224 lines
4.4 KiB
Text
224 lines
4.4 KiB
Text
loglevel: 4
|
|
log_rotate_size: 0
|
|
|
|
hosts:
|
|
<% @hosts.each do |host| -%>
|
|
- "<%= host %>"
|
|
<% end -%>
|
|
|
|
listen:
|
|
-
|
|
<% if @ipaddress6 -%>
|
|
ip: "::"
|
|
<% end -%>
|
|
port: 5222
|
|
module: ejabberd_c2s
|
|
max_stanza_size: 655360
|
|
shaper: c2s_shaper
|
|
access: c2s
|
|
starttls_required: true
|
|
certfile: "/etc/ejabberd/ejabberd.pem"
|
|
ciphers: "<%= scope.lookupvar('ssl::ciphersuites::default_ciphersuites') %>"
|
|
protocol_options:
|
|
- "no_sslv2"
|
|
- "no_sslv3"
|
|
-
|
|
<% if @ipaddress6 -%>
|
|
ip: "::"
|
|
<% end -%>
|
|
port: 5223
|
|
module: ejabberd_c2s
|
|
max_stanza_size: 655360
|
|
shaper: c2s_shaper
|
|
access: c2s
|
|
tls: true
|
|
certfile: "/etc/ejabberd/ejabberd.pem"
|
|
ciphers: "<%= scope.lookupvar('ssl::ciphersuites::default_ciphersuites') %>"
|
|
protocol_options:
|
|
- "no_sslv2"
|
|
- "no_sslv3"
|
|
-
|
|
<% if @ipaddress6 -%>
|
|
ip: "::"
|
|
<% end -%>
|
|
port: 5269
|
|
module: ejabberd_s2s_in
|
|
max_stanza_size: 1310720
|
|
shaper: s2s_shaper
|
|
-
|
|
ip: "127.0.0.1"
|
|
port: 5280
|
|
module: ejabberd_http
|
|
web_admin: true
|
|
http_poll: true
|
|
http_bind: true
|
|
<% if @ipaddress6 -%>
|
|
-
|
|
ip: "::1"
|
|
port: 5280
|
|
module: ejabberd_http
|
|
web_admin: true
|
|
http_poll: true
|
|
http_bind: true
|
|
<% end -%>
|
|
|
|
s2s_access: s2s
|
|
s2s_certfile: "/etc/ejabberd/ejabberd.pem"
|
|
s2s_use_starttls: required
|
|
s2s_ciphers: "<%= scope.lookupvar('ssl::ciphersuites::default_ciphersuites') %>"
|
|
s2s_protocol_options:
|
|
- "no_sslv2"
|
|
- "no_sslv3"
|
|
|
|
disable_sasl_mechanisms:
|
|
- "X-OAUTH2"
|
|
|
|
<% if @auth.is_a?(Array) -%>
|
|
auth_method:
|
|
<% @auth.each do |method| -%>
|
|
- <%= method %>
|
|
<% end -%>
|
|
<% else -%>
|
|
auth_method: <%= @auth %>
|
|
<% end -%>
|
|
<% if @extauth -%>
|
|
<% unless @extauth_cache == false or (@auth.is_a?(Array) and @auth.include?('internal') or @auth == 'internal') -%>
|
|
auth_password_format: scram
|
|
extauth_cache: <%= @extauth_cache %>
|
|
<% end -%>
|
|
extauth_program: "<%= @extauth %>"
|
|
<% end -%>
|
|
<% if @ldap_server -%>
|
|
ldap_base: "<%= @ldap_basedn %>"
|
|
ldap_encrypt: <%= @ldap_encrypt %>
|
|
ldap_filter: "(!(loginShell=/sbin/nologin))"
|
|
ldap_port: <%= @ldap_port %>
|
|
ldap_servers:
|
|
<% @ldap_server.each do |server| -%>
|
|
- "<%= server %>"
|
|
<% end -%>
|
|
ldap_uids:
|
|
- "<%= @ldap_uid %>": "%u"
