prosody_lua-cfg

1. -- Prosody Example Configuration File
2. --
3. -- Information on configuring Prosody can be found on our
4. -- website at http://prosody.im/doc/configure
5. --
6. -- Tip: You can check that the syntax of this file is correct
7. -- when you have finished by running: luac -p prosody.cfg.lua
8. -- If there are any errors, it will let you know what and where
9. -- they are, otherwise it will keep quiet.
10. --
11. -- The only thing left to do is rename this file to remove the .dist ending, and fill in the
12. -- blanks. Good luck, and happy Jabbering!
13.  
14.  
15. ---------- Server-wide settings ----------
16. -- Settings in this section apply to the whole server and are the default settings
17. -- for any virtual hosts
18.  
19. -- This is a (by default, empty) list of accounts that are admins
20. -- for the server. Note that you must create the accounts separately
21. -- (see http://prosody.im/doc/creating_accounts for info)
22. -- Example: admins = { "steve@stevesullam.com", "user2@example.net" }
23. admins = {"steve@localhost", "steve@stevesullam.com" }
24.  
25. -- Enable use of libevent for better performance under high load
26. -- For more information see: http://prosody.im/doc/libevent
27. --use_libevent = true;
28.  
29. -- This is the list of modules Prosody will load on startup.
30. -- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
31. -- Documentation on modules can be found at: http://prosody.im/doc/modules
32. modules_enabled = {
33.  
34. -- Generally required
35. "roster"; -- Allow users to have a roster. Recommended ;)
36. "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
37. "tls"; -- Add support for secure TLS on c2s/s2s connections
38. "dialback"; -- s2s dialback support
39. "disco"; -- Service discovery
40. "auto_accept_subscriptions";
41. -- "mam"; --message archiving
42. "watchregistrations" --Enable mod_watchregistrations
43.  
44. -- Not essential, but recommended
45. "private"; -- Private XML storage (for room bookmarks, etc.)
46. "vcard"; -- Allow users to set vCards
47. "bosh";
48. -- These are commented by default as they have a performance impact
49. --"privacy"; -- Support privacy lists
50. --"compression"; -- Stream compression (Debian: requires lua-zlib module to work)
51.  
52. -- Nice to have
53. "version"; -- Replies to server version requests
54. "uptime"; -- Report how long server has been running
55. "time"; -- Let others know the time here on this server
56. "ping"; -- Replies to XMPP pings with pongs
57. "pep"; -- Enables users to publish their mood, activity, playing music and more
58. "register"; -- Allow users to register on this server using a client and change passwords
59.  
60. -- Admin interfaces
61. "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
62. "admin_telnet"; -- Opens telnet console interface on localhost port 5582
63. --"storage_internal" --store messages on server duh I'm an idiot.
64. -- HTTP modules
65. "bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
66. "http_files"; -- Serve static files from a directory over HTTP
67.  
68. -- Other specific functionality
69. "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
70. --"groups"; -- Shared roster support
71. --"announce"; -- Send announcement to all online users
72. --"welcome"; -- Welcome users who register accounts
73. --"watchregistrations"; -- Alert admins of registrations
74. "motd"; -- Send a message to users when they log in
75. --motd_text = "Don't Vote Republican"
76. --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
77. };
78. -- These modules are auto-loaded, but should you want
79. -- to disable them then uncomment them here:
80. modules_disabled = {
81. -- "offline"; -- Store offline messages
82. -- "c2s"; -- Handle client connections
83. -- "s2s"; -- Handle server-to-server connections
84. };
85.  
86. -- Disable account creation by default, for security
87. -- For more information see http://prosody.im/doc/creating_accounts
88. allow_registration = true;
89.  
90. -- Debian:
91. -- send the server to background.
92. --
93. daemonize = true;
94.  
95. -- Debian:
96. -- Please, don't change this option since /var/run/prosody/
97. -- is one of the few directories Prosody is allowed to write to
98. --
99. pidfile = "/var/run/prosody/prosody.pid";
100.  
101. -- These are the SSL/TLS-related settings. If you don't want
102. -- to use SSL/TLS, you may comment or remove this
103. ssl = {
104. key = "/etc/prosody/certs/localhost.key";
105. certificate = "/etc/prosody/certs/localhost.crt";
106. }
107.  
108. -- Force clients to use encrypted connections? This option will
109. -- prevent clients from authenticating unless they are using encryption.
110.  
111. c2s_require_encryption = false
112.  
113. -- Force certificate authentication for server-to-server connections?
114. -- This provides ideal security, but requires servers you communicate
115. -- with to support encryption AND present valid, trusted certificates.
116. -- NOTE: Your version of LuaSec must support certificate verification!
117. -- For more information see http://prosody.im/doc/s2s#security
118.  
119. s2s_secure_auth = false
120.  
121. -- Many servers don't support encryption or have invalid or self-signed
122. -- certificates. You can list domains here that will not be required to
123. -- authenticate using certificates. They will be authenticated using DNS.
124.  
125. --s2s_insecure_domains = { "gmail.com" }
126.  
127. -- Even if you leave s2s_secure_auth disabled, you can still require valid
128. -- certificates for some domains by specifying a list here.
129.  
130. --s2s_secure_domains = { "jabber.org" }
131.  
132. -- Select the authentication backend to use. The 'internal' providers
133. -- use Prosody's configured data storage to store the authentication data.
134. -- To allow Prosody to offer secure authentication mechanisms to clients, the
135. -- default provider stores passwords in plaintext. If you do not trust your
136. -- server please see http://prosody.im/doc/modules/mod_auth_internal_hashed
137. -- for information about using the hashed backend.
138.  
139. authentication = "internal_plain"
140.  
141. -- Select the storage backend to use. By default Prosody uses flat files
142. -- in its configured data directory, but it also supports more backends
143. -- through modules. An "sql" backend is included by default, but requires
144. -- additional dependencies. See http://prosody.im/doc/storage for more info.
145.  
146. -- storage = "sql" -- Default is "internal" (Debian: "sql" requires one of the
147. -- lua-dbi-sqlite3, lua-dbi-mysql or lua-dbi-postgresql packages to work)
148.  
149. -- For the "sql" backend, you can uncomment *one* of the below to configure:
150. --sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename.
151. --sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
152. --sql = { driver = "PostgreSQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
153.  
154. -- Logging configuration
155. -- For advanced logging see http://prosody.im/doc/logging
156. --
157. -- Debian:
158. -- Logs info and higher to /var/log
159. -- Logs errors to syslog also
160. log = {
161. -- Log files (change 'info' to 'debug' for debug logs):
162. info = "/var/log/prosody/prosody.log";
163. error = "/var/log/prosody/prosody.err";
164. -- Syslog:
165. { levels = { "error" }; to = "syslog"; };
166. }
167.  
168. ----------- Virtual hosts -----------
169. -- You need to add a VirtualHost entry for each domain you wish Prosody to serve.
170. -- Settings under each VirtualHost entry apply *only* to that host.
171.  
172. VirtualHost "stevesullam.com"
173. enable="true"
174.  
175. -- Assign this host a certificate for TLS, otherwise it would use the one
176. -- set in the global section (if any).
177. -- Note that old-style SSL on port 5223 only supports one certificate, and will always
178. -- use the global one.
179. ssl = {
180. key = "/etc/prosody/certs/stevesullam.com.key";
181. certificate = "/etc/prosody/certs/stevesullam.com.crt";
182. }
183.  
184. ------ Components ------
185. -- You can specify components to add hosts that provide special services,
186. -- like multi-user conferences, and transports.
187. -- For more information on components, see http://prosody.im/doc/components
188.  
189. ---Set up a MUC (multi-user chat) room server on conference.example.com:
190. Component "conference.stevesullam.com" "muc"
191.  
192. -- Set up a SOCKS5 bytestream proxy for server-proxied file transfers:
193. --Component "proxy.example.com" "proxy65"
194.  
195. ---Set up an external component (default component port is 5347)
196. --
197. -- External components allow adding various services, such as gateways/
198. -- transports to other networks like ICQ, MSN and Yahoo. For more info
199. -- see: http://prosody.im/doc/components#adding_an_external_component
200. --
201. --Component "gateway.example.com"
202. -- component_secret = "password"
203.  
204. ------ Additional config files ------
205. -- For organizational purposes you may prefer to add VirtualHost and
206. -- Component definitions in their own config files. This line includes
207. -- all config files in /etc/prosody/conf.d/
208. cross_domain_bosh = true -- Allow access from scripts on any site with no proxy (requires a modern browser
209.  
210. Include "conf.d/*.cfg.lua"