diff --git a/server/.gitignore b/server/.gitignore index f24b757..a39f3fd 100644 --- a/server/.gitignore +++ b/server/.gitignore @@ -1 +1,3 @@ secrets.env +prosody.cfg.lua +snikket.conf diff --git a/server/docker-compose.yml b/server/docker-compose.yml index 027c427..1acb7c3 100644 --- a/server/docker-compose.yml +++ b/server/docker-compose.yml @@ -54,16 +54,16 @@ services: env_file: - secrets.env environment: - S3_BUCKET: "your-snikket-uploads-bucket" - S3_REGION: "us-east-1" + S3_BUCKET: "jabogram" + S3_REGION: "ru-msk" # For MinIO or other S3-compatible storage, uncomment: - # S3_ENDPOINT: "http://127.0.0.1:9000" + S3_ENDPOINT: "https://hb.vkcloud-storage.ru" PRESIGN_EXPIRE: "3600" restart: "unless-stopped" postgres: container_name: snikket-postgres - image: postgres:15 + image: postgres:17 env_file: - secrets.env environment: diff --git a/server/prosody.cfg.lua b/server/prosody.cfg.lua.example similarity index 79% rename from server/prosody.cfg.lua rename to server/prosody.cfg.lua.example index 901eb40..152b783 100644 --- a/server/prosody.cfg.lua +++ b/server/prosody.cfg.lua.example @@ -32,7 +32,7 @@ modules_enabled = { -- This is NOT the S3 bucket URL directly. You need to run a separate -- upload handler service (e.g. prosody-filer, or a custom Lambda/endpoint) -- that validates Prosody's HMAC signature and proxies files to/from S3. -http_upload_external_base_url = "https://uploads.chat.example.org/upload/" +http_upload_external_base_url = "http://chat.example.org:5050/upload/" -- Shared secret between Prosody and the upload handler service -- (must match the secret configured in the upload handler) @@ -43,3 +43,16 @@ http_upload_external_expire_after = 3600 -- Max file size in bytes (10 MB) http_upload_external_file_size_limit = 10485760 + +-- звонки +webrtc = { + stun_servers = { "stun:stun.l.google.com:19302" }, + turn_servers = { + { + host = "turn.jbr.bvn13.me", + port = 3478, + username = os.getenv("TURN_SERVER_USERNAME"), + password = os.getenv("TURN_SERVER_PASSWORD"), + } + } +} diff --git a/server/scripts/cmd.sh b/server/scripts/cmd.sh new file mode 100644 index 0000000..c3d1bd8 --- /dev/null +++ b/server/scripts/cmd.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +SNIKKET_DOMAIN=$(grep ^SNIKKET_DOMAIN= snikket.conf | cut -d= -f2) + +if [[ -z "$SNIKKET_DOMAIN" ]]; then + echo "Failed to read SNIKKET_DOMAIN from snikket.conf, unable to continue"; + exit 1; +fi + +exec docker exec -it snikket prosodyctl $@ diff --git a/server/scripts/invite-list.sh b/server/scripts/invite-list.sh new file mode 100644 index 0000000..24854ca --- /dev/null +++ b/server/scripts/invite-list.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +SNIKKET_DOMAIN=$(grep ^SNIKKET_DOMAIN= snikket.conf | cut -d= -f2) + +if [[ -z "$SNIKKET_DOMAIN" ]]; then + echo "Failed to read SNIKKET_DOMAIN from snikket.conf, unable to continue"; + exit 1; +fi + +exec docker exec -it snikket prosodyctl shell invite list $SNIKKET_DOMAIN diff --git a/server/scripts/invite-new-admin.sh b/server/scripts/invite-new-admin.sh new file mode 100644 index 0000000..70077b2 --- /dev/null +++ b/server/scripts/invite-new-admin.