nextcloud/all-in-one
1
1
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2024-11-11 01:13:41 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #2875 from nextcloud/enh/2506/talk

Browse source 
make talk container read-only
This commit is contained in:
Simon L 2023-07-13 12:15:58 +02:00 committed by GitHub
commit d5f309df3a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 17 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
Containers/talk/Dockerfile
View file

@ -41,12 +41,11 @@ RUN set -ex; \
echo "root:$(openssl rand -base64 12)" | chpasswd; \
\
touch \
/etc/nats.conf \
/etc/signaling.conf \
/etc/turnserver.conf; \
/etc/nats.conf; \
echo "listen: 127.0.0.1:4222" | tee /etc/nats.conf; \
mkdir -p \
/var/tmp \
/conf \
/var/lib/turn \
/var/log/supervisord \
/var/run/supervisord; \
@ -54,11 +53,13 @@ RUN set -ex; \
/usr \
/etc/janus \
/etc/nats.conf \
/etc/signaling.conf \
/etc/turnserver.conf \
/var/lib/turn \
/var/log/supervisord \
/var/run/supervisord;
/var/run/supervisord; \
chmod 777 -R \
/conf \
/var/run/supervisord \
/var/log/supervisord;
# Set default talk port https://github.com/nextcloud/all-in-one/issues/1011
ENV TALK_PORT=3478

4
Containers/talk/start.sh
View file

@ -20,7 +20,7 @@ IPv4_ADDRESS_TALK="$(dig nextcloud-aio-talk A +short)"
set +x
# Turn
cat << TURN_CONF > "/etc/turnserver.conf"
cat << TURN_CONF > "/conf/turnserver.conf"
listening-port=$TALK_PORT
fingerprint
use-auth-secret
@ -54,7 +54,7 @@ denied-peer-ip=240.0.0.0-255.255.255.255
TURN_CONF
# Signling
cat << SIGNALING_CONF > "/etc/signaling.conf"
cat << SIGNALING_CONF > "/conf/signaling.conf"
[http]
listen = 0.0.0.0:8081

4
Containers/talk/supervisord.conf
View file

@ -13,7 +13,7 @@ stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
command=turnserver -c /etc/turnserver.conf
command=turnserver -c /conf/turnserver.conf
[program:nats-server]
stdout_logfile=/dev/stdout
@ -35,4 +35,4 @@ stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
command=nextcloud-spreed-signaling -config /etc/signaling.conf
command=nextcloud-spreed-signaling -config /conf/signaling.conf

6
php/containers.json
View file

@ -340,6 +340,12 @@
],
"networks": [
"nextcloud-aio"
],
"read_only": true,
"tmpfs": [
"/var/log/supervisord",
"/var/run/supervisord",
"/conf"
]
},
{