init
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Simon Bruder 2019-03-27 23:28:19 +01:00
commit 363737a2b8
4 changed files with 107 additions and 0 deletions

13
.drone.yml Normal file
View file

@ -0,0 +1,13 @@
kind: pipeline
name: default
steps:
- name: docker
image: plugins/docker
settings:
registry: r.sbruder.de
username:
from_secret: docker_username
password:
from_secret: docker_password
repo: r.sbruder.de/prosody

16
Dockerfile Normal file
View file

@ -0,0 +1,16 @@
FROM debian:buster-slim
RUN apt-get update \
&& apt-get -y install \
ca-certificates \
prosody \
prosody-modules \
tini \
&& rm -rf /var/lib/apt/lists \
&& rm /etc/prosody/certs/localhost.*
COPY prosody.cfg.lua /etc/prosody/prosody.cfg.lua
COPY entrypoint.sh /entrypoint.sh
ENTRYPOINT ["tini", "/entrypoint.sh"]

18
entrypoint.sh Executable file
View file

@ -0,0 +1,18 @@
#!/bin/bash
# certs
rm -rf /etc/prosody/fixed-certs
cp -r /etc/prosody/certs /etc/prosody/fixed-certs
find /etc/prosody/fixed-certs -type f -print0 | xargs --null -I{} mv {} {}.pem
chown -R prosody:prosody /etc/prosody/fixed-certs
# “templating”
sed -i \
-e "s/@@DOMAIN@@/${DOMAIN}/" \
-e "s/@@ADMIN_USER@@/${ADMIN_USER}/" \
-e "s/@@LDAP_SERVER@@/${LDAP_SERVER}/" \
-e "s/@@LDAP_BASE@@/${LDAP_BASE}/" \
-e "s/@@LDAP_USER@@/${LDAP_USER}/" \
-e "s/@@LDAP_PASSWORD@@/${LDAP_PASSWORD}/" \
/etc/prosody/prosody.cfg.lua
exec prosody

60
prosody.cfg.lua Normal file
View file

@ -0,0 +1,60 @@
daemonize = false
admins = { "@@ADMIN_USER@@@@@DOMAIN@@" }
modules_enabled = {
"roster";
"saslauth";
"tls";
"dialback";
"disco";
"carbons";
"pep";
"private";
"blocklist";
"vcard";
"version";
"uptime";
"time";
"ping";
"mam";
"adhoc";
"admin_adhoc";
--"bosh";
--"websocket";
}
modules_disabled = {
"posix";
}
c2s_require_encryption = true
s2s_require_encryption = true
authentication = "ldap"
ldap_server = "@@LDAP_SERVER@@"
ldap_base = "@@LDAP_BASE@@"
ldap_rootdn = "@@LDAP_USER@@"
ldap_password = "@@LDAP_PASSWORD@@"
ldap_tls = true
archive_expires_after = "never"
log = {
warn = "*console";
}
certificates = "fixed-certs"
http_ports = { 5280 }
https_ports = { }
-- VirtualHosts
VirtualHost "@@DOMAIN@@"
Component "muc.@@DOMAIN@@" "muc"
Component "jabber.@@DOMAIN@@" "http_upload"
http_external_url = "https://jabber.@@DOMAIN@@/"
http_upload_file_size_limit = 10485760 -- 10 MiB