Openfire
/
openfire-docker-compose
mirror of https://github.com/surevine/openfire-docker-compose.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #35 from surevine/second-domain 

Merge 'second domain' branch to master
pull/36/head
Dan Caseley 2021-09-22 13:07:15 +01:00 committed by GitHub
parent 2401e81cca c98cd9e3b0
commit f49b7f0a0b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 1544 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
README.md
View File

@ -20,6 +20,7 @@ See the "How it's built" section below if you want to understand how this was do
3. Launch the environment 3. Launch the environment
1. use `./start.sh` if you want two **federated** Openfire instances, or 1. use `./start.sh` if you want two **federated** Openfire instances, or
2. use `./start.sh -c` if you want three **clustered** Openfire instances. 2. use `./start.sh -c` if you want three **clustered** Openfire instances.
3. use `./start.sh -co` if you want a combination: a cluster, with an additional federated Instance.
## Federated configuration ## Federated configuration
@ -131,6 +132,51 @@ The following MUC rooms are configured:
* `muc1` * `muc1`
* `muc2` * `muc2`
### Add a federated domain to the cluster
Running `./start.sh -co` (instead of `./start.sh -c`) will, apart from the cluster described above, also instantiate a second XMPP domain that consists of one Openfire server. This will result in the following components to be added to the system as described above:
```
+------------------------+
| 172.60.0.110 |
| +------------+ |
(XMPP-C2S) 5229 -| | | |
(XMPP-S2S) 5269 -|------| OTHER XMPP | |
(HTTP-Admin) 9099 -| | | |
(BOSH) 7079/7449 -| +------+-----+ |
| | |
| | |
| +-----+----+ |
| | | |
(Database) 5433 -|-------| OTHER DB | |
| | | |
| +----------+ |
| 172.60.0.111 |
| |
+------172.60.0.0/24-----+
```
The additional Openfire is configured with the following XMPP domain:
* `otherxmpp.localhost.example`
Openfire is configured with the following hostname:
* `otherxmpp.localhost.example`
The following users are configured:
* `user1` `password`
* `user2` `password`
The following MUC rooms are configured:
* `muc1`
* `muc2`
Note that users and MUC rooms on the additional Openfire domain have a similar name to those on the cluster. This does not lead to collisions, as the domain-part of their JIDs will differ.
## Network ## Network
The Docker compose file defines a custom bridge network with a single subnet (`172.50.0.0/24` for the federated The Docker compose file defines a custom bridge network with a single subnet (`172.50.0.0/24` for the federated

60
docker-compose-otherdomain.yml 100644
View File

@ -0,0 +1,60 @@
version: '3.7'
services:
otherdb:
image: library/postgres:9.6.17-alpine
ports:
- "5433:5432"
environment:
- "POSTGRES_DB=openfire"
- "POSTGRES_USER=openfire"
- "POSTGRES_PASSWORD=hunter2"
volumes:
- ./sql/otherdomain:/docker-entrypoint-initdb.d
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.111
otherxmpp:
image: "openfire:${OPENFIRE_TAG}"
ports:
- "5229:5222"
- "5269:5269"
- "7079:7070"
- "7449:7443"
- "9099:9090"
depends_on:
- "otherdb"
volumes:
- ./_data/xmpp/otherdomain/conf:/var/lib/openfire/conf
#- ./_data/plugins:/opt/plugins
- ./wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "otherdb:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.110
extra_hosts:
- "xmpp.localhost.example:172.60.0.10"
- "xmpp.localhost.example:172.60.0.20"
- "xmpp.localhost.example:172.60.0.30"
- "conference.xmpp.localhost.example:172.60.0.10"
- "conference.xmpp.localhost.example:172.60.0.20"
- "conference.xmpp3.localhost.example:172.60.0.30"
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"
xmpp1:
extra_hosts:
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"
xmpp2:
extra_hosts:
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"
xmpp3:
extra_hosts:
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"

1257
sql/otherdomain/openfire.sql 100644
View File

File diff suppressed because it is too large Load Diff

65
start.sh
View File

@ -1,17 +1,56 @@
#!/bin/sh #!/bin/bash
COMPOSE_FILE=docker-compose-federated.yml usage() { echo "Usage: $0 [-c] [-o] [-n openfire-tag] [-h]
if [ "$1" = "-c" ]; then -c Launches a Cluster instead of a FMUC stack
echo "Starting a clustered environment." -o Launches another separate domain alongside the cluster
COMPOSE_FILE=docker-compose-clustered.yml -n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env
shift -h Show this helpful information
else "; exit 0; }
echo "Starting a federated environment (use -c to start a clustered environment instead)."
CLUSTER_MODE=false
OTHER_DOMAIN=false
COMPOSE_FILE_COMMAND=("docker-compose")
while getopts con:h o; do
case "$o" in
c)
CLUSTER_MODE=true
;;
o)
OTHER_DOMAIN=true
;;
n)
echo "Using Openfire tag: $1"
export OPENFIRE_TAG=$1
;;
h)
usage
;;
*)
usage
;;
esac
done
if [ $OTHER_DOMAIN == "true" ]; then
if [ $CLUSTER_MODE == "false" ]; then
echo "Other domains are only supported alongside clusters"
exit 1
else
COMPOSE_FILE_COMMAND+=("-f" "docker-compose-otherdomain.yml")
fi
fi fi
docker-compose -f $COMPOSE_FILE down case $CLUSTER_MODE in
docker-compose -f $COMPOSE_FILE pull (true) echo "Starting a clustered environment."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose-clustered.yml");;
(false) echo "Starting a federated environment (use -c to start a clustered environment instead)."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose-federated.yml");;
esac
"${COMPOSE_FILE_COMMAND[@]}" down
"${COMPOSE_FILE_COMMAND[@]}" pull
# Clean up temporary persistence data # Clean up temporary persistence data
rm -rf _data rm -rf _data
@ -19,8 +58,4 @@ mkdir _data
cp -r xmpp _data/ cp -r xmpp _data/
cp -r plugins _data/ cp -r plugins _data/
if [ -n "$1" ]; then "${COMPOSE_FILE_COMMAND[@]}" up
echo "Using Openfire tag: $1"
export OPENFIRE_TAG=$1
fi
docker-compose -f $COMPOSE_FILE up