|
|
<% if @ldap_rootdn and @ldap_password -%>
|
|
ldap_rootdn: "<%= @ldap_rootdn %>"
|
|
ldap_password: "<%= @ldap_password %>"
|
|
<% end -%>
|
|
<% end -%>
|
|
|
|
shaper:
|
|
c2s: 1310720
|
|
s2s: 2621440
|
|
|
|
max_fsm_queue: 10000
|
|
|
|
acl:
|
|
<% if @admins -%>
|
|
admin:
|
|
user:
|
|
<% @admins.each do |admin|
|
|
user, host = admin.split("@") -%>
|
|
- "<%= user %>": "<%= host %>"
|
|
<% end -%>
|
|
<% end -%>
|
|
local:
|
|
user_regexp: ""
|
|
loopback:
|
|
ip:
|
|
- "127.0.0.0/8"
|
|
|
|
access:
|
|
announce:
|
|
admin: allow
|
|
c2s:
|
|
all: allow
|
|
c2s_shaper:
|
|
all: c2s
|
|
configure:
|
|
admin: allow
|
|
local:
|
|
local: allow
|
|
max_user_offline_messages:
|
|
admin: 1000
|
|
all: 100
|
|
max_user_sessions:
|
|
all: 1000
|
|
muc:
|
|
local: allow
|
|
muc_admin:
|
|
admin: allow
|
|
muc_create:
|
|
local: allow
|
|
pubsub_createnode:
|
|
local: allow
|
|
register:
|
|
all: deny
|
|
s2s:
|
|
all: allow
|
|
s2s_shaper:
|
|
all: s2s
|
|
trusted_network:
|
|
loopback: allow
|
|
|
|
language: "en"
|
|
|
|
modules:
|
|
mod_adhoc: {}
|
|
mod_admin_extra: {}
|
|
mod_announce:
|
|
access: announce
|
|
mod_blocking: {}
|
|
mod_caps: {}
|
|
mod_carboncopy: {}
|
|
mod_client_state: {}
|
|
mod_configure: {}
|
|
mod_disco: {}
|
|
mod_http_bind: {}
|
|
mod_last: {}
|
|
mod_muc:
|
|
access: muc
|
|
access_admin: muc_admin
|
|
access_create: muc_create
|
|
access_persistent: muc_create
|
|
history_size: 100
|
|
max_users: 1000
|
|
max_user_conferences: 2000
|
|
default_room_options:
|
|
allow_user_invites: true
|
|
anonymous: false
|
|
<% if @muclog_datadir and @muclog_default == true -%>
|
|
logging: true
|
|
<% else -%>
|
|
logging: false
|
|
<% end -%>
|
|
max_users: 1000
|
|
members_by_default: false
|
|
members_only: true
|
|
public: false
|
|
public_list: false
|
|
mod_muc_admin: {}
|
|
<% if @muclog_datadir -%>
|
|
mod_muc_log:
|
|
access_log: muc_admin
|
|
file_format: <%= @muclog_format %>
|
|
outdir: "<%= @muclog_datadir %>"
|
|
timezone: universal
|
|
<% end -%>
|
|
mod_offline:
|
|
access_max_user_messages: max_user_offline_messages
|
|
mod_ping: {}
|
|
mod_privacy: {}
|
|
mod_private: {}
|
|
mod_pubsub:
|
|
access_createnode: pubsub_createnode
|
|
ignore_pep_from_offline: true
|
|
last_item_cache: false
|
|
plugins:
|
|
- "flat"
|
|
- "hometree"
|
|
- "pep"
|
|
mod_roster: {}
|
|
mod_shared_roster: {}
|
|
mod_stats: {}
|
|
mod_time: {}
|
|
mod_vcard: {}
|
|
mod_version: {}
|