daily pastebin goal
29%
SHARE
TWEET

ejabberd.cfg

syst3mw0rm Jun 30th, 2011 95 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. %%%
  2. %%%     Debian ejabberd configuration file
  3. %%%     This config must be in UTF-8 encoding
  4. %%%
  5. %%% The parameters used in this configuration file are explained in more detail
  6. %%% in the ejabberd Installation and Operation Guide.
  7. %%% Please consult the Guide in case of doubts, it is available at
  8. %%% /usr/share/doc/ejabberd/guide.html
  9.  
  10. %%% This configuration file contains Erlang terms.
  11. %%% In case you want to understand the syntax, here are the concepts:
  12. %%%
  13. %%%  - The character to comment a line is %
  14. %%%
  15. %%%  - Each term ends in a dot, for example:
  16. %%%      override_global.
  17. %%%
  18. %%%  - A tuple has a fixed definition, its elements are
  19. %%%    enclosed in {}, and separated with commas:
  20. %%%      {loglevel, 4}.
  21. %%%
  22. %%%  - A list can have as many elements as you want,
  23. %%%    and is enclosed in [], for example:
  24. %%%      [http_poll, web_admin, tls]
  25. %%%
  26. %%%  - A keyword of ejabberd is a word in lowercase.
  27. %%%    The strings are enclosed in "" and can have spaces, dots...
  28. %%%      {language, "en"}.
  29. %%%      {ldap_rootdn, "dc=example,dc=com"}.
  30. %%%
  31. %%%  - This term includes a tuple, a keyword, a list and two strings:
  32. %%%      {hosts, ["jabber.example.net", "im.example.com"]}.
  33. %%%
  34.  
  35. %%%   ===================================
  36. %%%   OVERRIDE OPTIONS STORED IN DATABASE
  37.  
  38. %%
  39. %% Override global options (shared by all ejabberd nodes in a cluster).
  40. %%
  41. %%override_global.
  42.  
  43. %%
  44. %% Override local options (specific for this particular ejabberd node).
  45. %%
  46. %%override_local.
  47.  
  48. %%
  49. %% Remove the Access Control Lists before new ones are added.
  50. %%
  51. %%override_acls.
  52.  
  53.  
  54. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  55. %% Options which are set by Debconf and managed by ucf
  56.  
  57. %% Admin user
  58. {acl, admin, {user, "admin", "localhost"}}.
  59. {access, configure, {[allow, admin]}}.
  60.  
  61. %% Hostname
  62. {hosts, ["localhost","aamir-laptop"]}.
  63.  
  64. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  65.  
  66.  
  67. %%%   =========
  68. %%%   DEBUGGING
  69.  
  70. %%
  71. %% loglevel: Verbosity of log files generated by ejabberd.
  72. %% 0: No ejabberd log at all (not recommended)
  73. %% 1: Critical
  74. %% 2: Error
  75. %% 3: Warning
  76. %% 4: Info
  77. %% 5: Debug
  78. %%
  79. {loglevel, 5}.
  80.  
  81. %%
  82. %% watchdog_admins: If an ejabberd process consumes too much memory,
  83. %% send live notifications to those Jabber accounts.
  84. %%
  85. {watchdog_admins, ["admin@localhost"]}.
  86.  
  87.  
  88. %%%   ================
  89. %%%   SERVED HOSTNAMES
  90.  
  91. %%
  92. %% hosts: Domains served by ejabberd.
  93. %% You can define one or several, for example:
  94. %% {hosts, ["example.net", "example.com", "example.org"]}.
  95. %%
  96. %% (This option is defined by debconf earlier)
  97. %% {hosts, ["localhost"]}.
  98.  
  99. %%
  100. %% route_subdomains: Delegate subdomains to other Jabber server.
  101. %% For example, if this ejabberd serves example.org and you want
  102. %% to allow communication with a Jabber server called im.example.org.
  103. %%
  104. %%{route_subdomains, s2s}.
