Merge branch 'develop' into feature/matstodon-statuses-by-name
[akkoma] / installation / pleroma-mongooseim.cfg
1 %%%
2 %%% ejabberd configuration file
3 %%%
4 %%%'
5
6 %%% The parameters used in this configuration file are explained in more detail
7 %%% in the ejabberd Installation and Operation Guide.
8 %%% Please consult the Guide in case of doubts, it is included with
9 %%% your copy of ejabberd, and is also available online at
10 %%% http://www.process-one.net/en/ejabberd/docs/
11
12 %%% This configuration file contains Erlang terms.
13 %%% In case you want to understand the syntax, here are the concepts:
14 %%%
15 %%% - The character to comment a line is %
16 %%%
17 %%% - Each term ends in a dot, for example:
18 %%% override_global.
19 %%%
20 %%% - A tuple has a fixed definition, its elements are
21 %%% enclosed in {}, and separated with commas:
22 %%% {loglevel, 4}.
23 %%%
24 %%% - A list can have as many elements as you want,
25 %%% and is enclosed in [], for example:
26 %%% [http_poll, web_admin, tls]
27 %%%
28 %%% Pay attention that list elements are delimited with commas,
29 %%% but no comma is allowed after the last list element. This will
30 %%% give a syntax error unlike in more lenient languages (e.g. Python).
31 %%%
32 %%% - A keyword of ejabberd is a word in lowercase.
33 %%% Strings are enclosed in "" and can contain spaces, dots, ...
34 %%% {language, "en"}.
35 %%% {ldap_rootdn, "dc=example,dc=com"}.
36 %%%
37 %%% - This term includes a tuple, a keyword, a list, and two strings:
38 %%% {hosts, ["jabber.example.net", "im.example.com"]}.
39 %%%
40 %%% - This config is preprocessed during release generation by a tool which
41 %%% interprets double curly braces as substitution markers, so avoid this
42 %%% syntax in this file (though it's valid Erlang).
43 %%%
44 %%% So this is OK (though arguably looks quite ugly):
45 %%% { {s2s_addr, "example-host.net"}, {127,0,0,1} }.
46 %%%
47 %%% And I can't give an example of what's not OK exactly because
48 %%% of this rule.
49 %%%
50
51
52 %%%. =======================
53 %%%' OVERRIDE STORED OPTIONS
54
55 %%
56 %% Override the old values stored in the database.
57 %%
58
59 %%
60 %% Override global options (shared by all ejabberd nodes in a cluster).
61 %%
62 %%override_global.
63
64 %%
65 %% Override local options (specific for this particular ejabberd node).
66 %%
67 %%override_local.
68
69 %%
70 %% Remove the Access Control Lists before new ones are added.
71 %%
72 %%override_acls.
73
74
75 %%%. =========
76 %%%' DEBUGGING
77
78 %%
79 %% loglevel: Verbosity of log files generated by ejabberd.
80 %% 0: No ejabberd log at all (not recommended)
81 %% 1: Critical
82 %% 2: Error
83 %% 3: Warning
84 %% 4: Info
85 %% 5: Debug
86 %%
87 {loglevel, 3}.
88
89 %%%. ================
90 %%%' SERVED HOSTNAMES
91
92 %%
93 %% hosts: Domains served by ejabberd.
94 %% You can define one or several, for example:
95 %% {hosts, ["example.net", "example.com", "example.org"]}.
96 %%
97 {hosts, ["pleroma.soykaf.com"] }.
98
99 %%
100 %% route_subdomains: Delegate subdomains to other XMPP servers.
101 %% For example, if this ejabberd serves example.org and you want
102 %% to allow communication with an XMPP server called im.example.org.
103 %%
104 %%{route_subdomains, s2s}.
105
106
107 %%%. ===============
108 %%%' LISTENING PORTS
109
110 %%
111 %% listen: The ports ejabberd will listen on, which service each is handled
112 %% by and what options to start it with.
