From 2a6788593f3a0dca7fae4983e0f3d28c108f7a39 Mon Sep 17 00:00:00 2001
From: Aaron van Meerten <aaron.van.meerten@gmail.com>
Date: Tue, 2 Jan 2024 13:39:36 -0600
Subject: [PATCH] jicofo: trusted domain list

* jicofo: always trust auth domain

* jicofo: allow trusted domain list
---
 docker-compose.yml                 |  1 +
 jicofo/rootfs/defaults/jicofo.conf | 12 ++++++++----
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index bd00452..970d767 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -341,6 +341,7 @@ services:
             - JICOFO_MAX_MEMORY
             - JICOFO_MULTI_STREAM_BACKWARD_COMPAT
             - JICOFO_OCTO_REGION
+            - JICOFO_TRUSTED_DOMAINS
             - JIBRI_BREWERY_MUC
             - JIBRI_REQUEST_RETRIES
             - JIBRI_PENDING_TIMEOUT
diff --git a/jicofo/rootfs/defaults/jicofo.conf b/jicofo/rootfs/defaults/jicofo.conf
index 5c222f8..b0fe406 100644
--- a/jicofo/rootfs/defaults/jicofo.conf
+++ b/jicofo/rootfs/defaults/jicofo.conf
@@ -7,7 +7,7 @@
 {{ $ENABLE_SCTP := .Env.ENABLE_SCTP | default "0" | toBool -}}
 {{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool -}}
 {{ $ENABLE_OCTO := .Env.ENABLE_OCTO | default "0" | toBool -}}
-{{ $ENABLE_OCTO_SCTP := .Env.ENABLE_OCTO_SCTP | default $ENABLE_SCTP | toBool -}}
+{{ $ENABLE_OCTO_SCTP := .Env.ENABLE_OCTO_SCTP | default .Env.ENABLE_SCTP | toBool -}}
 {{ $ENABLE_AUTO_LOGIN := .Env.ENABLE_AUTO_LOGIN | default "1" | toBool -}}
 {{ $ENABLE_REST := .Env.JICOFO_ENABLE_REST | default "0" | toBool -}}
 {{ $ENABLE_JVB_XMPP_SERVER := .Env.ENABLE_JVB_XMPP_SERVER | default "0" | toBool -}}
@@ -34,6 +34,10 @@
 {{ $XMPP_RECORDER_DOMAIN := .Env.XMPP_RECORDER_DOMAIN | default "recorder.meet.jitsi" -}}
 {{ $XMPP_PORT := .Env.XMPP_PORT | default "5222" -}}
 {{ $XMPP_SERVER := .Env.XMPP_SERVER | default "xmpp.meet.jitsi" -}}
+{{ $TRUSTED_DOMAIN_LIST := .Env.JICOFO_TRUSTED_DOMAINS | default ($ENABLE_RECORDING | ternary $XMPP_RECORDER_DOMAIN "") -}}
+{{ $TRUSTED_DOMAINS := splitList "," $TRUSTED_DOMAIN_LIST -}}
+{{ $ENV := .Env }}
+
 {{ $ENV := .Env }}
 
 jicofo {
@@ -272,8 +276,8 @@ jicofo {
         disable-certificate-verification = true
       }
       {{ end }}
-      {{ if $ENABLE_RECORDING }}
-      trusted-domains = [ "{{ $XMPP_RECORDER_DOMAIN }}" ]
-      {{ end }}
+      
+      trusted-domains = [ {{ range $index, $element := $TRUSTED_DOMAINS }}{{ if gt $index 0 }},{{ end }}"{{ $element }}"{{ end}} ]
+      
     }
 }