Merge pull request 'Lua 5.4, Luarocks 3.12.2 and Prosody 0.12.5' (#1) from dev into main

Reviewed-on: #1

CHANGELOG.md

@@ -11,6 +11,13 @@
 
 Added a test to check that no deprecated config settings are used.
 
+## v 1.3.3
+
+* Updated to LuaRocks 3.12.2
+* Updated to Lua 5.4
+* Updated to Prosody 0.12.5
+* Removed unused luarocks
+
 ## v1.3.2
 
 * Added Firewall module with optional custom blacklist

Dockerfile

@@ -4,11 +4,11 @@ ARG BUILD_DATE
 ARG VCS_REF
 ARG VERSION
 
-ARG LUAROCKS_VERSION=3.9.2
-ARG PROSODY_VERSION=0.12.4
+ARG LUAROCKS_VERSION=3.12.2
+ARG PROSODY_VERSION=0.12.5
 
-ARG LUAROCKS_SHA256="bca6e4ecc02c203e070acdb5f586045d45c078896f6236eb46aa33ccd9b94edb"
-ARG PROSODY_DOWNLOAD_SHA256="47d712273c2f29558c412f6cdaec073260bbc26b7dda243db580330183d65856"
+ARG LUAROCKS_SHA256="b0e0c85205841ddd7be485f53d6125766d18a81d226588d2366931e9a1484492"
+ARG PROSODY_DOWNLOAD_SHA256="778fb7707a0f10399595ba7ab9c66dd2a2288c0ae3a7fe4ab78f97d462bd399f"
 
 LABEL luarocks.version="${LUAROCKS_VERSION}"
 LABEL org.opencontainers.image.authors="Wproject Garapenak"
@@ -30,7 +30,8 @@ RUN apt-get update \
       libidn2-0 \
       libpq-dev \
       libsqlite3-0 \
-      lua5.2 \
+      lua5.4 \
+      liblua5.4-dev \
       lua-bitop \
       lua-dbi-mysql \
       lua-dbi-postgresql \
@@ -73,11 +74,11 @@ RUN buildDeps='gcc git libc6-dev libidn2-dev liblua5.2-dev libsqlite3-dev libssl
  && make bootstrap \
  && cd / && rm -r /usr/src/luarocks \
  \
- && luarocks install luaevent \
+ # && luarocks install luaevent \
  && luarocks install luadbi \
  `#&& luarocks install luadbi-mysql MYSQL_INCDIR=/usr/include/mariadb/` \
  && luarocks install luadbi-sqlite3 \
- && luarocks install stringy \
+ # && luarocks install stringy \
  \
  && apt-get purge -y --auto-remove $buildDeps
 
@@ -90,7 +91,7 @@ RUN groupadd -r prosody \
 RUN mkdir -p /var/run/prosody/ \
  && chown prosody:prosody /var/run/prosody/
 
-ENV __FLUSH_LOG yes
+ENV __FLUSH_LOG=yes
 
 VOLUME ["/usr/local/var/lib/prosody"]
 
@@ -102,16 +103,17 @@ COPY *.bash /usr/local/bin/
 
 RUN download-prosody-modules.bash \
  && docker-prosody-module-install.bash \
-        #bookmarks `# XEP-0411: Bookmarks Conversion` \
-        #carbons `# message carbons (XEP-0280)` \
+        bookmarks `# XEP-0411: Bookmarks Conversion` \
+        carbons `# message carbons (XEP-0280)` \
         cloud_notify `# XEP-0357: Push Notifications` \
-        #csi `# client state indication (XEP-0352)` \
+        csi `# client state indication (XEP-0352)` \
         e2e_policy `# require end-2-end encryption` \
         filter_chatstates `# disable "X is typing" type messages` \
-        #smacks `# stream management (XEP-0198)` \
+        smacks `# stream management (XEP-0198)` \
         throttle_presence `# presence throttling in CSI` \
         vcard_muc `# XEP-0153: vCard-Based Avatar (MUC)` \
-	    firewall `# anti-spam firewall` \
+ #&& docker-prosody-module-pre-install.bash \
+	firewall `# anti-spam firewall` \
  && rm -rf "/usr/src/prosody-modules"
 RUN echo "TLS_REQCERT allow" >> /etc/ldap/ldap.conf
 

conf.d/02-storage.cfg.lua

@@ -1,8 +1,8 @@
 default_storage = "sql"
 
