ejabberd.yml.movim.example
· 11 KiB · Text
Raw
###
### ejabberd configuration file
###
### The parameters used in this configuration file are explained at
###
### https://docs.ejabberd.im/admin/configuration
###
### The configuration file is written in YAML.
### *******************************************************
### ******* !!! WARNING !!! *******
### ******* YAML IS INDENTATION SENSITIVE *******
### ******* MAKE SURE YOU INDENT SECTIONS CORRECTLY *******
### *******************************************************
### Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
###
hosts:
- example.org
- anon.example.org
host_config:
example.org:
auth_method: [ldap]
ldap_servers:
- 127.0.0.1
ldap_port: 389
ldap_uids:
- uid
ldap_rootdn: "uid=lldap_readonly,ou=people,dc=example,dc=org"
ldap_password: "thisisreadonly"
ldap_base: "ou=people,dc=example,dc=org"
anon.example.org: #Todo: disable http_upload
auth_method: [anonymous]
disable_sasl_mechanisms: [ "X-OAUTH2", "digest-md5" , "plain" ]
anonymous_protocol: sasl_anon
append_host_config:
example.org:
modules:
mod_http_upload:
put_url: https://uploads.@HOST@/upload
docroot: /data/exampleorg/xmpp/ejabberd/user-uploads
#max_size: 104857600 # 100 MiB (default)
file_mode: "0640"
dir_mode: "2750"
mod_http_upload_quota:
max_days: 365
loglevel: warning
# rotation: Disable ejabberd's internal log rotation
#log_rotate_count: 0
ca_file: /opt/ejabberd/conf/cacert.pem
#certfiles:
# - /opt/ejabberd/conf/server.pem
## If you already have certificates, list them here
certfiles:
- /data/exampleorg/xmpp/ejabberd/certs/*/*.pem
acme:
auto: false
# TLS configuration
define_macro:
'TLS_CIPHERS': "HIGH:!aNULL:!eNULL:!3DES:@STRENGTH"
'TLS_OPTIONS':
- "no_sslv3"
- "no_tlsv1"
- "no_tlsv1_1"
- "cipher_server_preference"
- "no_compression"
'DH_FILE': "/data/exampleorg/xmpp/ejabberd/certs/dhparams.pem"
# generated with: openssl dhparam -out dhparams.pem 2048
c2s_ciphers: 'TLS_CIPHERS'
s2s_ciphers: 'TLS_CIPHERS'
c2s_protocol_options: 'TLS_OPTIONS'
s2s_protocol_options: 'TLS_OPTIONS'
c2s_dhfile: 'DH_FILE'
s2s_dhfile: 'DH_FILE'
listen:
-
port: 5222
ip: "::"
module: ejabberd_c2s
max_stanza_size: 262144
shaper: c2s_shaper
access: c2s
starttls_required: true
protocol_options: 'TLS_OPTIONS'
-
port: 5223
ip: "::"
tls: true
module: ejabberd_c2s
max_stanza_size: 262144
shaper: c2s_shaper
access: c2s
starttls_required: true
-
port: 5269
ip: "::"
module: ejabberd_s2s_in
max_stanza_size: 524288
-
port: 5280
ip: "::"
# ip: "127.0.0.1"
protocol_options: 'TLS_OPTIONS'
module: ejabberd_http
request_handlers:
/admin: ejabberd_web_admin
/api: mod_http_api
/bosh: mod_bosh
# /captcha: ejabberd_captcha
/upload: mod_http_upload
/ws: ejabberd_http_ws
# /.well-known/acme-challenge: ejabberd_acme
custom_headers:
"Access-Control-Allow-Origin": "*"
"Access-Control-Allow-Methods": "OPTIONS, HEAD, GET, PUT"
"Access-Control-Allow-Headers": "Authorization"
"Access-Control-Allow-Credentials": "true"
## STUN/TURN ToDo
# -
# port: 3478
# ip: "::"
# transport: udp
# module: ejabberd_stun
# use_turn: true
## The server's public IPv4 address:
# turn_ipv4_address: "203.0.113.3"
## The server's public IPv6 address:
# turn_ipv6_address: "2001:db8::3"
# -
# port: 5349
# transport: tcp
# module: ejabberd_stun
# use_turn: true
# tls: true
# turn_min_port: 49152
# turn_max_port: 65535
# turn_ipv4_address: !!!!IP INTERFACE ADDRESS
# -
# port: 1883
# ip: "::"
# module: mod_mqtt
# backlog: 1000
## Matrix gateway
## ToDo: change port to avoid conflict with nginx/synapse and reverse-proxy it
# -
# port: 8448
# module: ejabberd_http
# tls: false
# request_handlers:
# "/_matrix": mod_matrix_gw
## XMPP Components
-
port: 5347
ip: "127.0.0.1"
module: ejabberd_service
global_routes: false
hosts:
# biboumi IRC gateways
irc.example.org:
password: "supersecretpasswordhere"