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +SNIKKET_DOMAIN=$(grep ^SNIKKET_DOMAIN= snikket.conf | cut -d= -f2) + +if [[ -z "$SNIKKET_DOMAIN" ]]; then + echo "Failed to read SNIKKET_DOMAIN from snikket.conf, unable to continue"; + exit 1; +fi + +#exec docker exec -it snikket prosodyctl shell invite create_account "bvn13@$SNIKKET_DOMAIN" +exec docker exec -it snikket create-invite --admin --group default "bvn13@$SNIKKET_DOMAIN" diff --git a/server/scripts/invite-new.sh b/server/scripts/invite-new.sh new file mode 100644 index 0000000..7847f11 --- /dev/null +++ b/server/scripts/invite-new.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +SNIKKET_DOMAIN=$(grep ^SNIKKET_DOMAIN= snikket.conf | cut -d= -f2) + +if [[ -z "$SNIKKET_DOMAIN" ]]; then + echo "Failed to read SNIKKET_DOMAIN from snikket.conf, unable to continue"; + exit 1; +fi + +exec docker exec -it snikket prosodyctl shell invite create_account "bvn13@$SNIKKET_DOMAIN" diff --git a/server/scripts/invite-revoke.sh b/server/scripts/invite-revoke.sh new file mode 100644 index 0000000..9513671 --- /dev/null +++ b/server/scripts/invite-revoke.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +SNIKKET_DOMAIN=$(grep ^SNIKKET_DOMAIN= snikket.conf | cut -d= -f2) + +if [[ -z "$SNIKKET_DOMAIN" ]]; then + echo "Failed to read SNIKKET_DOMAIN from snikket.conf, unable to continue"; + exit 1; +fi + +exec docker exec -it snikket prosodyctl shell invite delete $SNIKKET_DOMAIN $1 diff --git a/server/scripts/show-all-commands.sh b/server/scripts/show-all-commands.sh new file mode 100644 index 0000000..2406cce --- /dev/null +++ b/server/scripts/show-all-commands.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +SNIKKET_DOMAIN=$(grep ^SNIKKET_DOMAIN= snikket.conf | cut -d= -f2) + +if [[ -z "$SNIKKET_DOMAIN" ]]; then + echo "Failed to read SNIKKET_DOMAIN from snikket.conf, unable to continue"; + exit 1; +fi + +exec docker exec -it snikket prosodyctl help invite diff --git a/server/scripts/show-commands.sh b/server/scripts/show-commands.sh new file mode 100644 index 0000000..8f85b67 --- /dev/null +++ b/server/scripts/show-commands.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +SNIKKET_DOMAIN=$(grep ^SNIKKET_DOMAIN= snikket.conf | cut -d= -f2) + +if [[ -z "$SNIKKET_DOMAIN" ]]; then + echo "Failed to read SNIKKET_DOMAIN from snikket.conf, unable to continue"; + exit 1; +fi + +exec docker exec -it snikket prosodyctl shell help invite diff --git a/server/scripts/user-delete.sh b/server/scripts/user-delete.sh new file mode 100644 index 0000000..c5cd186 --- /dev/null +++ b/server/scripts/user-delete.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +SNIKKET_DOMAIN=$(grep ^SNIKKET_DOMAIN= snikket.conf | cut -d= -f2) + +if [[ -z "$SNIKKET_DOMAIN" ]]; then + echo "Failed to read SNIKKET_DOMAIN from snikket.conf, unable to continue"; + exit 1; +fi + +exec docker exec -it snikket prosodyctl deluser "$1@$SNIKKET_DOMAIN" diff --git a/server/snikket.conf b/server/snikket.conf.example similarity index 89% rename from server/snikket.conf rename to server/snikket.conf.example index 6e415e2..2974dbe 100644 --- a/server/snikket.conf +++ b/server/snikket.conf.example @@ -5,7 +5,7 @@ SNIKKET_DOMAIN=chat.example.org # Admin email — used for Let's Encrypt certificate registration -SNIKKET_ADMIN_EMAIL=admin@example.org +SNIKKET_ADMIN_EMAIL=mail@chat.example.org # Uncomment the lines below if running behind a reverse proxy (e.g., nginx): # SNIKKET_TWEAK_HTTP_PORT=5080