docker-multiarch/prosody
1
0
Fork 0
mirror of https://git.netzspielplatz.de/docker-multiarch/prosody.git synced 2025-11-08 17:09:28 +00:00
Code Issues Projects Releases Wiki Activity

Initial commit

Browse source
This commit is contained in:
Jochen Schalanda 2018-02-23 19:01:52 +01:00
commit c36fc42e9c
No known key found for this signature in database
GPG key ID: 2FC1B61A8D1F4BB0
6 changed files with 389 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

34
Dockerfile Normal file
View file

@ -0,0 +1,34 @@
FROM alpine:3.7
MAINTAINER Jochen Schalanda <jochen+docker@schalanda.name>
ENV PROSODY_VERSION 0.10.0-r2
# Build-time metadata as defined at http://label-schema.org
ARG BUILD_DATE
ARG VCS_REF
ARG VERSION
LABEL org.label-schema.build-date=$BUILD_DATE \
org.label-schema.name="Prosody IM Alpine Docker Image" \
org.label-schema.description="Prosody IM Docker image based on Alpine Linux" \
org.label-schema.url="https://prosody.im/" \
org.label-schema.vcs-ref=$VCS_REF \
org.label-schema.vcs-url="https://github.com/joschi/docker-prosody-alpine" \
org.label-schema.version=$VERSION \
org.label-schema.schema-version="1.0" \
com.microscaling.docker.dockerfile="/Dockerfile" \
com.microscaling.license="MIT"
RUN apk add --no-cache bash "prosody=${PROSODY_VERSION}"
RUN mkdir -p /etc/prosody/conf.d /usr/local/lib/prosody/modules
COPY prosody.cfg.lua /etc/prosody/prosody.cfg.lua
COPY docker-entrypoint.sh /
ENTRYPOINT ["/docker-entrypoint.sh"]
EXPOSE 80 443 5222 5269 5347 5280 5281
VOLUME ["/etc/prosody/", "/etc/prosody/conf.d/", "/usr/local/lib/prosody/modules/", "/var/lib/prosody/", "/var/run/prosody/prosody.pid"]
USER prosody
ENV __FLUSH_LOG yes
CMD ["prosody"]

21
LICENSE Normal file
View file

@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2018 Jochen Schalanda
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

93
README.md Normal file
View file

@ -0,0 +1,93 @@
# Prosody
[![Docker Stars](https://img.shields.io/docker/stars/joschi/prosody-alpine.svg)][hub]
[![Docker Pulls](https://img.shields.io/docker/pulls/joschi/prosody-alpine.svg)][hub]
[![Image Size](https://images.microbadger.com/badges/image/joschi/prosody-alpine.svg)][microbadger]
[![Image Version](https://images.microbadger.com/badges/version/joschi/prosody-alpine.svg)][microbadger]
[![Image License](https://images.microbadger.com/badges/license/joschi/prosody-alpine.svg)][microbadger]
[hub]: https://hub.docker.com/r/joschi/prosody-alpine/
[microbadger]: https://microbadger.com/images/joschi/prosody-alpine
## What is Prosody?
Prosody is a modern XMPP communication server. It aims to be easy to set up and configure, and efficient with system resources.
Additionally, for developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols.
### Example
```
# docker run -d \
--name prosody
-p 5222:5222 \
-p 5269:5269 \
-e LOCAL=romeo \
-e DOMAIN=shakespeare.lit \
-e PASSWORD=juliet4ever \
-v /data/prosody/vhosts:/etc/prosody/conf.d \
-v /data/prosody/modules:/usr/local/lib/prosody/modules \
joschi/prosody-alpine:0.10.0-1
```
## Configuration
The default [Prosody configuration file](prosody.cfg.lua) can be overwritten entirely (`/etc/prosody/prosody.cfg.lua`) or extended by adding configuration snippets into the `/etc/prosody/conf.d/` directory.
### Virtual hosts
New domains can be added by placing configuration snippets with the virtual host definitions to `/etc/prosody/conf.d/`.i
Minimal example:
```
# cat vhosts/example-org.cfg.lua
VirtualHost "example.org"
enable = true
# docker run -d \
--name prosody
-p 5222:5222 \
-p 5269:5269 \
-v /data/prosody/vhosts:/etc/prosody/conf.d \
joschi/prosody-alpine:0.10.0-1
```
### Creating a user
This Docker image supports creating a single user on startup by providing the following environment variables:
* `LOCAL`: local part of the JID
* `DOMAIN`: domain part of the JID
* `PASSWORD`: plaintext password of the user
For example, the environment variables `LOCAL=foobar`, `DOMAIN=example.com`, `PASSWORD=supersecret` would create a user named "foobar@example.com" with the password "supersecret".
Other than that, users can be created using [`prosodyctl`](https://prosody.im/doc/prosodyctl) in a running container:
```
# docker exec -it prosody prosodyctl register foobar example.com supersecret
```
## Prosody modules
Additional modules, e. g. from the [Prosody Community Modules](https://modules.prosody.im/), can be added by putting the Lua files into the `/usr/local/lib/prosody/modules/` directory.
## Persistent data
Prosody only writes data into two locations, which have to be persisted in Docker volumes to survive a container restart:
* `/var/lib/prosody/`: The Prosody [`data_path`](https://prosody.im/doc/configure#general_server_settings)
* `/var/run/prosody/prosody.pid`: The Prosody [`pidfile`](https://prosody.im/doc/configure#posix-only_options).
## Acknowledgements
This Docker image is partly based on the official [prosody/prosody](https://github.com/prosody/prosody-docker) Docker image.
## License
This Docker image is licensed under the MIT license, see [LICENSE](LICENSE).