## Disabling digest-md5 SASL authentication. digest-md5 requires plain-text
## password storage (see auth_password_format option).
disable_sasl_mechanisms:
- "digest-md5"
## Disable SASL SCRAM Downgrade Protection (XEP-0474)
## Todo: remove once Movim supports XEP-0474
disable_sasl_scram_downgrade_protection: true
s2s_use_starttls: required
trusted_proxies:
- "127.0.0.1"
- "192.168.1.1"
## Postgresql database config
sql_type: pgsql
sql_database: 'ejabberd'
sql_username: 'ejabberd'
#sql_server: localhost
# Postgres container systemd-ejabberd-psql
sql_port: 5432
sql_password: 'anothersupersecretpasswordhere'
sql_prepared_statements: false
#sql_pool_size: 2 #default 10
new_sql_schema: true
update_sql_schema: true
# Use SQL as the default persistent database
default_db: sql
acl:
admin:
user:
- "admin@example.org"
local:
user_regexp: ""
loopback:
ip:
- 127.0.0.0/8
- ::1/128
access_rules:
local:
allow: local
c2s:
deny: blocked
allow: all
announce:
allow: admin
configure:
allow: admin
muc_create:
allow: local
pubsub_createnode:
allow: local
trusted_network:
allow: loopback
api_permissions:
"console commands":
from:
- ejabberd_ctl
who: all
what: "*"
"admin access":
who:
access:
allow:
- acl: loopback
- acl: admin
oauth:
scope: "ejabberd:admin"
access:
allow:
- acl: loopback
- acl: admin
what:
- "*"
- "!stop"
- "!start"
"public commands":
who:
ip: 127.0.0.1/8
what:
- status
- connected_users_number
shaper:
normal:
rate: 3000
burst_size: 20000
fast: 100000
shaper_rules:
max_user_sessions: 10
max_user_offline_messages:
5000: admin
100: all
c2s_shaper:
none: admin
normal: all
s2s_shaper: fast
soft_upload_quota:
250: all # MiB
hard_upload_quota:
300: all # MiB
modules:
mod_adhoc: {}
mod_admin_extra: {}
mod_announce:
access: announce
mod_avatar: {}
mod_blocking: {}
mod_bosh: {}
mod_caps: {}
mod_carboncopy: {}
mod_client_state: {}
mod_configure: {}
mod_disco:
server_info:
-
modules: all
name: "admin-addresses"
urls:
- "xmpp:admin@example.org"
-
modules: all
name: "security-addresses"
urls:
- "xmpp:support@chat.example.org?join"
-
modules: all
name: "abuse-addresses"
urls:
- "xmpp:support@chat.example.org?join"
-
modules: all
name: "feedback-addresses"
urls:
- "xmpp:support@chat.example.org?join"
-
modules: all
name: "support-addresses"
urls:
- "mailto:info@example.org"
# mod_fail2ban: {}
mod_host_meta:
bosh_service_url: "https://chat.@HOST@/bosh"
websocket_url: "wss://chat.@HOST@/ws"
mod_http_api: {}
# mod_http_upload:
# put_url: https://uploads.@HOST@/upload
# docroot: /data/exampleorg/xmpp/user-uploads
# #max_size: 104857600 # 100 MiB (default)
# file_mode: "0640"
# dir_mode: "2750"
# #custom_headers:
# # "Access-Control-Allow-Origin": "https://@HOST@"
# # "Access-Control-Allow-Origin": "*"
# # "Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS"
# # "Access-Control-Allow-Headers": "Content-Type"
# # "Access-Control-Allow-Headers": "Authorization"
# # "Access-Control-Allow-Credentials": "true"
# #thumbnail: false # otherwise needs the identify command from ImageMagick installed
# mod_http_upload_quota:
# max_days: 365
mod_last: {}
mod_mam:
db_type: sql
assume_mam_usage: true
default: always
user_mucsub_from_muc_archive: true
compress_xml: true
# mod_matrix_gw:
# host: "matrix.@HOST@"
# matrix_domain: "@HOST@"
# key_name: "somename"
# key: "yourkeyinbase64"
# matrix_id_as_jid: false
# mod_mqtt: {}
mod_muc:
host: "chat.@HOST@"
access:
- allow
access_admin:
- allow: admin
access_create: muc_create
access_persistent: muc_create
access_mam:
- allow
max_users: 400 #default 200
max_users_presence: 2000 #default 1000
min_message_interval: 0.4 #spam rate limit
history_size: 50 #default 20
default_room_options:
allow_subscription: true
allow_change_subj: false
mam: true
persistent: true
anonymous: false
members_only: true
allow_user_invites: true
public: false
public_list: false
lang: "en"
mod_muc_admin: {}
mod_muc_occupantid: {}
mod_muc_rtbl: {}
mod_offline:
access_max_user_messages: max_user_offline_messages
mod_ping: {}
mod_pres_counter:
count: 5
interval: 60
mod_privacy: {}
mod_private: {}
mod_proxy65:
access: local
max_connections: 5
mod_pubsub:
#access_createnode: pubsub_createnode
access_createnode: local
ignore_pep_from_offline: false
last_item_cache: false
max_items_node: 1000
default_node_config:
max_items: 1000
plugins:
- flat
- pep
force_node_config:
## Avoid buggy clients to make their bookmarks public
"storage:bookmarks":
access_model: whitelist
persist_items: true
## Enforce pubsub config for Movim
"eu.siacs.conversations.axolotl.*":
access_model: open
"urn:xmpp:bookmarks:0":
access_model: whitelist
send_last_published_item: never
persist_items: true
max_items: infinity
"urn:xmpp:bookmarks:1":
access_model: whitelist
send_last_published_item: never
persist_items: true
max_items: infinity
"urn:xmpp:pubsub:movim-public-subscription":
access_model: whitelist
persist_items: true
max_items: infinity
"urn:xmpp:microblog:0":
max_items: infinity
access_model: presence
notify_retract: true
persist_items: true
"urn:xmpp:microblog:0:comments*":
max_items: infinity
access_model: open
notify_retract: true
persist_items: true
mod_push: {}
mod_push_keepalive: {}
mod_register:
## No registration via XMPP supported, redirect to
## Todo: make vhost specific
redirect_url: "https://example.org/"
## Only accept registration requests from the "trusted"
## network (see access_rules section above).
## Think twice before enabling registration from any
## address. See the Jabber SPAM Manifesto for details:
## https://github.com/ge0rg/jabber-spam-fighting-manifesto
#ip_access: trusted_network
mod_roster:
versioning: true
mod_s2s_dialback: {}
mod_shared_roster: {}
mod_stream_mgmt:
resend_on_timeout: if_offline
mod_stun_disco:
credentials_lifetime: 6h
mod_vcard:
search: false
mod_vcard_xupdate: {}
mod_version:
show_os: false
allow_contrib_modules: true
### Local Variables:
### mode: yaml
### End:
### vim: set filetype=yaml tabstop=8
1 | ### |
2 | ### ejabberd configuration file |
3 | ### |
4 | ### The parameters used in this configuration file are explained at |
5 | ### |
6 | ### https://docs.ejabberd.im/admin/configuration |
7 | ### |
8 | ### The configuration file is written in YAML. |
9 | ### ******************************************************* |
10 | ### ******* !!! WARNING !!! ******* |
11 | ### ******* YAML IS INDENTATION SENSITIVE ******* |
12 | ### ******* MAKE SURE YOU INDENT SECTIONS CORRECTLY ******* |
13 | ### ******************************************************* |
14 | ### Refer to http://en.wikipedia.org/wiki/YAML for the brief description. |
15 | ### |
16 | |
17 | hosts: |
18 | - example.org |
19 | - anon.example.org |
20 | |
21 | host_config: |
22 | example.org: |
23 | auth_method: [ldap] |
24 | ldap_servers: |
25 | - 127.0.0.1 |
26 | ldap_port: 389 |
27 | ldap_uids: |
28 | - uid |
29 | ldap_rootdn: "uid=lldap_readonly,ou=people,dc=example,dc=org" |
30 | ldap_password: "thisisreadonly" |
31 | ldap_base: "ou=people,dc=example,dc=org" |
32 | anon.example.org: #Todo: disable http_upload |
33 | auth_method: [anonymous] |
34 | disable_sasl_mechanisms: [ "X-OAUTH2", "digest-md5" , "plain" ] |
35 | anonymous_protocol: sasl_anon |
36 | |
37 | append_host_config: |
38 | example.org: |
39 | modules: |
40 | mod_http_upload: |
41 | put_url: https://uploads.@HOST@/upload |
42 | docroot: /data/exampleorg/xmpp/ejabberd/user-uploads |
43 | #max_size: 104857600 # 100 MiB (default) |
44 | file_mode: "0640" |
45 | dir_mode: "2750" |
46 | mod_http_upload_quota: |
47 | max_days: 365 |
48 | |
49 | loglevel: warning |
50 | |
51 | # rotation: Disable ejabberd's internal log rotation |
52 | #log_rotate_count: 0 |
53 | |
54 | ca_file: /opt/ejabberd/conf/cacert.pem |
55 | |
56 | #certfiles: |
57 | # - /opt/ejabberd/conf/server.pem |
58 | |
59 | ## If you already have certificates, list them here |
60 | certfiles: |
61 | - /data/exampleorg/xmpp/ejabberd/certs/*/*.pem |
62 | |
63 | acme: |
64 | auto: false |
65 | |
66 | # TLS configuration |
67 | define_macro: |
68 | 'TLS_CIPHERS': "HIGH:!aNULL:!eNULL:!3DES:@STRENGTH" |
69 | 'TLS_OPTIONS': |
70 | - "no_sslv3" |
71 | - "no_tlsv1" |
72 | - "no_tlsv1_1" |
73 | - "cipher_server_preference" |
74 | - "no_compression" |
75 | 'DH_FILE': "/data/exampleorg/xmpp/ejabberd/certs/dhparams.pem" |
76 | # generated with: openssl dhparam -out dhparams.pem 2048 |
77 | |
78 | c2s_ciphers: 'TLS_CIPHERS' |
79 | s2s_ciphers: 'TLS_CIPHERS' |
80 | c2s_protocol_options: 'TLS_OPTIONS' |
81 | s2s_protocol_options: 'TLS_OPTIONS' |
82 | c2s_dhfile: 'DH_FILE' |
83 | s2s_dhfile: 'DH_FILE' |
84 | |
85 | listen: |
86 | - |
87 | port: 5222 |
88 | ip: "::" |
89 | module: ejabberd_c2s |
90 | max_stanza_size: 262144 |
91 | shaper: c2s_shaper |
92 | access: c2s |
93 | starttls_required: true |
94 | protocol_options: 'TLS_OPTIONS' |
95 | - |
96 | port: 5223 |
97 | ip: "::" |
98 | tls: true |
99 | module: ejabberd_c2s |
100 | max_stanza_size: 262144 |
101 | shaper: c2s_shaper |
102 | access: c2s |
103 | starttls_required: true |
104 | - |
105 | port: 5269 |
106 | ip: "::" |
107 | module: ejabberd_s2s_in |
108 | max_stanza_size: 524288 |
109 | - |
110 | port: 5280 |
111 | ip: "::" |
112 | # ip: "127.0.0.1" |
113 | protocol_options: 'TLS_OPTIONS' |
114 | module: ejabberd_http |
115 | request_handlers: |
116 | /admin: ejabberd_web_admin |
117 | /api: mod_http_api |
118 | /bosh: mod_bosh |
119 | # /captcha: ejabberd_captcha |
120 | /upload: mod_http_upload |
121 | /ws: ejabberd_http_ws |
122 | # /.well-known/acme-challenge: ejabberd_acme |
123 | custom_headers: |
124 | "Access-Control-Allow-Origin": "*" |
125 | "Access-Control-Allow-Methods": "OPTIONS, HEAD, GET, PUT" |
126 | "Access-Control-Allow-Headers": "Authorization" |
127 | "Access-Control-Allow-Credentials": "true" |
128 | ## STUN/TURN ToDo |
129 | # - |
130 | # port: 3478 |
131 | # ip: "::" |
132 | # transport: udp |
133 | # module: ejabberd_stun |
134 | # use_turn: true |
135 | ## The server's public IPv4 address: |
136 | # turn_ipv4_address: "203.0.113.3" |
137 | ## The server's public IPv6 address: |
138 | # turn_ipv6_address: "2001:db8::3" |
139 | # - |
140 | # port: 5349 |
141 | # transport: tcp |
142 | # module: ejabberd_stun |
143 | # use_turn: true |
144 | # tls: true |
145 | # turn_min_port: 49152 |
146 | # turn_max_port: 65535 |
147 | # turn_ipv4_address: !!!!IP INTERFACE ADDRESS |
148 | # - |
149 | # port: 1883 |
150 | # ip: "::" |
151 | # module: mod_mqtt |
152 | # backlog: 1000 |
153 | ## Matrix gateway |
154 | ## ToDo: change port to avoid conflict with nginx/synapse and reverse-proxy it |
155 | # - |
156 | # port: 8448 |
157 | # module: ejabberd_http |
158 | # tls: false |
159 | # request_handlers: |
160 | # "/_matrix": mod_matrix_gw |
161 | ## XMPP Components |
162 | - |
163 | port: 5347 |
164 | ip: "127.0.0.1" |
165 | module: ejabberd_service |
166 | global_routes: false |
167 | hosts: |
168 | # biboumi IRC gateways |
169 | irc.example.org: |
170 | password: "supersecretpasswordhere" |
171 | |
172 | ## Disabling digest-md5 SASL authentication. digest-md5 requires plain-text |
173 | ## password storage (see auth_password_format option). |
174 | disable_sasl_mechanisms: |
175 | - "digest-md5" |
176 | |
177 | ## Disable SASL SCRAM Downgrade Protection (XEP-0474) |
178 | ## Todo: remove once Movim supports XEP-0474 |
179 | disable_sasl_scram_downgrade_protection: true |
180 | |
181 | s2s_use_starttls: required |
182 | |
183 | trusted_proxies: |
184 | - "127.0.0.1" |
185 | - "192.168.1.1" |
186 | |
187 | ## Postgresql database config |
188 | sql_type: pgsql |
189 | sql_database: 'ejabberd' |
190 | sql_username: 'ejabberd' |
191 | #sql_server: localhost |
192 | # Postgres container systemd-ejabberd-psql |
193 | sql_port: 5432 |
194 | sql_password: 'anothersupersecretpasswordhere' |
195 | sql_prepared_statements: false |
196 | #sql_pool_size: 2 #default 10 |
197 | new_sql_schema: true |
198 | update_sql_schema: true |
199 | |
200 | # Use SQL as the default persistent database |
201 | default_db: sql |
202 | |
203 | acl: |
204 | admin: |
205 | user: |
206 | - "admin@example.org" |
207 | local: |
208 | user_regexp: "" |
209 | loopback: |
210 | ip: |
211 | - 127.0.0.0/8 |
212 | - ::1/128 |
213 | |
214 | access_rules: |
215 | local: |
216 | allow: local |
217 | c2s: |
218 | deny: blocked |
