOMAIN}/.*
 org.jitsi.videobridge.TCP_HARVESTER_PORT=4443
 org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=${JVB_STUN_SERVERS}
 org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=
--- a/jvb/rootfs/etc/cont-init.d/10-config
+++ b/jvb/rootfs/etc/cont-init.d/10-config
@ -4,6 +4,7 @@ if [[ ! -f /config/sip-communicator.properties ]]; then
    cp /defaults/sip-communicator.properties /config
    sed -i \
        -e "s,\${XMPP_DOMAIN},$XMPP_DOMAIN,g" \
+        -e "s,\${XMPP_AUTH_DOMAIN},$XMPP_AUTH_DOMAIN,g" \
        -e "s,\${JICOFO_AUTH_USER},$JICOFO_AUTH_USER,g" \
        -e "s#\${JVB_STUN_SERVERS}#$JVB_STUN_SERVERS#g" \
        /config/sip-communicator.properties
--- a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua
+++ b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua
@ -14,7 +14,7 @@ VirtualHost "${XMPP_DOMAIN}"

        c2s_require_encryption = false

-VirtualHost "auth.${XMPP_DOMAIN}"
+VirtualHost "${XMPP_AUTH_DOMAIN}"
    ssl = {
        key = "/config/certs/auth.${XMPP_DOMAIN}.key";
        certificate = "/config/certs/auth.${XMPP_DOMAIN}.crt";
--- a/prosody/rootfs/etc/cont-init.d/10-config
+++ b/prosody/rootfs/etc/cont-init.d/10-config
@ -1,6 +1,5 @@
 #!/usr/bin/with-contenv bash

-AUTH_XMPP_DOMAIN="auth.$XMPP_DOMAIN"
 PROSODY_CFG="/config/prosody.cfg.lua"

 if [[ ! -d /config/data ]]; then
@ -12,10 +11,11 @@ if [[ ! -f $PROSODY_CFG ]]; then
    cp -r /defaults/* /config
    sed -i \
        -e "s,\${XMPP_DOMAIN},$XMPP_DOMAIN,g" \
+        -e "s,\${XMPP_AUTH_DOMAIN},$XMPP_AUTH_DOMAIN,g" \
        -e "s,\${JICOFO_COMPONENT_SECRET},$JICOFO_COMPONENT_SECRET,g" \
        -e "s,\${JVB_COMPONENT_SECRET},$JVB_COMPONENT_SECRET,g" \
        /config/conf.d/jitsi-meet.cfg.lua
-    prosodyctl --config $PROSODY_CFG register $JICOFO_AUTH_USER $AUTH_XMPP_DOMAIN $JICOFO_AUTH_PASSWORD
+    prosodyctl --config $PROSODY_CFG register $JICOFO_AUTH_USER $XMPP_AUTH_DOMAIN $JICOFO_AUTH_PASSWORD
 fi

 mkdir /config/certs
@ -25,9 +25,9 @@ if [[ ! -f /config/certs/$XMPP_DOMAIN.crt ]]; then
    echo | prosodyctl --config $PROSODY_CFG cert generate $XMPP_DOMAIN
 fi

-if [[ ! -f /config/certs/$AUTH_XMPP_DOMAIN.crt ]]; then
+if [[ ! -f /config/certs/$XMPP_AUTH_DOMAIN.crt ]]; then
    # echo for using all default values
-    echo | prosodyctl --config $PROSODY_CFG cert generate $AUTH_XMPP_DOMAIN
+    echo | prosodyctl --config $PROSODY_CFG cert generate $XMPP_AUTH_DOMAIN
 fi

 # certs vill be created in /var/lib/prosody