14
docker-entrypoint.sh Executable file
View file

@ -0,0 +1,14 @@
#!/bin/bash
set -e
if [[ "$1" != "prosody" ]]; then
exec prosodyctl $*
exit 0;
fi
if [ "$LOCAL" -a "$PASSWORD" -a "$DOMAIN" ] ; then
echo "Creating user ${LOCAL}@${DOMAIN}"
prosodyctl register $LOCAL $DOMAIN $PASSWORD
fi
exec "$@"

9
hooks/build Normal file
View file

@ -0,0 +1,9 @@
#!/bin/bash
# Custom build for Docker Hub
# see: https://medium.com/microscaling-systems/labelling-automated-builds-on-docker-hub-f3d073fb8e1
docker build --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` \
--build-arg VCS_REF=$GIT_SHA1 \
--build-arg VERSION=$DOCKER_TAG \
--tag $IMAGE_NAME .

218
prosody.cfg.lua Normal file
View file

@ -0,0 +1,218 @@
-- Prosody Example Configuration File
--
-- Information on configuring Prosody can be found on our
-- website at https://prosody.im/doc/configure
--
-- Tip: You can check that the syntax of this file is correct
-- when you have finished by running this command:
-- prosodyctl check config
-- If there are any errors, it will let you know what and where
-- they are, otherwise it will keep quiet.
--
-- The only thing left to do is rename this file to remove the .dist ending, and fill in the
-- blanks. Good luck, and happy Jabbering!
daemonize = false
pidfile = "/var/run/prosody/prosody.pid"
---------- Server-wide settings ----------
-- Settings in this section apply to the whole server and are the default settings
-- for any virtual hosts
-- This is a (by default, empty) list of accounts that are admins
-- for the server. Note that you must create the accounts separately
-- (see https://prosody.im/doc/creating_accounts for info)
-- Example: admins = { "user1@example.com", "user2@example.net" }
admins = { }
-- Enable use of libevent for better performance under high load
-- For more information see: https://prosody.im/doc/libevent
--use_libevent = true
-- Prosody will always look in its source directory for modules, but
-- this option allows you to specify additional locations where Prosody
-- will look for modules first. For community modules, see https://modules.prosody.im/
plugin_paths = { "/usr/local/lib/prosody/modules/" }
-- This is the list of modules Prosody will load on startup.
-- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
-- Documentation for bundled modules can be found at: https://prosody.im/doc/modules
modules_enabled = {
-- Generally required
"roster"; -- Allow users to have a roster. Recommended ;)
"saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
"tls"; -- Add support for secure TLS on c2s/s2s connections
"dialback"; -- s2s dialback support
"disco"; -- Service discovery
-- Not essential, but recommended
"carbons"; -- Keep multiple clients in sync
"pep"; -- Enables users to publish their mood, activity, playing music and more
"private"; -- Private XML storage (for room bookmarks, etc.)
"blocklist"; -- Allow users to block communications with other users
"vcard"; -- Allow users to set vCards
-- Nice to have
"version"; -- Replies to server version requests
"uptime"; -- Report how long server has been running
"time"; -- Let others know the time here on this server
"ping"; -- Replies to XMPP pings with pongs
"register"; -- Allow users to register on this server using a client and change passwords
--"mam"; -- Store messages in an archive and allow users to access it
-- Admin interfaces
"admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
--"admin_telnet"; -- Opens telnet console interface on localhost port 5582
-- HTTP modules
--"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
--"websocket"; -- XMPP over WebSockets
--"http_files"; -- Serve static files from a directory over HTTP
-- Other specific functionality
--"limits"; -- Enable bandwidth limiting for XMPP connections
--"groups"; -- Shared roster support
--"server_contact_info"; -- Publish contact information for this service
--"announce"; -- Send announcement to all online users
--"welcome"; -- Welcome users who register accounts
--"watchregistrations"; -- Alert admins of registrations
--"motd"; -- Send a message to users when they log in
--"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
--"proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use
}
-- These modules are auto-loaded, but should you want
-- to disable them then uncomment them here:
modules_disabled = {
-- "offline"; -- Store offline messages
-- "c2s"; -- Handle client connections
-- "s2s"; -- Handle server-to-server connections
"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
}
-- Disable account creation by default, for security
-- For more information see https://prosody.im/doc/creating_accounts
allow_registration = false
-- Force clients to use encrypted connections? This option will
-- prevent clients from authenticating unless they are using encryption.