219 | allow: all |
220 | announce: |
221 | allow: admin |
222 | configure: |
223 | allow: admin |
224 | muc_create: |
225 | allow: local |
226 | pubsub_createnode: |
227 | allow: local |
228 | trusted_network: |
229 | allow: loopback |
230 | |
231 | api_permissions: |
232 | "console commands": |
233 | from: |
234 | - ejabberd_ctl |
235 | who: all |
236 | what: "*" |
237 | "admin access": |
238 | who: |
239 | access: |
240 | allow: |
241 | - acl: loopback |
242 | - acl: admin |
243 | oauth: |
244 | scope: "ejabberd:admin" |
245 | access: |
246 | allow: |
247 | - acl: loopback |
248 | - acl: admin |
249 | what: |
250 | - "*" |
251 | - "!stop" |
252 | - "!start" |
253 | "public commands": |
254 | who: |
255 | ip: 127.0.0.1/8 |
256 | what: |
257 | - status |
258 | - connected_users_number |
259 | |
260 | shaper: |
261 | normal: |
262 | rate: 3000 |
263 | burst_size: 20000 |
264 | fast: 100000 |
265 | |
266 | shaper_rules: |
267 | max_user_sessions: 10 |
268 | max_user_offline_messages: |
269 | 5000: admin |
270 | 100: all |
271 | c2s_shaper: |
272 | none: admin |
273 | normal: all |
274 | s2s_shaper: fast |
275 | soft_upload_quota: |
276 | 250: all # MiB |
277 | hard_upload_quota: |
278 | 300: all # MiB |
279 | |
280 | modules: |
281 | mod_adhoc: {} |
282 | mod_admin_extra: {} |
283 | mod_announce: |
284 | access: announce |
285 | mod_avatar: {} |
286 | mod_blocking: {} |
287 | mod_bosh: {} |
288 | mod_caps: {} |
289 | mod_carboncopy: {} |
290 | mod_client_state: {} |
291 | mod_configure: {} |
292 | mod_disco: |
293 | server_info: |
294 | - |
295 | modules: all |
296 | name: "admin-addresses" |
297 | urls: |
298 | - "xmpp:admin@example.org" |
299 | - |
300 | modules: all |
301 | name: "security-addresses" |
302 | urls: |
303 | - "xmpp:support@chat.example.org?join" |
304 | - |
305 | modules: all |
306 | name: "abuse-addresses" |
307 | urls: |
308 | - "xmpp:support@chat.example.org?join" |
309 | - |
310 | modules: all |
311 | name: "feedback-addresses" |
312 | urls: |
313 | - "xmpp:support@chat.example.org?join" |
314 | - |
315 | modules: all |
316 | name: "support-addresses" |
317 | urls: |
318 | - "mailto:info@example.org" |
319 | # mod_fail2ban: {} |
320 | mod_host_meta: |
321 | bosh_service_url: "https://chat.@HOST@/bosh" |
322 | websocket_url: "wss://chat.@HOST@/ws" |
323 | mod_http_api: {} |
324 | # mod_http_upload: |
325 | # put_url: https://uploads.@HOST@/upload |
326 | # docroot: /data/exampleorg/xmpp/user-uploads |
327 | # #max_size: 104857600 # 100 MiB (default) |
328 | # file_mode: "0640" |
329 | # dir_mode: "2750" |
330 | # #custom_headers: |
331 | # # "Access-Control-Allow-Origin": "https://@HOST@" |
332 | # # "Access-Control-Allow-Origin": "*" |
333 | # # "Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS" |
334 | # # "Access-Control-Allow-Headers": "Content-Type" |
335 | # # "Access-Control-Allow-Headers": "Authorization" |
336 | # # "Access-Control-Allow-Credentials": "true" |
337 | # #thumbnail: false # otherwise needs the identify command from ImageMagick installed |
338 | # mod_http_upload_quota: |
339 | # max_days: 365 |
340 | mod_last: {} |
341 | mod_mam: |
342 | db_type: sql |
343 | assume_mam_usage: true |
344 | default: always |
345 | user_mucsub_from_muc_archive: true |
346 | compress_xml: true |
347 | # mod_matrix_gw: |
348 | # host: "matrix.@HOST@" |
349 | # matrix_domain: "@HOST@" |
350 | # key_name: "somename" |
351 | # key: "yourkeyinbase64" |
352 | # matrix_id_as_jid: false |
