muxueqz/ejabberd.cfg

## ejabberd.cfg
%%%
%%%               ejabberd configuration file
%%%

%%% The parameters used in this configuration file are explained in more detail
%%% in the ejabberd Installation and Operation Guide.
%%% Please consult the Guide in case of doubts, it is included in
%%% your copy of ejabberd, and is also available online at
%%% http://www.process-one.net/en/ejabberd/docs/

%%% This configuration file contains Erlang terms.
%%% In case you want to understand the syntax, here are the concepts:
%%%
%%%  - The character to comment a line is %
%%%
%%%  - Each term ends in a dot, for example:
%%%      override_global.
%%%
%%%  - A tuple has a fixed definition, its elements are
%%%    enclosed in {}, and separated with commas:
%%%      {loglevel, 4}.
%%%
%%%  - A list can have as many elements as you want,
%%%    and is enclosed in [], for example:
%%%      [http_poll, web_admin, tls]
%%%
%%%  - A keyword of ejabberd is a word in lowercase.
%%%    The strings are enclosed in "" and can have spaces, dots...
%%%      {language, "en"}.
%%%      {ldap_rootdn, "dc=example,dc=com"}.
%%%
%%%  - This term includes a tuple, a keyword, a list and two strings:
%%%      {hosts, ["jabber.example.net", "im.example.com"]}.
%%%


%%%   =======================
%%%   OVERRIDE STORED OPTIONS

%%
%% Override the old values stored in the database.
%%

%%
%% Override global options (shared by all ejabberd nodes in a cluster).
%%
%%override_global.

%%
%% Override local options (specific for this particular ejabberd node).
%%
%%override_local.

%%
%% Remove the Access Control Lists before new ones are added.
%%
%%override_acls.


%%%   =========
%%%   DEBUGGING

%%
%% loglevel: Verbosity of log files generated by ejabberd.
%% 0: No ejabberd log at all (not recommended)
%% 1: Critical
%% 2: Error
%% 3: Warning
%% 4: Info
%% 5: Debug
%%
{loglevel, 3}.

%%
%% watchdog_admins: If an ejabberd process consumes too much memory,
%% send live notifications to those Jabber accounts.
%%
%%{watchdog_admins, ["admin@xmpp.example.com"]}.


%%%   ================
%%%   SERVED HOSTNAMES

%%
%% hosts: Domains served by ejabberd.
%% You can define one or several, for example:
%% {hosts, ["example.net", "example.com", "example.org"]}.
%%
{hosts, ["xmpp.example.com"]}.

%%
%% route_subdomains: Delegate subdomains to other Jabber server.
%% For example, if this ejabberd serves example.org and you want
%% to allow communication with a Jabber server called im.example.org.
%%
%%{route_subdomains, s2s}.


%%%   ===============
%%%   LISTENING PORTS

%%
%% listen: Which ports will ejabberd listen, which service handles it
%% and what options to start it with.
%%
{listen,
 [

  {5222, ejabberd_c2s, [
			{certfile, "/opt/ejabberd/conf/server.pem"}, starttls,
			{access, c2s},
			starttls, {certfile, "/opt/ejabberd/conf/server.pem"},
			{max_stanza_size, 65536000}
		       ]},

  %%
  %% To enable the old SSL connection method in port 5223:
  %%
  %%{5223, ejabberd_c2s, [
  %%			{certfile, "/opt/ejabberd/conf/server.pem"}, tls,
  %%			{access, c2s},
  %%			{shaper, c2s_shaper},
  %%			{max_stanza_size, 65536}
  %%		       ]},

  {5269, ejabberd_s2s_in, [
			   {max_stanza_size, 65536000}
			  ]},

  %%
  %% ejabberd_service: Interact with external components (transports...)
  %%
  %%{8888, ejabberd_service, [
  %%			    {access, all},
  %%			    {shaper_rule, fast},
  %%			    {ip, {127, 0, 0, 1}},
  %%			    {hosts, ["icq.example.org", "sms.example.org"],
  %%			     [{password, "secret"}]
  %%			    }
  %%			   ]},

  {5280, ejabberd_http, [
			 http_bind,
			 http_poll,
			 web_admin
			]},
  {5281, ejabberd_http, [
             http_bind,
             http_poll,
             tls,{certfile, "/opt/ejabberd/conf/server.pem"}
			]}

 ]}.

{s2s_use_starttls, true}.
{s2s_default_policy, allow}.
{s2s_certfile, "/opt/ejabberd/conf/server.pem"}.


%%%   ==============
%%%   AUTHENTICATION

{auth_method, internal}.


%%%   ===============
%%%   TRAFFIC SHAPERS

{shaper, normal, {maxrate, 1000}}.
{shaper, fast, {maxrate, 50000}}.


%%%   ====================
%%%   ACCESS CONTROL LISTS

%% CHANGE THIS
{acl, admin, {user, "admin", "xmpp.example.com"}}.
{acl, local, {user_regexp, ""}}.


