Chapril/xmpp.chapril.org-ejabberd
25
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-12-24 17:29:28 +01:00
Code Releases Activity

Update docker files from latest Rafael's changes

Browse Source
This commit is contained in:
Christophe Romain 2017-03-21 18:59:12 +01:00
parent e469b6ffb4
commit 430fc8eb62
28 changed files with 599 additions and 451 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
Dockerfile
View File

@ -1,25 +1,112 @@
FROM debian:jessie
FROM debian:jessie-slim
MAINTAINER Rafael Römhild <rafael@roemhild.de>
ENV XMPP_DOMAIN=localhost \
ENV EJABBERD_BRANCH=17.03 \
EJABBERD_USER=ejabberd \
EJABBERD_HTTPS=true \
EJABBERD_STARTTLS=true \
EJABBERD_S2S_SSL=true \
EJABBERD_HOME=/opt/ejabberd \
PATH=/opt/ejabberd/bin:/usr/sbin:/usr/bin:/sbin:/bin \
EJABBERD_DEBUG_MODE=false \
HOME=$EJABBERD_HOME \
PATH=$EJABBERD_HOME/bin:/usr/sbin:/usr/bin:/sbin:/bin \
DEBIAN_FRONTEND=noninteractive \
XMPP_DOMAIN=localhost \
# Set default locale for the environment
LC_ALL=C.UTF-8 \
LANG=en_US.UTF-8 \
LANGUAGE=en_US.UTF-8
# bootstrap
COPY . /tmp/ejabberd
RUN /tmp/ejabberd/docker/bootstrap.sh
# Add ejabberd user and group
RUN groupadd -r $EJABBERD_USER \
&& useradd -r -m \
-g $EJABBERD_USER \
-d $EJABBERD_HOME \
$EJABBERD_USER
# Install packages and perform cleanup
RUN set -x \
&& buildDeps=' \
git-core \
build-essential \
automake \
libssl-dev \
zlib1g-dev \
libexpat-dev \
libyaml-dev \
libsqlite3-dev \
erlang-src erlang-dev \
' \
&& requiredAptPackages=' \
locales \
ldnsutils \
python2.7 \
python-jinja2 \
ca-certificates \
libyaml-0-2 \
erlang-base erlang-snmp erlang-ssl erlang-ssh erlang-webtool \
erlang-tools erlang-xmerl erlang-corba erlang-diameter erlang-eldap \
erlang-eunit erlang-ic erlang-odbc erlang-os-mon \
erlang-parsetools erlang-percept erlang-typer erlang-inets \
python-mysqldb \
imagemagick \
' \
&& apt-key adv \
--keyserver keys.gnupg.net \
--recv-keys 434975BD900CCBE4F7EE1B1ED208507CA14F4FCA \
&& apt-get update \
&& apt-get install -y $buildDeps $requiredAptPackages --no-install-recommends \
&& dpkg-reconfigure locales && \
locale-gen C.UTF-8 \
&& /usr/sbin/update-locale LANG=C.UTF-8 \
&& echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen \
&& locale-gen \
&& cd /tmp \
&& git clone https://github.com/processone/ejabberd.git \
--branch $EJABBERD_BRANCH --single-branch --depth=1 \
&& cd ejabberd \
&& chmod +x ./autogen.sh \
&& ./autogen.sh \
&& ./configure --enable-user=$EJABBERD_USER \
--enable-all \
--disable-tools \
--disable-pam \
&& make debug=$EJABBERD_DEBUG_MODE \
&& make install \
&& mkdir $EJABBERD_HOME/ssl \
&& mkdir $EJABBERD_HOME/conf \
&& mkdir $EJABBERD_HOME/backup \
&& mkdir $EJABBERD_HOME/upload \
&& mkdir $EJABBERD_HOME/database \
&& mkdir $EJABBERD_HOME/module_source \
&& cd $EJABBERD_HOME \
&& rm -rf /tmp/ejabberd \
&& rm -rf /etc/ejabberd \
&& ln -sf $EJABBERD_HOME/conf /etc/ejabberd \
&& chown -R $EJABBERD_USER: $EJABBERD_HOME \
&& rm -rf /var/lib/apt/lists/* \
&& apt-get purge -y --auto-remove $buildDeps
# Wrapper for setting config on disk from environment
# allows setting things like XMPP domain at runtime
ADD ./docker/run.sh /sbin/run
# Add run scripts
ADD ./docker/scripts $EJABBERD_HOME/scripts
ADD https://raw.githubusercontent.com/rankenstein/ejabberd-auth-mysql/master/auth_mysql.py $EJABBERD_HOME/scripts/lib/auth_mysql.py
RUN chmod a+rx $EJABBERD_HOME/scripts/lib/auth_mysql.py
# Add config templates
ADD ./docker/conf /opt/ejabberd/conf
# Continue as user
USER ejabberd
USER $EJABBERD_USER
# Set workdir to ejabberd root
WORKDIR /opt/ejabberd
VOLUME ["/opt/ejabberd/conf", "/opt/ejabberd/database", "/opt/ejabberd/ssl", "/opt/ejabberd/backup", "/opt/ejabberd/upload", "/opt/ejabberd/modules"]
WORKDIR $EJABBERD_HOME
VOLUME ["$EJABBERD_HOME/database", "$EJABBERD_HOME/ssl", "$EJABBERD_HOME/backup", "$EJABBERD_HOME/upload"]
EXPOSE 4560 5222 5269 5280 5443
ENTRYPOINT ["/opt/ejabberd/docker/start.sh"]
CMD ["start"]
ENTRYPOINT ["run"]

75
docker/bootstrap.sh
View File

@ -1,75 +0,0 @@
#!/bin/sh
set -ex
export DEBIAN_FRONTEND="noninteractive"
readonly buildDeps='
git-core
build-essential
automake
libssl-dev
zlib1g-dev
libexpat-dev
libyaml-dev
libsqlite3-dev
erlang-src erlang-dev'
readonly requiredAptPackages='
locales
ldnsutils
python2.7
python-jinja2
ca-certificates
libyaml-0-2
erlang-base erlang-snmp erlang-ssl erlang-ssh erlang-webtool
erlang-tools erlang-xmerl erlang-corba erlang-diameter erlang-eldap
erlang-eunit erlang-ic erlang-odbc erlang-os-mon
erlang-parsetools erlang-percept erlang-typer
python-mysqldb
imagemagick'
apt-key adv \
--keyserver keys.gnupg.net \
--recv-keys 434975BD900CCBE4F7EE1B1ED208507CA14F4FCA
apt-get update
apt-get install -y $buildDeps $requiredAptPackages --no-install-recommends
dpkg-reconfigure locales && locale-gen C.UTF-8
/usr/sbin/update-locale LANG=C.UTF-8
echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen
locale-gen
# add ejabberd user
useradd --home $EJABBERD_HOME -M --system ejabberd
mkdir $EJABBERD_HOME
cd /tmp/ejabberd
chmod +x ./autogen.sh
./autogen.sh
./configure --enable-user=ejabberd \
--enable-all \
--disable-tools \
--disable-pam
make debug=$EJABBERD_DEBUG_MODE
make install
cd $EJABBERD_HOME
mkdir -p logs ssl backup upload module_source modules/conf
mv /tmp/ejabberd/docker $EJABBERD_HOME
# Move config to homedir
mv /etc/ejabberd conf
ln -s $EJABBERD_HOME/conf /etc/ejabberd
# rename original configs
mv conf/ejabberd.yml conf/ejabberd.yml.orig
mv conf/ejabberdctl.cfg conf/ejabberdctl.cfg.orig
# clean up
rm -rf /tmp/ejabberd
rm -rf /var/lib/apt/lists/*
apt-get purge -y --auto-remove $buildDeps
# change owner for ejabberd home
chown -R ejabberd $EJABBERD_HOME

17
docker/conf/ejabberd.yml.tpl
View File

@ -300,7 +300,7 @@ modules:
mod_caps: {}
mod_carboncopy: {}
mod_client_state:
drop_chat_states: true
queue_chat_states: true
queue_presence: false
mod_configure: {} # requires mod_adhoc
mod_disco: {}
@ -311,6 +311,8 @@ modules:
## docroot: "/var/www"
## accesslog: "/var/log/ejabberd/access.log"
mod_last: {}
mod_mam:
default: always
mod_muc:
host: "conference.@HOST@"
access: muc
@ -404,12 +406,13 @@ host_config:
{%- if env['EJABBERD_CONFIGURE_ODBC'] == "true" %}
### ====================
### ODBC DATABASE CONFIG
odbc_type: {{ env['EJABBERD_ODBC_TYPE'] }}
odbc_server: {{ env['EJABBERD_ODBC_SERVER'] }}
odbc_database: {{ env['EJABBERD_ODBC_DATABASE'] }}
odbc_username: {{ env['EJABBERD_ODBC_USERNAME'] }}
odbc_password: {{ env['EJABBERD_ODBC_PASSWORD'] }}
odbc_pool_size: {{ env['EJABBERD_ODBC_POOL_SIZE'] }}
sql_type: {{ env['EJABBERD_ODBC_TYPE'] }}
sql_server: "{{ env['EJABBERD_ODBC_SERVER'] }}"
sql_database: "{{ env['EJABBERD_ODBC_DATABASE'] }}"
sql_username: "{{ env['EJABBERD_ODBC_USERNAME'] }}"
sql_password: "{{ env['EJABBERD_ODBC_PASSWORD'] }}"
default_db: sql
{% endif %}
{%- if env['EJABBERD_DEFAULT_DB'] is defined %}

