2003-01-07 20:10:35 +01:00
|
|
|
% $Id$
|
|
|
|
|
2003-02-09 20:17:23 +01:00
|
|
|
%override_acls.
|
2003-02-02 20:49:19 +01:00
|
|
|
|
2003-01-19 21:17:56 +01:00
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% Users that have admin access. Add line like one of the following after you
|
|
|
|
% will be successfully registered on server to get admin access:
|
|
|
|
%{acl, admin, {user, "aleksey"}}.
|
|
|
|
%{acl, admin, {user, "ermine"}}.
|
2003-02-01 21:21:28 +01:00
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% Blocked users:
|
|
|
|
%{acl, blocked, {user, "test"}}.
|
2003-01-18 20:42:48 +01:00
|
|
|
|
2004-01-11 21:42:57 +01:00
|
|
|
% Local users:
|
|
|
|
{acl, local, {user_regexp, ""}}.
|
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% Another examples of ACLs:
|
|
|
|
%{acl, jabberorg, {server, "jabber.org"}}.
|
|
|
|
%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
|
2003-10-12 20:21:16 +02:00
|
|
|
%{acl, test, {user_regexp, "^test"}}.
|
2003-10-11 19:39:36 +02:00
|
|
|
%{acl, test, {user_glob, "test*"}}.
|
2003-01-29 21:21:14 +01:00
|
|
|
|
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% Only admins can use configuration interface:
|
|
|
|
{access, configure, [{allow, admin}]}.
|
2003-02-09 20:17:23 +01:00
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% Every username can be registered via in-band registration:
|
2005-12-06 20:32:50 +01:00
|
|
|
% You could replace {allow, all} with {deny, all} to prevent user from using
|
|
|
|
% in-band registration
|
2003-10-11 19:39:36 +02:00
|
|
|
{access, register, [{allow, all}]}.
|
2003-02-09 20:17:23 +01:00
|
|
|
|
2003-10-14 21:34:17 +02:00
|
|
|
% After successful registration user will get message with following subject
|
|
|
|
% and body:
|
|
|
|
{welcome_message,
|
|
|
|
{"Welcome!",
|
|
|
|
"Welcome to Jabber Service. "
|
|
|
|
"For information about Jabber visit http://jabber.org"}}.
|
|
|
|
% Replace them with 'none' if you don't want to send such message:
|
|
|
|
%{welcome_message, none}.
|
|
|
|
|
2003-10-19 18:19:55 +02:00
|
|
|
% List of people who will get notifications about registered users
|
|
|
|
%{registration_watchers, ["admin1@localhost",
|
|
|
|
% "admin2@localhost"]}.
|
|
|
|
|
|
|
|
% Only admins can send announcement messages:
|
|
|
|
{access, announce, [{allow, admin}]}.
|
|
|
|
|
2003-01-19 21:17:56 +01:00
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% Only non-blocked users can use c2s connections:
|
2003-02-01 21:21:28 +01:00
|
|
|
{access, c2s, [{deny, blocked},
|
|
|
|
{allow, all}]}.
|
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% Set shaper with name "normal" to limit traffic speed to 1000B/s
|
|
|
|
{shaper, normal, {maxrate, 1000}}.
|
2003-02-09 20:17:23 +01:00
|
|
|
|
2003-11-10 22:25:36 +01:00
|
|
|
% Set shaper with name "fast" to limit traffic speed to 50000B/s
|
|
|
|
{shaper, fast, {maxrate, 50000}}.
|
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% For all users except admins used "normal" shaper
|
2003-02-09 20:17:23 +01:00
|
|
|
{access, c2s_shaper, [{none, admin},
|
|
|
|
{normal, all}]}.
|
|
|
|
|
2003-11-10 22:25:36 +01:00
|
|
|
% For all S2S connections used "fast" shaper
|
|
|
|
{access, s2s_shaper, [{fast, all}]}.
