Mercurial > prosody-modules
annotate mod_s2sout_override/README.md @ 5681:8cb3da7df521
mod_http_oauth2: Restrict introspection to clients own tokens
The introspection code was added before the client hash was added in
0860497152af which allows connecting tokens to clients.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 29 Oct 2023 11:20:15 +0100 |
parents | ae62d92506dc |
children |
rev | line source |
---|---|
5486
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 --- |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 summary: Override s2s connection targets |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 --- |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 This module replaces [mod_s2soutinjection] and uses more modern and |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 reliable methods for overriding connection targets. |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 # Configuration |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 Enable the module as usual, then specify a map of XMPP remote hostnames |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 to URIs like `"tcp://host.example:port"`, to have Prosody connect there |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 instead of doing normal DNS SRV resolution. |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 |
5487
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
14 Currently supported schemes are `tcp://` and `tls://`. A future version |
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
15 could support more methods including alternate SRV lookup targets or |
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
16 even UNIX sockets. |
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
17 |
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
18 URIs with IP addresses like `tcp://127.0.0.1:9999` will bypass A/AAAA |
6cf2f32dbf40
mod_s2sout_override: Add support for Direct TLS
Kim Alvefur <zash@zash.se>
parents:
5486
diff
changeset
|
19 DNS lookups. |
5486
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 |
5621
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
21 The special target `"*"` may be used to redirect all servers that don't have |
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
22 an exact match. |
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
23 |
5622
ae62d92506dc
mod_s2sout_override: Add support for one-level wildcards (e.g. *.example.net)
Kim Alvefur <zash@zash.se>
parents:
5621
diff
changeset
|
24 One-level wildcards like `"*.example.net"` also work. |
ae62d92506dc
mod_s2sout_override: Add support for one-level wildcards (e.g. *.example.net)
Kim Alvefur <zash@zash.se>
parents:
5621
diff
changeset
|
25 |
5621
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
26 Standard DNS SRV resolution can be restored by specifying a truthy value. |
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
27 |
5486
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 ```lua |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 -- Global section |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 modules_enabled = { |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 -- other global modules |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 "s2sout_override"; |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 } |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 s2sout_override = { |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 ["example.com"] = "tcp://other.host.example:5299"; |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 ["xmpp.example.net"] = "tcp://localhost:5999"; |
5621
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
38 ["secure.example"] = "tls://127.0.0.1:5270"; |
5622
ae62d92506dc
mod_s2sout_override: Add support for one-level wildcards (e.g. *.example.net)
Kim Alvefur <zash@zash.se>
parents:
5621
diff
changeset
|
39 ["*.allthese.example"] = = "tcp://198.51.100.123:9999"; |
5621
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
40 |
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
41 -- catch-all: |
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
42 ["*"] = "tls://127.0.0.1:5370"; |
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
43 -- bypass the catch-all, use standard DNS SRV: |
b87a23b45725
mod_s2sout_override: Add support for a catch-all target
Kim Alvefur <zash@zash.se>
parents:
5487
diff
changeset
|
44 ["jabber.example"] = true; |
5486
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 } |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 ``` |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 # Compatibility |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 Prosody version status |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 --------------- ---------- |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 0.12.4 Will work |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 0.12.3 Will not work |
71243bedb2b0
mod_s2sout_override: New module for overriding s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 0.11 Will not work |