mirror of
https://github.com/processone/ejabberd.git
synced 2024-12-26 17:38:45 +01:00
dcc05ac8d0
* src/mod_configure.erl: Likewise. * src/mod_announce.erl: Likewise. * src/jlib.hrl: Likewise. * src/ejabberd.cfg.example: Likewise. * doc/guide.tex: Likewise. SVN Revision: 918
198 lines
6.1 KiB
Plaintext
198 lines
6.1 KiB
Plaintext
% $Id$
|
|
|
|
% ejabberd loglevel (0: no log -> 5: debug)
|
|
{loglevel, 4}.
|
|
|
|
%override_acls.
|
|
% Users that have admin access. Add line like one of the following after you
|
|
% will be successfully registered on server to get admin access:
|
|
%{acl, admin, {user, "aleksey"}}.
|
|
%{acl, admin, {user, "ermine"}}.
|
|
|
|
% Blocked users:
|
|
%{acl, blocked, {user, "test"}}.
|
|
|
|
% Local users:
|
|
{acl, local, {user_regexp, ""}}.
|
|
|
|
% Another examples of ACLs:
|
|
%{acl, jabberorg, {server, "jabber.org"}}.
|
|
%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
|
|
%{acl, test, {user_regexp, "^test"}}.
|
|
%{acl, test, {user_glob, "test*"}}.
|
|
|
|
% Everybody can create pubsub nodes
|
|
{access, pubsub_createnode, [{allow, all}]}.
|
|
|
|
% Only admins can use configuration interface:
|
|
{access, configure, [{allow, admin}]}.
|
|
|
|
% Every username can be registered via in-band registration:
|
|
% You could replace {allow, all} with {deny, all} to prevent user from using
|
|
% in-band registration
|
|
{access, register, [{allow, all}]}.
|
|
|
|
% Debug:
|
|
% watchdog admins receive live notifications on ejabberd process consuming too
|
|
% much memory
|
|
% {watchdog_admins, ["admin1@localhost"]}.
|
|
|
|
% Only admins can send announcement messages:
|
|
{access, announce, [{allow, admin}]}.
|
|
|
|
|
|
% Only non-blocked users can use c2s connections:
|
|
{access, c2s, [{deny, blocked},
|
|
{allow, all}]}.
|
|
|
|
% Set shaper with name "normal" to limit traffic speed to 1000B/s
|
|
{shaper, normal, {maxrate, 1000}}.
|
|
|
|
% Set shaper with name "fast" to limit traffic speed to 50000B/s
|
|
{shaper, fast, {maxrate, 50000}}.
|
|
|
|
% For all users except admins used "normal" shaper
|
|
{access, c2s_shaper, [{none, admin},
|
|
{normal, all}]}.
|
|
|
|
% For all S2S connections used "fast" shaper
|
|
{access, s2s_shaper, [{fast, all}]}.
|
|
|
|
% Admins of this server are also admins of MUC service:
|
|
{access, muc_admin, [{allow, admin}]}.
|
|
|
|
% All users are allowed to use MUC service:
|
|
{access, muc, [{allow, all}]}.
|
|
|
|
% This rule allows access only for local users:
|
|
{access, local, [{allow, local}]}.
|
|
|
|
|
|
% Authentication method. If you want to use internal user base, then use
|
|
% this line:
|
|
{auth_method, internal}.
|
|
|
|
% For LDAP authentication use these lines instead of above one:
|
|
%{auth_method, ldap}.
|
|
%{ldap_servers, ["localhost"]}. % List of LDAP servers
|
|
%{ldap_uidattr, "uid"}. % LDAP attribute that holds user ID
|
|
%{ldap_base, "dc=example,dc=com"}. % Search base of LDAP directory
|
|
%{ldap_rootdn, "dc=example,dc=com"}. % LDAP manager
|
|
%{ldap_password, "******"}. % Password to LDAP manager
|
|
|
|
% For authentication via external script use the following:
|
|
%{auth_method, external}.
|
|
%{extauth_program, "/path/to/authentication/script"}.
|
|
|
|
% For authentication via ODBC use the following:
|
|
%{auth_method, odbc}.
|
|
%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.
|
|
|
|
% Uncomment this if you are using postgres, having a large DB, and need a
|
|
% faster but inexact replacement for "select count(*) from users"
|
|
%{pgsql_users_number_estimate, true}.
|
|
|
|
|
|
% Host name:
|
|
{hosts, ["localhost"]}.
