mirror of
https://github.com/zokradonh/kopano-docker
synced 2025-06-07 16:06:14 +00:00
8135321201
* Add example compose file to run Meet without Kopano * add readme * add an example env file * add setup.sh so user can easily create their own * use kopano repo by default
43 lines
2.1 KiB
Bash
Executable File
43 lines
2.1 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
set -e
|
|
|
|
# TODO since this file is only used here, also generate it here.
|
|
dockerize \
|
|
-wait file:///kopano/ssl/meet-kwmserver.pem \
|
|
-timeout 360s
|
|
cd /kopano/ssl/
|
|
|
|
konnectd utils jwk-from-pem --use sig /kopano/ssl/meet-kwmserver.pem > /tmp/jwk-meet.json
|
|
CONFIG_JSON=/etc/kopano/konnectd-identifier-registration.yaml
|
|
#yq -y ".clients += [{\"id\": \"grapi-explorer.js\", \"name\": \"Grapi Explorer\", \"application_type\": \"web\", \"trusted\": true, \"insecure\": true, \"redirect_uris\": [\"http://$FQDNCLEANED:3000/\"]}]" $CONFIG_JSON | sponge $CONFIG_JSON
|
|
yq -y ".clients += [{\"id\": \"kpop-https://$FQDN/meet/\", \"name\": \"Kopano Meet\", \"application_type\": \"web\", \"trusted\": true, \"redirect_uris\": [\"https://$FQDN/meet/\"], \"trusted_scopes\": [\"konnect/guestok\", \"kopano/kwm\"], \"jwks\": {\"keys\": [{\"kty\": $(jq .kty /tmp/jwk-meet.json), \"use\": $(jq .use /tmp/jwk-meet.json), \"crv\": $(jq .crv /tmp/jwk-meet.json), \"d\": $(jq .d /tmp/jwk-meet.json), \"kid\": $(jq .kid /tmp/jwk-meet.json), \"x\": $(jq .x /tmp/jwk-meet.json), \"y\": $(jq .y /tmp/jwk-meet.json)}]},\"request_object_signing_alg\": \"ES256\"}]" $CONFIG_JSON | sponge $CONFIG_JSON
|
|
yq -y . $CONFIG_JSON | sponge /kopano/ssl/konnectd-identifier-registration.yaml
|
|
|
|
# shellcheck disable=SC2154
|
|
if [ -n "$log_level" ]; then
|
|
set -- "$@" --log-level="$log_level"
|
|
fi
|
|
|
|
# shellcheck disable=SC2154
|
|
if [ "$allow_client_guests" = "yes" ]; then
|
|
set -- "$@" "--allow-client-guests"
|
|
fi
|
|
|
|
# shellcheck disable=SC2154
|
|
if [ "$allow_dynamic_client_registration" = "yes" ]; then
|
|
set -- "$@" "--allow-dynamic-client-registration"
|
|
fi
|
|
|
|
dockerize \
|
|
-wait file:///kopano/ssl/konnectd-tokens-signing-key.pem \
|
|
-wait file:///kopano/ssl/konnectd-encryption.key \
|
|
-timeout 360s
|
|
exec konnectd serve \
|
|
--signing-private-key=/kopano/ssl/konnectd-tokens-signing-key.pem \
|
|
--encryption-secret=/kopano/ssl/konnectd-encryption.key \
|
|
--iss=https://"$FQDN" \
|
|
--identifier-registration-conf /kopano/ssl/konnectd-identifier-registration.yaml \
|
|
--identifier-scopes-conf /etc/kopano/konnectd-identifier-scopes.yaml \
|
|
"$@" "$KONNECT_BACKEND"
|