blob: d971fb730124ff8b1a8c3b8bbbb921e978d233fa (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
prosody_certificate_dir: /etc/pki/prosody
prosody_module_dir: /usr/local/lib64/prosody/modules
prosody_data_dir: /var/lib/prosody
prosody_keytab: /var/lib/gssproxy/clients/{{ prosody_user }}.keytab
prosody_groups_file: /etc/prosody/groups.ini
prosody_module_repo: https://hg.prosody.im/prosody-modules/
prosody_packages:
- prosody
- lua-dbi
- lua-event
- lua-ldap
- lua-sec
- mercurial
prosody_apache_config: |
{{ apache_proxy_config }}
ProxyPass / http://127.0.0.1:{{ prosody_http_port }}/
ProxyPassReverse / http://127.0.0.1:{{ prosody_http_port }}/
prosody_selinux_policy_te: |
require {
type prosody_t;
type gssproxy_t;
type gssproxy_var_lib_t;
type ldap_port_t;
class dir search;
class sock_file write;
class unix_stream_socket connectto;
class tcp_socket name_connect;
}
#============= prosody_t ==============
allow prosody_t gssproxy_var_lib_t:dir search;
allow prosody_t gssproxy_var_lib_t:sock_file write;
allow prosody_t gssproxy_t:unix_stream_socket connectto;
allow prosody_t ldap_port_t:tcp_socket name_connect;
|