From 118106cf745167db7e17654e0402721939631be7 Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Fri, 10 Sep 2021 12:00:16 +0430 Subject: update --- terminaldweller.com/ejabberd/ejabberd.yml | 250 ++++++++++++++++++++++++++++++ 1 file changed, 250 insertions(+) create mode 100644 terminaldweller.com/ejabberd/ejabberd.yml (limited to 'terminaldweller.com/ejabberd') diff --git a/terminaldweller.com/ejabberd/ejabberd.yml b/terminaldweller.com/ejabberd/ejabberd.yml new file mode 100644 index 0000000..6257515 --- /dev/null +++ b/terminaldweller.com/ejabberd/ejabberd.yml @@ -0,0 +1,250 @@ +hosts: + - chat.terminaldweller.com + +loglevel: 4 +log_rotate_size: 10485760 +log_rotate_date: '' +log_rotate_count: 1 +log_rate_limit: 100 + +listen: + - port: 5222 + ip: '::' + module: ejabberd_c2s + max_stanza_size: 262144 + shaper: c2s_shaper + access: c2s + starttls_required: true + - port: 5269 + ip: '::' + module: ejabberd_s2s_in + max_stanza_size: 524288 + - port: 5443 + ip: '::' + module: ejabberd_http + request_handlers: + '/admin': ejabberd_web_admin + '/api': mod_http_api + '/bosh': mod_bosh + '/captcha': ejabberd_captcha + '/upload': mod_http_upload + '/ws': ejabberd_http_ws + '/oauth': ejabberd_oauth + - port: 5080 + ip: '::' + module: ejabberd_http + request_handlers: + '/admin': ejabberd_web_admin + - port: 1883 + ip: '::' + module: mod_mqtt + backlog: 1000 + - port: 3478 + transport: udp + module: ejabberd_stun + use_turn: true + turn_min_port: 49152 + turn_max_port: 65535 + turn_ip: 0.0.0.0 + - port: 5349 + transport: tcp + module: ejabberd_stun + use_turn: true + tls: true + turn_min_port: 49152 + turn_max_port: 65535 + ip: 0.0.0.0 + turn_ip: 0.0.0.0 + - port: 5280 + module: ejabberd_http + tls: false + request_handlers: + /.well-known/acme-challenge: ejabberd_acme + +s2s_use_starttls: optional + +acl: + local: + user_regexp: '' + loopback: + ip: + - 127.0.0.0/8 + - ::1/128 + - ::FFFF:127.0.0.1/128 + admin: + user: + - 'admin@localhost' + +access_rules: + local: + allow: local + c2s: + deny: blocked + allow: all + announce: + allow: admin + configure: + allow: admin + muc_create: + allow: local + pubsub_createnode: + allow: local + trusted_network: + allow: loopback + +api_permissions: + 'console commands': + from: + - ejabberd_ctl + who: all + what: '*' + 'admin access': + who: + access: + allow: + acl: admin + oauth: + scope: 'ejabberd:admin' + access: + allow: + acl: admin + what: + - '*' + - '!stop' + - '!start' + 'public commands': + who: + ip: 127.0.0.1/8 + what: + - '*' + - connected_users_number + 'web admin': + who: + - access: + - allow: + - acl: loopback + - acl: admin + - oauth: + - scope: 'sasl_auth' + - access: + - allow: + - acl: loopback + - acl: admin + what: + - '*' + - '!stop' + - '!start' + +shaper: + normal: 1000 + fast: 50000 + +shaper_rules: + max_user_sessions: 10000 + max_user_offline_messages: + 5000: admin + 100: all + c2s_shaper: + none: admin + normal: all + s2s_shaper: fast + +max_fsm_queue: 10000 + +acme: + contact: 'mailto:devi@terminaldweller.com' + ca_url: 'https://acme-v01.api.letsencrypt.org' + +oauth_expire: 31536000 +oauth_access: all + +modules: + mod_stun_disco: + credentials_lifetime: 12h + services: + - host: 0.0.0.0 + port: 3478 + type: stun + transport: udp + restricted: false + - host: 0.0.0.0 + port: 3478 + type: turn + transport: udp + restricted: true + - host: rtcdev.site + port: 5349 + type: stun + transport: tcp + restricted: false + - host: rtcdev.site + port: 5349 + type: turn + transport: tcp + restricted: true + mod_adhoc: {} + mod_admin_extra: {} + mod_announce: + access: announce + mod_avatar: {} + mod_blocking: {} + mod_bosh: {} + mod_caps: {} + mod_carboncopy: {} + mod_client_state: {} + mod_configure: {} + mod_disco: {} + mod_fail2ban: {} + mod_http_api: {} + mod_http_upload: + put_url: https://@HOST@:5443/upload + mod_last: {} + mod_mam: + db_type: sql + assume_mam_usage: true + default: never + mod_mqtt: {} + mod_muc: + access: + - allow + access_admin: + - allow: admin + access_create: muc_create + access_persistent: muc_create + access_mam: + - allow + default_room_options: + allow_subscription: true + mam: false + mod_muc_admin: {} + mod_offline: + access_max_user_messages: max_user_offline_messages + mod_ping: {} + mod_privacy: {} + mod_private: {} + mod_proxy65: + access: local + max_connections: 5 + mod_pubsub: + access_createnode: pubsub_createnode + plugins: + - flat + - pep + force_node_config: + storage:bookmarks: + access_model: whitelist + mod_push: {} + mod_push_keepalive: {} + mod_register: + ip_access: trusted_network + mod_roster: + versioning: true + mod_sip: {} + mod_s2s_dialback: {} + mod_shared_roster: {} + mod_stream_mgmt: + resend_on_timeout: if_offline + mod_vcard: {} + mod_vcard_xupdate: {} + mod_version: + show_os: false -- cgit v1.2.3