64
xmpp/otherdomain/conf/openfire.xml 100644
View File

@ -0,0 +1,64 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
This file stores bootstrap properties needed by Openfire.
Property names must be in the format: "prop.name.is.blah=value"
That will be stored as:
<prop>
<name>
<is>
<blah>value</blah>
</is>
</name>
</prop>
Most properties are stored in the Openfire database. A
property viewer and editor is included in the admin console.
-->
<!-- root element, all properties must be under this element -->
<jive>
<adminConsole>
<!-- Disable either port by setting the value to -1 -->
<port>9090</port>
<securePort>9091</securePort>
</adminConsole>
<locale>en</locale>
<!-- Network settings. By default, Openfire will bind to all network interfaces.
Alternatively, you can specify a specific network interfaces that the server
will listen on. For example, 127.0.0.1. This setting is generally only useful
on multi-homed servers. -->
<!--
<network>
<interface></interface>
</network>
-->
<!--
One time token to gain temporary access to the admin console.
-->
<!--
<oneTimeAccessToken>secretToken</oneTimeAccessToken>
-->
<connectionProvider>
<className>org.jivesoftware.database.DefaultConnectionProvider</className>
</connectionProvider>
<database>
<defaultProvider>
<driver>org.postgresql.Driver</driver>
<serverURL>jdbc:postgresql://otherdb:5432/openfire</serverURL>
<username encrypted="true">10d847caed2654fbb1fe6cefac0f381893323ae6b5eea27d31503d5880091fca</username>
<password encrypted="true">30c1893796e0110fc4607c8b1bca0d0e54f10b270c4615d3</password>
<testSQL>select 1</testSQL>
<testBeforeUse>false</testBeforeUse>
<testAfterUse>false</testAfterUse>
<testTimeout>500</testTimeout>
<timeBetweenEvictionRuns>30000</timeBetweenEvictionRuns>
<minIdleTime>900000</minIdleTime>
<maxWaitTime>500</maxWaitTime>
<minConnections>5</minConnections>
<maxConnections>25</maxConnections>
<connectionTimeout>1.0</connectionTimeout>
</defaultProvider>
</database>
<setup>true</setup>
<fqdn>otherxmpp.localhost.example</fqdn>
</jive>

66
xmpp/otherdomain/conf/security.xml 100644
View File

@ -0,0 +1,66 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
This file stores security-related properties needed by Openfire.
You may edit this file to manage encrypted properties and
encryption configuration value. Note however that you should not
edit this file while Openfire is running, or it may be overwritten.
It is important to note that Openfire will store encrypted property
values securely "at rest" (e.g. in the database or XML), but the
values will be managed as clear text strings in memory at runtime for
interoperability and performance reasons. Encrypted property values
are not visible via the Openfire console, but they may be edited or
deleted as needed.
-->
<security>
<encrypt>
<!-- This can be set to "AES" or "Blowfish" (default) at setup time -->
<algorithm>Blowfish</algorithm>
<key>
<!--
If this is a new server setup, you may set a custom encryption key
by setting a value for the <new /> encryption key element only.
To change the encryption key, provide values for both new and old
encryption keys here. The "old" key must match the unencrypted value
of the "current" key. The server will update the existing property
values in the database, re-encrypting them using the new key. After
the encrypted properties have been updated, the new key will itself
be encrypted and re-written into this file as <current />.
Note that if the current encryption key becomes invalid, any property
values secured by the original key will be inaccessible as well.
The key value can be any string, and it will be hashed, filled, and/or
truncated to produce a compatible key for the corresponding algorithm.
Note that leading and trailing spaces will be ignored. A strong key
will contain sixteen characters or more.
<old></old>
<new></new>
-->
<current></current>
</key>
<property>
<!--
This list includes the names of properties that have been marked for
encryption. Any XML properties (from openfire.xml) that are listed here
will be encrypted automatically upon first use. Other properties
(already in the database) can be added to this list at runtime via the
"System Properties" page in the Openfire console.
-->
<name>database.defaultProvider.username</name>
<name>database.defaultProvider.password</name>
</property>
</encrypt>
<!--
Any other property defined in this file will be treated as an encrypted
property. The value (in clear text) will be encrypted and migrated into
the Openfire database during the next startup. The property name will
be added to the list of encrypted properties and the clear text value
will be removed from this file.
<foo><bar>Secr3t$tr1ng!</bar></foo>
-->
</security>

1
xmpp/otherdomain/conf/security/archive/readme.txt 100644
View File

@ -0,0 +1 @@
This directory is used as a default location in which Openfire stores backups of keystore files.

BIN
xmpp/otherdomain/conf/security/client.truststore 100644
View File

Binary file not shown.

BIN
xmpp/otherdomain/conf/security/keystore 100644
View File

Binary file not shown.

BIN
xmpp/otherdomain/conf/security/truststore 100644
View File

Binary file not shown.