This is a 'local-copy-fork' of the opentalk controller from https://gitlab.opencode.de/opentalk/controller
Authentication and scheduling backend for the K3K conference system.
The controller is split into multiple crates to allow for extensibility.
This root crate uses all crates to run the controller with its full feature set.
k3k-controller 0.1.0-rc.1
USAGE:
k3k-controller [FLAGS] [OPTIONS] [SUBCOMMAND]
FLAGS:
-h, --help Prints help information
--reload Triggers a reload of some controller settings
-V, --version Prints version information
OPTIONS:
-c, --config <config> Specify path to configuration file [default: config.toml]
SUBCOMMANDS:
acl Modify the ACLs
fix-acl Rebuild ACLs based on current data
help Prints this message or the help of the given subcommand(s)
migrate-db Migrate the db. This is done automatically during start of the controller, but can be done without
starting the controller using this command
The Dockerfile is located at container/Dockerfile.
To build the image, execute in the root of the repository:
docker build -f container/Dockerfile . --tag <your tag>k3k-controller looks for a config file ./config.toml in the project root.
There is an example config file in extra/example.toml that can be copied:
cp ./extra/example.toml ./config.tomlYou can specify a different config file using the -c argument:
k3k-controller -c other_config.tomlSettings specified in the config file can be overwritten by environment variables.
To do so, set an environment variable with the prefix K3K_CTRL_ followed by the field names you want to set.
Nested fields are separated by two underscores __.
K3K_CTRL_<field>__<field-of-field>...set the database.url field:
K3K_CTRL_DATABASE__URL=postgres://k3k:s3cur3_p4ssw0rd@localhost:5432/k3kSo the field 'database.max_connections' would resolve to:
K3K_CTRL_DATABASE__MAX_CONNECTIONS=5Fields set via environment variables do not affect the underlying config file.
After installing/deploying the new version you can run the fix-acl subcommand to update the authz rules/ACLs to match the newest version. This is most certainly needed when new endpoints are added for already present resources.
A couple of ACLs can be set via the binary. For this use the acl subcommand.
Currently only room access is a supported option for this subcommand.
This subcommand is expected to change frequently when more features for access rules (e.g. invites) getting implemented.
Inside the crates folder following crates can be found:
- controller
- core crate which contains all of the controllers core features
- OpenID Connect user authentication
- Database connection and interfacing
actix_webbased HTTP servers for external and internal APIs- Extensible signaling websocket endpoint for video room signaling
- controller-shared-types
- Shared types among the controller and modules
- db-storage
- Database types used for the controller and modules
- janus-media
- media signaling module using the
janus-clientcrate
- media signaling module using the
- community-modules
- functionality for registering all modules in the community edition
- depends on all modules in the community edition
- chat
- chat signaling module which implements a simple room, group and private chat
- automod
- signaling module implementing automoderation for videoconferences
- legal-vote
- signaling module implementing legal vote for videoconferences
- polls
- signaling module implementing polls for videoconferences
- client EXPERIMENTAL
- Client side implementation of the controllers APIs used for testing
- r3dlock
- redis redlock distributed lock implementation for a single instance
- janus-client
- janus client library for interfacing with the Janus WebRTC Server
- kustos
- authz abstraction based on casbin-rs
- test-util
- types
- types that are shared across different crates, such as Web API and signaling messages