API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 18th, 2015
96
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.32 KB | None | 0 0
raw download clone embed print report
  1. <!-- Session manager configuration -->
  2. <sm>
  3. <!-- Our ID on the network (default: sm) -->
  4. <id>sm</id>
  5.  
  6. <!-- The process ID file. Comment this out if you don't need to know
  7. the process ID from outside the process (eg for control scripts) -->
  8. <pidfile>/var/run/jabberd2/sm.pid</pidfile>
  9.  
  10. <!-- Router connection configuration -->
  11. <router>
  12. <!-- IP/port the router is waiting for connections on -->
  13. <ip>127.0.0.1</ip> <!-- default: 127.0.0.1 -->
  14. <port>5347</port> <!-- default: 5347 -->
  15.  
  16. <!-- Username/password to authenticate as -->
  17. <user>jabberd</user> <!-- default: jabberd -->
  18. <pass>secret</pass> <!-- default: secret -->
  19.  
  20. <!-- File containing an SSL certificate and private key to use when
  21. setting up an encrypted channel with the router. From
  22. SSL_CTX_use_certificate_chain_file(3): "The certificates must be
  23. in PEM format and must be sorted starting with the subject's
  24. certificate (actual client or server certificate), followed
  25. by intermediate CA certificates if applicable, and ending
  26. at the highest level (root) CA" (the latter one being optional).
  27. If this is commented out, or the file can't be read, no attempt
  28. will be made to establish an encrypted channel with the router. -->
  29. <!--
  30. <pemfile>/etc/jabberd2/server.pem</pemfile>
  31. -->
  32.  
  33. <!-- Router connection retry -->
  34. <retry>
  35. <!-- If the connection to the router can't be established at
  36. startup, we should try again this many times before exiting.
  37. Use -1 to retry indefinitely. [default: 3] -->
  38. <init>3</init>
  39.  
  40. <!-- If we lost the connection to the router during normal
  41. operation (ie we've successfully connected to the router in
  42. the past), we should try to reconnect this many times before
  43. exiting. Use -1 to retry indefinitely. [default: 3] -->
  44. <lost>3</lost>
  45.  
  46. <!-- Sleep for this many seconds before trying attempting a
  47. reconnect. [default: 2] -->
  48. <sleep>2</sleep>
  49. </retry>
  50. </router>
  51.  
  52. <!-- Log configuration - type is "syslog", "file" or "stdout" -->
  53. <log type='syslog'>
  54. <!-- If logging to syslog, this is the log ident -->
  55. <ident>jabberd/sm</ident>
  56.  
  57. <!-- If logging to syslog, this is the log facility
  58. (local0 - local7) [default: local3] -->
  59. <facility>local3</facility>
  60.  
  61. <!-- If logging to file, this is the filename of the logfile -->
  62. <!--
  63. <file>/var/log/jabberd2/sm.log</file>
  64. -->
  65.  
  66. <!-- Filename of the debug logfile -->
  67. <!--
  68. <debug>/var/log/jabberd2/debug-${id}.log</debug>
  69. -->
  70. </log>
  71.  
  72. <!-- Local network configuration -->
  73. <local>
  74. <!-- Who we identify ourselves as.
  75. Users will have this as the domain part of their JID.
  76. If you want your server to be accessible from other
  77. Jabber servers, this IDs must be FQDN resolvable by DNSes.
  78. If not set, the SM id is used. -->
  79.  
  80. <id>45.79.188.247</id>
  81. <!--
  82. <id>vhost1.localdomain</id>
  83. <id>vhost2.localdomain</id>
  84. -->
  85.  
  86. </local>
  87. <!-- Storage database configuration -->
  88. <storage>
  89. <!-- Dynamic storage modules path -->
  90. <path>/usr/lib64/jabberd</path>
  91.  
  92. <!-- By default, we use the SQLite driver for all storage -->
  93. <driver>db</driver>
  94.  
  95. <!-- Its also possible to explicitly list alternate drivers for
  96. specific data types. -->
  97.  
  98. <!-- Store vcards in a ldapvcard database instead -->
  99. <!--
  100. <driver type='vcard'>ldapvcard</driver>
  101. -->
  102.  
  103. <!-- Read mapping for group id <-> group name from ldap.
  104. Used by mod_published_roster.
  105. See ldapvcard section for options.
  106. When resolving group id to group name, it searches for
  107. groupsobjectclass objects at groupsdn base using group id
  108. (in groupsidattr) as key and returns the first value of
  109. groupattr of first found entry.
  110. E.g.. in general case, if group id is "some-dep", and groupsdn
  111. is o=org, and class is jabberGroup, it searches for
  112. (&(objectClass=jabberGroup)(cn=some-dep)) and returns value of
  113. jabberPublishedItem attribute, which may contain textual description.
  114. -->
  115. <!--
  116. <driver type='published-roster-groups'>ldapvcard</driver>
  117. -->
  118.  
  119. <!-- Rate limiting -->
  120. <limits>
  121. <!-- Maximum bytes per second - if more than X bytes are sent in Y
  122. seconds, connection is throttled for Z seconds. The format
  123. is:
  124.  
  125. <bytes seconds='Y' throttle='Z'>X</bytes>
  126.  
  127. Default Y is 5, default Z is 60. set X to 0 to disable. -->
  128. <!--
  129. <queries>3</queries>
  130. -->
  131. </limits>
  132.  
  133. <!-- SQLite driver configuration -->
  134. <sqlite>
  135. <!-- Database name -->
  136. <dbname>/var/lib/jabberd2/db/sqlite.db</dbname>
  137.  
  138. <!-- Transacation support. If this is commented out, transactions
  139. will be disabled. This might make database accesses faster,
  140. but data may be lost if jabberd crashes. -->
  141. <transactions/>
  142.  
  143. <!-- SQLite busy-timeout in milliseconds. -->
  144. <busy-timeout>2000</busy-timeout>
  145. </sqlite>
  146.  
  147. <!-- MySQL driver configuration -->
  148. <mysql>
  149. <!-- Database server host and port -->
  150. <host>localhost</host>
  151. <port>3306</port>
  152.  
  153. <!-- Database name -->
  154. <dbname>jabberd2</dbname>
  155.  
  156. <!-- Database username and password -->
  157. <user>jabberd2</user>
  158. <pass>secret</pass>
  159.  
  160. <!-- Transacation support. If this is commented out, transactions
  161. will be disabled. This might make database accesses faster,
  162. but data may be lost if jabberd crashes.
  163.  
  164. This will need to be disabled if you are using a MySQL
  165. earlier than v3.23.xx, as transaction support did not appear
  166. until this version. -->
  167. <transactions/>
  168. </mysql>
  169.  
  170. <!-- PostgreSQL driver configuration -->
  171. <pgsql>
  172. <!-- PostgreSQL connection info.
  173. For the rest of the options see
  174. http://www.postgresql.org/docs/8.0/interactive/libpq.html -->
  175. <conninfo>dbname=jabberd2 user=jabberd2 password=secret</conninfo>
  176.  
  177. <!-- Alternatively you may set connection settings separately.
  178. These are used only in absence of 'conninfo' -->
  179.  
  180. <!-- Database server host and port -->
  181. <host>localhost</host>
  182. <port>5432</port>
  183.  
  184. <!-- Database name -->
  185. <dbname>jabberd2</dbname>
  186.  
  187. <!-- Database username and password -->
  188. <user>jabberd2</user>
  189. <pass>secret</pass>
  190.  
  191. <!-- Transacation support. If this is commented out, transactions
  192. will be disabled. This might make database accesses faster,
  193. but data may be lost if jabberd crashes. -->
  194. <transactions/>
  195. </pgsql>
  196.  
  197. <!-- Berkeley DB driver configuration. This does not support roster
  198. maxitems or offline userquota (because the mod_roster
  199. implementation does not implement the 'count' callback). -->
  200. <db>
  201. <!-- Directory to store database files under -->
  202.  
  203. <path>/usr/local/var/jabberd/db</path>
  204.  
