Mise à jour de 'prosody.cfg.lua'

This commit is contained in:
Anael G 2021-03-12 20:06:08 +01:00
parent 7527705c81
commit 622bcbc8c0

View File

@ -1,16 +1,4 @@
-- Prosody XMPP Server Configuration -- Prosody XMPP Server Configuration
--
-- Information on configuring Prosody can be found on our
-- website at https://prosody.im/doc/configure
--
-- Tip: You can check that the syntax of this file is correct
-- when you have finished by running this command:
-- prosodyctl check config
-- If there are any errors, it will let you know what and where
-- they are, otherwise it will keep quiet.
--
-- Good luck, and happy Jabbering!
---------- Server-wide settings ---------- ---------- Server-wide settings ----------
-- Settings in this section apply to the whole server and are the default settings -- Settings in this section apply to the whole server and are the default settings
@ -22,10 +10,7 @@ admins = {"anael@im.cyberjinh.fr", "keepwatchingme@im.cyberjinh.fr" }
-- For more information see: https://prosody.im/doc/libevent -- For more information see: https://prosody.im/doc/libevent
--use_libevent = true --use_libevent = true
-- Prosody will always look in its source directory for modules, but plugin_paths = { "/usr/lib/prosody/modules/community-mod/prosody-modules" }
-- this option allows you to specify additional locations where Prosody
-- will look for modules first. For community modules, see https://modules.prosody.im/
plugin_paths = { "/usr/lib/prosody/modules/community-mod/prosody-modules" }
-- This is the list of modules Prosody will load on startup. -- This is the list of modules Prosody will load on startup.
-- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too. -- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
@ -82,7 +67,7 @@ modules_enabled = {
"http"; -- Active HTTP "http"; -- Active HTTP
-- "register_web"; -- Active registraion web page -- "register_web"; -- Active registraion web page
"strict_https"; "strict_https";
"http_upload"; -- "http_upload";
"webpresence"; "webpresence";
"server_contact_info"; "server_contact_info";
"block_registrations"; "block_registrations";
@ -90,6 +75,8 @@ modules_enabled = {
"http_altconnect"; "http_altconnect";
"bookmarks"; "bookmarks";
"turncredentials"; "turncredentials";
"external_services";
"block_strangers";
} }
@ -104,7 +91,7 @@ modules_disabled = {
hsts_header = "max-age=31556952" hsts_header = "max-age=31556952"
turncredentials_host = "turn.im.cyberjinh.fr" turncredentials_host = "turn.im.cyberjinh.fr"
turncredentials_secret = "mysecret" turncredentials_secret = "secret"
console_ports = { 5582 } console_ports = { 5582 }
--legacy_ssl_ports = { 5223 } --legacy_ssl_ports = { 5223 }
@ -131,11 +118,11 @@ contact_info = {
feedback = { "xmpp:keepwatchingme@im.cyberjinh.fr", "https:cyberjinh.fr/contact.html" }; feedback = { "xmpp:keepwatchingme@im.cyberjinh.fr", "https:cyberjinh.fr/contact.html" };
support = { "xmpp:keepwatchingme@im.cyberjinh.fr", "https:cyberjinh.fr/contact.html" }; support = { "xmpp:keepwatchingme@im.cyberjinh.fr", "https:cyberjinh.fr/contact.html" };
} }
-- consider_bosh_secure = true consider_bosh_secure = true
-- cross_domain_bosh = true cross_domain_bosh = true
-- cross_domain_websocket = { "https://im.cyberjinh.fr" }; cross_domain_websocket = { "https://im.cyberjinh.fr" };
-- consider_websocket_secure = true consider_websocket_secure = true
-- mod_limit_auth -- -- mod_limit_auth --
limit_auth_period = 30 limit_auth_period = 30
@ -150,38 +137,15 @@ smacks_max_ack_delay = 60
-- mod_cloud_notify -- -- mod_cloud_notify --
push_notification_important_body = "Nouveau Message" push_notification_important_body = "Nouveau Message"
-- mod_conversjs --
-- conversejs_options = {
-- debug = true;
-- view_mode = "fullscreen";
-- }
-- Disable account creation by default, for security -- Disable account creation by default, for security
-- For more information see https://prosody.im/doc/creating_accounts
