diff --git a/talks/server-casalingo/meta.yaml b/talks/server-casalingo/meta.yaml index 9c9f6bf..d8974ca 100644 --- a/talks/server-casalingo/meta.yaml +++ b/talks/server-casalingo/meta.yaml @@ -22,7 +22,7 @@ text: | room: B # duration è la durata in minuti del talk -duration: 90 +duration: 60 # Ci vanno le virgolette intorno! altrimenti 17.30 viene interpretato come un numero decimale time: "16.30" diff --git a/talks/xmpp/meta.yaml b/talks/xmpp/meta.yaml index c2ec638..f88cfe2 100644 --- a/talks/xmpp/meta.yaml +++ b/talks/xmpp/meta.yaml @@ -31,16 +31,16 @@ text: | # Se ancora non è stata assegnata una stanza al talk, commentala. Non usare un valore tipo "qualunque" o # cose del genere, che ci si incasina tutto -#room: antani +room: B # duration è la durata in minuti del talk -duration: 60 +duration: 45 # Ci vanno le virgolette intorno! altrimenti 17.30 viene interpretato come un numero decimale -#time: "17.30" +time: "17.30" # day è il giorno in cui avverrà il talk. Finché non decommenti il talk non sarà schedulato # 0=giovedì, 1=venerdì, 2=sabato, 3=domenica -# day: 0 +day: 1 tags: - server autogestiti diff --git a/talks/xmpp/res/advanced.prosody.cfg b/talks/xmpp/res/advanced.prosody.cfg new file mode 100644 index 0000000..3cd346f --- /dev/null +++ b/talks/xmpp/res/advanced.prosody.cfg @@ -0,0 +1,220 @@ +-- +-- Information on configuring Prosody can be found on our +-- website at https://prosody.im/doc/configure +-- +-- Tip: You can check that the syntax of this file is correct +-- when you have finished by running this command: +-- prosodyctl check config +-- If there are any errors, it will let you know what and where +-- they are, otherwise it will keep quiet. +-- +-- The only thing left to do is rename this file to remove the .dist ending, and fill in the +-- blanks. Good luck, and happy Jabbering! + + +interfaces = {"*"} -- only ipv4 +local_interfaces = {"127.0.0.1"} + +admins = { "boyska@miodominio.net" } + +plugin_paths = { "/usr/local/lib/prosody/prosody-modules" } + +modules_enabled = { + + -- Generally required + "roster"; -- Allow users to have a roster. Recommended ;) + "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. + "tls"; -- Add support for secure TLS on c2s/s2s connections + "dialback"; -- s2s dialback support + "disco"; -- Service discovery + + -- Not essential, but recommended + "carbons"; -- Keep multiple clients in sync + "pep"; -- Enables users to publish their mood, activity, playing music and more + -- TODO: pep o pep_simple? il modulo omemo_all_access, non piu supportato, diceva di usare mod_pep_simple + "private"; -- Private XML storage (for room bookmarks, etc.) + "vcard4"; + "vcard_legacy"; + "blocklist"; -- Allow users to block communications with other users + "vcard"; -- Allow users to set vCards + + -- Nice to have + "version"; -- Replies to server version requests + "uptime"; -- Report how long server has been running + "time"; -- Let others know the time here on this server + "ping"; -- Replies to XMPP pings with pongs + "register"; -- Allow users to register on this server using a client and change passwords + "mam"; -- Store messages in an archive and allow users to access it + -- "mam_adhoc"; -- Permette ad ogni utente di cambiare le configurazioni di archiviazione + + -- Admin interfaces + "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands + -- "admin_telnet"; -- Opens telnet console interface on localhost port 5582 + + -- HTTP modules + "http"; + "bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"; utile per web-based chat e firewall + --"websocket"; -- XMPP over WebSockets; alcune web-based chat lo usano e funziona meglio + --"http_files"; -- Serve static files from a directory over HTTP + + -- Other specific functionality + "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. + --"limits"; -- Enable bandwidth limiting for XMPP connections + "groups"; -- Aggiungiamo gruppi a persone in automatico + "bookmarks"; + "group_bookmarks"; -- Aggiungiamo persone a stanze in automatico + + "roster_allinall"; -- vogliamo questo per fare tutti co tutti + + -- Security + "log_auth"; + + -- Mobili di merda + "csi_simple"; + "throttle_presence"; + "filter_chatstates"; + "smacks"; + "http_upload_external"; + + --"server_contact_info"; -- Publish contact information for this service + "announce"; -- Send announcement to all online users; solo gli ADMIN possono + -- "welcome"; -- Da' un messaggio agli utenti che si loggano per la prima volta (funziona solo con register, che non vogliamo) + -- "watchregistrations"; -- Alert admins of registrations + --"motd"; -- Send a message to users when they log in + --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots. + -- "proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use +} +groups_file = "/var/lib/prosody/groups.txt" +group_bookmarks_file = "/var/lib/prosody/grouprooms.txt" + +-- These modules are auto-loaded, but should you want +-- to disable them then uncomment them here: +modules_disabled = { + "legacy_ssl"; + "https"; + -- "offline"; -- Store offline messages + -- "c2s"; -- Handle client connections + -- "s2s"; -- Handle server-to-server connections +} + +-- Disable account creation by default, for security +-- For more information see https://prosody.im/doc/creating_accounts +allow_registration = false +daemonize = false; +pidfile = "/run/prosody/prosody.pid"; + +-- SECURITY {{{ +c2s_require_encryption = true +s2s_require_encryption = true +s2s_secure_auth = true +-- Location of directory to find certificates in (relative to main config file): +certificates = "certs" +-- certificates = "/etc/letsencrypt/live/degenerazione.xyz/" +https_ports = {5281} +https_ssl = { + key = "certs/xmpp.miodominio.net.key"; + certificate = "certs/xmpp.miodominio.net.crt"; +} +-- trusted_proxies serve a BOSH per prendere gli IP dagli header +trusted_proxies = {"192.168.1.33", "192.168.100.33"} +http_external_url = "https://xmpp.miodominio.net/" +-- le richieste ci arrivano come "xmpp.miodominio.net". A quale component le diamo? famo cosi' e vaffanculo +http_default_host = "miodominio.info" +ssl = { + protocol = "tlsv1_1+"; +} +-- SECURITY }}} + +-- AUTHENTICATION {{{ + +-- Select the authentication backend to use. The 'internal' providers +-- use Prosody's configured data storage to store the authentication data. +-- To allow Prosody to offer secure authentication mechanisms to clients, the +-- default provider stores passwords in plaintext. If you do not trust your +-- server please see https://prosody.im/doc/modules/mod_auth_internal_hashed +-- for information about using the hashed backend. +-- authentication = "internal_hashed" +authentication = "ldap" +ldap_base = "ou=mail,dc=miodominio,dc=net" +ldap_filter = "(uid=$user@$host)" +-- AUTHENTICATION }}} + +storage = "sql" +sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename. + + +-- Archiving configuration +-- If mod_mam is enabled, Prosody will store a copy of every message. This +-- is used to synchronize conversations between multiple clients, even if +-- they are offline. This setting controls how long Prosody will keep +-- messages in the archive before removing them. + +archive_expires_after = "2w" -- Remove archived messages after 1 week +max_history_messages = 3000 -- per mam_muc + +log = { + -- Log files (change 'info' to 'debug' for debug logs): + debug = "/var/log/prosody/debug"; + info = "/var/log/prosody/prosody.log"; + error = "/var/log/prosody/prosody.err"; + -- Syslog: + { levels = { min="debug" }; to = "syslog"; }; +} + +-- Uncomment to enable statistics +-- For more info see https://prosody.im/doc/statistics +statistics = "internal" + +http_upload_external_base_url = "https://upload.xmpp.miodominio.net/upload/" +http_upload_external_secret = "ASDASDASDASDASDD" +http_upload_external_file_size_limit = 20000000 -- 20 MB + +-- Include "conf.d/*.cfg.lua" + +allinall_groups = { + {"miodominio.info", "miodominio.net"}; +} + +VirtualHost "miodominio.info" + disco_items = { + { "conference.miodominio.info", "Chat per miodominio" }; + {"proxy.xmpp.miodominio.net", "Trasferimento file"}; + } + +VirtualHost "miodominio.net" + disco_items = { + { "conference.miodominio.info", "Chat per miodominio" }; + {"proxy.xmpp.miodominio.net", "Trasferimento file"}; + } + -- ssl = { + -- key = "certs/miodominio.net.key"; + -- certificate = "certs/miodominio.net.crt"; + -- } + +Component "conference.miodominio.info" "muc" + name = "Chat di miodominio" + -- restrict_room_creation = "local" + max_history_messages = 100 + modules_enabled = { + "muc_mam"; -- Memorizza anche le chat + "vcard_muc"; -- avatar e altro + } + -- mod_mam_muc {{{ + max_history_messages = 200; + -- }}} + -- + + muc_room_default_public = false + muc_room_default_persistent = true + muc_room_default_members_only = false + muc_room_default_moderated = false + muc_room_default_public_jids = false + muc_room_default_change_subject = true + muc_room_default_history_length = 50 + muc_room_default_language = "it" + +Component "proxy.xmpp.miodominio.net" "proxy65" +-- proxy65_address = "xmpp.miodominio.net" + proxy65_acl = { "miodominio.info", "miodominio.net" } + +-- vim: set fdm=marker ft=lua fdl=0: diff --git a/talks/xmpp/res/basic.prosody.cfg b/talks/xmpp/res/basic.prosody.cfg new file mode 100644 index 0000000..ca56ec9 --- /dev/null +++ b/talks/xmpp/res/basic.prosody.cfg @@ -0,0 +1,146 @@ +interfaces = {"*"} -- only ipv4 +local_interfaces = {"127.0.0.1"} + +admins = { "boyska@miodominio.net" } + +plugin_paths = { "/usr/local/lib/prosody/prosody-modules" } + +modules_enabled = { + + -- Generally required + "roster"; -- Allow users to have a roster. Recommended ;) + "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. + "tls"; -- Add support for secure TLS on c2s/s2s connections + "dialback"; -- s2s