Notable changes:
- OAuth2 now requires client authentication for the password grant type (see
related changes in snikket-web-portal)
- Invitations page support is now built into mod_invites, we just need to
tell it that Snikket's page supports password resets
- mod_account_activity provides a built-in way to record last account
activity time, and removes the need for the mod_lastlog2 community module
The --admin option for mod_invites is broken in the current Prosody snapshot.
A fix has been committed already, and will be included in the next nightly
build (which I'm sure we'll update to before a snikket-server release).
The migration code checks that the migration hasn't already happened (e.g. by
testing whether prosody.sqlite exists). However we do various other operations
before this point (via prosodyctl) which may initialize the new data store of
the desired type.
If this happens, the migration code will assume that a migration already
happened and skip the migration.
This changes the order to ensure data store migrations always happen first,
and adds a comment to inform future devs about this potential issue.
Fixes#47
This allows configuring the Prosody storage module to use between the
current default of 'internal' and 'sql' with SQLite, including automatic
migration between the two. This allows those who wish to opt-in as well
as easy testing and evaluation of SQLite as future default with a chance
to go back if it does not live up to expectations.
Mostly to improve the docker ui, ie it will say "unhealthy" if it takes
too long to start e.g. waiting for certs, or if Prosody crashes without
getting restarted.
Probes the http port on the assumption that this means Prosody is up and
running.
Signed-off-by: Matthew Wild <mwild1@gmail.com>
Reading untold amounts of data and throwing away all except \~86% seems
wasteful.
This method reads exactly 32 bytes from /dev/urandom, while the previous
method would have stuffed pipes full before finding 32 bytes in the
specified range. All of the entropy of those 32 bytes are also kept in
the base64 form, although this is probably insane overkill.
The original implementation unintentionally included whitespace
and other noise in the secret file.
The new secret is stored in a -v2 file, the old one is cleaned up
if present.
This simplifies things in preparation for adding coturn and its large
number of ports.
As Prosody now must listen on the "real" HTTP ports, we had to give
permission to the Lua binary to bind low network ports.
