aboutsummaryrefslogtreecommitdiffstats
path: root/terminaldweller.com/prosody/config
diff options
context:
space:
mode:
authorterminaldweller <thabogre@gmail.com>2022-07-07 06:30:23 +0000
committerterminaldweller <thabogre@gmail.com>2022-07-07 06:30:23 +0000
commited09c5f82ed5ef4932f67af72551807e13a4412d (patch)
tree6ad4a8bcbd08a9cf8b6b3e6a2871d200b478d9eb /terminaldweller.com/prosody/config
parentupdated haproxy (diff)
downloadscripts-ed09c5f82ed5ef4932f67af72551807e13a4412d.tar.gz
scripts-ed09c5f82ed5ef4932f67af72551807e13a4412d.zip
a lot of updates
Diffstat (limited to '')
-rw-r--r--terminaldweller.com/prosody/config/prosody.cfg.lua142
1 files changed, 64 insertions, 78 deletions
diff --git a/terminaldweller.com/prosody/config/prosody.cfg.lua b/terminaldweller.com/prosody/config/prosody.cfg.lua
index d2c5e7d..ba67de7 100644
--- a/terminaldweller.com/prosody/config/prosody.cfg.lua
+++ b/terminaldweller.com/prosody/config/prosody.cfg.lua
@@ -12,7 +12,6 @@ daemonize = false;
--
-- Good luck, and happy Jabbering!
-
---------- Server-wide settings ----------
-- Settings in this section apply to the whole server and are the default settings
-- for any virtual hosts
@@ -25,70 +24,67 @@ admins = {"devi@chat.terminaldweller.com"}
-- Enable use of libevent for better performance under high load
-- For more information see: https://prosody.im/doc/libevent
---use_libevent = true
+-- use_libevent = true
-- Prosody will always look in its source directory for modules, but
-- this option allows you to specify additional locations where Prosody
-- will look for modules first. For community modules, see https://modules.prosody.im/
---plugin_paths = {}
+-- plugin_paths = {}
-- This is the list of modules Prosody will load on startup.
-- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
-- Documentation for bundled modules can be found at: https://prosody.im/doc/modules
modules_enabled = {
- -- Generally required
- "roster"; -- Allow users to have a roster. Recommended ;)
- "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
- "tls"; -- Add support for secure TLS on c2s/s2s connections
- "dialback"; -- s2s dialback support
- "disco"; -- Service discovery
-
- -- Not essential, but recommended
- "carbons"; -- Keep multiple clients in sync
- "pep"; -- Enables users to publish their avatar, mood, activity, playing music and more
- "private"; -- Private XML storage (for room bookmarks, etc.)
- "blocklist"; -- Allow users to block communications with other users
- "vcard4"; -- User profiles (stored in PEP)
- "vcard_legacy"; -- Conversion between legacy vCard and PEP Avatar, vcard
- "limits"; -- Enable bandwidth limiting for XMPP connections
-
- -- Nice to have
- "version"; -- Replies to server version requests
- "uptime"; -- Report how long server has been running
- "time"; -- Let others know the time here on this server
- "ping"; -- Replies to XMPP pings with pongs
- --"register"; -- Allow users to register on this server using a client and change passwords
- --"mam"; -- Store messages in an archive and allow users to access it
- --"csi_simple"; -- Simple Mobile optimizations
-
- -- Admin interfaces
- "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
- --"admin_telnet"; -- Opens telnet console interface on localhost port 5582
-
- -- HTTP modules
- "bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
- --"websocket"; -- XMPP over WebSockets
- --"http_files"; -- Serve static files from a directory over HTTP
-
- -- Other specific functionality
- --"groups"; -- Shared roster support
- --"server_contact_info"; -- Publish contact information for this service
- --"announce"; -- Send announcement to all online users
- --"welcome"; -- Welcome users who register accounts
- --"watchregistrations"; -- Alert admins of registrations
- --"motd"; -- Send a message to users when they log in
- --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
- --"proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use
+ -- Generally required
+ "roster", -- Allow users to have a roster. Recommended ;)
+ "saslauth", -- Authentication for clients and servers. Recommended if you want to log in.
+ "tls", -- Add support for secure TLS on c2s/s2s connections
+ "dialback", -- s2s dialback support
+ "disco", -- Service discovery
+ -- Not essential, but recommended
+ "carbons", -- Keep multiple clients in sync
+ "pep", -- Enables users to publish their avatar, mood, activity, playing music and more
+ "private", -- Private XML storage (for room bookmarks, etc.)
