prosody: add hybrid_matrix_token as a new authentication method
This commit is contained in:
emrah
@@ -27,6 +27,7 @@ LABEL org.opencontainers.image.url="https://prosody.im/"
|
|||||||
LABEL org.opencontainers.image.source="https://github.com/jitsi/docker-jitsi-meet"
|
LABEL org.opencontainers.image.source="https://github.com/jitsi/docker-jitsi-meet"
|
||||||
LABEL org.opencontainers.image.documentation="https://jitsi.github.io/handbook/"
|
LABEL org.opencontainers.image.documentation="https://jitsi.github.io/handbook/"
|
||||||
|
|
||||||
|
ARG VERSION_JITSI_CONTRIB_PROSODY_PLUGINS="20230803"
|
||||||
ARG VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN="1.8.0"
|
ARG VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN="1.8.0"
|
||||||
|
|
||||||
RUN wget -qO /etc/apt/trusted.gpg.d/prosody.gpg https://prosody.im/files/prosody-debian-packages.key && \
|
RUN wget -qO /etc/apt/trusted.gpg.d/prosody.gpg https://prosody.im/files/prosody-debian-packages.key && \
|
||||||
@@ -59,7 +60,12 @@ RUN wget -qO /etc/apt/trusted.gpg.d/prosody.gpg https://prosody.im/files/prosody
|
|||||||
tar -xf v$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN.tar.gz && \
|
tar -xf v$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN.tar.gz && \
|
||||||
mv prosody-mod-auth-matrix-user-verification-$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN/mod_auth_matrix_user_verification.lua /prosody-plugins && \
|
mv prosody-mod-auth-matrix-user-verification-$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN/mod_auth_matrix_user_verification.lua /prosody-plugins && \
|
||||||
mv prosody-mod-auth-matrix-user-verification-$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN/mod_matrix_power_sync.lua /prosody-plugins && \
|
mv prosody-mod-auth-matrix-user-verification-$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN/mod_matrix_power_sync.lua /prosody-plugins && \
|
||||||
rm -rf prosody-mod-auth-matrix-user-verification-$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN v$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN.tar.gz
|
rm -rf prosody-mod-auth-matrix-user-verification-$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN v$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN.tar.gz && \
|
||||||
|
wget -q https://github.com/jitsi-contrib/prosody-plugins/archive/refs/tags/v$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS.tar.gz && \
|
||||||
|
tar -xf v$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS.tar.gz && \
|
||||||
|
mv prosody-plugins-$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS/auth_hybrid_matrix_token/mod_auth_hybrid_matrix_token.lua /prosody-plugins && \
|
||||||
|
mv prosody-plugins-$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS/auth_hybrid_matrix_token/mod_matrix_affiliation.lua /prosody-plugins && \
|
||||||
|
rm -rf prosody-plugins-$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS v$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS.tar.gz
|
||||||
|
|
||||||
COPY rootfs/ /
|
COPY rootfs/ /
|
||||||
|
|
||||||
|
|||||||
@@ -99,11 +99,11 @@ external_services = {
|
|||||||
};
|
};
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_ISSUERS }}
|
{{ if and $ENABLE_AUTH (or (eq $PROSODY_AUTH_TYPE "jwt") (eq $PROSODY_AUTH_TYPE "hybrid_matrix_token")) .Env.JWT_ACCEPTED_ISSUERS }}
|
||||||
asap_accepted_issuers = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_ISSUERS) }}" }
|
asap_accepted_issuers = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_ISSUERS) }}" }
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_AUDIENCES }}
|
{{ if and $ENABLE_AUTH (or (eq $PROSODY_AUTH_TYPE "jwt") (eq $PROSODY_AUTH_TYPE "hybrid_matrix_token")) .Env.JWT_ACCEPTED_AUDIENCES }}
|
||||||
asap_accepted_audiences = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_AUDIENCES) }}" }
|
asap_accepted_audiences = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_AUDIENCES) }}" }
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
@@ -149,6 +149,20 @@ VirtualHost "{{ $XMPP_DOMAIN }}"
|
|||||||
{{ if $MATRIX_UVS_SYNC_POWER_LEVELS }}
|
{{ if $MATRIX_UVS_SYNC_POWER_LEVELS }}
|
||||||
uvs_sync_power_levels = true
|
uvs_sync_power_levels = true
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
{{ else if eq $PROSODY_AUTH_TYPE "hybrid_matrix_token" }}
|
||||||
|
authentication = "hybrid_matrix_token"
|
||||||
|
app_id = "{{ .Env.JWT_APP_ID }}"
|
||||||
|
app_secret = "{{ .Env.JWT_APP_SECRET }}"
|
||||||
|
allow_empty_token = {{ $JWT_ALLOW_EMPTY }}
|
||||||
|
enable_domain_verification = {{ $JWT_ENABLE_DOMAIN_VERIFICATION }}
|
||||||
|
|
||||||
|
uvs_base_url = "{{ .Env.MATRIX_UVS_URL }}"
|
||||||
|
{{ if .Env.MATRIX_UVS_ISSUER }}
|
||||||
|
uvs_issuer = "{{ .Env.MATRIX_UVS_ISSUER }}"
|
||||||
|
{{ end }}
|
||||||
|
{{ if .Env.MATRIX_UVS_AUTH_TOKEN }}
|
||||||
|
uvs_auth_token = "{{ .Env.MATRIX_UVS_AUTH_TOKEN }}"
|
||||||
|
{{ end }}
|
||||||
{{ else if eq $PROSODY_AUTH_TYPE "internal" }}
|
{{ else if eq $PROSODY_AUTH_TYPE "internal" }}
|
||||||
authentication = "internal_hashed"
|
authentication = "internal_hashed"
|
||||||
{{ end }}
|
{{ end }}
|
||||||
@@ -271,12 +285,15 @@ Component "{{ $XMPP_MUC_DOMAIN }}" "muc"
|
|||||||
{{ if .Env.XMPP_MUC_MODULES -}}
|
{{ if .Env.XMPP_MUC_MODULES -}}
|
||||||
"{{ join "\";\n\"" (splitList "," .Env.XMPP_MUC_MODULES) }}";
|
"{{ join "\";\n\"" (splitList "," .Env.XMPP_MUC_MODULES) }}";
|
||||||
{{ end -}}
|
{{ end -}}
|
||||||
{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") -}}
|
{{ if and $ENABLE_AUTH (or (eq $PROSODY_AUTH_TYPE "jwt") (eq $PROSODY_AUTH_TYPE "hybrid_matrix_token")) -}}
|
||||||
"{{ $JWT_TOKEN_AUTH_MODULE }}";
|
"{{ $JWT_TOKEN_AUTH_MODULE }}";
|
||||||
{{ end }}
|
{{ end }}
|
||||||
{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "matrix") $MATRIX_UVS_SYNC_POWER_LEVELS -}}
|
{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "matrix") $MATRIX_UVS_SYNC_POWER_LEVELS -}}
|
||||||
"matrix_power_sync";
|
"matrix_power_sync";
|
||||||
{{ end -}}
|
{{ end -}}
|
||||||
|
{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "hybrid_matrix_token") $MATRIX_UVS_SYNC_POWER_LEVELS -}}
|
||||||
|
"matrix_affiliation";
|
||||||
|
{{ end -}}
|
||||||
{{ if not $DISABLE_POLLS -}}
|
{{ if not $DISABLE_POLLS -}}
|
||||||
"polls";
|
"polls";
|
||||||
{{ end -}}
|
{{ end -}}
|
||||||
|
|||||||
Reference in New Issue
Block a user