|
@@ -0,0 +1,220 @@
|
|
|
+--
|
|
|
+-- Information on configuring Prosody can be found on our
|
|
|
+-- website at https://prosody.im/doc/configure
|
|
|
+--
|
|
|
+-- Tip: You can check that the syntax of this file is correct
|
|
|
+-- when you have finished by running this command:
|
|
|
+-- prosodyctl check config
|
|
|
+-- If there are any errors, it will let you know what and where
|
|
|
+-- they are, otherwise it will keep quiet.
|
|
|
+--
|
|
|
+-- The only thing left to do is rename this file to remove the .dist ending, and fill in the
|
|
|
+-- blanks. Good luck, and happy Jabbering!
|
|
|
+
|
|
|
+
|
|
|
+interfaces = {"*"} -- only ipv4
|
|
|
+local_interfaces = {"127.0.0.1"}
|
|
|
+
|
|
|
+admins = { "boyska@miodominio.net" }
|
|
|
+
|
|
|
+plugin_paths = { "/usr/local/lib/prosody/prosody-modules" }
|
|
|
+
|
|
|
+modules_enabled = {
|
|
|
+
|
|
|
+ -- Generally required
|
|
|
+ "roster"; -- Allow users to have a roster. Recommended ;)
|
|
|
+ "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
|
|
|
+ "tls"; -- Add support for secure TLS on c2s/s2s connections
|
|
|
+ "dialback"; -- s2s dialback support
|
|
|
+ "disco"; -- Service discovery
|
|
|
+
|
|
|
+ -- Not essential, but recommended
|
|
|
+ "carbons"; -- Keep multiple clients in sync
|
|
|
+ "pep"; -- Enables users to publish their mood, activity, playing music and more
|
|
|
+ -- TODO: pep o pep_simple? il modulo omemo_all_access, non piu supportato, diceva di usare mod_pep_simple
|
|
|
+ "private"; -- Private XML storage (for room bookmarks, etc.)
|
|
|
+ "vcard4";
|
|
|
+ "vcard_legacy";
|
|
|
+ "blocklist"; -- Allow users to block communications with other users
|
|
|
+ "vcard"; -- Allow users to set vCards
|
|
|
+
|
|
|
+ -- Nice to have
|
|
|
+ "version"; -- Replies to server version requests
|
|
|
+ "uptime"; -- Report how long server has been running
|
|
|
+ "time"; -- Let others know the time here on this server
|
|
|
+ "ping"; -- Replies to XMPP pings with pongs
|
|
|
+ "register"; -- Allow users to register on this server using a client and change passwords
|
|
|
+ "mam"; -- Store messages in an archive and allow users to access it
|
|
|
+ -- "mam_adhoc"; -- Permette ad ogni utente di cambiare le configurazioni di archiviazione
|
|
|
+
|
|
|
+ -- Admin interfaces
|
|
|
+ "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
|
|
|
+ -- "admin_telnet"; -- Opens telnet console interface on localhost port 5582
|
|
|
+
|
|
|
+ -- HTTP modules
|
|
|
+ "http";
|
|
|
+ "bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"; utile per web-based chat e firewall
|
|
|
+ --"websocket"; -- XMPP over WebSockets; alcune web-based chat lo usano e funziona meglio
|
|
|
+ --"http_files"; -- Serve static files from a directory over HTTP
|
|
|
+
|
|
|
+ -- Other specific functionality
|
|
|
+ "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
|
|
|
+ --"limits"; -- Enable bandwidth limiting for XMPP connections
|
|
|
+ "groups"; -- Aggiungiamo gruppi a persone in automatico
|
|
|
+ "bookmarks";
|
|
|
+ "group_bookmarks"; -- Aggiungiamo persone a stanze in automatico
|
|
|
+
|
|
|
+ "roster_allinall"; -- vogliamo questo per fare tutti co tutti
|
|
|
+
|
|
|
+ -- Security
|
|
|
+ "log_auth";
|
|
|
+
|
|
|
+ -- Mobili di merda
|
|
|
+ "csi_simple";
|
|
|
+ "throttle_presence";
|
|
|
+ "filter_chatstates";
|
|
|
+ "smacks";
|
|
|
+ "http_upload_external";
|
|
|
+
|
|
|
+ --"server_contact_info"; -- Publish contact information for this service
|
|
|
+ "announce"; -- Send announcement to all online users; solo gli ADMIN possono
|
|
|
+ -- "welcome"; -- Da' un messaggio agli utenti che si loggano per la prima volta (funziona solo con register, che non vogliamo)
|
|
|
+ -- "watchregistrations"; -- Alert admins of registrations
|
|
|
+ --"motd"; -- Send a message to users when they log in
|
|
|
+ --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
|
|
|
+ -- "proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use
|
|
|
+}
|
|
|
+groups_file = "/var/lib/prosody/groups.txt"
|
|
|
+group_bookmarks_file = "/var/lib/prosody/grouprooms.txt"
|
|
|
+
|
|
|
+-- These modules are auto-loaded, but should you want
|
|
|
+-- to disable them then uncomment them here:
|
|
|
+modules_disabled = {
|
|
|
+ "legacy_ssl";
|
|
|
+ "https";
|
|
|
+ -- "offline"; -- Store offline messages
|
|
|
+ -- "c2s"; -- Handle client connections
|
|
|
+ -- "s2s"; -- Handle server-to-server connections
|
|
|
+}
|
|
|
+
|
|
|
+-- Disable account creation by default, for security
|
|
|
+-- For more information see https://prosody.im/doc/creating_accounts
|
|
|
+allow_registration = false
|
|
|
+daemonize = false;
|
|
|
+pidfile = "/run/prosody/prosody.pid";
|
|
|
+
|
|
|
+-- SECURITY {{{
|
|
|
+c2s_require_encryption = true
|
|
|
+s2s_require_encryption = true
|
|
|
+s2s_secure_auth = true
|
|
|
+-- Location of directory to find certificates in (relative to main config file):
|
|
|
+certificates = "certs"
|
|
|
+-- certificates = "/etc/letsencrypt/live/degenerazione.xyz/"
|
|
|
+https_ports = {5281}
|
|
|
+https_ssl = {
|
|
|
+ key = "certs/xmpp.miodominio.net.key";
|
|
|
+ certificate = "certs/xmpp.miodominio.net.crt";
|
|
|
+}
|
|
|
+-- trusted_proxies serve a BOSH per prendere gli IP dagli header
|
|
|
+trusted_proxies = {"192.168.1.33", "192.168.100.33"}
|
|
|
+http_external_url = "https://xmpp.miodominio.net/"
|
|
|
+-- le richieste ci arrivano come "xmpp.miodominio.net". A quale component le diamo? famo cosi' e vaffanculo
|
|
|
+http_default_host = "miodominio.info"
|
|
|
+ssl = {
|
|
|
+ protocol = "tlsv1_1+";
|
|
|
+}
|
|
|
+-- SECURITY }}}
|
|
|
+
|
|
|
+-- AUTHENTICATION {{{
|
|
|
+
|
|
|
+-- Select the authentication backend to use. The 'internal' providers
|
|
|
+-- use Prosody's configured data storage to store the authentication data.
|
|
|
+-- To allow Prosody to offer secure authentication mechanisms to clients, the
|
|
|
+-- default provider stores passwords in plaintext. If you do not trust your
|
|
|
+-- server please see https://prosody.im/doc/modules/mod_auth_internal_hashed
|
|
|
+-- for information about using the hashed backend.
|
|
|
+-- authentication = "internal_hashed"
|
|
|
+authentication = "ldap"
|
|
|
+ldap_base = "ou=mail,dc=miodominio,dc=net"
|
|
|
+ldap_filter = "(uid=$user@$host)"
|
|
|
+-- AUTHENTICATION }}}
|
|
|
+
|
|
|
+storage = "sql"
|
|
|
+sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename.
