Skip to content

Instantly share code, notes, and snippets.

@muxueqz

muxueqz/ejabberd.cfg

Created February 26, 2013 05:41
Show Gist options
  • Save muxueqz/5036179 to your computer and use it in GitHub Desktop.
Save muxueqz/5036179 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ejabberd.cfg
%%%
%%% ejabberd configuration file
%%%
%%% The parameters used in this configuration file are explained in more detail
%%% in the ejabberd Installation and Operation Guide.
%%% Please consult the Guide in case of doubts, it is included in
%%% your copy of ejabberd, and is also available online at
%%% http://www.process-one.net/en/ejabberd/docs/
%%% This configuration file contains Erlang terms.
%%% In case you want to understand the syntax, here are the concepts:
%%%
%%% - The character to comment a line is %
%%%
%%% - Each term ends in a dot, for example:
%%% override_global.
%%%
%%% - A tuple has a fixed definition, its elements are
%%% enclosed in {}, and separated with commas:
%%% {loglevel, 4}.
%%%
%%% - A list can have as many elements as you want,
%%% and is enclosed in [], for example:
%%% [http_poll, web_admin, tls]
%%%
%%% - A keyword of ejabberd is a word in lowercase.
%%% The strings are enclosed in "" and can have spaces, dots...
%%% {language, "en"}.
%%% {ldap_rootdn, "dc=example,dc=com"}.
%%%
%%% - This term includes a tuple, a keyword, a list and two strings:
%%% {hosts, ["jabber.example.net", "im.example.com"]}.
%%%
%%% =======================
%%% OVERRIDE STORED OPTIONS
%%
%% Override the old values stored in the database.
%%
%%
%% Override global options (shared by all ejabberd nodes in a cluster).
%%
%%override_global.
%%
%% Override local options (specific for this particular ejabberd node).
%%
%%override_local.
%%
%% Remove the Access Control Lists before new ones are added.
%%
%%override_acls.
%%% =========
%%% DEBUGGING
%%
%% loglevel: Verbosity of log files generated by ejabberd.
%% 0: No ejabberd log at all (not recommended)
%% 1: Critical
%% 2: Error
%% 3: Warning
%% 4: Info
%% 5: Debug
%%
{loglevel, 3}.
%%
%% watchdog_admins: If an ejabberd process consumes too much memory,
%% send live notifications to those Jabber accounts.
%%
%%{watchdog_admins, ["[email protected]"]}.
%%% ================
%%% SERVED HOSTNAMES
%%
%% hosts: Domains served by ejabberd.
%% You can define one or several, for example:
%% {hosts, ["example.net", "example.com", "example.org"]}.
%%
{hosts, ["xmpp.example.com"]}.
%%
%% route_subdomains: Delegate subdomains to other Jabber server.
%% For example, if this ejabberd serves example.org and you want
%% to allow communication with a Jabber server called im.example.org.
%%
%%{route_subdomains, s2s}.
%%% ===============
%%% LISTENING PORTS
%%
%% listen: Which ports will ejabberd listen, which service handles it
%% and what options to start it with.
%%
{listen,
[
{5222, ejabberd_c2s, [
{certfile, "/opt/ejabberd/conf/server.pem"}, starttls,
{access, c2s},
starttls, {certfile, "/opt/ejabberd/conf/server.pem"},
{max_stanza_size, 65536000}
]},
%%
%% To enable the old SSL connection method in port 5223:
%%
%%{5223, ejabberd_c2s, [
%% {certfile, "/opt/ejabberd/conf/server.pem"}, tls,
%% {access, c2s},
%% {shaper, c2s_shaper},
%% {max_stanza_size, 65536}
%% ]},
{5269, ejabberd_s2s_in, [
{max_stanza_size, 65536000}
]},
%%
%% ejabberd_service: Interact with external components (transports...)
%%
%%{8888, ejabberd_service, [
%% {access, all},
%% {shaper_rule, fast},
%% {ip, {127, 0, 0, 1}},
%% {hosts, ["icq.example.org", "sms.example.org"],
%% [{password, "secret"}]
%% }
%% ]},
{5280, ejabberd_http, [
http_bind,
http_poll,
web_admin
]},
{5281, ejabberd_http, [
http_bind,
http_poll,
tls,{certfile, "/opt/ejabberd/conf/server.pem"}
]}
]}.
{s2s_use_starttls, true}.
{s2s_default_policy, allow}.
{s2s_certfile, "/opt/ejabberd/conf/server.pem"}.
%%% ==============
%%% AUTHENTICATION
{auth_method, internal}.
%%% ===============
%%% TRAFFIC SHAPERS
{shaper, normal, {maxrate, 1000}}.
{shaper, fast, {maxrate, 50000}}.
%%% ====================
%%% ACCESS CONTROL LISTS
%% CHANGE THIS
{acl, admin, {user, "admin", "xmpp.example.com"}}.
{acl, local, {user_regexp, ""}}.
%% if you HAVE NOT compiled ejabberd-xmlrpc module, you
%% Need to declare all your hypervisors as ejabberd admin
%% The hypervisor JID is defined in archipel.conf. By default it
%% it is hypervisor@FQDN
{acl, admin, {user, "hypervisor", "xmpp.example.com"}}.
%% {acl, admin, {user, "hypervisor-x", "FQDN"}}.
%% {acl, admin, {user, "hypervisor-n", "FQDN"}}.
%%% ============
%%% ACCESS RULES
{access, max_user_sessions, [{10, all}]}.
{access, local, [{allow, local}]}.
{access, c2s, [{deny, blocked}, {allow, all}]}.
{access, c2s_shaper, [{none, admin}, {none, all}]}.
{access, s2s_shaper, [{fast, all}]}.
{access, announce, [{allow, admin}]}.
{access, configure, [{allow, admin}]}.
{access, muc_admin, [{allow, admin}]}.
{access, muc, [{allow, all}]}.
{access, muc_create, [{allow, local}]}.
{access, pubsub_createnode, [{allow, all}]}.
%%% ================
%%% DEFAULT LANGUAGE
{language, "en"}.
%%% =======
%%% REGISTRATION
{access, register, [{allow, all}]}.
{registration_timeout, infinity}.
%%% =======
%%% MODULES
{modules,
[
{mod_adhoc, []},
{mod_announce, [{access, announce}]}, % requires mod_adhoc
{mod_caps, []},
{mod_configure,[]},
{mod_disco, []},
{mod_http_bind,[
{max_inactivity, 480} % timeout value for the BOSH, usefull for a large number of VM
]},
{mod_irc, []},
{mod_last, []},
{mod_muc, [
{access, muc},
{access_create, muc_create},
{access_persistent, muc_create},
{access_admin, muc_admin}
]},
{mod_offline, []},
{mod_privacy, []},
{mod_private, []},
{mod_pubsub, [ % requires mod_caps
{access_createnode, pubsub_createnode},
{ignore_pep_from_offline, true},
{last_item_cache, false},
{plugins, ["flat", "hometree", "pep"]},
{max_items_node, 1000}
]},
{mod_register, [
{access, register}
]},
{mod_roster, []},
{mod_shared_roster,[]},
{mod_time, []},
{mod_vcard, []},
{mod_version, []},
{mod_admin_extra, []}
]}.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment