commit 9cd30fcdbb8cc9f629522fcc80319fe7df4d7720
parent 68a43c9d45c33ee0eec443900c283a184e182116
Author: Andreas Gruhler <agruhl@gmx.ch>
Date: Sat, 20 Sep 2025 01:11:19 +0200
feat: add conversejs
Diffstat:
3 files changed, 160 insertions(+), 0 deletions(-)
diff --git a/hcl/default/conversejs/conversejs.nomad b/hcl/default/conversejs/conversejs.nomad
@@ -0,0 +1,71 @@
+# https://conversejs.org/docs/html/quickstart.html#option-2-self-hosting
+
+job "conversejs" {
+ datacenters = ["dc1"]
+
+ group "server" {
+ count = 1
+
+ volume "tls" {
+ type = "csi"
+ source = "certbot"
+ access_mode = "multi-node-multi-writer"
+ attachment_mode = "file-system"
+ }
+ network {
+ port "https" {
+ static = 44410
+ }
+ }
+
+ task "nginx" {
+ driver = "podman"
+
+ artifact {
+ source = "https://github.com/conversejs/converse.js/releases/download/v12.0.0/converse.js-12.0.0.tgz"
+ destination = "${NOMAD_TASK_DIR}"
+ options {
+ checksum = "sha256:41684fcfa5f8c7a79a0b557834db5c57c016005bff66d6e002587252f3676bbb"
+ }
+ }
+
+ config {
+ image = "docker.io/library/nginx:stable-alpine"
+ ports = ["https"]
+ volumes = [
+ # mount the templated config from the task directory to the container
+ "local/conversejs.conf:/etc/nginx/conf.d/conversejs.conf",
+ "local/index.html:${NOMAD_TASK_DIR}/index.html",
+ ]
+ command = "/bin/sh"
+ args = ["-c", <<EOT
+ rm -rf /usr/share/nginx/html/*
+ cp -r ${NOMAD_TASK_DIR}/package/dist/* /usr/share/nginx/html/
+ cp ${NOMAD_TASK_DIR}/index.html /usr/share/nginx/html/
+ nginx -g 'daemon off;'
+ EOT
+ ]
+ }
+
+ volume_mount {
+ volume = "tls"
+ destination = "/etc/letsencrypt"
+ }
+
+ template {
+ destination = "${NOMAD_TASK_DIR}/conversejs.conf"
+ data = file("./templates/nginx.conf.tmpl")
+ }
+ template {
+ destination = "${NOMAD_TASK_DIR}/index.html"
+ data = file("./templates/index.html.tmpl")
+ }
+
+ resources {
+ memory = 50
+ memory_max = 128
+ cpu = 100
+ }
+ }
+ }
+}
diff --git a/hcl/default/conversejs/templates/index.html.tmpl b/hcl/default/conversejs/templates/index.html.tmpl
@@ -0,0 +1,46 @@
+<!doctype html>
+<html class="no-js" lang="en">
+<head>
+ <title>Converse</title>
+ <meta charset="utf-8"/>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <meta http-equiv="X-UA-Compatible" content="IE=edge">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <meta name="description" content="Converse XMPP/Jabber Chat"/>
+ <meta name="author" content="JC Brand" />
+ <meta name="keywords" content="xmpp chat webchat converse.js" />
+ <link rel="shortcut icon" type="image/ico" href="/images/favicon.ico"/>
+ <noscript><p><img src="//stats.opkode.com/piwik.php?idsite=5" style="border:0;" alt="" /></p></noscript>
+ <link rel="manifest" href="./manifest.json">
+ <link type="text/css" rel="stylesheet" media="screen" href="converse.min.css" />
+ <script src="https://cdn.conversejs.org/3rdparty/libsignal-protocol.min.js"></script>
+ <script src="converse.min.js"></script>
+</head>
+<script type="application/ld+json">
+{
+ "@context": "https://schema.org",
+ "@type": "SoftwareApplication",
+ "name": "Converse",
+ "description": "Open source XMPP chat client for the web",
+ "url": "https://conversejs.org",
+ "applicationCategory": "CommunicationApplication",
+ "operatingSystem": "Web Browser",
+}
+</script>
+<body class="converse-fullscreen">
+<noscript>You need to enable JavaScript to run the Converse.js chat app.</noscript>
+<div id="conversejs-bg"></div>
+<script>
+ converse.initialize({
+ theme: 'dracula',
+ authentication: 'login',
+ auto_away: 300,
+ auto_reconnect: true,
+ websocket_url: 'wss://chat.in0rdr.ch/xmpp-websocket',
+ message_archiving: 'always',
+ view_mode: 'fullscreen',
+ show_background: false,
+ });
+</script>
+</body>
+</html>
diff --git a/hcl/default/conversejs/templates/nginx.conf.tmpl b/hcl/default/conversejs/templates/nginx.conf.tmpl
@@ -0,0 +1,43 @@
+# https://github.com/conversejs/converse.js/blob/master/docs/source/setup.rst#websocket
+
+server {
+ listen {{ env "NOMAD_PORT_https" }} ssl;
+
+ ssl_certificate /etc/letsencrypt/live/chat.in0rdr.ch-0003/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/chat.in0rdr.ch-0003/privkey.pem;
+
+ # serve converse-js app from
+ location / {
+ root /usr/share/nginx/html;
+ try_files $uri /index.html;
+ }
+
+ # proxy XMPP websocket directly to Prosody upstream
+ location /xmpp-websocket {
+ proxy_pass https://in0rdr.ch:5281/xmpp-websocket;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+
+ # WebSocket proxying
+ # https://nginx.org/en/docs/http/websocket.html
+ proxy_http_version 1.1;
+ # timeout for reading a response from the proxied server. If the
+ # proxied server does not transmit anything within this time,
+ # the connection is closed.
+ proxy_read_timeout 86400; #24h
+ # When buffering is disabled, the response is passed to a client
+ # synchronously, immediately as it is received.
+ proxy_buffering off;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ }
+
+ # CORS
+ location ~ .(ttf|ttc|otf|eot|woff|woff2|font.css|css|js)$ {
+ # Decide here whether you want to allow all or only a particular domain
+ add_header Access-Control-Allow-Origin "*";
+ root /usr/share/nginx/html;
+ }
+}
