|
|
@@ -21,37 +21,46 @@ modules:
|
|
|
websocket_url: "ws://@HOST@:5443/websocket"
|
|
|
## mod_delegation: {} # for xep0356
|
|
|
mod_disco: {}
|
|
|
- mod_stun_disco: {}
|
|
|
- ## mod_echo: {}
|
|
|
- ## mod_irc: {}
|
|
|
- mod_http_fileserver:
|
|
|
- default_content_type: "text/html"
|
|
|
- docroot: "/var/www/"
|
|
|
- directory_indices:
|
|
|
- - "index.html"
|
|
|
+ mod_fail2ban: {}
|
|
|
+# mod_stun_disco: {} #--> see 50-stun-turn.yml
|
|
|
+# mod_http_api: {}
|
|
|
+# mod_http_fileserver:{}
|
|
|
## docroot: "/var/www"
|
|
|
## accesslog: "/home/ejabberd/logs/access.log"
|
|
|
+ #mod_http_api: {}
|
|
|
mod_http_upload:
|
|
|
put_url: "https://@HOST@:5443/upload"
|
|
|
thumbnail: false # otherwise needs ejabberd to be compiled with libgd support
|
|
|
max_size: 524288 # 5MB
|
|
|
+ custom_headers:
|
|
|
+ "Access-Control-Allow-Origin": "https://@HOST@"
|
|
|
+ "Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS"
|
|
|
+ "Access-Control-Allow-Headers": "Content-Type"
|
|
|
mod_http_upload_quota:
|
|
|
- max_days: 3
|
|
|
+ max_days: 7
|
|
|
mod_last: {}
|
|
|
## XEP-0313: Message Archive Management
|
|
|
## You might want to setup a SQL backend for MAM because the mnesia database is
|
|
|
## limited to 2GB which might be exceeded on large servers
|
|
|
## mod_mam: {} # for xep0313, mnesia is limited to 2GB, better use an SQL backend
|
|
|
- mod_mam: {}
|
|
|
+ mod_mam:
|
|
|
+ assume_mam_usage: true
|
|
|
+ default: always
|
|
|
mod_muc:
|
|
|
- ## host: "conference.@HOST@"
|
|
|
access:
|
|
|
- allow
|
|
|
access_admin:
|
|
|
- allow: admin
|
|
|
access_create: muc_create
|
|
|
access_persistent: muc_create
|
|
|
- mod_muc_admin: {}
|
|
|
+ access_mam:
|
|
|
+ - allow
|
|
|
+ default_room_options:
|
|
|
+ mam: true
|
|
|
+ persistent: true
|
|
|
+ public: false
|
|
|
+ public_list: false
|
|
|
+ allow_subscription: true # enable MucSub
|
|
|
## mod_muc_log: {}
|
|
|
## mod_multicast: {}
|
|
|
mod_offline:
|
|
|
@@ -62,29 +71,24 @@ modules:
|
|
|
## interval: 60
|
|
|
mod_privacy: {}
|
|
|
mod_private: {}
|
|
|
- mod_proxy65: {}
|
|
|
+ mod_proxy65:
|
|
|
+ access: local
|
|
|
+ max_connections: 5
|
|
|
mod_pubsub:
|
|
|
access_createnode: pubsub_createnode
|
|
|
- ## reduces resource comsumption, but XEP incompliant
|
|
|
ignore_pep_from_offline: true
|
|
|
- ## XEP compliant, but increases resource comsumption
|
|
|
- ## ignore_pep_from_offline: false
|
|
|
last_item_cache: false
|
|
|
- max_items_node: 10
|
|
|
plugins:
|
|
|
- "flat"
|
|
|
- - "pep" # pep requires mod_caps
|
|
|
+ - "pep"
|
|
|
force_node_config:
|
|
|
-# ## Avoid using OMEMO by default because it
|
|
|
-# ## introduces a lot of hard-to-track problems
|
|
|
-# "eu.siacs.conversations.axolotl.*":
|
|
|
-# access_model: whitelist
|
|
|
- ## Avoid buggy clients to make their bookmarks public
|
|
|
+ "eu.siacs.conversations.axolotl.*":
|
|
|
+ access_model: open
|
|
|
"storage:bookmarks":
|
|
|
- access_model: whitelist
|
|
|
+ access_model: whitelist
|
|
|
mod_push: {}
|
|
|
mod_push_keepalive: {}
|
|
|
- mod_register:
|
|
|
+ #mod_register:
|
|
|
##
|
|
|
## Protect In-Band account registrations with CAPTCHA.
|
|
|
##
|
|
|
@@ -97,9 +101,9 @@ modules:
|
|
|
## After successful registration, the user receives
|
|
|
## a message with this subject and body.
|
|
|
##
|
|
|
- welcome_message:
|
|
|
- subject: "Welcome!"
|
|
|
- body: |-
|
|
|
+ # welcome_message:
|
|
|
+ # subject: "Welcome!"
|
|
|
+ # body: |-
|
|
|
Hi.
|
|
|
Welcome to this XMPP server.
|
|
|
##
|
|
|
@@ -111,50 +115,24 @@ modules:
|
|
|
##
|
|
|
## Only clients in the server machine can register accounts
|
|
|
##
|
|
|
- ip_access: trusted_network
|
|
|
+ # ip_access: trusted_network
|
|
|
##
|
|
|
## Local c2s or remote s2s users cannot register accounts
|
|
|
##
|
|
|
## access_from: deny
|
|
|
- access: register
|
|
|
+ # access: register
|
|
|
# mod_roster: {}
|
|
|
+ mod_s2s_dialback: {}
|
|
|
mod_roster:
|
|
|
versioning: true
|
|
|
mod_shared_roster: {}
|
|
|
+ ## mod_sic: {}
|
|
|
## mod_stats: {}
|
|
|
- ## mod_time: {}
|
|
|
+ mod_time: {}
|
|
|
mod_vcard:
|
|
|
search: false
|
|
|
mod_vcard_xupdate: {}
|
|
|
- mod_version: {}
|
|
|
- mod_stream_mgmt: {}
|
|
|
- ## Non-SASL Authentication (XEP-0078) is now disabled by default
|
|
|
- ## because it's obsoleted and is used mostly by abandoned
|
|
|
- ## client software
|
|
|
- ## mod_legacy_auth: {}
|
|
|
- ## The module for S2S dialback (XEP-0220). Please note that you cannot
|
|
|
- ## rely solely on dialback if you want to federate with other servers,
|
|
|
- ## because a lot of servers have dialback disabled and instead rely on
|
|
|
- ## PKIX authentication. Make sure you have proper certificates installed
|
|
|
- ## and check your accessibility at https://check.messaging.one/
|
|
|
- mod_s2s_dialback: {}
|
|
|
- mod_http_api: {}
|
|
|
- mod_fail2ban: {}
|
|
|
-
|
|
|
-##
|
|
|
-## Enable modules with custom options in a specific virtual host
|
|
|
-##
|
|
|
-## host_config:
|
|
|
-## "localhost":
|
|
|
-## modules:
|
|
|
-## mod_echo:
|
|
|
-## host: "mirror.localhost"
|
|
|
-
|
|
|
-##
|
|
|
-## Enable modules management via ejabberdctl for installation and
|
|
|
-## uninstallation of public/private contributed modules
|
|
|
-## (enabled by default)
|
|
|
-##
|
|
|
-
|
|
|
-
|
|
|
-allow_contrib_modules: true
|
|
|
+ mod_version:
|
|
|
+ show_os: false
|
|
|
+ mod_stream_mgmt:
|
|
|
+ resend_on_timeout: if_offline
|
Dominik