Sara Aimée Smiseth 81e9c1abd9
Add LDAP authentication support to Prosody (#50)
This commit adds support for LDAP authentication.

The Dockerfile has been modified to install the required Lua modules (lua-ldap) and the prosody.cfg.lua file has been modified to add environment variables for configuring the LDAP connection. These environment variables include LDAP_BASE, LDAP_SERVER, LDAP_ROOTDN, LDAP_PASSWORD, LDAP_FILTER, LDAP_SCOPE, LDAP_TLS, LDAP_MODE, and LDAP_ADMIN_FILTER.

The authentication variable has also been updated to use the value of the AUTHENTICATION environment variable, which defaults to "internal_hashed" if not set. This allows users to configure Prosody to use LDAP for authentication instead of the default internal hashing method.

* Update test dependencies: aioxmpp, pytest-asyncio + add pytz to requirements.txt

This fixes the following error when running the tests:
E   ModuleNotFoundError: No module named 'pytz'

Instead of pytz only pytz-deprecation-shim was installed.

TODO Check if "pytz" can be removed from requirements.txt later on.
2023-03-25 11:23:51 +01:00

118 lines
4.1 KiB

FROM debian:bullseye-slim
ARG LUAROCKS_SHA256=bca6e4ecc02c203e070acdb5f586045d45c078896f6236eb46aa33ccd9b94edb
ARG PROSODY_DOWNLOAD_SHA256=35da0d031ff46040a2d638e004d4255e249b6323fe6212db9ddd76b401db2101
LABEL luarocks.version="${LUAROCKS_VERSION}"
LABEL org.opencontainers.image.authors="Sara Smiseth"
LABEL org.opencontainers.image.created="${BUILD_DATE}"
LABEL org.opencontainers.image.description="This docker image provides you with a configured Prosody XMPP server."
LABEL org.opencontainers.image.documentation=""
LABEL org.opencontainers.image.revision="${VCS_REF}"
LABEL org.opencontainers.image.source=""
LABEL org.opencontainers.image.title="prosody"
LABEL org.opencontainers.image.url=""
LABEL org.opencontainers.image.vendor="Sara Smiseth"
LABEL org.opencontainers.image.version="${VERSION}"
LABEL prosody.version="${PROSODY_VERSION}"
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y \
libevent-dev `# this is no build dependency, but needed for luaevent` \
libicu67 \
libidn11 \
libpq-dev \
libsqlite3-0 \
lua5.2 \
lua-bitop \
lua-dbi-mysql \
lua-expat \
lua-filesystem \
lua-ldap \
lua-socket \
lua-sec \
lua-unbound \
wget \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
RUN buildDeps='gcc git libc6-dev libidn11-dev liblua5.2-dev libsqlite3-dev libssl-dev libicu-dev make unzip' \
&& set -x \
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
&& wget -O prosody.tar.gz "${PROSODY_VERSION}.tar.gz" \
&& echo "${PROSODY_DOWNLOAD_SHA256} *prosody.tar.gz" | sha256sum -c - \
&& mkdir -p /usr/src/prosody \
&& tar -xzf prosody.tar.gz -C /usr/src/prosody --strip-components=1 \
&& rm prosody.tar.gz \
&& cd /usr/src/prosody && ./configure \
&& make \
&& make install \
&& cd / && rm -r /usr/src/prosody \
&& mkdir /usr/src/luarocks \
&& cd /usr/src/luarocks \
&& wget${LUAROCKS_VERSION}.tar.gz \
&& echo "${LUAROCKS_SHA256} luarocks-${LUAROCKS_VERSION}.tar.gz" | sha256sum -c - \
&& tar zxpf luarocks-${LUAROCKS_VERSION}.tar.gz \
&& cd luarocks-${LUAROCKS_VERSION} \
&& ./configure \
&& make bootstrap \
&& cd / && rm -r /usr/src/luarocks \
&& luarocks install luaevent \
&& luarocks install luadbi \
`#&& luarocks install luadbi-mysql MYSQL_INCDIR=/usr/include/mariadb/` \
&& luarocks install luadbi-postgresql POSTGRES_INCDIR=/usr/include/postgresql/ \
&& luarocks install luadbi-sqlite3 \
&& luarocks install stringy \
&& apt-get purge -y --auto-remove $buildDeps
EXPOSE 5000 5222 5223 5269 5347 5280 5281
RUN groupadd -r prosody \
&& useradd -r -g prosody prosody \
&& chown prosody:prosody /usr/local/var/lib/prosody
RUN mkdir -p /var/run/prosody/ \
&& chown prosody:prosody /var/run/prosody/
VOLUME ["/usr/local/var/lib/prosody"]
COPY prosody.cfg.lua /usr/local/etc/prosody/prosody.cfg.lua
COPY docker-entrypoint.bash /entrypoint.bash
COPY conf.d/*.cfg.lua /usr/local/etc/prosody/conf.d/
COPY *.bash /usr/local/bin/
RUN download-prosody-modules.bash \
&& docker-prosody-module-install.bash \
bookmarks `# XEP-0411: Bookmarks Conversion` \
carbons `# message carbons (XEP-0280)` \
cloud_notify `# XEP-0357: Push Notifications` \
csi `# client state indication (XEP-0352)` \
e2e_policy `# require end-2-end encryption` \
filter_chatstates `# disable "X is typing" type messages` \
smacks `# stream management (XEP-0198)` \
throttle_presence `# presence throttling in CSI` \
http_upload `# file sharing (XEP-0363)` \
vcard_muc `# XEP-0153: vCard-Based Avatar (MUC)` \
&& rm -rf "/usr/src/prosody-modules"
USER prosody
ENTRYPOINT ["/entrypoint.bash"]
CMD ["prosody", "-F"]