Homebrewserver.club website https://homebrewserver.club/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

76 lines
4.1 KiB

-- a custom 0.9 prosody config focused on high security and ease of use across (mobile) clients
-- provided to you by the homebrewserver.club
-- the original config file (prosody.cfg.lua.original) will have more information
plugin_paths = { "/usr/src/prosody-modules" } -- non-standard plugin path so we can keep them up to date with mercurial
modules_enabled = {
"roster"; -- Allow users to have a roster. Recommended ;)
"saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
"tls"; -- Add support for secure TLS on c2s/s2s connections
"dialback"; -- s2s dialback support
"disco"; -- Service discovery
"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
"private"; -- Private XML storage (for room bookmarks, etc.)
"vcard"; -- Allow users to set vCards
"compression"; -- Stream compression (requires the lua-zlib package installed)
"version"; -- Replies to server version requests
"uptime"; -- Report how long server has been running
"time"; -- Let others know the time here on this server
"ping"; -- Replies to XMPP pings with pongs
"register"; --Allows clients to register an account on your server
"pep"; -- Enables users to publish their mood, activity, playing music and more
"carbons"; -- XEP-0280: Message Carbons, synchronize messages accross devices
"smacks"; -- XEP-0198: Stream Management, keep chatting even when the network drops for a few seconds
"mam"; -- XEP-0313: Message Archive Management, allows to retrieve chat history from server
"csi"; -- XEP-0352: Client State Indication
"http"; -- mod_http needed for XEP-363
"admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
"blocking"; -- XEP-0198 blocking of users
--"cloud_notify"; -- Support for XEP-0357 Push Notifications for compatibility with ChatSecure/iOS.
-- iOS typically end the connection when an app runs in the background and requires use of Apple's Push servers to wake up and receive a message. Enabling this module allows your server to do that for your contacts on iOS.
-- However we leave it commented out as it is another example of vertically integrated cloud platforms at odds with federation, with all the meta-data-based surveillance consequences that that might have.
};
allow_registration = false; -- Enable to allow people to register accounts on your server from their clients, for more information see http://prosody.im/doc/creating_accounts
-- These are the SSL/TLS-related settings.
ssl = {
certificate = "/etc/prosody/certs/fullchain.pem";
key = "/etc/prosody/certs/privkey.pem";
}
c2s_require_encryption = true -- Force clients to use encrypted connections
-- Force certificate authentication for server-to-server connections?
-- This provides ideal security, but requires servers you communicate
-- with to support encryption AND present valid, trusted certificates.
-- NOTE: Your version of LuaSec must support certificate verification!
-- For more information see http://prosody.im/doc/s2s#security
s2s_secure_auth = false
pidfile = "/var/run/prosody/prosody.pid"
authentication = "internal_hashed"
storage = "sql"
-- Make sure to change the password
sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "userPassword", host = "localhost" }
log = {
info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging
error = "/var/log/prosody/prosody.err";
"*syslog";
}
VirtualHost "placeholderdomain.org"
-- Enable http_upload to allow image sharing across multiple devices and clients
Component "dump.placeholderdomain.org" "http_upload"
---Set up a MUC (multi-user chat) room server on conference.example.com:
Component "muc.placeholderdomain.org" "muc"
compression_level = 9