ejabberd is a free and open source instant messaging server written in Erlang/OTP.
ejabberd is cross-platform, distributed, fault-tolerant, and based on open standards to achieve real-time communication.
ejabberd is designed to be a rock-solid and feature rich XMPP server.
ejabberd is suitable for small deployments, whether they need to be scalable or not, as well as extremely big deployments.
ejabberd is: diff --git a/doc/features.html b/doc/features.html index 04487a14f..e751b7c7b 100644 --- a/doc/features.html +++ b/doc/features.html @@ -61,7 +61,7 @@ SPAN{width:20%; float:right; text-align:left; margin-left:auto;}
I can thoroughly recommend ejabberd for ease of setup – Kevin Smith, Current maintainer of the Psi project
I just tried out ejabberd and was impressed both by ejabberd itself and the language it is written in, Erlang. — -Joeri
ejabberd is a free and open source instant messaging server written in Erlang.
ejabberd is cross-platform, distributed, fault-tolerant, and based on open standards to achieve real-time communication.
ejabberd is designed to be a rock-solid and feature rich XMPP server.
ejabberd is suitable for small deployments, whether they need to be scalable or not, as well as extremely big deployments.
+Joeriejabberd is a free and open source instant messaging server written in Erlang/OTP.
ejabberd is cross-platform, distributed, fault-tolerant, and based on open standards to achieve real-time communication.
ejabberd is designed to be a rock-solid and feature rich XMPP server.
ejabberd is suitable for small deployments, whether they need to be scalable or not, as well as extremely big deployments.
Erlang seems to be tailor-made for writing stable, robust servers. — diff --git a/doc/guide.html b/doc/guide.html index 4770c5308..e360d7628 100644 --- a/doc/guide.html +++ b/doc/guide.html @@ -6,7 +6,7 @@ - ejabberd 2.1.0-alpha + ejabberd 3.0.0-alpha Installation and Operation Guide @@ -76,7 +76,7 @@ BLOCKQUOTE.figure DIV.center DIV.center HR{display:none;}-
-
+ ejabberd 2.1.0-alpha
ejabberd 3.0.0-alpha Installation and Operation Guide
@@ -124,45 +124,45 @@ BLOCKQUOTE.figure DIV.center DIV.center HR{display:none;}3.1.6 Shapers 3.1.7 Default Language 3.1.8 CAPTCHA - 3.1.9 Include Additional Configuration Files - 3.1.10 Option Macros in Configuration File + 3.1.9 STUN + 3.1.10 Include Additional Configuration Files + 3.1.11 Option Macros in Configuration File -3.2 Database and LDAP Configuration + 3.2 Database and LDAP Configuration - 3.3 Modules Configuration + 3.3 Modules Configuration
- -3.3.1 Modules Overview -
- 3.3.2 Common Options -
- 3.3.3 mod_announce -
- 3.3.4 mod_disco -
- 3.3.5 mod_echo -
- 3.3.6 mod_http_bind -
- 3.3.7 mod_http_fileserver -
- 3.3.8 mod_irc -
- 3.3.9 mod_last -
- 3.3.10 mod_muc -
- 3.3.11 mod_muc_log -
- 3.3.12 mod_offline -
- 3.3.13 mod_ping -
- 3.3.14 mod_privacy -
- 3.3.15 mod_private -
- 3.3.16 mod_proxy65 -
- 3.3.17 mod_pubsub -
- 3.3.18 mod_register -
- 3.3.19 mod_roster -
- 3.3.20 mod_service_log -
- 3.3.21 mod_shared_roster -
- 3.3.22 mod_stats -
- 3.3.23 mod_time -
- 3.3.24 mod_vcard -
- 3.3.25 mod_vcard_ldap -
- 3.3.26 mod_version +3.3.1 Modules Overview +
- 3.3.2 Common Options +
- 3.3.3 mod_announce +
- 3.3.4 mod_disco +
- 3.3.5 mod_echo +
- 3.3.6 mod_http_bind +
- 3.3.7 mod_http_fileserver +
- 3.3.8 mod_last +
- 3.3.9 mod_muc +
- 3.3.10 mod_muc_log +
- 3.3.11 mod_offline +
- 3.3.12 mod_ping +
- 3.3.13 mod_privacy +
- 3.3.14 mod_private +
- 3.3.15 mod_proxy65 +
- 3.3.16 mod_pubsub +
- 3.3.17 mod_register +
- 3.3.18 mod_roster +
- 3.3.19 mod_service_log +
- 3.3.20 mod_shared_roster +
- 3.3.21 mod_stats +
- 3.3.22 mod_time +
- 3.3.23 mod_vcard +
- 3.3.24 mod_vcard_ldap +
- 3.3.25 mod_version
Chapter 4 Managing an ejabberd Server @@ -218,7 +218,7 @@ BLOCKQUOTE.figure DIV.center DIV.center HR{display:none;} Appendix D Copyright Information Chapter 1 Introduction
ejabberd is a free and open source instant messaging server written in Erlang.
ejabberd is cross-platform, distributed, fault-tolerant, and based on open standards to achieve real-time communication.
ejabberd is designed to be a rock-solid and feature rich XMPP server.
ejabberd is suitable for small deployments, whether they need to be scalable or not, as well as extremely big deployments.
+ejabberd is a free and open source instant messaging server written in Erlang/OTP.
ejabberd is cross-platform, distributed, fault-tolerant, and based on open standards to achieve real-time communication.
ejabberd is designed to be a rock-solid and feature rich XMPP server.
ejabberd is suitable for small deployments, whether they need to be scalable or not, as well as extremely big deployments.
1.1 Key Features
ejabberd is: @@ -269,13 +269,12 @@ Internal Authentication.
Others @@ -338,16 +337,14 @@ as long as your system have all the dependencies.
- Support for virtual hosting. -
- Compressing XML streams with Stream Compression (XEP-0138). -
- Statistics via Statistics Gathering (XEP-0039). +
- Compressing XML streams with Stream Compression (XEP-0138). +
- Statistics via Statistics Gathering (XEP-0039).
- IPv6 support both for c2s and s2s connections. -
- Multi-User Chat module with support for clustering and HTML logging.
- Users Directory based on users vCards. -
- Publish-Subscribe component with support for Personal Eventing via Pubsub. -
- Support for web clients: HTTP Polling and HTTP Binding (BOSH) services. -
- IRC transport. +
- Multi-User Chat module with support for clustering and HTML logging.
- Users Directory based on users vCards. +
- Publish-Subscribe component with support for Personal Eventing via Pubsub. +
- Support for web clients: HTTP Polling and HTTP Binding (BOSH) services.
- Component support: interface with networks such as AIM, ICQ and MSN installing special tranports.
- GNU Make
- GCC -
- Libexpat 1.95 or higher -
- Erlang/OTP R10B-9 or higher. The recommended version is R12B-5. Support for R13 is experimental. +
- Erlang/OTP R12B-4 or higher, R13B or higher. +
- exmpp 0.9.1 or higher
- OpenSSL 0.9.6 or higher, for STARTTLS, SASL and SSL encryption. Optional, highly recommended. -
- Zlib 1.2.3 or higher, for Stream Compression support (XEP-0138). Optional. +
- Zlib 1.2.3 or higher, for Stream Compression support (XEP-0138). Optional.
- Erlang mysql library. Optional. For MySQL authentication or storage. See section 3.2.1.
- Erlang pgsql library. Optional. For PostgreSQL authentication or storage. See section 3.2.3.
- PAM library. Optional. For Pluggable Authentication Modules (PAM). See section 3.1.4. -
- GNU Iconv 1.8 or higher, for the IRC Transport (mod_irc). Optional. Not needed on systems with GNU Libc. See section 3.3.8.
- ImageMagick’s Convert program. Optional. For CAPTCHA challenges. See section 3.1.8. -
- exmpp 0.9.1 or higher. Optional. For import/export user data with XEP-0227 XML files.
2.4.2 Download Source Code
Released versions of ejabberd are available in the ProcessOne ejabberd downloads page: @@ -462,31 +459,25 @@ for example:
Requirements
To compile ejabberd on a Microsoft Windows system, you need:
- MS Visual C++ 6.0 Compiler -
- Erlang/OTP R11B-5 +
- Erlang/OTP R12B-5. Support for R13 or higher is experimental. +
- exmpp 0.9.1 or higher
- Expat 2.0.0 or higher -
- GNU Iconv 1.9.2 -(optional)
- Shining Light OpenSSL 0.9.8d or higher (to enable SSL connections)
- Zlib 1.2.3 or higher
Compilation
We assume that we will try to put as much library as possible into
C:\sdk\to make it easier to track what is install for ejabberd.
- -Install Erlang emulator (for example, into
C:\sdk\erl5.5.5). +Install Erlang emulator (for example, intoC:\sdk\erl5.6.5).- Install Expat library into
C:\sdk\Expat-2.0.0directory.Copy file
C:\sdk\Expat-2.0.0\Libs\libexpat.dllto your Windows system directory (for example,C:\WINNTorC:\WINNT\System32) -- Build and install the Iconv library into the directory -
C:\sdk\GnuWin32.Copy file
C:\sdk\GnuWin32\bin\lib*.dllto your -Windows system directory (more installation instructions can be found in the -file README.woe32 in the iconv distribution).Note: instead of copying libexpat.dll and iconv.dll to the Windows -directory, you can add the directories -
C:\sdk\Expat-2.0.0\Libsand -C:\sdk\GnuWin32\binto thePATHenvironment -variable. +Note: instead of copying libexpat.dll to the Windows +directory, you can add the directoryC:\sdk\Expat-2.0.0\Libs+to thePATHenvironment variable.- Install OpenSSL in
C:\sdk\OpenSSLand addC:\sdk\OpenSSL\lib\VCto your path or copy the binaries to your system directory.- Install ZLib in
C:\sdk\gnuWin32. Copy -C:\sdk\GnuWin32\bin\zlib1.dllto your system directory. If you change your path it should already be set after libiconv install. +C:\sdk\GnuWin32\bin\zlib1.dllto your system directory.- Make sure the you can access Erlang binaries from your path. For example:
set PATH=%PATH%;"C:\sdk\erl5.6.5\bin"- Depending on how you end up actually installing the library you might need to check and tweak the paths in the file configure.erl.
- While in the directory
ejabberd\srcrun: @@ -503,7 +494,7 @@ There are two ways to register a Jabber account:- Edit the ejabberd configuration file to give administration rights to the Jabber account you created:
{acl, admins, {user, "admin1", "example.org"}}. @@ -537,7 +528,7 @@ edit the configuration file, or remove all its content.The configuration the name of an option, and any further elements are that option’s values. If the configuration file do not contain for instance the ‘hosts’ option, the old host name(s) stored in the database will be used.
You can override the old values stored in the database by adding next lines to -the configuration file: +the beginning of the configuration file:
override_global. override_local. override_acls. @@ -546,22 +537,18 @@ cluster), local options (which are specific for this particular ejabberd3.1.1 Host Names
The option hosts defines a list containing one or more domains that -ejabberd will serve.
Examples: +ejabberd will serve.
The syntax is: +
- {hosts, [HostName, ...]}.
Examples:
- Serving one domain:
{hosts, ["example.org"]}. -- Serving one domain, and backwards compatible with older ejabberd -versions: -
{host, "example.org"}. -- Serving two domains: -
{hosts, ["example.net", "example.com"]}. +- Serving three domains: +
{hosts, ["example.net", "example.com", "jabber.somesite.org"]}.3.1.2 Virtual Hosting
Options can be defined separately for every virtual host using the -host_config option. It has the following -syntax: -
{host_config, <hostname>, [<option>, <option>, ...]}. -Examples: +host_config option.
The syntax is: +
- {host_config, HostName, [Option, ...]}
Examples:
- Domain example.net is using the internal authentication method while domain example.com is using the LDAP server running on the @@ -589,11 +576,10 @@ while domain example.com is using the LDAP servers running on the domai
To define specific ejabberd modules in a virtual host, you can define the global modules option with the common modules, and later add specific modules to certain virtual hosts. -To accomplish that, instead of defining each option in host_config with the syntax -
{<option-name>, <option-value>} -use this syntax: -
{{add, <option-name>}, <option-value>} -In this example three virtual hosts have some similar modules, but there are also +To accomplish that, instead of defining each option in host_config with the general syntax +
- {OptionName, OptionValue}
+use this syntax: +
- {{add, OptionName}, OptionValue}
In this example three virtual hosts have some similar modules, but there are also other different modules for some specific virtual hosts:
%% This ejabberd server has three vhosts: {hosts, ["one.example.org", "two.example.org", "three.example.org"]}. @@ -629,31 +615,25 @@ other different modules for some specific virtual hosts: ]}.3.1.3 Listening Ports
The option listen defines for which addresses and ports ejabberd +
The option listen defines for which ports, addresses and network protocols ejabberd will listen and what services will be run on them. Each element of the list is a tuple with the following elements:
- -Port number. Optionally also the IP address. +Port number. Optionally also the IP address and/or a transport protocol.
- Listening module that serves this port.
- Options for the TCP socket and for the listening module. -
With the basic syntax the ports will listen on all IPv4 network addresses: -
{listen, [ - {<port-number>, <module>, [<options>]}, - {<port-number>, <module>, [<options>]}, - ... - {<port-number>, <module>, [<options>]} - ]}. -It is possible to specify the IP address for a port using the full syntax: -
{{<port-number>, <ip-address>}, <module>, [<options>]} --Port Number and IP Address
The port number defines which port to listen for incoming connections. +
The option syntax is: +
- {listen, [Listener, ...]}.
To define a listener there are several syntax. +
- {PortNumber, Module, [Option, ...]}
- {{PortNumber, IPaddress}, Module, [Option, ...]}
- {{PortNumber, TransportProtocol}, Module, [Option, ...]}
+
- {{PortNumber, IPaddress, TransportProtocol}, Module, [Option, ...]}
Port Number, IP Address and Transport Protocol
The port number defines which port to listen for incoming connections. It can be a Jabber/XMPP standard port (see section 5.1) or any other valid port number.
The IP address can be represented with a string or an Erlang tuple with decimal or hexadecimal numbers. The socket will listen only in that network interface. It is possible to specify a generic address, so ejabberd will listen in all addresses. -Depending in the type of the IP address, IPv4 or IPv6 will be used.
Some example values for IP address: +Depending in the type of the IP address, IPv4 or IPv6 will be used. +When not specified the IP address, it will listen on all IPv4 network addresses.
Some example values for IP address:
+
"0.0.0.0"to listen in all IPv4 network interfaces. This is the default value when no IP is specified."::"to listen in all IPv6 network interfaces @@ -662,7 +642,8 @@ Depending in the type of the IP address, IPv4 or IPv6 will be used.Some e
{10, 11, 12, 13}is the IPv4 address10.11.12.13{0, 0, 0, 0, 0, 65535, 32512, 1}is the IPv6 address::FFFF:127.0.0.1/128{16#fdca, 16#8ab6, 16#a243, 16#75ef, 0, 0, 0, 1}is the IPv6 addressFDCA:8AB6:A243:75EF::1/128-The transport protocol can be tcp or udp. +Default is tcp.
Listening Module
The available modules, their purpose and the options allowed by each one are:
- @@ -677,9 +658,13 @@ Handles incoming s2s connections.
Options: max_stanza_size- ejabberd_service
- Interacts with an external component -(as defined in the Jabber Component Protocol (XEP-0114).
+(as defined in the Jabber Component Protocol (XEP-0114).
Options: access, hosts, shaper, service_check_from +- ejabberd_stun
- +Handles STUN Binding requests as defined in +RFC 5389.
+ Options: certfile- ejabberd_http
- Handles incoming HTTP connections.
Options: captcha, certfile, http_bind, http_poll, @@ -687,19 +672,19 @@ Handles incoming HTTP connections.
Options
This is a detailed description of each option allowed by the listening modules:
- -{access, <access rule>}
- This option defines +{access, AccessName}
- This option defines access to the port. The default value is all.
- {certfile, Path}
- Full path to a file containing the default SSL certificate. To define a certificate file specific for a given domain, use the global option domain_certfile. -
- service_check_from
- +
- {service_check_from, true|false}
- This option can be used with ejabberd_service only. It is used to disable control on the from field on packets send by an external components. The option can be either true or -false. The default value is true which conforms to XEP-0114. -
- {hosts, [Hostnames], [HostOptions]}
- +false. The default value is true which conforms to XEP-0114. +
- {hosts, [Hostname, ...], [HostOption, ...]}
- The external Jabber component that connects to this ejabberd_service can serve one or more hostnames. -In HostOptions you can define options for the component; +As HostOption you can define options for the component; currently the only allowed option is the password required to the component when attempt to connect to ejabberd: {password, Secret}. Note that you cannot define in a single ejabberd_service components of @@ -708,7 +693,7 @@ as seen in an example below.
- captcha
- Simple web page that allows a user to fill a CAPTCHA challenge (see section 3.1.8).
- http_bind
- -This option enables HTTP Binding (XEP-0124 and XEP-0206) support. HTTP Bind +This option enables HTTP Binding (XEP-0124 and XEP-0206) support. HTTP Bind enables access via HTTP requests to ejabberd from behind firewalls which do not allow outgoing sockets on port 5222.
Remember that you must also install and enable the module mod_http_bind.
If HTTP Bind is enabled, it will be available at
http://server:port/http-bind/. Be aware that support for HTTP Bind @@ -719,7 +704,7 @@ interesting to host a web-based Jabber client such as embedded local web server or Apache).- http_poll
- -This option enables HTTP Polling (XEP-0025) support. HTTP Polling +This option enables HTTP Polling (XEP-0025) support. HTTP Polling enables access via HTTP requests to ejabberd from behind firewalls which do not allow outgoing sockets on port 5222.
If HTTP Polling is enabled, it will be available at
http://server:port/http-poll/. Be aware that support for HTTP Polling @@ -738,17 +723,17 @@ value is infinity. Recommended values are 65536 for c2s connections and 131072 for s2s connections. s2s max stanza size must always much higher than c2s limit. Change this value with extreme care as it can cause unwanted disconnect if set too low. -- {request_handlers, [{Path, Module}]}
- To define one or several handlers that will serve HTTP requests. +
- {request_handlers, [ {Path, Module}, ...]}
- To define one or several handlers that will serve HTTP requests. The Path is a list of strings; so the URIs that start with that Path will be served by Module. For example, if you want mod_foo to serve the URIs that start with /a/b/, and you also want mod_http_bind to serve the URIs /http-bind/, use this option: {request_handlers, [{["a", "b"], mod_foo}, {["http-bind"], mod_http_bind}]}
- {service_check_from, true|false}
- By enabling this option, ejabberd allows the component to send packets with any arbitrary domain in the ’from’ attribute. -Note that XEP-0114 requires that the domain must match the hostname of the component. +Note that XEP-0114 requires that the domain must match the hostname of the component. Only enable this option if you are completely sure you need to enable it. Default value: false. -
- {shaper, <access rule>}
- This option defines a +
- {shaper, none|ShaperName}
- This option defines a shaper for the port (see section 3.1.6). The default value is none.
- starttls
- This option @@ -766,7 +751,7 @@ This was the traditional encryption method in the early Jabber software, commonly on port 5223 for client-to-server communications. But this method is nowadays deprecated and not recommended. The preferable encryption method is STARTTLS on port 5222, as defined -RFC 3920: XMPP Core, +RFC 3920: XMPP Core, which can be enabled in ejabberd with the option starttls. If this option is set, you should also set the certfile option.
- web_admin
- This option @@ -775,7 +760,7 @@ at
http://server:port/admin/. Login and password are the username a password of one of the registered users who are granted access by the ‘configure’ access rule.- zlib
- This -option specifies that Zlib stream compression (as defined in XEP-0138) +option specifies that Zlib stream compression (as defined in XEP-0138) is available on connections to the port. Client connections cannot use stream compression and stream encryption simultaneously. Hence, if you specify both starttls (or tls) and zlib, the latter @@ -793,7 +778,7 @@ Full path to the file containing the SSL certificate for a specific domain. Specify which address families to try, in what order, and connect timeout in milliseconds. By default it first tries connecting with IPv4, if that fails it tries using IPv6, with a timeout of 10000 milliseconds. -
- {s2s_dns_options, [{Property, Value}]}
- +
- {s2s_dns_options, [ {Property, Value}, ...]}
- Define properties to use for DNS resolving. Allowed Properties are: timeout in seconds which default value is 10 and retries which default value is 2. @@ -816,6 +801,7 @@ However, the c2s and s2s connections to the domain example.com use the and also allows plain connections for old clients.
- Port 5223 listens for c2s connections with the old SSL.
- Port 5269 listens for s2s connections with STARTTLS. The socket is set for IPv6 instead of IPv4. +
- Port 3478 listens for STUN requests over UDP.
- Port 5280 listens for HTTP requests, and serves the HTTP Poll service.
- Port 5281 listens for HTTP requests, and serves the Web Admin using HTTPS as explained in section 4.3. The socket only listens connections to the IP address 127.0.0.1. @@ -838,6 +824,7 @@ section 4.3. The socket only listens connections to {shaper, s2s_shaper}, {max_stanza_size, 131072} ]}, + {{3478, udp}, ejabberd_stun, []}, {5280, ejabberd_http, [ http_poll ]}, @@ -972,10 +959,9 @@ you have to make the transports log and do XDB by themselves: </xdb>
3.1.4 Authentication
The option auth_method defines the authentication method that is used -for user authentication: -
{auth_method, [<method>]}. -The following authentication methods are supported by ejabberd: +
The option auth_method defines the authentication methods that are used +for user authentication. The syntax is: +
- {auth_method, [Method, ...]}.
The following authentication methods are supported by ejabberd:
- internal (default) — See section 3.1.4.
- external — There are some @@ -987,10 +973,8 @@ example authentication scripts.
- pam — See section 3.1.4.
Account creation is only supported by internal and odbc methods.
Internal
ejabberd uses its internal Mnesia database as the default authentication method.
- -auth_method: The value internal will enable the internal -authentication method. -
Examples: +
ejabberd uses its internal Mnesia database as the default authentication method. +The value internal will enable the internal authentication method.
Examples:
- To use internal authentication on example.org and LDAP authentication on example.net: @@ -1000,25 +984,23 @@ authentication on example.net:
{auth_method, internal}.SASL Anonymous and Anonymous Login
The anonymous authentication method can be configured with the following +
The value anonymous will enable the internal authentication method.
The anonymous authentication method can be configured with the following options. Remember that you can use the host_config option to set virtual host specific options (see section 3.1.2). Note that there also is a detailed tutorial regarding SASL -Anonymous and anonymous login configuration.
- -auth_method: The value anonymous will enable the anonymous -authentication method. -
- allow_multiple_connections: This value for this option can be -either true or false and is only used when the anonymous mode is +Anonymous and anonymous login configuration.
- +{allow_multiple_connections, false|true}
- This option is only used +when the anonymous mode is enabled. Setting it to true means that the same username can be taken multiple times in anonymous login mode if different resource are used to connect. This option is only useful in very special occasions. The default value is false. -
- anonymous_protocol: This option can take three values: -sasl_anon, login_anon or both. sasl_anon means +
- {anonymous_protocol, sasl_anon | login_anon | both}
- +sasl_anon means that the SASL Anonymous method will be used. login_anon means that the anonymous login method will be used. both means that SASL Anonymous and login anonymous are both enabled. -
Those options are defined for each virtual host with the host_config +
Those options are defined for each virtual host with the host_config parameter (see section 3.1.2).
Examples:
-
- To enable anonymous login on all virtual hosts: @@ -1049,7 +1031,7 @@ PAM authentication is disabled by default, so you have to configure and compile
./configure --enable-pam && make installOptions:
- -pam_service
- This option defines the PAM service name. +{pam_service, Name}
- This option defines the PAM service name. Default is "ejabberd". Refer to the PAM documentation of your operation system for more information.
Example: @@ -1091,48 +1073,47 @@ then /etc/nssswitch.conf must be configured to use winbind as
ACL Definition
Access control in ejabberd is performed via Access Control Lists (ACLs). The declarations of ACLs in the configuration file have the following syntax: -
{acl, <aclname>, {<acltype>, ...}}. -<acltype> can be one of the following: +
- {acl, ACLName, ACLValue}.
ACLValue can be one of the following:
-
- all
- Matches all JIDs. Example:
{acl, all, all}. -- {user, <username>}
- Matches the user with the name -<username> at the first virtual host. Example: +
- {user, Username}
- Matches the user with the name +Username at the first virtual host. Example:
{acl, admin, {user, "yozhik"}}. -- {user, <username>, <server>}
- Matches the user with the JID -<username>@<server> and any resource. Example: +
- {user, Username, Server}
- Matches the user with the JID +Username@Server and any resource. Example:
{acl, admin, {user, "yozhik", "example.org"}}. -- {server, <server>}
- Matches any JID from server -<server>. Example: +
- {server, Server}
- Matches any JID from server +Server. Example:
{acl, exampleorg, {server, "example.org"}}. -- {resource, <resource>}
- Matches any JID with a resource -<resource>. Example: +
- {resource, Resource}
- Matches any JID with a resource +Resource. Example:
{acl, mucklres, {resource, "muckl"}}. -- {shared_group, <groupname>}
- Matches any member of a Shared Roster Group with name <groupname> in the virtual host. Example: +
- {shared_group, Groupname}
- Matches any member of a Shared Roster Group with name Groupname in the virtual host. Example:
{acl, techgroupmembers, {shared_group, "techteam"}}. -- {shared_group, <groupname>, <server>}
- Matches any member of a Shared Roster Group with name <groupname> in the virtual host <server>. Example: +
- {shared_group, Groupname, Server}
- Matches any member of a Shared Roster Group with name Groupname in the virtual host Server. Example:
{acl, techgroupmembers, {shared_group, "techteam", "example.org"}}. -- {user_regexp, <regexp>}
- Matches any local user with a name that -matches <regexp> on local virtual hosts. Example: +
- {user_regexp, Regexp}
- Matches any local user with a name that +matches Regexp on local virtual hosts. Example:
{acl, tests, {user_regexp, "^test[0-9]*$"}}. -- {user_regexp, <regexp>, <server>}
- Matches any user with a name -that matches <regexp> at server <server>. Example: -
{acl, tests, {user_regexp, "^test", "example.org"}}. -- {server_regexp, <regexp>}
- Matches any JID from the server that -matches <regexp>. Example: +
- {user_regexp, UserRegexp, Server}
- Matches any user with a name +that matches Regexp at server Server. Example: +
{acl, tests, {user_Userregexp, "^test", "example.org"}}. +- {server_regexp, Regexp}
- Matches any JID from the server that +matches Regexp. Example:
{acl, icq, {server_regexp, "^icq\\."}}. -- {resource_regexp, <regexp>}
- Matches any JID with a resource that -matches <regexp>. Example: +
- {resource_regexp, Regexp}
- Matches any JID with a resource that +matches Regexp. Example:
{acl, icq, {resource_regexp, "^laptop\\."}}. -- {node_regexp, <user_regexp>, <server_regexp>}
- Matches any user -with a name that matches <user_regexp> at any server that matches -<server_regexp>. Example: +
- {node_regexp, UserRegexp, ServerRegexp}
- Matches any user +with a name that matches UserRegexp at any server that matches +ServerRegexp. Example:
{acl, yohzik, {node_regexp, "^yohzik$", "^example.(com|org)$"}}. -- {user_glob, <glob>}
- -
- {user_glob, <glob>, <server>}
- -
- {server_glob, <glob>}
- -
- {resource_glob, <glob>}
- -
- {node_glob, <user_glob>, <server_glob>}
- This is the same as +
- {user_glob, Glob}
- +
- {user_glob, Glob, Server}
- +
- {server_glob, Glob}
- +
- {resource_glob, Glob}
- +
- {node_glob, UserGlob, ServerGlob}
- This is the same as above. However, it uses shell glob patterns instead of regexp. These patterns can have the following special characters:
- @@ -1143,19 +1124,15 @@ ranges are specified by a pair of characters separated by a ‘-’ If the first character after ‘[’ is a ‘!’, any character not enclosed is matched.
The following ACLs are pre-defined: +
The following ACLName are pre-defined:
- all
- Matches any JID.
- none
- Matches no JID.
Access Rights
An entry allowing or denying access to different services looks similar to -this: -
{access, <accessname>, [{allow, <aclname>}, - {deny, <aclname>}, - ... - ]}. -When a JID is checked to have access to <accessname>, the server +
An entry allowing or denying access to different services. +The syntax is: +
- {access, AccessName, [ {allow|deny, ACLName}, ...]}.
When a JID is checked to have access to Accessname, the server sequentially checks if that JID matches any of the ACLs that are named in the second elements of the tuples in the list. If it matches, the first element of the first matched tuple is returned, otherwise the value ‘deny’ is @@ -1163,7 +1140,7 @@ returned.
Example:
{access, configure, [{allow, admin}]}. {access, something, [{deny, badmans}, {allow, all}]}. -The following access rules are pre-defined: +
The following AccessName are pre-defined:
- all
- Always returns the value ‘allow’.
- none
- Always returns the value ‘deny’. @@ -1176,35 +1153,27 @@ opened session will be disconnected. The error session replaced will be sent to the disconnected session. The value for this option can be either a number, or infinity. The default value is infinity.
The syntax is: -
{access, max_user_sessions, [{<maxnumber>, <aclname>}, - ... - ]}. -Examples: -
+
- -To limit the number of sessions per user to 10 for all users: -
{access, max_user_sessions, [{10, all}]}. -
- {access, max_user_sessions, [ {MaxNumber, ACLName}, ...]}.
This example limits the number of sessions per user to 5 for all users, and to 10 for admins: +
{access, max_user_sessions, [{10, admin}, {5, all}]}. +Several connections to a remote Jabber server with ACL
The special access max_s2s_connections specifies how many simultaneus S2S connections can be established to a specific remote Jabber server. The default value is 1. There’s also available the access max_s2s_connections_per_node.
The syntax is: -
{access, max_s2s_connections, [{<maxnumber>, <aclname>}, - ... - ]}. -Examples: +
- {access, max_s2s_connections, [ {MaxNumber, ACLName}, ...]}.
Examples:
- Allow up to 3 connections with each remote server:
{access, max_s2s_connections, [{3, all}]}.3.1.6 Shapers
Shapers enable you to limit connection traffic. The syntax of -shapers is like this: -
{shaper, <shapername>, <kind>}. -Currently only one kind of shaper called maxrate is available. It has the +
Shapers enable you to limit connection traffic. +The syntax is: +
- {shaper, ShaperName, Kind}.
+Currently only one kind of shaper called maxrate is available. It has the following syntax: -
{maxrate, <rate>} -where <rate> stands for the maximum allowed incoming rate in bytes per +
- {maxrate, Rate}
+where Rate stands for the maximum allowed incoming rate in bytes per second. When a connection exceeds this limit, ejabberd stops reading from the socket until the average rate is again below the allowed maximum.
Examples: @@ -1219,14 +1188,15 @@ To define a shaper named ‘normal’ with traffic speed limi
3.1.7 Default Language
The option language defines the default language of server strings that can be seen by Jabber clients. If a Jabber client does not support -xml:lang, the specified language is used. The default value is -en. In order to take effect there must be a translation file -<language>.msg in ejabberd’s msgs directory.
For example, to set Russian as default language: +xml:lang, the specified language is used.
The option syntax is: +
- {language, Language}.
The default value is en. +In order to take effect there must be a translation file +Language.msg in ejabberd’s msgs directory.
For example, to set Russian as default language:
{language, "ru"}.Appendix A provides more details about internationalization and localization.
3.1.8 CAPTCHA
Some ejabberd modules can be configured to require a CAPTCHA challenge on certain actions. -If the client does not support CAPTCHA Forms (XEP-0158), +If the client does not support CAPTCHA Forms (XEP-0158), a web link is provided so the user can fill the challenge in a web browser.
An example script is provided that generates the image using ImageMagick’s Convert program.
The configurable options are:
- @@ -1255,21 +1225,47 @@ See section 3.1.3.
Example configuration: } ]}. +
+3.1.9 STUN
ejabberd is able to act as a stand-alone STUN server +(RFC 5389). Currently only Binding usage +is supported. In that role ejabberd helps clients with Jingle ICE (XEP-0176) support to discover their external addresses and ports.
You should configure ejabberd_stun listening module as described in 3.1.3 section. +If certfile option is defined, ejabberd multiplexes TCP and +TLS over TCP connections on the same port. Obviously, certfile option +is defined for tcp only. Note however that TCP or TLS over TCP +support is not required for Binding usage and is reserved for +TURN +functionality. Feel free to configure udp transport only.
Example configuration: +
{listen, + [ + ... + {{3478, udp}, ejabberd_stun, []}, + {3478, ejabberd_stun, []}, + {5349, ejabberd_stun, [{certfile, "/etc/ejabberd/server.pem"}]}, + ... + ] +}. +You also need to configure DNS SRV records properly so clients can easily discover a +STUN server serving your XMPP domain. Refer to section +DNS Discovery of a Server +of RFC 5389 for details.
Example DNS SRV configuration: +
_stun._udp IN SRV 0 0 3478 stun.example.com. +_stun._tcp IN SRV 0 0 3478 stun.example.com. +_stuns._tcp IN SRV 0 0 5349 stun.example.com.-3.1.9 Include Additional Configuration Files
The option include_config_file in a configuration file instructs ejabberd to include other configuration files immediately.
The basic usage is: -
{include_config_file, <filename>}. -It is also possible to specify suboptions: -
{include_config_file, <filename>, [<suboption>, <suboption>, ...]}. -The filename can be indicated either as an absolute path, +
3.1.10 Include Additional Configuration Files
The option include_config_file in a configuration file instructs ejabberd to include other configuration files immediately.
The basic syntax is: +
- {include_config_file, Filename}.
+It is possible to specify suboptions using the full syntax: +
- {include_config_file, Filename, [Suboption, ...]}.
The filename can be indicated either as an absolute path, or relative to the main ejabberd configuration file. It isn’t possible to use wildcards. The file must exist and be readable.
The allowed suboptions are:
- -{disallow, [<option>, <option>, ...]}
- Disallows the usage of those options in the included configuration file. +{disallow, [Optionname, ...]}
- Disallows the usage of those options in the included configuration file. The options that match this criteria are not accepted. The default value is an empty list: [] -
- {allow_only, [<option>, <option>, ...]}
- Allows only the usage of those options in the included configuration file. +
- {allow_only, [Optionname, ...]}
- Allows only the usage of those options in the included configuration file. The options that do not match this criteria are not accepted. The default value is: all
This is a basic example: @@ -1287,12 +1283,12 @@ and later includes another file with additional rules:
{acl, admin, {user, "bob", "localhost"}}. {acl, admin, {user, "jan", "localhost"}}.-3.1.10 Option Macros in Configuration File
3.1.11 Option Macros in Configuration File
In the ejabberd configuration file, it is possible to define a macro for a value and later use this macro when defining an option.
A macro is defined with this syntax: -
{define_macro, '<MACRO>', <value>}. -The MACRO must be surrounded by single quotation marks, +
- {define_macro, ’MACRO’, Value}.
+The MACRO must be surrounded by single quotation marks, and all letters in uppercase; check the examples bellow. The value can be any valid arbitrary Erlang term.
The first definition of a macro is preserved, and additional definitions of the same macro are forgotten.
Macros are processed after @@ -1300,17 +1296,17 @@ additional configuration files have been included, so it is possible to use macros that are defined in configuration files included before the usage.
It isn’t possible to use a macro in the definition of another macro.
There are two ways to use a macro: -
- ’<MACRO>’
- +
- ’MACRO’
- You can put this instead of a value in an ejabberd option, and will be replaced with the value previously defined. If the macro is not defined previously, -the program will crash and report an error.
- {use_macro, ’<MACRO>’, <defaultvalue>}
- +the program will crash and report an error.
- {use_macro, ’MACRO’, Defaultvalue}
- Use a macro even if it may not be defined. If the macro is not defined previously, the provided defaultvalue is used. This usage behaves as if it were defined and used this way: -
{define_macro, '<MACRO>', <defaultvalue>}. -'<MACRO>' +{define_macro, 'MACRO', Defaultvalue}. +'MACRO'This example shows the basic usage of a macro:
{define_macro, 'LOG_LEVEL_NUMBER', 5}. {loglevel, 'LOG_LEVEL_NUMBER'}. @@ -1336,7 +1332,7 @@ This usage behaves as if it were defined and used this way: ] }.-3.2 Database and LDAP Configuration
3.2 Database and LDAP Configuration
ejabberd uses its internal Mnesia database by default. However, it is possible to use a relational database or an LDAP server to store persistent, @@ -1369,7 +1365,7 @@ For example: {auth_method, [odbc]} ]}.
-3.2.1 MySQL
3.2.1 MySQL
Although this section will describe ejabberd’s configuration when you want to use the native MySQL driver, it does not describe MySQL’s installation and database creation. Check the MySQL documentation and the tutorial Using ejabberd with MySQL native driver for information regarding these topics. @@ -1393,17 +1389,13 @@ commands: value is used to define if we want to use ODBC, or one of the two native interface available, PostgreSQL or MySQL.
To use the native MySQL interface, you can pass a tuple of the following form as parameter: -
{mysql, "Server", "Database", "Username", "Password"} -mysql is a keyword that should be kept as is. For example: -
{odbc_server, {mysql, "localhost", "test", "root", "password"}}. -Optionally, it is possible to define the MySQL port to use. This +
- {mysql, "Server", "Database", "Username", "Password"}
mysql is a keyword that should be kept as is. For example: +
- {odbc_server, {mysql, "localhost", "test", "root", "password"}}.
Optionally, it is possible to define the MySQL port to use. This option is only useful, in very rare cases, when you are not running MySQL with the default port setting. The mysql parameter can thus take the following form: -
{mysql, "Server", Port, "Database", "Username", "Password"} -The Port value should be an integer, without quotes. For example: -
{odbc_server, {mysql, "localhost", Port, "test", "root", "password"}}. -By default ejabberd opens 10 connections to the database for each virtual host. +
- {mysql, "Server", Port, "Database", "Username", "Password"}
The Port value should be an integer, without quotes. For example: +
- {odbc_server, {mysql, "localhost", Port, "test", "root", "password"}}.
By default ejabberd opens 10 connections to the database for each virtual host. Use this option to modify the value:
{odbc_pool_size, 10}.You can configure an interval to make a dummy SQL request @@ -1430,7 +1422,7 @@ relational databases like MySQL. To enable storage to your database, just make sure that your database is running well (see previous sections), and replace the suffix-less or ldap module variant with the odbc module variant. Keep in mind that you cannot have several variants of the same module loaded!
-3.2.2 Microsoft SQL Server
3.2.2 Microsoft SQL Server
Although this section will describe ejabberd’s configuration when you want to use Microsoft SQL Server, it does not describe Microsoft SQL Server’s installation and database creation. Check the MySQL documentation and the @@ -1468,7 +1460,7 @@ database, just make sure that your database is running well (see previous sections), and replace the suffix-less or ldap module variant with the odbc module variant. Keep in mind that you cannot have several variants of the same module loaded!
-3.2.3 PostgreSQL
3.2.3 PostgreSQL
Although this section will describe ejabberd’s configuration when you want to use the native PostgreSQL driver, it does not describe PostgreSQL’s installation and database creation. Check the PostgreSQL documentation and the tutorial Using ejabberd with MySQL native driver for information regarding these topics. @@ -1495,17 +1487,13 @@ using next commands: value is used to define if we want to use ODBC, or one of the two native interface available, PostgreSQL or MySQL.
To use the native PostgreSQL interface, you can pass a tuple of the following form as parameter: -
{pgsql, "Server", "Database", "Username", "Password"} -pgsql is a keyword that should be kept as is. For example: -
{odbc_server, {pgsql, "localhost", "database", "ejabberd", "password"}}. -Optionally, it is possible to define the PostgreSQL port to use. This +
- {pgsql, "Server", "Database", "Username", "Password"}
pgsql is a keyword that should be kept as is. For example: +
- {odbc_server, {pgsql, "localhost", "database", "ejabberd", "password"}}.
Optionally, it is possible to define the PostgreSQL port to use. This option is only useful, in very rare cases, when you are not running PostgreSQL with the default port setting. The pgsql parameter can thus take the following form: -
{pgsql, "Server", Port, "Database", "Username", "Password"} -The Port value should be an integer, without quotes. For example: -
{odbc_server, {pgsql, "localhost", 5432, "database", "ejabberd", "password"}}. -By default ejabberd opens 10 connections to the database for each virtual host. +
- {pgsql, "Server", Port, "Database", "Username", "Password"}
The Port value should be an integer, without quotes. For example: +
- {odbc_server, {pgsql, "localhost", 5432, "database", "ejabberd", "password"}}.
By default ejabberd opens 10 connections to the database for each virtual host. Use this option to modify the value:
{odbc_pool_size, 10}.You can configure an interval to make a dummy SQL request @@ -1529,7 +1517,7 @@ relational databases like PostgreSQL. To enable storage to your database, just make sure that your database is running well (see previous sections), and replace the suffix-less or ldap module variant with the odbc module variant. Keep in mind that you cannot have several variants of the same module loaded!
-3.2.4 ODBC Compatible
3.2.4 ODBC Compatible
Although this section will describe ejabberd’s configuration when you want to use the ODBC driver, it does not describe the installation and database creation of your database. Check the documentation of your database. The tutorial Using ejabberd with MySQL native driver also can help you. Note that the tutorial @@ -1574,7 +1562,7 @@ database, just make sure that your database is running well (see previous sections), and replace the suffix-less or ldap module variant with the odbc module variant. Keep in mind that you cannot have several variants of the same module loaded!
-3.2.5 LDAP
3.2.5 LDAP
ejabberd has built-in LDAP support. You can authenticate users against LDAP server and use LDAP directory as vCard storage. Shared rosters are not supported yet.
Note that ejabberd treats LDAP as a read-only storage: @@ -1582,20 +1570,20 @@ it is possible to consult data, but not possible to create accounts, change password or edit vCard that is stored in LDAP.
Connection
Parameters:
- -ldap_servers
- List of IP addresses or DNS names of your +{ldap_servers, [Servers, ...]}
- List of IP addresses or DNS names of your LDAP servers. This option is required. -
- ldap_encrypt
- Type of connection encryption to the LDAP server. +
- {ldap_encrypt, none|tls}
- Type of connection encryption to the LDAP server. Allowed values are: none, tls. Note that STARTTLS is not supported. The default value is: none. -
- ldap_port
- Port to connect to your LDAP server. +
- {ldap_port, Number}
- Port to connect to your LDAP server. The default port is 389 if encryption is disabled; and 636 if encryption is enabled. If you configure a value, it is stored in ejabberd’s database. Then, if you remove that value from the configuration file, the value previously stored in the database will be used instead of the default port. -
- ldap_rootdn
- Bind DN. The default value +
- {ldap_rootdn, RootDN}
- Bind DN. The default value is "" which means ‘anonymous connection’. -
- ldap_password
- Bind password. The default +
- {ldap_password, Password}
- Bind password. The default value is "".
Example:
{auth_method, ldap}. @@ -1606,15 +1594,15 @@ value is "".Note that current LDAP implementation does not support SSL secured communication and SASL authentication.
