Date: Tue, 24 May 2022 03:03:10 GMT From: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 1e3948c05cb8 - main - net-im/jitsi-prosody-plugins: New port: Prosody plugins for Jitsi Meet Message-ID: <202205240303.24O33Ab5090103@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by acm: URL: https://cgit.FreeBSD.org/ports/commit/?id=1e3948c05cb80745167aef0b1b427eb8a90517a7 commit 1e3948c05cb80745167aef0b1b427eb8a90517a7 Author: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> AuthorDate: 2022-05-24 02:39:56 +0000 Commit: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> CommitDate: 2022-05-24 02:39:56 +0000 net-im/jitsi-prosody-plugins: New port: Prosody plugins for Jitsi Meet Prosody modules for jitsi-meet. WWW: https://github.com/jitsi/jitsi-meet/ PR: 257232 Reported by: grembo --- net-im/Makefile | 1 + net-im/jitsi-prosody-plugins/Makefile | 44 ++++++ net-im/jitsi-prosody-plugins/distinfo | 3 + .../jitsi-prosody-plugins/files/prosody.cfg.lua.in | 170 +++++++++++++++++++++ net-im/jitsi-prosody-plugins/pkg-descr | 3 + net-im/jitsi-prosody-plugins/pkg-plist | 41 +++++ 6 files changed, 262 insertions(+) diff --git a/net-im/Makefile b/net-im/Makefile index def6a62fbcfe..6165cc734779 100644 --- a/net-im/Makefile +++ b/net-im/Makefile @@ -33,6 +33,7 @@ SUBDIR += jarl SUBDIR += jggtrans SUBDIR += jicofo + SUBDIR += jitsi-prosody-plugins SUBDIR += jitsi-videobridge SUBDIR += kaccounts-integration SUBDIR += kaccounts-providers diff --git a/net-im/jitsi-prosody-plugins/Makefile b/net-im/jitsi-prosody-plugins/Makefile new file mode 100644 index 000000000000..ffdefcbeaf11 --- /dev/null +++ b/net-im/jitsi-prosody-plugins/Makefile @@ -0,0 +1,44 @@ +PORTNAME= jitsi +PORTVERSION= 2.0.7287 +CATEGORIES= net-im +PKGNAMESUFFIX= -prosody-plugins + +MAINTAINER= acm@FreeBSD.org +COMMENT= Prosody plugins for Jitsi Meet + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE + +RUN_DEPENDS= prosodyctl:net-im/prosody + +NO_ARCH= yes +NO_BUILD= yes + +USE_GITHUB= yes +GH_PROJECT= ${PORTNAME}-meet +GH_TAGNAME= stable/jitsi-meet_7287 + +INSTALLPATH= ${PREFIX}/lib/jitsi-prosody-plugins + +USERS= ${PORTNAME} +GROUPS= ${USERS} + +post-extract: + ${INSTALL_DATA} ${FILESDIR}/prosody.cfg.lua.in \ + ${WRKSRC}/prosody.cfg.lua + @${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|' \ + ${WRKSRC}/prosody.cfg.lua + @${REINPLACE_CMD} -e 's|%%ETCDIR%%|${ETCDIR}|' \ + ${WRKSRC}/prosody.cfg.lua + +do-install: + ${MKDIR} ${STAGEDIR}${INSTALLPATH}/token + cd ${WRKSRC}/resources/prosody-plugins && \ + ${INSTALL_DATA} *.lua ${STAGEDIR}${INSTALLPATH} + cd ${WRKSRC}/resources/prosody-plugins/token && \ + ${INSTALL_DATA} *.lua ${STAGEDIR}${INSTALLPATH}/token + @${MKDIR} ${STAGEDIR}${EXAMPLESDIR} + ${INSTALL_DATA} ${WRKSRC}/prosody.cfg.lua \ + ${STAGEDIR}${EXAMPLESDIR}/prosody.cfg.lua + +.include <bsd.port.mk> diff --git a/net-im/jitsi-prosody-plugins/distinfo b/net-im/jitsi-prosody-plugins/distinfo new file mode 100644 index 000000000000..e1c3e270c9cd --- /dev/null +++ b/net-im/jitsi-prosody-plugins/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1653081177 +SHA256 (jitsi-jitsi-meet-2.0.7287-stable-jitsi-meet_7287_GH0.tar.gz) = 4fe30eaf5d77918a3eff24599dd79c72e67763e27283cef13b44ef43d867967b +SIZE (jitsi-jitsi-meet-2.0.7287-stable-jitsi-meet_7287_GH0.tar.gz) = 117185028 diff --git a/net-im/jitsi-prosody-plugins/files/prosody.cfg.lua.in b/net-im/jitsi-prosody-plugins/files/prosody.cfg.lua.in new file mode 100644 index 000000000000..7c20c254d2da --- /dev/null +++ b/net-im/jitsi-prosody-plugins/files/prosody.cfg.lua.in @@ -0,0 +1,170 @@ +-- Place this file in %%LOCALBASE%%/etc/prosody/prosody.cfg.lua +-- +-- Then run +-- +-- prosodyctl cert generate jitsi.example.com +-- prosodyctl cert generate auth.jitsi.example.com +-- keytool -noprompt -keystore %%ETCDIR%%/jicofo/truststore.jks -importcert \ +-- -alias prosody -file /var/db/prosody/auth.jitsi.example.com.crt +-- +-- prosodyctl register jvb auth.jitsi.example.com "supersecret" +-- prosodyctl register focus auth.jitsi.example.com "supersecret" +-- prosodyctl mod_roster_command subscribe focus.jitsi.example.com focus@auth.jitsi.example.com "supersecret" + +plugin_paths = { "%%LOCALBASE%%/lib/jitsi-prosody-plugins/" } + +log = { + -- Log files (change ‘info’ to ‘debug’ for debug logs): + info = "/var/log/prosody.log"; + error = "/var/log/prosody.err"; + -- Syslog: + --debug = "*syslog"; +} + +-- domain mapper options, must at least have domain base set to use the mapper +muc_mapper_domain_base = "jitsi.example.com"; + +-- external_service_secret = "__turnSecret__"; +-- external_services = { +-- { type = "stun", host = "jitsi.example.com", port = 3478 }, +-- { type = "turn", host = "jitsi.example.com", port = 3478, transport = "udp", secret = true, ttl = 86400, algorithm = "turn" }, +-- { type = "turns", host = "jitsi.example.com", port = 5349, transport = "tcp", secret = true, ttl = 86400, algorithm = "turn" } +--}; + +--cross_domain_bosh = true; +consider_bosh_secure = true; +https_ports = { }; -- Remove this line to prevent listening on port 5284 + +-- by default prosody 0.12 sends cors headers, if you want to disable it uncomment the following (the config is available on 0.12.1) +--http_cors_override = { +-- bosh = { +-- enabled = false; +-- }; +-- websocket = { +-- enabled = false; +-- }; +--} + +-- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4 +ssl = { + protocol = "tlsv1_2+"; + ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" +} + +unlimited_jids = { + "focus@auth.jitsi.example.com", + "jvb@auth.jitsi.example.com" +} + +VirtualHost "jitsi.example.com" + -- enabled = false -- Remove this line to enable this host + authentication = "anonymous" + -- Properties below are modified by jitsi-meet-tokens package config + -- and authentication above is switched to "token" + --app_id="example_app_id" + --app_secret="example_app_secret" + -- Assign this host a certificate for TLS, otherwise it would use the one + -- set in the global section (if any). + -- Note that old-style SSL on port 5223 only supports one certificate, and will always + -- use the global one. + ssl = { + key = "/var/db/prosody/jitsi.example.com.key"; + certificate = "/var/db/prosody/jitsi.example.com.crt"; + } + av_moderation_component = "avmoderation.jitsi.example.com" + speakerstats_component = "speakerstats.jitsi.example.com" + conference_duration_component = "conferenceduration.jitsi.example.com" + -- we need bosh + modules_enabled = { + "bosh"; + "pubsub"; + "ping"; -- Enable mod_ping + "speakerstats"; + "external_services"; + "conference_duration"; + "muc_lobby_rooms"; + "muc_breakout_rooms"; + "av_moderation"; + "saslauth"; + } + c2s_require_encryption = false + lobby_muc = "lobby.jitsi.example.com" + breakout_rooms_muc = "breakout.jitsi.example.com" + main_muc = "conference.jitsi.example.com" + -- muc_lobby_whitelist = { "recorder.jitsi.example.com" } -- Here we can whitelist jibri to enter lobby enabled rooms + +Component "conference.jitsi.example.com" "muc" + restrict_room_creation = true + storage = "memory" + modules_enabled = { + "muc_meeting_id"; + "muc_domain_mapper"; + "polls"; + --"token_verification"; + "muc_rate_limit"; + "saslauth"; + } + admins = { "focus@auth.jitsi.example.com" } + muc_room_locking = false + muc_room_default_public_jids = true + c2s_require_encryption = false + +Component "breakout.jitsi.example.com" "muc" + restrict_room_creation = true + storage = "memory" + modules_enabled = { + "muc_meeting_id"; + "muc_domain_mapper"; + --"token_verification"; + "muc_rate_limit"; + "polls"; + "saslauth"; + } + admins = { "focus@auth.jitsi.example.com" } + muc_room_locking = false + muc_room_default_public_jids = true + +-- internal muc component +Component "internal.auth.jitsi.example.com" "muc" + storage = "memory" + modules_enabled = { + "ping"; + } + admins = { "focus@auth.jitsi.example.com", "jvb@auth.jitsi.example.com" } + muc_room_locking = false + muc_room_default_public_jids = true + c2s_require_encryption = false + +VirtualHost "auth.jitsi.example.com" + modules_enabled = { + "limits_exception"; + "saslauth"; + } + -- authentication = "internal_plain" + c2s_require_encryption = false + authentication = "internal_hashed" + +-- Proxy to jicofo's user JID, so that it doesn't have to register as a component. +Component "focus.jitsi.example.com" "client_proxy" + target_address = "focus@auth.jitsi.example.com" + +Component "speakerstats.jitsi.example.com" "speakerstats_component" + muc_component = "conference.jitsi.example.com" + +Component "conferenceduration.jitsi.example.com" "conference_duration_component" + muc_component = "conference.jitsi.example.com" + +Component "avmoderation.jitsi.example.com" "av_moderation_component" + muc_component = "conference.jitsi.example.com" + +Component "lobby.jitsi.example.com" "muc" + storage = "memory" + restrict_room_creation = true + muc_room_locking = false + muc_room_default_public_jids = true + modules_enabled = { + "muc_rate_limit"; + "polls"; + "saslauth"; + } + c2s_require_encryption = false diff --git a/net-im/jitsi-prosody-plugins/pkg-descr b/net-im/jitsi-prosody-plugins/pkg-descr new file mode 100644 index 000000000000..cbf9675bb22b --- /dev/null +++ b/net-im/jitsi-prosody-plugins/pkg-descr @@ -0,0 +1,3 @@ +Prosody modules for jitsi-meet. + +WWW: https://github.com/jitsi/jitsi-meet/ diff --git a/net-im/jitsi-prosody-plugins/pkg-plist b/net-im/jitsi-prosody-plugins/pkg-plist new file mode 100644 index 000000000000..7f83797c149f --- /dev/null +++ b/net-im/jitsi-prosody-plugins/pkg-plist @@ -0,0 +1,41 @@ +lib/jitsi-prosody-plugins/ext_events.lib.lua +lib/jitsi-prosody-plugins/mod_auth_jitsi-anonymous.lua +lib/jitsi-prosody-plugins/mod_auth_token.lua +lib/jitsi-prosody-plugins/mod_av_moderation.lua +lib/jitsi-prosody-plugins/mod_av_moderation_component.lua +lib/jitsi-prosody-plugins/mod_client_proxy.lua +lib/jitsi-prosody-plugins/mod_conference_duration.lua +lib/jitsi-prosody-plugins/mod_conference_duration_component.lua +lib/jitsi-prosody-plugins/mod_external_services.lua +lib/jitsi-prosody-plugins/mod_filter_iq_jibri.lua +lib/jitsi-prosody-plugins/mod_filter_iq_rayo.lua +lib/jitsi-prosody-plugins/mod_jiconop.lua +lib/jitsi-prosody-plugins/mod_jitsi_session.lua +lib/jitsi-prosody-plugins/mod_limits_exception.lua +lib/jitsi-prosody-plugins/mod_muc_allowners.lua +lib/jitsi-prosody-plugins/mod_muc_breakout_rooms.lua +lib/jitsi-prosody-plugins/mod_muc_call.lua +lib/jitsi-prosody-plugins/mod_muc_census.lua +lib/jitsi-prosody-plugins/mod_muc_domain_mapper.lua +lib/jitsi-prosody-plugins/mod_muc_lobby_rooms.lua +lib/jitsi-prosody-plugins/mod_muc_max_occupants.lua +lib/jitsi-prosody-plugins/mod_muc_meeting_id.lua +lib/jitsi-prosody-plugins/mod_muc_password_whitelist.lua +lib/jitsi-prosody-plugins/mod_muc_poltergeist.lua +lib/jitsi-prosody-plugins/mod_muc_rate_limit.lua +lib/jitsi-prosody-plugins/mod_muc_size.lua +lib/jitsi-prosody-plugins/mod_muc_transcription_filter.lua +lib/jitsi-prosody-plugins/mod_polls.lua +lib/jitsi-prosody-plugins/mod_poltergeist_component.lua +lib/jitsi-prosody-plugins/mod_presence_identity.lua +lib/jitsi-prosody-plugins/mod_reservations.lua +lib/jitsi-prosody-plugins/mod_roster_command.lua +lib/jitsi-prosody-plugins/mod_smacks.lua +lib/jitsi-prosody-plugins/mod_speakerstats.lua +lib/jitsi-prosody-plugins/mod_speakerstats_component.lua +lib/jitsi-prosody-plugins/mod_token_verification.lua +lib/jitsi-prosody-plugins/mod_turncredentials.lua +lib/jitsi-prosody-plugins/poltergeist.lib.lua +lib/jitsi-prosody-plugins/token/util.lib.lua +lib/jitsi-prosody-plugins/util.lib.lua +%%EXAMPLESDIR%%/prosody.cfg.lua
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202205240303.24O33Ab5090103>