mirrors/docker-jitsi-meet
1
0
Fork 0
mirror of https://github.com/jitsi/docker-jitsi-meet.git synced 2026-04-02 15:51:05 +02:00
Code Issues Projects Releases Wiki Activity

jicofo, prosody: allow to set different AUTH_TYPE

Browse Source
This commit is contained in:
emrah 2023-07-01 17:02:00 +03:00 committed by GitHub
parent dc1994a66a
commit f18acb493d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 29 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docker-compose.yml
View File

@ -229,6 +229,7 @@ services:
- LDAP_URL
- LDAP_USE_TLS
- MAX_PARTICIPANTS
- PROSODY_AUTH_TYPE
- PROSODY_RESERVATION_ENABLED
- PROSODY_RESERVATION_REST_BASE_URL
- PROSODY_ENABLE_RATE_LIMITS
@ -285,6 +286,7 @@ services:
- ENABLE_SCTP
- ENABLE_AUTO_LOGIN
- JICOFO_AUTH_PASSWORD
- JICOFO_AUTH_TYPE
- JICOFO_BRIDGE_REGION_GROUPS
- JICOFO_ENABLE_AUTH
- JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS

23
jicofo/rootfs/defaults/jicofo.conf
View File

@ -1,13 +1,14 @@
{{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" | toBool }}
{{ $JICOFO_ENABLE_AUTH := (.Env.JICOFO_ENABLE_AUTH | default .Env.ENABLE_AUTH) | default "0" | toBool }}
{{ $ENABLE_SCTP := .Env.ENABLE_SCTP | default "0" | toBool }}
{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" }}
{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool }}
{{ $ENABLE_OCTO := .Env.ENABLE_OCTO | default "0" | toBool }}
{{ $ENABLE_AUTO_LOGIN := .Env.ENABLE_AUTO_LOGIN | default "1" | toBool }}
{{ $ENABLE_REST := .Env.JICOFO_ENABLE_REST | default "0" | toBool }}
{{ $ENABLE_JVB_XMPP_SERVER := .Env.ENABLE_JVB_XMPP_SERVER | default "0" | toBool }}
{{ $HEALTH_CHECKS_USE_PRESENCE := .Env.JICOFO_HEALTH_CHECKS_USE_PRESENCE | default "0" | toBool }}
{{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" -}}
{{ $JICOFO_ENABLE_AUTH := .Env.JICOFO_ENABLE_AUTH | default $ENABLE_AUTH | toBool -}}
{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" -}}
{{ $JICOFO_AUTH_TYPE := .Env.JICOFO_AUTH_TYPE | default $AUTH_TYPE -}}
{{ $ENABLE_SCTP := .Env.ENABLE_SCTP | default "0" | toBool -}}
{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool -}}
{{ $ENABLE_OCTO := .Env.ENABLE_OCTO | default "0" | toBool -}}
{{ $ENABLE_AUTO_LOGIN := .Env.ENABLE_AUTO_LOGIN | default "1" | toBool -}}
{{ $ENABLE_REST := .Env.JICOFO_ENABLE_REST | default "0" | toBool -}}
{{ $ENABLE_JVB_XMPP_SERVER := .Env.ENABLE_JVB_XMPP_SERVER | default "0" | toBool -}}
{{ $HEALTH_CHECKS_USE_PRESENCE := .Env.JICOFO_HEALTH_CHECKS_USE_PRESENCE | default "0" | toBool -}}
{{ $JIBRI_BREWERY_MUC := .Env.JIBRI_BREWERY_MUC | default "jibribrewery" -}}
{{ $JIGASI_BREWERY_MUC := .Env.JIGASI_BREWERY_MUC | default "jigasibrewery" -}}
{{ $JVB_BREWERY_MUC := .Env.JVB_BREWERY_MUC | default "jvbbrewery" -}}
@ -29,7 +30,7 @@ jicofo {
authentication {
enabled = true
// The type of authentication. Supported values are XMPP or JWT.
{{ if eq $AUTH_TYPE "jwt" }}
{{ if eq $JICOFO_AUTH_TYPE "jwt" }}
type = JWT
{{ else }}
type = XMPP