54
docker/conf/ejabberdctl.cfg.tpl
View File

@ -10,7 +10,7 @@
#
# Default: true
#
POLL={{ env['POLL'] or 'true' }}
#POLL=true
#.
#' SMP: SMP support ([enable|auto|disable])
@ -24,7 +24,7 @@ POLL={{ env['POLL'] or 'true' }}
#
# Default: auto
#
SMP={{ env['SMP'] or 'auto' }}
#SMP=auto
#.
#' ERL_MAX_PORTS: Maximum number of simultaneously open Erlang ports
@ -36,7 +36,7 @@ SMP={{ env['SMP'] or 'auto' }}
# Default: 32000
# Maximum: 268435456
#
ERL_MAX_PORTS={{ env['ERL_MAX_PORTS'] or '32000' }}
#ERL_MAX_PORTS=32000
#.
#' FIREWALL_WINDOW: Range of allowed ports to pass through a firewall
@ -48,9 +48,7 @@ ERL_MAX_PORTS={{ env['ERL_MAX_PORTS'] or '32000' }}
# Default: not defined
# Example: 4200-4210
#
{%- if env['FIREWALL_WINDOW'] %}
FIREWALL_WINDOW={{ env['FIREWALL_WINDOW'] }}
{%- endif %}
#FIREWALL_WINDOW=
#.
#' INET_DIST_INTERFACE: IP address where this Erlang node listens other nodes
@ -58,11 +56,9 @@ FIREWALL_WINDOW={{ env['FIREWALL_WINDOW'] }}
# This communication is used by ejabberdctl command line tool,
# and in a cluster of several ejabberd nodes.
#
# Default: 0.0.0.0
# Default: 127.0.0.1
#
{%- if env['INET_DIST_INTERFACE'] %}
INET_DIST_INTERFACE={{ env['INET_DIST_INTERFACE'] }}
{%- endif %}
#INET_DIST_INTERFACE=127.0.0.1
#.
#' ERL_EPMD_ADDRESS: IP addresses where epmd listens for connections
@ -78,9 +74,7 @@ INET_DIST_INTERFACE={{ env['INET_DIST_INTERFACE'] }}
#
# Default: 0.0.0.0
#
{%- if env['ERL_EPMD_ADDRESS'] %}
ERL_EPMD_ADDRESS={{ env['ERL_EPMD_ADDRESS'] }}
{%- endif %}
#ERL_EPMD_ADDRESS=127.0.0.1
#.
#' ERL_PROCESSES: Maximum number of Erlang processes
@ -94,7 +88,7 @@ ERL_EPMD_ADDRESS={{ env['ERL_EPMD_ADDRESS'] }}
# Default: 250000
# Maximum: 268435456
#
ERL_PROCESSES={{ env['ERL_PROCESSES'] or '250000' }}
#ERL_PROCESSES=250000
#.
#' ERL_MAX_ETS_TABLES: Maximum number of ETS and Mnesia tables
@ -107,7 +101,7 @@ ERL_PROCESSES={{ env['ERL_PROCESSES'] or '250000' }}
#
# Default: 1400
#
ERL_MAX_ETS_TABLES={{ env['ERL_MAX_ETS_TABLES'] or '1400' }}
#ERL_MAX_ETS_TABLES=1400
#.
#' ERL_OPTIONS: Additional Erlang options
@ -122,7 +116,7 @@ ERL_MAX_ETS_TABLES={{ env['ERL_MAX_ETS_TABLES'] or '1400' }}
#
# Default: ""
#
ERL_OPTIONS="{{ env['ERL_OPTIONS'] or '-noshell' }}"
ERL_OPTIONS="{{ env['ERL_OPTIONS'] or "-noshell" }}"
#.
#' ERLANG_NODE: Erlang node name
@ -140,7 +134,7 @@ ERL_OPTIONS="{{ env['ERL_OPTIONS'] or '-noshell' }}"
#
# Default: ejabberd@localhost
#
ERLANG_NODE={{ env['ERLANG_NODE'] or 'ejabberd@localhost' }}
ERLANG_NODE={{ env['ERLANG_NODE'] or "ejabberd@localhost" }}
#.
#' EJABBERD_PID_PATH: ejabberd PID file
@ -163,7 +157,7 @@ ERLANG_NODE={{ env['ERLANG_NODE'] or 'ejabberd@localhost' }}
#
# Default: $ETC_DIR/ejabberd.yml
#
EJABBERD_CONFIG_PATH={{ env['EJABBERD_CONFIG_PATH'] or '/opt/ejabberd/conf/ejabberd.yml' }}
#EJABBERD_CONFIG_PATH=/etc/ejabberd/ejabberd.yml
#.
#' CONTRIB_MODULES_PATH: contributed ejabberd modules path
@ -173,19 +167,7 @@ EJABBERD_CONFIG_PATH={{ env['EJABBERD_CONFIG_PATH'] or '/opt/ejabberd/conf/ejabb
#
# Default: $HOME/.ejabberd-modules
#
CONTRIB_MODULES_PATH={{ env['CONTRIB_MODULES_PATH'] or '/opt/ejabberd/modules' }}
#.
#' CONTRIB_MODULES_CONF_DIR: configuration directory for contributed modules
#
# Specify the full path to the configuration directory for contributed ejabberd
# modules. In order to configure a module named mod_foo, a mod_foo.yml file can
# be created in this directory. This file will then be used instead of the
# default configuration file provided with the module.
#
# Default: $CONTRIB_MODULES_PATH/conf
#
CONTRIB_MODULES_CONF_DIR={{ env['CONTRIB_MODULES_CONF_DIR'] or '/opt/ejabberd/modules/conf' }}
#CONTRIB_MODULES_PATH=/opt/ejabberd-modules
#.
#' EJABBERD_BYPASS_WARNINGS: Bypass LIVE warning
@ -195,5 +177,11 @@ CONTRIB_MODULES_CONF_DIR={{ env['CONTRIB_MODULES_CONF_DIR'] or '/opt/ejabberd/mo
EJABBERD_BYPASS_WARNINGS=true
#.
#'
# vim: foldmarker=#',#. foldmethod=marker:
#' SPOOL_DIR: Database spool dir
#
# Specify the full path to the database spool dir used in binary installer for
# backwards compatibility.
#
# Docker: rroemhild/ejabberd
#
SPOOL_DIR=$EJABBERD_HOME/database/$ERLANG_NODE

3
docker/conf/inetrc Normal file
View File

@ -0,0 +1,3 @@
{lookup,["file","native"]}.
{host,{127,0,0,1}, ["localhost","hostalias"]}.
{file, resolv, "/etc/resolv.conf"}.

22
docker/lib/base_config.sh
View File

@ -1,22 +0,0 @@
readonly HOSTIP=$(hostname -i)
readonly HOSTNAME=$(hostname -f)
readonly DOMAINNAME=$(hostname -d)
readonly DOCKER_LIB="${EJABBERD_HOME}/docker/lib"
readonly ERLANGCOOKIEFILE="${EJABBERD_HOME}/.erlang.cookie"
readonly EJABBERDCTL="/sbin/ejabberdctl"
readonly CONFIGDIR="${EJABBERD_HOME}/conf"
readonly CONFIGTMPDIR="${EJABBERD_HOME}/docker/conf"
readonly SSLCERTDIR="${EJABBERD_HOME}/ssl"
readonly SSLCERTHOST="${SSLCERTDIR}/host.pem"
readonly LOGDIR="/var/log/ejabberd"
readonly FIRST_START_DONE_FILE="${EJABBERD_HOME}/first-start-done"
readonly CLUSTER_NODE_FILE="${EJABBERD_HOME}/cluster-done"
readonly PYTHON_JINJA2="import os;
import sys;
import jinja2;
sys.stdout.write(
jinja2.Template
(sys.stdin.read()
).render(env=os.environ))"

72
docker/post/20_ejabberd_register_users.sh
View File

@ -1,72 +0,0 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/docker/lib/base_config.sh"
source "${EJABBERD_HOME}/docker/lib/config.sh"
source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
source "${EJABBERD_HOME}/docker/lib/functions.sh"
# Do not exit if users already registered
set +e
randpw() {
< /dev/urandom tr -dc A-Z-a-z-0-9 | head -c ${1:-16};
echo;
}
register_user() {
local user=$1
local domain=$2
local password=$3
${EJABBERDCTL} register ${user} ${domain} ${password}
return $?
}
register_all_users() {
# register users from environment $EJABBERD_USERS with given
# password or random password written to stout. Use whitespace
# to seperate users.
#
# sample:
# - add a user with an given password:
# -e "EJABBERD_USERS=admin@example.com:adminSecret"
# - add a user with a random password:
# -e "EJABBERD_USERS=user@example.com"
# - set password for admin and use random for user1:
# -e "EJABBERD_USERS=admin@example.com:adminSecret user@example.com"
for user in ${EJABBERD_USERS} ; do
local jid=${user%%:*}
local password=${user#*:}
local username=${jid%%@*}
local domain=${jid#*@}
[[ "${password}" == "${jid}" ]] \
&& password=$(randpw)
register_user ${username} ${domain} ${password}
local retval=$?
[[ ${retval} -eq 0 ]] \
&& log "Password for user ${username}@${domain} is ${password}"
done
}
file_exist ${FIRST_START_DONE_FILE} \
&& exit 0
file_exist ${CLUSTER_NODE_FILE} \
&& exit 0
is_set ${EJABBERD_USERS} \
&& register_all_users
exit 0

17
docker/post/99_first_start_done.sh
View File

@ -1,17 +0,0 @@
#!/bin/bash
set -e
# Write a first-start-done file
source "${EJABBERD_HOME}/docker/lib/base_config.sh"
source "${EJABBERD_HOME}/docker/lib/config.sh"
source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
source "${EJABBERD_HOME}/docker/lib/functions.sh"
if [ ! -e "${FIRST_START_DONE_FILE}" ]; then
touch ${FIRST_START_DONE_FILE}
fi
exit 0

22
docker/pre/03_make_dhparam.sh
View File

@ -1,22 +0,0 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/docker/lib/base_config.sh"
source "${EJABBERD_HOME}/docker/lib/config.sh"
source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
source "${EJABBERD_HOME}/docker/lib/functions.sh"
make_dhparam() {
local dhfile=$1
local bits=$2
log "Writing dh file to '${dhfile}'..."
openssl dhparam -out ${dhfile} ${bits}
}
if is_true ${EJABBERD_DHPARAM} ; then
file_exist ${SSLDHPARAM} \
|| make_dhparam ${SSLDHPARAM} 4096
fi
exit 0

36
docker/pre/20_ejabberd_config.sh
View File

@ -1,36 +0,0 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/docker/lib/base_config.sh"
source "${EJABBERD_HOME}/docker/lib/config.sh"
source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
source "${EJABBERD_HOME}/docker/lib/functions.sh"
make_config() {
local filename=$1
local template="${CONFIGTMPDIR}/${filename}.tpl"
local configfile="${CONFIGDIR}/${filename}"
file_exist $configfile \
&& return 1
if [ ! -e ${configfile} ]; then
log "Generating ${configfile} config file..."
cat $template \
| python -c "${PYTHON_JINJA2}" \
> $configfile
else
echo "File ${configfile} exists."
fi
}
# /opt/ejabberd/conf/ejabberd.yml
make_config "ejabberd.yml"
# /opt/ejabberd/conf/ejabberdctl.cfg
make_config "ejabberdctl.cfg"
exit 0

99
docker/run.sh Executable file
View File

@ -0,0 +1,99 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
# discover hostname
readonly nodename=$(get_nodename)
is_zero ${ERLANG_NODE} \
&& export ERLANG_NODE="ejabberd@localhost"
## backward compatibility
# if ERLANG_NODE is true reset it to "ejabberd" and add
# hostname to the nodename.
# else: export ${ERLANG_NODE} with nodename
if (is_true ${ERLANG_NODE}); then
export ERLANG_NODE="ejabberd@${nodename}"
fi
run_scripts() {
local run_script_dir="${EJABBERD_HOME}/scripts/${1}"
for script in ${run_script_dir}/*.sh ; do
if [ -f ${script} -a -x ${script} ] ; then
${script}
fi
done
}
pre_scripts() {
run_scripts "pre"
}
post_scripts() {
run_scripts "post"
}
stop_scripts() {
run_scripts "stop"
}
ctl() {
local action="$1"
${EJABBERDCTL} ${action} >/dev/null
}
_trap() {
echo "Stopping ejabberd..."
stop_scripts
if ctl stop ; then
local cnt=0
sleep 1
while ctl status || test $? = 1 ; do
cnt=`expr $cnt + 1`
if [ $cnt -ge 60 ] ; then
break
fi
sleep 1
done
fi
}
# Catch signals and shutdown ejabberd
trap _trap SIGTERM SIGINT
## run ejabberd
case "$@" in
start)
pre_scripts
tail -n 0 -F ${LOGDIR}/crash.log \
${LOGDIR}/error.log \
${LOGDIR}/erlang.log &
echo "Starting ejabberd..."
exec ${EJABBERDCTL} "foreground" &
child=$!
${EJABBERDCTL} "started"
post_scripts
wait $child
;;
live)
pre_scripts
echo "Starting ejabberd in 'live' mode..."
exec ${EJABBERDCTL} "live"
;;
shell)
exec "/bin/bash"
;;
*)
exec $@
;;
esac

53
docker/scripts/lib/base_config.sh Normal file
View File

@ -0,0 +1,53 @@
readonly HOSTIP=$(hostname -i)
readonly HOSTNAME=$(hostname -f)
readonly DOMAINNAME=$(hostname -d)
readonly ERLANGCOOKIEFILE="${EJABBERD_HOME}/.erlang.cookie"
readonly EJABBERDCTL="/sbin/ejabberdctl"
readonly CONFIGFILE="${EJABBERD_HOME}/conf/ejabberd.yml"
readonly CONFIGTEMPLATE="${EJABBERD_HOME}/conf/ejabberd.yml.tpl"
readonly CTLCONFIGFILE="${EJABBERD_HOME}/conf/ejabberdctl.cfg"
readonly CTLCONFIGTEMPLATE="${EJABBERD_HOME}/conf/ejabberdctl.cfg.tpl"
readonly SSLCERTDIR="${EJABBERD_HOME}/ssl"
readonly SSLCERTHOST="${SSLCERTDIR}/host.pem"
readonly SSLDHPARAM="${SSLCERTDIR}/dh.pem"
readonly LOGDIR="/var/log/ejabberd"
readonly FIRST_START_DONE_FILE="/${EJABBERD_HOME}/first-start-done"
readonly CLUSTER_NODE_FILE="/${EJABBERD_HOME}/cluster-done"
readonly PYTHON_JINJA2="import os;
import sys;
import jinja2;
sys.stdout.write(
jinja2.Template
(sys.stdin.read()
).render(env=os.environ))"
# backward compatibility environment variables
set +e
[[ -n $EJABBERD_ADMIN ]] \
&& export EJABBERD_ADMINS=${EJABBERD_ADMIN}
[[ -n $AUTH_METHOD ]] \
&& export EJABBERD_AUTH_METHOD=${AUTH_METHOD}
[[ -n $SKIP_MODULES_UPDATE ]] \
&& export EJABBERD_SKIP_MODULES_UPDATE=${SKIP_MODULES_UPDATE}
[[ -n $ERL_OPTIONS ]] \
&& export ERLANG_OPTIONS=${ERL_OPTIONS}
[[ -n $SSLCERT_HOST ]] \
&& export EJABBERD_SSLCERT_HOST=${SSLCERT_HOST}
[[ -n $SSLCERT_EXAMPLE_COM ]] \
&& export EJABBERD_SSLCERT_EXAMPLE_COM=${SSLCERT_EXAMPLE_COM}
[[ -n $LOGLEVEL ]] \
&& export EJABBERD_LOGLEVEL=${LOGLEVEL}
[[ -n $EJABBERD_WEB_ADMIN_SSL ]] \
&& export EJABBERD_HTTPS=${EJABBERD_WEB_ADMIN_SSL}
set -e

16
docker/lib/base_functions.sh → docker/scripts/lib/base_functions.sh
View File

@ -29,16 +29,10 @@ is_true() {
}
log() {
local message=$1
echo $message
}
# overwrite this function to get hostname from other sources
# like dns or etcd
get_nodename() {
log ${HOSTNAME}
echo ${HOSTNAME}
}
@ -48,25 +42,25 @@ join_cluster() {
is_zero ${cluster_node} \
&& exit 0
log "Join cluster..."
echo "Join cluster..."
local erlang_node_name=${ERLANG_NODE%@*}
local erlang_cluster_node="${erlang_node_name}@${cluster_node}"
response=$(${EJABBERDCTL} ping ${erlang_cluster_node})
while [ "$response" != "pong" ]; do
log "Waiting for ${erlang_cluster_node}..."
echo "Waiting for ${erlang_cluster_node}..."
sleep 2
response=$(${EJABBERDCTL} ping ${erlang_cluster_node})
done
log "Join cluster at ${erlang_cluster_node}... "
echo "Join cluster at ${erlang_cluster_node}... "
NO_WARNINGS=true ${EJABBERDCTL} join_cluster $erlang_cluster_node
if [ $? -eq 0 ]; then
touch ${CLUSTER_NODE_FILE}
else
log "cloud not join cluster"
echo "cloud not join cluster"
exit 1
fi
}

0
docker/lib/config.sh → docker/scripts/lib/config.sh
View File

0
docker/lib/functions.sh → docker/scripts/lib/functions.sh
View File

10
docker/post/10_ejabberd_modules_update_specs.sh → docker/scripts/post/10_ejabberd_modules_update_specs.sh
View File

@ -3,14 +3,14 @@ set -e
# Updates the known modules as to be found in https://github.com/processone/ejabberd-contrib
source "${EJABBERD_HOME}/docker/lib/base_config.sh"
source "${EJABBERD_HOME}/docker/lib/config.sh"
source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
source "${EJABBERD_HOME}/docker/lib/functions.sh"
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
run_modules_update_specs() {
log "Updating module specs... "
echo -n 'Updating module specs... '
${EJABBERDCTL} modules_update_specs
}

53
docker/post/11_ejabberd_install_modules.sh → docker/scripts/post/11_ejabberd_install_modules.sh
View File

@ -3,55 +3,54 @@ set -e
# Installs modules as defined in environment variables
source "${EJABBERD_HOME}/docker/lib/base_config.sh"
source "${EJABBERD_HOME}/docker/lib/config.sh"
source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
source "${EJABBERD_HOME}/docker/lib/functions.sh"
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
install_module_from_source() {
local module_name=$1
local module_source_path=${EJABBERD_HOME}/module_source/${module_name}
local module_install_folder=${EJABBERD_HOME}/.ejabberd-modules/sources/${module_name}
log "Analyzing module ${module_name} for installation"
local module_install_folder=${EJABBERD_HOME}/.ejabberd-modules/sources
echo "Analyzing module ${module_name} for installation"
# Make sure that the module exists in the source folder before attempting a copy
if [ ! -d ${module_source_path} ]; then
log "Error: Module ${module_name} not found in ${EJABBERD_HOME}/module_source"
log "Please use a shared volume to populate your module in ${EJABBERD_HOME}/module_source"
echo "Error: Module ${module_name} not found in ${EJABBERD_HOME}/module_source"
echo "Please use a shared volume to populate your module in ${EJABBERD_HOME}/module_source"
return 1;
fi
# Check to see if the module is already installed
local install_count=$(${EJABBERDCTL} modules_installed | grep -ce "^${module_name}[[:space:]]")
if [ $install_count -gt 0 ]; then
log "Error: Module already installed: ${module_name}"
echo "Error: Module already installed: ${module_name}"
return 1;
fi
# Copy the module into the shared folder
log "Copying module to ejabberd folder ${module_install_folder}"
echo "Copying module to ejabberd folder ${module_install_folder}"
mkdir -p ${module_install_folder}
cp -R ${module_source_path} ${module_install_folder}
# Run the ejabberdctl module_check on the module
log "Running module_check on ${module_name}"
echo "Running module_check on ${module_name}"
${EJABBERDCTL} module_check ${module_name}
if [ $? -ne 0 ]; then
log "Module check failed for ${module_name}"
echo "Module check failed for ${module_name}"
return 1;
fi
log "Module check succeeded for ${module_name}"
echo "Module check succeeded for ${module_name}"
# Install the module
log "Running module_install on ${module_name}"
echo "Running module_install on ${module_name}"
${EJABBERDCTL} module_install ${module_name}
if [ $? -ne 0 ]; then
log "Module installation failed for ${module_name}"
echo "Module installation failed for ${module_name}"
return 1;
fi
log "Module installation succeeded for ${module_name}"
echo "Module installation succeeded for ${module_name}"
return 0;
}
@ -62,18 +61,18 @@ install_module_from_ejabberd_contrib() {
# Check to see if the module is already installed
local install_count=$(${EJABBERDCTL} modules_installed | grep -ce "^${module_name}[[:space:]]")
if [ $install_count -gt 0 ]; then
log "Error: Module already installed: ejabberd_contrib ${module_name}"
echo "Error: Module already installed: ejabberd_contrib ${module_name}"
return 1;
fi
# Install the module
log "Running module_install on ejabberd_contrib ${module_name}"
echo "Running module_install on ejabberd_contrib ${module_name}"
${EJABBERDCTL} module_install ${module_name}
if [ $? -ne 0 ]; then
log "Module installation failed for ejabberd_contrib ${module_name}"
echo "Module installation failed for ejabberd_contrib ${module_name}"
return 1;
fi
log "Module installation succeeded for ejabberd_contrib ${module_name}"
echo "Module installation succeeded for ejabberd_contrib ${module_name}"
return 0;
}
@ -86,21 +85,21 @@ enable_custom_auth_module_override() {
required_prefix="ejabberd_auth_"
if [[ "${module_name}" != "${required_prefix}"* ]]; then
log "Error: module_name must begin with ${required_prefix}"
echo "Error: module_name must begin with ${required_prefix}"
exit 1;
fi
log "Checking custom auth module: ${module_name}"
echo "Checking custom auth module: ${module_name}"
# Make sure the auth module is installed
local install_count=$(${EJABBERDCTL} modules_installed | grep -ce "^${module_name}[[:space:]]")
if [ $install_count -eq 0 ]; then
log "Error: custom auth_module not installed: ${module_name}"
echo "Error: custom auth_module not installed: ${module_name}"
return 1;
fi
custom_auth_method=${module_name#$required_prefix}
echo -e "\nauth_method: [${custom_auth_method}]" >> ${CONFIGFILE}
log "Custom auth module ${module_name} configuration complete."
echo "Custom auth module ${module_name} configuration complete."
}
file_exist ${FIRST_START_DONE_FILE} \
@ -133,7 +132,7 @@ fi
# If any modules were installed, restart the server, if the option is enabled
if [ ${is_restart_needed} -eq 1 ]; then
if is_true ${EJABBERD_RESTART_AFTER_MODULE_INSTALL} ; then
log "Restarting ejabberd after successful module installation(s)"
echo "Restarting ejabberd after successful module installation(s)"
${EJABBERDCTL} restart
child=$!
${EJABBERDCTL} "started"

