loglevel: 4 log_rotate_size: 10485760 log_rotate_date: "" log_rotate_count: 1 log_rate_limit: 100 hosts: - "kosmos.org" - "5apps.com" host_config: "kosmos.org": sql_type: pgsql sql_server: "localhost" sql_database: "ejabberd" sql_username: "ejabberd" sql_password: "<%= @pgsql_password %>" "5apps.com": sql_type: pgsql sql_server: "localhost" sql_database: "ejabberd_5apps" sql_username: "ejabberd" sql_password: "<%= @pgsql_password %>" <% if (File.exist?("/opt/ejabberd/conf/kosmos.org.crt") && File.exist?("/opt/ejabberd/conf/kosmos.org.key")) || (File.exist?("/opt/ejabberd/conf/5apps.com.crt") && File.exist?("/opt/ejabberd/conf/5apps.com.key")) -%> certfiles: <% if File.exist?("/opt/ejabberd/conf/kosmos.org.crt") && File.exist?("/opt/ejabberd/conf/kosmos.org.key") -%> - "/opt/ejabberd/conf/kosmos.org.crt" - "/opt/ejabberd/conf/kosmos.org.key" <% end -%> <% if File.exist?("/opt/ejabberd/conf/5apps.com.crt") && File.exist?("/opt/ejabberd/conf/5apps.com.key") -%> - "/opt/ejabberd/conf/5apps.com.crt" - "/opt/ejabberd/conf/5apps.com.key" <% end -%> <% end -%> ca_file: "/opt/ejabberd/conf/cacert.pem" define_macro: 'TLS_CIPHERS': "HIGH:!aNULL:!eNULL:!3DES:@STRENGTH" 'TLS_OPTIONS': - "no_sslv3" - "cipher_server_preference" - "no_compression" 'DH_FILE': "/opt/ejabberd/conf/dhparams.pem" # generated with: openssl dhparam -out dhparams.pem 2048 c2s_dhfile: 'DH_FILE' s2s_dhfile: 'DH_FILE' c2s_ciphers: 'TLS_CIPHERS' s2s_ciphers: 'TLS_CIPHERS' c2s_protocol_options: 'TLS_OPTIONS' s2s_protocol_options: 'TLS_OPTIONS' listen: - port: 5222 ip: "::" module: ejabberd_c2s starttls: true max_stanza_size: 65536 shaper: c2s_shaper access: c2s - port: 5223 ip: "::" module: ejabberd_c2s tls: true max_stanza_size: 65536 shaper: c2s_shaper access: c2s - port: 5269 ip: "::" module: ejabberd_s2s_in max_stanza_size: 131072 shaper: s2s_shaper - port: 5443 ip: "::" module: ejabberd_http request_handlers: "/ws": ejabberd_http_ws "/bosh": mod_bosh "/api": mod_http_api "/upload": mod_http_upload custom_headers: "Access-Control-Allow-Origin": "*" "Access-Control-Allow-Methods": "OPTIONS, HEAD, GET, PUT" "Access-Control-Allow-Headers": "Authorization" "Access-Control-Allow-Credentials": "true" tls: true ## "/pub/archive": mod_http_fileserver web_admin: true ## register: true captcha: false s2s_use_starttls: optional auth_password_format: scram auth_method: sql default_db: sql shaper: normal: 1000 fast: 50000 max_fsm_queue: 10000 acl: admin: user: - "greg@5apps.com" - "sebastian@5apps.com" - "garret@5apps.com" - "raucao@kosmos.org" - "greg@kosmos.org" - "galfert@kosmos.org" local: user_regexp: "" loopback: ip: - "127.0.0.0/8" - "::1/128" - "::FFFF:127.0.0.1/128" shaper_rules: max_user_sessions: 10 max_user_offline_messages: - 5000: admin - 100 c2s_shaper: - none: admin - normal s2s_shaper: fast access_rules: local: - allow: local c2s: - deny: blocked - allow announce: - allow: admin configure: - allow: admin muc_create: - allow: admin - allow: local pubsub_createnode: - allow: local register: - allow trusted_network: - allow: loopback api_permissions: "console commands": from: - ejabberd_ctl who: all what: "*" "admin access": who: - access: - allow: - acl: loopback - acl: admin - oauth: - scope: "ejabberd:admin" - access: - allow: - acl: loopback - acl: admin what: - "*" - "!stop" - "!start" "public commands": who: - ip: "127.0.0.1/8" what: - "status" - "connected_users_number" language: "en" modules: mod_adhoc: {} mod_admin_extra: {} mod_announce: # recommends mod_adhoc access: announce mod_blocking: {} # requires mod_privacy mod_caps: {} mod_carboncopy: {} mod_client_state: {} mod_configure: {} # requires mod_adhoc mod_disco: server_info: - modules: all name: "abuse-addresses" urls: ["mailto:abuse@@HOST@"] mod_bosh: {} mod_http_upload: docroot: "/opt/ejabberd/uploads/xmpp.@HOST@/" put_url: "https://xmpp.@HOST@:5443/upload" thumbnail: false # otherwise needs the identify command from ImageMagick installed mod_last: {} mod_mam: default: always request_activates_archiving: true mod_muc_admin: {} mod_offline: access_max_user_messages: max_user_offline_messages mod_ping: {} mod_privacy: {} mod_private: {} mod_proxy65: {} mod_pubsub: access_createnode: pubsub_createnode ignore_pep_from_offline: false last_item_cache: false max_items_node: 10 plugins: - "flat" - "pep" # pep requires mod_caps mod_push: {} mod_push_keepalive: {} mod_register: welcome_message: subject: "Welcome!" body: |- Hi. Welcome to this XMPP server. ip_access: trusted_network access: register mod_roster: versioning: true store_current_id: true mod_shared_roster: {} mod_vcard: search: false mod_vcard_xupdate: {} mod_avatar: {} mod_version: {} mod_stream_mgmt: {} mod_s2s_dialback: {} mod_http_api: {} append_host_config: "5apps.com": modules: mod_muc: host: "muc.@HOST@" access: - allow: local access_admin: - allow: admin access_create: muc_create access_persistent: muc_create max_user_conferences: 1000 default_room_options: anonymous: false public: true members_only: true public_list: false persistent: true mam: true "kosmos.org": modules: mod_muc: host: "chat.@HOST@" access: - allow access_admin: - allow: admin access_create: muc_create access_persistent: muc_create max_user_conferences: 1000 default_room_options: mam: true allow_contrib_modules: true ### Local Variables: ### mode: yaml ### End: ### vim: set filetype=yaml tabstop=8 foldmarker=###',###. foldmethod=marker: