Mise à jour de 'prosody.cfg.lua'

This commit is contained in:
Anael G 2021-03-12 20:06:08 +01:00
parent 7527705c81
commit 622bcbc8c0
1 changed files with 17 additions and 58 deletions

View File

@ -1,16 +1,4 @@
-- Prosody XMPP Server Configuration
--
-- Information on configuring Prosody can be found on our
-- website at https://prosody.im/doc/configure
--
-- Tip: You can check that the syntax of this file is correct
-- when you have finished by running this command:
-- prosodyctl check config
-- If there are any errors, it will let you know what and where
-- they are, otherwise it will keep quiet.
--
-- Good luck, and happy Jabbering!
---------- Server-wide settings ----------
-- Settings in this section apply to the whole server and are the default settings
@ -22,10 +10,7 @@ admins = {"anael@im.cyberjinh.fr", "keepwatchingme@im.cyberjinh.fr" }
-- For more information see: https://prosody.im/doc/libevent
--use_libevent = true
-- Prosody will always look in its source directory for modules, but
-- this option allows you to specify additional locations where Prosody
-- will look for modules first. For community modules, see https://modules.prosody.im/
plugin_paths = { "/usr/lib/prosody/modules/community-mod/prosody-modules" }
plugin_paths = { "/usr/lib/prosody/modules/community-mod/prosody-modules" }
-- This is the list of modules Prosody will load on startup.
-- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
@ -82,7 +67,7 @@ modules_enabled = {
"http"; -- Active HTTP
-- "register_web"; -- Active registraion web page
"strict_https";
"http_upload";
-- "http_upload";
"webpresence";
"server_contact_info";
"block_registrations";
@ -90,6 +75,8 @@ modules_enabled = {
"http_altconnect";
"bookmarks";
"turncredentials";
"external_services";
"block_strangers";
}
@ -104,7 +91,7 @@ modules_disabled = {
hsts_header = "max-age=31556952"
turncredentials_host = "turn.im.cyberjinh.fr"
turncredentials_secret = "mysecret"
turncredentials_secret = "secret"
console_ports = { 5582 }
--legacy_ssl_ports = { 5223 }
@ -131,11 +118,11 @@ contact_info = {
feedback = { "xmpp:keepwatchingme@im.cyberjinh.fr", "https:cyberjinh.fr/contact.html" };
support = { "xmpp:keepwatchingme@im.cyberjinh.fr", "https:cyberjinh.fr/contact.html" };
}
-- consider_bosh_secure = true
-- cross_domain_bosh = true
consider_bosh_secure = true
cross_domain_bosh = true
-- cross_domain_websocket = { "https://im.cyberjinh.fr" };
-- consider_websocket_secure = true
cross_domain_websocket = { "https://im.cyberjinh.fr" };
consider_websocket_secure = true
-- mod_limit_auth --
limit_auth_period = 30
@ -150,38 +137,15 @@ smacks_max_ack_delay = 60
-- mod_cloud_notify --
push_notification_important_body = "Nouveau Message"
-- mod_conversjs --
-- conversejs_options = {
-- debug = true;
-- view_mode = "fullscreen";
-- }
-- Disable account creation by default, for security
-- For more information see https://prosody.im/doc/creating_accounts
allow_registration = false
--mod_block_registrations--
block_registrations_users = { "administrator", "admin", "hostmaster", "postmaster", "webmaster", "root", "xmpp", "anael" }
block_registrations_require = "^[a-zA-Z0-9_.-]+$" -- Allow only simple ASCII characters in usernames
-- Force clients to use encrypted connections? This option will
-- prevent clients from authenticating unless they are using encryption.
c2s_require_encryption = true
-- Force servers to use encrypted connections? This option will
-- prevent servers from authenticating unless they are using encryption.
-- Note that this is different from authentication
s2s_require_encryption = true
-- Force certificate authentication for server-to-server connections?
-- This provides ideal security, but requires servers you communicate
-- with to support encryption AND present valid, trusted certificates.
-- NOTE: Your version of LuaSec must support certificate verification!
-- For more information see https://prosody.im/doc/s2s#security
s2s_secure_auth = true
-- Some servers have invalid or self-signed certificates. You can list
@ -237,7 +201,7 @@ max_archive_query_results = 20;
-- For advanced logging see https://prosody.im/doc/logging
log = {
-- info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging
info = "/dev/null";
info = "/var/log/prosody/prosody.log";
error = "/var/log/prosody/prosody.err";
-- "*syslog"; -- Uncomment this for logging to syslog
-- "*console"; -- Log to the console, useful for debugging with daemonize=false
@ -268,14 +232,8 @@ enabled = true;
legacy_ssl_ports = { 5223 }
-- http_external_url = "im.cyberjinh.fr"
allow_registration = false;
min_seconds_between_registrations = 3600
-- Assign this host a certificate for TLS, otherwise it would use the one
-- set in the global section (if any).
-- Note that old-style SSL on port 5223 only supports one certificate, and will always
-- use the global one.
certificates = "/etc/prosody/certs/"
-- min_seconds_between_registrations = 3600
certificates = "/etc/prosody/certs/"
------ Components ------
-- You can specify components to add hosts that provide special services,
@ -317,14 +275,15 @@ Component "proxy.im.cyberjinh.fr" "proxy65"
-- see: http://prosody.im/doc/components#adding_an_external_component
--
Component "upload.im.cyberjinh.fr"
Component "upload.im.cyberjinh.fr" "http_upload"
http_upload_expire_after = 60 * 60 * 24 * 7
http_upload_file_size_limit = 10 * 1024 * 1024
http_upload_file_size_limit = 5242880
--Component "irc.cyberjinh.fr"
-- component_secret = "mysecondsecret"
Component "irc.im.cyberjinh.fr"
component_secret = "secret"
ssl = {
key = "/etc/prosody/certs/im.cyberjinh.fr/privkey.pem";
certificate = "/etc/prosody/certs/im.cyberjinh.fr/fullchain.pem";
}