  205. <!-- Synchronize the database to disk after each write. If you
  206. disable this, database accesses may be faster, but data may
  207. be lost if jabberd crashes. -->
  208. <sync/>
  209. </db>
  210.  
  211. <!-- Oracle driver configuration -->
  212. <oracle>
  213. <!-- Database server host and port. -->
  214. <host>localhost</host>
  215. <port>1521</port>
  216.  
  217. <!-- Database name -->
  218. <dbname>jabberd2</dbname>
  219.  
  220. <!-- Database username and password -->
  221. <user>jabberd2</user>
  222. <pass>secret</pass>
  223. </oracle>
  224.  
  225. <!-- Filesystem driver configuration -->
  226. <fs>
  227. <!-- Directory to store database files under. -->
  228. <path>/var/lib/jabberd2/fs</path>
  229. </fs>
  230.  
  231. <!-- LDAPVCARD driver configuration -->
  232. <ldapvcard>
  233. <!-- LDAP server host and port (default: 389) -->
  234. <uri>ldap://localhost/ ldaps://ldap.example.com/</uri>
  235.  
  236. <!-- DN to bind as for searches. If unspecified, the searches
  237. will be done anonymously. -->
  238. <!--
  239. <binddn>cn=Directory Manager</binddn>
  240. <bindpw>secret</bindpw>
  241. -->
  242.  
  243. <!-- see authreg.ldapfull int c2s.xml for description. -->
  244. <!--
  245. <type>ad</type>
  246. -->
  247.  
  248. <!-- LDAP attribute that holds the user ID (default: uid) -->
  249. <uidattr>uid</uidattr>
  250. <objectclass>posixAccount</objectclass>
  251. <pwattr>userPassword</pwattr>
  252. <!-- if you use included jabberd.schema use this:
  253. <uidattr>jid</uidattr>
  254. <objectclass>jabberUser</objectclass>
  255. <pwattr>jabberPassword</pwattr>
  256. -->
  257.  
  258. <!-- see authreg.ldapfull int c2s.xml for description. -->
  259. <!--
  260. <validattr>valid</validattr>
  261. -->
  262.  
  263. <!-- base DN of the tree. You should specify a DN for each
  264. authentication realm declared in the <local/> section above,
  265. by using the realm attribute. -->
  266. <basedn>o=Example Corp.</basedn>
  267.  
  268. <!-- attribute that holds published group name or id,
  269. jabberPublishedGroup if not set -->
  270. <!--
  271. <groupattr>jabberPublishedGroup</groupattr>
  272. -->
  273.  
  274. <!-- this option is helpful if your schema does not have designated
  275. attribute that holds jabber group name
  276. you can use any attribute in <groupattr> i.e. 'distinguishedName'
  277. and then extract a part of it using Regular Expression;
  278. first matching () group will be used -->
  279. <!--
  280. <groupattr_regex>OU=([^,]*),</groupattr_regex>
  281. -->
  282.  
  283. <!-- boolean attribute that tells, publish or not this user
  284. jabberPublishedItem by default -->
  285. <!--
  286. <publishedattr>jabberPublishedItem</publishedattr>
  287. -->
  288.  
  289. <!-- If value specified, then keep cache of "published-roster"
  290. database. Cache is renewed when kept more seconds than value
  291. specified. Setting this value increases perfomance of publishing
  292. roster. If not specified, then we don't keep cache. -->
  293. <publishedcachettl>60</publishedcachettl>
  294.  
  295. <mapped-groups>
  296. <!-- If turned on, then reading mapping of group ids to names with
  297. LDAP will works. -->
  298. <!--
  299. <map-groups/>
  300. -->
  301.  
  302. <!-- base for searches for group id to group name mappings -->
  303. <basedn>ou=jabbergroups, o=Example Corp.</basedn>
  304.  
  305. <!-- what objectclass to search, jabberGroup by default -->
  306. <!--
  307. <objectclass>jabberGroup</objectclass>
  308. -->
  309.  
  310. <!-- what attribute to search, cn by default -->
  311. <!--
  312. <idattr>cn</idattr>
  313. -->
  314.  
