~nicoco/public-inbox

slidge: add required access_rule for mod_privilege in ejabberd v5 APPLIED

Jonny Rimkus <jonny@rimkus.it>
7 months ago 
Jonny Rimkus: 1
 add required access_rule for mod_privilege in ejabberd

 1 files changed, 18 insertions(+), 6 deletions(-)
#938409 ci.yml failed
#938410 container.yml failed
#938411 debian.yml failed
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git: 

curl -s https://lists.sr.ht/~nicoco/public-inbox/patches/38900/mbox | git am -3
Learn more about email & git
Reply to thread View this thread in the archives

[PATCH slidge v5] add required access_rule for mod_privilege in ejabberd Export this patch

Jonny Rimkus <jonny@rimkus.it>
7 months ago 
add some more explanation


fix typo


fix typos


add new header for access rule
---
 docs/source/admin/xmpp_server.rst | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/docs/source/admin/xmpp_server.rst b/docs/source/admin/xmpp_server.rst
index ebd372f..a5ec1a9 100644
--- a/docs/source/admin/xmpp_server.rst
+++ b/docs/source/admin/xmpp_server.rst
@@ -79,8 +79,9 @@ ejabberd
Slidge uses different containers/processes for each gateway. Therefore administrators
should setup these steps for each individual gateway. This is because each gateway
makes use of an individual JID (such as telegram.example.com, whatsapp.example.com, etc).
Only exceptions are the 'mod_http_upload', 'mod_privilege' and 'mod_roster', these modules
Only exceptions are the 'mod_http_upload', 'mod_privilege', 'mod_roster' and 'access_rules', these 
stay the same for each gateway you add. So, there is no need to repeat these steps for new gateways.
For the 'slidge_acl' add each new Gateway as a new 'server:' entry.


Add the slidge component
@@ -124,14 +125,25 @@ These same principles also apply to ACL.
ACL
***

Create a policy for the component:
Create an `acl <https://docs.ejabberd.im/admin/configuration/basic/#acl>`_ for the component:

.. code-block:: yaml

    acl:
      slidge:
      slidge_acl:
        server: superduper.example.com

Acess Rule
**********

Create an access_rule `access_rule <https://docs.ejabberd.im/admin/configuration/basic/#access-rules>`_ for the component:

.. code-block:: yaml

    access_rules:
      slidge_rule:
        - allow: slidge_acl

mod_privilege
*************

@@ -142,9 +154,9 @@ Make slidge a "privileged entity" and enable roster versioning.
    modules:
      mod_privilege:
        roster:
          both: slidge
          both: slidge_rule
        message:
          outgoing: slidge
          outgoing: slidge_rule          
      mod_roster:
        versioning: true

@@ -172,7 +184,7 @@ so you need to use a pseudo user on the component domain, eg,
        put_url: "https://@HOST@:5443/upload"
        access:
          - allow: local
          - allow: slidge
          - allow: slidge_acl


To get more information about component configuration, see `ejabberd's docs
-- 
2.34.1
builds.sr.ht <builds@sr.ht>
7 months ago 
slidge/patches: FAILED in 1m44s

[add required access_rule for mod_privilege in ejabberd][0] v5 from [Jonny Rimkus][1]

[0]: https://lists.sr.ht/~nicoco/public-inbox/patches/38900
[1]: mailto:jonny@rimkus.it

✗ #938410 FAILED slidge/patches/container.yml https://builds.sr.ht/~nicoco/job/938410
✗ #938409 FAILED slidge/patches/ci.yml        https://builds.sr.ht/~nicoco/job/938409
✗ #938411 FAILED slidge/patches/debian.yml    https://builds.sr.ht/~nicoco/job/938411