refreshed docker files

tinode · Nov 17, 2023 · 2acec5c · 2acec5c
1 parent 3aafc3e
commit 2acec5c
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 18 deletions.
diff --git a/docker/README.md b/docker/README.md
@@ -185,8 +185,8 @@ You can specify the following environment variables when issuing `docker run` co
 | `AWS_S3_BUCKET` | string |  | Name of the AWS S3 bucket when using `s3` media handler |
 | `AWS_SECRET_ACCESS_KEY` | string |  | AWS [Secret Access Key](https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/) when using `s3` media handler |
 | `CLUSTER_SELF` | string |  | Node name if the server is running in a Tinode cluster |
-| `CLUSTER_NUM_PROXY_EVENT_GOROUTINES` | int | 0 | Number of goroutines used for processing topic master to proxy responses |
 | `DEBUG_EMAIL_VERIFICATION_CODE` | string |  | Enable dummy email verification code, e.g. `123456`. Disabled by default (empty string). |
+| `DEFAULT_COUNTRY_CODE` | string | `"US"` | 2-letter country code to assign to sessions by default when the country isn't specified by the client explicitly and it's impossible to infer it. |
 | `EXT_CONFIG` | string |  | Path to external config file to use instead of the built-in one. If this parameter is used all other variables except `RESET_DB`, `FCM_SENDER_ID`, `FCM_VAPID_KEY` are ignored. |
 | `EXT_STATIC_DIR` | string |  | Path to external directory containing static data (e.g. Tinode Webapp files) |
 | `FCM_CRED_FILE` | string |  | Path to JSON file with FCM server-side service account credentials which will be used to send push notifications. |
@@ -197,21 +197,26 @@ You can specify the following environment variables when issuing `docker run` co
 | `FCM_VAPID_KEY` | string |  | Also called 'Web Client certificate' in the FCM console; required by the web client to receive push notifications. |
 | `FCM_INCLUDE_ANDROID_NOTIFICATION` | boolean | true | If true, pushes a data + notification message, otherwise a data-only message. [More info](https://firebase.google.com/docs/cloud-messaging/concept-options). |
 | `FCM_MEASUREMENT_ID` | string |  | Google Analytics ID of the form `G-123ABCD789`. |
+| `FS_CORS_ORIGINS` | string | `["*"]` | Cors origins when media is served from the file system. See `AWS_CORS_ORIGINS` for details. |
 | `ICE_SERVERS_FILE` | string |  | Path to JSON file with configuration of ICE servers to be used for video calls. |
 | `MEDIA_HANDLER` | string | `fs` | Handler of large files, either `fs` or `s3` |
 | `MYSQL_DSN` | string | `'root@tcp(mysql)/tinode'` | MySQL [DSN](https://github.com/go-sql-driver/mysql#dsn-data-source-name). |
 | `PLUGIN_PYTHON_CHAT_BOT_ENABLED` | bool | `false` | Enable calling into the plugin provided by Python chatbot |
 | `POSTGRES_DSN` | string | `'postgresql://postgres:postgres@localhost:5432/tinode'` |  PostgreSQL [DSN](https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING). |
 | `RESET_DB` | bool | `false` | Drop and recreate the database. |
 | `SAMPLE_DATA` | string |  _see comment →_ | File with sample data to load. Default `data.json` when resetting or generating new DB, none when upgrading. Use `` (empty string) to disable |
+| `SMTP_AUTH_MECHANISM` | string | `"plain"` | SMTP authentication mechanism to use; one of "login", "cram-md5", "plain". |
 | `SMTP_DOMAINS` | string |  | White list of email domains; when non-empty, accept registrations with emails from these domains only (email verification). |
+| `SMTP_HELO_HOST` | string | _see comment →_ | FQDN to use in SMTP HELO/EHLO command; if missing, the hostname from `SMTP_HOST_URL` is used. |
 | `SMTP_HOST_URL` | string | `'http://localhost:6060/'` | URL of the host where the webapp is running (email verification). |
 | `SMTP_LOGIN` | string |  | Optional login to use for authentication with the SMTP server (email verification). |
 | `SMTP_PASSWORD` | string |  | Optional password to use for authentication with the SMTP server (email verification). |
 | `SMTP_PORT` | number |  | Port number of the SMTP server to use for sending verification emails, e.g. `25` or `587`. |
 | `SMTP_SENDER` | string |  | [RFC 5322](https://tools.ietf.org/html/rfc5322) email address to use in the `FROM` field of verification emails, e.g. `'"John Doe" <jdoe@example.com>'`. |
 | `SMTP_SERVER` | string |  | Name of the SMTP server to use for sending verification emails, e.g. `smtp.gmail.com`. If SMTP_SERVER is not defined, email verification will be disabled. |
 | `STORE_USE_ADAPTER` | string |  | DB adapter name (specify with `tinode/tinode` container only) |
+| `TEL_HOST_URL` | string | `'http://localhost:6060/'` | URL of the host where the webapp is running (phone verification).  |
+| `TEL_SENDER` | string |  | Sender name to pass to SMS sending service. |
 | `TLS_CONTACT_ADDRESS` | string |  | Optional email to use as contact for [LetsEncrypt](https://letsencrypt.org/) certificates, e.g. `jdoe@example.com`. |
 | `TLS_DOMAIN_NAME` | string |  | If non-empty, enables TLS (http**s**) and configures domain name of your container, e.g. `www.example.com`. In order for TLS to work you have to expose your HTTPS port to the Internet and correctly configure DNS. It WILL FAIL with `localhost` or unroutable IPs. |
 | `UID_ENCRYPTION_KEY` | string | `la6YsO+bNX/+XIkOqc5Svw==` | base64-encoded 16 random bytes used as an encryption key for user IDs. |