|
|
|
|
%% Define the maximum number of time a single user is allowed to connect:
|
|
{access, max_user_sessions, [{10, all}]}.
|
|
|
|
%% Anonymous login support:
|
|
%% auth_method: anonymous
|
|
%% anonymous_protocol: sasl_anon|login_anon|both
|
|
%% allow_multiple_connections: true|false
|
|
%%{host_config, "public.example.org", [{auth_method, anonymous},
|
|
%% {allow_multiple_connections, false},
|
|
%% {anonymous_protocol, sasl_anon}]}.
|
|
%% To use both anonymous and internal authentication:
|
|
%%{host_config, "public.example.org", [{auth_method, [internal,anonymous]}]}.
|
|
|
|
% Default language for server messages
|
|
{language, "en"}.
|
|
|
|
% Listened ports:
|
|
{listen,
|
|
[{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper},
|
|
{max_stanza_size, 65536},
|
|
starttls, {certfile, "./ssl.pem"}]},
|
|
{5223, ejabberd_c2s, [{access, c2s},
|
|
{max_stanza_size, 65536},
|
|
tls, {certfile, "./ssl.pem"}]},
|
|
% Use these two lines instead if TLS support is not compiled
|
|
%{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}]},
|
|
%{5223, ejabberd_c2s, [{access, c2s}, ssl, {certfile, "./ssl.pem"}]},
|
|
{5269, ejabberd_s2s_in, [{shaper, s2s_shaper},
|
|
{max_stanza_size, 131072}
|
|
]},
|
|
{5280, ejabberd_http, [http_poll, web_admin]},
|
|
{8888, ejabberd_service, [{access, all}, {shaper_rule, fast},
|
|
{hosts, ["icq.localhost", "sms.localhost"],
|
|
[{password, "secret"}]}]}
|
|
]}.
|
|
|
|
|
|
% Use STARTTLS+Dialback for S2S connections
|
|
{s2s_use_starttls, true}.
|
|
{s2s_certfile, "./ssl.pem"}.
|
|
%{domain_certfile, "example.org", "./example_org.pem"}.
|
|
%{domain_certfile, "example.com", "./example_com.pem"}.
|
|
|
|
%% S2S Whitelist or blacklist:
|
|
%{s2s_default_policy, allow}. %% Default s2s policy for undefined hosts
|
|
%%{{s2s_host,"goodhost.org"}, allow}.
|
|
%{{s2s_host,"badhost.org"}, deny}.
|
|
|
|
% If SRV lookup fails, then port 5269 is used to communicate with remote server
|
|
{outgoing_s2s_port, 5269}.
|
|
|
|
|
|
% Used modules:
|
|
{modules,
|
|
[
|
|
{mod_register, [
|
|
%% After successful registration user will get message with following subject and body:
|
|
%{welcome_message, {"Welcome!", "Welcome to this Jabber server."}},
|
|
%% List of people who will get notifications when users register
|
|
%{registration_watchers, ["admin1@example.org", "admin2@example.org"]},
|
|
{access, register}
|
|
]},
|
|
{mod_roster, []},
|
|
{mod_privacy, []},
|
|
{mod_adhoc, []},
|
|
{mod_configure, []}, % Depends on mod_adhoc
|
|
{mod_configure2, []},
|
|
{mod_disco, []},
|
|
{mod_stats, []},
|
|
{mod_vcard, []},
|
|
{mod_offline, []},
|
|
{mod_announce, [{access, announce}]}, % Depends on mod_adhoc
|
|
{mod_echo, [{host, "echo.localhost"}]},
|
|
{mod_private, []},
|
|
{mod_irc, []},
|
|
% Default options for mod_muc:
|
|
% host: "conference.@HOST@"
|
|
% access: all
|
|
% access_create: all
|
|
% access_persistent: all
|
|
% access_admin: none (only room creator has owner privileges)
|
|
{mod_muc, [{access, muc},
|
|
{access_create, muc},
|
|
{access_persistent, muc},
|
|
{access_admin, muc_admin}]},
|
|
% {mod_muc_log, []},
|
|
% {mod_shared_roster, []},
|
|
{mod_pubsub, [{access_createnode, pubsub_createnode}]},
|
|
{mod_time, []},
|
|
{mod_last, []},
|
|
{mod_version, []}
|
|
]}.
|
|
|
|
|
|
|
|
|
|
% Local Variables:
|
|
% mode: erlang
|
|
% End:
|