diff options
author | Jonas Smedegaard <dr@jones.dk> | 2017-01-18 17:32:45 +0100 |
---|---|---|
committer | Jonas Smedegaard <dr@jones.dk> | 2017-01-18 17:33:29 +0100 |
commit | ccfe0921edb6d81ccf53135654fd364eea679140 (patch) | |
tree | bf3e9e97afad41b7437ed0be1cd1d1a82eecd9be /ejabberd/defs.yml | |
parent | 8d7a52d331eee26c44ee8ac68a72b0b2fe0a0750 (diff) |
Add ejabberd tweaks as snippets.
Diffstat (limited to 'ejabberd/defs.yml')
-rw-r--r-- | ejabberd/defs.yml | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/ejabberd/defs.yml b/ejabberd/defs.yml new file mode 100644 index 0000000..aeb08f9 --- /dev/null +++ b/ejabberd/defs.yml @@ -0,0 +1,16 @@ +# Origin: https://github.com/jabber-at/config +# Origin: https://gitlab.com/hanno/ejabberd-config + +# The default ciphers-setting is found here: +# https://github.com/processone/tls/blob/master/c_src/p1_tls_drv.c +# We use the default and exclude a few additional ciphers classified as weak +# by xmpp.net. +define_macro: + 'TLS_OPTIONS': + - "no_sslv2" + - "no_sslv3" + - "no_tlsv1" + 'TLS_CIPHERS': "ECDH:DH:!CAMELLIA128:!3DES:!MD5:!RC4:!aNULL:!NULL:!EXPORT:!LOW:!MEDIUM" + #'TLS_CIPHERS': "HIGH:!MEDIUM:!LOW:!3DES:!CAMELLIA:!aNULL:!RSA@STRENGTH" + #'TLS_CIPHERS': "HIGH:!3DES:!aNULL:!SSLv2:@STRENGTH" + CERT_PATH: "/etc/ejabberd/ejabberd.pem" |