% $Id$ % ejabberd loglevel (0: no log -> 5: debug) {loglevel, 4}. %override_acls. % Users that have admin access. Add line like one of the following after you % will be successfully registered on server to get admin access: %{acl, admin, {user, "aleksey"}}. %{acl, admin, {user, "ermine"}}. % Blocked users: %{acl, blocked, {user, "test"}}. % Local users: {acl, local, {user_regexp, ""}}. % Another examples of ACLs: %{acl, jabberorg, {server, "jabber.org"}}. %{acl, aleksey, {user, "aleksey", "jabber.ru"}}. %{acl, test, {user_regexp, "^test"}}. %{acl, test, {user_glob, "test*"}}. % Everybody can create pubsub nodes {access, pubsub_createnode, [{allow, all}]}. % Only admins can use configuration interface: {access, configure, [{allow, admin}]}. % Every username can be registered via in-band registration: % You could replace {allow, all} with {deny, all} to prevent user from using % in-band registration {access, register, [{allow, all}]}. % After successful registration user will get message with following subject % and body: {welcome_message, {"Welcome!", "Welcome to Jabber Service. " "For information about Jabber visit http://jabber.org"}}. % Replace them with 'none' if you don't want to send such message: %{welcome_message, none}. % List of people who will get notifications about registered users %{registration_watchers, ["admin1@localhost", % "admin2@localhost"]}. % Debug: % watchdog admins receive live notifications on ejabberd process consuming too % much memory % {watchdog_admins, ["admin1@localhost"]}. % Only admins can send announcement messages: {access, announce, [{allow, admin}]}. % Only non-blocked users can use c2s connections: {access, c2s, [{deny, blocked}, {allow, all}]}. % Set shaper with name "normal" to limit traffic speed to 1000B/s {shaper, normal, {maxrate, 1000}}. % Set shaper with name "fast" to limit traffic speed to 50000B/s {shaper, fast, {maxrate, 50000}}. % For all users except admins used "normal" shaper {access, c2s_shaper, [{none, admin}, {normal, all}]}. % For all S2S connections used "fast" shaper {access, s2s_shaper, [{fast, all}]}. % Admins of this server are also admins of MUC service: {access, muc_admin, [{allow, admin}]}. % All users are allowed to use MUC service: {access, muc, [{allow, all}]}. % This rule allows access only for local users: {access, local, [{allow, local}]}. % Authentication method. If you want to use internal user base, then use % this line: {auth_method, internal}. % For LDAP authentication use these lines instead of above one: %{auth_method, ldap}. %{ldap_servers, ["localhost"]}. % List of LDAP servers %{ldap_uidattr, "uid"}. % LDAP attribute that holds user ID %{ldap_base, "dc=example,dc=com"}. % Search base of LDAP directory %{ldap_rootdn, "dc=example,dc=com"}. % LDAP manager %{ldap_password, "******"}. % Password to LDAP manager % For authentication via external script use the following: %{auth_method, external}. %{extauth_program, "/path/to/authentication/script"}. % For authentication via ODBC use the following: %{auth_method, odbc}. %{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}. % Uncomment this if you are using postgres, having a large DB, and need a % faster but inexact replacement for "select count(*) from users" %{pgsql_users_number_estimate, true}. % Host name: {hosts, ["localhost"]}. %% Define the maximum number of time a single user is allowed to connect: {access, max_user_sessions, [{10, all}]}. %% Anonymous login support: %% auth_method: anonymous %% anonymous_protocol: sasl_anon|login_anon|both %% allow_multiple_connections: true|false %%{host_config, "public.example.org", [{auth_method, anonymous}, %% {allow_multiple_connections, false}, %% {anonymous_protocol, sasl_anon}]}. %% To use both anonymous and internal authentication: %%{host_config, "public.example.org", [{auth_method, [internal,anonymous]}]}. % Default language for server messages {language, "en"}. % Listened ports: {listen, [{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}, {max_stanza_size, 65536}, starttls, {certfile, "./ssl.pem"}]}, {5223, ejabberd_c2s, [{access, c2s}, {max_stanza_size, 65536}, tls, {certfile, "./ssl.pem"}]}, % Use these two lines instead if TLS support is not compiled %{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}]}, %{5223, ejabberd_c2s, [{access, c2s}, ssl, {certfile, "./ssl.pem"}]}, {5269, ejabberd_s2s_in, [{shaper, s2s_shaper}, {max_stanza_size, 131072} ]}, {5280, ejabberd_http, [http_poll, web_admin]}, {8888, ejabberd_service, [{access, all}, {shaper_rule, fast}, {hosts, ["icq.localhost", "sms.localhost"], [{password, "secret"}]}]} ]}. % Use STARTTLS+Dialback for S2S connections {s2s_use_starttls, true}. {s2s_certfile, "./ssl.pem"}. %{domain_certfile, "example.org", "./example_org.pem"}. %{domain_certfile, "example.com", "./example_com.pem"}. %% S2S Whitelist or blacklist: %{s2s_default_policy, allow}. %% Default s2s policy for undefined hosts %%{{s2s_host,"goodhost.org"}, allow}. %{{s2s_host,"badhost.org"}, deny}. % If SRV lookup fails, then port 5269 is used to communicate with remote server {outgoing_s2s_port, 5269}. % Used modules: {modules, [ {mod_register, [{access, register}]}, {mod_roster, []}, {mod_privacy, []}, {mod_adhoc, []}, {mod_configure, []}, % Depends on mod_adhoc {mod_configure2, []}, {mod_disco, []}, {mod_stats, []}, {mod_vcard, []}, {mod_offline, []}, {mod_announce, [{access, announce}]}, % Depends on mod_adhoc {mod_echo, [{host, "echo.localhost"}]}, {mod_private, []}, {mod_irc, []}, % Default options for mod_muc: % host: "conference." ++ ?MYNAME % access: all % access_create: all % access_persistent: all % access_admin: none (only room creator has owner privileges) {mod_muc, [{access, muc}, {access_create, muc}, {access_persistent, muc}, {access_admin, muc_admin}]}, % {mod_muc_log, []}, % {mod_shared_roster, []}, {mod_pubsub, [{access_createnode, pubsub_createnode}]}, {mod_time, []}, {mod_last, []}, {mod_version, []} ]}. % Local Variables: % mode: erlang % End: