Diaspora configuration wrapper for Prosody

Signed-off-by: Lukas Matt <lukas@zauberstuhl.de>

.gitignore

@@ -1,6 +1,7 @@
 # XMPP certificates, keys and user data
-config/vines/*.crt
-config/vines/*.key
+config/certs/*.crt
+config/certs/*.key
+config/prosody.cfg.lua
 
 # Trademark sillyness
 app/views/home/_show.*

Gemfile

@@ -155,7 +155,7 @@ gem "openid_connect", "0.10.0"
 gem "active_model_serializers", "0.9.4"
 
 # XMPP chat dependencies
-gem "diaspora-vines",             "~> 0.2.0.develop"
+gem "diaspora-prosody-config",    "~> 0.0.4"
 gem "rails-assets-diaspora_jsxc", "~> 0.1.5.develop", source: "https://rails-assets.org"
 
 # Tags

Gemfile.lock

@@ -173,13 +173,7 @@ GEM
     devise_lastseenable (0.0.6)
       devise
       rails (>= 3.0.4)
-    diaspora-vines (0.2.0.develop.4)
-      activerecord (~> 4.1)
-      bcrypt (~> 3.1)
-      em-hiredis (~> 0.3.0)
-      eventmachine (~> 1.0.8)
-      http_parser.rb (~> 0.6)
-      nokogiri (~> 1.6)
+    diaspora-prosody-config (0.0.4)
     diaspora_federation (0.0.13)
       faraday (~> 0.9.0)
       faraday_middleware (~> 0.10.0)
@@ -202,16 +196,12 @@ GEM
       execjs
     eco-source (1.1.0.rc.1)
     ejs (1.1.1)
-    em-hiredis (0.3.1)
-      eventmachine (~> 1.0)
-      hiredis (~> 0.6.0)
     entypo-rails (3.0.0.pre.rc2)
       railties (>= 4.1, <= 5)
     equalizer (0.0.10)
     erubis (2.7.0)
     ethon (0.8.1)
       ffi (>= 1.3.0)
-    eventmachine (1.0.9.1)
     excon (0.45.4)
     execjs (2.6.0)
     eye (0.8)
@@ -406,7 +396,6 @@ GEM
     hashdiff (0.2.3)
     hashie (3.4.3)
     hike (1.2.3)
-    hiredis (0.6.1)
     hitimes (1.2.3)
     http (1.0.2)
       addressable (~> 2.3)
@@ -915,7 +904,7 @@ DEPENDENCIES
   devise (= 3.5.6)
   devise-token_authenticatable (~> 0.4.0)
   devise_lastseenable (= 0.0.6)
-  diaspora-vines (~> 0.2.0.develop)
+  diaspora-prosody-config (~> 0.0.4)
   diaspora_federation-rails (= 0.0.13)
   diaspora_federation-test (= 0.0.13)
   entypo-rails (= 3.0.0.pre.rc2)

config/certs/README

@@ -0,0 +1,7 @@
+If you want to encrypt your chat streams with prosody.
+Add to `config/certs` your server certificate and key.
+
+The domain name should be included in the file name e.g.:
+
+* example.com.crt
+* example.com.key

config/defaults.yml

@@ -51,30 +51,16 @@ defaults:
     enabled: false
     server:
       enabled: true
-      certs: 'config/vines'
-      accept_self_signed: false
-      cross_domain_messages: true
-      max_offline_msgs: 150
-      c2s:
-        address: '0.0.0.0'
-        port: 5222
-        max_stanza_size: 65536
-        max_resources_per_account: 5
-      s2s:
-        address: '0.0.0.0'
-        port: 5269
-        max_stanza_size: 131072
-        blacklist: []
+      certs: "config/certs"
       bosh:
         proxy: false
         address: '0.0.0.0'
         port: 5280
         bind: '/http-bind'
-        max_stanza_size: 65536
-        max_resources_per_account: 5
       log:
-        file: 'log/vines.log'
-        level: 'info'
+        info: 'log/prosody.log'
+        error: 'log/prosody.err'
+        debug: false
   map:
     mapbox:
       enabled: false

config/diaspora.yml.example

@@ -194,23 +194,9 @@ configuration: ## Section
     ## increase environment.sidekiq.concurrency instead!
     #sidekiq_workers: 1
 
-  ## Diaspora has an internal XMPP server. If you want to enable the chat
+  ## Diaspora has an internal XMPP web-client. If you want to enable the chat
   ## functionality or want to use a custom XMPP server, then you should edit
   ## the following configuration.
-  ##
-  ## The internal XMPP server does not support https
-  ## and even if we implement it, we would ran into certificate issues.
-  ## The problem with mixed-content is described here:
-  ## https://wiki.diasporafoundation.org/Vines#Browser_blocks_mixed-content
-  ##
-  ## The easiest way of avoiding certificate and mixed-content issues
-  ## is to use a proxy, e.g.:
-  ##
-  ## Apache: https://wiki.diasporafoundation.org/Vines#Apache2
-  ## Nginx: https://wiki.diasporafoundation.org/Vines#Nginx
-  ##
-  ## If you configured your proxy correctly, you should adjust
-  ## the configuration in the BOSH section.
   chat: ## Section
 
     ## Enable the chat service and all its components.
@@ -219,77 +205,23 @@ configuration: ## Section
     ## Custom XMPP server configuration goes here.
     server: ## Section
 
-      ## Start built-in XMPP server (default=true).
-      ## In case you want to run your own server, you should disable it.
+      ## Use the configuration bridge to prosody (default=true).
+      ## In case you want to run your own server or want to configure
+      ## prosody on your own, you should disable it.
       #enabled: false
 
       ## Set the directory in which to look for virtual hosts TLS certificates.
-      ## Check documentation on how to generate or configure your existing
-      ## certficates correctly:
-      ##
-      ## https://wiki.diasporafoundation.org/Vines#Certificates
-      #certs: 'config/vines'
-
-      ## The server accepts by default only valid certificates.
-      ## Any connection which uses self-signed ones will be closed.
-      ## If you'd like to accept self-signed certificates
-      ## on your server, set the next option to true.
-      #accept_self_signed: true
-
-      ## Only edit the next option if you'd like to deny
-      ## your users to exchange messages between other XMPP servers.
-      #cross_domain_messages: false
-
-      ## Set the maximum of offline messages stored per user (default=150).
-      ## If it exceeds, it will start deleting old messages. You can disable
-      ## offline message support completely by setting the option to zero.
-      #max_offline_msgs: 150
-
-      ## Client to server
-      c2s: ## Section
-
-        ## Configure the address that vines should listen on.
-        #address: '0.0.0.0'
-
-        ## Configure the client-to-server port.
-        ## If your server is behind a router or firewall
-        ## check documentation on how to forward ports:
-        ##
-        ## https://wiki.diasporafoundation.org/Vines#Firewall_Ports
-        #port: 5222
-
-        ## The maximum we'd like to allow for stanza size.
-        #max_stanza_size: 65536
-
-        ## The max_resources_per_account attribute, limits how many
-        ## concurrent connections one user can have to the server.
-        #max_resources_per_account: 5
-
-      ## Server to server
-      s2s: ## Section
-
-        ## Configure the address that vines should listen on.
-        #address: '0.0.0.0'
-
-        ## Configure the server-to-server port.
-        ## If your server is behind a router or firewall
-        ## check documentation on how to forward ports:
-        ##
-        ## https://wiki.diasporafoundation.org/Vines#Firewall_Ports
-        #port: 5269
-
-        ## The max_stanza_size attribute should be
-        ## much larger than the setting for client-to-server.
-        #max_stanza_size: 131072
-
-        ## By default every XMPP server with a valid certificate
-        ## is able to communicate with your server. In case of a
-        ## malicious server (e.g. spam reason), you can black-list them.
-        #blacklist:
-        #  - 'example.com'
-        #  - 'malicous.net'
+      #certs: 'config/certs'
 
       ## XEP-0124 BOSH requests
+      ## The easiest way of avoiding certificate and mixed-content issues
+      ## is to use a proxy, e.g.:
+      ##
+      ## Apache: https://wiki.diasporafoundation.org/Vines#Apache2
+      ## Nginx: https://wiki.diasporafoundation.org/Vines#Nginx
+      ##
+      ## If you configured your proxy correctly,
+      ## you should set the proxy option to 'true'
       bosh: ## Section
 
         ## If you'd like to use a proxy, you should set the proxy
@@ -306,22 +238,17 @@ configuration: ## Section
         ## Configure the bind endpoint.
         #bind: '/http-bind'
 
-        ## The maximum we'd like to allow for stanza size.
-        #max_stanza_size: 65536
-
-        ## The max_resources_per_account attribute, limits how many
-        ## concurrent connections one user can have to the server.
-        #max_resources_per_account: 5
-
       ## Specify log behaviour here.
       log: ## Section
 
         ## Log file location.
-        #file: 'log/vines.log'
+        #info: 'log/prosody.log'
+
+        ## Error log file location.
+        #error: 'log/prosody.err'
 
-        ## Set the logging level to debug, info, warn, error, or fatal.
         ## The debug level logs all XML sent and received by the server.
-        #level: 'info'
+        #debug: false
 
   ## Displays the location of a post in a map. Per default we are using the map
   ## tiles of the Heidelberg University (http://giscience.uni-hd.de).

config/eye.rb

@@ -40,7 +40,7 @@
 
   with_condition(AppConfig.chat.enabled? && AppConfig.chat.server.enabled?) do
     process :xmpp do
-      start_command "bin/bundle exec vines start"
+      start_command "bin/bundle exec rails runner Prosody.start"
       daemonize true
       pid_file "tmp/pids/xmpp.pid"
       stop_signals [:TERM, 10.seconds, :KILL]

config/initializers/prosody.rb

@@ -0,0 +1,22 @@
+if AppConfig.chat.enabled? && AppConfig.chat.server.enabled?
+  db = Rails.application.config
+    .database_configuration[Rails.env]
+
+  Prosody.update_configuration(
+    bosh_port: AppConfig.chat.server.bosh.port, bosh_path: AppConfig.chat.server.bosh.bind,
+    bosh_interface: AppConfig.chat.server.bosh.address,
+
+    log_debug: (AppConfig.chat.server.log.debug? ? "debug" : "info"),
+    log_info: "#{Dir.pwd}/#{AppConfig.chat.server.log.info}",
+    log_error: "#{Dir.pwd}/#{AppConfig.chat.server.log.error}",
+
+    certs: "#{Dir.pwd}/#{AppConfig.chat.server.certs}",
+    hostname: AppConfig.environment.url,
+
+    virtualhost_driver: db["adapter"],
+    virtualhost_database: db["database"],
+    virtualhost_username: db["username"],
+    virtualhost_password: db["password"],
+    virtualhost_host: db["host"]
+  )
+end