113 %%
114 {listen,
115 [
116 %% BOSH and WS endpoints over HTTP
117 { 5280, ejabberd_cowboy, [
118 {num_acceptors, 10},
119 {transport_options, [{max_connections, 1024}]},
120 {modules, [
121
122 {"_", "/http-bind", mod_bosh},
123 {"_", "/ws-xmpp", mod_websockets, [{ejabberd_service, [
124 {access, all},
125 {shaper_rule, fast},
126 {ip, {127, 0, 0, 1}},
127 {password, "secret"}]}
128 %% Uncomment to enable connection dropping or/and server-side pings
129 %{timeout, 600000}, {ping_rate, 2000}
130 ]}
131 %% Uncomment to serve static files
132 %{"_", "/static/[...]", cowboy_static,
133 % {dir, "/var/www", [{mimetypes, cow_mimetypes, all}]}
134 %},
135
136 %% Example usage of mod_revproxy
137
138 %% {"_", "/[...]", mod_revproxy, [{timeout, 5000},
139 %% % time limit for upstream to respond
140 %% {body_length, 8000000},
141 %% % maximum body size (may be infinity)
142 %% {custom_headers, [{<<"header">>,<<"value">>}]}
143 %% % list of extra headers that are send to upstream
144 %% ]}
145
146 %% Example usage of mod_cowboy
147
148 %% {"_", "/[...]", mod_cowboy, [{http, mod_revproxy,
149 %% [{timeout, 5000},
150 %% % time limit for upstream to respond
151 %% {body_length, 8000000},
152 %% % maximum body size (may be infinity)
153 %% {custom_headers, [{<<"header">>,<<"value">>}]}
154 %% % list of extra headers that are send to upstream
155 %% ]},
156 %% {ws, xmpp, mod_websockets}
157 %% ]}
158 ]}
159 ]},
160
161 %% BOSH and WS endpoints over HTTPS
162 { 5285, ejabberd_cowboy, [
163 {num_acceptors, 10},
164 {transport_options, [{max_connections, 1024}]},
165 {ssl, [{certfile, "priv/ssl/fullchain.pem"}, {keyfile, "priv/ssl/privkey.pem"}, {password, ""}]},
166 {modules, [
167 {"_", "/http-bind", mod_bosh},
168 {"_", "/ws-xmpp", mod_websockets, [
169 %% Uncomment to enable connection dropping or/and server-side pings
170 %{timeout, 600000}, {ping_rate, 60000}
171 ]}
172 %% Uncomment to serve static files
173 %{"_", "/static/[...]", cowboy_static,
174 % {dir, "/var/www", [{mimetypes, cow_mimetypes, all}]}
175 %},
176 ]}
177 ]},
178
179 %% MongooseIM HTTP API it's important to start it on localhost
180 %% or some private interface only (not accessible from the outside)
181 %% At least start it on different port which will be hidden behind firewall
182
183 { {8088, "127.0.0.1"} , ejabberd_cowboy, [
184 {num_acceptors, 10},
185 {transport_options, [{max_connections, 1024}]},
186 {modules, [
187 {"localhost", "/api", mongoose_api_admin, []}
188 ]}
189 ]},
190
191 { 8089 , ejabberd_cowboy, [
192 {num_acceptors, 10},
193 {transport_options, [{max_connections, 1024}]},
194 {protocol_options, [{compress, true}]},
195 {ssl, [{certfile, "priv/ssl/fullchain.pem"}, {keyfile, "priv/ssl/privkey.pem"}, {password, ""}]},
196 {modules, [
197 {"_", "/api/sse", lasse_handler, [mongoose_client_api_sse]},
198 {"_", "/api/messages/[:with]", mongoose_client_api_messages, []},
199 {"_", "/api/contacts/[:jid]", mongoose_client_api_contacts, []},
200 {"_", "/api/rooms/[:id]", mongoose_client_api_rooms, []},
201 {"_", "/api/rooms/[:id]/config", mongoose_client_api_rooms_config, []},
202 {"_", "/api/rooms/:id/users/[:user]", mongoose_client_api_rooms_users, []},
203 {"_", "/api/rooms/[:id]/messages", mongoose_client_api_rooms_messages, []}
204 ]}
205 ]},
206
207 %% Following HTTP API is deprected, the new one abouve should be used instead
208
209 { {5288, "127.0.0.1"} , ejabberd_cowboy, [
210 {num_acceptors, 10},
211 {transport_options, [{max_connections, 1024}]},
212 {modules, [
213 {"localhost", "/api", mongoose_api, [{handlers, [mongoose_api_metrics,
214 mongoose_api_users]}]}
215 ]}
216 ]},
217
218 { 5222, ejabberd_c2s, [
219
220 %%
221 %% If TLS is compiled in and you installed a SSL
222 %% certificate, specify the full path to the
223 %% file and uncomment this line:
224 %%
225 {certfile, "priv/ssl/both.pem"}, starttls,
226
227 %%{zlib, 10000},
228 %% https://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
229 %% {ciphers, "DEFAULT:!EXPORT:!LOW:!SSLv2"},
230 {access, c2s},
231 {shaper, c2s_shaper},
232 {max_stanza_size, 65536},
233 {protocol_options, ["no_sslv3"]}
234
235 ]},
236
237
238
239 %%
240 %% To enable the old SSL connection method on port 5223:
241 %%
242 %%{5223, ejabberd_c2s, [
243 %% {access, c2s},
244 %% {shaper, c2s_shaper},
245 %% {certfile, "/path/to/ssl.pem"}, tls,
246 %% {max_stanza_size, 65536}
247 %% ]},
248
249 { 5269, ejabberd_s2s_in, [
250 {shaper, s2s_shaper},
251 {max_stanza_size, 131072},
252 {protocol_options, ["no_sslv3"]}
253
254 ]}
255
256 %%
257 %% ejabberd_service: Interact with external components (transports, ...)
258 %%
259 ,{8888, ejabberd_service, [
260 {access, all},
261 {shaper_rule, fast},
262 {ip, {127, 0, 0, 1}},
263 {password, "secret"}
264 ]}
265
266 %%
267 %% ejabberd_stun: Handles STUN Binding requests
268 %%
269 %%{ {3478, udp}, ejabberd_stun, []}
270
271 ]}.
272
273 %%
274 %% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
275 %% Allowed values are: false optional required required_trusted
276 %% You must specify a certificate file.
277 %%
278 {s2s_use_starttls, optional}.
279 %%
280 %% s2s_certfile: Specify a certificate file.
281 %%
282 {s2s_certfile, "priv/ssl/both.pem"}.
283
284 %% https://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
285 %% {s2s_ciphers, "DEFAULT:!EXPORT:!LOW:!SSLv2"}.
286
287 %%
288 %% domain_certfile: Specify a different certificate for each served hostname.
289 %%
290 %%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
291 %%{domain_certfile, "example.com", "/path/to/example_com.pem"}.
292
293 %%
294 %% S2S whitelist or blacklist
295 %%
296 %% Default s2s policy for undefined hosts.
297 %%
298 {s2s_default_policy, deny }.
299
300 %%
301 %% Allow or deny communication with specific servers.
302 %%
303 %%{ {s2s_host, "goodhost.org"}, allow}.
304 %%{ {s2s_host, "badhost.org"}, deny}.
305
306 {outgoing_s2s_port, 5269 }.
307
308 %%
309 %% IP addresses predefined for specific hosts to skip DNS lookups.
310 %% Ports defined here take precedence over outgoing_s2s_port.
311 %% Examples:
312 %%
313 %% { {s2s_addr, "example-host.net"}, {127,0,0,1} }.
314 %% { {s2s_addr, "example-host.net"}, { {127,0,0,1}, 5269 } }.
315 %% { {s2s_addr, "example-host.net"}, { {127,0,0,1}, 5269 } }.
316
317 %%
318 %% Outgoing S2S options
319 %%
320 %% Preferred address families (which to try first) and connect timeout
321 %% in milliseconds.
322 %%
323 %%{outgoing_s2s_options, [ipv4, ipv6], 10000}.
324 %%
325 %%%. ==============
326 %%%' SESSION BACKEND
327
328 %%{sm_backend, {mnesia, []}}.
329
330 %% Requires {redis, global, default, ..., ...} outgoing pool
331 %%{sm_backend, {redis, []}}.
332
333 {sm_backend, {mnesia, []} }.
334
335
336 %%%. ==============
337 %%%' AUTHENTICATION
338
339 %% Advertised SASL mechanisms
340 {sasl_mechanisms, [cyrsasl_plain]}.
341
342 %%
343 %% auth_method: Method used to authenticate the users.
344 %% The default method is the internal.
345 %% If you want to use a different method,
346 %% comment this line and enable the correct ones.
347 %%
348 %% {auth_method, internal }.
349 {auth_method, http }.