  105.  
  106.  
  107. %%%   ===============
  108. %%%   LISTENING PORTS
  109.  
  110. %%
  111. %% listen: Which ports will ejabberd listen, which service handles it
  112. %% and what options to start it with.
  113. %%
  114. {listen,
  115.  [
  116.   {5222, ejabberd_c2s, [
  117.                         {access, c2s},
  118.                         {shaper, c2s_shaper},
  119.                         {max_stanza_size, 65536},
  120.                         %%zlib,
  121.                           starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}
  122.                        ]},
  123.  
  124.   %%
  125.   %% To enable the old SSL connection method (deprecated) in port 5223:
  126.   %%
  127.   %%{5223, ejabberd_c2s, [
  128.   %%                    {access, c2s},
  129.   %%                    {shaper, c2s_shaper},
  130.   %%                    {max_stanza_size, 65536},
  131.   %%                    zlib,
  132.   %%                    tls, {certfile, "/etc/ejabberd/ejabberd.pem"}
  133.   %%                   ]},
  134.  
  135.   {5269, ejabberd_s2s_in, [
  136.                            {shaper, s2s_shaper},
  137.                            {max_stanza_size, 131072}
  138.                           ]},
  139.  
  140.   %% External MUC jabber-muc
  141.   %%{5554, ejabberd_service, [
  142.   %%                        {ip, {127, 0, 0, 1}},
  143.   %%                        {access, all},
  144.   %%                        {shaper_rule, fast},
  145.   %%                        {host, "muc.localhost", [{password, "secret"}]}
  146.   %%                        ]},
  147.  
  148.   %% Jabber ICQ Transport
  149.   %%{5555, ejabberd_service, [
  150.   %%                        {ip, {127, 0, 0, 1}},
  151.   %%                        {access, all},
  152.   %%                        {shaper_rule, fast},
  153.   %%                        {hosts, ["icq.localhost", "sms.localhost"],
  154.   %%                                   [{password, "secret"}]}
  155.   %%                        ]},
  156.  
  157.   %% AIM Transport
  158.   %%{5556, ejabberd_service, [
  159.   %%                        {ip, {127, 0, 0, 1}},
  160.   %%                        {access, all},
  161.   %%                        {shaper_rule, fast},
  162.   %%                        {host, "aim.localhost", [{password, "secret"}]}
  163.   %%                        ]},
  164.  
  165.   %% MSN Transport
  166.   %%{5557, ejabberd_service, [
  167.   %%                        {ip, {127, 0, 0, 1}},
  168.   %%                        {access, all},
  169.   %%                        {shaper_rule, fast},
  170.   %%                        {host, "msn.localhost", [{password, "secret"}]}
  171.   %%                        ]},
  172.  
  173.   %% Yahoo! Transport
  174.   %%{5558, ejabberd_service, [
  175.   %%                        {ip, {127, 0, 0, 1}},
  176.   %%                        {access, all},
  177.   %%                        {shaper_rule, fast},
  178.   %%                        {host, "yahoo.localhost", [{password, "secret"}]}
  179.   %%                        ]},
  180.  
  181.   %% External JUD (internal is more powerful,
  182.   %% but doesn't allow to register users from other servers)
  183.   %%{5559, ejabberd_service, [
  184.   %%                        {ip, {127, 0, 0, 1}},
  185.   %%                        {access, all},
  186.   %%                        {shaper_rule, fast},
  187.   %%                        {host, "jud.localhost", [{password, "secret"}]}
  188.   %%                        ]},
  189.  
  190.   {5280, ejabberd_http, [
  191.                          {request_handlers,
  192.                           [
  193.                            {["web"], mod_http_fileserver}
  194.                           ]},
  195.                          captcha,
  196.                          http_bind,
  197.                          http_poll,
  198.                          web_admin
  199.                         ]}
  200.  
  201.  ]}.
  202.  
  203. %%
  204. %% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
  205. %% Allowed values are: true or false.
  206. %% You must specify a certificate file.
  207. %%
  208. {s2s_use_starttls, true}.
  209.  
  210. {outgoing_s2s_port, 5269}.
  211.  
  212. %%
  213. %% s2s_certfile: Specify a certificate file.
  214. %%
  215. {s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.
  216.  
  217. %%
  218. %% domain_certfile: Specify a different certificate for each served hostname.
  219. %%
  220. %%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
  221. %%{domain_certfile, "example.com", "/path/to/example_com.pem"}.
  222.  
  223. %%
  224. %% S2S whitelist or blacklist
  225. %%
  226. %% Default s2s policy for undefined hosts.
  227. %%
  228. {s2s_default_policy, allow}.
  229.  
  230. %%
  231. %% Allow or deny communication with specific servers.
  232. %%
  233. %%{{s2s_host, "goodhost.org"}, allow}.
  234. %%{{s2s_host, "badhost.org"}, deny}.
  235.  
  236. %%
  237. %% The maximum allowed delay for retry to connect
  238. %% after a failed connection attempt to a remote server, in seconds.
  239. %% The default value is 300 seconds (5 minutes).
  240. %%
  241. %% The reconnection algorythm works like this: if connection fails,
  242. %% ejabberd makes an initial random delay between 1 and 15 seconds,
  243. %% then retries, and if this attempt fails, makes another delay,
  244. %% twice as long as previous. These attempts are performed either
  245. %% until a successful connection is made or until the next calculated
  246. %% delay is greated or equal than the value of s2s_max_retry_delay.
  247. %%
  248. %%{s2s_max_retry_delay, 300}.
  249.  
  250. %%
  251. %% Outgoing S2S options
  252. %%
  253. %% Preferred address families (which to try first) and connect timeout
  254. %% in milliseconds.
  255. %%
  256. %%{outgoing_s2s_options, [ipv4, ipv6], 10000}.
  257.  
  258.  
  259. %%%   ==============
  260. %%%   AUTHENTICATION
  261.  
  262. %%
  263. %% auth_method: Method used to authenticate the users.
  264. %% The default method is the internal.
  265. %% If you want to use a different method,
  266. %% comment this line and enable the correct ones.
  267. %%
  268. %%{auth_method, internal}.
  269.  
  270. %%
  271. %% Authentication using external script
  272. %% Make sure the script is executable by ejabberd.
  273. %%
  274. %%{auth_method, external}.
  275. %%{extauth_program, "/path/to/authentication/script"}.
  276.  
  277. %%
  278. %% Authentication using ODBC
  279. %% Remember to setup a database in the next section.
  280. %%
  281. {auth_method, odbc}.
  282.  
  283. %%
  284. %% Authentication using PAM
  285. %%
  286. %%{auth_method, pam}.
  287. %%{pam_service, "pamservicename"}.
  288.  
  289. %%
  290. %% Authentication using LDAP
  291. %%
  292. %%{auth_method, ldap}.
  293. %%
  294. %% List of LDAP servers:
  295. %%{ldap_servers, ["localhost"]}.
  296. %%
  297. %% Encryption of connection to LDAP servers (LDAPS):
  298. %%{ldap_encrypt, none}.
  299. %%{ldap_encrypt, tls}.
  300. %%
  301. %% Port connect to LDAP server:
  302. %%{ldap_port, 389}.
  303. %%{ldap_port, 636}.
  304. %%
  305. %% LDAP manager:
  306. %%{ldap_rootdn, "dc=example,dc=com"}.
  307. %%
  308. %% Password to LDAP manager:
  309. %%{ldap_password, "******"}.
  310. %%
  311. %% Search base of LDAP directory:
  312. %%{ldap_base, "dc=example,dc=com"}.
  313. %%
  314. %% LDAP attribute that holds user ID:
  315. %%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
  316. %%
  317. %% LDAP filter:
  318. %%{ldap_filter, "(objectClass=shadowAccount)"}.
  319.  
  320. %%
  321. %% Anonymous login support:
  322. %%   auth_method: anonymous
  323. %%   anonymous_protocol: sasl_anon | login_anon | both
  324. %%   allow_multiple_connections: true | false
  325. %%
  326. %%{host_config, "public.example.org", [{auth_method, anonymous},
  327. %%                                     {allow_multiple_connections, false},
  328. %%                                     {anonymous_protocol, sasl_anon}]}.
  329. %%
  330. %% To use both anonymous and internal authentication:
  331. %%
  332. %%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.
  333.  
  334.  
  335. %%%   ==============
  336. %%%   DATABASE SETUP
  337.  
  338. %% ejabberd uses by default the internal Mnesia database,
  339. %% so you can avoid this section.
  340. %% This section provides configuration examples in case
  341. %% you want to use other database backends.
  342. %% Please consult the ejabberd Guide for details about database creation.
  343.  
  344. %% NOTE that ejabberd in Debian supports "out of the box"
  345. %% only mnesia (default) and ODBC storage backends.
  346. %% Working with MySQL and PostgreSQL DB backends requires
  347. %% building and installation of the corresponding Erlang modules,
  348. %% not distributed as a part of ejabberd.
  349. %% Refer to /usr/share/doc/ejabberd/README.Debian for details.
  350.  
  351. %%
  352. %% MySQL server:
  353. %%
  354. {odbc_server, {mysql, "localhost", "iChat", "root", "rootroot"}}.
  355. %%
  356. %% If you want to specify the port:
  357. %%{odbc_server, {mysql, "server", 1234, "database", "username", "password"}}.
  358.  
  359. %%
  360. %% PostgreSQL server:
  361. %%
  362. %%{odbc_server, {pgsql, "server", "database", "username", "password"}}.
  363. %%
  364. %% If you want to specify the port:
  365. %%{odbc_server, {pgsql, "server", 1234, "database", "username", "password"}}.
  366. %%
  367. %% If you use PostgreSQL, have a large database, and need a
  368. %% faster but inexact replacement for "select count(*) from users"
  369. %%
  370. %%{pgsql_users_number_estimate, true}.
  371.  
  372. %%
  373. %% ODBC compatible or MSSQL server:
  374. %%
  375. %%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.
  376.  
  377. %%
  378. %% Number of connections to open to the database for each virtual host
  379. %%
  380. %%{odbc_pool_size, 10}.
  381.  
  382. %%
  383. %% Interval to make a dummy SQL request to keep alive the connections
  384. %% to the database. Specify in seconds: for example 28800 means 8 hours
  385. %%
  386. %%{odbc_keepalive_interval, undefined}.
  387.  
  388.  
  389. %%%   ===============
  390. %%%   TRAFFIC SHAPERS
  391.  
  392. %%
  393. %% The "normal" shaper limits traffic speed to 1.000 B/s
  394. %%
  395. {shaper, normal, {maxrate, 1000}}.
  396.  
  397. %%
  398. %% The "fast" shaper limits traffic speed to 50.000 B/s
  399. %%
  400. {shaper, fast, {maxrate, 50000}}.
  401.  
  402.  
  403. %%%   ====================
  404. %%%   ACCESS CONTROL LISTS
  405.  
  406. %%
  407. %% The 'admin' ACL grants administrative privileges to Jabber accounts.
  408. %% You can put as many accounts as you want.
  409. %%
  410. %%{acl, admin, {user, "aleksey", "localhost"}}.
  411. %%{acl, admin, {user, "ermine", "example.org"}}.
  412.  
  413. %%
  414. %% Blocked users
  415. %%
  416. %%{acl, blocked, {user, "baduser", "example.org"}}.
  417. %%{acl, blocked, {user, "test"}}.
  418.  
  419. %%
  420. %% Local users: don't modify this line.
  421. %%
  422. {acl, local, {user_regexp, ""}}.
  423.  
