|
|
|
admins = { "{{ .Env.JICOFO_AUTH_USER }}@{{ .Env.XMPP_AUTH_DOMAIN }}" }
|
|
|
|
plugin_paths = { "/prosody-plugins/", "/prosody-plugins-custom" }
|
|
|
|
http_default_host = "{{ .Env.XMPP_DOMAIN }}"
|
|
|
|
|
|
|
|
{{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" | toBool }}
|
|
|
|
{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" }}
|
|
|
|
{{ $JWT_ASAP_KEYSERVER := .Env.JWT_ASAP_KEYSERVER | default "" }}
|
|
|
|
{{ $JWT_ALLOW_EMPTY := .Env.JWT_ALLOW_EMPTY | default "0" | toBool }}
|
|
|
|
{{ $JWT_AUTH_TYPE := .Env.JWT_AUTH_TYPE | default "token" }}
|
|
|
|
{{ $JWT_TOKEN_AUTH_MODULE := .Env.JWT_TOKEN_AUTH_MODULE | default "token_verification" }}
|
|
|
|
|
|
|
|
{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_ISSUERS }}
|
|
|
|
asap_accepted_issuers = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_ISSUERS) }}" }
|
|
|
|
{{ end }}
|
|
|
|
|
|
|
|
{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_AUDIENCES }}
|
|
|
|
asap_accepted_audiences = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_AUDIENCES) }}" }
|
|
|
|
{{ end }}
|
|
|
|
|
|
|
|
VirtualHost "{{ .Env.XMPP_DOMAIN }}"
|
|
|
|
{{ if $ENABLE_AUTH }}
|
|
|
|
{{ if eq $AUTH_TYPE "jwt" }}
|
|
|
|
authentication = "{{ $JWT_AUTH_TYPE }}"
|
|
|
|
app_id = "{{ .Env.JWT_APP_ID }}"
|
|
|
|
app_secret = "{{ .Env.JWT_APP_SECRET }}"
|
|
|
|
allow_empty_token = {{ if $JWT_ALLOW_EMPTY }}true{{ else }}false{{ end }}
|
|
|
|
{{ if $JWT_ASAP_KEYSERVER }}
|
|
|
|
asap_key_server = "{{ .Env.JWT_ASAP_KEYSERVER }}"
|
|
|
|
{{ end }}
|
|
|
|
|
|
|
|
{{ else if eq $AUTH_TYPE "ldap" }}
|
|
|
|
authentication = "cyrus"
|
|
|
|
cyrus_application_name = "xmpp"
|
|
|
|
allow_unencrypted_plain_auth = true
|
|
|
|
{{ else if eq $AUTH_TYPE "internal" }}
|
|
|
|
authentication = "internal_hashed"
|
|
|
|
{{ end }}
|
|
|
|
{{ else }}
|
|
|
|
authentication = "anonymous"
|
|
|
|
{{ end }}
|
|
|
|
ssl = {
|
|
|
|
key = "/config/certs/{{ .Env.XMPP_DOMAIN }}.key";
|
|
|
|
certificate = "/config/certs/{{ .Env.XMPP_DOMAIN }}.crt";
|
|
|
|
}
|
|
|
|
modules_enabled = {
|
|
|
|
"bosh";
|
|
|
|
"pubsub";
|
|
|
|
"ping";
|
|
|
|
{{ if .Env.XMPP_MODULES }}
|
|
|
|
"{{ join "\";\n\"" (splitList "," .Env.XMPP_MODULES) }}";
|
|
|
|
{{ end }}
|
|
|
|
{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "ldap") }}
|
|
|
|
"auth_cyrus";
|
|
|
|
{{end}}
|
|
|
|
}
|
|
|
|
|
|
|
|
c2s_require_encryption = false
|
|
|
|
|
|
|
|
{{ if and $ENABLE_AUTH (.Env.ENABLE_GUESTS | default "0" | toBool) }}
|
|
|
|
VirtualHost "{{ .Env.XMPP_GUEST_DOMAIN }}"
|
|
|
|
authentication = "anonymous"
|
|
|
|
c2s_require_encryption = false
|
|
|
|
{{ end }}
|
|
|
|
|
|
|
|
VirtualHost "{{ .Env.XMPP_AUTH_DOMAIN }}"
|
|
|
|
ssl = {
|
|
|
|
key = "/config/certs/{{ .Env.XMPP_AUTH_DOMAIN }}.key";
|
|
|
|
certificate = "/config/certs/{{ .Env.XMPP_AUTH_DOMAIN }}.crt";
|
|
|
|
}
|
|
|
|
authentication = "internal_hashed"
|
|
|
|
|
|
|
|
{{ if .Env.XMPP_RECORDER_DOMAIN }}
|
|
|
|
VirtualHost "{{ .Env.XMPP_RECORDER_DOMAIN }}"
|
|
|
|
modules_enabled = {
|
|
|
|
"ping";
|
|
|
|
}
|
|
|
|
authentication = "internal_hashed"
|
|
|
|
{{ end }}
|
|
|
|
|
|
|
|
Component "{{ .Env.XMPP_INTERNAL_MUC_DOMAIN }}" "muc"
|
|
|
|
modules_enabled = {
|
|
|
|
"ping";
|
|
|
|
{{ if .Env.XMPP_INTERNAL_MUC_MODULES }}
|
|
|
|
"{{ join "\";\n\"" (splitList "," .Env.XMPP_INTERNAL_MUC_MODULES) }}";
|
|
|
|
{{ end }}
|
|
|
|
}
|
|
|
|
storage = "memory"
|
|
|
|
muc_room_cache_size = 1000
|
|
|
|
|
|
|
|
Component "{{ .Env.XMPP_MUC_DOMAIN }}" "muc"
|
|
|
|
storage = "memory"
|
|
|
|
modules_enabled = {
|
|
|
|
{{ if .Env.XMPP_MUC_MODULES }}
|
|
|
|
"{{ join "\";\n\"" (splitList "," .Env.XMPP_MUC_MODULES) }}";
|
|
|
|
{{ end }}
|
|
|
|
{{ if eq $AUTH_TYPE "jwt" }}
|
|
|
|
"{{ $JWT_TOKEN_AUTH_MODULE }}";
|
|
|
|
{{ end }}
|
|
|
|
}
|
|
|
|
muc_room_locking = false
|
|
|
|
muc_room_default_public_jids = true
|
|
|
|
|
|
|
|
Component "focus.{{ .Env.XMPP_DOMAIN }}"
|
|
|
|
component_secret = "{{ .Env.JICOFO_COMPONENT_SECRET }}"
|
|
|
|
|