Chapril/xmpp.chapril.org-ejabberd
26
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2025-01-03 18:02:28 +01:00
Code Releases Activity

Modernize the example config a bit

Browse Source
This commit is contained in:
Evgeniy Khramtsov 2017-11-20 13:34:16 +03:00
parent 98b411523d
commit c26b56679e
1 changed files with 30 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
ejabberd.yml.example
View File

@ -103,20 +103,37 @@ hosts:
## ##
## route_subdomains: s2s ## route_subdomains: s2s
###. =============== ###. ============
###' LISTENING PORTS ###' Certificates
## List all available PEM files containing certificates for your domains,
## chains of certificates or certificate keys. Full chains will be built
## automatically by ejabberd.
##
## certfiles:
## - "/etc/letsencrypt/live/example.org/*.pem"
## - "/etc/letsencrypt/live/example.com/*.pem"
###. =================
###' TLS configuration
## Define common macros used by listeners
## define_macro: ## define_macro:
## 'CIPHERS': "ECDH:DH:!3DES:!aNULL:!eNULL:!MEDIUM@STRENGTH" ## 'TLS_CIPHERS': "HIGH:!aNULL:!eNULL:!3DES:@STRENGTH"
## 'TLSOPTS': ## 'TLS_OPTIONS':
## - "no_sslv2"
## - "no_sslv3" ## - "no_sslv3"
## - "no_tlsv1"
## - "no_tlsv1_1"
## - "cipher_server_preference" ## - "cipher_server_preference"
## - "no_compression" ## - "no_compression"
## 'DHFILE': "/path/to/dhparams.pem" # generated with: openssl dhparam -out dhparams.pem 2048 ## 'DHFILE': "/path/to/dhparams.pem" # generated with: openssl dhparam -out dhparams.pem 2048
##
## c2s_dhfile: 'DH_FILE'
## s2s_dhfile: 'DH_FILE'
## c2s_ciphers: 'TLS_CIPHERS'
## s2s_ciphers: 'TLS_CIPHERS'
## c2s_protocol_options: 'TLS_OPTIONS'
## s2s_protocol_options: 'TLS_OPTIONS'
###. ===============
###' LISTENING PORTS
## ##
## listen: The ports ejabberd will listen on, which service each is handled ## listen: The ports ejabberd will listen on, which service each is handled
@ -129,12 +146,9 @@ listen:
module: ejabberd_c2s module: ejabberd_c2s
## ##
## If TLS is compiled in and you installed a SSL ## If TLS is compiled in and you installed a SSL
## certificate, uncomment these lines: ## certificate, uncomment this line:
## ##
## starttls: true ## starttls: true
## protocol_options: 'TLSOPTS'
## dhfile: 'DHFILE'
## ciphers: 'CIPHERS'
## ##
## To enforce TLS encryption for client connections, ## To enforce TLS encryption for client connections,
## use this instead of the "starttls" option: ## use this instead of the "starttls" option:
@ -225,17 +239,6 @@ listen:
## password storage (see auth_password_format option). ## password storage (see auth_password_format option).
## disable_sasl_mechanisms: "digest-md5" ## disable_sasl_mechanisms: "digest-md5"
###. ============
###' Certificates
## List all available PEM files containing certificates for your domains,
## chains of certificates or certificate keys. Full chains will be built
## automatically by ejabberd.
##
## certfiles:
## - "/etc/letsencrypt/live/example.org/*.pem"
## - "/etc/letsencrypt/live/example.com/*.pem"
###. ================== ###. ==================
###' S2S GLOBAL OPTIONS ###' S2S GLOBAL OPTIONS
@ -246,10 +249,6 @@ listen:
## ##
## s2s_use_starttls: required ## s2s_use_starttls: required
## Custom OpenSSL options
##
## s2s_protocol_options: 'TLSOPTS'
## ##
## S2S whitelist or blacklist ## S2S whitelist or blacklist
## ##
@ -685,9 +684,6 @@ acme:
## - http://localhost:4000 - for a local version of the CA ## - http://localhost:4000 - for a local version of the CA
ca_url: "https://acme-v01.api.letsencrypt.org" ca_url: "https://acme-v01.api.letsencrypt.org"
## The directory in which certificates will be saved
cert_dir: "/usr/local/var/lib/ejabberd/"
###. ======= ###. =======
###' MODULES ###' MODULES