From 1b6898cda341181941cb0ce8525f5bd9d2669f6e Mon Sep 17 00:00:00 2001 From: rra Date: Tue, 9 Jan 2018 12:54:40 +0100 Subject: [PATCH] prosody 0.9 config backup as reference --- raw/downloads/prosody0.9.cfg.lua | 76 ++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 raw/downloads/prosody0.9.cfg.lua diff --git a/raw/downloads/prosody0.9.cfg.lua b/raw/downloads/prosody0.9.cfg.lua new file mode 100644 index 0000000..e13307a --- /dev/null +++ b/raw/downloads/prosody0.9.cfg.lua @@ -0,0 +1,76 @@ +-- a custom prosody config focused on high security and ease of use across (mobile) clients +-- provided to you by the homebrewserver.club +-- the original config file (prosody.cfg.lua.original) will have more information + +plugin_paths = { "/usr/src/prosody-modules" } -- non-standard plugin path so we can keep them up to date with mercurial + +modules_enabled = { + "roster"; -- Allow users to have a roster. Recommended ;) + "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. + "tls"; -- Add support for secure TLS on c2s/s2s connections + "dialback"; -- s2s dialback support + "disco"; -- Service discovery + "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. + "private"; -- Private XML storage (for room bookmarks, etc.) + "vcard"; -- Allow users to set vCards + "compression"; -- Stream compression (requires the lua-zlib package installed) + "version"; -- Replies to server version requests + "uptime"; -- Report how long server has been running + "time"; -- Let others know the time here on this server + "ping"; -- Replies to XMPP pings with pongs + "register"; --Allows clients to register an account on your server + "pep"; -- Enables users to publish their mood, activity, playing music and more + "carbons"; -- XEP-0280: Message Carbons, synchronize messages accross devices + "smacks"; -- XEP-0198: Stream Management, keep chatting even when the network drops for a few seconds + "mam"; -- XEP-0313: Message Archive Management, allows to retrieve chat history from server + "csi"; -- XEP-0352: Client State Indication + "http"; -- mod_http needed for XEP-363 + "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands + "blocking"; -- XEP-0198 blocking of users + --"cloud_notify"; -- Support for XEP-0357 Push Notifications for compatibility with ChatSecure/iOS. + -- iOS typically end the connection when an app runs in the background and requires use of Apple's Push servers to wake up and receive a message. Enabling this module allows your server to do that for your contacts on iOS. + -- However we leave it commented out as it is another example of vertically integrated cloud platforms at odds with federation, with all the meta-data-based surveillance consequences that that might have. +}; + +allow_registration = false; -- Enable to allow people to register accounts on your server from their clients, for more information see http://prosody.im/doc/creating_accounts + +-- These are the SSL/TLS-related settings. +ssl = { + certificate = "/etc/prosody/certs/fullchain.pem"; + key = "/etc/prosody/certs/privkey.pem"; +} + +c2s_require_encryption = true -- Force clients to use encrypted connections + +-- Force certificate authentication for server-to-server connections? +-- This provides ideal security, but requires servers you communicate +-- with to support encryption AND present valid, trusted certificates. +-- NOTE: Your version of LuaSec must support certificate verification! +-- For more information see http://prosody.im/doc/s2s#security + +s2s_secure_auth = false + +pidfile = "/var/run/prosody/prosody.pid" + +authentication = "internal_hashed" + +storage = "sql" + +-- Make sure to change the password +sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "userPassword", host = "localhost" } + +log = { + info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging + error = "/var/log/prosody/prosody.err"; + "*syslog"; +} + +VirtualHost "placeholderdomain.org" + +-- Enable http_upload to allow image sharing across multiple devices and clients +Component "dump.placeholderdomain.org" "http_upload" + +---Set up a MUC (multi-user chat) room server on conference.example.com: +Component "muc.placeholderdomain.org" "muc" + +compression_level = 9