%% if you HAVE NOT compiled ejabberd-xmlrpc module, you
%% Need to declare all your hypervisors as ejabberd admin
%% The hypervisor JID is defined in archipel.conf. By default it
%% it is hypervisor@FQDN

{acl, admin, {user, "hypervisor", "xmpp.example.com"}}.
%% {acl, admin, {user, "hypervisor-x", "FQDN"}}.
%% {acl, admin, {user, "hypervisor-n", "FQDN"}}.


%%%   ============
%%%   ACCESS RULES

{access, max_user_sessions, [{10, all}]}.
{access, local, [{allow, local}]}.
{access, c2s, [{deny, blocked}, {allow, all}]}.
{access, c2s_shaper, [{none, admin}, {none, all}]}.
{access, s2s_shaper, [{fast, all}]}.
{access, announce, [{allow, admin}]}.
{access, configure, [{allow, admin}]}.
{access, muc_admin, [{allow, admin}]}.
{access, muc, [{allow, all}]}.
{access, muc_create, [{allow, local}]}.
{access, pubsub_createnode, [{allow, all}]}.


%%%   ================
%%%   DEFAULT LANGUAGE

{language, "en"}.


%%%   =======
%%%   REGISTRATION

{access, register, [{allow, all}]}.
{registration_timeout, infinity}.

%%%   =======
%%%   MODULES

{modules,
 [
  {mod_adhoc,    []},
  {mod_announce, [{access, announce}]}, % requires mod_adhoc
  {mod_caps,     []},
  {mod_configure,[]},
  {mod_disco,    []},
  {mod_http_bind,[
               {max_inactivity, 480}   % timeout value for the BOSH, usefull for a large number of VM
             ]},
  {mod_irc,      []},
  {mod_last,     []},
  {mod_muc,      [
          {access, muc},
          {access_create, muc_create},
          {access_persistent, muc_create},
          {access_admin, muc_admin}
         ]},
  {mod_offline,  []},
  {mod_privacy,  []},
  {mod_private,  []},
  {mod_pubsub,   [ % requires mod_caps
          {access_createnode, pubsub_createnode},
          {ignore_pep_from_offline, true},
          {last_item_cache, false},
          {plugins, ["flat", "hometree", "pep"]},
          {max_items_node, 1000}
         ]},
  {mod_register, [
          {access, register}
         ]},
  {mod_roster,   []},
  {mod_shared_roster,[]},
  {mod_time,     []},
  {mod_vcard,    []},
  {mod_version,  []},
  {mod_admin_extra, []}
 ]}.
	%%%
	%%% ejabberd configuration file
	%%%

	%%% The parameters used in this configuration file are explained in more detail
	%%% in the ejabberd Installation and Operation Guide.
	%%% Please consult the Guide in case of doubts, it is included in
	%%% your copy of ejabberd, and is also available online at
	%%% http://www.process-one.net/en/ejabberd/docs/

	%%% This configuration file contains Erlang terms.
	%%% In case you want to understand the syntax, here are the concepts:
	%%%
	%%% - The character to comment a line is %
	%%%
	%%% - Each term ends in a dot, for example:
	%%% override_global.
	%%%
	%%% - A tuple has a fixed definition, its elements are
	%%% enclosed in {}, and separated with commas:
	%%% {loglevel, 4}.
	%%%
	%%% - A list can have as many elements as you want,
	%%% and is enclosed in [], for example:
	%%% [http_poll, web_admin, tls]
	%%%
	%%% - A keyword of ejabberd is a word in lowercase.
	%%% The strings are enclosed in "" and can have spaces, dots...
	%%% {language, "en"}.
	%%% {ldap_rootdn, "dc=example,dc=com"}.
	%%%
	%%% - This term includes a tuple, a keyword, a list and two strings:
	%%% {hosts, ["jabber.example.net", "im.example.com"]}.
	%%%


	%%% =======================
	%%% OVERRIDE STORED OPTIONS

	%%
	%% Override the old values stored in the database.
	%%

	%%
	%% Override global options (shared by all ejabberd nodes in a cluster).
	%%
	%%override_global.

	%%
	%% Override local options (specific for this particular ejabberd node).
	%%
	%%override_local.

	%%
	%% Remove the Access Control Lists before new ones are added.
	%%
	%%override_acls.


	%%% =========
	%%% DEBUGGING

	%%
	%% loglevel: Verbosity of log files generated by ejabberd.
	%% 0: No ejabberd log at all (not recommended)
	%% 1: Critical
	%% 2: Error
	%% 3: Warning
	%% 4: Info
	%% 5: Debug
	%%
	{loglevel, 3}.

	%%
	%% watchdog_admins: If an ejabberd process consumes too much memory,
	%% send live notifications to those Jabber accounts.
	%%
	%%{watchdog_admins, ["admin@xmpp.example.com"]}.


	%%% ================
	%%% SERVED HOSTNAMES

	%%
	%% hosts: Domains served by ejabberd.
	%% You can define one or several, for example:
	%% {hosts, ["example.net", "example.com", "example.org"]}.
	%%
	{hosts, ["xmpp.example.com"]}.

