feat(prosody): import
This commit is contained in:
parent
b80f0665e2
commit
5174a4a581
|
@ -0,0 +1,48 @@
|
||||||
|
FROM reg.zknt.org/zknt/alpine:3.17 as builder
|
||||||
|
|
||||||
|
ARG VERSION
|
||||||
|
ENV VERSION=0.12.2
|
||||||
|
ENV LUA_VERSION=5.3
|
||||||
|
|
||||||
|
RUN set -eo pipefail; \
|
||||||
|
apk add --no-cache curl gnupg lua${LUA_VERSION} lua${LUA_VERSION}-dev make alpine-sdk lua-bitop lua${LUA_VERSION}-dbi-mysql lua${LUA_VERSION}-dbi-postgresql lua${LUA_VERSION}-dbi-sqlite3 lua-expat lua-filesystem lua-sec lua-socket lua${LUA_VERSION}-lzlib libidn-dev libressl-dev linux-headers icu-dev icu-data-full
|
||||||
|
RUN set -xeo pipefail; \
|
||||||
|
curl -LO https://prosody.im/downloads/source/prosody-${VERSION}.tar.gz &&\
|
||||||
|
curl -LO https://prosody.im/downloads/source/prosody-${VERSION}.tar.gz.asc &&\
|
||||||
|
#gpg --keyserver keys.openpgp.org --receive 32A9EDDE3609931EB98CEAC315907E8E7BDD6BFE &&\
|
||||||
|
#gpg --verify prosody-${VERSION}.tar.gz.asc prosody-${VERSION}.tar.gz &&\
|
||||||
|
tar xvzf prosody-${VERSION}.tar.gz
|
||||||
|
WORKDIR prosody-${VERSION}
|
||||||
|
RUN set -xeo pipefail; \
|
||||||
|
./configure &&\
|
||||||
|
make &&\
|
||||||
|
make install &&\
|
||||||
|
# now fetch community modules
|
||||||
|
cd &&\
|
||||||
|
apk add --no-cache mercurial &&\
|
||||||
|
hg clone 'https://hg.prosody.im/prosody-modules/' prosody-modules
|
||||||
|
|
||||||
|
FROM reg.zknt.org/zknt/alpine:3.17
|
||||||
|
ENV LUA_VERSION=5.3
|
||||||
|
ARG VERSION
|
||||||
|
ARG DATE
|
||||||
|
COPY --from=builder /usr/local /usr/local
|
||||||
|
COPY --from=builder /root/prosody-modules/mod_vcard_muc /community_modules/mod_vcard_muc
|
||||||
|
COPY --from=builder /root/prosody-modules/mod_smacks /community_modules/mod_smacks
|
||||||
|
COPY --from=builder /root/prosody-modules/mod_cloud_notify /community_modules/mod_cloud_notify
|
||||||
|
COPY --from=builder /root/prosody-modules/mod_bookmarks /community_modules/mod_bookmarks
|
||||||
|
COPY --from=builder /root/prosody-modules/mod_http_upload /community_modules/mod_http_upload
|
||||||
|
COPY --from=builder /root/prosody-modules/mod_http_upload_external /community_modules/mod_http_upload_external
|
||||||
|
COPY --from=builder /root/prosody-modules/mod_turncredentials /community_modules/mod_turncredentials
|
||||||
|
RUN set -eo pipefail;\
|
||||||
|
apk add --no-cache gettext ca-certificates libidn lua${LUA_VERSION} lua-bitop lua-sec libressl lua-filesystem lua-expat lua-socket icu icu-data-full &&\
|
||||||
|
addgroup -g 9999 prosody &&\
|
||||||
|
adduser -D -G prosody -u 9999 prosody &&\
|
||||||
|
chown -R prosody:prosody /usr/local/etc/prosody /usr/local/var/lib/prosody
|
||||||
|
COPY prosody.cfg.template /prosody.cfg.template
|
||||||
|
COPY entrypoint.sh /entrypoint.sh
|
||||||
|
USER prosody
|
||||||
|
VOLUME /usr/local/var/lib/prosody /usr/local/etc/prosody/certs
|
||||||
|
EXPOSE 5269 5222 5223
|
||||||
|
ENTRYPOINT /entrypoint.sh
|
||||||
|
LABEL version.prosody=$VERSION build.date=$DATE
|
|
@ -0,0 +1,4 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
envsubst < /prosody.cfg.template > /usr/local/etc/prosody/prosody.cfg.lua
|
||||||
|
prosody
|
|
@ -0,0 +1,109 @@
|
||||||
|
admins = { "$SERVER_ADMIN" }
|
||||||
|
|
||||||
|
plugin_paths = { "/community_modules" }
|
||||||
|
|
||||||
|
contact_info = {
|
||||||
|
abuse = { "xmpp:$SERVER_ADMIN" };
|
||||||
|
admin = { "xmpp:$SERVER_ADMIN" };
|
||||||
|
security = { "xmpp:$SERVER_ADMIN" };
|
||||||
|
}
|
||||||
|
|
||||||
|
modules_enabled = {
|
||||||
|
"roster";
|
||||||
|
"saslauth";
|
||||||
|
"tls";
|
||||||
|
"dialback";
|
||||||
|
"disco";
|
||||||
|
|
||||||
|
-- recommended
|
||||||
|
"carbons";
|
||||||
|
"pep";