  424. %%
  425. %% More examples of ACLs
  426. %%
  427. %%{acl, jabberorg, {server, "jabber.org"}}.
  428. %%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
  429. %%{acl, test, {user_regexp, "^test"}}.
  430. %%{acl, test, {user_glob, "test*"}}.
  431.  
  432. %%
  433. %% Define specific ACLs in a virtual host.
  434. %%
  435. %%{host_config, "localhost",
  436. %% [
  437. %%  {acl, admin, {user, "bob-local", "localhost"}}
  438. %% ]
  439. %%}.
  440.  
  441.  
  442. %%%   ============
  443. %%%   ACCESS RULES
  444.  
  445. %% Define the maximum number of time a single user is allowed to connect:
  446. {access, max_user_sessions, [{10, all}]}.
  447.  
  448. %% Maximum number of offline messages that users can have:
  449. {access, max_user_offline_messages, [{5000, admin}, {100, all}]}.
  450.  
  451. %% This rule allows access only for local users:
  452. {access, local, [{allow, local}]}.
  453.  
  454. %% Only non-blocked users can use c2s connections:
  455. {access, c2s, [{deny, blocked},
  456.                {allow, all}]}.
  457.  
  458. %% For all users except admins used "normal" shaper
  459. {access, c2s_shaper, [{none, admin},
  460.                       {normal, all}]}.
  461.  
  462. %% For all S2S connections used "fast" shaper
  463. {access, s2s_shaper, [{fast, all}]}.
  464.  
  465. %% Only admins can send announcement messages:
  466. {access, announce, [{allow, admin}]}.
  467.  
  468. %% Only admins can use configuration interface:
  469. {access, configure, [{allow, admin}]}.
  470.  
  471. %% Admins of this server are also admins of MUC service:
  472. {access, muc_admin, [{allow, admin}]}.
  473.  
  474. %% All users are allowed to use MUC service:
  475. {access, muc, [{allow, all}]}.
  476.  
  477. %% No username can be registered via in-band registration:
  478. %% To enable in-band registration, replace 'deny' with 'allow'
  479. % (note that if you remove mod_register from modules list then users will not
  480. % be able to change their password as well as register).
  481. % This setting is default because it's more safe.
  482. {access, register, [{deny, all}]}.
  483.  
  484. %% By default frequency of account registrations from the same IP
  485. %% is limited to 1 account every 10 minutes. To disable put: infinity
  486. %%{registration_timeout, 600}.
  487.  
  488. %% Everybody can create pubsub nodes
  489. {access, pubsub_createnode, [{allow, all}]}.
  490.  
  491. %%
  492. %% Define specific Access rules in a virtual host.
  493. %%
  494. %%{host_config, "localhost",
  495. %% [
  496. %%  {access, c2s, [{allow, admin}, {deny, all}]},
  497. %%  {access, register, [{deny, all}]}
  498. %% ]
  499. %%}.
  500.  
  501.  
  502. %%%   ================
  503. %%%   DEFAULT LANGUAGE
  504.  
  505. %%
  506. %% language: Default language used for server messages.
  507. %%
  508. {language, "en"}.
  509.  
  510. %%
  511. %% Set a different default language in a virtual host.
  512. %%
  513. %%{host_config, "localhost",
  514. %% [{language, "ru"}]
  515. %%}.
  516.  
  517.  
  518. %%%   =======
  519. %%%   CAPTCHA
  520.  
  521. %%
  522. %% Full path to a script that generates the image.
  523. %% Note that this script must be made executable
  524. %% for the user ejabberd:ejabberd.
  525. %%
  526. {captcha_cmd, "/usr/lib/ejabberd/priv/bin/captcha.sh"}.
  527.  
  528. %%
  529. %% Host part of the URL sent to the user.
  530. %% The port specified must be configured as the "ejabberd_http"
  531. %% listener which must have the "captcha" directive included
  532. %% in its configuration (see the "LISTENING PORTS" section above).
