25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-28 16:34:13 +01:00
Commit Graph

115 Commits

Author SHA1 Message Date
Holger Weiss
729c8b0d24 Remove 'register' access rule from example config
The 'register' access rule isn't referenced from the 'mod_register'
options, so modifying it would have no effect.
2019-05-20 20:05:20 +02:00
Evgeny Khramtsov
c7d04a82a2 Deprecate some listening options
Those are: captcha, register, web_admin, http_bind and xmlrpc
The option `request_handlers` should be used instead, e.g.:

listen:
  ...
  -
    module: ejabberd_http
    request_handlers:
      "/admin": ejabberd_web_admin
      "/bosh": mod_bosh
      "/captcha": ejabberd_captcha
      "/register": mod_register_web
      "/": ejabberd_xmlrpc
2019-04-30 11:14:14 +03:00
Evgeny Khramtsov
830a2f209a Remove TLS options from the example config
The purpose is two-fold:

- To simplify the example config.
- To avoid old TLS configuration to be persistent across
  server updates: this might bring security problems, because
  what's considered "modern" now might be insecure in the future.
2019-04-28 17:50:52 +03:00
Evgeny Khramtsov
05d088b104 Remove OMEMO related configuration from force_node_config section
This doesn't work reliably and takes a lot of effort to change it back
2019-04-28 17:45:41 +03:00
Christophe Romain
0c0862475f Add MQTT listener and module in example config 2019-02-26 14:53:05 +01:00
Christoph Scholz
7e4287ff83 add acl for mam in mod_muc 2019-01-04 15:56:41 +01:00
Evgeny Khramtsov
34ac21e66b Add HTTP listener on port 5280 for admin web interface 2018-12-13 12:06:29 +03:00
Badlop
b43b8edb67 Fix a pair of small typos 2018-12-12 16:23:07 +01:00
Paweł Chmielowski
f02f44ad3f Change default ciphers to intermediate 2018-12-07 14:38:54 +01:00
Paweł Chmielowski
7713edc6bb Define default ciphers/protocol_option in example config 2018-12-07 12:54:18 +01:00
Licaon_Kter
ae88be2011
Config template recommend "open" access_model
...instead of "comment out", as many seem to misunderstand what and why should be or not be commented out
2018-10-15 23:15:51 +00:00
Holger Weiss
7f97f3ae75 Enable mod_proxy65 by default 2018-10-15 23:09:52 +02:00
Evgeny Khramtsov
510925c9a1 Avoid using * in 'certfiles' option of default config 2018-10-04 15:00:43 +03:00
Holger Weiss
dafea66c0f Increase 'max_stanza_size' limit for c2s listener
Specify a larger 'max_stanza_size' limit for c2s connections in the
default configuration in order to reduce the risk of this limit being
hit by legitimate traffic (such as avatar uploads).
2018-09-17 00:18:38 +02:00
Holger Weiss
c851f9608a Set a 'max_stanza_size' for incoming s2s listener
Specify a 'max_stanza_size' limit for incoming s2s connections in the
example configuration, but use a relatively large value in order to
minimize the risk of this limit being hit by legitimate traffic.
2018-09-16 23:57:44 +02:00
Holger Weiss
26b9d25f32 Enable TLS by default (and require it for c2s) 2018-07-18 18:22:24 +02:00
Licaon_Kter
4c06f13d18
Remove vcard search default value 2018-07-08 23:48:08 +00:00
Licaon_Kter
b7f62a4fa7
Remove stats and time from template
Are these important for a new admin?
2018-07-06 01:33:41 +00:00
Evgeniy Khramtsov
fbf6ba2738 Merge branch 'master' of github.com:processone/ejabberd 2018-07-02 01:08:09 +03:00
Evgeniy Khramtsov
38ec3f66c7 Enable Roster Versioning in the default config file 2018-07-02 01:08:02 +03:00
Licaon_Kter
7c5ee93c88
Default config example fix reversed text
...in enable OMEMO
2018-07-01 21:18:18 +00:00
Evgeniy Khramtsov
77163c43d2 Simplify the default configuration file
After some discussion with the community it was decided to
clean the configuration file from excessive comments and
explicitly configured default values. Also, mod_mam and
mod_http_upload have been added.

The rationale for this is to have a clean and not bloated
configuration file which doesn't scare away newcomers and
which has all features from the Compliance Suite 2018 (XEP-0387)
enabled by default.

For further configuration an admin is encouraged to read the
documentation at https://docs.ejabberd.im/admin/configuration
2018-07-01 23:57:27 +03:00
Evgeniy Khramtsov
3a5d2dbed8 Move mod_irc to ejabberd-contrib 2018-06-20 12:27:44 +03:00
imShara
815b95c623
OMEMO enable HOWTO added
Depend on #2425
2018-06-06 20:03:42 +03:00
Licaon_Kter
2c18f89d5b
Add default_db in the example config
I only found it in the docs after setting up per module db_
2018-05-28 13:19:59 +00:00
Evgeniy Khramtsov
3ac1675919 Option watchdog_admins has no effect anymore 2018-05-08 23:47:37 +03:00
Romain DEP.
2bb6782bee config: move section about direct-tls for c2s just under regular c2s config (to ease parameters comparison) 2018-03-28 23:17:43 +02:00
Evgeniy Khramtsov
75450a62b3 Clarify the statement about mod_http_upload thumbnails 2018-03-23 16:19:13 +03:00
Evgeniy Khramtsov
a15039638b Force node config for bookmarks 2018-03-23 16:16:27 +03:00
Evgeniy Khramtsov
55604b2d97 Move force_node_config defaults into ejabberd.yml.example 2018-03-23 16:08:12 +03:00
Alexey Shchepin
e15595df64 Add 'new_sql_schema' config option, --enable-new-sql-schema now sets its default value to true (#2239) 2018-03-15 17:55:05 +03:00
Evgeniy Khramtsov
b179874ec6 Add mod_fail2ban to the example config 2018-03-10 21:41:55 +03:00
Evgeniy Khramtsov
0f86559d83 Always build eimp dependency
Even if no suitable C graphics libraries are detected
at compile time, the package is still usable because it
provides `eimp:get_type/1` which is used by mod_avatar.
2018-01-15 12:54:57 +03:00
Licaon_Kter
84819ba0fe
Fix example config macro names
These were missed in c26b56679e (diff-19e0c10699732f76181f70cfbec95d38) I guess.
2018-01-13 21:38:01 +00:00
Evgeniy Khramtsov
1c1b12fc64 Note about direct-tls connections in example config 2018-01-12 10:27:33 +03:00
Christophe Romain
1fac3e58b3 Fix indentation in commented example 2018-01-10 11:24:09 +01:00
Evgeniy Khramtsov
ee23b688a7 Use TLS defaults from fast_tls 2018-01-06 13:46:02 +03:00
Christophe Romain
a8c3ed5ed4 Remove obsolete option 2017-12-26 11:13:47 +01:00
Christophe Romain
47f6fc8dd2 Revert removal of certfile option on http listener 2017-12-11 11:00:24 +01:00
Christophe Romain
42b2e6c5ab Update example configuration 2017-12-11 10:27:48 +01:00
Evgeniy Khramtsov
a820d735c0 Replace s2s_cafile with ca_file in ejabberd.yml.example 2017-12-07 14:58:58 +03:00
Christophe Romain
cf8e70abc8 Fix minor typo in comment 2017-11-24 17:17:48 +01:00
Evgeniy Khramtsov
6a0e24fb14 Update URL to IM Observatory 2017-11-20 15:07:06 +03:00
Evgeniy Khramtsov
e9e56ed183 Add notes about s2s_cafile 2017-11-20 15:02:24 +03:00
Evgeniy Khramtsov
c26b56679e Modernize the example config a bit 2017-11-20 13:34:16 +03:00
Evgeniy Khramtsov
11ee896f10 Improve ACME description 2017-11-15 12:57:53 +03:00
Evgeniy Khramtsov
b04c6b7d75 Merge branch 'lets_encrypt_acme_support' of git://github.com/angelhof/ejabberd into angelhof-lets_encrypt_acme_support
Conflicts:
	rebar.config
	src/ejabberd_pkix.erl
2017-11-15 10:01:30 +03:00
Konstantinos Kallas
ce99db0595 Explain what is needed for the acme configuration and other small changes
1. Add a request handler in ejabberd_http and explain how to configure the http listener so that the challenges can be solved.
2. Make acme configuration optional by providing defaults in ejabberd_acme.
3. Save the CA that the account has been created in so that it creates a new account when connecting to a new CA.
4. Small spec change in acme configuration.
2017-11-14 14:12:33 +02:00
Konstantinos Kallas
78f494dd2e Configuration file changes
Explain the acme configuration options
2017-11-11 15:38:47 +02:00
Evgeniy Khramtsov
35b7203e01 Introduce 'certfiles' global option
The option is supposed to replace existing options 'c2s_certfile',
's2s_certfile' and 'domain_certfile'. The option accepts a list
of file paths (optionally with wildcards "*") containing either
PEM certificates or PEM private keys. At startup, ejabberd sorts
the certificates, finds matching private keys and rebuilds full
certificates chains which can be used by fast_tls. Example:

certfiles:
  - "/etc/letsencrypt/live/example.org/*.pem"
  - "/etc/letsencrypt/live/example.com/*.pem"
2017-11-01 00:20:27 +03:00