Mercurial > prosody-modules
view mod_watchuntrusted/README.markdown @ 5354:39d59d857bfb
mod_http_oauth2: Use new mod_cron API for periodic cleanup
Less frequent but this isn't that important after all since, as the
comment states, expired codes are not usable anyway. They're also not
that large so memory usage probably doesn't matter.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 22 Apr 2023 11:59:52 +0200 |
| parents | 0e78523f8c20 |
| children |
line wrap: on
line source
--- labels: - 'Stage-Alpha' summary: | Warn admins about outgoing s2s connections that are refused due to invalid or untrusted certificates ... Introduction ============ Similar to mod\_watchregistrations, this module warns admins when an s2s connection fails due for encryption or trust reasons. The certificate shows the SHA1 hash, so it can easily be used together with mod\_s2s\_auth\_fingerprint. Configuration ============= modules_enabled = { -- other modules -- "watchuntrusted", } untrusted_fail_watchers = { "admin@example.lit" } untrusted_fail_notification = "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors" Option Default Description ------------------------------- --------------------------------------------------------------------------------------------------------------- -------------------------------------------------------------------------------------- untrusted\_fail\_watchers All admins The users to send the message to untrusted\_fail\_notification "Establishing a secure connection from \$from\_host to \$to\_host failed. Certificate hash: \$sha1. \$errors" The message to send, \$from\_host, \$to\_host, \$sha1 and \$errors are replaced untrusted\_message\_type `"chat"` Which kind of message to send. `"normal"` or `"headline"` are other sensible options untrusted\_ignore\_domains Empty The domains that this module should not warn about Compatibility ============= ------- ------- trunk Works ------- -------