353 | # mod_mqtt: {} |
354 | mod_muc: |
355 | host: "chat.@HOST@" |
356 | access: |
357 | - allow |
358 | access_admin: |
359 | - allow: admin |
360 | access_create: muc_create |
361 | access_persistent: muc_create |
362 | access_mam: |
363 | - allow |
364 | max_users: 400 #default 200 |
365 | max_users_presence: 2000 #default 1000 |
366 | min_message_interval: 0.4 #spam rate limit |
367 | history_size: 50 #default 20 |
368 | default_room_options: |
369 | allow_subscription: true |
370 | allow_change_subj: false |
371 | mam: true |
372 | persistent: true |
373 | anonymous: false |
374 | members_only: true |
375 | allow_user_invites: true |
376 | public: false |
377 | public_list: false |
378 | lang: "en" |
379 | mod_muc_admin: {} |
380 | mod_muc_occupantid: {} |
381 | mod_muc_rtbl: {} |
382 | mod_offline: |
383 | access_max_user_messages: max_user_offline_messages |
384 | mod_ping: {} |
385 | mod_pres_counter: |
386 | count: 5 |
387 | interval: 60 |
388 | mod_privacy: {} |
389 | mod_private: {} |
390 | mod_proxy65: |
391 | access: local |
392 | max_connections: 5 |
393 | mod_pubsub: |
394 | #access_createnode: pubsub_createnode |
395 | access_createnode: local |
396 | ignore_pep_from_offline: false |
397 | last_item_cache: false |
398 | max_items_node: 1000 |
399 | default_node_config: |
400 | max_items: 1000 |
401 | plugins: |
402 | - flat |
403 | - pep |
404 | force_node_config: |
405 | ## Avoid buggy clients to make their bookmarks public |
406 | "storage:bookmarks": |
407 | access_model: whitelist |
408 | persist_items: true |
409 | ## Enforce pubsub config for Movim |
410 | "eu.siacs.conversations.axolotl.*": |
411 | access_model: open |
412 | "urn:xmpp:bookmarks:0": |
413 | access_model: whitelist |
414 | send_last_published_item: never |
415 | persist_items: true |
416 | max_items: infinity |
417 | "urn:xmpp:bookmarks:1": |
418 | access_model: whitelist |
419 | send_last_published_item: never |
420 | persist_items: true |
421 | max_items: infinity |
422 | "urn:xmpp:pubsub:movim-public-subscription": |
423 | access_model: whitelist |
424 | persist_items: true |
425 | max_items: infinity |
426 | "urn:xmpp:microblog:0": |
427 | max_items: infinity |
428 | access_model: presence |
429 | notify_retract: true |
430 | persist_items: true |
431 | "urn:xmpp:microblog:0:comments*": |
432 | max_items: infinity |
433 | access_model: open |
434 | notify_retract: true |
435 | persist_items: true |
436 | mod_push: {} |
437 | mod_push_keepalive: {} |
438 | mod_register: |
439 | ## No registration via XMPP supported, redirect to |
440 | ## Todo: make vhost specific |
441 | redirect_url: "https://example.org/" |
442 | ## Only accept registration requests from the "trusted" |
443 | ## network (see access_rules section above). |
444 | ## Think twice before enabling registration from any |
445 | ## address. See the Jabber SPAM Manifesto for details: |
446 | ## https://github.com/ge0rg/jabber-spam-fighting-manifesto |
447 | #ip_access: trusted_network |
448 | mod_roster: |
449 | versioning: true |
450 | mod_s2s_dialback: {} |
451 | mod_shared_roster: {} |
452 | mod_stream_mgmt: |
453 | resend_on_timeout: if_offline |
454 | mod_stun_disco: |
455 | credentials_lifetime: 6h |
456 | mod_vcard: |
457 | search: false |
458 | mod_vcard_xupdate: {} |
459 | mod_version: |
460 | show_os: false |
461 | |
462 | allow_contrib_modules: true |
463 | ### Local Variables: |
464 | ### mode: yaml |
465 | ### End: |
466 | ### vim: set filetype=yaml tabstop=8 |
467 |