From 9838ece25523aa4da5e3f8d4f7dfbc0be6e5507c Mon Sep 17 00:00:00 2001 From: Ivan-lis Date: Tue, 17 Sep 2024 15:45:15 +0200 Subject: [PATCH] Added ejabberd to docker compose --- .devcontainer/devcontainer.json | 17 ++- CMakeLists.txt | 4 +- deployment/docker-compose.yml | 19 +++ deployment/ejabberd.yml | 250 ++++++++++++++++++++++++++++++++ 4 files changed, 279 insertions(+), 11 deletions(-) create mode 100644 deployment/docker-compose.yml create mode 100644 deployment/ejabberd.yml diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index b1cbee9..c32a38b 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,9 +1,10 @@ { - "name": "Arch Linux with GCC & Clang++", - "build": { - "dockerfile": "Dockerfile" - }, - "customizations": {"vscode": { + "name": "Arch Linux with GCC & Clang++", + "build": { + "dockerfile": "Dockerfile" + }, + "customizations": { + "vscode": { "extensions": [ "llvm-vs-code-extensions.vscode-clangd", "vadimcn.vscode-lldb", @@ -11,7 +12,7 @@ "ms-vscode.cmake-tools", "zxh404.vscode-proto3", "ms-azuretools.vscode-docker" - ] - }} + ] + } } - \ No newline at end of file +} \ No newline at end of file diff --git a/CMakeLists.txt b/CMakeLists.txt index 3ad5242..fa343f4 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -88,7 +88,7 @@ target_compile_options(larra_xmpp PUBLIC -Wno-changes-meaning) target_include_directories(larra_xmpp PUBLIC $ - $) + $) @@ -191,8 +191,6 @@ if(ENABLE_EXAMPLES) set_property(TARGET ${EXAMPLE_NAME} PROPERTY CXX_STANDARD 23) set_target_properties(${EXAMPLE_NAME} PROPERTIES RUNTIME_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/examples/output") - - target_include_directories(${EXAMPLE_NAME} PRIVATE ${BOOST_LIBRARY_INCLUDES}) endforeach() endif() diff --git a/deployment/docker-compose.yml b/deployment/docker-compose.yml new file mode 100644 index 0000000..ca82055 --- /dev/null +++ b/deployment/docker-compose.yml @@ -0,0 +1,19 @@ +version: '3.7' + +services: + + ejabberd_server: + image: ghcr.io/processone/ejabberd + container_name: ejabberd + environment: + - CTL_ON_CREATE=register admin localhost admin ; + register user localhost password + - CTL_ON_START=registered_users localhost ; + status + ports: + - "5222:5222" + - "5269:5269" + - "5280:5280" + - "5443:5443" + volumes: + - ./ejabberd.yml:/opt/ejabberd/conf/ejabberd.yml:ro diff --git a/deployment/ejabberd.yml b/deployment/ejabberd.yml new file mode 100644 index 0000000..5783b8e --- /dev/null +++ b/deployment/ejabberd.yml @@ -0,0 +1,250 @@ +### +### ejabberd configuration file +### +### The parameters used in this configuration file are explained at +### +### https://docs.ejabberd.im/admin/configuration +### +### The configuration file is written in YAML. +### ******************************************************* +### ******* !!! WARNING !!! ******* +### ******* YAML IS INDENTATION SENSITIVE ******* +### ******* MAKE SURE YOU INDENT SECTIONS CORRECTLY ******* +### ******************************************************* +### Refer to http://en.wikipedia.org/wiki/YAML for the brief description. +### + +hosts: + - localhost + +loglevel: info + +ca_file: /opt/ejabberd/conf/cacert.pem + +certfiles: + - /opt/ejabberd/conf/server.pem + +## If you already have certificates, list them here +# certfiles: +# - /etc/letsencrypt/live/domain.tld/fullchain.pem +# - /etc/letsencrypt/live/domain.tld/privkey.pem + +listen: + - + port: 5222 + ip: "::" + module: ejabberd_c2s + max_stanza_size: 262144 + shaper: c2s_shaper + access: c2s + starttls_required: true + - + port: 5223 + ip: "::" + module: ejabberd_c2s + max_stanza_size: 262144 + shaper: c2s_shaper + access: c2s + tls: true + - + port: 5269 + ip: "::" + module: ejabberd_s2s_in + max_stanza_size: 524288 + shaper: s2s_shaper + - + port: 5443 + ip: "::" + module: ejabberd_http + tls: true + request_handlers: + /admin: ejabberd_web_admin + /api: mod_http_api + /bosh: mod_bosh + /captcha: ejabberd_captcha + /upload: mod_http_upload + /ws: ejabberd_http_ws + - + port: 5280 + ip: "::" + module: ejabberd_http + request_handlers: + /admin: ejabberd_web_admin + /.well-known/acme-challenge: ejabberd_acme + - + port: 3478 + ip: "::" + transport: udp + module: ejabberd_stun + use_turn: true + ## The server's public IPv4 address: + # turn_ipv4_address: "203.0.113.3" + ## The server's public IPv6 address: + # turn_ipv6_address: "2001:db8::3" + - + port: 1883 + ip: "::" + module: mod_mqtt + backlog: 1000 + +s2s_use_starttls: optional + +acl: + admin: + user: admin@localhost + local: + user_regexp: "" + loopback: + ip: + - 127.0.0.0/8 + - ::1/128 + +access_rules: + local: + allow: local + c2s: + deny: blocked + allow: all + announce: + allow: admin + configure: + allow: admin + muc_create: + allow: local + pubsub_createnode: + allow: local + trusted_network: + allow: loopback + +api_permissions: + "console commands": + from: ejabberd_ctl + who: all + what: "*" + "webadmin commands": + from: ejabberd_web_admin + who: admin + what: "*" + "admin access": + who: + access: + allow: + - acl: loopback + - acl: admin + oauth: + scope: "ejabberd:admin" + access: + allow: + - acl: loopback + - acl: admin + what: + - "*" + - "!stop" + - "!start" + "public commands": + who: + ip: 127.0.0.1/8 + what: + - status + - connected_users_number + +shaper: + normal: + rate: 3000 + burst_size: 20000 + fast: 100000 + +shaper_rules: + max_user_sessions: 10 + max_user_offline_messages: + 5000: admin + 100: all + c2s_shaper: + none: admin + normal: all + s2s_shaper: fast + +modules: + mod_adhoc: {} + mod_admin_extra: {} + mod_announce: + access: announce + mod_avatar: {} + mod_blocking: {} + mod_bosh: {} + mod_caps: {} + mod_carboncopy: {} + mod_client_state: {} + mod_configure: {} + mod_disco: {} + mod_fail2ban: {} + mod_http_api: {} + mod_http_upload: + put_url: https://@HOST@:5443/upload + custom_headers: + "Access-Control-Allow-Origin": "https://@HOST@" + "Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS" + "Access-Control-Allow-Headers": "Content-Type" + mod_last: {} + mod_mam: + ## Mnesia is limited to 2GB, better to use an SQL backend + ## For small servers SQLite is a good fit and is very easy + ## to configure. Uncomment this when you have SQL configured: + ## db_type: sql + assume_mam_usage: true + default: always + mod_mqtt: {} + mod_muc: + access: + - allow + access_admin: + - allow: admin + access_create: muc_create + access_persistent: muc_create + access_mam: + - allow + default_room_options: + mam: true + mod_muc_admin: {} + mod_offline: + access_max_user_messages: max_user_offline_messages + mod_ping: {} + mod_privacy: {} + mod_private: {} + mod_proxy65: + access: local + max_connections: 5 + mod_pubsub: + access_createnode: pubsub_createnode + plugins: + - flat + - pep + force_node_config: + ## Avoid buggy clients to make their bookmarks public + storage:bookmarks: + access_model: whitelist + mod_push: {} + mod_push_keepalive: {} + mod_register: + ## Only accept registration requests from the "trusted" + ## network (see access_rules section above). + ## Think twice before enabling registration from any + ## address. See the Jabber SPAM Manifesto for details: + ## https://github.com/ge0rg/jabber-spam-fighting-manifesto + ip_access: trusted_network + mod_roster: + versioning: true + mod_s2s_dialback: {} + mod_shared_roster: {} + mod_stream_mgmt: + resend_on_timeout: if_offline + mod_stun_disco: {} + mod_vcard: {} + mod_vcard_xupdate: {} + mod_version: + show_os: false + +### Local Variables: +### mode: yaml +### End: +### vim: set filetype=yaml tabstop=8