Use default values everywhere so they don't need to be specified in the
.env file.
This makes the default .env file much smaller (the larger config options
are documented in the handbook) and should make it easier to port the
setup to runtimes other than Docker Compose.
* jicofo: add optional XMPP_PORT value
* include compose and env example for XMPP_PORT
* extends use of the XMPP_PORT property
* fix compose to use default
* re-commenting XMPP_PORT value
* include XMPP_PORT in compose for all services
* always use $XMPP_PORT, value defaulted in template
* missing JVB setting
Add quotations to jicofo run script.
This fixes#488 where jicofo fails to start due to special characters. For
example, if the JICOFO_AUTH_PASSWORD variable value contains `&` or `#` then the
run script fails because the characters are interpreted by bash rather than as a
string.
Note that the `gen-passwords.sh` script does _not_ trigger this issue because it
does not generate characters outside the ASCII alpha-numeric range. This only
shows up when using other tools to generate the password values that do include
special characters in the output or when setting the password values by hand.
A type error is thrown when one of these environment variables is
defined:
- ENABLE_AUTO_OWNER
- JICOFO_ENABLE_HEALTH_CHECKS
- JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS
There's no need to have Jicofo involved in authentication
when JWT authentication type is configured in Prosody in which case
Prosody plugins are validating the token when user tries to enter
a MUC.
This mechanism was initially designed for 'internal' Prosody
XMPP authentication with guest access. In this mode only admin users
are allowed to create MUC rooms and Jicofo is an admin. In this flow,
a user first joins from domain with authentication enabled and it
will receive a session ID from Jicofo. Now the client will store this
session ID in the local storage and use it next time when coming back
to Jitsi Meet to make Jicofo create a MUC room for him/her.
https://jitsi.github.io/handbook/docs/devops-guide/secure-domain
The EXT_JWT mode was an experiment at some point, but now should
probably be removed. It may come handy only in case where there is
no JWT verification in Prosody and all users connect as anonymous and
MUC creation is only allowed to Jicofo.
Saúl Ibarra Corretgé
Aaron van Meerten
Robert Kaussow
Boris Grozev
Ben Banfield-Zanin
Kevin Conway
Paul Tiedtke
Berbe
Kenny
Matthieu Huguet
tob123
Hugo Renard
Prayag Singh
duritong
prayagsingh
Felix Geyer
paweldomas
Cedric Roijakkers
Cedric Roijakkers
mjattiot
Mohammed
netaskd
Saúl Ibarra Corretgé