 sql = {
-  driver = os.getenv("DB_DRIVER");
-  database = os.getenv("DB_DATABASE");
+  driver = os.getenv("DB_DRIVER") or "SQLite3";
+  database = os.getenv("DB_DATABASE") or "prosody.sqlite";
   host = os.getenv("DB_HOST");
   port = os.getenv("DB_PORT");
   username = os.getenv("DB_USERNAME");

conf.d/03-e2e-policy.cfg.lua

@@ -1,8 +1,16 @@
-local stringy = require "stringy" 
+local function _split(s, sep)
+	if not s then return nil; end
+	sep = sep or ",";
+	local parts = {};
+	for part in s:gmatch("[^"..sep.."]+") do
+		parts[#parts+1] = part;
+	end
+	return parts;
+end
 
 e2e_policy_chat = os.getenv("E2E_POLICY_CHAT")
 e2e_policy_muc = os.getenv("E2E_POLICY_MUC")
-e2e_policy_whitelist = stringy.split(os.getenv("E2E_POLICY_WHITELIST"), ", ")
+e2e_policy_whitelist = _split(os.getenv("E2E_POLICY_WHITELIST"), ", ")
 e2e_policy_message_optional_chat = "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for conversations on this server."
 e2e_policy_message_required_chat = "For security reasons, OMEMO, OTR or PGP encryption is required for conversations on this server."
 e2e_policy_message_optional_muc = "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for MUC on this server."

conf.d/04-server_contact_info.cfg.lua

@@ -1,12 +1,28 @@
-local stringy = require "stringy" 
+local function _split(s, sep)
+	if not s then return nil; end
+	sep = sep or ",";
+	local parts = {};
+	for part in s:gmatch("[^"..sep.."]+") do
+		parts[#parts+1] = part;
+	end
+	return parts;
+end
+
+local domain = os.getenv("DOMAIN")
+local abuse = os.getenv("SERVER_CONTACT_INFO_ABUSE") or "xmpp:abuse@" .. domain
+local admin = os.getenv("SERVER_CONTACT_INFO_ADMIN") or "xmpp:admin@" .. domain
+local feedback = os.getenv("SERVER_CONTACT_INFO_FEEDBACK") or "xmpp:feedback@" .. domain
+local sales = os.getenv("SERVER_CONTACT_INFO_SALES") or "xmpp:sales@" .. domain
+local security = os.getenv("SERVER_CONTACT_INFO_SECURITY") or "xmpp:security@" .. domain
+local support = os.getenv("SERVER_CONTACT_INFO_SUPPORT") or "xmpp:support@" .. domain
 
 contact_info = {
-  abuse = stringy.split(os.getenv("SERVER_CONTACT_INFO_ABUSE"), ", ");
-  admin = stringy.split(os.getenv("SERVER_CONTACT_INFO_ADMIN"), ", ");
-  feedback = stringy.split(os.getenv("SERVER_CONTACT_INFO_FEEDBACK"), ", ");
-  sales = stringy.split(os.getenv("SERVER_CONTACT_INFO_SALES"), ", ");
-  security = stringy.split(os.getenv("SERVER_CONTACT_INFO_SECURITY"), ", ");
-  support = stringy.split(os.getenv("SERVER_CONTACT_INFO_SUPPORT"), ", ");
+  abuse = _split(abuse, ", ");
+  admin = _split(admin, ", ");
+  feedback = _split(feedback, ", ");
+  sales = _split(sales, ", ");
+  security = _split(security, ", ");
+  support = _split(support, ", ");
 }
 
 welcome_message = "Kaixo $username, ongi etorri $host IM zerbitzura! Mesedez irakurri itzazu ondorengo <a href='https://lainoa.eus/terms/tos.html'>Erabilpen baldintzak</a>."

