From 4ae743859faf3666ba8a6f75696f55195f8f87cd Mon Sep 17 00:00:00 2001 From: Aaron van Meerten Date: Tue, 22 Oct 2024 12:17:14 -0500 Subject: [PATCH] feat(prosody): move external_services module and config to global prosody.cfg.lua (#1949) --- .../rootfs/defaults/conf.d/jitsi-meet.cfg.lua | 41 ------------------ .../rootfs/defaults/conf.d/visitors.cfg.lua | 33 --------------- prosody/rootfs/defaults/prosody.cfg.lua | 42 +++++++++++++++++++ 3 files changed, 42 insertions(+), 74 deletions(-) diff --git a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua index 2c17f34..aded22e 100644 --- a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua +++ b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua @@ -41,17 +41,6 @@ {{ $RATE_LIMIT_LOGIN_RATE := .Env.PROSODY_RATE_LIMIT_LOGIN_RATE | default "3" -}} {{ $RATE_LIMIT_SESSION_RATE := .Env.PROSODY_RATE_LIMIT_SESSION_RATE | default "200" -}} {{ $RATE_LIMIT_TIMEOUT := .Env.PROSODY_RATE_LIMIT_TIMEOUT | default "60" -}} -{{ $STUN_HOST := .Env.STUN_HOST | default "" -}} -{{ $STUN_PORT := .Env.STUN_PORT | default "443" -}} -{{ $TURNS_HOST := .Env.TURNS_HOST | default "" -}} -{{ $TURNS_HOSTS := splitList "," $TURNS_HOST | compact -}} -{{ $TURNS_PORT := .Env.TURNS_PORT | default "443" -}} -{{ $TURN_HOST := .Env.TURN_HOST | default "" -}} -{{ $TURN_HOSTS := splitList "," $TURN_HOST | compact -}} -{{ $TURN_PORT := .Env.TURN_PORT | default "443" -}} -{{ $TURN_TRANSPORT := .Env.TURN_TRANSPORT | default "tcp" -}} -{{ $TURN_TRANSPORTS := splitList "," $TURN_TRANSPORT | compact -}} -{{ $TURN_TTL := .Env.TURN_TTL | default "86400" -}} {{ $XMPP_AUTH_DOMAIN := .Env.XMPP_AUTH_DOMAIN | default "auth.meet.jitsi" -}} {{ $XMPP_DOMAIN := .Env.XMPP_DOMAIN | default "meet.jitsi" -}} {{ $XMPP_GUEST_DOMAIN := .Env.XMPP_GUEST_DOMAIN | default "guest.meet.jitsi" -}} @@ -85,33 +74,6 @@ muc_mapper_domain_prefix = "{{ $XMPP_MUC_DOMAIN_PREFIX }}"; http_default_host = "{{ $XMPP_DOMAIN }}" -{{ if .Env.TURN_CREDENTIALS -}} -external_service_secret = "{{.Env.TURN_CREDENTIALS}}"; -{{- end }} - -{{ if or .Env.STUN_HOST .Env.TURN_HOST .Env.TURNS_HOST -}} -external_services = { - {{- if $STUN_HOST }} - { type = "stun", host = "{{ $STUN_HOST }}", port = {{ $STUN_PORT }}, transport = "udp" } - {{- end }} - {{- if $TURN_HOST -}} - {{- range $idx1, $host := $TURN_HOSTS -}} - {{- range $idx2, $transport := $TURN_TRANSPORTS -}} - {{- if or $STUN_HOST $idx1 $idx2 -}},{{- end }} - { type = "turn", host = "{{ $host }}", port = {{ $TURN_PORT }}, transport = "{{ $transport }}", secret = true, ttl = {{ $TURN_TTL }}, algorithm = "turn" } - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $TURNS_HOST -}} - {{- range $idx, $host := $TURNS_HOSTS -}} - {{- if or $STUN_HOST $TURN_HOST $idx -}},{{- end }} - { type = "turns", host = "{{ $host }}", port = {{ $TURNS_PORT }}, transport = "tcp", secret = true, ttl = {{ $TURN_TTL }}, algorithm = "turn" } - {{- end }} - {{- end }} -}; -{{- end }} - {{ if and $ENABLE_AUTH (or (eq $PROSODY_AUTH_TYPE "jwt") (eq $PROSODY_AUTH_TYPE "hybrid_matrix_token")) .Env.JWT_ACCEPTED_ISSUERS }} asap_accepted_issuers = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_ISSUERS | compact) }}" } {{ end }} @@ -210,9 +172,6 @@ VirtualHost "{{ $XMPP_DOMAIN }}" {{ if $ENABLE_END_CONFERENCE }} "end_conference"; {{ end }} - {{ if or .Env.TURN_HOST .Env.TURNS_HOST }} - "external_services"; - {{ end }} {{ if $ENABLE_LOBBY }} "muc_lobby_rooms"; {{ end }} diff --git a/prosody/rootfs/defaults/conf.d/visitors.cfg.lua b/prosody/rootfs/defaults/conf.d/visitors.cfg.lua index 4a515e4..6436626 100644 --- a/prosody/rootfs/defaults/conf.d/visitors.cfg.lua +++ b/prosody/rootfs/defaults/conf.d/visitors.cfg.lua @@ -17,15 +17,6 @@ {{ $RELEASE_NUMBER := .Env.RELEASE_NUMBER | default "" -}} {{ $SHARD_NAME := .Env.SHARD | default "default" -}} {{ $S2S_PORT := .Env.PROSODY_S2S_PORT | default "5269" -}} -{{ $TURN_HOST := .Env.TURN_HOST | default "" -}} -{{ $TURN_HOSTS := splitList "," $TURN_HOST | compact -}} -{{ $TURN_PORT := .Env.TURN_PORT | default "443" -}} -{{ $TURN_TRANSPORT := .Env.TURN_TRANSPORT | default "tcp" -}} -{{ $TURN_TRANSPORTS := splitList "," $TURN_TRANSPORT | compact -}} -{{ $TURN_TTL := .Env.TURN_TTL | default "86400" -}} -{{ $TURNS_HOST := .Env.TURNS_HOST | default "" -}} -{{ $TURNS_HOSTS := splitList "," $TURNS_HOST | compact -}} -{{ $TURNS_PORT := .Env.TURNS_PORT | default "443" -}} {{ $VISITOR_INDEX := .Env.PROSODY_VISITOR_INDEX | default "0" -}} {{ $VISITORS_MUC_PREFIX := .Env.PROSODY_VISITORS_MUC_PREFIX | default "muc" -}} {{ $VISITORS_MAX_VISITORS_PER_NODE := .Env.VISITORS_MAX_VISITORS_PER_NODE | default "250" }} @@ -46,30 +37,6 @@ muc_mapper_domain_prefix = "{{ $XMPP_MUC_DOMAIN_PREFIX }}"; http_default_host = "v{{ $VISITOR_INDEX }}.{{ $VISITORS_XMPP_DOMAIN }}" -{{ if .Env.TURN_CREDENTIALS -}} -external_service_secret = "{{.Env.TURN_CREDENTIALS}}"; -{{- end }} - -{{ if or .Env.TURN_HOST .Env.TURNS_HOST -}} -external_services = { - {{ if $TURN_HOST -}} - {{- range $idx1, $host := $TURN_HOSTS -}} - {{- range $idx2, $transport := $TURN_TRANSPORTS -}} - {{- if or $idx1 $idx2 -}},{{- end }} - { type = "turn", host = "{{ $host }}", port = {{ $TURN_PORT }}, transport = "{{ $transport }}", secret = true, ttl = {{ $TURN_TTL }}, algorithm = "turn" } - {{- end -}} - {{- end -}} - {{- end -}} - - {{- if $TURNS_HOST -}} - {{- range $idx, $host := $TURNS_HOSTS -}} - {{- if or $TURN_HOST $idx -}},{{- end }} - { type = "turns", host = "{{ $host }}", port = {{ $TURNS_PORT }}, transport = "tcp", secret = true, ttl = {{ $TURN_TTL }}, algorithm = "turn" } - {{- end }} - {{- end }} -}; -{{- end }} - main_domain = '{{ $XMPP_DOMAIN }}'; -- https://prosody.im/doc/modules/mod_smacks diff --git a/prosody/rootfs/defaults/prosody.cfg.lua b/prosody/rootfs/defaults/prosody.cfg.lua index e5a60bf..e253c77 100644 --- a/prosody/rootfs/defaults/prosody.cfg.lua +++ b/prosody/rootfs/defaults/prosody.cfg.lua @@ -27,6 +27,17 @@ {{ $TRUSTED_PROXY_LIST := splitList "," $TRUSTED_PROXIES | compact -}} {{ $PROSODY_S2S_LIMIT := .Env.PROSODY_S2S_LIMIT | default "30kb/s" -}} {{ $S2S_PORT := .Env.PROSODY_S2S_PORT | default "5269" }} +{{ $STUN_HOST := .Env.STUN_HOST | default "" -}} +{{ $STUN_PORT := .Env.STUN_PORT | default "443" -}} +{{ $TURNS_HOST := .Env.TURNS_HOST | default "" -}} +{{ $TURNS_HOSTS := splitList "," $TURNS_HOST | compact -}} +{{ $TURNS_PORT := .Env.TURNS_PORT | default "443" -}} +{{ $TURN_HOST := .Env.TURN_HOST | default "" -}} +{{ $TURN_HOSTS := splitList "," $TURN_HOST | compact -}} +{{ $TURN_PORT := .Env.TURN_PORT | default "443" -}} +{{ $TURN_TRANSPORT := .Env.TURN_TRANSPORT | default "tcp" -}} +{{ $TURN_TRANSPORTS := splitList "," $TURN_TRANSPORT | compact -}} +{{ $TURN_TTL := .Env.TURN_TTL | default "86400" -}} {{ $VISITORS_MUC_PREFIX := .Env.PROSODY_VISITORS_MUC_PREFIX | default "muc" -}} {{ $VISITORS_XMPP_DOMAIN := .Env.VISITORS_XMPP_DOMAIN | default "meet.jitsi" -}} {{ $VISITORS_XMPP_SERVER := .Env.VISITORS_XMPP_SERVER | default "" -}} @@ -121,6 +132,9 @@ modules_enabled = { "s2sout_override"; "s2s_whitelist"; {{ end -}} + {{- if or .Env.TURN_HOST .Env.TURNS_HOST }} + "external_services"; + {{- end }} {{ if $PROSODY_ENABLE_METRICS }} -- metrics collection functionality @@ -327,6 +341,34 @@ statistics_interval = "manual" openmetrics_allow_cidr = "{{ $PROSODY_METRICS_ALLOWED_CIDR }}" {{ end }} +{{ if .Env.TURN_CREDENTIALS -}} +external_service_secret = "{{.Env.TURN_CREDENTIALS}}"; +{{- end }} + +{{ if or .Env.STUN_HOST .Env.TURN_HOST .Env.TURNS_HOST -}} +external_services = { + {{- if $STUN_HOST }} + { type = "stun", host = "{{ $STUN_HOST }}", port = {{ $STUN_PORT }}, transport = "udp" } + {{- end }} + {{- if $TURN_HOST -}} + {{- range $idx1, $host := $TURN_HOSTS -}} + {{- range $idx2, $transport := $TURN_TRANSPORTS -}} + {{- if or $STUN_HOST $idx1 $idx2 -}},{{- end }} + { type = "turn", host = "{{ $host }}", port = {{ $TURN_PORT }}, transport = "{{ $transport }}", secret = true, ttl = {{ $TURN_TTL }}, algorithm = "turn" } + {{- end -}} + {{- end -}} + {{- end -}} + + {{- if $TURNS_HOST -}} + {{- range $idx, $host := $TURNS_HOSTS -}} + {{- if or $STUN_HOST $TURN_HOST $idx -}},{{- end }} + { type = "turns", host = "{{ $host }}", port = {{ $TURNS_PORT }}, transport = "tcp", secret = true, ttl = {{ $TURN_TTL }}, algorithm = "turn" } + {{- end }} + {{- end }} +}; +{{- end }} + + {{ if .Env.GLOBAL_CONFIG }} {{ join "\n" (splitList "\\n" .Env.GLOBAL_CONFIG | compact) }} {{ end }}