|
|
@@ -1,69 +1,158 @@
|
|
|
+###. =======
|
|
|
+###' MODULES
|
|
|
+
|
|
|
+##
|
|
|
+## Modules enabled in all ejabberd virtual hosts.
|
|
|
+##
|
|
|
modules:
|
|
|
mod_adhoc: {}
|
|
|
-# mod_admin_extra: {}
|
|
|
- mod_announce:
|
|
|
+ mod_admin_extra: {}
|
|
|
+ mod_announce: # recommends mod_adhoc
|
|
|
access: announce
|
|
|
mod_avatar: {}
|
|
|
- mod_blocking: {}
|
|
|
+# mod_block_strangers: {} # requires captcha
|
|
|
+ mod_blocking: {} # requires mod_privacy
|
|
|
mod_bosh: {}
|
|
|
mod_caps: {}
|
|
|
mod_carboncopy: {}
|
|
|
mod_client_state: {}
|
|
|
- mod_configure: {}
|
|
|
+ mod_configure: {} # requires mod_adhoc
|
|
|
+ ## mod_delegation: {} # for xep0356
|
|
|
mod_disco: {}
|
|
|
- mod_fail2ban: {}
|
|
|
- mod_http_api: {}
|
|
|
+ mod_stun_disco: {}
|
|
|
+ ## mod_echo: {}
|
|
|
+ ## mod_irc: {}
|
|
|
+ mod_http_fileserver:
|
|
|
+ default_content_type: "text/html"
|
|
|
+ docroot: "/var/www/"
|
|
|
+ directory_indices:
|
|
|
+ - "index.html"
|
|
|
+ ## docroot: "/var/www"
|
|
|
+ ## accesslog: "/home/ejabberd/logs/access.log"
|
|
|
mod_http_upload:
|
|
|
- put_url: https://@HOST@:5443/upload
|
|
|
+ put_url: "https://@HOST@:5443/upload"
|
|
|
+ thumbnail: false # otherwise needs ejabberd to be compiled with libgd support
|
|
|
+ max_size: 524288 # 5MB
|
|
|
+ mod_http_upload_quota:
|
|
|
+ max_days: 3
|
|
|
mod_last: {}
|
|
|
- mod_mam:
|
|
|
- ## Mnesia is limited to 2GB, better to use an SQL backend
|
|
|
- ## For small servers SQLite is a good fit and is very easy
|
|
|
- ## to configure. Uncomment this when you have SQL configured:
|
|
|
- ## db_type: sql
|
|
|
- assume_mam_usage: true
|
|
|
- default: never
|
|
|
-# mod_mqtt: {}
|
|
|
+ ## XEP-0313: Message Archive Management
|
|
|
+ ## You might want to setup a SQL backend for MAM because the mnesia database is
|
|
|
+ ## limited to 2GB which might be exceeded on large servers
|
|
|
+ ## mod_mam: {} # for xep0313, mnesia is limited to 2GB, better use an SQL backend
|
|
|
+ mod_mam: {}
|
|
|
mod_muc:
|
|
|
+ ## host: "conference.@HOST@"
|
|
|
access:
|
|
|
- allow
|
|
|
access_admin:
|
|
|
- allow: admin
|
|
|
access_create: muc_create
|
|
|
access_persistent: muc_create
|
|
|
- access_mam:
|
|
|
- - allow
|
|
|
- default_room_options:
|
|
|
- allow_subscription: true # enable MucSub
|
|
|
- mam: false
|
|
|
mod_muc_admin: {}
|
|
|
+ ## mod_muc_log: {}
|
|
|
+ ## mod_multicast: {}
|
|
|
mod_offline:
|
|
|
access_max_user_messages: max_user_offline_messages
|
|
|
mod_ping: {}
|
|
|
+ ## mod_pres_counter:
|
|
|
+ ## count: 5
|
|
|
+ ## interval: 60
|
|
|
mod_privacy: {}
|
|
|
mod_private: {}
|
|
|
- mod_proxy65:
|
|
|
- access: local
|
|
|
- max_connections: 5
|
|
|
+ mod_proxy65: {}
|
|
|
mod_pubsub:
|
|
|
access_createnode: pubsub_createnode
|
|
|
+ ## reduces resource comsumption, but XEP incompliant
|
|
|
+ ignore_pep_from_offline: true
|
|
|
+ ## XEP compliant, but increases resource comsumption
|
|
|
+ ## ignore_pep_from_offline: false
|
|
|
+ last_item_cache: false
|
|
|
+ max_items_node: 10
|
|
|
plugins:
|
|
|
- - flat
|
|
|
- - pep
|
|
|
+ - "flat"
|
|
|
+ - "pep" # pep requires mod_caps
|
|
|
force_node_config:
|
|
|
+# ## Avoid using OMEMO by default because it
|
|
|
+# ## introduces a lot of hard-to-track problems
|
|
|
+# "eu.siacs.conversations.axolotl.*":
|
|
|
+# access_model: whitelist
|
|
|
## Avoid buggy clients to make their bookmarks public
|
|
|
- storage:bookmarks:
|
|
|
+ "storage:bookmarks":
|
|
|
access_model: whitelist
|
|
|
mod_push: {}
|
|
|
mod_push_keepalive: {}
|
|
|
+ mod_register:
|
|
|
+ ##
|
|
|
+ ## Protect In-Band account registrations with CAPTCHA.