  533. %%
  534. {captcha_host, "localhost:5280"}.
  535.  
  536.  
  537. %%%   =======
  538. %%%   MODULES
  539.  
  540. %%
  541. %% Modules enabled in all ejabberd virtual hosts.
  542. %%
  543. {modules,
  544.  [
  545.   {mod_adhoc,    []},
  546.   {mod_announce, [{access, announce}]}, % requires mod_adhoc
  547.   {mod_caps,     []},
  548.   {mod_configure,[]}, % requires mod_adhoc
  549.   {mod_admin_extra, []},
  550.   {mod_disco,    []},
  551.   %%{mod_echo,   [{host, "echo.localhost"}]},
  552.   {mod_irc,      []},
  553.   %% NOTE that mod_http_fileserver must also be enabled in the
  554.   %% "request_handlers" clause of the "ejabberd_http" listener
  555.   %% configuration (see the "LISTENING PORTS" section above).
  556.  
  557.   {mod_http_fileserver, [
  558.                          {docroot, "/var/www"},
  559.                          {accesslog, "/var/log/ejabberd/access.log"}
  560.                         ]},
  561.   {mod_last,     []},
  562.   {mod_muc,      [
  563.                   %%{host, "conference.@HOST@"},
  564.                   {access, muc},
  565.                   {access_create, muc},
  566.                   {access_persistent, muc},
  567.                   {access_admin, muc_admin},
  568.                   {max_users, 500}
  569.                  ]},
  570.   %%{mod_muc_log,[]},
  571.   {mod_offline,  [{access_max_user_messages, max_user_offline_messages}]},
  572.   {mod_privacy,  []},
  573.   {mod_private,  []},
  574.   {mod_proxy65,  [
  575.                   {access, local},
  576.                   {shaper, c2s_shaper}
  577.                  ]},
  578.   {mod_pubsub,   [ % requires mod_caps
  579.                   {access_createnode, pubsub_createnode},
  580.                   {pep_sendlast_offline, false},
  581.                   {last_item_cache, false},
  582.                   %%{plugins, ["default", "pep"]}
  583.                   {plugins, ["flat", "hometree", "pep"]}  % pep requires mod_caps
  584.                  ]},
  585.   {mod_register, [
  586.                   %%
  587.                   %% After successful registration, the user receives
  588.                   %% a message with this subject and body.
  589.                   %%
  590.                   {welcome_message, {"Welcome!",
  591.                                      "Welcome to a Jabber service powered by Debian. "
  592.                                      "For information about Jabber visit "
  593.                                      "http://www.jabber.org"}},
  594.                   %% Replace it with 'none' if you don't want to send such message:
  595.                   %%{welcome_message, none},
  596.  
  597.                   %%
  598.                   %% When a user registers, send a notification to
  599.                   %% these Jabber accounts.
  600.                   %%
  601.                   %%{registration_watchers, ["admin1@example.org"]},
  602.  
  603.                   {access, register}
  604.                  ]},
  605.   {mod_roster,   []},
  606.   %%{mod_service_log,[]},
  607.   %%{mod_shared_roster,[]},
  608.   {mod_stats,    []},
  609.   {mod_time,     []},
  610.   {mod_vcard,    []},
  611.   {mod_version,  []}
  612.  ]}.
  613.  
  614. %%
  615. %% Enable modules with custom options in a specific virtual host
  616. %%
  617. %%{host_config, "localhost",
  618. %% [{{add, modules},
  619. %%   [
  620. %%    {mod_echo, [{host, "mirror.localhost"}]}
  621. %%   ]
  622. %%  }
  623. %% ]}.
  624.  
  625.  
  626. %%% $Id: ejabberd.cfg.example 2497 2009-08-17 20:27:28Z cromain $
  627.  
  628. %%% Local Variables:
  629. %%% mode: erlang
  630. %%% End:
  631. %%% vim: set filetype=erlang tabstop=8:
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top