23
prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua
View File

@ -1,7 +1,8 @@
{{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" | toBool -}}
{{ $ENABLE_GUEST_DOMAIN := and $ENABLE_AUTH (.Env.ENABLE_GUESTS | default "0" | toBool)}}
{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool -}}
{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" -}}
{{ $PROSODY_AUTH_TYPE := .Env.PROSODY_AUTH_TYPE | default $AUTH_TYPE -}}
{{ $ENABLE_GUEST_DOMAIN := and $ENABLE_AUTH (.Env.ENABLE_GUESTS | default "0" | toBool) -}}
{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool -}}
{{ $JIBRI_XMPP_USER := .Env.JIBRI_XMPP_USER | default "jibri" -}}
{{ $JIGASI_XMPP_USER := .Env.JIGASI_XMPP_USER | default "jigasi" -}}
{{ $JVB_AUTH_USER := .Env.JVB_AUTH_USER | default "jvb" -}}
@ -98,11 +99,11 @@ external_services = {
};
{{- end }}
{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_ISSUERS }}
{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_ISSUERS }}
asap_accepted_issuers = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_ISSUERS) }}" }
{{ end }}
{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_AUDIENCES }}
{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_AUDIENCES }}
asap_accepted_audiences = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_AUDIENCES) }}" }
{{ end }}
@ -125,7 +126,7 @@ VirtualHost "jigasi.meet.jitsi"
VirtualHost "{{ $XMPP_DOMAIN }}"
{{ if $ENABLE_AUTH }}
{{ if eq $AUTH_TYPE "jwt" }}
{{ if eq $PROSODY_AUTH_TYPE "jwt" }}
authentication = "{{ $JWT_AUTH_TYPE }}"
app_id = "{{ .Env.JWT_APP_ID }}"
app_secret = "{{ .Env.JWT_APP_SECRET }}"
@ -134,11 +135,11 @@ VirtualHost "{{ $XMPP_DOMAIN }}"
asap_key_server = "{{ .Env.JWT_ASAP_KEYSERVER }}"
{{ end }}
enable_domain_verification = {{ $JWT_ENABLE_DOMAIN_VERIFICATION }}
{{ else if eq $AUTH_TYPE "ldap" }}
{{ else if eq $PROSODY_AUTH_TYPE "ldap" }}
authentication = "cyrus"
cyrus_application_name = "xmpp"
allow_unencrypted_plain_auth = true
{{ else if eq $AUTH_TYPE "matrix" }}
{{ else if eq $PROSODY_AUTH_TYPE "matrix" }}
authentication = "matrix_user_verification"
app_id = "{{ $MATRIX_UVS_ISSUER }}"
uvs_base_url = "{{ .Env.MATRIX_UVS_URL }}"
@ -148,7 +149,7 @@ VirtualHost "{{ $XMPP_DOMAIN }}"
{{ if $MATRIX_UVS_SYNC_POWER_LEVELS }}
uvs_sync_power_levels = true
{{ end }}
{{ else if eq $AUTH_TYPE "internal" }}
{{ else if eq $PROSODY_AUTH_TYPE "internal" }}
authentication = "internal_hashed"
{{ end }}
{{ else }}
@ -187,7 +188,7 @@ VirtualHost "{{ $XMPP_DOMAIN }}"
{{ if .Env.XMPP_MODULES }}
"{{ join "\";\n\"" (splitList "," .Env.XMPP_MODULES) }}";
{{ end }}
{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "ldap") }}
{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "ldap") }}
"auth_cyrus";
{{end}}
{{ if $PROSODY_RESERVATION_ENABLED }}
@ -270,10 +271,10 @@ Component "{{ $XMPP_MUC_DOMAIN }}" "muc"
{{ if .Env.XMPP_MUC_MODULES -}}
"{{ join "\";\n\"" (splitList "," .Env.XMPP_MUC_MODULES) }}";
{{ end -}}
{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") -}}
{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") -}}
"{{ $JWT_TOKEN_AUTH_MODULE }}";
{{ end }}
{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "matrix") $MATRIX_UVS_SYNC_POWER_LEVELS -}}
{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "matrix") $MATRIX_UVS_SYNC_POWER_LEVELS -}}
"matrix_power_sync";
{{ end -}}
{{ if not $DISABLE_POLLS -}}

4
prosody/rootfs/defaults/saslauthd.conf
View File

@ -1,6 +1,8 @@
{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" -}}
{{ $PROSODY_AUTH_TYPE := .Env.PROSODY_AUTH_TYPE | default $AUTH_TYPE }}
{{ $XMPP_DOMAIN := .Env.XMPP_DOMAIN | default "meet.jitsi" -}}
{{ if eq (.Env.AUTH_TYPE | default "internal") "ldap" }}
{{ if eq $PROSODY_AUTH_TYPE "ldap" }}
ldap_servers: {{ .Env.LDAP_URL }}
ldap_search_base: {{ .Env.LDAP_BASE }}
{{ if .Env.LDAP_BINDDN | default "" }}