|
|
|
+
|
|
|
+
|
|
|
+-- Archiving configuration
|
|
|
+-- If mod_mam is enabled, Prosody will store a copy of every message. This
|
|
|
+-- is used to synchronize conversations between multiple clients, even if
|
|
|
+-- they are offline. This setting controls how long Prosody will keep
|
|
|
+-- messages in the archive before removing them.
|
|
|
+
|
|
|
+archive_expires_after = "2w" -- Remove archived messages after 1 week
|
|
|
+max_history_messages = 3000 -- per mam_muc
|
|
|
+
|
|
|
+log = {
|
|
|
+ -- Log files (change 'info' to 'debug' for debug logs):
|
|
|
+ debug = "/var/log/prosody/debug";
|
|
|
+ info = "/var/log/prosody/prosody.log";
|
|
|
+ error = "/var/log/prosody/prosody.err";
|
|
|
+ -- Syslog:
|
|
|
+ { levels = { min="debug" }; to = "syslog"; };
|
|
|
+}
|
|
|
+
|
|
|
+-- Uncomment to enable statistics
|
|
|
+-- For more info see https://prosody.im/doc/statistics
|
|
|
+statistics = "internal"
|
|
|
+
|
|
|
+http_upload_external_base_url = "https://upload.xmpp.miodominio.net/upload/"
|
|
|
+http_upload_external_secret = "ASDASDASDASDASDD"
|
|
|
+http_upload_external_file_size_limit = 20000000 -- 20 MB
|
|
|
+
|
|
|
+-- Include "conf.d/*.cfg.lua"
|
|
|
+
|
|
|
+allinall_groups = {
|
|
|
+ {"miodominio.info", "miodominio.net"};
|
|
|
+}
|
|
|
+
|
|
|
+VirtualHost "miodominio.info"
|
|
|
+ disco_items = {
|
|
|
+ { "conference.miodominio.info", "Chat per miodominio" };
|
|
|
+ {"proxy.xmpp.miodominio.net", "Trasferimento file"};
|
|
|
+ }
|
|
|
+
|
|
|
+VirtualHost "miodominio.net"
|
|
|
+ disco_items = {
|
|
|
+ { "conference.miodominio.info", "Chat per miodominio" };
|
|
|
+ {"proxy.xmpp.miodominio.net", "Trasferimento file"};
|
|
|
+ }
|
|
|
+ -- ssl = {
|
|
|
+ -- key = "certs/miodominio.net.key";
|
|
|
+ -- certificate = "certs/miodominio.net.crt";
|
|
|
+ -- }
|
|
|
+
|
|
|
+Component "conference.miodominio.info" "muc"
|
|
|
+ name = "Chat di miodominio"
|
|
|
+ -- restrict_room_creation = "local"
|
|
|
+ max_history_messages = 100
|
|
|
+ modules_enabled = {
|
|
|
+ "muc_mam"; -- Memorizza anche le chat
|
|
|
+ "vcard_muc"; -- avatar e altro
|
|
|
+ }
|
|
|
+ -- mod_mam_muc {{{
|
|
|
+ max_history_messages = 200;
|
|
|
+ -- }}}
|
|
|
+ --
|
|
|
+
|
|
|
+ muc_room_default_public = false
|
|
|
+ muc_room_default_persistent = true
|
|
|
+ muc_room_default_members_only = false
|
|
|
+ muc_room_default_moderated = false
|
|
|
+ muc_room_default_public_jids = false
|
|
|
+ muc_room_default_change_subject = true
|
|
|
+ muc_room_default_history_length = 50
|
|
|
+ muc_room_default_language = "it"
|
|
|
+
|
|
|
+Component "proxy.xmpp.miodominio.net" "proxy65"
|
|
|
+-- proxy65_address = "xmpp.miodominio.net"
|
|
|
+ proxy65_acl = { "miodominio.info", "miodominio.net" }
|
|
|
+
|
|
|
+-- vim: set fdm=marker ft=lua fdl=0:
|