From 118106cf745167db7e17654e0402721939631be7 Mon Sep 17 00:00:00 2001
From: terminaldweller <thabogre@gmail.com>
Date: Fri, 10 Sep 2021 12:00:16 +0430
Subject: update

---
 terminaldweller.com/ejabberd/ejabberd.yml | 250 ++++++++++++++++++++++++++++++
 1 file changed, 250 insertions(+)
 create mode 100644 terminaldweller.com/ejabberd/ejabberd.yml

(limited to 'terminaldweller.com/ejabberd')

diff --git a/terminaldweller.com/ejabberd/ejabberd.yml b/terminaldweller.com/ejabberd/ejabberd.yml
new file mode 100644
index 0000000..6257515
--- /dev/null
+++ b/terminaldweller.com/ejabberd/ejabberd.yml
@@ -0,0 +1,250 @@
+hosts:
+  - chat.terminaldweller.com
+
+loglevel: 4
+log_rotate_size: 10485760
+log_rotate_date: ''
+log_rotate_count: 1
+log_rate_limit: 100
+
+listen:
+  - port: 5222
+    ip: '::'
+    module: ejabberd_c2s
+    max_stanza_size: 262144
+    shaper: c2s_shaper
+    access: c2s
+    starttls_required: true
+  - port: 5269
+    ip: '::'
+    module: ejabberd_s2s_in
+    max_stanza_size: 524288
+  - port: 5443
+    ip: '::'
+    module: ejabberd_http
+    request_handlers:
+      '/admin': ejabberd_web_admin
+      '/api': mod_http_api
+      '/bosh': mod_bosh
+      '/captcha': ejabberd_captcha
+      '/upload': mod_http_upload
+      '/ws': ejabberd_http_ws
+      '/oauth': ejabberd_oauth
+  - port: 5080
+    ip: '::'
+    module: ejabberd_http
+    request_handlers:
+      '/admin': ejabberd_web_admin
+  - port: 1883
+    ip: '::'
+    module: mod_mqtt
+    backlog: 1000
+  - port: 3478
+    transport: udp
+    module: ejabberd_stun
+    use_turn: true
+    turn_min_port: 49152
+    turn_max_port: 65535
+    turn_ip: 0.0.0.0
+  - port: 5349
+    transport: tcp
+    module: ejabberd_stun
+    use_turn: true
+    tls: true
+    turn_min_port: 49152
+    turn_max_port: 65535
+    ip: 0.0.0.0
+    turn_ip: 0.0.0.0
+  - port: 5280
+    module: ejabberd_http
+    tls: false
+    request_handlers:
+      /.well-known/acme-challenge: ejabberd_acme
+
+s2s_use_starttls: optional
+
+acl:
+  local:
+    user_regexp: ''
+  loopback:
+    ip:
+      - 127.0.0.0/8
+      - ::1/128
+      - ::FFFF:127.0.0.1/128
+  admin:
+    user:
+      - 'admin@localhost'
+
+access_rules:
+  local:
+    allow: local
+  c2s:
+    deny: blocked
+    allow: all
+  announce:
+    allow: admin
+  configure:
+    allow: admin
+  muc_create:
+    allow: local
+  pubsub_createnode:
+    allow: local
+  trusted_network:
+    allow: loopback
+
+api_permissions:
+  'console commands':
+    from:
+      - ejabberd_ctl
+    who: all
+    what: '*'
+  'admin access':
+    who:
+      access:
+        allow:
+          acl: admin
+      oauth:
+        scope: 'ejabberd:admin'
+        access:
+          allow:
+            acl: admin
+    what:
+      - '*'
+      - '!stop'
+      - '!start'
+  'public commands':
+    who:
+      ip: 127.0.0.1/8
+    what:
+      - '*'
+      - connected_users_number
+  'web admin':
+    who:
+      - access:
+          - allow:
+              - acl: loopback
+              - acl: admin
+      - oauth:
+          - scope: 'sasl_auth'
+          - access:
+              - allow:
+                  - acl: loopback
+                  - acl: admin
+    what:
+      - '*'
+      - '!stop'
+      - '!start'
+
+shaper:
+  normal: 1000
+  fast: 50000
+
+shaper_rules:
+  max_user_sessions: 10000
+  max_user_offline_messages:
+    5000: admin
+    100: all
+  c2s_shaper:
+    none: admin
+    normal: all
+  s2s_shaper: fast
+
+max_fsm_queue: 10000
+
+acme:
+  contact: 'mailto:devi@terminaldweller.com'
+  ca_url: 'https://acme-v01.api.letsencrypt.org'
+
+oauth_expire: 31536000
+oauth_access: all
+
+modules:
+  mod_stun_disco:
+    credentials_lifetime: 12h
+    services:
+      - host: 0.0.0.0
+        port: 3478
+        type: stun
+        transport: udp
+        restricted: false
+      - host: 0.0.0.0
+        port: 3478
+        type: turn
+        transport: udp
+        restricted: true
+      - host: rtcdev.site
+        port: 5349
+        type: stun
+        transport: tcp
+        restricted: false
+      - host: rtcdev.site
+        port: 5349
+        type: turn
+        transport: tcp
+        restricted: true
+  mod_adhoc: {}
+  mod_admin_extra: {}
+  mod_announce:
+    access: announce
+  mod_avatar: {}
+  mod_blocking: {}
+  mod_bosh: {}
+  mod_caps: {}
+  mod_carboncopy: {}
+  mod_client_state: {}
+  mod_configure: {}
+  mod_disco: {}
+  mod_fail2ban: {}
+  mod_http_api: {}
+  mod_http_upload:
+    put_url: https://@HOST@:5443/upload
+  mod_last: {}
+  mod_mam:
+    db_type: sql
+    assume_mam_usage: true
+    default: never
+  mod_mqtt: {}
+  mod_muc:
+    access:
+      - allow
+    access_admin:
+      - allow: admin
+    access_create: muc_create
+    access_persistent: muc_create
+    access_mam:
+      - allow
+    default_room_options:
+      allow_subscription: true
+      mam: false
+  mod_muc_admin: {}
+  mod_offline:
+    access_max_user_messages: max_user_offline_messages
+  mod_ping: {}
+  mod_privacy: {}
+  mod_private: {}
+  mod_proxy65:
+    access: local
+    max_connections: 5
+  mod_pubsub:
+    access_createnode: pubsub_createnode
+    plugins:
+      - flat
+      - pep
+    force_node_config:
+      storage:bookmarks:
+        access_model: whitelist
+  mod_push: {}
+  mod_push_keepalive: {}
+  mod_register:
+    ip_access: trusted_network
+  mod_roster:
+    versioning: true
+  mod_sip: {}
+  mod_s2s_dialback: {}
+  mod_shared_roster: {}
+  mod_stream_mgmt:
+    resend_on_timeout: if_offline
+  mod_vcard: {}
+  mod_vcard_xupdate: {}
+  mod_version:
+    show_os: false
-- 
cgit v1.2.3