Commit Graph

131 Commits

Author SHA1 Message Date
Marek 5eab8450e7
New listener for encrypted ejabberd_c2s
Add a new listener on port 5223 for the TLS-enabled ejabberd_c2s, which combined with proper SRV records allows passing the XEP-0368 compliance test.
2021-02-02 15:25:19 +01:00
Badlop 0ff5b44d15 Fix YAML syntax in example configuration (#3301) 2020-06-25 12:39:44 +02:00
Badlop 38949bdeea Update example config to include mod_http_upload custom headers (#3288) 2020-06-09 13:08:05 +02:00
Licaon_Kter b0c6caa60e
Update example config 2020-06-03 07:19:02 +00:00
Holger Weiss 83fa637569 ejabberd_stun: Support IPv6 for TURN
The stun application now supports RFC 6156: TURN Extension for IPv6, and
therefore needs separate IPv4 and IPv6 relay addresses.
2020-05-19 21:42:41 +02:00
Holger Weiss 858bfb4b80 Let ejabberd_stun listen on IPv6 sockets
The stun application now allows IPv6 clients to perform STUN requests
and to allocate TURN relays.
2020-05-19 20:22:58 +02:00
Paweł Chmielowski 4580feaa3c Increase default shaper limits, to help with jingle initiation delay
More discussion about this can be found in pull request 3255
2020-05-15 09:10:57 +02:00
Jérôme Sautret 0539637d30
Merge pull request #3232 from weiss/enable-stun
Enable STUN/TURN support by default
2020-04-29 10:29:05 +02:00
Holger Weiss 69d1d62add Support XEP-0215: External Service Discovery
Add the 'mod_stun_disco' module, which allows XMPP clients to discover
STUN/TURN services and to obtain temporary credentials for using them as
per XEP-0215: External Service Discovery.  The temporary credentials
handed out to clients have the format described in:

https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00

Also add the new module to the example configuration file.

Closes #2947.
2020-04-28 10:34:43 +02:00
Holger Weiss b1b3c4cdcf Enable STUN/TURN by default
Build ejabberd with STUN/TURN support by default, and add a STUN/TURN
listener to the example configuration file.
2020-04-20 00:37:41 +02:00
Evgeny Khramtsov e4a8afb15d Replace lager with built-in new logging API
This change requires Erlang/OTP-21.0 or higher.
The commit also deprecates the following options:
  - log_rotate_date
  - log_rate_limit

Furthermore, these options have no effect. The logger now fully
relies on log_rotate_size, that cannot be 0 anymore.

The loglevel option now accepts levels in literal formats.
Those are: none, emergency, alert, critical, error, warning, notice, info, debug.
Old integer values (0-5) are still supported and automatically converted
into literal format.
2019-10-18 19:12:32 +03:00
Evgeny Khramtsov 6d9be82e1b Avoid excessive quoting in request_handlers of example config 2019-09-21 22:20:20 +03:00
Evgeny Khramtsov bacaae7873 Comment `certfiles` section in example config
Rely on ACME configuration instead
2019-09-20 16:12:15 +03:00
Evgeny Khramtsov 1162137d5d Add listener for ACME challenge in example config 2019-09-20 12:52:28 +03:00
Evgeny Khramtsov a02cff0e78 Use new configuration validator 2019-06-14 12:33:26 +03:00
Paweł Chmielowski cd10d87a9c Change indentation in ejabberd.yml.example to more consistant 2019-06-04 14:51:39 +02:00
Holger Weiss 729c8b0d24 Remove 'register' access rule from example config
The 'register' access rule isn't referenced from the 'mod_register'
options, so modifying it would have no effect.
2019-05-20 20:05:20 +02:00
Evgeny Khramtsov c7d04a82a2 Deprecate some listening options
Those are: captcha, register, web_admin, http_bind and xmlrpc
The option `request_handlers` should be used instead, e.g.:

listen:
  ...
  -
    module: ejabberd_http
    request_handlers:
      "/admin": ejabberd_web_admin
      "/bosh": mod_bosh
      "/captcha": ejabberd_captcha
      "/register": mod_register_web
      "/": ejabberd_xmlrpc
2019-04-30 11:14:14 +03:00
Evgeny Khramtsov 830a2f209a Remove TLS options from the example config
The purpose is two-fold:

- To simplify the example config.
- To avoid old TLS configuration to be persistent across
  server updates: this might bring security problems, because
  what's considered "modern" now might be insecure in the future.
2019-04-28 17:50:52 +03:00
Evgeny Khramtsov 05d088b104 Remove OMEMO related configuration from force_node_config section
This doesn't work reliably and takes a lot of effort to change it back
2019-04-28 17:45:41 +03:00
Christophe Romain 0c0862475f Add MQTT listener and module in example config 2019-02-26 14:53:05 +01:00
Christoph Scholz 7e4287ff83 add acl for mam in mod_muc 2019-01-04 15:56:41 +01:00
Evgeny Khramtsov 34ac21e66b Add HTTP listener on port 5280 for admin web interface 2018-12-13 12:06:29 +03:00
Badlop b43b8edb67 Fix a pair of small typos 2018-12-12 16:23:07 +01:00
Paweł Chmielowski f02f44ad3f Change default ciphers to intermediate 2018-12-07 14:38:54 +01:00
Paweł Chmielowski 7713edc6bb Define default ciphers/protocol_option in example config 2018-12-07 12:54:18 +01:00
Licaon_Kter ae88be2011
Config template recommend "open" access_model
...instead of "comment out", as many seem to misunderstand what and why should be or not be commented out
2018-10-15 23:15:51 +00:00
Holger Weiss 7f97f3ae75 Enable mod_proxy65 by default 2018-10-15 23:09:52 +02:00
Evgeny Khramtsov 510925c9a1 Avoid using * in 'certfiles' option of default config 2018-10-04 15:00:43 +03:00
Holger Weiss dafea66c0f Increase 'max_stanza_size' limit for c2s listener
Specify a larger 'max_stanza_size' limit for c2s connections in the
default configuration in order to reduce the risk of this limit being
hit by legitimate traffic (such as avatar uploads).
2018-09-17 00:18:38 +02:00
Holger Weiss c851f9608a Set a 'max_stanza_size' for incoming s2s listener
Specify a 'max_stanza_size' limit for incoming s2s connections in the
example configuration, but use a relatively large value in order to
minimize the risk of this limit being hit by legitimate traffic.
2018-09-16 23:57:44 +02:00
Holger Weiss 26b9d25f32 Enable TLS by default (and require it for c2s) 2018-07-18 18:22:24 +02:00
Licaon_Kter 4c06f13d18
Remove vcard search default value 2018-07-08 23:48:08 +00:00
Licaon_Kter b7f62a4fa7
Remove stats and time from template
Are these important for a new admin?
2018-07-06 01:33:41 +00:00
Evgeniy Khramtsov fbf6ba2738 Merge branch 'master' of github.com:processone/ejabberd 2018-07-02 01:08:09 +03:00
Evgeniy Khramtsov 38ec3f66c7 Enable Roster Versioning in the default config file 2018-07-02 01:08:02 +03:00
Licaon_Kter 7c5ee93c88
Default config example fix reversed text
...in enable OMEMO
2018-07-01 21:18:18 +00:00
Evgeniy Khramtsov 77163c43d2 Simplify the default configuration file
After some discussion with the community it was decided to
clean the configuration file from excessive comments and
explicitly configured default values. Also, mod_mam and
mod_http_upload have been added.

The rationale for this is to have a clean and not bloated
configuration file which doesn't scare away newcomers and
which has all features from the Compliance Suite 2018 (XEP-0387)
enabled by default.

For further configuration an admin is encouraged to read the
documentation at https://docs.ejabberd.im/admin/configuration
2018-07-01 23:57:27 +03:00
Evgeniy Khramtsov 3a5d2dbed8 Move mod_irc to ejabberd-contrib 2018-06-20 12:27:44 +03:00
imShara 815b95c623
OMEMO enable HOWTO added
Depend on #2425
2018-06-06 20:03:42 +03:00
Licaon_Kter 2c18f89d5b
Add default_db in the example config
I only found it in the docs after setting up per module db_
2018-05-28 13:19:59 +00:00
Evgeniy Khramtsov 3ac1675919 Option watchdog_admins has no effect anymore 2018-05-08 23:47:37 +03:00
Romain DEP. 2bb6782bee config: move section about direct-tls for c2s just under regular c2s config (to ease parameters comparison) 2018-03-28 23:17:43 +02:00
Evgeniy Khramtsov 75450a62b3 Clarify the statement about mod_http_upload thumbnails 2018-03-23 16:19:13 +03:00
Evgeniy Khramtsov a15039638b Force node config for bookmarks 2018-03-23 16:16:27 +03:00
Evgeniy Khramtsov 55604b2d97 Move force_node_config defaults into ejabberd.yml.example 2018-03-23 16:08:12 +03:00
Alexey Shchepin e15595df64 Add 'new_sql_schema' config option, --enable-new-sql-schema now sets its default value to true (#2239) 2018-03-15 17:55:05 +03:00
Evgeniy Khramtsov b179874ec6 Add mod_fail2ban to the example config 2018-03-10 21:41:55 +03:00
Evgeniy Khramtsov 0f86559d83 Always build eimp dependency
Even if no suitable C graphics libraries are detected
at compile time, the package is still usable because it
provides `eimp:get_type/1` which is used by mod_avatar.
2018-01-15 12:54:57 +03:00
Licaon_Kter 84819ba0fe
Fix example config macro names
These were missed in c26b56679e (diff-19e0c10699732f76181f70cfbec95d38) I guess.
2018-01-13 21:38:01 +00:00