c2s_require_encryption = false
-- Force servers to use encrypted connections? This option will
-- prevent servers from authenticating unless they are using encryption.
-- Note that this is different from authentication
s2s_require_encryption = false
-- Force certificate authentication for server-to-server connections?
-- This provides ideal security, but requires servers you communicate
-- with to support encryption AND present valid, trusted certificates.
-- NOTE: Your version of LuaSec must support certificate verification!
-- For more information see https://prosody.im/doc/s2s#security
s2s_secure_auth = false
-- Some servers have invalid or self-signed certificates. You can list
-- remote domains here that will not be required to authenticate using
-- certificates. They will be authenticated using DNS instead, even
-- when s2s_secure_auth is enabled.
--s2s_insecure_domains = { "insecure.example" }
-- Even if you leave s2s_secure_auth disabled, you can still require valid
-- certificates for some domains by specifying a list here.
--s2s_secure_domains = { "jabber.org" }
-- Select the authentication backend to use. The 'internal' providers
-- use Prosody's configured data storage to store the authentication data.
-- To allow Prosody to offer secure authentication mechanisms to clients, the
-- default provider stores passwords in plaintext. If you do not trust your
-- server please see https://prosody.im/doc/modules/mod_auth_internal_hashed
-- for information about using the hashed backend.
authentication = "internal_hashed"
-- Select the storage backend to use. By default Prosody uses flat files
-- in its configured data directory, but it also supports more backends
-- through modules. An "sql" backend is included by default, but requires
-- additional dependencies. See https://prosody.im/doc/storage for more info.
--storage = "sql" -- Default is "internal"
-- For the "sql" backend, you can uncomment *one* of the below to configure:
--sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename.
--sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
--sql = { driver = "PostgreSQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
-- Archiving configuration
-- If mod_mam is enabled, Prosody will store a copy of every message. This
-- is used to synchronize conversations between multiple clients, even if
-- they are offline. This setting controls how long Prosody will keep
-- messages in the archive before removing them.
archive_expires_after = "1w" -- Remove archived messages after 1 week
-- You can also configure messages to be stored in-memory only. For more
-- archiving options, see https://prosody.im/doc/modules/mod_mam
-- Logging configuration
-- For advanced logging see https://prosody.im/doc/logging
log = {
-- info = "prosody.log"; -- Change 'info' to 'debug' for verbose logging
-- error = "prosody.err";
-- "*syslog"; -- Uncomment this for logging to syslog
"*console"; -- Log to the console, useful for debugging with daemonize=false
}
-- Uncomment to enable statistics
-- For more info see https://prosody.im/doc/statistics
-- statistics = "internal"
-- Certificates
-- Every virtual host and component needs a certificate so that clients and
-- servers can securely verify its identity. Prosody will automatically load
-- certificates/keys from the directory specified here.
-- For more information, including how to use 'prosodyctl' to auto-import certificates
-- (from e.g. Let's Encrypt) see https://prosody.im/doc/certificates
-- Location of directory to find certificates in (relative to main config file):
certificates = "certs"
----------- Virtual hosts -----------
-- You need to add a VirtualHost entry for each domain you wish Prosody to serve.
-- Settings under each VirtualHost entry apply *only* to that host.
VirtualHost "localhost"
--VirtualHost "example.com"
-- certificate = "/path/to/example.crt"
------ Components ------
-- You can specify components to add hosts that provide special services,
-- like multi-user conferences, and transports.
-- For more information on components, see https://prosody.im/doc/components
---Set up a MUC (multi-user chat) room server on conference.example.com:
--Component "conference.example.com" "muc"
---Set up an external component (default component port is 5347)
--
-- External components allow adding various services, such as gateways/
-- transports to other networks like ICQ, MSN and Yahoo. For more info
-- see: https://prosody.im/doc/components#adding_an_external_component
--
--Component "gateway.example.com"
-- component_secret = "password"
------ Additional config files ------
-- For organizational purposes you may prefer to add VirtualHost and
-- Component definitions in their own config files. This line includes
-- all config files in /etc/prosody/conf.d/
Include "conf.d/*.cfg.lua"