diff --git a/docker/docker-compose/cluster.yml b/docker/docker-compose/cluster.yml
@@ -48,9 +48,6 @@ x-tinode-env-vars: &tinode-env-vars
   # Video calls
   "WEBRTC_ENABLED": "false"
   # "ICE_SERVERS_FILE": "<path to ICE servers config>"
-  #
-  # Cluster.
-  # "CLUSTER_NUM_PROXY_EVENT_GOROUTINES": <size of proxy event goroutine pool>
 
 x-exporter-env-vars: &exporter-env-vars
   "TINODE_ADDR": "http://tinode.host:18080/stats/expvar/"

diff --git a/docker/tinode/Dockerfile b/docker/tinode/Dockerfile
@@ -114,10 +114,6 @@ ENV ICE_SERVERS_FILE=
 # to set STORE_USE_ADAPTER to the desired db adapter correctly.
 ENV STORE_USE_ADAPTER=$TARGET_DB
 
-# Number of the goroutines processing topic master responses to the topic proxies.
-# If 0, default value wll be used: # of nodes x 5.
-ENV CLUSTER_NUM_PROXY_EVENT_GOROUTINES=0
-
 # Url path for exposing the server's internal status. E.g. '/status'
 ENV SERVER_STATUS_PATH=''
 

diff --git a/docker/tinode/config.template b/docker/tinode/config.template
@@ -4,12 +4,15 @@
 	"cache_control": 39600,
 	"static_mount": "/",
 	"grpc_listen": ":16060",
+	"grpc_keepalive_enabled": true,
 	"api_key_salt": "$API_KEY_SALT",
 	"max_message_size": 4194304,
-	"max_subscriber_count": 32,
+	"max_subscriber_count": 128,
 	"max_tag_count": 16,
 	"expvar": "/stats/expvar/",
 	"server_status": "$SERVER_STATUS_PATH",
+	"use_x_forwarded_for": true,
+	"default_country_code": "$DEFAULT_COUNTRY_CODE",
 
 	"media": {
 		"use_handler": "$MEDIA_HANDLER",
@@ -18,14 +21,18 @@
 		"gc_block_size": 100,
 		"handlers": {
 			"fs": {
-				"upload_dir": "uploads"
+				"upload_dir": "uploads",
+				"cache_control": "max-age=86400",
+				"cors_origins": $FS_CORS_ORIGINS
 			},
 			"s3":{
 				"access_key_id": "$AWS_ACCESS_KEY_ID",
 				"secret_access_key": "$AWS_SECRET_ACCESS_KEY",
 				"region": "$AWS_REGION",
 				"bucket": "$AWS_S3_BUCKET",
-				"cors_origin": $AWS_CORS_ORIGINS
+				"presign_ttl": 3600,
+				"cache_control": "max-age=86400",
+				"cors_origins": $AWS_CORS_ORIGINS
 			}
 		}
 	},
@@ -52,11 +59,17 @@
 			"expire_in": 1209600,
 			"serial_num": 1,
 			"key": "$AUTH_TOKEN_KEY"
+		},
+		"code": {
+			"expire_in": 900,
+			"max_retries": 3,
+			"code_length": 6
 		}
 	},
 
 	"store_config": {
 		"uid_key": "$UID_ENCRYPTION_KEY",
+		"max_results": 1024,
 		"use_adapter": "$STORE_USE_ADAPTER",
 		"adapters": {
 			"mysql": {
@@ -87,13 +100,15 @@
 				"host_url": "$SMTP_HOST_URL",
 				"smtp_server": "$SMTP_SERVER",
 				"smtp_port": "$SMTP_PORT",
-				"login": "$SMTP_LOGIN",
 				"sender": "$SMTP_SENDER",
+				"login": "$SMTP_LOGIN",
 				"sender_password": "$SMTP_PASSWORD",
-				"languages": ["en", "ru"],
+				"auth_mechanism": "$SMTP_AUTH_MECHANISM",
+				"smtp_helo_host": "$SMTP_HELO_HOST",
+				"languages": ["en", "es", "fr", "ru", "vi", "zh"],
 				"validation_templ": "./templ/email-validation-{{.Language}}.templ",
 				"reset_secret_templ": "./templ/email-password-reset-{{.Language}}.templ",
-				"max_retries": 4,
+				"max_retries": 3,
 				"domains": [$SMTP_DOMAINS],
 				"debug_response": "$DEBUG_EMAIL_VERIFICATION_CODE"
 			}
@@ -102,15 +117,18 @@
 		"tel": {
 			"add_to_tags": true,
 			"config": {
-				"validation_templ": "./templ/sms-validation-{{.Language}}.templ",
-				"reset_secret_templ": "./templ/sms-password-reset-{{.Language}}.templ",
-				"max_retries": 4,
+				"host_url": "$TEL_HOST_URL",
+				"languages": ["en", "es", "fr", "pt", "ru", "vi", "zh"],
+				"sender": "$TEL_SENDER",
+				"universal_templ": "./templ/sms-universal-{{.Language}}.templ",
+				"max_retries": 3,
 				"debug_response": "$DEBUG_TEL_VERIFICATION_CODE"
 			}
 		}
 	},
 
 	"acc_gc_config": {
+		"enabled": $ACC_GC_ENABLED,
 		"gc_period": 3600,
 		"gc_block_size": 10,
 		"gc_min_account_age": 48
@@ -165,7 +183,6 @@
 			{"name": "tinode-1", "addr": "tinode-1:12001"},
 			{"name": "tinode-2", "addr": "tinode-2:12002"}
 		],
-		"num_proxy_event_goroutines": $CLUSTER_NUM_PROXY_EVENT_GOROUTINES,
 		"failover": {
 			"enabled": true,
 			"heartbeat": 100,