350 {auth_opts, [
351 {http, global, auth, [{workers, 50}], [{server, "https://pleroma.soykaf.com"}]},
352 {password_format, plain} % default
353 %% {password_format, scram}
354
355 %% {scram_iterations, 4096} % default
356
357 %%
358 %% For auth_http:
359 %% {basic_auth, "user:password"}
360 %% {path_prefix, "/"} % default
361 %% auth_http requires {http, Host | global, auth, ..., ...} outgoing pool.
362 %%
363 %% For auth_external
364 %%{extauth_program, "/path/to/authentication/script"}.
365 %%
366 %% For auth_jwt
367 %% {jwt_secret_source, "/path/to/file"},
368 %% {jwt_algorithm, "RS256"},
369 %% {jwt_username_key, user}
370 %% For cyrsasl_external
371 %% {authenticate_with_cn, false}
372 {cyrsasl_external, standard}
373 ]}.
374
375 %%
376 %% Authentication using external script
377 %% Make sure the script is executable by ejabberd.
378 %%
379 %%{auth_method, external}.
380
381 %%
382 %% Authentication using RDBMS
383 %% Remember to setup a database in the next section.
384 %%
385 %%{auth_method, rdbms}.
386
387 %%
388 %% Authentication using LDAP
389 %%
390 %%{auth_method, ldap}.
391 %%
392
393 %% List of LDAP servers:
394 %%{ldap_servers, ["localhost"]}.
395 %%
396 %% Encryption of connection to LDAP servers:
397 %%{ldap_encrypt, none}.
398 %%{ldap_encrypt, tls}.
399 %%
400 %% Port to connect to on LDAP servers:
401 %%{ldap_port, 389}.
402 %%{ldap_port, 636}.
403 %%
404 %% LDAP manager:
405 %%{ldap_rootdn, "dc=example,dc=com"}.
406 %%
407 %% Password of LDAP manager:
408 %%{ldap_password, "******"}.
409 %%
410 %% Search base of LDAP directory:
411 %%{ldap_base, "dc=example,dc=com"}.
412 %%
413 %% LDAP attribute that holds user ID:
414 %%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
415 %%
416 %% LDAP filter:
417 %%{ldap_filter, "(objectClass=shadowAccount)"}.
418
419 %%
420 %% Anonymous login support:
421 %% auth_method: anonymous
422 %% anonymous_protocol: sasl_anon | login_anon | both
423 %% allow_multiple_connections: true | false
424 %%
425 %%{host_config, "public.example.org", [{auth_method, anonymous},
426 %% {allow_multiple_connections, false},
427 %% {anonymous_protocol, sasl_anon}]}.
428 %%
429 %% To use both anonymous and internal authentication:
430 %%
431 %%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.
432
433
434 %%%. ==============
435 %%%' OUTGOING CONNECTIONS (e.g. DB)
436
437 %% Here you may configure all outgoing connections used by MongooseIM,
438 %% e.g. to RDBMS (such as MySQL), Riak or external HTTP components.
439 %% Default MongooseIM configuration uses only Mnesia (non-Mnesia extensions are disabled),
440 %% so no options here are uncommented out of the box.
441 %% This section includes configuration examples; for comprehensive guide
442 %% please consult MongooseIM documentation, page "Outgoing connections":
443 %% - doc/advanced-configuration/outgoing-connections.md
444 %% - https://mongooseim.readthedocs.io/en/latest/advanced-configuration/outgoing-connections/
445
446
447 {outgoing_pools, [
448 % {riak, global, default, [{workers, 5}], [{address, "127.0.0.1"}, {port, 8087}]},
449 % {elastic, global, default, [], [{host, "elastic.host.com"}, {port, 9042}]},
450 {http, global, auth, [{workers, 50}], [{server, "https://pleroma.soykaf.com"}]}
451 % {cassandra, global, default, [{workers, 100}], [{servers, [{"server1", 9042}]}, {keyspace, "big_mongooseim"}]},
452 % {rdbms, global, default, [{workers, 10}], [{server, {mysql, "server", 3306, "database", "username", "password"}}]}
453 ]}.
