Move trusted_proxies from visitors to main prosody config file. (jits…

…i#1699)

prosody/rootfs/defaults/conf.d/visitors.cfg.lua

@@ -15,8 +15,6 @@
 {{ $RELEASE_NUMBER := .Env.RELEASE_NUMBER | default "" -}}
 {{ $SHARD_NAME := .Env.SHARD | default "default" -}}
 {{ $S2S_PORT := .Env.PROSODY_S2S_PORT | default "5269" -}}
-{{ $TRUSTED_PROXIES := .Env.PROSODY_TRUSTED_PROXIES | default "127.0.0.1,::1" -}}
-{{ $TRUSTED_PROXY_LIST := splitList "," $TRUSTED_PROXIES -}}
 {{ $TURN_HOST := .Env.TURN_HOST | default "" -}}
 {{ $TURN_HOSTS := splitList "," $TURN_HOST -}}
 {{ $TURN_PORT := .Env.TURN_PORT | default "443" -}}
@@ -92,12 +90,6 @@ consider_websocket_secure = true;
 consider_bosh_secure = true;
 bosh_max_inactivity = 60;
 
-trusted_proxies = {
-{{ range $index, $proxy := $TRUSTED_PROXY_LIST }}
-  "{{ $proxy }}";
-{{ end }}
-}
-
 -- this is added to make certs_s2soutinjection work
 s2sout_override = {
     ["{{ $XMPP_MUC_DOMAIN }}"] = "tcp://{{ $XMPP_SERVER }}:{{ $XMPP_SERVER_S2S_PORT }}"; -- needed for visitors to send messages to main room

prosody/rootfs/defaults/prosody.cfg.lua

@@ -15,6 +15,8 @@
 {{ $PROSODY_HTTP_PORT := .Env.PROSODY_HTTP_PORT | default "5280" -}}
 {{ $PROSODY_ADMINS := .Env.PROSODY_ADMINS | default "" -}}
 {{ $PROSODY_ADMIN_LIST := splitList "," $PROSODY_ADMINS -}}
+{{ $TRUSTED_PROXIES := .Env.PROSODY_TRUSTED_PROXIES | default "127.0.0.1,::1" -}}
+{{ $TRUSTED_PROXY_LIST := splitList "," $TRUSTED_PROXIES -}}
 {{ $PROSODY_S2S_LIMIT := .Env.PROSODY_S2S_LIMIT | default "30kb/s" -}}
 {{ $S2S_PORT := .Env.PROSODY_S2S_PORT | default "5269" }}
 {{ $VISITORS_MUC_PREFIX := .Env.PROSODY_VISITORS_MUC_PREFIX | default "muc" -}}
@@ -114,6 +116,11 @@ modules_enabled = {
 component_ports = { }
 https_ports = { }
 
+trusted_proxies = {
+{{ range $index, $proxy := $TRUSTED_PROXY_LIST }}
+  "{{ $proxy }}";
+{{ end }}
+}
 
 {{ if eq .Env.PROSODY_MODE "brewery" -}}
 firewall_scripts = {