allow_registration = false allow_registration = false
--mod_block_registrations-- --mod_block_registrations--
block_registrations_users = { "administrator", "admin", "hostmaster", "postmaster", "webmaster", "root", "xmpp", "anael" } block_registrations_users = { "administrator", "admin", "hostmaster", "postmaster", "webmaster", "root", "xmpp", "anael" }
block_registrations_require = "^[a-zA-Z0-9_.-]+$" -- Allow only simple ASCII characters in usernames block_registrations_require = "^[a-zA-Z0-9_.-]+$" -- Allow only simple ASCII characters in usernames
-- Force clients to use encrypted connections? This option will
-- prevent clients from authenticating unless they are using encryption.
c2s_require_encryption = true c2s_require_encryption = true
-- Force servers to use encrypted connections? This option will
-- prevent servers from authenticating unless they are using encryption.
-- Note that this is different from authentication
s2s_require_encryption = true s2s_require_encryption = true
-- Force certificate authentication for server-to-server connections?
-- This provides ideal security, but requires servers you communicate
-- with to support encryption AND present valid, trusted certificates.
-- NOTE: Your version of LuaSec must support certificate verification!
-- For more information see https://prosody.im/doc/s2s#security
s2s_secure_auth = true s2s_secure_auth = true
-- Some servers have invalid or self-signed certificates. You can list -- Some servers have invalid or self-signed certificates. You can list
@ -237,7 +201,7 @@ max_archive_query_results = 20;
-- For advanced logging see https://prosody.im/doc/logging -- For advanced logging see https://prosody.im/doc/logging
log = { log = {
-- info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging -- info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging
info = "/dev/null"; info = "/var/log/prosody/prosody.log";
error = "/var/log/prosody/prosody.err"; error = "/var/log/prosody/prosody.err";
-- "*syslog"; -- Uncomment this for logging to syslog -- "*syslog"; -- Uncomment this for logging to syslog
-- "*console"; -- Log to the console, useful for debugging with daemonize=false -- "*console"; -- Log to the console, useful for debugging with daemonize=false
@ -268,14 +232,8 @@ enabled = true;
legacy_ssl_ports = { 5223 } legacy_ssl_ports = { 5223 }
-- http_external_url = "im.cyberjinh.fr" -- http_external_url = "im.cyberjinh.fr"
allow_registration = false; allow_registration = false;
min_seconds_between_registrations = 3600 -- min_seconds_between_registrations = 3600
certificates = "/etc/prosody/certs/"
-- Assign this host a certificate for TLS, otherwise it would use the one
-- set in the global section (if any).
-- Note that old-style SSL on port 5223 only supports one certificate, and will always
-- use the global one.
certificates = "/etc/prosody/certs/"
------ Components ------ ------ Components ------
-- You can specify components to add hosts that provide special services, -- You can specify components to add hosts that provide special services,
@ -317,14 +275,15 @@ Component "proxy.im.cyberjinh.fr" "proxy65"
-- see: http://prosody.im/doc/components#adding_an_external_component -- see: http://prosody.im/doc/components#adding_an_external_component
-- --
Component "upload.im.cyberjinh.fr" Component "upload.im.cyberjinh.fr" "http_upload"
http_upload_expire_after = 60 * 60 * 24 * 7 http_upload_expire_after = 60 * 60 * 24 * 7
http_upload_file_size_limit = 10 * 1024 * 1024 http_upload_file_size_limit = 5242880
--Component "irc.cyberjinh.fr" Component "irc.im.cyberjinh.fr"
-- component_secret = "mysecondsecret" component_secret = "secret"
ssl = { ssl = {
key = "/etc/prosody/certs/im.cyberjinh.fr/privkey.pem"; key = "/etc/prosody/certs/im.cyberjinh.fr/privkey.pem";
certificate = "/etc/prosody/certs/im.cyberjinh.fr/fullchain.pem"; certificate = "/etc/prosody/certs/im.cyberjinh.fr/fullchain.pem";
} }