454
455 %% More examples that may be added to outgoing_pools list:
456 %%
457 %% == MySQL ==
458 %% {rdbms, global, default, [{workers, 10}],
459 %% [{server, {mysql, "server", 3306, "database", "username", "password"}},
460 %% {keepalive_interval, 10}]},
461 %% keepalive_interval is optional
462
463 %% == PostgreSQL ==
464 %% {rdbms, global, default, [{workers, 10}],
465 %% [{server, {pgsql, "server", 5432, "database", "username", "password"}}]},
466
467 %% == ODBC (MSSQL) ==
468 %% {rdbms, global, default, [{workers, 10}],
469 %% [{server, "DSN=mongooseim;UID=mongooseim;PWD=mongooseim"}]},
470
471 %% == Elastic Search ==
472 %% {elastic, global, default, [], [{host, "elastic.host.com"}, {port, 9042}]},
473
474 %% == Riak ==
475 %% {riak, global, default, [{workers, 20}], [{address, "127.0.0.1"}, {port, 8087}]},
476
477 %% == HTTP ==
478 %% {http, global, conn1, [{workers, 50}], [{server, "http://server:8080"}]},
479
480 %% == Cassandra ==
481 %% {cassandra, global, default, [{workers, 100}],
482 %% [
483 %% {servers, [
484 %% {"cassandra_server1.example.com", 9042},
485 %% {"cassandra_server2.example.com", 9042},
486 %% {"cassandra_server3.example.com", 9042},
487 %% {"cassandra_server4.example.com", 9042}
488 %% ]},
489 %% {keyspace, "big_mongooseim"}
490 %% ]}
491
492 %% == Extra options ==
493 %%
494 %% If you use PostgreSQL, have a large database, and need a
495 %% faster but inexact replacement for "select count(*) from users"
496 %%
497 %%{pgsql_users_number_estimate, true}.
498 %%
499 %% rdbms_server_type specifies what database is used over the RDBMS layer
500 %% Can take values mssql, pgsql, mysql
501 %% In some cases (for example for MAM with pgsql) it is required to set proper value.
502 %%
503 %% {rdbms_server_type, pgsql}.
504
505 %%%. ===============
506 %%%' TRAFFIC SHAPERS
507
508 %%
509 %% The "normal" shaper limits traffic speed to 1000 B/s
510 %%
511 {shaper, normal, {maxrate, 1000}}.
512
513 %%
514 %% The "fast" shaper limits traffic speed to 50000 B/s
515 %%
516 {shaper, fast, {maxrate, 50000}}.
517
518 %%
519 %% This option specifies the maximum number of elements in the queue
520 %% of the FSM. Refer to the documentation for details.
521 %%
522 {max_fsm_queue, 1000}.
523
524 %%%. ====================
525 %%%' ACCESS CONTROL LISTS
526
527 %%
528 %% The 'admin' ACL grants administrative privileges to XMPP accounts.
529 %% You can put here as many accounts as you want.
530 %%
531 %{acl, admin, {user, "alice", "localhost"}}.
532 %{acl, admin, {user, "a", "localhost"}}.
533
534 %%
535 %% Blocked users
536 %%
537 %%{acl, blocked, {user, "baduser", "example.org"}}.
538 %%{acl, blocked, {user, "test"}}.
539
540 %%
541 %% Local users: don't modify this line.
542 %%
543 {acl, local, {user_regexp, ""}}.
544
545 %%
546 %% More examples of ACLs
547 %%
548 %%{acl, jabberorg, {server, "jabber.org"}}.
549 %%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
550 %%{acl, test, {user_regexp, "^test"}}.
551 %%{acl, test, {user_glob, "test*"}}.
552
553 %%
554 %% Define specific ACLs in a virtual host.
555 %%
556 %%{host_config, "localhost",
557 %% [
558 %% {acl, admin, {user, "bob-local", "localhost"}}
559 %% ]
560 %%}.
561
562 %%%. ============
563 %%%' ACCESS RULES
564
565 %% Maximum number of simultaneous sessions allowed for a single user:
566 {access, max_user_sessions, [{10, all}]}.
567
568 %% Maximum number of offline messages that users can have:
569 {access, max_user_offline_messages, [{5000, admin}, {100, all}]}.
570
571 %% This rule allows access only for local users:
572 {access, local, [{allow, local}]}.
573
574 %% Only non-blocked users can use c2s connections:
575 {access, c2s, [{deny, blocked},
576 {allow, all}]}.
577
578 %% For C2S connections, all users except admins use the "normal" shaper
579 {access, c2s_shaper, [{none, admin},
580 {normal, all}]}.
