![]() # Define specific Access Rules in a virtual host.Update January 2022: This tutorial is slightly out of date. # To disable in-band registration, replace 'allow' with 'deny'. # In-band registration allows registration of any possible username. # Only accounts on the local ejabberd server can create Pubsub nodes: # All users are allowed to use the MUC service: # Only accounts of the local ejabberd server can create rooms: # Admins of this server are also admins of the MUC service: # Only admins can use the configuration interface: # Only admins can send announcement messages: # All S2S connections use the "fast" shaper # For C2S connections, all users except admins use the "normal" shaper # Only non-blocked users can use c2s connections: # This rule allows access only for local users: # Maximum number of offline messages that users can have: # Maximum number of simultaneous sessions allowed for a single user: it was spamming me after I disabled unencrypted S2S connections. # TODO: Remove gmail if you want to be able to connect with it. # You can put here as many accounts as you want. # The 'admin' ACL grants administrative privileges to XMPP accounts. # This option specifies the maximum number of elements in the queue # The "fast" shaper limits traffic speed to 50000 B/s # The "normal" shaper limits traffic speed to 1000 B/s Specify in seconds: for example 28800 means 8 hours # Interval to make a dummy SQL request to keep the connections to the # Number of connections to open to the database for each virtual host # odbc_server: "DSN=ejabberd UID=ejabberd PWD=ejabberd" # faster but inexact replacement for "select count(*) from users" # If you use PostgreSQL, have a large database, and need a # Please consult the ejabberd Guide for details on database creation. # you want to use other database backends. # This section provides configuration examples in case # so you do not necessarily need this section. # ejabberd by default uses the internal Mnesia database, # To use both anonymous and internal authentication: # allow_multiple_connections: true | false # anonymous_protocol: sasl_anon | login_anon | both # ldap_filter: "(objectClass=shadowAccount)" # Encryption of connection to LDAP servers: # Remember to setup a database in the next section. # extauth_program: "/path/to/authentication/script" # Make sure the script is executable by ejabberd. ![]() # Define the FQDN if ejabberd doesn't detect it: # Store the plain passwords ("plain") or hashed for SCRAM ("scram"): # auth_method: Method used to authenticate the users. # Set the ciphers which can be used for s2s connections. # s2s_certfile: Specify a certificate file. # Allowed values are: false optional required required_trusted # s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections. # domain_certfile: Specify a different certificate for each served hostname. # TODO: Bind to localhost, then put this behind a TLS reverse proxy (read, "Nginx") # To handle XML-RPC requests that provide admin credentials: # ejabberd_stun: Handles STUN Binding requests # All my clients support TLSv1.2, so just turn everything else off. # use this instead of the "starttls" option: # To enforce TLS encryption for client connections, # certificate, specify the full path to the # If TLS is compiled in and you installed a SSL # Don't use stream compression and tls compression # listen: The ports ejabberd will listen on, which service each is handled # to allow communication with an XMPP server called im. # For example, if this ejabberd serves and you want # route_subdomains: Delegate subdomains to other XMPP servers. ![]() # You can define one or several, for example: # consumes a lot of memory, send live notifications to these XMPP # watchdog_admins: Only useful for developers: if an ejabberd process # of messages when system is overloaded, you can set a limit. # allowed from error_logger, which is a good idea if you want to avoid a flood # overload protection: If you want to limit the number of messages per second # $M5D6 rotate on every 5th day of the month at 6:00 hr # $M1D0 rotate on the first day of every month at midnight # $W5D16 rotate every week on Friday at 16:00 hr # $W0D23 rotate every week on Sunday at 23:00 hr # Date syntax is taken from the syntax newsyslog uses in nf. # To disable rotation set the size to 0 and the date to "" Setting size to X rotate log when it reaches X bytes. # does not disable rotation, it instead rotates the file and keeps no previous # 0: No ejabberd log at all (not recommended) # loglevel: Verbosity of log files generated by ejabberd.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |