Interanet/jitsi-meet-deployment
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

prosody: introduce AUTH_TYPE

Browse Source 
It simplifies selecting the desired authentication type, instead of
having a boolean for each.
This commit is contained in:
Saúl Ibarra Corretgé
2019-05-04 14:52:35 +02:00
parent 9ff3ce295c
commit 8da61612e9
5 changed files with 38 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua
View File

@@ -2,26 +2,29 @@ admins = { "{{ .Env.JICOFO_AUTH_USER }}@{{ .Env.XMPP_AUTH_DOMAIN }}" }
plugin_paths = { "/prosody-plugins/", "/prosody-plugins-custom" }
http_default_host = "{{ .Env.XMPP_DOMAIN }}"
{{ if and (.Env.ENABLE_AUTH | default "0" | toBool) (.Env.JWT_ENABLE_TOKEN_AUTH | default "0" | toBool) .Env.JWT_ACCEPTED_ISSUERS }}
{{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" | toBool }}
{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" }}
{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_ISSUERS }}
asap_accepted_issuers = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_ISSUERS) }}" }
{{ end }}
{{ if and (.Env.ENABLE_AUTH | default "0" | toBool) (.Env.JWT_ENABLE_TOKEN_AUTH | default "0" | toBool) .Env.JWT_ACCEPTED_AUDIENCES }}
{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_AUDIENCES }}
asap_accepted_audiences = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_AUDIENCES) }}" }
{{ end }}
VirtualHost "{{ .Env.XMPP_DOMAIN }}"
{{ if .Env.ENABLE_AUTH | default "0" | toBool }}
{{ if .Env.JWT_ENABLE_TOKEN_AUTH | default "0" | toBool }}
{{ if $ENABLE_AUTH }}
{{ if eq $AUTH_TYPE "jwt" }}
authentication = "token"
app_id = "{{ .Env.JWT_APP_ID }}"
app_secret = "{{ .Env.JWT_APP_SECRET }}"
allow_empty_token = false
{{ else if .Env.ENABLE_LDAP_AUTH | default "0" | toBool }}
{{ else if eq $AUTH_TYPE "ldap" }}
authentication = "cyrus"
cyrus_application_name = "xmpp"
allow_unencrypted_plain_auth = true
{{ else }}
{{ else if eq $AUTH_TYPE "internal" }}
authentication = "internal_plain"
{{ end }}
{{ else }}
@@ -38,14 +41,14 @@ VirtualHost "{{ .Env.XMPP_DOMAIN }}"
{{ if .Env.XMPP_MODULES }}
"{{ join "\";\n\"" (splitList "," .Env.XMPP_MODULES) }}";
{{ end }}
{{ if .Env.ENABLE_LDAP_AUTH | default "0" | toBool }}
{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "ldap") }}
"auth_cyrus";
{{end}}
}
c2s_require_encryption = false
{{ if and (.Env.ENABLE_AUTH | default "0" | toBool) (.Env.ENABLE_GUESTS | default "0" | toBool) }}
{{ if and $ENABLE_AUTH (.Env.ENABLE_GUESTS | default "0" | toBool) }}
VirtualHost "{{ .Env.XMPP_GUEST_DOMAIN }}"
authentication = "anonymous"
c2s_require_encryption = false
@@ -81,3 +84,4 @@ Component "{{ .Env.XMPP_MUC_DOMAIN }}" "muc"
Component "focus.{{ .Env.XMPP_DOMAIN }}"
component_secret = "{{ .Env.JICOFO_COMPONENT_SECRET }}"

2
prosody/rootfs/defaults/saslauthd.conf
View File

@@ -1,4 +1,4 @@
{{ if .Env.ENABLE_LDAP_AUTH | default "0" | toBool }}
{{ if eq (.Env.AUTH_TYPE | default "internal") "ldap" }}
ldap_servers: {{ .Env.LDAP_URL }}
ldap_search_base: {{ .Env.LDAP_BASE }}
ldap_bind_dn: {{ .Env.LDAP_BINDDN }}