581
582 %% All S2S connections use the "fast" shaper
583 {access, s2s_shaper, [{fast, all}]}.
584
585 %% Admins of this server are also admins of the MUC service:
586 {access, muc_admin, [{allow, admin}]}.
587
588 %% Only accounts of the local ejabberd server can create rooms:
589 {access, muc_create, [{allow, local}]}.
590
591 %% All users are allowed to use the MUC service:
592 {access, muc, [{allow, all}]}.
593
594 %% In-band registration allows registration of any possible username.
595 %% To disable in-band registration, replace 'allow' with 'deny'.
596 {access, register, [{allow, all}]}.
597
598 %% By default the frequency of account registrations from the same IP
599 %% is limited to 1 account every 10 minutes. To disable, specify: infinity
600 {registration_timeout, infinity}.
601
602 %% Default settings for MAM.
603 %% To set non-standard value, replace 'default' with 'allow' or 'deny'.
604 %% Only user can access his/her archive by default.
605 %% An online user can read room's archive by default.
606 %% Only an owner can change settings and purge messages by default.
607 %% Empty list (i.e. `[]`) means `[{deny, all}]`.
608 {access, mam_set_prefs, [{default, all}]}.
609 {access, mam_get_prefs, [{default, all}]}.
610 {access, mam_lookup_messages, [{default, all}]}.
611 {access, mam_purge_single_message, [{default, all}]}.
612 {access, mam_purge_multiple_messages, [{default, all}]}.
613
614 %% 1 command of the specified type per second.
615 {shaper, mam_shaper, {maxrate, 1}}.
616 %% This shaper is primeraly for Mnesia overload protection during stress testing.
617 %% The limit is 1000 operations of each type per second.
618 {shaper, mam_global_shaper, {maxrate, 1000}}.
619
620 {access, mam_set_prefs_shaper, [{mam_shaper, all}]}.
621 {access, mam_get_prefs_shaper, [{mam_shaper, all}]}.
622 {access, mam_lookup_messages_shaper, [{mam_shaper, all}]}.
623 {access, mam_purge_single_message_shaper, [{mam_shaper, all}]}.
624 {access, mam_purge_multiple_messages_shaper, [{mam_shaper, all}]}.
625
626 {access, mam_set_prefs_global_shaper, [{mam_global_shaper, all}]}.
627 {access, mam_get_prefs_global_shaper, [{mam_global_shaper, all}]}.
628 {access, mam_lookup_messages_global_shaper, [{mam_global_shaper, all}]}.
629 {access, mam_purge_single_message_global_shaper, [{mam_global_shaper, all}]}.
630 {access, mam_purge_multiple_messages_global_shaper, [{mam_global_shaper, all}]}.
631
632 %%
633 %% Define specific Access Rules in a virtual host.
634 %%
635 %%{host_config, "localhost",
636 %% [
637 %% {access, c2s, [{allow, admin}, {deny, all}]},
638 %% {access, register, [{deny, all}]}
639 %% ]
640 %%}.
641
642 %%%. ================
643 %%%' DEFAULT LANGUAGE
644
645 %%
646 %% language: Default language used for server messages.
647 %%
648 {language, "en"}.
649
650 %%
651 %% Set a different default language in a virtual host.
652 %%
653 %%{host_config, "localhost",
654 %% [{language, "ru"}]
655 %%}.
656
657 %%%. ================
658 %%%' MISCELLANEOUS
659
660 {all_metrics_are_global, false }.
661
662 %%%. ========
663 %%%' SERVICES
664
665 %% Unlike modules, services are started per node and provide either features which are not
666 %% related to any particular host, or backend stuff which is used by modules.
667 %% This is handled by `mongoose_service` module.
668
669 {services,
670 [
671 {service_admin_extra, [{submods, [node, accounts, sessions, vcard,
672 roster, last, private, stanza, stats]}]}
673 ]
674 }.
675
676 %%%. =======
677 %%%' MODULES
678
679 %%
680 %% Modules enabled in all mongooseim virtual hosts.
681 %% For list of possible modules options, check documentation.