readme.md

@@ -1,5 +1,14 @@
 # Prosody XMPP Docker image
 
+![Docker](https://github.com/SaraSmiseth/prosody/workflows/Docker/badge.svg?branch=dev)
+![Git repository size](https://img.shields.io/github/repo-size/SaraSmiseth/prosody)
+[![Docker image](https://images.microbadger.com/badges/image/sarasmiseth/prosody:latest.svg)](https://microbadger.com/images/sarasmiseth/prosody:latest)
+[![Docker version](https://images.microbadger.com/badges/version/sarasmiseth/prosody.svg)](https://microbadger.com/images/sarasmiseth/prosody:latest)
+[![Docker pulls](https://img.shields.io/docker/pulls/sarasmiseth/prosody.svg)](https://hub.docker.com/r/sarasmiseth/prosody/)
+[![Docker stars](https://img.shields.io/docker/stars/sarasmiseth/prosody.svg)](https://hub.docker.com/r/sarasmiseth/prosody/)
+[![Github open issues](https://img.shields.io/github/issues-raw/SaraSmiseth/prosody)](https://github.com/SaraSmiseth/prosody/issues)
+[![Github open pull requests](https://img.shields.io/github/issues-pr-raw/SaraSmiseth/prosody)](https://github.com/SaraSmiseth/prosody/pulls)
+
 This docker image forked from [SaraSmiseth](https://github.com/SaraSmiseth)'s [repository](https://github.com/SaraSmiseth/prosody) provides you with a configured [Prosody](https://prosody.im/) XMPP server. Includes the _prosody-migrator_ tool for data migrations between different database types and there is also an option to create a bridges between the XMPP server and the most popular messaging services like Telegram or Matrix, via [Matterbridge](https://github.com/42wim/matterbridge). The image is based on `debian:bookworm-slim`.
 The server was tested using the Android App [Conversations](https://conversations.im/) and the Desktop client [Gajim](https://gajim.org).
 Multiple [architectures](https://hub.docker.com/r/sarasmiseth/prosody/tags) are supported. I use it on my raspberry pi 4.
@@ -45,7 +54,7 @@ While Conversations got everything set-up out-of-the-box, Gajim was used with th
 * Secure by default
   * SSL certificate required
   * End-to-end encryption required (using [OMEMO](https://conversations.im/omemo/) or [OTR](https://en.wikipedia.org/wiki/Off-the-Record_Messaging))
-  * Anti-spam filter (based on [Firewall](https://modules.prosody.im/mod_firewall) module)
+  * Anti-spam filter (based on the pre-installed [Firewall](https://modules.prosody.im/mod_firewall) module)
 * Data storage
   * SQLite message store
   * Configured file upload and image sharing
@@ -149,11 +158,9 @@ docker build -t prosody/xmpp .
 Next I recommend using a ```docker-compose.yml``` file:
 
 ```yaml
-version: '3.9'
-
 services:
   server:
-    image: sarasmiseth/prosody:latest
+    image: prosody/xmpp:latest
     restart: unless-stopped
     ports:
       - "5000:5000"
@@ -168,9 +175,9 @@ services:
       - ./data:/usr/local/var/lib/prosody
 ```
 
-Boot it via: ```docker-compose up -d```.
+Boot it via: ```docker compose up -d```.
 
-Inspect logs: ```docker-compose logs -f```.
+Inspect logs: ```docker compose logs -f```.
 
 ### Volumes permissions
 
@@ -237,6 +244,7 @@ sudo chown 999:999 ./data
 | **SERVER_CONTACT_INFO_SECURITY** | A list of strings. Each string should be an URI. See [here](https://prosody.im/doc/modules/mod_server_contact_info). | *optional*                                   | "xmpp:security@**DOMAIN**" |
 | **SERVER_CONTACT_INFO_SUPPORT**  | A list of strings. Each string should be an URI. See [here](https://prosody.im/doc/modules/mod_server_contact_info). | *optional*                                   | "xmpp:support@**DOMAIN**"  |
 | **PROSODY_ADMINS**               | Specify who is an administrator. List of adresses. Eg. "me@example.com", "admin@example.net"                         | *optional*                                   | ""                         |
+| **ENABLE_FIREWALL**              | Enable Firewall module                                                                                               | *optional*                                   | false                      |
 | **SPAM_BLOCKLIST**               | Blacklist to use with Firewall module. Eg. "custom-blocklist.pfw"                                                    | *optional*                                   |                       |
 
 #### DNS
@@ -262,11 +270,6 @@ There is also ```docker-prosody-module-pre-install.bash``` which downloads the s
 
 If you need additional configuration just overwrite the respective _cfg.lua_ file or add new ones.
 
-#### Firewall module
-By default, the Firewall module obtains the list of spamming used known domains through the CDN service provided by [cdn.jsdelivr.net](https://cdn.jsdelivr.net/) at https://cdn.jsdelivr.net/gh/jabberspam/blacklist/blacklist.txt , but additionally a custom blacklist can be used through the ```SPAM_BLOCKLIST``` environment variable.
-
-If you need more sophisticated rules, please refer to the module [documentation](https://modules.prosody.im/mod_firewall).
-
 ### Upgrade
 
 When migrating from prosody 0.10, you need to update the database once: