docker-jitsi-meet/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua

admins = { "{{ .Env.JICOFO_AUTH_USER }}@{{ .Env.XMPP_AUTH_DOMAIN }}" }
plugin_paths = { "/prosody-plugins/", "/prosody-plugins-custom" }
http_default_host = "{{ .Env.XMPP_DOMAIN }}"

{{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" | toBool }}
{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" }}
{{ $JWT_ASAP_KEYSERVER := .Env.JWT_ASAP_KEYSERVER | default "" }}
{{ $JWT_ALLOW_EMPTY := .Env.JWT_ALLOW_EMPTY | default "0" | toBool }}
{{ $JWT_AUTH_TYPE := .Env.JWT_AUTH_TYPE | default "token" }}
{{ $JWT_TOKEN_AUTH_MODULE := .Env.JWT_TOKEN_AUTH_MODULE | default "token_verification" }}

{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_ISSUERS }}
asap_accepted_issuers = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_ISSUERS) }}" }
{{ end }}

{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_AUDIENCES }}
asap_accepted_audiences = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_AUDIENCES) }}" }
{{ end }}

VirtualHost "{{ .Env.XMPP_DOMAIN }}"
{{ if $ENABLE_AUTH }}
  {{ if eq $AUTH_TYPE "jwt" }}
    authentication = "{{ $JWT_AUTH_TYPE }}"
    app_id = "{{ .Env.JWT_APP_ID }}"
    app_secret = "{{ .Env.JWT_APP_SECRET }}"
    allow_empty_token = {{ if $JWT_ALLOW_EMPTY }}true{{ else }}false{{ end }}
    {{ if $JWT_ASAP_KEYSERVER }}
    asap_key_server = "{{ .Env.JWT_ASAP_KEYSERVER }}"
    {{ end }}

    {{ else if eq $AUTH_TYPE "ldap" }}
    authentication = "cyrus"
    cyrus_application_name = "xmpp"
    allow_unencrypted_plain_auth = true
  {{ else if eq $AUTH_TYPE "internal" }}
    authentication = "internal_plain"
  {{ end }}
{{ else }}
    authentication = "anonymous"
{{ end }}
    ssl = {
        key = "/config/certs/{{ .Env.XMPP_DOMAIN }}.key";
        certificate = "/config/certs/{{ .Env.XMPP_DOMAIN }}.crt";
    }
    modules_enabled = {
        "bosh";
        "pubsub";
        "ping";
        {{ if .Env.XMPP_MODULES }}
        "{{ join "\";\n\"" (splitList "," .Env.XMPP_MODULES) }}";
        {{ end }}
        {{ if and $ENABLE_AUTH (eq $AUTH_TYPE "ldap") }}
        "auth_cyrus";
        {{end}}
    }

    c2s_require_encryption = false

{{ if and $ENABLE_AUTH (.Env.ENABLE_GUESTS | default "0" | toBool) }}
VirtualHost "{{ .Env.XMPP_GUEST_DOMAIN }}"
    authentication = "anonymous"
    c2s_require_encryption = false
{{ end }}

VirtualHost "{{ .Env.XMPP_AUTH_DOMAIN }}"
    ssl = {
        key = "/config/certs/{{ .Env.XMPP_AUTH_DOMAIN }}.key";
        certificate = "/config/certs/{{ .Env.XMPP_AUTH_DOMAIN }}.crt";
    }
    authentication = "internal_plain"

Component "{{ .Env.XMPP_INTERNAL_MUC_DOMAIN }}" "muc"
    modules_enabled = {
        "ping";
        {{ if .Env.XMPP_INTERNAL_MUC_MODULES }}
        "{{ join "\";\n\"" (splitList "," .Env.XMPP_INTERNAL_MUC_MODULES) }}";
        {{ end }}
    }
    storage = "memory"
    muc_room_cache_size = 1000

Component "{{ .Env.XMPP_MUC_DOMAIN }}" "muc"
    storage = "memory"
    modules_enabled = {
        {{ if .Env.XMPP_MUC_MODULES }}
        "{{ join "\";\n\"" (splitList "," .Env.XMPP_MUC_MODULES) }}";
        {{ end }}
        {{ if eq $AUTH_TYPE "jwt" }}
        "{{ $JWT_TOKEN_AUTH_MODULE }}";
        {{ end }}
    }