682 %%
683 {modules,
684 [
685
686 %% The format for a single route is as follows:
687 %% {Host, Path, Method, Upstream}
688 %%
689 %% "_" can be used as wildcard for Host, Path and Method
690 %% Upstream can be either host (just http(s)://host:port) or uri
691 %% The difference is that host upstreams append whole path while
692 %% uri upstreams append only remainder that follows the matched Path
693 %% (this behaviour is similar to nginx's proxy_pass rules)
694 %%
695 %% Bindings can be used to match certain parts of host or path.
696 %% They will be later overlaid with parts of the upstream uri.
697 %%
698 %% {mod_revproxy,
699 %% [{routes, [{"www.erlang-solutions.com", "/admin", "_",
700 %% "https://www.erlang-solutions.com/"},
701 %% {":var.com", "/:var", "_", "http://localhost:8080/"},
702 %% {":domain.com", "/", "_", "http://localhost:8080/:domain"}]
703 %% }]},
704
705 % {mod_http_upload, [
706 %% Set max file size in bytes. Defaults to 10 MB.
707 %% Disabled if value is `undefined`.
708 % {max_file_size, 1024},
709 %% Use S3 storage backend
710 % {backend, s3},
711 %% Set options for S3 backend
712 % {s3, [
713 % {bucket_url, "http://s3-eu-west-1.amazonaws.com/konbucket2"},
714 % {region, "eu-west-1"},
715 % {access_key_id, "AKIAIAOAONIULXQGMOUA"},
716 % {secret_access_key, "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"}
717 % ]}
718 % ]},
719
720 {mod_adhoc, []},
721
722 {mod_disco, [{users_can_see_hidden_services, false}]},
723 {mod_commands, []},
724 {mod_muc_commands, []},
725 {mod_muc_light_commands, []},
726 {mod_last, []},
727 {mod_stream_management, [
728 % default 100
729 % size of a buffer of unacked messages
730 % {buffer_max, 100}
731
732 % default 1 - server sends the ack request after each stanza
733 % {ack_freq, 1}
734
735 % default: 600 seconds
736 % {resume_timeout, 600}
737 ]},
738 %% {mod_muc_light, [{host, "muclight.@HOST@"}]},
739 %% {mod_muc, [{host, "muc.@HOST@"},
740 %% {access, muc},
741 %% {access_create, muc_create}
742 %% ]},
743 %% {mod_muc_log, [
744 %% {outdir, "/tmp/muclogs"},
745 %% {access_log, muc}
746 %% ]},
747 {mod_offline, [{access_max_user_messages, max_user_offline_messages}]},
748 {mod_privacy, []},
749 {mod_blocking, []},
750 {mod_private, []},
751 % {mod_private, [{backend, mnesia}]},
752 % {mod_private, [{backend, rdbms}]},
753 % {mod_register, [
754 % %%
755 % %% Set the minimum informational entropy for passwords.
756 % %%
757 % %%{password_strength, 32},
758 %
759 % %%
760 % %% After successful registration, the user receives
761 % %% a message with this subject and body.
762 % %%
763 % {welcome_message, {""}},
764 %
765 % %%
766 % %% When a user registers, send a notification to
767 % %% these XMPP accounts.
768 % %%
769 %
770 %
771 % %%
772 % %% Only clients in the server machine can register accounts
773 % %%
774 % {ip_access, [{allow, "127.0.0.0/8"},
775 % {deny, "0.0.0.0/0"}]},
776 %
777 % %%
778 % %% Local c2s or remote s2s users cannot register accounts
779 % %%
780 % %%{access_from, deny},
781 %
782 % {access, register}
783 % ]},
784 {mod_roster, []},
785 {mod_sic, []},
786 {mod_vcard, [%{matches, 1},
787 %{search, true},
788 %{ldap_search_operator, 'or'}, %% either 'or' or 'and'
789 %{ldap_binary_search_fields, [<<"PHOTO">>]},
790 %% list of binary search fields (as in vcard after mapping)
791 {host, "vjud.@HOST@"}
792 ]},
793 {mod_bosh, []},
794 {mod_carboncopy, []}
795
796 %%
797 %% Message Archive Management (MAM, XEP-0313) for registered users and
798 %% Multi-User chats (MUCs).
799 %%
800
801 % {mod_mam_meta, [
802 %% Use RDBMS backend (default)
803 % {backend, rdbms},
804
805 %% Do not store user preferences (default)
806 % {user_prefs_store, false},
807 %% Store user preferences in RDBMS
808 % {user_prefs_store, rdbms},
809 %% Store user preferences in Mnesia (recommended).