+ "blocklist", -- Allow users to block communications with other users
+ "vcard4", -- User profiles (stored in PEP)
+ "vcard_legacy", -- Conversion between legacy vCard and PEP Avatar, vcard
+ "limits", -- Enable bandwidth limiting for XMPP connections
+ -- Nice to have
+ "version", -- Replies to server version requests
+ "uptime", -- Report how long server has been running
+ "time", -- Let others know the time here on this server
+ "ping", -- Replies to XMPP pings with pongs
+ -- "register"; -- Allow users to register on this server using a client and change passwords
+ -- "mam"; -- Store messages in an archive and allow users to access it
+ -- "csi_simple"; -- Simple Mobile optimizations
+ -- Admin interfaces
+ "admin_adhoc", -- Allows administration via an XMPP client that supports ad-hoc commands
+ -- "admin_telnet"; -- Opens telnet console interface on localhost port 5582
+
+ -- HTTP modules
+ "bosh" -- Enable BOSH clients, aka "Jabber over HTTP"
+ -- "websocket"; -- XMPP over WebSockets
+ -- "http_files"; -- Serve static files from a directory over HTTP
+
+ -- Other specific functionality
+ -- "groups"; -- Shared roster support
+ -- "server_contact_info"; -- Publish contact information for this service
+ -- "announce"; -- Send announcement to all online users
+ -- "welcome"; -- Welcome users who register accounts
+ -- "watchregistrations"; -- Alert admins of registrations
+ -- "motd"; -- Send a message to users when they log in
+ -- "legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
+ -- "proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use
}
-- These modules are auto-loaded, but should you want
-- to disable them then uncomment them here:
modules_disabled = {
- -- "offline"; -- Store offline messages
- -- "c2s"; -- Handle client connections
- -- "s2s"; -- Handle server-to-server connections
- -- "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
+ -- "offline"; -- Store offline messages
+ "c2s" -- Handle client connections
+ -- "s2s"; -- Handle server-to-server connections
+ -- "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
}
-- Disable account creation by default, for security
@@ -114,23 +110,16 @@ s2s_secure_auth = false
-- certificates. They will be authenticated using DNS instead, even
-- when s2s_secure_auth is enabled.
---s2s_insecure_domains = { "insecure.example" }
+-- s2s_insecure_domains = { "insecure.example" }
-- Even if you disable s2s_secure_auth, you can still require valid
-- certificates for some domains by specifying a list here.
---s2s_secure_domains = { "jabber.org" }
+-- s2s_secure_domains = { "jabber.org" }
-- Enable rate limits for incoming client and server connections
-limits = {
- c2s = {
- rate = "10kb/s";
- };
- s2sin = {
- rate = "30kb/s";
- };
-}
+limits = {c2s = {rate = "10kb/s"}, s2sin = {rate = "30kb/s"}}
-- Required for init scripts and prosodyctl
pidfile = "/var/run/prosody/prosody.pid"
@@ -145,13 +134,12 @@ authentication = "internal_hashed"
-- through modules. An "sql" backend is included by default, but requires
-- additional dependencies. See https://prosody.im/doc/storage for more info.
---storage = "sql" -- Default is "internal"
+-- storage = "sql" -- Default is "internal"
-- For the "sql" backend, you can uncomment *one* of the below to configure:
---sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename.
---sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
---sql = { driver = "PostgreSQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
-
+-- sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename.
+-- sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
+-- sql = { driver = "PostgreSQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
-- Archiving configuration
-- If mod_mam is enabled, Prosody will store a copy of every message. This
@@ -166,9 +154,7 @@ archive_expires_after = "1w" -- Remove archived messages after 1 week
-- Logging configuration
-- For advanced logging see https://prosody.im/doc/logging
-log = {
- {levels = {min = "info"}, to = "console"};
-}
+log = {{levels = {min = "info"}, to = "console"}}
-- Uncomment to enable statistics
-- For more info see https://prosody.im/doc/statistics
@@ -185,20 +171,20 @@ log = {
certificates = "certs"
-- HTTPS currently only supports a single certificate, specify it here:
---https_certificate = "/etc/prosody/certs/localhost.crt"
+-- https_certificate = "/etc/prosody/certs/localhost.crt"
----------- Virtual hosts -----------
-- You need to add a VirtualHost entry for each domain you wish Prosody to serve.
-- Settings under each VirtualHost entry apply *only* to that host.
VirtualHost "chat.terminaldweller.com"
- enabled = true
- ssl = {
- key = "/etc/letsencrypt/live/chat.terminaldweller.com/privkey.pem";
- certificate = "/etc/letsencrypt/live/chat.terminaldweller.com/fullchain.pem";
- }
+enabled = true
+ssl = {
+ key = "/etc/letsencrypt/live/chat.terminaldweller.com/privkey.pem",
+ certificate = "/etc/letsencrypt/live/chat.terminaldweller.com/fullchain.pem"
+}
---VirtualHost "example.com"
+-- VirtualHost "example.com"
-- certificate = "/path/to/example.crt"
------ Components ------
@@ -208,9 +194,9 @@ VirtualHost "chat.terminaldweller.com"
---Set up a MUC (multi-user chat) room server on conference.example.com:
Component "conference.chat.terminaldweller.com" "muc"
- restrict_room_creationi = "admin"
+restrict_room_creationi = "admin"
--- Store MUC messages in an archive and allow users to access it
---modules_enabled = { "muc_mam" }
+-- modules_enabled = { "muc_mam" }
---Set up an external component (default component port is 5347)
--
@@ -218,5 +204,5 @@ Component "conference.chat.terminaldweller.com" "muc"
-- transports to other networks like ICQ, MSN and Yahoo. For more info
-- see: https://prosody.im/doc/components#adding_an_external_component
--
---Component "gateway.example.com"
+-- Component "gateway.example.com"
-- component_secret = "password"