changeset 79:694fd34ff0b3

docker (prosody): added some comments to prosody.cfg.lua
author Goffi <goffi@goffi.org>
date Wed, 10 Feb 2016 18:22:56 +0100
parents 3e8ddbc6c603
children 686a8c982c3f
files docker/prosody/prosody.cfg.lua
diffstat 1 files changed, 51 insertions(+), 44 deletions(-) [+]
line wrap: on
line diff
--- a/docker/prosody/prosody.cfg.lua	Wed Feb 10 18:00:28 2016 +0100
+++ b/docker/prosody/prosody.cfg.lua	Wed Feb 10 18:22:56 2016 +0100
@@ -2,7 +2,9 @@
 
 ---------- Server-wide settings ----------
 
+-- we use environment variable to get the domain
 local domain = os.getenv("DOMAIN") or "libervia.int"
+-- default admin is admin@DOMAIN
 admins = { "admin@"..(domain) }
 
 -- Enable use of libevent for better performance under high load
@@ -11,7 +13,7 @@
 
 -- Documentation on modules can be found at: http://prosody.im/doc/modules
 modules_enabled = {
-        -- used by SàT
+		-- used by SàT
 
 		-- SàT PubSub
 				"delegation";
@@ -21,52 +23,54 @@
 				"ipcheck";
 				"http_upload";
 
-        -- Generally required
-                "roster"; -- Allow users to have a roster. Recommended ;)
-                "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
-                "tls"; -- Add support for secure TLS on c2s/s2s connections
-                "dialback"; -- s2s dialback support
-                "disco"; -- Service discovery
+		-- Generally required
+				"roster"; -- Allow users to have a roster. Recommended ;)
+				"saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
+				"tls"; -- Add support for secure TLS on c2s/s2s connections
+				"dialback"; -- s2s dialback support
+				"disco"; -- Service discovery
 
-        -- Not essential, but recommended
-                "private"; -- Private XML storage (for room bookmarks, etc.)
-                "vcard"; -- Allow users to set vCards
+		-- Not essential, but recommended
+				"private"; -- Private XML storage (for room bookmarks, etc.)
+				"vcard"; -- Allow users to set vCards
 
-        -- These are commented by default as they have a performance impact
-                --"privacy"; -- Support privacy lists
-                --"compression"; -- Stream compression (Debian: requires lua-zlib module to work)
+		-- These are commented by default as they have a performance impact
+				--"privacy"; -- Support privacy lists
+				--"compression"; -- Stream compression (Debian: requires lua-zlib module to work)
 
-        -- Nice to have
-                "version"; -- Replies to server version requests
-                "uptime"; -- Report how long server has been running
-                "time"; -- Let others know the time here on this server
-                "ping"; -- Replies to XMPP pings with pongs
-                -- "pep"; -- Enables users to publish their mood, activity, playing music and more
-                --"register"; -- Allow users to register on this server using a client and change passwords
+		-- Nice to have
+				"version"; -- Replies to server version requests
+				"uptime"; -- Report how long server has been running
+				"time"; -- Let others know the time here on this server
+				"ping"; -- Replies to XMPP pings with pongs
+				-- "pep"; -- Enables users to publish their mood, activity, playing music and more
+				-- we don't want to allow self registering, this is managed by a SàT plugin
+				--"register"; -- Allow users to register on this server using a client and change passwords
 
-        -- Admin interfaces
-                "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
-                --"admin_telnet"; -- Opens telnet console interface on localhost port 5582
+		-- Admin interfaces
+				"admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
+				--"admin_telnet"; -- Opens telnet console interface on localhost port 5582
 
-        -- HTTP modules
-                --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
-                --"http_files"; -- Serve static files from a directory over HTTP
+		-- HTTP modules
+				--"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
+				--"http_files"; -- Serve static files from a directory over HTTP
 
-        -- Other specific functionality
-                "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
-                --"groups"; -- Shared roster support
-                "announce"; -- Send announcement to all online users
-                --"welcome"; -- Welcome users who register accounts
-                --"watchregistrations"; -- Alert admins of registrations
-                --"motd"; -- Send a message to users when they log in
-                --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
+		-- Other specific functionality
+				"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
+				--"groups"; -- Shared roster support
+				-- announce is usefull on a Libervia instance
+				"announce"; -- Send announcement to all online users
+				--"welcome"; -- Welcome users who register accounts
+				--"watchregistrations"; -- Alert admins of registrations
+				--"motd"; -- Send a message to users when they log in
+				--"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
 };
 
 -- to disable them then uncomment them here:
 modules_disabled = {
-        -- "offline"; -- Store offline messages
-        -- "c2s"; -- Handle client connections
-        -- "s2s"; -- Handle server-to-server connections
+		-- "offline"; -- Store offline messages
+		-- "c2s"; -- Handle client connections
+		-- "s2s"; -- Handle server-to-server connections
 };
 
 -- Disable account creation by default, for security
@@ -82,11 +86,10 @@
 --
 pidfile = "/var/run/prosody/prosody.pid";
 
--- These are the SSL/TLS-related settings. If you don't want
--- to use SSL/TLS, you may comment or remove this
+-- We want to use the certificat in /usr/share/sat
 ssl = {
-        key = "/usr/share/sat/libervia.key";
-        certificate = "/usr/share/sat/libervia.crt";
+		key = "/usr/share/sat/libervia.key";
+		certificate = "/usr/share/sat/libervia.crt";
 }
 
 c2s_require_encryption = true
@@ -119,19 +122,23 @@
 
 authentication = "internal_plain"
 
+-- we listen to the world for components (but we do *NOT*
+-- expose the port! It's just for linked containers)
 component_interface="0.0.0.0"
 
+-- we want default, unsplitted logs, so we have removed all logging stuff
+
 VirtualHost (domain)
 	privileged_entities = {
 		["pubsub."..domain] = {
 			roster = "get";
-            message = "outgoing";
+			message = "outgoing";
 			-- presence = "roster";
 		},
 		-- ["louise@necton3.int"] = {
 		-- 	roster = "both";
-		--     message = "outgoing";
-		--     presence = "roster";
+		--	 message = "outgoing";
+		--	 presence = "roster";
 		-- },
 	}