# HG changeset patch # User Goffi # Date 1455124976 -3600 # Node ID 694fd34ff0b3dc90bcd84e8c7f7a5fb19073d267 # Parent 3e8ddbc6c6031c073808c8c38482203cfcb0494e docker (prosody): added some comments to prosody.cfg.lua diff -r 3e8ddbc6c603 -r 694fd34ff0b3 docker/prosody/prosody.cfg.lua --- a/docker/prosody/prosody.cfg.lua Wed Feb 10 18:00:28 2016 +0100 +++ b/docker/prosody/prosody.cfg.lua Wed Feb 10 18:22:56 2016 +0100 @@ -2,7 +2,9 @@ ---------- Server-wide settings ---------- +-- we use environment variable to get the domain local domain = os.getenv("DOMAIN") or "libervia.int" +-- default admin is admin@DOMAIN admins = { "admin@"..(domain) } -- Enable use of libevent for better performance under high load @@ -11,7 +13,7 @@ -- Documentation on modules can be found at: http://prosody.im/doc/modules modules_enabled = { - -- used by SàT + -- used by SàT -- SàT PubSub "delegation"; @@ -21,52 +23,54 @@ "ipcheck"; "http_upload"; - -- Generally required - "roster"; -- Allow users to have a roster. Recommended ;) - "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. - "tls"; -- Add support for secure TLS on c2s/s2s connections - "dialback"; -- s2s dialback support - "disco"; -- Service discovery + -- Generally required + "roster"; -- Allow users to have a roster. Recommended ;) + "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. + "tls"; -- Add support for secure TLS on c2s/s2s connections + "dialback"; -- s2s dialback support + "disco"; -- Service discovery - -- Not essential, but recommended - "private"; -- Private XML storage (for room bookmarks, etc.) - "vcard"; -- Allow users to set vCards + -- Not essential, but recommended + "private"; -- Private XML storage (for room bookmarks, etc.) + "vcard"; -- Allow users to set vCards - -- These are commented by default as they have a performance impact - --"privacy"; -- Support privacy lists - --"compression"; -- Stream compression (Debian: requires lua-zlib module to work) + -- These are commented by default as they have a performance impact + --"privacy"; -- Support privacy lists + --"compression"; -- Stream compression (Debian: requires lua-zlib module to work) - -- Nice to have - "version"; -- Replies to server version requests - "uptime"; -- Report how long server has been running - "time"; -- Let others know the time here on this server - "ping"; -- Replies to XMPP pings with pongs - -- "pep"; -- Enables users to publish their mood, activity, playing music and more - --"register"; -- Allow users to register on this server using a client and change passwords + -- Nice to have + "version"; -- Replies to server version requests + "uptime"; -- Report how long server has been running + "time"; -- Let others know the time here on this server + "ping"; -- Replies to XMPP pings with pongs + -- "pep"; -- Enables users to publish their mood, activity, playing music and more + -- we don't want to allow self registering, this is managed by a SàT plugin + --"register"; -- Allow users to register on this server using a client and change passwords - -- Admin interfaces - "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands - --"admin_telnet"; -- Opens telnet console interface on localhost port 5582 + -- Admin interfaces + "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands + --"admin_telnet"; -- Opens telnet console interface on localhost port 5582 - -- HTTP modules - --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" - --"http_files"; -- Serve static files from a directory over HTTP + -- HTTP modules + --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" + --"http_files"; -- Serve static files from a directory over HTTP - -- Other specific functionality - "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. - --"groups"; -- Shared roster support - "announce"; -- Send announcement to all online users - --"welcome"; -- Welcome users who register accounts - --"watchregistrations"; -- Alert admins of registrations - --"motd"; -- Send a message to users when they log in - --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots. + -- Other specific functionality + "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. + --"groups"; -- Shared roster support + -- announce is usefull on a Libervia instance + "announce"; -- Send announcement to all online users + --"welcome"; -- Welcome users who register accounts + --"watchregistrations"; -- Alert admins of registrations + --"motd"; -- Send a message to users when they log in + --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots. }; -- to disable them then uncomment them here: modules_disabled = { - -- "offline"; -- Store offline messages - -- "c2s"; -- Handle client connections - -- "s2s"; -- Handle server-to-server connections + -- "offline"; -- Store offline messages + -- "c2s"; -- Handle client connections + -- "s2s"; -- Handle server-to-server connections }; -- Disable account creation by default, for security @@ -82,11 +86,10 @@ -- pidfile = "/var/run/prosody/prosody.pid"; --- These are the SSL/TLS-related settings. If you don't want --- to use SSL/TLS, you may comment or remove this +-- We want to use the certificat in /usr/share/sat ssl = { - key = "/usr/share/sat/libervia.key"; - certificate = "/usr/share/sat/libervia.crt"; + key = "/usr/share/sat/libervia.key"; + certificate = "/usr/share/sat/libervia.crt"; } c2s_require_encryption = true @@ -119,19 +122,23 @@ authentication = "internal_plain" +-- we listen to the world for components (but we do *NOT* +-- expose the port! It's just for linked containers) component_interface="0.0.0.0" +-- we want default, unsplitted logs, so we have removed all logging stuff + VirtualHost (domain) privileged_entities = { ["pubsub."..domain] = { roster = "get"; - message = "outgoing"; + message = "outgoing"; -- presence = "roster"; }, -- ["louise@necton3.int"] = { -- roster = "both"; - -- message = "outgoing"; - -- presence = "roster"; + -- message = "outgoing"; + -- presence = "roster"; -- }, }