From 806f706c51023e23c3f78251fe7ef49fde499125 Mon Sep 17 00:00:00 2001 From: root Date: Sat, 27 Feb 2016 18:41:01 +0100 Subject: Add ejabberd sample config. --- ejabberd/ejabberd.yml.diff | 145 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 145 insertions(+) create mode 100644 ejabberd/ejabberd.yml.diff (limited to 'ejabberd/ejabberd.yml.diff') diff --git a/ejabberd/ejabberd.yml.diff b/ejabberd/ejabberd.yml.diff new file mode 100644 index 0000000..ac19670 --- /dev/null +++ b/ejabberd/ejabberd.yml.diff @@ -0,0 +1,145 @@ +--- ejabberd.yml.orig 2014-11-21 13:06:14.000000000 +0100 ++++ ejabberd.yml 2016-02-27 18:34:12.000000000 +0100 +@@ -72,7 +72,8 @@ + ## - "example.org" + ## + hosts: +- - "localhost" ++ - "example.org" ++ - "guest.example.org" + + ## + ## route_subdomains: Delegate subdomains to other XMPP servers. +@@ -98,14 +99,14 @@ + ## certificate, specify the full path to the + ## file and uncomment this line: + ## +- certfile: "/etc/ejabberd/ejabberd.pem" +- starttls: true ++ certfile: "/etc/ejabberd/chat.example.org.pem" ++ starttls_required: true + ## + ## Custom OpenSSL options + ## + protocol_options: + - "no_sslv3" +- ## - "no_tlsv1" ++ - "no_tlsv1" + max_stanza_size: 65536 + shaper: c2s_shaper + access: c2s +@@ -148,29 +149,62 @@ + module: ejabberd_http + ## request_handlers: + ## "/pub/archive": mod_http_fileserver +- web_admin: true +- http_poll: true ++ web_admin: false ++ http_poll: false + http_bind: true + ## register: true +- captcha: true ++ captcha: false ++ ++ - ++ port: 3478 ++ transport: udp ++ module: ejabberd_stun ++ - ++ port: 3478 ++ module: ejabberd_stun ++ - ++ port: 5349 ++ module: ejabberd_stun ++ certfile: "/etc/ejabberd/chat.example.org.pem" ++ tls: true ++ turn_ip: "188.183.5.254" ++ auth_type: user ++ auth_realm: "EXAMPLE.ORG" ++## - ++## port: 5060 ++## transport: udp ++## module: ejabberd_sip ++## - ++## port: 5060 ++## module: ejabberd_sip ++ - ++ port: 5061 ++ module: ejabberd_sip ++ certfile: "/etc/ejabberd/chat.example.org.pem" ++ tls: true + + ## + ## s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections. + ## Allowed values are: false optional required required_trusted + ## You must specify a certificate file. + ## ++## s2s_use_starttls: optional + s2s_use_starttls: optional + + ## + ## s2s_certfile: Specify a certificate file. + ## +-s2s_certfile: "/etc/ejabberd/ejabberd.pem" ++## s2s_certfile: "/path/to/ssl.pem" ++s2s_certfile: "/etc/ejabberd/chat.example.org.pem" + + ## Custom OpenSSL options + ## ++## s2s_protocol_options: ++## - "no_sslv3" ++## - "no_tlsv1" + s2s_protocol_options: + - "no_sslv3" +-## - "no_tlsv1" ++ - "no_tlsv1" + + ## + ## domain_certfile: Specify a different certificate for each served hostname. +@@ -289,6 +323,14 @@ + ## auth_method: + ## - internal + ## - anonymous ++host_config: ++ "example.org": ++ auth_method: ++ - pam ++ "guest.example.org": ++ auth_method: anonymous ++ allow_multiple_connections: true ++ anonymous_protocol: both + + ### ============== + ### DATABASE SETUP +@@ -472,7 +514,7 @@ + ## In-band registration allows registration of any possible username. + ## To disable in-band registration, replace 'allow' with 'deny'. + register: +- all: allow ++ all: deny + ## Only allow to register from localhost + trusted_network: + loopback: allow +@@ -553,7 +595,7 @@ + ## accesslog: "/var/log/ejabberd/access.log" + mod_last: {} + mod_muc: +- ## host: "conference.@HOST@" ++ host: "conference.example.org" + access: muc + access_create: muc_create + access_persistent: muc_create +@@ -615,11 +657,12 @@ + ## + ## Local c2s or remote s2s users cannot register accounts + ## +- ## access_from: deny ++ access_from: deny + + access: register + mod_roster: {} + mod_shared_roster: {} ++ mod_sip: {} + mod_stats: {} + mod_time: {} + mod_vcard: {} -- cgit v1.2.3