	%%
	%% route_subdomains: Delegate subdomains to other Jabber server.
	%% For example, if this ejabberd serves example.org and you want
	%% to allow communication with a Jabber server called im.example.org.
	%%
	%%{route_subdomains, s2s}.


	%%% ===============
	%%% LISTENING PORTS

	%%
	%% listen: Which ports will ejabberd listen, which service handles it
	%% and what options to start it with.
	%%
	{listen,
	[

	{5222, ejabberd_c2s, [
	{certfile, "/opt/ejabberd/conf/server.pem"}, starttls,
	{access, c2s},
	starttls, {certfile, "/opt/ejabberd/conf/server.pem"},
	{max_stanza_size, 65536000}
	]},

	%%
	%% To enable the old SSL connection method in port 5223:
	%%
	%%{5223, ejabberd_c2s, [
	%% {certfile, "/opt/ejabberd/conf/server.pem"}, tls,
	%% {access, c2s},
	%% {shaper, c2s_shaper},
	%% {max_stanza_size, 65536}
	%% ]},

	{5269, ejabberd_s2s_in, [
	{max_stanza_size, 65536000}
	]},

	%%
	%% ejabberd_service: Interact with external components (transports...)
	%%
	%%{8888, ejabberd_service, [
	%% {access, all},
	%% {shaper_rule, fast},
	%% {ip, {127, 0, 0, 1}},
	%% {hosts, ["icq.example.org", "sms.example.org"],
	%% [{password, "secret"}]
	%% }
	%% ]},

	{5280, ejabberd_http, [
	http_bind,
	http_poll,
	web_admin
	]},
	{5281, ejabberd_http, [
	http_bind,
	http_poll,
	tls,{certfile, "/opt/ejabberd/conf/server.pem"}
	]}

	]}.

	{s2s_use_starttls, true}.
	{s2s_default_policy, allow}.
	{s2s_certfile, "/opt/ejabberd/conf/server.pem"}.


	%%% ==============
	%%% AUTHENTICATION

	{auth_method, internal}.


	%%% ===============
	%%% TRAFFIC SHAPERS

	{shaper, normal, {maxrate, 1000}}.
	{shaper, fast, {maxrate, 50000}}.


	%%% ====================
	%%% ACCESS CONTROL LISTS

	%% CHANGE THIS
	{acl, admin, {user, "admin", "xmpp.example.com"}}.
	{acl, local, {user_regexp, ""}}.


	%% if you HAVE NOT compiled ejabberd-xmlrpc module, you
	%% Need to declare all your hypervisors as ejabberd admin
	%% The hypervisor JID is defined in archipel.conf. By default it
	%% it is hypervisor@FQDN

	{acl, admin, {user, "hypervisor", "xmpp.example.com"}}.
	%% {acl, admin, {user, "hypervisor-x", "FQDN"}}.
	%% {acl, admin, {user, "hypervisor-n", "FQDN"}}.


	%%% ============
	%%% ACCESS RULES

	{access, max_user_sessions, [{10, all}]}.
	{access, local, [{allow, local}]}.
	{access, c2s, [{deny, blocked}, {allow, all}]}.
	{access, c2s_shaper, [{none, admin}, {none, all}]}.
	{access, s2s_shaper, [{fast, all}]}.
	{access, announce, [{allow, admin}]}.
	{access, configure, [{allow, admin}]}.
	{access, muc_admin, [{allow, admin}]}.
	{access, muc, [{allow, all}]}.
	{access, muc_create, [{allow, local}]}.
	{access, pubsub_createnode, [{allow, all}]}.


	%%% ================
	%%% DEFAULT LANGUAGE

	{language, "en"}.


	%%% =======
	%%% REGISTRATION

	{access, register, [{allow, all}]}.
	{registration_timeout, infinity}.

	%%% =======
	%%% MODULES

	{modules,
	[
	{mod_adhoc, []},
	{mod_announce, [{access, announce}]}, % requires mod_adhoc
	{mod_caps, []},
	{mod_configure,[]},
	{mod_disco, []},
	{mod_http_bind,[
	{max_inactivity, 480} % timeout value for the BOSH, usefull for a large number of VM
	]},
	{mod_irc, []},
	{mod_last, []},
	{mod_muc, [
	{access, muc},
	{access_create, muc_create},
	{access_persistent, muc_create},
	{access_admin, muc_admin}
	]},
	{mod_offline, []},
	{mod_privacy, []},
	{mod_private, []},
	{mod_pubsub, [ % requires mod_caps
	{access_createnode, pubsub_createnode},
	{ignore_pep_from_offline, true},
	{last_item_cache, false},
	{plugins, ["flat", "hometree", "pep"]},
	{max_items_node, 1000}
	]},
	{mod_register, [
	{access, register}
	]},
	{mod_roster, []},
	{mod_shared_roster,[]},
	{mod_time, []},
	{mod_vcard, []},
	{mod_version, []},
	{mod_admin_extra, []}
	]}.