  315. <!-- attribute with text group name, description by default -->
  316. <!--
  317. <nameattr>description</nameattr>
  318. -->
  319. </mapped-groups>
  320. </ldapvcard>
  321. </storage>
  322.  
  323. <!-- Access control information -->
  324. <aci>
  325. <!-- The JIDs listed here will get access to all restricted
  326. functions, regardless of restrictions further down -->
  327. <acl type='all'>
  328. <jid>admin@localhost.localdomain</jid>
  329. </acl>
  330.  
  331. <!-- These JIDs can send broadcast messages (announce, motd) -->
  332. <!--
  333. <acl type='broadcast'>
  334. <jid>nocstaff1@localhost.localdomain</jid>
  335. <jid>nocstaff2@localhost.localdomain</jid>
  336. </acl>
  337. -->
  338.  
  339. <!-- These JIDs will receive messages addressed to the sm itself
  340. (help requestes and such) -->
  341. <!--
  342. <acl type='messages'>
  343. <jid>support@localhost.localdomain</jid>
  344. </acl>
  345. -->
  346.  
  347. <!-- These JIDs can discover active user/session information -->
  348.  
  349. <!--
  350. <acl type='disco'>
  351. <jid>webstatus@localhost.localdomain</jid>
  352. </acl>
  353. -->
  354. </aci>
  355.  
  356. <!-- Module chain configuration
  357.  
  358. Modules listed in a chain are called in the order specified at
  359. the appropriate time for that chain (assuming that the module
  360. knows how to work with that chain; otherwise it simply ignores
  361. it).
  362.  
  363. Removing a module from these lists will stop the module being
  364. called, even if its compiled into the server.
  365.  
  366. Serveral modules have a presence in more than one chain. It is
  367. possible to remove a module from one chain but not others, but
  368. this may cause strange behaviour. Make sure you know what you're
  369. doing. -->
  370. <modules>
  371. <!-- Dynamic sm modules path -->
  372. <path>/usr/lib64/jabberd</path>
  373.  
  374. <!-- sess-start. The modules in this chain are called when a session
  375. is first started (usually on request by c2s as part of the
  376. authentication process). This is normally used to load
  377. per-session data. -->
  378. <chain id='sess-start'>
  379. <module>status</module> <!-- record status information -->
  380. </chain>
  381.  
  382. <!-- sess-end. The modules in this chain are called just before a
  383. session is destroyed (after the client has disconnected). -->
  384. <chain id='sess-end'>
  385. <module>status</module> <!-- update status information -->
  386. <module>iq-last</module> <!-- update logout time -->
  387. </chain>
  388.  
  389. <!-- in-sess. The modules in this chain are called when a packet
  390. arrives from an active user session. Note that this chain is
  391. also responsible for delivering packets to their destinations -
  392. this is usually handled by the "deliver" module. -->
  393. <chain id='in-sess'>
  394. <module>validate</module> <!-- validate packet type -->
  395. <module>status</module> <!-- update status information -->
  396. <module>privacy</module> <!-- manage privacy lists -->
  397. <module>roster</module> <!-- handle roster get/sets and s10ns -->
  398. <module>vacation</module> <!-- manage vacation settings -->
  399. <!-- <module>pep</module> <!- - personal eventing -->
  400. <module>iq-vcard</module> <!-- store and retrieve the user's vcard -->
  401. <module>iq-ping</module> <!-- return the server ping -->
  402. <module>iq-private</module> <!-- manage the user's private data store -->
  403. <module>disco</module> <!-- respond to agents requests from sessions -->
  404. <module>amp</module> <!-- advanced message processing -->
  405. <module>offline</module> <!-- if we're coming online for the first time, deliver queued messages -->
  406. <module>announce</module> <!-- deliver motd -->
  407.  
  408. <module>presence</module> <!-- process and distribute presence updates -->
  409. <module>deliver</module> <!-- deliver packets with full jids directly -->
  410. </chain>
  411.  
