ejabberd-updated.orig.yml 5.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282
  1. ###
  2. ### ejabberd configuration file
  3. ###
  4. ### The parameters used in this configuration file are explained at
  5. ###
  6. ### https://docs.ejabberd.im/admin/configuration
  7. ###
  8. ### The configuration file is written in YAML.
  9. ### *******************************************************
  10. ### ******* !!! WARNING !!! *******
  11. ### ******* YAML IS INDENTATION SENSITIVE *******
  12. ### ******* MAKE SURE YOU INDENT SECTIONS CORRECTLY *******
  13. ### *******************************************************
  14. ### Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
  15. ###
  16. hosts:
  17. - "vc.s-up.net"
  18. - localhost
  19. loglevel: 4
  20. log_rotate_size: 10485760
  21. log_rotate_date: ""
  22. log_rotate_count: 1
  23. log_rate_limit: 100
  24. certfiles:
  25. - /home/ejabberd/conf/server.pem
  26. ca_file: "/home/ejabberd/conf/cacert.pem"
  27. listen:
  28. -
  29. port: 5222
  30. ip: "::"
  31. module: ejabberd_c2s
  32. max_stanza_size: 262144
  33. shaper: c2s_shaper
  34. access: c2s
  35. starttls_required: true
  36. -
  37. port: 5269
  38. ip: "::"
  39. module: ejabberd_s2s_in
  40. max_stanza_size: 524288
  41. -
  42. port: 5443
  43. ip: "::"
  44. module: ejabberd_http
  45. tls: true
  46. request_handlers:
  47. "/admin": ejabberd_web_admin
  48. "/api": mod_http_api
  49. "/bosh": mod_bosh
  50. "/captcha": ejabberd_captcha
  51. "/upload": mod_http_upload
  52. "/ws": ejabberd_http_ws
  53. "/oauth": ejabberd_oauth
  54. -
  55. port: 5280
  56. ip: "::"
  57. module: ejabberd_http
  58. request_handlers:
  59. "/admin": ejabberd_web_admin
  60. # -
  61. # port: 1883
  62. # ip: "::"
  63. # module: mod_mqtt
  64. # backlog: 1000
  65. ##
  66. ## https://docs.ejabberd.im/admin/configuration/#stun-and-turn
  67. ## ejabberd_stun: Handles STUN Binding requests
  68. ##
  69. ##-
  70. ## port: 3478
  71. ## ip: "0.0.0.0"
  72. ## transport: udp
  73. ## module: ejabberd_stun
  74. ## use_turn: true
  75. ## turn_ip: "{{ IP }}"
  76. ## auth_type: user
  77. ## auth_realm: "example.com"
  78. ##-
  79. ## port: 3478
  80. ## ip: "0.0.0.0"
  81. ## module: ejabberd_stun
  82. ## use_turn: true
  83. ## turn_ip: "{{ IP }}"
  84. ## auth_type: user
  85. ## auth_realm: "example.com"
  86. ##-
  87. ## port: 5349
  88. ## ip: "0.0.0.0"
  89. ## module: ejabberd_stun
  90. ## certfile: "/home/ejabberd/conf/server.pem"
  91. ## tls: true
  92. ## use_turn: true
  93. ## turn_ip: "{{ IP }}"
  94. ## auth_type: user
  95. ## auth_realm: "example.com"
  96. ##
  97. ## https://docs.ejabberd.im/admin/configuration/#sip
  98. ## To handle SIP (VOIP) requests:
  99. ##
  100. ##-
  101. ## port: 5060
  102. ## ip: "0.0.0.0"
  103. ## transport: udp
  104. ## module: ejabberd_sip
  105. ##-
  106. ## port: 5060
  107. ## ip: "0.0.0.0"
  108. ## module: ejabberd_sip
  109. ##-
  110. ## port: 5061
  111. ## ip: "0.0.0.0"
  112. ## module: ejabberd_sip
  113. ## tls: true
  114. s2s_use_starttls: optional
  115. acl:
  116. local:
  117. user_regexp: ""
  118. loopback:
  119. ip:
  120. - 127.0.0.0/8
  121. - ::1/128
  122. - ::FFFF:127.0.0.1/128
  123. admin:
  124. user:
  125. - "admin@localhost"
  126. access_rules:
  127. local:
  128. allow: local
  129. c2s:
  130. deny: blocked
  131. allow: all
  132. announce:
  133. allow: admin
  134. configure:
  135. allow: admin
  136. muc_create:
  137. allow: local
  138. pubsub_createnode:
  139. allow: local
  140. trusted_network:
  141. allow: loopback
  142. api_permissions:
  143. "console commands":
  144. from:
  145. - ejabberd_ctl
  146. who: all
  147. what: "*"
  148. "admin access":
  149. who:
  150. access:
  151. allow:
  152. acl: loopback
  153. acl: admin
  154. oauth:
  155. scope: "ejabberd:admin"
  156. access:
  157. allow:
  158. acl: loopback
  159. acl: admin
  160. what:
  161. - "*"
  162. - "!stop"
  163. - "!start"
  164. "public commands":
  165. who:
  166. ip: 127.0.0.1/8
  167. what:
  168. - status
  169. - connected_users_number
  170. shaper:
  171. normal: 1000
  172. fast: 50000
  173. shaper_rules:
  174. max_user_sessions: 10
  175. max_user_offline_messages:
  176. 5000: admin
  177. 100: all
  178. c2s_shaper:
  179. none: admin
  180. normal: all
  181. s2s_shaper: fast
  182. max_fsm_queue: 10000
  183. acme:
  184. contact: "mailto:dcs-acme-vc.s-up.net@s-up.org"
  185. # ca_url: "https://acme-staging-v02.api.letsencrypt.org/directory"
  186. ca_url: "https://acme-staging-v02.api.letsencrypt.org/directory"
  187. modules:
  188. mod_adhoc: {}
  189. mod_admin_extra: {}
  190. mod_announce:
  191. access: announce
  192. mod_avatar: {}
  193. mod_blocking: {}
  194. mod_bosh: {}
  195. mod_caps: {}
  196. mod_carboncopy: {}
  197. mod_client_state: {}
  198. mod_configure: {}
  199. mod_disco: {}
  200. mod_fail2ban: {}
  201. mod_http_api: {}
  202. mod_http_upload:
  203. put_url: https://@HOST@:5443/upload
  204. mod_last: {}
  205. mod_mam:
  206. ## Mnesia is limited to 2GB, better to use an SQL backend
  207. ## For small servers SQLite is a good fit and is very easy
  208. ## to configure. Uncomment this when you have SQL configured:
  209. ## db_type: sql
  210. assume_mam_usage: true
  211. default: never
  212. mod_mqtt: {}
  213. mod_muc:
  214. access:
  215. - allow
  216. access_admin:
  217. - allow: admin
  218. access_create: muc_create
  219. access_persistent: muc_create
  220. access_mam:
  221. - allow
  222. default_room_options:
  223. allow_subscription: true # enable MucSub
  224. mam: false
  225. mod_muc_admin: {}
  226. mod_offline:
  227. access_max_user_messages: max_user_offline_messages
  228. mod_ping: {}
  229. mod_privacy: {}
  230. mod_private: {}
  231. mod_proxy65:
  232. access: local
  233. max_connections: 5
  234. mod_pubsub:
  235. access_createnode: pubsub_createnode
  236. plugins:
  237. - flat
  238. - pep
  239. force_node_config:
  240. ## Avoid buggy clients to make their bookmarks public
  241. storage:bookmarks:
  242. access_model: whitelist
  243. mod_push: {}
  244. mod_push_keepalive: {}
  245. mod_register:
  246. ## Only accept registration requests from the "trusted"
  247. ## network (see access_rules section above).
  248. ## Think twice before enabling registration from any
  249. ## address. See the Jabber SPAM Manifesto for details:
  250. ## https://github.com/ge0rg/jabber-spam-fighting-manifesto
  251. ip_access: trusted_network
  252. mod_roster:
  253. versioning: true
  254. mod_sip: {}
  255. mod_s2s_dialback: {}
  256. mod_shared_roster: {}
  257. mod_stream_mgmt:
  258. resend_on_timeout: if_offline
  259. mod_vcard: {}
  260. mod_vcard_xupdate: {}
  261. mod_version:
  262. show_os: false
  263. ### Local Variables:
  264. ### mode: yaml
  265. ### End:
  266. ### vim: set filetype=yaml tabstop=8