|
||||||
|
"private";
|
||||||
|
"blocklist";
|
||||||
|
"vcard4";
|
||||||
|
"vcard_legacy";
|
||||||
|
|
||||||
|
"version"; -- Replies to server version requests
|
||||||
|
"uptime"; -- Report how long server has been running
|
||||||
|
"time"; -- Let others know the time here on this server
|
||||||
|
"ping"; -- Replies to XMPP pings with pongs
|
||||||
|
--"register"; -- Allow users to register on this server using a client and change passwords
|
||||||
|
"mam";
|
||||||
|
"csi_simple";
|
||||||
|
|
||||||
|
-- Admin interfaces
|
||||||
|
"admin_adhoc";
|
||||||
|
|
||||||
|
-- HTTP modules
|
||||||
|
--"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
|
||||||
|
--"websocket"; -- XMPP over WebSockets
|
||||||
|
--"http_files"; -- Serve static files from a directory over HTTP
|
||||||
|
|
||||||
|
-- Other specific functionality
|
||||||
|
--"limits"; -- Enable bandwidth limiting for XMPP connections
|
||||||
|
--"groups"; -- Shared roster support
|
||||||
|
"server_contact_info";
|
||||||
|
--"announce"; -- Send announcement to all online users
|
||||||
|
--"welcome"; -- Welcome users who register accounts
|
||||||
|
--"watchregistrations"; -- Alert admins of registrations
|
||||||
|
--"motd"; -- Send a message to users when they log in
|
||||||
|
--"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
|
||||||
|
"proxy65";
|
||||||
|
"bookmarks";
|
||||||
|
"turncredentials";
|
||||||
|
|
||||||
|
"smacks";
|
||||||
|
"cloud_notify";
|
||||||
|
}
|
||||||
|
|
||||||
|
allow_registration = false
|
||||||
|
c2s_require_encryption = true
|
||||||
|
s2s_require_encryption = true
|
||||||
|
s2s_secure_auth = true
|
||||||
|
legacy_ssl_ports = { 5223 }
|
||||||
|
|
||||||
|
--s2s_insecure_domains = { $INSECURE_DOMAINS }
|
||||||
|
|
||||||
|
authentication = "internal_hashed"
|
||||||
|
|
||||||
|
storage = "internal"
|
||||||
|
|
||||||
|
archive_expires_after = "2w"
|
||||||
|
|
||||||
|
log = {
|
||||||
|
"*console";
|
||||||
|
}
|
||||||
|
daemonize = false
|
||||||
|
|
||||||
|
-- Certificates
|
||||||
|
-- Every virtual host and component needs a certificate so that clients and
|
||||||
|
-- servers can securely verify its identity. Prosody will automatically load
|
||||||
|
-- certificates/keys from the directory specified here.
|
||||||
|
-- For more information, including how to use 'prosodyctl' to auto-import certificates
|
||||||
|
-- (from e.g. Let's Encrypt) see https://prosody.im/doc/certificates
|
||||||
|
|
||||||
|
-- Location of directory to find certificates in (relative to main config file):
|
||||||
|
certificates = "certs"
|
||||||
|
|
||||||
|
-- HTTPS currently only supports a single certificate, specify it here:
|
||||||
|
https_certificate = "/usr/local/etc/prosody/certs/$VIRTUAL_HOST.pem"
|
||||||
|
|
||||||
|
----------- Virtual hosts -----------
|
||||||
|
-- You need to add a VirtualHost entry for each domain you wish Prosody to serve.
|
||||||
|
-- Settings under each VirtualHost entry apply *only* to that host.
|
||||||
|
|
||||||
|
VirtualHost "$VIRTUAL_HOST"
|
||||||
|
|
||||||
|
--VirtualHost "example.com"
|
||||||
|
-- certificate = "/path/to/example.crt"
|
||||||
|
|
||||||
|
------ Components ------
|
||||||
|
-- You can specify components to add hosts that provide special services,
|
||||||
|
-- like multi-user conferences, and transports.
|
||||||
|
-- For more information on components, see https://prosody.im/doc/components
|
||||||
|
|
||||||
|
Component "conference.$VIRTUAL_HOST" "muc"
|
||||||
|
modules_enabled = { "muc_mam", "vcard_muc" }
|
||||||
|
|
||||||
|
Component "upload.$VIRTUAL_HOST" "http_upload"
|
||||||
|
http_upload_expire_after = 60 * 60 * 24 * 7 -- a week in second
|
Loading…
Reference in New Issue