|
|
|
+ ##
|
|
|
+ ## captcha_protected: true
|
|
|
+ ##
|
|
|
+ ## Set the minimum informational entropy for passwords.
|
|
|
+ ##
|
|
|
+ ## password_strength: 32
|
|
|
+ ##
|
|
|
+ ## After successful registration, the user receives
|
|
|
+ ## a message with this subject and body.
|
|
|
+ ##
|
|
|
+ welcome_message:
|
|
|
+ subject: "Welcome!"
|
|
|
+ body: |-
|
|
|
+ Hi.
|
|
|
+ Welcome to this XMPP server.
|
|
|
+ ##
|
|
|
+ ## When a user registers, send a notification to
|
|
|
+ ## these XMPP accounts.
|
|
|
+ ##
|
|
|
+ ## registration_watchers:
|
|
|
+ ## - "admin1@example.org"
|
|
|
+ ##
|
|
|
+ ## Only clients in the server machine can register accounts
|
|
|
+ ##
|
|
|
+ ip_access: trusted_network
|
|
|
+ ##
|
|
|
+ ## Local c2s or remote s2s users cannot register accounts
|
|
|
+ ##
|
|
|
+ ## access_from: deny
|
|
|
+ access: register
|
|
|
+# mod_roster: {}
|
|
|
mod_roster:
|
|
|
versioning: true
|
|
|
-# mod_sip: {}
|
|
|
- mod_s2s_dialback: {}
|
|
|
mod_shared_roster: {}
|
|
|
- mod_stream_mgmt:
|
|
|
- resend_on_timeout: if_offline
|
|
|
- mod_vcard: {}
|
|
|
+ ## mod_stats: {}
|
|
|
+ ## mod_time: {}
|
|
|
+ mod_vcard:
|
|
|
+ search: false
|
|
|
mod_vcard_xupdate: {}
|
|
|
- mod_version:
|
|
|
- show_os: false
|
|
|
+ mod_version: {}
|
|
|
+ mod_stream_mgmt: {}
|
|
|
+ ## Non-SASL Authentication (XEP-0078) is now disabled by default
|
|
|
+ ## because it's obsoleted and is used mostly by abandoned
|
|
|
+ ## client software
|
|
|
+ ## mod_legacy_auth: {}
|
|
|
+ ## The module for S2S dialback (XEP-0220). Please note that you cannot
|
|
|
+ ## rely solely on dialback if you want to federate with other servers,
|
|
|
+ ## because a lot of servers have dialback disabled and instead rely on
|
|
|
+ ## PKIX authentication. Make sure you have proper certificates installed
|
|
|
+ ## and check your accessibility at https://check.messaging.one/
|
|
|
+ mod_s2s_dialback: {}
|
|
|
+ mod_http_api: {}
|
|
|
+ mod_fail2ban: {}
|
|
|
+
|
|
|
+##
|
|
|
+## Enable modules with custom options in a specific virtual host
|
|
|
+##
|
|
|
+## host_config:
|
|
|
+## "localhost":
|
|
|
+## modules:
|
|
|
+## mod_echo:
|
|
|
+## host: "mirror.localhost"
|
|
|
+
|
|
|
+##
|
|
|
+## Enable modules management via ejabberdctl for installation and
|
|
|
+## uninstallation of public/private contributed modules
|
|
|
+## (enabled by default)
|
|
|
+##
|
|
|
+
|
|
|
+
|
|
|
+allow_contrib_modules: true
|
Dominik