Environment variables for most of prosody.cfg.lua

2025-01-18 13:10:37 +00:00 · 2020-06-01 08:18:15 +02:00 · 2020-06-01 08:18:15 +02:00 · 4ff329cad2
commit 4ff329cad2
parent b3d3eee131
3 changed files with 17 additions and 6 deletions
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@ -15,8 +15,13 @@ if [ -z "$DOMAIN" ]; then
  exit 1
 fi

+export ALLOW_REGISTRATION=${ALLOW_REGISTRATION:-true}
 export DOMAIN_HTTP_UPLOAD=${DOMAIN_HTTP_UPLOAD:-"upload.$DOMAIN"}
 export DOMAIN_MUC=${DOMAIN_MUC:-"conference.$DOMAIN"}
 export DOMAIN_PROXY=${DOMAIN_PROXY:-"proxy.$DOMAIN"}
+export LOG_LEVEL=${LOG_LEVEL:-"info"}
+export C2S_REQUIRE_ENCRYPTION=${C2S_REQUIRE_ENCRYPTION:-true}
+export S2S_REQUIRE_ENCRYPTION=${S2S_REQUIRE_ENCRYPTION:-true}
+export S2S_SECURE_AUTH=${S2S_SECURE_AUTH:-true}

 exec "$@"
--- a/prosody.cfg.lua
+++ b/prosody.cfg.lua
@ -5,15 +5,16 @@ admins = {};

 use_libevent = true; -- improves performance

-allow_registration = true;
+allow_registration = os.getenv("ALLOW_REGISTRATION");

-c2s_require_encryption = true;
-s2s_secure_auth = true;
+c2s_require_encryption = os.getenv("C2S_REQUIRE_ENCRYPTION");
+s2s_require_encryption = os.getenv("S2S_REQUIRE_ENCRYPTION");
+s2s_secure_auth = os.getenv("S2S_SECURE_AUTH");

 authentication = "internal_hashed";

 log = {
-    {levels = {min = "info"}, to = "console"};
+    {levels = {min = os.getenv("LOG_LEVEL")}, to = "console"};
 };

 Include "conf.d/*.cfg.lua";
--- a/readme.md
+++ b/readme.md
@ -21,7 +21,7 @@ While Conversations got everything set-up out-of-the-box, Gajim was used with th
    - [Directories](#directories)
    - [Run](#run)
    - [Configuration](#configuration)
-    - [Environment variables](#environment-variables)
+      - [Environment variables](#environment-variables)
      - [DNS](#dns)
      - [server_contact_info](#server_contact_info)
    - [Debugging](#debugging)
@ -102,14 +102,19 @@ Inspect logs: ```docker-compose logs -f```

 ### Configuration

-### Environment variables
+#### Environment variables

 | Variable | Description | Type | Default value |
 | -------- | ----------- | ---- | ------------- |
+| **ALLOW_REGISTRATION** | Whether to allow registration of new accounts via Jabber clients | *optional* | true
 | **DOMAIN** | domain | **required** | null
 | **DOMAIN_HTTP_UPLOAD** | Domain which lets clients upload files over HTTP | *optional* | upload.**DOMAIN**
 | **DOMAIN_MUC** | Domain for Multi-user chat (MUC) for allowing you to create hosted chatrooms/conferences for XMPP users | *optional* | conference.**DOMAIN**
 | **DOMAIN_PROXY** | Domain for SOCKS5 bytestream proxy for server-proxied file transfers | *optional* | proxy.**DOMAIN**
+| **LOG_LEVEL** | Min log level. Change to debug for more information | *optional* | info
+| **C2S_REQUIRE_ENCRYPTION** | Whether to force all client-to-server connections to be encrypted or not | *optional* | true
+| **S2S_REQUIRE_ENCRYPTION** | Whether to force all server-to-server connections to be encrypted or not | *optional* | true
+| **S2S_SECURE_AUTH** | Require encryption and certificate authentication | *optional* | true

 #### DNS