This commit is contained in:
commit
363737a2b8
13
.drone.yml
Normal file
13
.drone.yml
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
kind: pipeline
|
||||
name: default
|
||||
|
||||
steps:
|
||||
- name: docker
|
||||
image: plugins/docker
|
||||
settings:
|
||||
registry: r.sbruder.de
|
||||
username:
|
||||
from_secret: docker_username
|
||||
password:
|
||||
from_secret: docker_password
|
||||
repo: r.sbruder.de/prosody
|
||||
16
Dockerfile
Normal file
16
Dockerfile
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
FROM debian:buster-slim
|
||||
|
||||
RUN apt-get update \
|
||||
&& apt-get -y install \
|
||||
ca-certificates \
|
||||
prosody \
|
||||
prosody-modules \
|
||||
tini \
|
||||
&& rm -rf /var/lib/apt/lists \
|
||||
&& rm /etc/prosody/certs/localhost.*
|
||||
|
||||
COPY prosody.cfg.lua /etc/prosody/prosody.cfg.lua
|
||||
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
|
||||
ENTRYPOINT ["tini", "/entrypoint.sh"]
|
||||
18
entrypoint.sh
Executable file
18
entrypoint.sh
Executable file
|
|
@ -0,0 +1,18 @@
|
|||
#!/bin/bash
|
||||
# certs
|
||||
rm -rf /etc/prosody/fixed-certs
|
||||
cp -r /etc/prosody/certs /etc/prosody/fixed-certs
|
||||
find /etc/prosody/fixed-certs -type f -print0 | xargs --null -I{} mv {} {}.pem
|
||||
chown -R prosody:prosody /etc/prosody/fixed-certs
|
||||
|
||||
# “templating”
|
||||
sed -i \
|
||||
-e "s/@@DOMAIN@@/${DOMAIN}/" \
|
||||
-e "s/@@ADMIN_USER@@/${ADMIN_USER}/" \
|
||||
-e "s/@@LDAP_SERVER@@/${LDAP_SERVER}/" \
|
||||
-e "s/@@LDAP_BASE@@/${LDAP_BASE}/" \
|
||||
-e "s/@@LDAP_USER@@/${LDAP_USER}/" \
|
||||
-e "s/@@LDAP_PASSWORD@@/${LDAP_PASSWORD}/" \
|
||||
/etc/prosody/prosody.cfg.lua
|
||||
|
||||
exec prosody
|
||||
60
prosody.cfg.lua
Normal file
60
prosody.cfg.lua
Normal file
|
|
@ -0,0 +1,60 @@
|
|||
daemonize = false
|
||||
|
||||
admins = { "@@ADMIN_USER@@@@@DOMAIN@@" }
|
||||
|
||||
modules_enabled = {
|
||||
"roster";
|
||||
"saslauth";
|
||||
"tls";
|
||||
"dialback";
|
||||
"disco";
|
||||
"carbons";
|
||||
"pep";
|
||||
"private";
|
||||
"blocklist";
|
||||
"vcard";
|
||||
"version";
|
||||
"uptime";
|
||||
"time";
|
||||
"ping";
|
||||
"mam";
|
||||
"adhoc";
|
||||
"admin_adhoc";
|
||||
--"bosh";
|
||||
--"websocket";
|
||||
}
|
||||
|
||||
modules_disabled = {
|
||||
"posix";
|
||||
}
|
||||
|
||||
c2s_require_encryption = true
|
||||
s2s_require_encryption = true
|
||||
|
||||
authentication = "ldap"
|
||||
ldap_server = "@@LDAP_SERVER@@"
|
||||
ldap_base = "@@LDAP_BASE@@"
|
||||
ldap_rootdn = "@@LDAP_USER@@"
|
||||
ldap_password = "@@LDAP_PASSWORD@@"
|
||||
ldap_tls = true
|
||||
|
||||
archive_expires_after = "never"
|
||||
|
||||
log = {
|
||||
warn = "*console";
|
||||
}
|
||||
|
||||
certificates = "fixed-certs"
|
||||
|
||||
http_ports = { 5280 }
|
||||
https_ports = { }
|
||||
|
||||
-- VirtualHosts
|
||||
|
||||
VirtualHost "@@DOMAIN@@"
|
||||
|
||||
Component "muc.@@DOMAIN@@" "muc"
|
||||
|
||||
Component "jabber.@@DOMAIN@@" "http_upload"
|
||||
http_external_url = "https://jabber.@@DOMAIN@@/"
|
||||
http_upload_file_size_limit = 10485760 -- 10 MiB
|
||||
Reference in a new issue