810 %% The preferences store will be called each time, as a message is routed.
811 %% That is why Mnesia is better suited for this job.
812 % {user_prefs_store, mnesia},
813
814 %% Enables a pool of asynchronous writers. (default)
815 %% Messages will be grouped together based on archive id.
816 % {async_writer, true},
817
818 %% Cache information about users (default)
819 % {cache_users, true},
820
821 %% Enable archivization for private messages (default)
822 % {pm, [
823 %% Top-level options can be overriden here if needed, for example:
824 % {async_writer, false}
825 % ]},
826
827 %%
828 %% Message Archive Management (MAM) for multi-user chats (MUC).
829 %% Enable XEP-0313 for "muc.@HOST@".
830 %%
831 % {muc, [
832 % {host, "muc.@HOST@"}
833 %% As with pm, top-level options can be overriden for MUC archive
834 % ]},
835 %
836 %% Do not use a <stanza-id/> element (by default stanzaid is used)
837 % no_stanzaid_element,
838 % ]},
839
840
841 %%
842 %% MAM configuration examples
843 %%
844
845 %% Only MUC, no user-defined preferences, good performance.
846 % {mod_mam_meta, [
847 % {backend, rdbms},
848 % {pm, false},
849 % {muc, [
850 % {host, "muc.@HOST@"}
851 % ]}
852 % ]},
853
854 %% Only archives for c2c messages, good performance.
855 % {mod_mam_meta, [
856 % {backend, rdbms},
857 % {pm, [
858 % {user_prefs_store, mnesia}
859 % ]}
860 % ]},
861
862 %% Basic configuration for c2c messages, bad performance, easy to debug.
863 % {mod_mam_meta, [
864 % {backend, rdbms},
865 % {async_writer, false},
866 % {cache_users, false}
867 % ]},
868
869 %% Cassandra archive for c2c and MUC conversations.
870 %% No custom settings supported (always archive).
871 % {mod_mam_meta, [
872 % {backend, cassandra},
873 % {user_prefs_store, cassandra},
874 % {muc, [{host, "muc.@HOST@"}]}
875 % ]}
876
877 % {mod_event_pusher, [
878 % {backends, [
879 % %%
880 % %% Configuration for Amazon SNS notifications.
881 % %%
882 % {sns, [
883 % %% AWS credentials, region and host configuration
884 % {access_key_id, "AKIAJAZYHOIPY6A2PESA"},
885 % {secret_access_key, "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"},
886 % {region, "eu-west-1"},
887 % {account_id, "251423380551"},
888 % {region, "eu-west-1"},
889 % {sns_host, "sns.eu-west-1.amazonaws.com"},
890 %
891 % %% Messages from this MUC host will be sent to the SNS topic
892 % {muc_host, "muc.@HOST@"},
893 %
894 % %% Plugin module for defining custom message attributes and user identification
895 % {plugin_module, mod_event_pusher_sns_defaults},
896 %
897 % %% Topic name configurations. Removing a topic will disable this specific SNS notification
898 % {presence_updates_topic, "user_presence_updated-dev-1"}, %% For presence updates
899 % {pm_messages_topic, "user_message_sent-dev-1"}, %% For private chat messages
900 % {muc_messages_topic, "user_messagegroup_sent-dev-1"} %% For group chat messages
901 %
902 % %% Pool options
903 % {pool_size, 100}, %% Worker pool size for publishing notifications
904 % {publish_retry_count, 2}, %% Retry count in case of publish error
905 % {publish_retry_time_ms, 50} %% Base exponential backoff time (in ms) for publish errors
906 % ]}
907 % ]}
908
909 ]}.
910
911
912 %%
913 %% Enable modules with custom options in a specific virtual host
914 %%
915 %%{host_config, "localhost",
916 %% [{ {add, modules},
917 %% [
918 %% {mod_some_module, []}
919 %% ]
920 %% }
921 %% ]}.
922
923 %%%.
924 %%%'
925
926 %%% $Id$
927
928 %%% Local Variables:
929 %%% mode: erlang
930 %%% End:
931 %%% vim: set filetype=erlang tabstop=8 foldmarker=%%%',%%%. foldmethod=marker:
932 %%%.