|
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% Admins of this server are also admins of MUC service:
|
2003-03-27 21:55:09 +01:00
|
|
|
{access, muc_admin, [{allow, admin}]}.
|
|
|
|
|
2004-05-17 22:36:41 +02:00
|
|
|
% All users are allowed to use MUC service:
|
|
|
|
{access, muc, [{allow, all}]}.
|
|
|
|
|
2004-01-11 21:42:57 +01:00
|
|
|
% This rule allows access only for local users:
|
|
|
|
{access, local, [{allow, local}]}.
|
|
|
|
|
2003-11-23 21:11:21 +01:00
|
|
|
|
2006-04-07 02:39:24 +02:00
|
|
|
% Authentication method. If you want to use internal user base, then use
|
2003-11-23 21:11:21 +01:00
|
|
|
% this line:
|
|
|
|
{auth_method, internal}.
|
|
|
|
|
2006-04-07 02:39:24 +02:00
|
|
|
% For LDAP authentication use these lines instead of above one:
|
2003-11-23 21:11:21 +01:00
|
|
|
%{auth_method, ldap}.
|
|
|
|
%{ldap_servers, ["localhost"]}. % List of LDAP servers
|
2003-11-27 21:16:10 +01:00
|
|
|
%{ldap_uidattr, "uid"}. % LDAP attribute that holds user ID
|
2005-04-27 03:08:18 +02:00
|
|
|
%{ldap_base, "dc=example,dc=com"}. % Search base of LDAP directory
|
|
|
|
%{ldap_rootdn, "dc=example,dc=com"}. % LDAP manager
|
|
|
|
%{ldap_password, "******"}. % Password to LDAP manager
|
2003-11-23 21:11:21 +01:00
|
|
|
|
2006-04-07 02:39:24 +02:00
|
|
|
% For authentication via external script use the following:
|
2004-10-08 22:40:29 +02:00
|
|
|
%{auth_method, external}.
|
2006-04-07 02:39:24 +02:00
|
|
|
%{extauth_program, "/path/to/authentication/script"}.
|
2004-10-08 22:40:29 +02:00
|
|
|
|
2006-04-07 02:39:24 +02:00
|
|
|
% For authentication via ODBC use the following:
|
2005-04-18 20:41:57 +02:00
|
|
|
%{auth_method, odbc}.
|
|
|
|
%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.
|
|
|
|
|
2003-11-23 21:11:21 +01:00
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% Host name:
|
2005-04-18 20:41:57 +02:00
|
|
|
{hosts, ["localhost"]}.
|
2003-02-09 20:17:23 +01:00
|
|
|
|
2003-01-07 20:10:35 +01:00
|
|
|
|
2006-04-07 02:39:24 +02:00
|
|
|
%% Anonymous login support:
|
|
|
|
%% anonymous_protocol: sasl_anon|login_anon|both
|
|
|
|
%% allow_multiple_connections: true|false
|
|
|
|
%% anon_digest_password: "anonymous" (this is the default password that should
|
|
|
|
%% be use for digest login).
|
|
|
|
%%{host_config, "public.example.org", [{auth_method, anonymous},
|
|
|
|
%% {allow_multiple_connections, false},
|
|
|
|
%% {anonymous_protocol, sasl_anon},
|
|
|
|
%% {anon_digest_password, "anonymous"}]}.
|
|
|
|
%% To use both anonymous and internal authentication:
|
|
|
|
%%{host_config, "public.example.org", [{auth_method, [anonymous, internal]}]}.
|
|
|
|
|
2004-07-10 00:34:26 +02:00
|
|
|
% Default language for server messages
|
|
|
|
{language, "en"}.