dialback support + "disco"; -- Service discovery + + -- Not essential, but recommended + "carbons"; -- Keep multiple clients in sync + "pep"; -- Enables users to publish their mood, activity, playing music and more + -- TODO: pep o pep_simple? il modulo omemo_all_access, non piu supportato, diceva di usare mod_pep_simple + "private"; -- Private XML storage (for room bookmarks, etc.) + "vcard4"; + "vcard_legacy"; + "blocklist"; -- Allow users to block communications with other users + "vcard"; -- Allow users to set vCards + + -- Nice to have + "version"; -- Replies to server version requests + "uptime"; -- Report how long server has been running + "time"; -- Let others know the time here on this server + "ping"; -- Replies to XMPP pings with pongs + "register"; -- Allow users to register on this server using a client and change passwords + "mam"; -- Store messages in an archive and allow users to access it + -- "mam_adhoc"; -- Permette ad ogni utente di cambiare le configurazioni di archiviazione + + -- Admin interfaces + "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands + -- "admin_telnet"; -- Opens telnet console interface on localhost port 5582 + + -- HTTP modules + "http"; + "bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"; utile per web-based chat e firewall + --"websocket"; -- XMPP over WebSockets; alcune web-based chat lo usano e funziona meglio + --"http_files"; -- Serve static files from a directory over HTTP + + -- Other specific functionality + "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. + --"limits"; -- Enable bandwidth limiting for XMPP connections + "groups"; -- Aggiungiamo gruppi a persone in automatico + "bookmarks"; + "group_bookmarks"; -- Aggiungiamo persone a stanze in automatico + + "roster_allinall"; -- vogliamo questo per fare tutti co tutti + + -- Security + "log_auth"; + + -- Mobili di merda + "csi_simple"; + "throttle_presence"; + "filter_chatstates"; + "smacks"; + "http_upload_external"; + + --"server_contact_info"; -- Publish contact information for this service + "announce"; -- Send announcement to all online users; solo gli ADMIN possono + -- "welcome"; -- Da' un messaggio agli utenti che si loggano per la prima volta (funziona solo con register, che non vogliamo) + -- "watchregistrations"; -- Alert admins of registrations + --"motd"; -- Send a message to users when they log in + --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots. + -- "proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use +} +groups_file = "/var/lib/prosody/groups.txt" +group_bookmarks_file = "/var/lib/prosody/grouprooms.txt" + +-- These modules are auto-loaded, but should you want +-- to disable them then uncomment them here: +modules_disabled = { + "legacy_ssl"; + "https"; + -- "offline"; -- Store offline messages + -- "c2s"; -- Handle client connections + -- "s2s"; -- Handle server-to-server connections +} + +-- Disable account creation by default, for security +-- For more information see https://prosody.im/doc/creating_accounts +allow_registration = false +daemonize = false; +pidfile = "/run/prosody/prosody.pid"; + +-- SECURITY {{{ +c2s_require_encryption = true +s2s_require_encryption = true +s2s_secure_auth = true +-- Location of directory to find certificates in (relative to main config file): +certificates = "certs" +-- certificates = "/etc/letsencrypt/live/degenerazione.xyz/" +https_ports = {5281} +https_ssl = { + key = "certs/xmpp.miodominio.net.key"; + certificate = "certs/xmpp.miodominio.net.crt"; +} +ssl = { + protocol = "tlsv1_1+"; +} +-- SECURITY }}} + +authentication = "internal_hashed" + +storage = "sql" +sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename. + + +-- Archiving configuration +-- If mod_mam is enabled, Prosody will store a copy of every message. This +-- is used to synchronize conversations between multiple clients, even if +-- they are offline. This setting controls how long Prosody will keep +-- messages in the archive before removing them. + +archive_expires_after = "2w" -- Remove archived messages after 1 week +max_history_messages = 3000 -- per mam_muc + +log = { + -- Log files (change 'info' to 'debug' for debug logs): + debug = "/var/log/prosody/debug"; + info = "/var/log/prosody/prosody.log"; + error = "/var/log/prosody/prosody.err"; + -- Syslog: + { levels = { min="debug" }; to = "syslog"; }; +} + +-- Uncomment to enable statistics +-- For more info see https://prosody.im/doc/statistics +statistics = "internal" + +allinall_groups = { + {"miodominio.info", "miodominio.net"}; +} + +VirtualHost "miodominio.info" + +VirtualHost "miodominio.net" + +-- vim: set fdm=marker ft=lua fdl=0: + diff --git a/talks/xmpp/res/links.txt b/talks/xmpp/res/links.txt new file mode 100644 index 0000000..5fc2889 --- /dev/null +++ b/talks/xmpp/res/links.txt @@ -0,0 +1 @@ +https://github.com/ThomasLeister/prosody-filer \ No newline at end of file