]> git.immae.eu Git - perso/Immae/Config/Nix.git/blob - private/ejabberd/ejabberd.yml
projects / perso / Immae / Config / Nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add tools
[perso/Immae/Config/Nix.git] / private / ejabberd / ejabberd.yml
1 ###
2 ### ejabberd configuration file
3 ###
4 ### The parameters used in this configuration file are explained at
5 ###
6 ### https://docs.ejabberd.im/admin/configuration
7 ###
8 ### The configuration file is written in YAML.
9 ### *******************************************************
10 ### ******* !!! WARNING !!! *******
11 ### ******* YAML IS INDENTATION SENSITIVE *******
12 ### ******* MAKE SURE YOU INDENT SECTIONS CORRECTLY *******
13 ### *******************************************************
14 ### Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
15 ### However, ejabberd treats different literals as different types:
16 ###
17 ### - unquoted or single-quoted strings. They are called "atoms".
18 ### Example: dog, 'Jupiter', '3.14159', YELLOW
19 ###
20 ### - numeric literals. Example: 3, -45.0, .0
21 ###
22 ### - quoted or folded strings.
23 ### Examples of quoted string: "Lizzard", "orange".
24 ### Example of folded string:
25 ### > Art thou not Romeo,
26 ### and a Montague?
27 ###
28
29 hosts:
30 - "immae.fr"
31
32 loglevel: 4
33 log_rotate_size: 10485760
34 log_rotate_date: ""
35 log_rotate_count: 1
36 log_rate_limit: 100
37
38 certfiles:
39 - "@certificatePrivateKeyAndFullChain@"
40
41 listen:
42 -
43 port: 5222
44 ip: "::"
45 module: ejabberd_c2s
46 max_stanza_size: 262144
47 shaper: c2s_shaper
48 access: c2s
49 starttls_required: true
50 -
51 port: 5269
52 ip: "::"
53 module: ejabberd_s2s_in
54 max_stanza_size: 524288
55 -
56 port: 5280
57 ip: "127.0.0.1"
58 module: ejabberd_http
59 request_handlers:
60 "/admin": ejabberd_web_admin
61 "/api": mod_http_api
62 "/bosh": mod_bosh
63 "/captcha": ejabberd_captcha
64 "/upload": mod_http_upload
65 "/ws": ejabberd_http_ws
66 tls: false
67
68 s2s_use_starttls: optional
69 s2s_cafile: "@certificateCA@"
70
71 default_db: sql
72 include_config_file: @sql_config_file@
73 include_config_file: @host_config_file@
74 new_sql_schema: true
75
76 acl:
77 admin:
78 - user: "ismael@immae.fr"
79 local:
80 user_regexp: ""
81 loopback:
82 ip:
83 - "127.0.0.0/8"
84 - "::1/128"
85 - "::FFFF:127.0.0.1/128"
86
87 access_rules:
88 local:
89 - allow: local
90 c2s:
91 - deny: blocked
92 - allow
93 announce:
94 - allow: admin
95 configure:
96 - allow: admin
97 muc_admin:
98 - allow: admin
99 muc_create:
100 - allow: local
101 muc:
102 - allow
103 pubsub_createnode:
104 - allow: local
105 register:
106 - deny
107 trusted_network:
108 - allow: loopback
109
110 api_permissions:
111 "console commands":
112 from:
113 - ejabberd_ctl
114 who: all
115 what: "*"
116 "admin access":
117 who:
118 - acl: admin
119 - oauth:
120 - scope: "ejabberd:admin"
121 - acl: admin
122 what:
123 - "*"
124 - "!stop"
125 - "!start"
126 "public commands":
127 who:
128 - ip:
129 - "0.0.0.0"
130 - "::"
131 what:
132 - "status"
133 - "connected_users_number"
134
135 shaper:
136 normal: 1000
137 fast: 50000
138
139 shaper_rules:
140 max_user_sessions: 10
141 max_user_offline_messages:
142 - 5000: admin
143 - 100
144 c2s_shaper:
145 - none: admin
146 - normal
147 s2s_shaper: fast
148
149 modules:
150 mod_adhoc: {}
151 mod_admin_extra: {}
152 mod_announce:
153 access: announce
154 mod_avatar: {}
155 mod_blocking: {}
156 mod_bosh: {}
157 mod_caps: {}
158 mod_carboncopy: {}
159 mod_client_state: {}
160 mod_configure: {}
161 mod_disco: {}
162 mod_fail2ban: {}
163 mod_http_api: {}
164 mod_http_upload:
165 put_url: "https://im.immae.fr/upload"
166 custom_headers:
167 "Access-Control-Allow-Origin": "*"
168 "Access-Control-Allow-Methods": "OPTIONS, HEAD, GET, PUT, POST"
169 "Access-Control-Allow-Headers": "Content-Type"
170 mod_last: {}
171 mod_mam:
172 default: always
173 mod_muc:
174 access:
175 - allow
176 access_admin:
177 - allow: admin
178 access_create: muc_create
179 access_persistent: muc_create
180 default_room_options:
181 mam: true
182 mod_muc_admin: {}
183 mod_offline:
184 access_max_user_messages: max_user_offline_messages
185 mod_ping: {}
186 mod_privacy: {}
187 mod_private: {}
188 mod_proxy65:
189 access: local
190 max_connections: 5
191 mod_pubsub:
192 access_createnode: pubsub_createnode
193 plugins:
194 - "flat"
195 - "pep"
196 force_node_config:
197 ## Change from "whitelist" to "open" to enable OMEMO support
198 ## See https://github.com/processone/ejabberd/issues/2425
199 "eu.siacs.conversations.axolotl.*":
200 access_model: open
201 ## Avoid buggy clients to make their bookmarks public
202 "storage:bookmarks":
203 access_model: whitelist
204 mod_push: {}
205 mod_push_keepalive: {}
206 mod_register:
207 ## Only accept registration requests from the "trusted"
208 ## network (see access_rules section above).
209 ## Think twice before enabling registration from any
210 ## address. See the Jabber SPAM Manifesto for details:
211 ## https://github.com/ge0rg/jabber-spam-fighting-manifesto
212 ip_access: trusted_network
213 access: register
214 mod_roster:
215 versioning: true
216 mod_s2s_dialback: {}
217 mod_shared_roster: {}
218 mod_stats: {}
219 mod_stream_mgmt:
220 resend_on_timeout: if_offline
221 mod_time: {}
222 mod_vcard: {}
223 mod_vcard_xupdate: {}
224 mod_version:
225 show_os: false
226
227 ### Local Variables:
228 ### mode: yaml
229 ### End:
230 ### vim: set filetype=yaml tabstop=8
231
My infrastructure configuration