From 46b963ec00f770fa044ad03733558b783fe380ff Mon Sep 17 00:00:00 2001
From: RRA <rscmbbng@riseup.net>
Date: Sat, 22 Apr 2017 16:04:55 +0200
Subject: [PATCH] hbsc prosody config now also in the article body

---
 raw/configuring_an_xmpp_server.md | 82 +++++++++++++++++++++++++++++++
 1 file changed, 82 insertions(+)

diff --git a/raw/configuring_an_xmpp_server.md b/raw/configuring_an_xmpp_server.md
index 701edd2..f0010c4 100644
--- a/raw/configuring_an_xmpp_server.md
+++ b/raw/configuring_an_xmpp_server.md
@@ -126,6 +126,88 @@ Make a backup of the default prosody configuration and install [the one by the h
     cp prosody.cfg.lua prosody.cfg.lua.original
     wget http://homebrewserver.club/downloads/prosody.cfg.lua
 
+The homebrewserver.club prosody config:
+
+    :::console
+    -- a custom prosody config focused on high security and ease of use across (mobile) clients
+    -- provided to you by the homebrewserver.club
+    -- the original config file (prosody.cfg.lua.original) will have more information 
+    
+    plugin_paths = { "/usr/src/prosody-modules" } -- non-standard plugin path so we can keep them up to date with mercurial
+    
+    modules_enabled = {
+                "roster"; -- Allow users to have a roster. Recommended ;)
+                "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
+                "tls"; -- Add support for secure TLS on c2s/s2s connections
+                "dialback"; -- s2s dialback support
+                "disco"; -- Service discovery
+                "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
+                "private"; -- Private XML storage (for room bookmarks, etc.)
+                "vcard"; -- Allow users to set vCards
+                "compression"; -- Stream compression (requires the lua-zlib package installed)
+                "version"; -- Replies to server version requests
+                "uptime"; -- Report how long server has been running
+                "time"; -- Let others know the time here on this server
+                "ping"; -- Replies to XMPP pings with pongs
+                "register"; --Allows clients to register an account on your server
+                "pep"; -- Enables users to publish their mood, activity, playing music and more
+               "carbons"; -- XEP-0280: Message Carbons, synchronize messages accross devices
+                "smacks"; -- XEP-0198: Stream Management, keep chatting even when the network drops for a few seconds
+                "mam"; -- XEP-0313: Message Archive Management, allows to retrieve chat history from server
+                "csi"; -- XEP-0352: Client State Indication
+                "http"; -- mod_http needed for XEP-363
+                "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
+                "blocking"; -- XEP-0198 blocking of users
+                --"cloud_notify"; -- Support for XEP-0357 Push Notifications for compatibility with ChatSecure/iOS. 
+                -- iOS typically end the connection when an app runs in the background and requires use of Apple's Push servers to wake up and receive a message. Enabling this module allows your server to do that for your contacts on iOS.
+                -- However we leave it commented out as it is another example of vertically integrated cloud platforms at odds with federation, with all the meta-data-based surveillance consequences that that might have. 
+    };
+
+    allow_registration = false; -- Enable to allow people to register accounts on your server from their clients, for more information see http://prosody.im/doc/creating_accounts
+
+    -- These are the SSL/TLS-related settings. 
+    ssl = {
+            certificate = "/etc/prosody/certs/fullchain.pem";
+            key = "/etc/prosody/certs/privkey.pem";
+    }
+
+    c2s_require_encryption = true -- Force clients to use encrypted connections
+
+    -- Force certificate authentication for server-to-server connections?
+    -- This provides ideal security, but requires servers you communicate
+    -- with to support encryption AND present valid, trusted certificates.
+    -- NOTE: Your version of LuaSec must support certificate verification!
+    -- For more information see http://prosody.im/doc/s2s#security
+
+    s2s_secure_auth = false
+
+    pidfile = "/var/run/prosody/prosody.pid"
+
+    authentication = "internal_hashed"
+
+    storage = "sql" 
+
+    -- Make sure to change the password 
+    sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "userPassword", host = "localhost" }
+
+    log = {
+            info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging
+            error = "/var/log/prosody/prosody.err";
+            "*syslog";
+    }
+
+    VirtualHost "placeholderdomain.org"
+    
+    -- Enable http_upload to allow image sharing across multiple devices and clients
+    Component "dump.placeholderdomain.org" "http_upload"
+
+    ---Set up a MUC (multi-user chat) room server on conference.example.com:
+    Component "muc.placeholderdomain.org" "muc"
+
+    compression_level = 9
+
+
+
 Replace all instances of the placeholder domain name and passwords in the config file with your own:
 
     :::console