32-access.yml 1.3 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950
  1. acl:
  2. local:
  3. user_regexp: ""
  4. loopback:
  5. ip:
  6. - 127.0.0.0/8
  7. - ::1/128
  8. - ::FFFF:127.0.0.1/128
  9. admin:
  10. # username without domain matches any JID that has Username in any virtual host served by ejabberd
  11. user:
  12. # - "admin@example.com"
  13. - "admin"
  14. access_rules:
  15. ## This rule allows access only for local users:
  16. local:
  17. - allow: local
  18. ## Only non-blocked users can use c2s connections:
  19. c2s:
  20. - deny: blocked
  21. - allow
  22. ## Only admins can send announcement messages:
  23. announce:
  24. - allow: admin
  25. ## Only admins can use the configuration interface:
  26. configure:
  27. - allow: admin
  28. ## Only accounts of the local ejabberd server can create rooms:
  29. muc_create:
  30. - allow: local
  31. ## Only accounts on the local ejabberd server can create Pubsub nodes:
  32. pubsub_createnode:
  33. - allow: local
  34. ## In-band registration allows registration of any possible username.
  35. ## To disable in-band registration, replace 'allow' with 'deny'.
  36. register:
  37. - deny
  38. ## Only allow to register from localhost
  39. trusted_network:
  40. - allow: loopback
  41. ## Do not establish S2S connections with bad servers
  42. ## If you enable this you also have to uncomment "s2s_access: s2s"
  43. ## s2s:
  44. ## - deny:
  45. ## - ip: "XXX.XXX.XXX.XXX/32"
  46. ## - deny:
  47. ## - ip: "XXX.XXX.XXX.XXX/32"
  48. ## - allow