Authentication
You can authenticate users against an LDAP directory. Available options are:
- -ldap_base
- LDAP base directory which stores +{ldap_base, Base}
- LDAP base directory which stores users accounts. This option is required. -
- ldap_uids
- LDAP attribute which holds a list -of attributes to use as alternatives for getting the JID. The value is of -the form: [{ldap_uidattr}] or [{ldap_uidattr, -ldap_uidattr_format}]. You can use as many comma separated tuples -{ldap_uidattr, ldap_uidattr_format} that is needed. The default -value is [{"uid", "%u"}]. The defaut ldap_uidattr_format -is "%u". The values for ldap_uidattr and +
- {ldap_uids, [ {ldap_uidattr} | {ldap_uidattr, ldap_uidattr_format}, ...]}
- +LDAP attribute which holds a list of attributes to use as alternatives for getting the JID. +The default attributes are [{"uid", "%u"}]. +The attributes are of the form: +[{ldap_uidattr}] or [{ldap_uidattr, ldap_uidattr_format}]. +You can use as many comma separated attributes as needed. +The values for ldap_uidattr and ldap_uidattr_format are described as follow:
-
- ldap_uidattr
- LDAP attribute which holds @@ -1625,13 +1613,13 @@ only one pattern variable "%u" which will be replaced by the user’s part of a JID. For example, "%u@example.org". The default value is "%u".
- ldap_filter
- -RFC 2254 LDAP filter. The +
- {ldap_filter, Filter}
- +RFC 4515 LDAP filter. The default is none. Example: "(&(objectClass=shadowAccount)(memberOf=Jabber Users))". Please, do not forget to close brackets and do not use superfluous whitespaces. Also you must not use ldap_uidattr attribute in filter because this -attribute will be substituted in LDAP filter automatically.
- ldap_local_filter
- +attribute will be substituted in LDAP filter automatically.
- {ldap_local_filter, Filter}
- If you can’t use ldap_filter due to performance reasons (the LDAP server has many users registered), you can use this local filter. @@ -1760,11 +1748,12 @@ configuration is shown below:
{auth_method, ldap}. ... ]}.-3.3 Modules Configuration
3.3 Modules Configuration
The option modules defines the list of modules that will be loaded after ejabberd’s startup. Each entry in the list is a tuple in which the first element is the name of a module and the second is a list of options for that -module.
Examples: +module.
The syntax is: +
- {modules, [ {ModuleName, ModuleOptions}, ...]}.
Examples:
-
- In this example only the module mod_echo is loaded and no module options are specified between the square brackets: @@ -1782,41 +1771,40 @@ all entries end with a comma: {mod_version, []} ]}.
3.3.1 Modules Overview
3.3.1 Modules Overview
The following table lists all modules included in ejabberd.
- Module Feature Dependencies + mod_adhoc Ad-Hoc Commands (XEP-0050) mod_adhoc Ad-Hoc Commands (XEP-0050) - mod_announce Manage announcements recommends mod_adhoc + mod_caps Entity Capabilities (XEP-0115) mod_caps Entity Capabilities (XEP-0115) - mod_configure Server configuration using Ad-Hoc mod_adhoc + mod_disco Service Discovery (XEP-0030) mod_disco Service Discovery (XEP-0030) - mod_echo Echoes Jabber packets - mod_irc IRC transport - mod_last Last Activity (XEP-0012) - mod_last_odbc Last Activity (XEP-0012) supported DB (*) + mod_muc Multi-User Chat (XEP-0045) + mod_last Last Activity (XEP-0012) + mod_last_odbc Last Activity (XEP-0012) supported DB (*) mod_muc Multi-User Chat (XEP-0045) - mod_muc_log Multi-User Chat room logging mod_muc - mod_offline Offline message storage (XEP-0160) - mod_offline_odbc Offline message storage (XEP-0160) supported DB (*) + mod_ping XMPP Ping and periodic keepalives (XEP-0199) + mod_offline Offline message storage (XEP-0160) + mod_offline_odbc Offline message storage (XEP-0160) supported DB (*) mod_ping XMPP Ping and periodic keepalives (XEP-0199) mod_privacy Blocking Communication (XMPP IM) - mod_privacy_odbc Blocking Communication (XMPP IM) supported DB (*) - mod_private Private XML Storage (XEP-0049) - mod_private_odbc Private XML Storage (XEP-0049) supported DB (*) - mod_proxy65 SOCKS5 Bytestreams (XEP-0065) - mod_pubsub Pub-Sub (XEP-0060), PEP (XEP-0163) mod_caps + mod_register In-Band Registration (XEP-0077) + mod_private Private XML Storage (XEP-0049) + mod_private_odbc Private XML Storage (XEP-0049) supported DB (*) + mod_proxy65 SOCKS5 Bytestreams (XEP-0065) + mod_pubsub Pub-Sub (XEP-0060), PEP (XEP-0163) mod_caps mod_register In-Band Registration (XEP-0077) mod_roster Roster management (XMPP IM) mod_roster_odbc Roster management (XMPP IM) supported DB (*) mod_service_log Copy user messages to logger service mod_shared_roster Shared roster management mod_roster or - mod_roster_odbc - mod_stats Statistics Gathering (XEP-0039) - mod_time Entity Time (XEP-0202) - mod_vcard vcard-temp (XEP-0054) - mod_vcard_ldap vcard-temp (XEP-0054) LDAP server - mod_vcard_odbc vcard-temp (XEP-0054) supported DB (*) + mod_version Software Version (XEP-0092) + mod_stats Statistics Gathering (XEP-0039) + mod_time Entity Time (XEP-0202) + mod_vcard vcard-temp (XEP-0054) + mod_vcard_ldap vcard-temp (XEP-0054) LDAP server + mod_vcard_odbc vcard-temp (XEP-0054) supported DB (*) mod_version Software Version (XEP-0092)
- (*) This module requires a supported database. For a list of supported databases, see section 3.2. @@ -1845,13 +1833,14 @@ Last connection date and time: Use mod_last_odbc instead of ejabberd website. Please remember that these contributions might not work or that they can contain severe bugs and security leaks. Therefore, use them at your own risk! -
3.3.2 Common Options
The following options are used by many modules. Therefore, they are described in +
3.3.2 Common Options
The following options are used by many modules. Therefore, they are described in this separate section.
iqdisc
Many modules define handlers for processing IQ queries of different namespaces to this server or to a user (e. g. to example.org or to user@example.org). This option defines processing discipline for -these queries. Possible values are: +these queries.
The syntax is: +
- {iqdisc, Value}
Possible Value are:
- no_queue
- All queries of a namespace with this processing discipline are processed immediately. This also means that no other packets can be processed @@ -1878,8 +1867,9 @@ number of processes (32000 by default). ]}.
host
This option defines the Jabber ID of a service provided by an ejabberd module. -The keyword "@HOST@" is replaced at start time with the real virtual host string.
This example configures +
This option defines the Jabber ID of a service provided by an ejabberd module.
The syntax is: +
- {host, HostName}
If you include the keyword "@HOST@" in the HostName, +it is replaced at start time with the real virtual host string.
This example configures the echo module to provide its echoing service in the Jabber ID mirror.example.org:
{modules, @@ -1897,7 +1887,7 @@ the "@HOST@" keyword must be used: ... ]}.-3.3.3 mod_announce
3.3.3 mod_announce
This module enables configured users to broadcast announcements and to set the message of the day (MOTD). Configured users can perform these actions with a @@ -1913,7 +1903,7 @@ message is sent to all registered users. If the user is online and connected to several resources, only the resource with the highest priority will receive the message. If the registered user is not connected, the message will be stored offline in assumption that offline storage -(see section 3.3.12) is enabled. +(see section 3.3.11) is enabled.
- example.org/announce/online (example.org/announce/all-hosts/online)
- The message is sent to all connected users. If the user is online and connected to several resources, all resources will receive the message. @@ -1928,7 +1918,7 @@ login. The message is not sent to any currently connected user. Any message sent to this JID removes the existing message of the day (MOTD).
Options:
- -access
- This option specifies who is allowed to +{access, AccessName}
- This option specifies who is allowed to send announcements and to set the message of the day (by default, nobody is able to send such messages).
Examples: @@ -1961,27 +1951,27 @@ Only administrators can send announcements:
Note that mod_announce can be resource intensive on large deployments as it can broadcast lot of messages. This module should be disabled for instances of ejabberd with hundreds of thousands users.
-3.3.4 mod_disco
3.3.4 mod_disco
This module adds support for Service Discovery (XEP-0030). With +
This module adds support for Service Discovery (XEP-0030). With this module enabled, services on your server can be discovered by Jabber clients. Note that ejabberd has no modules with support -for the superseded Jabber Browsing (XEP-0011) and Agent Information -(XEP-0094). Accordingly, Jabber clients need to have support for +for the superseded Jabber Browsing (XEP-0011) and Agent Information +(XEP-0094). Accordingly, Jabber clients need to have support for the newer Service Discovery protocol if you want them be able to discover the services you offer.
Options:
- -iqdisc
- This specifies +{iqdisc, Discipline}
- This specifies the processing discipline for Service Discovery (http://jabber.org/protocol/disco#items and http://jabber.org/protocol/disco#info) IQ queries (see section 3.3.2). -
- {extra_domains, [ Domain ]}
- With this option, +
- {extra_domains, [Domain, ...]}
- With this option, you can specify a list of extra domains that are added to the Service Discovery item list. -
- {server_info, [ {Modules, Field, [Value]} ]}
- +
- {server_info, [ {Modules, Field, [Value, ...]}, ... ]}
- Specify additional information about the server, -as described in Contact Addresses for XMPP Services (XEP-0157). +as described in Contact Addresses for XMPP Services (XEP-0157). Modules can be the keyword ‘all’, in which case the information is reported in all the services; or a list of ejabberd modules, @@ -2035,13 +2025,13 @@ and admin addresses for both the main server and the vJUD service: ... ]}.
3.3.5 mod_echo
3.3.5 mod_echo
This module simply echoes any Jabber packet back to the sender. This mirror can be of interest for ejabberd and Jabber client debugging.
Options:
- -host
- This option defines the Jabber ID of the +{host, HostName}
- This option defines the Jabber ID of the service. If the host option is not specified, the Jabber ID will be the hostname of the virtual host with the prefix ‘echo.’. The keyword "@HOST@" is replaced at start time with the real virtual host name. @@ -2055,9 +2045,9 @@ of them all? ... ]}. -
3.3.6 mod_http_bind
3.3.6 mod_http_bind
This module implements XMPP over Bosh (formerly known as HTTP Binding) -as defined in XEP-0124 and XEP-0206. +as defined in XEP-0124 and XEP-0206. It extends ejabberd’s built in HTTP service with a configurable resource at which this service will be hosted.
To use HTTP-Binding, enable the module:
{modules, @@ -2095,35 +2085,37 @@ For example: }, ... ]}. -The maximum inactivity period is by default 30 seconds. -This can be configured with the module option max_inactivity. +
Options: +
+
- +{max_inactivity, Seconds}
- +Define the maximum inactivity period in seconds. +Default value is 30 seconds. For example, to set 50 seconds: -
{modules, +{modules, [ ... {mod_http_bind, [ {max_inactivity, 50} ]}, ... ]}. --3.3.7 mod_http_fileserver
3.3.7 mod_http_fileserver
This simple module serves files from the local disk over HTTP.
Options:
- -docroot
- +{docroot, Path}
- Directory to serve the files. -
- accesslog
- +
- {accesslog, Path}
- File to log accesses using an Apache-like format. No log will be recorded if this option is not specified. -
- directory_indices
- +
- {directory_indices, [Index, ...]}
- Indicate one or more directory index files, similarly to Apache’s DirectoryIndex variable. When a web request hits a directory instead of a regular file, those directory indices are looked in order, and the first one found is returned. -
- content_types
- Specify a mapping of extensions to content types. There are several content types already defined, with this option you can add new definitions, modify or delete existing ones. To delete an existing definition, simply define it with a value: ‘undefined’. -
- default_content_type
- +
- {default_content_type, Type}
- Specify the content type to use for unknown extensions. Default value is ‘application/octet-stream’.
This example configuration will serve the files from @@ -2165,78 +2157,18 @@ To use this module you must enable it: }, ... ]}. -
-3.3.8 mod_irc
This module is an IRC transport that can be used to join channels on IRC -servers.
End user information: - -
- -A Jabber client with ‘groupchat 1.0’ support or Multi-User -Chat support (XEP-0045) is necessary to join IRC channels. -
- An IRC channel can be joined in nearly the same way as joining a -Jabber Multi-User Chat room. The difference is that the room name will -be ‘channel%irc.example.org’ in case irc.example.org is -the IRC server hosting ‘channel’. And of course the host should point -to the IRC transport instead of the Multi-User Chat service. -
- You can register your nickame by sending ‘IDENTIFY password’ to
- nickserver!irc.example.org@irc.jabberserver.org. -- Entering your password is possible by sending ‘LOGIN nick password’
- to nickserver!irc.example.org@irc.jabberserver.org. -- The IRC transport provides Ad-Hoc Commands (XEP-0050) -to join a channel, and to set custom IRC username and encoding. -
- When using a popular Jabber server, it can occur that no -connection can be achieved with some IRC servers because they limit the -number of conections from one IP. -
Options: -
- - -host
- This option defines the Jabber ID of the -service. If the host option is not specified, the Jabber ID will be the -hostname of the virtual host with the prefix ‘irc.’. The keyword "@HOST@" -is replaced at start time with the real virtual host name. - -
- access
- This option can be used to specify who -may use the IRC transport (default value: all). -
- default_encoding
- Set the default IRC encoding (default value: "koi8-r"). -
Examples: -
-
- -In the first example, the IRC transport is available on (all) your -virtual host(s) with the prefix ‘irc.’. Furthermore, anyone is -able to use the transport. The default encoding is set to "iso8859-15". -
{modules, - [ - ... - {mod_irc, [{access, all}, {default_encoding, "iso8859-15"}]}, - ... - ]}. -- In next example the IRC transport is available with JIDs with prefix irc-t.net. -Moreover, the transport is only accessible to two users -of example.org, and any user of example.com: -
{acl, paying_customers, {user, "customer1", "example.org"}}. -{acl, paying_customers, {user, "customer2", "example.org"}}. -{acl, paying_customers, {server, "example.com"}}. - -{access, irc_users, [{allow, paying_customers}, {deny, all}]}. - -{modules, - [ - ... - {mod_irc, [{access, irc_users}, - {host, "irc.example.net"}]}, - ... - ]}. -3.3.9 mod_last
This module adds support for Last Activity (XEP-0012). It can be used to +
+3.3.8 mod_last
This module adds support for Last Activity (XEP-0012). It can be used to discover when a disconnected user last accessed the server, to know when a connected user was last active on the server, or to query the uptime of the ejabberd server.
Options:
-
- -iqdisc
- This specifies +{iqdisc, Discipline}
- This specifies the processing discipline for Last activity (jabber:iq:last) IQ queries (see section 3.3.2).
3.3.10 mod_muc
This module provides a Multi-User Chat (XEP-0045) service. +
3.3.9 mod_muc
This module provides a Multi-User Chat (XEP-0045) service. Users can discover existing rooms, join or create them. Occupants of a room can chat in public or have private chats.
Some of the features of Multi-User Chat:
-
- @@ -2257,20 +2189,20 @@ set of rooms goes down, the rooms disappear and they will be recreated on an available node on first connection attempt.
Module options:
- -host
- This option defines the Jabber ID of the +{host, HostName}
- This option defines the Jabber ID of the service. If the host option is not specified, the Jabber ID will be the hostname of the virtual host with the prefix ‘conference.’. The keyword "@HOST@" is replaced at start time with the real virtual host name. -
- access
- You can specify who is allowed to use +
- {access, AccessName}
- You can specify who is allowed to use the Multi-User Chat service. By default everyone is allowed to use it. -
- access_create
- To configure who is +
- {access_create, AccessName}
- To configure who is allowed to create new rooms at the Multi-User Chat service, this option can be used. By default everybody is allowed to create rooms. -
- access_persistent
- To configure who is +
- {access_persistent, AccessName}
- To configure who is allowed to modify the ’persistent’ room option. By default everybody is allowed to modify that option. -
- access_admin
- This option specifies +
- {access_admin, AccessName}
- This option specifies who is allowed to administrate the Multi-User Chat service. The default value is none, which means that only the room creator can administer his room. @@ -2278,7 +2210,7 @@ The administrators can send a normal message to the service JID, and it will be shown in all active rooms as a service message. The administrators can send a groupchat message to the JID of an active room, and the message will be shown in the room as a service message. -
- history_size
- A small history of +
- {history_size, Size}
- A small history of the current discussion is sent to users when they enter the room. With this option you can define the number of history messages to keep and send to users joining the room. The value is an @@ -2286,35 +2218,35 @@ integer. Setting the value to 0 disables the history feature and, as a result, nothing is kept in memory. The default value is 20. This value is global and thus affects all rooms on the service. -
- max_users
- This option defines at +
- {max_users, Number}
- This option defines at the service level, the maximum number of users allowed per room. It can be lowered in each room configuration but cannot be increased in individual room configuration. The default value is 200. -
- max_users_admin_threshold
- +
- {max_users_admin_threshold, Number}
- This option defines the number of service admins or room owners allowed to enter the room when the maximum number of allowed occupants was reached. The default limit is 5. -
- max_user_conferences
- +
- {max_user_conferences, Number}
- This option defines the maximum number of rooms that any given user can join. The default value is 10. This option is used to prevent possible abuses. Note that this is a soft limit: some users can sometimes join more conferences in cluster configurations. -
- max_room_id
- +
- {max_room_id, Number}
- This option defines the maximum number of characters that Room ID can have when creating a new room. The default value is to not limit: infinite. -
- max_room_name
- +
- {max_room_name, Number}
- This option defines the maximum number of characters that Room Name can have when configuring the room. The default value is to not limit: infinite. -
- max_room_desc
- +
- {max_room_desc, Number}
- This option defines the maximum number of characters that Room Description can have when configuring the room. The default value is to not limit: infinite. -
- min_message_interval
- +
- {min_message_interval, Number}
- This option defines the minimum interval between two messages send by an occupant in seconds. This option is global and valid for all rooms. A decimal value can be used. When this option is not defined, @@ -2324,7 +2256,7 @@ be broadcasted by the service. A good value for this minimum message interval is 0.4 second. If an occupant tries to send messages faster, an error is send back explaining that the message has been discarded and describing the reason why the message is not acceptable. -
- min_presence_interval
- +
- {min_presence_interval, Number}
- This option defines the minimum of time between presence changes coming from a given occupant in seconds. This option is global and valid for all rooms. A @@ -2336,36 +2268,36 @@ presence is cached by ejabberd and only the last presence is broadcasted to all occupants in the room after expiration of the interval delay. Intermediate presence packets are silently discarded. A good value for this option is 4 seconds. -
- default_room_options
- +
- {default_room_options, [ {OptionName, OptionValue}, ...]}
- This module option allows to define the desired default room options. Note that the creator of a room can modify the options of his room at any time using a Jabber client with MUC capability. The available room options and the default values are:
All of those room options can be set to true or false, except password and title which are strings, @@ -2458,7 +2390,7 @@ the newly created rooms have by default those options. ... ]}.
- -{allow_change_subj, true}
- Allow occupants to change the subject. -
- {allow_private_messages, true}
- Occupants can send private messages to other occupants. -
- {allow_query_users, true}
- Occupants can send IQ queries to other occupants. -
- {allow_user_invites, false}
- Allow occupants to send invitations. -
- {allow_visitor_nickchange, true}
- Allow visitors to +{allow_change_subj, true|false}
- Allow occupants to change the subject. +
- {allow_private_messages, true|false}
- Occupants can send private messages to other occupants. +
- {allow_query_users, true|false}
- Occupants can send IQ queries to other occupants. +
- {allow_user_invites, false|true}
- Allow occupants to send invitations. +
- {allow_visitor_nickchange, true|false}
- Allow visitors to change nickname. -
- {allow_visitor_status, true}
- Allow visitors to send +
- {allow_visitor_status, true|false}
- Allow visitors to send status text in presence updates. If disallowed, the status text is stripped before broadcasting the presence update to all the room occupants. -
- {anonymous, true}
- The room is anonymous: +
- {anonymous, true|false}
- The room is anonymous: occupants don’t see the real JIDs of other occupants. Note that the room moderators can always see the real JIDs of the occupants. -
- {logging, false}
- The public messages are logged using mod_muc_log. +
- {logging, false|true}
- The public messages are logged using mod_muc_log.
- {max_users, 200}
- Maximum number of occupants in the room. -
- {members_by_default, true}
- The occupants that enter the room are participants by default, so they have ’voice’. -
- {members_only, false}
- Only members of the room can enter. -
- {moderated, true}
- Only occupants with ’voice’ can send public messages. -
- {password, ""}
- Password of the room. You may want to enable the next option too. -
- {password_protected, false}
- The password is required to enter the room. -
- {persistent, false}
- The room persists even if the last participant leaves. -
- {public, true}
- The room is public in the list of the MUC service, so it can be discovered. -
- {public_list, true}
- The list of participants is public, without requiring to enter the room. -
- {title, ""}
- A human-readable title of the room. +
- {members_by_default, true|false}
- The occupants that enter the room are participants by default, so they have ’voice’. +
- {members_only, false|true}
- Only members of the room can enter. +
- {moderated, true|false}
- Only occupants with ’voice’ can send public messages. +
- {password, "roompass123"}
- Password of the room. You may want to enable the next option too. +
- {password_protected, false|true}
- The password is required to enter the room. +
- {persistent, false|true}
- The room persists even if the last participant leaves. +
- {public, true|false}
- The room is public in the list of the MUC service, so it can be discovered. +
- {public_list, true|false}
- The list of participants is public, without requiring to enter the room. +
- {title, "Room Title"}
- A human-readable title of the room.
3.3.11 mod_muc_log
3.3.10 mod_muc_log
This module enables optional logging of Multi-User Chat (MUC) public conversations to HTML. Once you enable this module, users can join a room using a MUC capable Jabber client, and if they have enough privileges, they can request the @@ -2468,7 +2400,7 @@ Room details are added on top of each page: room title, JID, author, subject and configuration.
- The room JID in the generated HTML is a link to join the room (using -XMPP URI). +XMPP URI).
- Subject and room configuration changes are tracked and displayed.
- Joins, leaves, nick changes, kicks, bans and ‘/me’ are tracked and displayed, including the reason if available. @@ -2481,53 +2413,52 @@ displayed, including the reason if available.
- A custom link can be added on top of each page.
Options:
- -access_log
- +{access_log, AccessName}
- This option restricts which occupants are allowed to enable or disable room logging. The default value is muc_admin. Note for this default setting you need to have an access rule for muc_admin in order to take effect. -
- cssfile
- +
- {cssfile, false|URL}
- With this option you can set whether the HTML files should have a custom CSS file or if they need to use the embedded CSS file. Allowed values are false and an URL to a CSS file. With the first value, HTML files will include the embedded CSS code. With the latter, you can specify the URL of the -custom CSS file (for example: ‘http://example.com/my.css’). The default value +custom CSS file (for example: "http://example.com/my.css"). The default value is false. -
- dirname
- +
- {dirname, room_jid|room_name}
- Allows to configure the name of the room directory. Allowed values are room_jid and room_name. With the first value, the room directory name will be the full room JID. With the latter, the room directory name will be only the room name, not including the MUC service name. The default value is room_jid. -
- dirtype
- +
- {dirtype, subdirs|plain}
- The type of the created directories can be specified with this option. Allowed values are subdirs and plain. With the first value, subdirectories are created for each year and month. With the latter, the names of the log files contain the full date, and there are no subdirectories. The default value is subdirs. -
- file_format
- +
- {file_format, html|plaintext}
- Define the format of the log files: html stores in HTML format, plaintext stores in plain text. The default value is html. -
- outdir
- +
- {outdir, Path}
- This option sets the full path to the directory in which the HTML files should be stored. Make sure the ejabberd daemon user has write access on that directory. The default value is "www/muc". -
- spam_prevention
- +
- {spam_prevention true|false}
- To prevent spam, the spam_prevention option adds a special attribute to links that prevent their indexation by search engines. The default value is true, which mean that nofollow attributes will be added to user submitted links. -
- timezone
- +
- {timezone, local|universal}
- The time zone for the logs is configurable with this option. Allowed values are local and universal. With the first value, the local time, as reported to Erlang by the operating system, will be used. With the latter, GMT/UTC time will be used. The default value is local. -
- top_link
- +
- {top_link, {URL, Text}}
- With this option you can customize the link on the top right corner of each -log file. The syntax of this option is {"URL", "Text"}. The default -value is {"/", "Home"}. +log file. The default value is {"/", "Home"}.
Examples:
-
- In the first example any room owner can enable logging, and a @@ -2578,14 +2509,14 @@ top link will be the default
<a href="/">Home</a>. ... ]}.3.3.12 mod_offline
This module implements offline message storage (XEP-0160). +
3.3.11 mod_offline
This module implements offline message storage (XEP-0160). This means that all messages sent to an offline user will be stored on the server until that user comes online again. Thus it is very similar to how email works. Note that ejabberdctl has a command to delete expired messages (see section 4.1).
- -access_max_user_messages
- +{access_max_user_messages, Number}
- This option defines which access rule will be enforced to limit the maximum number of offline messages that a user can have (quota). When a user has too many offline messages, any new messages that he receive are discarded, @@ -2610,12 +2541,12 @@ and all the other users up to 100. ... ]}. -
3.3.13 mod_ping
This module implements support for XMPP Ping (XEP-0199) and periodic keepalives. +
3.3.12 mod_ping
This module implements support for XMPP Ping (XEP-0199) and periodic keepalives. When this module is enabled ejabberd responds correctly to ping requests, as defined in the protocol.
Configuration options:
- -{send_pings, true | false}
- +{send_pings, true|false}
- If this option is set to true, the server sends pings to connected clients that are not active in a given interval ping_interval. This is useful to keep client connections alive or checking availability. @@ -2625,7 +2556,7 @@ How often to send pings to connected clients, if the previous option is enabled. If a client connection does not send or receive any stanza in this interval, a ping request is sent to the client. The default value is 60 seconds. -
- {timeout_action, none | kill}
- +
- {timeout_action, none|kill}
- What to do when a client does not answer to a server ping request in less than 32 seconds. The default is to do nothing.
This example enables Ping responses, configures the module to send pings @@ -2638,7 +2569,7 @@ and if a client does not answer to the ping in less than 32 seconds, its connect ... ]}.
-3.3.14 mod_privacy
3.3.13 mod_privacy
This module implements Blocking Communication (also known as Privacy Rules) as defined in section 10 from XMPP IM. If end users have support for it in their Jabber client, they will be able to: @@ -2660,47 +2591,50 @@ or subscription type (or globally).
- Allowing or blocking all communications based on JID, group, or subscription type (or globally).
-(from http://www.xmpp.org/specs/rfc3921.html#privacy) +(from http://xmpp.org/specs/rfc3921.html#privacy)Options:
-
- -iqdisc
- This specifies +{iqdisc, Discipline}
- This specifies the processing discipline for Blocking Communication (jabber:iq:privacy) IQ queries (see section 3.3.2).
3.3.15 mod_private
This module adds support for Private XML Storage (XEP-0049): +
3.3.14 mod_private
This module adds support for Private XML Storage (XEP-0049):
Using this method, Jabber entities can store private data on the server and retrieve it whenever necessary. The data stored might be anything, as long as it is valid XML. One typical usage for this namespace is the server-side storage -of client-specific preferences; another is Bookmark Storage (XEP-0048). +of client-specific preferences; another is Bookmark Storage (XEP-0048).Options:
-
- -iqdisc
- This specifies +{iqdisc, Discipline}
- This specifies the processing discipline for Private XML Storage (jabber:iq:private) IQ queries (see section 3.3.2).
3.3.16 mod_proxy65
This module implements SOCKS5 Bytestreams (XEP-0065). +
3.3.15 mod_proxy65
This module implements SOCKS5 Bytestreams (XEP-0065). It allows ejabberd to act as a file transfer proxy between two XMPP clients.
Options:
- -host
- This option defines the hostname of the service. -If this option is not set, the prefix ‘proxy.’ is added to ejabberd -hostname. -
- name
- Defines Service Discovery name of the service. + +{host, HostName}
- This option defines the Jabber ID of the +service. If the host option is not specified, the Jabber ID will be the +hostname of the virtual host with the prefix ‘proxy.’. The keyword "@HOST@" +is replaced at start time with the real virtual host name. + +
- {name, Text}
- Defines Service Discovery name of the service. Default is "SOCKS5 Bytestreams". -
- ip
- This option specifies which network interface +
- {ip, IPTuple}
- This option specifies which network interface to listen for. Default is an IP address of the service’s DNS name, or, if fails,
{127,0,0,1}. -- port
- This option defines port to listen for +
- {port, Number}
- This option defines port to listen for incoming connections. Default is 7777. -
- auth_type
- SOCKS5 authentication type. +
- {auth_type, anonymous|plain}
- SOCKS5 authentication type. Possible values are anonymous and plain. Default is anonymous. -
- access
- Defines ACL for file transfer initiators. +
- {access, AccessName}
- Defines ACL for file transfer initiators. Default is all. -
- max_connections
- Maximum number of +
- {max_connections, Number}
- Maximum number of active connections per file transfer initiator. No limit by default. -
- shaper
- This option defines shaper for +
- {shaper, none|ShaperName}
- This option defines shaper for the file transfer peers. Shaper with the maximum bandwidth will be selected. Default is none.
Examples: @@ -2733,38 +2667,38 @@ The simpliest configuration of the module: ... ]}.
-3.3.17 mod_pubsub
This module offers a Publish-Subscribe Service (XEP-0060). +
3.3.16 mod_pubsub
This module offers a Publish-Subscribe Service (XEP-0060). The functionality in mod_pubsub can be extended using plugins. -The plugin that implements PEP (Personal Eventing via Pubsub) (XEP-0163) +The plugin that implements PEP (Personal Eventing via Pubsub) (XEP-0163) is enabled in the default ejabberd configuration file, and it requires mod_caps.
Options:
- -host
- This option defines the Jabber ID of the +{host, HostName}
- This option defines the Jabber ID of the service. If the host option is not specified, the Jabber ID will be the hostname of the virtual host with the prefix ‘pubsub.’. The keyword "@HOST@" is replaced at start time with the real virtual host name. -
- access_createnode
- +
- {access_createnode, AccessName}
- This option restricts which users are allowed to create pubsub nodes using -ACL and ACCESS. The default value is pubsub_createnode.
- plugins
- +ACL and ACCESS. The default value is pubsub_createnode.
- {plugins, [ Plugin, ...]}
- To specify which pubsub node plugins to use. If not defined, the default pubsub plugin is always used. -
- nodetree
- +
- {nodetree, Name}
- To specify which nodetree to use. If not defined, the default pubsub nodetree is used. Only one nodetree can be used per host, and is shared by all node plugins. -
- pep_sendlast_offline
- +
- {pep_sendlast_offline, false|true}
- To specify whether or not we should get last published PEP items from users in our roster which are offline when we connect. Value is true or false. If not defined, pubsub assumes false so we only get last items of online contacts. -
- last_item_cache
- +
- {last_item_cache, false|true}
- To specify whether or not pubsub should cache last items. Value is true or false. If not defined, pubsub do not cache last items. On systems with not so many nodes, caching last items speeds up pubsub and allows to raise user connection rate. The cost is memory usage, as every item is stored in memory. -
- pep_mapping
- +
- {pep_mapping, [ {Key, Value}, ...]}
- This allow to define a Key-Value list to choose defined node plugins on given PEP namespace. The following example will use node_tune instead of node_pep for every PEP node with tune namespace:
{mod_pubsub, [{pep_mapping, [{"http://jabber.org/protocol/tune", "tune"}]}]} @@ -2779,8 +2713,8 @@ The following example will use node_tune instead of node_pep for every PEP node ... ]}.-3.3.18 mod_register
This module adds support for In-Band Registration (XEP-0077). This protocol +
3.3.17 mod_register
This module adds support for In-Band Registration (XEP-0077). This protocol enables end users to use a Jabber client to:
- Register a new account on the server. @@ -2788,17 +2722,17 @@ Register a new account on the server.
- Delete an existing account on the server.
Options:
- -access
- This option can be configured to specify +{access, AccessName}
- This option can be configured to specify rules to restrict registration. If a rule returns ‘deny’ on the requested user name, registration for that user name is denied. (there are no restrictions by default). -
- welcome_message
- Set a welcome message that +
- {welcome_message, Message}
- Set a welcome message that is sent to each newly registered account. The first string is the subject, and the second string is the message body. In the body you can set a newline with the characters:
\n-- registration_watchers
- This option defines a +
- {registration_watchers, [ JID, ...]}
- This option defines a list of JIDs which will be notified each time a new account is registered. -
- iqdisc
- This specifies +
- {iqdisc, Discipline}
- This specifies the processing discipline for In-Band Registration (jabber:iq:register) IQ queries (see section 3.3.2).
This module reads also another option defined globally for the server: {registration_timeout, Timeout}. @@ -2852,17 +2786,17 @@ Also define a registration timeout of one hour: ... ]}.
-3.3.19 mod_roster
3.3.18 mod_roster
This module implements roster management as defined in -RFC 3921: XMPP IM. -It also supports Roster Versioning (XEP-0237).
Options: +RFC 3921: XMPP IM. +It also supports Roster Versioning (XEP-0237).
Options:
- -iqdisc
- This specifies +{iqdisc, Discipline}
- This specifies the processing discipline for Roster Management (jabber:iq:roster) IQ queries (see section 3.3.2). -
- {versioning, false | true}
- Enables +
- {versioning, false|true}
- Enables Roster Versioning. This option is disabled by default. -
- {store_current_id, false | true}
- +
- {store_current_id, false|true}
- If this option is enabled, the current version number is stored on the database. If disabled, the version number is calculated on the fly each time. Enabling this option reduces the load for both ejabberd and the database. @@ -2878,14 +2812,14 @@ Important: if you use mod_shared_roster, you must disable this option. ... ]}. -
3.3.20 mod_service_log
3.3.19 mod_service_log
This module adds support for logging end user packets via a Jabber message auditing service such as Bandersnatch. All user packets are encapsulated in a
<route/>element and sent to the specified service(s).Options:
- -loggers
- With this option a (list of) service(s) +{loggers, [Names, ...]}
- With this option a (list of) service(s) that will receive the packets can be specified.
Examples:
-
- @@ -2908,7 +2842,7 @@ To log all end user packets to the Bandersnatch service running on ... ]}.
3.3.21 mod_shared_roster
3.3.20 mod_shared_roster
This module enables you to create shared roster groups. This means that you can create groups of people that can see members from (other) groups in their rosters. The big advantages of this feature are that end users do not need to @@ -2983,8 +2917,8 @@ roster groups as shown in the following table:
This module adds support for Statistics Gathering (XEP-0039). This protocol +
This module adds support for Statistics Gathering (XEP-0039). This protocol allows you to retrieve next statistics from your ejabberd deployment:
Options:
As there are only a small amount of clients (for example Tkabber) and software libraries with @@ -3015,40 +2949,40 @@ by sending: </query> </iq>
-This module features support for Entity Time (XEP-0202). By using this XEP, +
This module features support for Entity Time (XEP-0202). By using this XEP, you are able to discover the time at another entity’s location.
Options:
This module allows end users to store and retrieve their vCard, and to retrieve -other users vCards, as defined in vcard-temp (XEP-0054). The module also +other users vCards, as defined in vcard-temp (XEP-0054). The module also implements an uncomplicated Jabber User Directory based on the vCards of these users. Moreover, it enables the server to send its vCard when queried.
Options:
ejabberd can map LDAP attributes to vCard fields. This behaviour is implemented in the mod_vcard_ldap module. This module does not depend on the authentication method (see 3.2.5).
Note that ejabberd treats LDAP as a read-only storage: @@ -3092,32 +3026,35 @@ about these options. If one of these options is not set, ejabberd will for the top-level option with the same name.
The second group of parameters consists of the following mod_vcard_ldap-specific options:
[{"NICKNAME", "%u", []},
{"FN", "%s", ["displayName"]},
{"LAST", "%s", ["sn"]},
@@ -3138,9 +3075,9 @@ will be replaced with the domain part of a JID. The default is:
{"BDAY", "%s", ["birthDay"]},
{"ROLE", "%s", ["employeeType"]},
{"PHOTO", "%s", ["jpegPhoto"]}]
-[{"Full Name", "FN"},
@@ -3253,13 +3190,13 @@ searching his info in LDAP.This module implements Software Version (XEP-0092). Consequently, it +
This module implements Software Version (XEP-0092). Consequently, it answers ejabberd’s version when queried.
Options:
AccessCommands = [ {Access, CommandNames, Arguments} ]
+AccessCommands = [ {Access, CommandNames, Arguments}, ...]
Access = atom()
CommandNames = all | [CommandName]
CommandName = atom()
-Arguments = [{ArgumentName, ArgumentValue}]
+Arguments = [ {ArgumentName, ArgumentValue}, ...]
ArgumentName = atom()
ArgumentValue = any()
The default value is to not define any restriction: [].
@@ -3563,7 +3500,7 @@ See section 4.1.2.
If you enable mod_configure and mod_adhoc,
you can perform several administrative tasks in ejabberd
with a Jabber client.
-The client must support Ad-Hoc Commands (XEP-0050),
+The client must support Ad-Hoc Commands (XEP-0050),
and you must login in the Jabber server with
an account with proper privileges.
4.5 Change Computer Hostname
ejabberd uses the distributed Mnesia database.
@@ -3755,7 +3692,7 @@ the Erlang shell. This probably can take some time if Mnesia has not yet
transfered and processed all data it needed from first.
acl’
and ‘access’ options because they will be taken from
-first; and mod_irc should be
+first. If you installed mod_irc, notice that it should be
enabled only on one machine in the cluster.
You can repeat these steps for other machines supposed to serve this domain.
@@ -3763,8 +3700,8 @@ domain.ejabberd includes an algorithm to load balance the components that are plugged on an ejabberd cluster. It means that you can plug one or several instances of the same component on each ejabberd cluster and that the traffic will be automatically distributed.
The default distribution algorithm try to deliver to a local instance of a component. If several local instances are available, one instance is chosen randomly. If no instance is available locally, one instance is chosen randomly among the remote component instances.
If you need a different behaviour, you can change the load balancing behaviour with the option domain_balancing. The syntax of the option is the following:
{domain_balancing, "component.example.com", <balancing_criterium>}.
-Several balancing criteria are available: +
ejabberd includes an algorithm to load balance the components that are plugged on an ejabberd cluster. It means that you can plug one or several instances of the same component on each ejabberd cluster and that the traffic will be automatically distributed.
The default distribution algorithm try to deliver to a local instance of a component. If several local instances are available, one instance is chosen randomly. If no instance is available locally, one instance is chosen randomly among the remote component instances.
If you need a different behaviour, you can change the load balancing behaviour with the option domain_balancing. The syntax of the option is the following: +
Several balancing criteria are available:
When there is a risk of failure for a given component, domain balancing can cause service trouble. If one component is failing the service will not work correctly unless the sessions are rebalanced.
In this case, it is best to limit the problem to the sessions handled by the failing component. This is what the domain_balancing_component_number option does, making the load balancing algorithm not dynamic, but sticky on a fix number of component instances.
The syntax is the following: -
{domain_balancing_component_number, "component.example.com", N}
-
+When there is a risk of failure for a given component, domain balancing can cause service trouble. If one component is failing the service will not work correctly unless the sessions are rebalanced.
In this case, it is best to limit the problem to the sessions handled by the failing component. This is what the domain_balancing_component_number option does, making the load balancing algorithm not dynamic, but sticky on a fix number of component instances.
The syntax is: +
An ejabberd node writes two log files:
The option loglevel modifies the verbosity of the file ejabberd.log. -The possible levels are: +
The option loglevel modifies the verbosity of the file ejabberd.log. The syntax is: +
The possible Level are:
The memory consumed is measured in words: + in the ejabberd configuration file.
The syntax is: +
The memory consumed is measured in words: a word on 32-bit architecture is 4 bytes, and a word on 64-bit architecture is 8 bytes. The threshold by default is 1000000 words. This value can be configured with the option watchdog_large_heap, -or in a conversation with the watchdog alert bot.
Example configuration: +or in a conversation with the watchdog alert bot.
The syntax is: +
Example configuration:
{watchdog_admins, ["admin2@localhost", "admin2@example.org"]}.
{watchdog_large_heap, 30000000}.
To remove watchdog admins, remove them in the option.
diff --git a/doc/guide.tex b/doc/guide.tex
index f21af0e4e..90df674fb 100644
--- a/doc/guide.tex
+++ b/doc/guide.tex
@@ -59,6 +59,7 @@
\newcommand{\shell}[1]{\texttt{#1}}
\newcommand{\ejabberd}{\texttt{ejabberd}}
\newcommand{\Jabber}{Jabber}
+\newcommand{\esyntax}[1]{\begin{description}\titem{#1}\end{description}}
%% Modules
\newcommand{\module}[1]{\texttt{#1}}
@@ -105,10 +106,10 @@
%\ifthenelse{\boolean{modhttpbind}}{\input{mod_http_bind.tex}}{}
%% Common options
-\newcommand{\iqdiscitem}[1]{\titem{iqdisc} \ind{options!iqdisc}This specifies
+\newcommand{\iqdiscitem}[1]{\titem{\{iqdisc, Discipline\}} \ind{options!iqdisc}This specifies
the processing discipline for #1 IQ queries (see section~\ref{modiqdiscoption}).}
\newcommand{\hostitem}[1]{
- \titem{host} \ind{options!host} This option defines the Jabber ID of the
+ \titem{\{host, HostName\}} \ind{options!host} This option defines the Jabber ID of the
service. If the \texttt{host} option is not specified, the Jabber ID will be the
hostname of the virtual host with the prefix `\jid{#1.}'. The keyword "@HOST@"
is replaced at start time with the real virtual host name.
@@ -594,7 +595,7 @@ host name(s) stored in the database will be used.
You can override the old values stored in the database by adding next lines to
-the configuration file:
+the beginning of the configuration file:
\begin{verbatim}
override_global.
override_local.
@@ -610,20 +611,18 @@ and ACLs will be removed before new ones are added.
The option \option{hosts} defines a list containing one or more domains that
\ejabberd{} will serve.
+The syntax is:
+\esyntax{\{hosts, [HostName, ...]\}.}
+
Examples:
\begin{itemize}
\item Serving one domain:
\begin{verbatim}
{hosts, ["example.org"]}.
\end{verbatim}
-\item Serving one domain, and backwards compatible with older \ejabberd{}
- versions:
+\item Serving three domains:
\begin{verbatim}
-{host, "example.org"}.
-\end{verbatim}
-\item Serving two domains:
-\begin{verbatim}
-{hosts, ["example.net", "example.com"]}.
+{hosts, ["example.net", "example.com", "jabber.somesite.org"]}.
\end{verbatim}
\end{itemize}
@@ -631,11 +630,10 @@ Examples:
\ind{virtual hosting}\ind{virtual hosts}\ind{virtual domains}
Options can be defined separately for every virtual host using the
-\term{host\_config} option.\ind{options!host\_config} It has the following
-syntax:
-\begin{verbatim}
-{host_config,