coop-cloud-chaos-patchs/snikket-server
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

merge into: coop-cloud-chaos-patchs:master
Branches Tags
coop-cloud-chaos-patchs:ccchaos coop-cloud-chaos-patchs:master
coop-cloud-chaos-patchs:beta.20210519 coop-cloud-chaos-patchs:beta.20210205 coop-cloud-chaos-patchs:beta.20210202 coop-cloud-chaos-patchs:release/alpha.20200624 coop-cloud-chaos-patchs:release/alpha.20200525 coop-cloud-chaos-patchs:release/alpha.20200513
...
pull from: coop-cloud-chaos-patchs:ccchaos
Branches Tags
coop-cloud-chaos-patchs:ccchaos coop-cloud-chaos-patchs:master
coop-cloud-chaos-patchs:beta.20210519 coop-cloud-chaos-patchs:beta.20210205 coop-cloud-chaos-patchs:beta.20210202 coop-cloud-chaos-patchs:release/alpha.20200624 coop-cloud-chaos-patchs:release/alpha.20200525 coop-cloud-chaos-patchs:release/alpha.20200513

5 Commits
master ... ccchaos

Author SHA1 Message Date
cellarspoon
6dd5a3b0fc Merge branch 'master' into ccchaos 2021-12-11 17:53:24 +01:00
3wc
d1fd9d6ef4 Merge remote-tracking branch 'upstream/master' 2021-11-01 16:40:04 +02:00
3wc
d8577e0e57 Awful scary changes to Prosody SSL config 2021-10-31 16:57:01 +02:00
3wc
7605046cb0 don't merge: add certificate path conf for prosody 2021-10-30 23:31:54 +02:00
3wc
b1af112f15 don't merge: ho ho now we have variables 2021-10-30 22:58:21 +02:00
2 changed files with 14 additions and 5 deletions
Expand all files Collapse all files

4
ansible/files/bin/start-coturn.sh
View File

@ -5,8 +5,8 @@ if [ "$SNIKKET_TWEAK_TURNSERVER" = "0" ]; then
exit 0;
fi
CERTFILE="/snikket/letsencrypt/live/$SNIKKET_DOMAIN/fullchain.pem";
KEYFILE="/snikket/letsencrypt/live/$SNIKKET_DOMAIN/privkey.pem";
CERTFILE="${SNIKKET_CERTFILE:-/snikket/letsencrypt/live/$SNIKKET_DOMAIN/fullchain.pem}";
KEYFILE="${SNIKKET_KEYFILE:-/snikket/letsencrypt/live/$SNIKKET_DOMAIN/privkey.pem}";
echo "Waiting for certificates to become available..."
while ! test -f "$CERTFILE" -a -f "$KEYFILE"; do

15
ansible/files/prosody.cfg.lua
View File

@ -3,12 +3,14 @@ local DOMAIN = assert(ENV_SNIKKET_DOMAIN, "Please set the SNIKKET_DOMAIN environ
local RETENTION_DAYS = tonumber(ENV_SNIKKET_RETENTION_DAYS) or 7;
local UPLOAD_STORAGE_GB = tonumber(ENV_SNIKKET_UPLOAD_STORAGE_GB);
local CERT_PATH = ENV_SNIKKET_CERTFILE or "/etc/prosody/certs/"..DOMAIN..".crt";
local KEY_PATH = ENV_SNIKKET_KEYFILE or "/etc/prosody/certs/"..DOMAIN..".key";
if prosody.process_type == "prosody" and not prosody.config_loaded then
-- Wait at startup for certificates
local lfs, socket = require "lfs", require "socket";
local cert_path = "/etc/prosody/certs/"..DOMAIN..".crt";
local counter = 0;
while not lfs.attributes(cert_path, "mode") do
while not lfs.attributes(CERT_PATH, "mode") do
counter = counter + 1;
if counter == 1 or counter%6 == 0 then
print("Waiting for certificates...");
@ -193,7 +195,7 @@ else
statistics_interval = 60
end
certificates = "certs"
-- certificates = "certs"
group_default_name = ENV_SNIKKET_SITE_NAME or DOMAIN
@ -223,6 +225,13 @@ isolate_except_domains = { "push.snikket.net", "push-ios.snikket.net" }
VirtualHost (DOMAIN)
authentication = "internal_hashed"
ssl = {
ciphers = "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4";
certificate = CERT_PATH;
key = KEY_PATH;
};
http_files_dir = "/var/www"
http_paths = {
files = "/";