commit 363737a2b85837940a005328ba4373ce843e88d2
Author: Simon Bruder <simon@sbruder.de>
Date:   Wed Mar 27 23:28:19 2019 +0100

    init

diff --git a/.drone.yml b/.drone.yml
new file mode 100644
index 0000000..92650fe
--- /dev/null
+++ b/.drone.yml
@@ -0,0 +1,13 @@
+kind: pipeline
+name: default
+
+steps:
+  - name: docker
+    image: plugins/docker
+    settings:
+      registry: r.sbruder.de
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      repo: r.sbruder.de/prosody
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..92b053b
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,16 @@
+FROM debian:buster-slim
+
+RUN apt-get update \
+    && apt-get -y install \
+        ca-certificates \
+        prosody \
+        prosody-modules \
+        tini \
+    && rm -rf /var/lib/apt/lists \
+    && rm /etc/prosody/certs/localhost.*
+
+COPY prosody.cfg.lua /etc/prosody/prosody.cfg.lua
+
+COPY entrypoint.sh /entrypoint.sh
+
+ENTRYPOINT ["tini", "/entrypoint.sh"]
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100755
index 0000000..65b691c
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+# certs
+rm -rf /etc/prosody/fixed-certs
+cp -r /etc/prosody/certs /etc/prosody/fixed-certs
+find /etc/prosody/fixed-certs -type f -print0 | xargs --null -I{} mv {} {}.pem
+chown -R prosody:prosody /etc/prosody/fixed-certs
+
+# “templating”
+sed -i \
+    -e "s/@@DOMAIN@@/${DOMAIN}/" \
+    -e "s/@@ADMIN_USER@@/${ADMIN_USER}/" \
+    -e "s/@@LDAP_SERVER@@/${LDAP_SERVER}/" \
+    -e "s/@@LDAP_BASE@@/${LDAP_BASE}/" \
+    -e "s/@@LDAP_USER@@/${LDAP_USER}/" \
+    -e "s/@@LDAP_PASSWORD@@/${LDAP_PASSWORD}/" \
+    /etc/prosody/prosody.cfg.lua
+
+exec prosody
diff --git a/prosody.cfg.lua b/prosody.cfg.lua
new file mode 100644
index 0000000..5adef46
--- /dev/null
+++ b/prosody.cfg.lua
@@ -0,0 +1,60 @@
+daemonize = false
+
+admins = { "@@ADMIN_USER@@@@@DOMAIN@@" }
+
+modules_enabled = {
+		"roster";
+		"saslauth";
+		"tls";
+		"dialback";
+		"disco";
+		"carbons";
+		"pep";
+		"private";
+		"blocklist";
+		"vcard";
+		"version";
+		"uptime";
+		"time";
+		"ping";
+		"mam";
+        "adhoc";
+		"admin_adhoc";
+		--"bosh";
+		--"websocket";
+}
+
+modules_disabled = {
+	"posix";
+}
+
+c2s_require_encryption = true
+s2s_require_encryption = true
+
+authentication = "ldap"
+ldap_server = "@@LDAP_SERVER@@"
+ldap_base = "@@LDAP_BASE@@"
+ldap_rootdn = "@@LDAP_USER@@"
+ldap_password = "@@LDAP_PASSWORD@@"
+ldap_tls = true
+
+archive_expires_after = "never"
+
+log = {
+	warn = "*console";
+}
+
+certificates = "fixed-certs"
+
+http_ports = { 5280 }
+https_ports = {  }
+
+-- VirtualHosts
+
+VirtualHost "@@DOMAIN@@"
+
+Component "muc.@@DOMAIN@@" "muc"
+
+Component "jabber.@@DOMAIN@@" "http_upload"
+    http_external_url = "https://jabber.@@DOMAIN@@/"
+    http_upload_file_size_limit = 10485760 -- 10 MiB