### ###' ejabberd configuration file ### ### The parameters used in this configuration file are explained at ### ### https://docs.ejabberd.im/admin/configuration ### ### The configuration file is written in YAML. ### ******************************************************* ### ******* !!! WARNING !!! ******* ### ******* YAML IS INDENTATION SENSITIVE ******* ### ******* MAKE SURE YOU INDENT SECTIONS CORRECTLY ******* ### ******************************************************* ### Refer to http://en.wikipedia.org/wiki/YAML for the brief description. ### hosts: - "hmm.st" loglevel: 4 log_rotate_size: 10485760 log_rotate_count: 1 certfiles: #- "/srv/ejabberd/y/conf/server.pem" - "/etc/ejabberd/hmm.st.crt" - "/etc/ejabberd/hmm.st.key" captcha_cmd: /usr/share/ejabberd/captcha.sh captcha_url: https://xmpp.hmm.st/captcha ca_file: "/etc/ejabberd/cacert.pem" sql_type: mysql sql_server: "localhost" sql_database: "ejabberd" sql_username: "ejabberd" sql_password: "REDACTED" new_sql_schema: true default_db: sql redis_server: localhost listen: - port: 5222 ip: "::" module: ejabberd_c2s max_stanza_size: 262144 shaper: c2s_shaper access: c2s starttls_required: true - port: 5223 #use_proxy_protocol: true ip: "::" tls: true module: ejabberd_c2s max_stanza_size: 262144 shaper: c2s_shaper access: c2s #starttls_required: true - port: 5269 ip: "::" module: ejabberd_s2s_in max_stanza_size: 524288 - port: 5270 ip: "::" tls: true module: ejabberd_s2s_in max_stanza_size: 524288 - port: 5443 ip: "127.0.0.1" module: ejabberd_http tls: true request_handlers: "/admin": ejabberd_web_admin "/api": mod_http_api "/bosh": mod_bosh "/captcha": ejabberd_captcha "/upload": mod_http_upload "/ws": ejabberd_http_ws "/oauth": ejabberd_oauth #- #port: 5280 #ip: "127.0.0.1" #module: ejabberd_http #request_handlers: #"/admin": ejabberd_web_admin #"/api": mod_http_api #"/bosh": mod_bosh #"/captcha": ejabberd_captcha #"/upload": mod_http_upload #"/ws": ejabberd_http_ws #"/oauth": ejabberd_oauth #- #port: 1883 #ip: "::" #module: mod_mqtt #backlog: 1000 - port: 3478 transport: udp module: ejabberd_stun use_turn: true turn_min_port: 61001 turn_max_port: 65535 turn_ipv4_address: 198.108.76.81 - port: 5349 transport: tcp module: ejabberd_stun use_turn: true tls: true turn_min_port: 61001 turn_max_port: 65535 turn_ipv4_address: 198.108.76.81 - port: 5347 ip: 127.0.0.1 module: ejabberd_service access: biboumi hosts: irc.hmm.st: password: REDACTED #- #port: 5348 #ip: 127.0.0.1 #module: ejabberd_service #hosts: #chat.hmm.st: #password: REDACTED #- #port: 5060 #transport: udp #module: ejabberd_sip #- #port: 5060 #module: ejabberd_sip #- #port: 5061 #tls: true #certfile: "/etc/ejabberd/hmm.st.crt" #module: ejabberd_sip s2s_use_starttls: optional acl: local: user_regexp: "" loopback: ip: - 127.0.0.0/8 - ::1/128 - ::FFFF:127.0.0.1/128 admin: user: - "ben@hmm.st" banned: user: - "ripherup@dismail.de" access_rules: local: allow: local c2s: deny: blocked allow: all announce: allow: admin configure: allow: admin muc_create: allow: local pubsub_createnode: allow: local trusted_network: allow: loopback biboumi: deny: banned allow: all api_permissions: "console commands": from: - ejabberd_ctl who: all what: "*" "admin access": who: access: allow: acl: loopback acl: admin oauth: scope: "ejabberd:admin" access: allow: acl: loopback acl: admin what: - "*" - "!stop" - "!start" "public commands": who: ip: 127.0.0.1/8 what: - status - connected_users_number shaper: normal: 1000 fast: 50000 shaper_rules: max_user_sessions: 10 max_user_offline_messages: 5000: admin 100: all c2s_shaper: none: admin normal: all s2s_shaper: fast max_fsm_queue: 100000 acme: contact: "mailto:ben@hmm.st" ca_url: "https://acme-v02.api.letsencrypt.org" modules: mod_adhoc: {} mod_admin_extra: {} mod_announce: access: announce mod_avatar: {} mod_blocking: {} mod_bosh: {} mod_caps: {} mod_carboncopy: {} mod_client_state: {} mod_configure: {} mod_default_rooms: rooms: - "hmm@conference.hmm.st" mod_disco: server_info: - modules: all name: "abuse-addresses" urls: ["mailto:abuse@hmm.st"] mod_fail2ban: {} mod_http_api: {} mod_http_upload: put_url: https://xmpp.