| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 |
- #!/usr/bin/with-contenv bash
- if [[ ! -f /etc/saslauthd.conf ]] && [[ "$AUTH_TYPE" == "ldap" ]]; then
- tpl /defaults/saslauthd.conf > /etc/saslauthd.conf
- mkdir -pm777 /var/run/saslauthd
- adduser prosody sasl
- echo >> /etc/ldap/ldap.conf "TLS_REQCERT allow"
- fi
- PROSODY_CFG="/config/prosody.cfg.lua"
- if [[ ! -d /config/data ]]; then
- mkdir -pm 750 /config/data
- fi
- if [[ "$(stat -c %U /config)" != "prosody" ]]; then
- chown -R prosody /config
- fi
- if [[ "$(stat -c %U /prosody-plugins)" != "prosody" ]]; then
- chown -R prosody /prosody-plugins
- fi
- if [[ "$(stat -c %U /prosody-plugins-custom)" != "prosody" ]]; then
- chown -R prosody /prosody-plugins-custom
- fi
- if [[ "$(stat -c %U /prosody-plugins-contrib)" != "prosody" ]]; then
- chown -R prosody /prosody-plugins-contrib
- fi
- mkdir /config/certs
- cp -r /defaults/* /config
- [ -z "$PROSODY_MODE" ] && export PROSODY_MODE="client"
- if [[ "$PROSODY_MODE" == "visitors" ]]; then
- echo "Prosody visitor mode, using alternate config"
- PROSODY_SITE_CFG="visitors.cfg.lua"
- rm /config/conf.d/jitsi-meet.cfg.lua
- rm /config/conf.d/brewery.cfg.lua
- # force jicofo into auth domain for visitor-mode prosody
- [ -z "$XMPP_AUTH_DOMAIN" ] && XMPP_AUTH_DOMAIN="auth.meet.jitsi"
- export PROSODY_ADMINS="focus@$XMPP_AUTH_DOMAIN"
- elif [[ "$PROSODY_MODE" == "brewery" ]]; then
- echo "Prosody brewery mode, using alternate config"
- PROSODY_SITE_CFG="brewery.cfg.lua"
- rm /config/conf.d/jitsi-meet.cfg.lua
- rm /config/conf.d/visitors.cfg.lua
- # force jicofo into auth domain for brewer prosody
- [ -z "$JVB_XMPP_AUTH_DOMAIN" ] && JVB_XMPP_AUTH_DOMAIN="auth.meet.jitsi"
- # ensure proper certs are generated
- export XMPP_AUTH_DOMAIN="$JVB_XMPP_AUTH_DOMAIN"
- # brewery mode requires C2S encryption
- export PROSODY_C2S_REQUIRE_ENCRYPTION="true"
- mkdir -p /config/rules.d
- tpl /defaults/rules.d/jvb_muc_presence_filter.pfw > /config/rules.d/jvb_muc_presence_filter.pfw
- else
- echo "Prosody normal mode, using default config"
- PROSODY_SITE_CFG="jitsi-meet.cfg.lua"
- rm /config/conf.d/visitors.cfg.lua
- rm /config/conf.d/brewery.cfg.lua
- fi
- tpl /defaults/prosody.cfg.lua > $PROSODY_CFG
- tpl /defaults/conf.d/$PROSODY_SITE_CFG > /config/conf.d/$PROSODY_SITE_CFG
- # Defaults
- [ -z "${JIBRI_RECORDER_USER}" ] && export JIBRI_RECORDER_USER=recorder
- [ -z "${JIBRI_XMPP_USER}" ] && export JIBRI_XMPP_USER=jibri
- [ -z "${XMPP_DOMAIN}" ] && export XMPP_DOMAIN=meet.jitsi
- [ -z "${XMPP_AUTH_DOMAIN}" ] && export XMPP_AUTH_DOMAIN=auth.meet.jitsi
- if [[ "$PROSODY_MODE" == "visitors" ]]; then
- [ -z "$VISITORS_XMPP_DOMAIN" ] && VISITORS_XMPP_DOMAIN="meet.jitsi"
- [ -z "$PROSODY_VISITOR_INDEX" ] && PROSODY_VISITOR_INDEX=0
- FULL_VISITORS_XMPP_DOMAIN="v$PROSODY_VISITOR_INDEX.$VISITORS_XMPP_DOMAIN"
- if [[ ! -f /config/certs/$FULL_VISITORS_XMPP_DOMAIN.crt ]]; then
- # echo for using all default values
- echo | prosodyctl --config $PROSODY_CFG cert generate $FULL_VISITORS_XMPP_DOMAIN
- fi
- elif [[ "$PROSODY_MODE" == "brewery" ]]; then
- echo "No need to generate certs for main XMPP domain in brewery mode"
- else
- if [[ ! -f /config/certs/$XMPP_DOMAIN.crt ]]; then
- # echo for using all default values
- echo | prosodyctl --config $PROSODY_CFG cert generate $XMPP_DOMAIN
- fi
- fi
- if [[ ! -f /config/certs/$XMPP_AUTH_DOMAIN.crt ]]; then
- # echo for using all default values
- echo | prosodyctl --config $PROSODY_CFG cert generate $XMPP_AUTH_DOMAIN
- fi
- # certs will be created in /config/data
- mv /config/data/*.{crt,key} /config/certs/ || true
- rm -f /config/data/*.cnf
|
