~nicoco/public-inbox

slidge: add required access_rule for mod_privilege in ejabberd v4 APPLIED

Jonny Rimkus <jonny@rimkus.it>
7 months ago 
Jonny Rimkus: 1
 add required access_rule for mod_privilege in ejabberd

 1 files changed, 15 insertions(+), 6 deletions(-)
#938388 ci.yml failed
#938389 container.yml failed
#938390 debian.yml failed
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git: 

curl -s https://lists.sr.ht/~nicoco/public-inbox/patches/38899/mbox | git am -3
Learn more about email & git
Reply to thread View this thread in the archives

[PATCH slidge v4] add required access_rule for mod_privilege in ejabberd Export this patch

Jonny Rimkus <jonny@rimkus.it>
7 months ago 
add some more explanation


fix typo


fix typos
---
 docs/source/admin/xmpp_server.rst | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/docs/source/admin/xmpp_server.rst b/docs/source/admin/xmpp_server.rst
index ebd372f..f91413d 100644
--- a/docs/source/admin/xmpp_server.rst
+++ b/docs/source/admin/xmpp_server.rst
@@ -79,8 +79,9 @@ ejabberd
Slidge uses different containers/processes for each gateway. Therefore administrators
should setup these steps for each individual gateway. This is because each gateway
makes use of an individual JID (such as telegram.example.com, whatsapp.example.com, etc).
Only exceptions are the 'mod_http_upload', 'mod_privilege' and 'mod_roster', these modules
Only exceptions are the 'mod_http_upload', 'mod_privilege', 'mod_roster' and 'access_rules', these 
stay the same for each gateway you add. So, there is no need to repeat these steps for new gateways.
For the 'slidge_acl' add each new Gateway as a new 'server:' entry.


Add the slidge component
@@ -124,14 +125,22 @@ These same principles also apply to ACL.
ACL
***

Create a policy for the component:
Create an `acl <https://docs.ejabberd.im/admin/configuration/basic/#acl>`_ for the component:

.. code-block:: yaml

    acl:
      slidge:
      slidge_acl:
        server: superduper.example.com

Create an access_rule `access_rule <https://docs.ejabberd.im/admin/configuration/basic/#access-rules>`_ for the component:

.. code-block:: yaml

    access_rules:
      slidge_rule:
        - allow: slidge_acl

mod_privilege
*************

@@ -142,9 +151,9 @@ Make slidge a "privileged entity" and enable roster versioning.
    modules:
      mod_privilege:
        roster:
          both: slidge
          both: slidge_rule
        message:
          outgoing: slidge
          outgoing: slidge_rule          
      mod_roster:
        versioning: true

@@ -172,7 +181,7 @@ so you need to use a pseudo user on the component domain, eg,
        put_url: "https://@HOST@:5443/upload"
        access:
          - allow: local
          - allow: slidge
          - allow: slidge_acl


To get more information about component configuration, see `ejabberd's docs
-- 
2.34.1
builds.sr.ht <builds@sr.ht>
7 months ago 
slidge/patches: FAILED in 1m29s

[add required access_rule for mod_privilege in ejabberd][0] v4 from [Jonny Rimkus][1]

[0]: https://lists.sr.ht/~nicoco/public-inbox/patches/38899
[1]: mailto:jonny@rimkus.it

✗ #938388 FAILED slidge/patches/ci.yml        https://builds.sr.ht/~nicoco/job/938388
✗ #938390 FAILED slidge/patches/debian.yml    https://builds.sr.ht/~nicoco/job/938390
✗ #938389 FAILED slidge/patches/container.yml https://builds.sr.ht/~nicoco/job/938389