@HOST@/upload get_url: https://uploads.@HOST@ docroot: /var/lib/ejabberd-uploads jid_in_url: node secret_length: 12 custom_headers: "Access-Control-Allow-Origin": "*" "Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS" "Access-Control-Allow-Headers": "Content-Type, Authorization" "Access-Control-Allow-Credentials": "true" mod_last: {} mod_mam: ## Mnesia is limited to 2GB, better to use an SQL backend ## For small servers SQLite is a good fit and is very easy ## to configure. Uncomment this when you have SQL configured: db_type: sql assume_mam_usage: true default: always mod_mqtt: {} mod_muc: access: - allow access_admin: - allow: admin access_create: muc_create access_persistent: muc_create access_mam: - allow default_room_options: allow_subscription: true # enable MucSub mam: true persistent: true mod_muc_admin: {} mod_offline: access_max_user_messages: max_user_offline_messages mod_ping: {} mod_privacy: {} mod_private: {} mod_proxy65: access: local max_connections: 5 mod_pubsub: access_createnode: local plugins: - flat - pep ignore_pep_from_offline: false last_item_cache: false max_items_node: 1000 default_node_config: max_items: 1000 hosts: - "news.@HOST@" - "pubsub.@HOST@" - "comments.@HOST@" force_node_config: ## Avoid buggy clients to make their bookmarks public storage:bookmarks: access_model: whitelist eu.siacs.conversations.axolotl.*: access_model: open urn:xmpp:bookmarks:0: access_model: whitelist send_last_published_item: never persist_items: true max_items: 50000 urn:xmpp:bookmarks:1: access_model: whitelist send_last_published_item: never persist_items: true max_items: 50000 urn:xmpp:pubsub:movim-public-subscription: access_model: whitelist persist_items: true max_items: 50000 urn:xmpp:microblog:0: max_items: 50000 access_model: presence notify_retract: true persist_items: true mod_push: {} mod_push_keepalive: {} mod_register: ## Only accept registration requests from the "trusted" ## network (see access_rules section above). ## Think twice before enabling registration from any ## address. See the Jabber SPAM Manifesto for details: ## https://github.com/ge0rg/jabber-spam-fighting-manifesto #ip_access: trusted_network ip_access: all captcha_protected: true password_strength: 32 #redirect_url: https://xmpp.hmm.st/register/ welcome_message: subject: welcome to hmm.st body: | welcome to jabber on hmm.st this server is hosted by ben - if you need anything, stop by the MUC (xmpp:hmm@conference.hmm.st?join) or shoot ben@hmm.st a message cheers, ~ben registration_watchers: ["ben@hmm.st"] mod_roster: versioning: true #mod_sip: {} mod_s2s_dialback: {} mod_shared_roster: {} mod_stream_mgmt: resend_on_timeout: if_offline max_ack_queue: 15000 mod_vcard: {} mod_vcard_xupdate: {} mod_version: {} mod_stun_disco: credentials_lifetime: 12h services: - host: 198.108.76.81 port: 3478 type: stun transport: udp restricted: false - host: 198.108.76.81 port: 3478 type: turn transport: udp restricted: true - host: hmm.st port: 5349 type: stun transport: tcp restricted: false - host: hmm.st port: 5349 type: turns transport: tcp restricted: true ### Local Variables: ### mode: yaml ### End: ### vim: set filetype=yaml tabstop=8