docker-compose, prosody: Switch to host networking for the container
This simplifies things in preparation for adding coturn and its large number of ports. As Prosody now must listen on the "real" HTTP ports, we had to give permission to the Lua binary to bind low network ports.
This commit is contained in:
parent
88402bb73f
commit
166e000b12
|
@ -75,6 +75,9 @@ registration_notification = "New user registered: $username"
|
|||
|
||||
reload_global_modules = { "http" }
|
||||
|
||||
http_ports = { ENV_SNIKKET_TWEAK_HTTP_PORT or 80 }
|
||||
https_ports = { ENV_SNIKKET_TWEAK_HTTPS_PORT or 443 }
|
||||
|
||||
legacy_ssl_ports = { 5223 }
|
||||
|
||||
allow_registration = true
|
||||
|
|
|
@ -46,6 +46,8 @@
|
|||
service:
|
||||
name: prosody
|
||||
state: stopped
|
||||
- name: "Allow Prosody to bind service ports"
|
||||
command: setcap 'cap_net_bind_service=+ep' /usr/bin/lua5.1
|
||||
|
||||
- name: Install Mercurial
|
||||
apt:
|
||||
|
|
|
@ -3,18 +3,7 @@ version: "3.3"
|
|||
services:
|
||||
snikket:
|
||||
image: snikket:latest
|
||||
ports:
|
||||
# HTTP port
|
||||
- "80:5280"
|
||||
# HTTPS port
|
||||
- "443:5281"
|
||||
# XMPP client connections (STARTTLS and Direct TLS)
|
||||
- "5222:5222"
|
||||
- "5223:5223"
|
||||
# XMPP server-to-server connections
|
||||
- "5269:5269"
|
||||
# Mail viewer (dev only)
|
||||
- "8025:8025"
|
||||
network_mode: host
|
||||
volumes:
|
||||
- type: "volume"
|
||||
source: snikket_data
|
||||
|
|
|
@ -23,6 +23,7 @@ RUN apt-get update \
|
|||
software-properties-common \
|
||||
gpg gpg-agent \
|
||||
ansible python-passlib python3-passlib \
|
||||
libcap2-bin \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& ansible-playbook -c local -i localhost, --extra-vars "ansible_python_interpreter=/usr/bin/python2" /opt/ansible/snikket.yml \
|
||||
&& apt-get remove -y \
|
||||
|
@ -30,7 +31,7 @@ RUN apt-get update \
|
|||
software-properties-common \
|
||||
gpg gpg-agent \
|
||||
python-passlib python3-passlib \
|
||||
mercurial \
|
||||
mercurial libcap2-bin \
|
||||
&& apt-get autoremove -y \
|
||||
&& rm -rf /var/cache/*
|
||||
|
||||
|
|
Loading…
Reference in New Issue