  412. <!-- out-sess. The modules in this chain are called just before a
  413. packet is delivered to an active user session. -->
  414. <chain id='out-sess'>
  415. <!-- <module>pep</module> <!- - personal eventing -->
  416. </chain>
  417.  
  418. <!-- in-router. The modules in this chain are called when a packet
  419. arrives from the router (ie another component or s2s), but
  420. before any processing is done. This is a good place to filter
  421. incoming packets. -->
  422. <chain id='in-router'>
  423. <module>session</module> <!-- perform session actions as required by c2s -->
  424. <module>validate</module> <!-- validate packet type -->
  425. <module>presence</module> <!-- drop incoming presence if user not online -->
  426. <module>privacy</module> <!-- filter incoming packets based on privacy rules -->
  427. </chain>
  428.  
  429. <!-- out-router. The modules in this chain are called just before a
  430. packet is delivered to the router (destined for another
  431. component or s2s). This is a good place to filter outgoing
  432. packets. -->
  433. <chain id='out-router'>
  434. <module>privacy</module> <!-- filter outgoing packets based on privacy rules -->
  435. </chain>
  436.  
  437. <!-- pkt-sm. The modules in this chain are called when a packet
  438. arrives that is addressed to the session manager itself (ie the
  439. to JID has no node part). This is normally used to provide
  440. session-manager-wide services (like service discovery). -->
  441. <chain id='pkt-sm'>
  442. <module>iq-last</module> <!-- return the server uptime -->
  443. <module>iq-ping</module> <!-- return the server ping -->
  444. <module>iq-time</module> <!-- return the current server time -->
  445. <module>iq-version</module> <!-- return the server name and version -->
  446. <module>amp</module> <!-- advanced message processing -->
  447. <module>disco</module> <!-- build the disco list; respond to disco queries -->
  448. <module>announce</module> <!-- send broadcast messages (announce, motd, etc) -->
  449. <module>help</module> <!-- resend sm messages to administrators -->
  450. <module>echo</module> <!-- echo messages sent to /echo -->
  451. <module>status</module> <!-- track status information -->
  452. <module>presence</module> <!-- proces server presence subscriptions -->
  453. </chain>
  454.  
  455. <!-- pkt-user. The modules in this chain are called when a packet
  456. arrives that is address to a specific user. Note that this
  457. chain is also responsible for delivering packets to user
  458. sessions as appropriate - this is usually handled by the
  459. "deliver" module. -->
  460. <chain id='pkt-user'>
  461. <module>roster</module> <!-- handle s10n responses -->
  462. <module>presence</module> <!-- process and distribute incoming presence from external entities -->
  463. <module>iq-vcard</module> <!-- grab user vcards -->
  464. <module>amp</module> <!-- advanced message processing -->
  465. <module>deliver</module> <!-- deliver the packet to an active session if we can -->
  466. <module>vacation</module> <!-- send vacation messages -->
  467. <module>offline</module> <!-- save messages and s10ns for later -->
  468. <module>iq-last</module> <!-- return time since last logout -->
  469. </chain>
  470.  
  471. <!-- pkt-router. The modules in this chain are called when a
  472. special-purpose packet arrives from the router (eg domain
  473. advertisements). -->
  474. <chain id='pkt-router'>
  475. <module>session</module> <!-- take sessions offline if their c2s disappears -->
  476. <module>disco</module> <!-- query new components for service information -->
  477. </chain>
  478.  
  479. <!-- user-load. The modules in this chain are called to load
  480. per-user data. This will happen before a user can be used (ie
  481. before a session is created). -->
  482. <chain id='user-load'>
  483. <module>active</module> <!-- get active status -->
  484. <module>roster</module> <!-- load the roster and trust list -->
  485. <module>roster-publish</module> <!-- load the published roster -->
  486. <module>privacy</module> <!-- load privacy lists -->
  487. <module>vacation</module> <!-- load vacation settings -->
  488. </chain>
  489.  
  490. <!-- user-unload. The modules in this chain are called right
  491. after last per-user session is destroyed. -->
  492. <chain id='user-unload'>
  493. </chain>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!