web: nginx ws-colibri proxy regex updates (#1645)
This commit is contained in:
parent
54d3aca2bf
commit
825730d659
|
@ -24,6 +24,8 @@ services:
|
|||
- CALLSTATS_SECRET
|
||||
- CHROME_EXTENSION_BANNER_JSON
|
||||
- COLIBRI_WEBSOCKET_PORT
|
||||
- COLIBRI_WEBSOCKET_JVB_LOOKUP_NAME
|
||||
- COLIBRI_WEBSOCKET_REGEX
|
||||
- CONFCODE_URL
|
||||
- CONFIG_EXTERNAL_CONNECT
|
||||
- DEFAULT_LANGUAGE
|
||||
|
@ -38,6 +40,7 @@ services:
|
|||
- DIALOUT_AUTH_URL
|
||||
- DIALOUT_CODES_URL
|
||||
- DISABLE_AUDIO_LEVELS
|
||||
- DISABLE_COLIBRI_WEBSOCKET_JVB_LOOKUP
|
||||
- DISABLE_DEEP_LINKING
|
||||
- DISABLE_GRANT_MODERATOR
|
||||
- DISABLE_HTTPS
|
||||
|
@ -58,6 +61,7 @@ services:
|
|||
- ENABLE_BREAKOUT_ROOMS
|
||||
- ENABLE_CALENDAR
|
||||
- ENABLE_COLIBRI_WEBSOCKET
|
||||
- ENABLE_COLIBRI_WEBSOCKET_UNSAFE_REGEX
|
||||
- ENABLE_E2EPING
|
||||
- ENABLE_FILE_RECORDING_SHARING
|
||||
- ENABLE_GUESTS
|
||||
|
|
|
@ -12,7 +12,7 @@ ADD https://raw.githubusercontent.com/acmesh-official/acme.sh/2.8.8/acme.sh /opt
|
|||
COPY rootfs/ /
|
||||
|
||||
RUN apt-dpkg-wrap apt-get update && \
|
||||
apt-dpkg-wrap apt-get install -y cron nginx-extras jitsi-meet-web socat curl jq && \
|
||||
apt-dpkg-wrap apt-get install -y dnsutils cron nginx-extras jitsi-meet-web socat curl jq && \
|
||||
mv /usr/share/jitsi-meet/interface_config.js /defaults && \
|
||||
rm -f /etc/nginx/conf.d/default.conf && \
|
||||
apt-cleanup
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
{{ $ENABLE_COLIBRI_WEBSOCKET := .Env.ENABLE_COLIBRI_WEBSOCKET | default "1" | toBool }}
|
||||
{{ $COLIBRI_WEBSOCKET_PORT := .Env.COLIBRI_WEBSOCKET_PORT | default "9090" }}
|
||||
{{ $COLIBRI_WEBSOCKET_REGEX := .Env.COLIBRI_WEBSOCKET_REGEX | default "jvb" }}
|
||||
{{ $ENABLE_JAAS_COMPONENTS := .Env.ENABLE_JAAS_COMPONENTS | default "0" | toBool }}
|
||||
{{ $ENABLE_OCTO := .Env.ENABLE_OCTO | default "0" | toBool -}}
|
||||
{{ $ENABLE_XMPP_WEBSOCKET := .Env.ENABLE_XMPP_WEBSOCKET | default "1" | toBool }}
|
||||
|
@ -69,7 +70,7 @@ location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.
|
|||
|
||||
{{ if $ENABLE_COLIBRI_WEBSOCKET }}
|
||||
# colibri (JVB) websockets
|
||||
location ~ ^/colibri-ws/([a-zA-Z0-9-\._]+)/(.*) {
|
||||
location ~ ^/colibri-ws/({{ $COLIBRI_WEBSOCKET_REGEX }})/(.*) {
|
||||
tcp_nodelay on;
|
||||
|
||||
proxy_http_version 1.1;
|
||||
|
|
|
@ -88,6 +88,25 @@ fi
|
|||
|
||||
echo "Using Nginx resolver: =$NGINX_RESOLVER="
|
||||
|
||||
# colibri-ws settings
|
||||
COLIBRI_WEBSOCKET_UNSAFE_REGEX="[a-zA-Z0-9-\._]+"
|
||||
# use custom websocket regex if provided
|
||||
if [ -z "$COLIBRI_WEBSOCKET_REGEX" ]; then
|
||||
# default to the previous unsafe behavior only if flag is set
|
||||
if [[ "$ENABLE_COLIBRI_WEBSOCKET_UNSAFE_REGEX" == "1" ]]; then
|
||||
export COLIBRI_WEBSOCKET_REGEX="$COLIBRI_WEBSOCKET_UNSAFE_REGEX"
|
||||
else
|
||||
# default value to the JVB IP, works in compose and anywhere a dns lookup of the JVB reveals the correct IP for proxying
|
||||
[ -z "$COLIBRI_WEBSOCKET_JVB_LOOKUP_NAME" ] && export COLIBRI_WEBSOCKET_JVB_LOOKUP_NAME="jvb"
|
||||
if [[ "$DISABLE_COLIBRI_WEBSOCKET_JVB_LOOKUP" == "1" ]]; then
|
||||
# otherwise value default to the static value in the template 'jvb'
|
||||
echo "WARNING: DISABLE_COLIBRI_WEBSOCKET_JVB_LOOKUP is set and no value for COLIBRI_WEBSOCKET_REGEX was provided, using static value 'jvb' for COLIBRI_WEBSOCKET_REGEX"
|
||||
else
|
||||
export COLIBRI_WEBSOCKET_REGEX="$(dig +short +search $COLIBRI_WEBSOCKET_JVB_LOOKUP_NAME)"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
# copy config files
|
||||
tpl /defaults/nginx.conf > /config/nginx/nginx.conf
|
||||
|
||||
|
|
Loading…
Reference in New Issue