|
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% Listened ports:
|
2004-05-17 22:36:41 +02:00
|
|
|
{listen,
|
2004-08-08 21:07:55 +02:00
|
|
|
[{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper},
|
|
|
|
starttls, {certfile, "./ssl.pem"}]},
|
|
|
|
{5223, ejabberd_c2s, [{access, c2s},
|
|
|
|
tls, {certfile, "./ssl.pem"}]},
|
|
|
|
% Use these two lines instead if TLS support is not compiled
|
|
|
|
%{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}]},
|
|
|
|
%{5223, ejabberd_c2s, [{access, c2s}, ssl, {certfile, "./ssl.pem"}]},
|
2004-05-17 22:36:41 +02:00
|
|
|
{5269, ejabberd_s2s_in, [{shaper, s2s_shaper}]},
|
2004-05-22 21:48:35 +02:00
|
|
|
{5280, ejabberd_http, [http_poll, web_admin]},
|
2004-05-17 22:36:41 +02:00
|
|
|
{8888, ejabberd_service, [{access, all},
|
2004-05-22 21:48:35 +02:00
|
|
|
{hosts, ["icq.localhost", "sms.localhost"],
|
2004-05-17 22:36:41 +02:00
|
|
|
[{password, "secret"}]}]}
|
|
|
|
]}.
|
2003-01-07 20:10:35 +01:00
|
|
|
|
2005-10-25 03:08:37 +02:00
|
|
|
|
|
|
|
% Use STARTTLS+Dialback for S2S connections
|
|
|
|
{s2s_use_starttls, true}.
|
|
|
|
{s2s_certfile, "./ssl.pem"}.
|
2005-11-05 22:15:53 +01:00
|
|
|
%{domain_certfile, "example.org", "./example_org.pem"}.
|
|
|
|
%{domain_certfile, "example.com", "./example_com.pem"}.
|
2005-10-25 03:08:37 +02:00
|
|
|
|
2003-10-19 18:19:55 +02:00
|
|
|
% If SRV lookup fails, then port 5269 is used to communicate with remote server
|
2003-10-11 19:39:36 +02:00
|
|
|
{outgoing_s2s_port, 5269}.
|
|
|
|
|
2003-01-29 18:12:23 +01:00
|
|
|
|
2003-10-11 19:39:36 +02:00
|
|
|
% Used modules:
|
2004-05-17 22:36:41 +02:00
|
|
|
{modules,
|
|
|
|
[
|
2004-07-11 22:51:54 +02:00
|
|
|
{mod_register, [{access, register}]},
|
2004-05-17 22:36:41 +02:00
|
|
|
{mod_roster, []},
|
|
|
|
{mod_privacy, []},
|
2006-01-19 03:17:31 +01:00
|
|
|
{mod_adhoc, []},
|
|
|
|
{mod_configure, []}, % Depends on mod_adhoc
|
2004-05-17 22:36:41 +02:00
|
|
|
{mod_configure2, []},
|
|
|
|
{mod_disco, []},
|
|
|
|
{mod_stats, []},
|
|
|
|
{mod_vcard, []},
|
|
|
|
{mod_offline, []},
|
2006-01-19 03:17:31 +01:00
|
|
|
{mod_announce, [{access, announce}]}, % Depends on mod_adhoc
|
2004-05-17 22:36:41 +02:00
|
|
|
{mod_echo, [{host, "echo.localhost"}]},
|
|
|
|
{mod_private, []},
|
|
|
|
{mod_irc, []},
|
|
|
|
% Default options for mod_muc:
|
|
|
|
% host: "conference." ++ ?MYNAME
|
|
|
|
% access: all
|
|
|
|
% access_create: all
|
|
|
|
% access_admin: none (only room creator has owner privileges)
|
|
|
|
{mod_muc, [{access, muc},
|
|
|
|
{access_create, muc},
|
|
|
|
{access_admin, muc_admin}]},
|
|
|
|
{mod_pubsub, []},
|
|
|
|
{mod_time, []},
|
|
|
|
{mod_last, []},
|
|
|
|
{mod_version, []}
|
|
|
|
]}.
|
2003-01-07 20:10:35 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
% Local Variables:
|
|
|
|
% mode: erlang
|
|
|
|
% End:
|