1 files changed, 16 insertions, 0 deletions

diff --git a/ejabberd/defs.yml b/ejabberd/defs.yml
new file mode 100644
index 0000000..aeb08f9
--- /dev/null
+++ b/ejabberd/defs.yml
@@ -0,0 +1,16 @@
+# Origin: https://github.com/jabber-at/config
+# Origin: https://gitlab.com/hanno/ejabberd-config
+
+# The default ciphers-setting is found here:
+#    https://github.com/processone/tls/blob/master/c_src/p1_tls_drv.c
+# We use the default and exclude a few additional ciphers classified as weak
+# by xmpp.net.
+define_macro:
+  'TLS_OPTIONS':
+    - "no_sslv2"
+    - "no_sslv3"
+    - "no_tlsv1"
+  'TLS_CIPHERS': "ECDH:DH:!CAMELLIA128:!3DES:!MD5:!RC4:!aNULL:!NULL:!EXPORT:!LOW:!MEDIUM"
+  #'TLS_CIPHERS': "HIGH:!MEDIUM:!LOW:!3DES:!CAMELLIA:!aNULL:!RSA@STRENGTH"
+  #'TLS_CIPHERS': "HIGH:!3DES:!aNULL:!SSLv2:@STRENGTH"
+  CERT_PATH: "/etc/ejabberd/ejabberd.pem"