Component "focus.{{ .Env.XMPP_DOMAIN }}"
    component_secret = "{{ .Env.JICOFO_COMPONENT_SECRET }}"
core: rework templating Use frep [0] which uses the Go templating capabilities. [0]: https://github.com/subchen/frep 6 years ago			`admins = { "{{ .Env.JICOFO_AUTH_USER }}@{{ .Env.XMPP_AUTH_DOMAIN }}" }`
xmpp: add jwt authentication support 6 years ago			`plugin_paths = { "/prosody-plugins/", "/prosody-plugins-custom" }`
xmpp: add default host to prosody config 6 years ago			`http_default_host = "{{ .Env.XMPP_DOMAIN }}"`
prosody: properly name ALLOW_EMPTY variable prosody: fix check for auth type when including jwt module 5 years ago
prosody: introduce AUTH_TYPE It simplifies selecting the desired authentication type, instead of having a boolean for each. 6 years ago			`{{ $ENABLE_AUTH := .Env.ENABLE_AUTH \| default "0" \| toBool }}`
			`{{ $AUTH_TYPE := .Env.AUTH_TYPE \| default "internal" }}`
prosody: add asap keyserver, empty token 6 years ago			`{{ $JWT_ASAP_KEYSERVER := .Env.JWT_ASAP_KEYSERVER \| default "" }}`
prosody: properly name ALLOW_EMPTY variable prosody: fix check for auth type when including jwt module 5 years ago			`{{ $JWT_ALLOW_EMPTY := .Env.JWT_ALLOW_EMPTY \| default "0" \| toBool }}`
prosody: add asap keyserver, empty token 6 years ago			`{{ $JWT_AUTH_TYPE := .Env.JWT_AUTH_TYPE \| default "token" }}`
prosody: allow token auth module override 6 years ago			`{{ $JWT_TOKEN_AUTH_MODULE := .Env.JWT_TOKEN_AUTH_MODULE \| default "token_verification" }}`
prosody: introduce AUTH_TYPE It simplifies selecting the desired authentication type, instead of having a boolean for each. 6 years ago
			`{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_ISSUERS }}`
xmpp: add jwt authentication support 6 years ago			`asap_accepted_issuers = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_ISSUERS) }}" }`
			`{{ end }}`

prosody: introduce AUTH_TYPE It simplifies selecting the desired authentication type, instead of having a boolean for each. 6 years ago			`{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_AUDIENCES }}`
xmpp: add jwt authentication support 6 years ago			`asap_accepted_audiences = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_AUDIENCES) }}" }`
			`{{ end }}`

core: rework templating Use frep [0] which uses the Go templating capabilities. [0]: https://github.com/subchen/frep 6 years ago			`VirtualHost "{{ .Env.XMPP_DOMAIN }}"`
prosody: introduce AUTH_TYPE It simplifies selecting the desired authentication type, instead of having a boolean for each. 6 years ago			`{{ if $ENABLE_AUTH }}`
			`{{ if eq $AUTH_TYPE "jwt" }}`
prosody: add asap keyserver, empty token 6 years ago			`authentication = "{{ $JWT_AUTH_TYPE }}"`
xmpp: add jwt authentication support 6 years ago			`app_id = "{{ .Env.JWT_APP_ID }}"`
			`app_secret = "{{ .Env.JWT_APP_SECRET }}"`
prosody: properly name ALLOW_EMPTY variable prosody: fix check for auth type when including jwt module 5 years ago			`allow_empty_token = {{ if $JWT_ALLOW_EMPTY }}true{{ else }}false{{ end }}`
prosody: add asap keyserver, empty token 6 years ago			`{{ if $JWT_ASAP_KEYSERVER }}`
			`asap_key_server = "{{ .Env.JWT_ASAP_KEYSERVER }}"`
			`{{ end }}`

			`{{ else if eq $AUTH_TYPE "ldap" }}`
prosody: add LDAP authentication via SASL mechanism 6 years ago			`authentication = "cyrus"`
			`cyrus_application_name = "xmpp"`
			`allow_unencrypted_plain_auth = true`
prosody: introduce AUTH_TYPE It simplifies selecting the desired authentication type, instead of having a boolean for each. 6 years ago			`{{ else if eq $AUTH_TYPE "internal" }}`
xmpp: add jwt authentication support 6 years ago			`authentication = "internal_plain"`
prosody: add LDAP authentication via SASL mechanism 6 years ago			`{{ end }}`
xmpp: add jwt authentication support 6 years ago			`{{ else }}`
			`authentication = "anonymous"`
			`{{ end }}`
xmpp: add support for authentication 6 years ago			`ssl = {`
xmpp: add ability to add custom prosody modules 6 years ago			`key = "/config/certs/{{ .Env.XMPP_DOMAIN }}.key";`
			`certificate = "/config/certs/{{ .Env.XMPP_DOMAIN }}.crt";`
xmpp: add support for authentication 6 years ago			`}`
			`modules_enabled = {`
			`"bosh";`
			`"pubsub";`
			`"ping";`
xmpp: add ability to add custom prosody modules 6 years ago			`{{ if .Env.XMPP_MODULES }}`
			`"{{ join "\";\n\"" (splitList "," .Env.XMPP_MODULES) }}";`
			`{{ end }}`
prosody: introduce AUTH_TYPE It simplifies selecting the desired authentication type, instead of having a boolean for each. 6 years ago			`{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "ldap") }}`
prosody: add LDAP authentication via SASL mechanism 6 years ago			`"auth_cyrus";`
			`{{end}}`
xmpp: add support for authentication 6 years ago			`}`

			`c2s_require_encryption = false`

prosody: introduce AUTH_TYPE It simplifies selecting the desired authentication type, instead of having a boolean for each. 6 years ago			`{{ if and $ENABLE_AUTH (.Env.ENABLE_GUESTS \| default "0" \| toBool) }}`
xmpp: add support for authentication 6 years ago			`VirtualHost "{{ .Env.XMPP_GUEST_DOMAIN }}"`
			`authentication = "anonymous"`
			`c2s_require_encryption = false`
			`{{ end }}`
Initial import 7 years ago
core: rework templating Use frep [0] which uses the Go templating capabilities. [0]: https://github.com/subchen/frep 6 years ago			`VirtualHost "{{ .Env.XMPP_AUTH_DOMAIN }}"`
Initial import 7 years ago			`ssl = {`
core: rework templating Use frep [0] which uses the Go templating capabilities. [0]: https://github.com/subchen/frep 6 years ago			`key = "/config/certs/{{ .Env.XMPP_AUTH_DOMAIN }}.key";`
			`certificate = "/config/certs/{{ .Env.XMPP_AUTH_DOMAIN }}.crt";`
Initial import 7 years ago			`}`
			`authentication = "internal_plain"`

jvb: use MUC connections for the JVB 6 years ago			`Component "{{ .Env.XMPP_INTERNAL_MUC_DOMAIN }}" "muc"`
			`modules_enabled = {`
xmpp: add ability to add custom prosody modules 6 years ago			`"ping";`
			`{{ if .Env.XMPP_INTERNAL_MUC_MODULES }}`
			`"{{ join "\";\n\"" (splitList "," .Env.XMPP_INTERNAL_MUC_MODULES) }}";`
			`{{ end }}`
jvb: use MUC connections for the JVB 6 years ago			`}`
xmpp: disable storage for MUC components Fixes: https://github.com/jitsi/docker-jitsi-meet/issues/64 6 years ago			`storage = "memory"`
jvb: use MUC connections for the JVB 6 years ago			`muc_room_cache_size = 1000`
Initial import 7 years ago
jvb: use MUC connections for the JVB 6 years ago			`Component "{{ .Env.XMPP_MUC_DOMAIN }}" "muc"`
xmpp: disable storage for MUC components Fixes: https://github.com/jitsi/docker-jitsi-meet/issues/64 6 years ago			`storage = "memory"`
xmpp: add ability to add custom prosody modules 6 years ago			`modules_enabled = {`
			`{{ if .Env.XMPP_MUC_MODULES }}`
			`"{{ join "\";\n\"" (splitList "," .Env.XMPP_MUC_MODULES) }}";`
			`{{ end }}`
prosody: properly name ALLOW_EMPTY variable prosody: fix check for auth type when including jwt module 5 years ago			`{{ if eq $AUTH_TYPE "jwt" }}`
prosody: allow token auth module override 6 years ago			`"{{ $JWT_TOKEN_AUTH_MODULE }}";`
xmpp: add jwt authentication support 6 years ago			`{{ end }}`
xmpp: add ability to add custom prosody modules 6 years ago			`}`
Initial import 7 years ago
core: rework templating Use frep [0] which uses the Go templating capabilities. [0]: https://github.com/subchen/frep 6 years ago			`Component "focus.{{ .Env.XMPP_DOMAIN }}"`
			`component_secret = "{{ .Env.JICOFO_COMPONENT_SECRET }}"`
prosody: introduce AUTH_TYPE It simplifies selecting the desired authentication type, instead of having a boolean for each. 6 years ago