118
docker/scripts/post/20_ejabberd_register_users.sh Executable file
View File

@ -0,0 +1,118 @@
#!/bin/bash
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
# Do not exit if users already registered
set +e
randpw() {
< /dev/urandom tr -dc A-Z-a-z-0-9 | head -c ${1:-16};
echo;
}
register_user() {
local user=$1
local domain=$2
local password=$3
${EJABBERDCTL} register ${user} ${domain} ${password}
return $?
}
register_all_users() {
# register users from environment $EJABBERD_USERS with given
# password or random password written to stout. Use whitespace
# to seperate users.
#
# sample:
# - add a user with an given password:
# -e "EJABBERD_USERS=admin@example.com:adminSecret"
# - add a user with a random password:
# -e "EJABBERD_USERS=user@example.com"
# - set password for admin and use random for user1:
# -e "EJABBERD_USERS=admin@example.com:adminSecret user@example.com"
for user in ${EJABBERD_USERS} ; do
local jid=${user%%:*}
local password=${user#*:}
local username=${jid%%@*}
local domain=${jid#*@}
[[ "${password}" == "${jid}" ]] \
&& password=$(randpw)
register_user ${username} ${domain} ${password}
local retval=$?
[[ ${retval} -eq 0 ]] \
&& echo "Password for user ${username}@${domain} is ${password}"
done
}
file_exist ${FIRST_START_DONE_FILE} \
&& exit 0
file_exist ${CLUSTER_NODE_FILE} \
&& exit 0
is_set ${EJABBERD_USERS} \
&& register_all_users
##################################
## Keep for backward compatibility
register_all_ejabberd_admins() {
# add all admins from environment $EJABBERD_ADMINS with the passwords from
# environment $EJABBERD_ADMIN_PASS.
local passwords
local IFS=' '
read -a passwords <<< "${EJABBERD_ADMIN_PWD}"
for admin in ${EJABBERD_ADMINS} ; do
local user=${admin%%@*}
local domain=${admin#*@}
local password=${passwords[0]}
passwords=("${passwords[@]:1}")
register_user ${user} ${domain} ${password}
done
}
register_all_ejabberd_admins_randpw() {
# add all admins from environment $EJABBERD_ADMINS with a random
# password and write the password to stdout.
for admin in ${EJABBERD_ADMINS} ; do
local user=${admin%%@*}
local domain=${admin#*@}
local password=$(randpw)
register_user ${user} ${domain} ${password}
local retval=$?
[[ ${retval} -eq 0 ]] \
&& echo "Password for user ${user}@${domain} is ${password}"
done
}
is_set ${EJABBERD_ADMIN_PWD} \
&& register_all_ejabberd_admins
is_true ${EJABBERD_ADMIN_RANDPWD} \
&& register_all_ejabberd_admins_randpw
exit 0

14
docker/scripts/post/99_first_start_done.sh Executable file
View File

@ -0,0 +1,14 @@
#!/bin/bash
set -e
# Write a first-start-done file
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
if [ ! -e "${FIRST_START_DONE_FILE}" ]; then
touch ${FIRST_START_DONE_FILE}
fi

23
docker/scripts/pre/00_change_user.sh Executable file
View File

@ -0,0 +1,23 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
readonly whoami=$(whoami)
change_ejabberd_run_user() {
echo "Change ejabberd install user to root..."
sed -i "s/INSTALLUSER=${EJABBERD_USER}/INSTALLUSER=${whoami}/" ${EJABBERDCTL}
}
[[ "${whoami}" == "root" ]] \
&& change_ejabberd_run_user
exit 0

13
docker/pre/01_write_certifiates_from_env.sh → docker/scripts/pre/01_write_certifiates_from_env.sh
View File

@ -1,10 +1,10 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/docker/lib/base_config.sh"
source "${EJABBERD_HOME}/docker/lib/config.sh"
source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
source "${EJABBERD_HOME}/docker/lib/functions.sh"
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
# Instead of having to mount a direction, specify the ssl certs
# via environment variables:
@ -12,9 +12,9 @@ source "${EJABBERD_HOME}/docker/lib/functions.sh"
# For example: `EJABBERD_SSLCERT_EXAMPLE_COM`.
write_file_from_env() {
log "Writing $1 to $2"
echo "Writing $1 to $2"
mkdir -p "$(dirname $2)"
log "${!1}" > $2
echo "${!1}" > $2
}
# Write the host certificate
@ -30,5 +30,4 @@ for xmpp_domain in ${XMPP_DOMAIN} ; do
fi
done
exit 0

34
docker/pre/02_make_snakeoil_certificates.sh → docker/scripts/pre/02_make_snakeoil_certificates.sh
View File

@ -1,10 +1,10 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/docker/lib/base_config.sh"
source "${EJABBERD_HOME}/docker/lib/config.sh"
source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
source "${EJABBERD_HOME}/docker/lib/functions.sh"
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
make_snakeoil_certificate() {
@ -20,7 +20,7 @@ make_snakeoil_certificate() {
-keyout /tmp/selfsigned.key \
-out /tmp/selfsigned.crt
log "Writing ssl cert and private key to '${certfile}'..."
echo "Writing ssl cert and private key to '${certfile}'..."
cat /tmp/selfsigned.crt /tmp/selfsigned.key > ${certfile}
rm /tmp/selfsigned.crt /tmp/selfsigned.key
}
@ -43,7 +43,8 @@ make_host_snakeoil_certificate() {
fi
fi
log "Generating snakeoil ssl cert for ${domain}..."
echo -n "Missing ssl cert for your host. "
echo "Generating snakeoil ssl cert for ${domain}..."
make_snakeoil_certificate ${domain} ${SSLCERTHOST}
}
@ -53,17 +54,33 @@ make_domain_snakeoil_certificate() {
local domain=$1
local certfile=$2
log "Generating snakeoil ssl cert for ${domain}..."
echo -n "Missing ssl cert for your xmpp domain. "
echo "Generating snakeoil ssl cert for ${domain}..."
make_snakeoil_certificate ${domain} ${certfile}
}
## backward compatibility
# link old xmpp_domain.pem file to the first <domainname>.pem in XMPP_DOMAIN
readonly SSLCERTDOMAIN="${SSLCERTDIR}/xmpp_domain.pem"
if file_exist ${SSLCERTDOMAIN} ; then
for xmpp_domain in ${XMPP_DOMAIN} ; do
file_exist "${SSLCERTDIR}/${xmpp_domain}.pem" \
|| ln -s ${SSLCERTDOMAIN} "${SSLCERTDIR}/${xmpp_domain}.pem"
break
done
fi
is_true ${EJABBERD_SKIP_MAKE_SSLCERT} \
&& echo "Skip certificate generation" \
&& exit 0
# generate host ssl cert if missing
file_exist ${SSLCERTHOST} \
|| make_host_snakeoil_certificate
# generate xmmp domain ssl certificates if missing
for xmpp_domain in ${XMPP_DOMAIN} ; do
domain_certfile="${SSLCERTDIR}/${xmpp_domain}.pem"
@ -71,5 +88,4 @@ for xmpp_domain in ${XMPP_DOMAIN} ; do
|| make_domain_snakeoil_certificate ${xmpp_domain} ${domain_certfile}
done
exit 0

28
docker/scripts/pre/03_make_dhparam.sh Executable file
View File

@ -0,0 +1,28 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
make_dhparam() {
local dhfile=$1
local bits=$2
echo "Writing dh file to '${dhfile}'..."
openssl dhparam -out ${dhfile} ${bits}
}
is_true ${EJABBERD_SKIP_MAKE_DHPARAM} \
&& echo "Skip DH param generation" \
&& exit 0
if is_true ${EJABBERD_DHPARAM} ; then
file_exist ${SSLDHPARAM} \
|| make_dhparam ${SSLDHPARAM} 4096
fi
exit 0

13
docker/pre/10_erlang_cookie.sh → docker/scripts/pre/10_erlang_cookie.sh
View File

@ -1,14 +1,14 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/docker/lib/base_config.sh"
source "${EJABBERD_HOME}/docker/lib/config.sh"
source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
source "${EJABBERD_HOME}/docker/lib/functions.sh"
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
set_erlang_cookie() {
chmod 600 ${ERLANGCOOKIEFILE}
log "Set erlang cookie to ${ERLANG_COOKIE}..."
echo "Set erlang cookie to ${ERLANG_COOKIE}..."
echo ${ERLANG_COOKIE} > ${ERLANGCOOKIEFILE}
chmod 400 ${ERLANGCOOKIEFILE}
}
@ -22,5 +22,4 @@ file_exist ${FIRST_START_DONE_FILE} \
is_set ${ERLANG_COOKIE} \
&& set_erlang_cookie
exit 0

38
docker/scripts/pre/20_ejabberd_config.sh Executable file
View File

@ -0,0 +1,38 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
make_config() {
if [ ! -e ${CONFIGFILE} ]; then
echo "Generating ejabberd config file..."
cat ${CONFIGTEMPLATE} \
| python -c "${PYTHON_JINJA2}" \
> ${CONFIGFILE}
else
echo "ejabberd config file exists."
fi
if [ ! -e ${CTLCONFIGFILE} ]; then
echo "Generating ejabberdctl config file..."
cat ${CTLCONFIGTEMPLATE} \
| python -c "${PYTHON_JINJA2}" \
> ${CTLCONFIGFILE}
else
echo "ejabberdctl config file exists."
fi
}
file_exist ${FIRST_START_DONE_FILE} \
&& exit 0
# generate config file
make_config
exit 0

21
docker/scripts/stop/10_leave_cluster.sh Executable file
View File

@ -0,0 +1,21 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
source "${EJABBERD_HOME}/scripts/lib/config.sh"
source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
source "${EJABBERD_HOME}/scripts/lib/functions.sh"
leave_cluster() {
echo "Leave cluster... "
rm ${CLUSTER_NODE_FILE}
NO_WARNINGS=true ${EJABBERDCTL} leave_cluster
}
file_exist ${CLUSTER_NODE_FILE} \
&& leave_cluster
exit 0

69
docker/start.sh
View File

@ -1,69 +0,0 @@
#!/bin/bash
set -e
# Environment
export EJABBERD_HTTPS=${EJABBERD_HTTPS:-'true'}
export EJABBERD_STARTTLS=${EJABBERD_STARTTLS:-'true'}
export EJABBERD_S2S_SSL=${EJABBERD_S2S_SSL:-'true'}
source "${EJABBERD_HOME}/docker/lib/base_config.sh"
source "${EJABBERD_HOME}/docker/lib/config.sh"
source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
source "${EJABBERD_HOME}/docker/lib/functions.sh"
# discover hostname
readonly nodename=$(get_nodename)
# set erlang node to node name from get_nodename
if [[ "$ERLANG_NODE" == "nodename" ]]; then
export ERLANG_NODE="ejabberd@${nodename}"
fi
run_scripts() {
local run_script=$1
local run_script_dir="${EJABBERD_HOME}/docker/${run_script}"
log "Run ${run_script} scripts..."
for script in ${run_script_dir}/*.sh ; do
if [ -f ${script} -a -x ${script} ] ; then
${script}
fi
done
}
_trap() {
run_scripts "stop"
log "Stopping ejabberd..."
$EJABBERDCTL stop
$EJABBERDCTL stopped
exit 0
}
# Catch signals and shutdown ejabberd
trap _trap SIGTERM SIGINT
# print logfiles to stdout
tail -F ${LOGDIR}/crash.log \
${LOGDIR}/error.log \
${LOGDIR}/erlang.log \
${LOGDIR}/ejabberd.log &
# start ejabberd
run_scripts "pre"
log "Starting ejabberd..."
$EJABBERDCTL start
$EJABBERDCTL started
log "Ejabberd started."
run_scripts "post"
# run forever
while true; do sleep 1; done
log "Ejabberd stopped."
exit 0

21
docker/stop/10_leave_cluster.sh
View File

@ -1,21 +0,0 @@
#!/bin/bash
set -e
source "${EJABBERD_HOME}/docker/lib/base_config.sh"
source "${EJABBERD_HOME}/docker/lib/config.sh"
source "${EJABBERD_HOME}/docker/lib/base_functions.sh"
source "${EJABBERD_HOME}/docker/lib/functions.sh"
leave_cluster() {
log "Leave cluster..."
rm ${CLUSTER_NODE_FILE}
NO_WARNINGS=true ${EJABBERDCTL} leave_cluster
}
file_exist ${CLUSTER_NODE_FILE} \
&& leave_cluster
exit 0