@ -12,23 +12,10 @@
### ******* MAKE SURE YOU INDENT SECTIONS CORRECTLY *******
### *******************************************************
### Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
### However, ejabberd treats different literals as different types:
###
### - unquoted or single-quoted strings. They are called "atoms".
### Example: dog, 'Jupiter', '3.14159', YELLOW
###
### - numeric literals. Example: 3, -45.0, .0
###
### - quoted or folded strings.
### Examples of quoted string: "Lizzard", "orange".
### Example of folded string:
### > Art thou not Romeo,
### and a Montague?
###
language : "en"
hosts:
- "localhost"
- localhost
loglevel : 4
log_rotate_size : 10485760
@ -37,14 +24,14 @@ log_rotate_count: 1
log_rate_limit : 100
certfiles:
- "/home/ejabberd/conf/server.pem"
- /home/ejabberd/conf/server.pem
ca_file : "/home/ejabberd/conf/cacert.pem"
# When using let's encrypt to generate certificates
# # When using let's encrypt to generate certificates
##certfiles:
## - "/etc/letsencrypt/live/localhost/cert.pem"
## - " /etc/letsencrypt/live/localhost/privkey.pem"
## - /etc/letsencrypt/live/localhost/fullchain.pem
## - /etc/letsencrypt/live/localhost/privkey.pem
##
##ca_file: "/etc/letsencrypt/live/localhost/fullchain.pem"
@ -86,6 +73,55 @@ listen:
ip : "::"
module : mod_mqtt
backlog : 1000
##
## https://docs.ejabberd.im/admin/configuration/#stun-and-turn
## ejabberd_stun: Handles STUN Binding requests
##
##-
## port: 3478
## ip: "0.0.0.0"
## transport: udp
## module: ejabberd_stun
## use_turn: true
## turn_ip: "{{ IP }}"
## auth_type: user
## auth_realm: "example.com"
##-
## port: 3478
## ip: "0.0.0.0"
## module: ejabberd_stun
## use_turn: true
## turn_ip: "{{ IP }}"
## auth_type: user
## auth_realm: "example.com"
##-
## port: 5349
## ip: "0.0.0.0"
## module: ejabberd_stun
## certfile: "/home/ejabberd/conf/server.pem"
## tls: true
## use_turn: true
## turn_ip: "{{ IP }}"
## auth_type: user
## auth_realm: "example.com"
##
## https://docs.ejabberd.im/admin/configuration/#sip
## To handle SIP (VOIP) requests:
##
##-
## port: 5060
## ip: "0.0.0.0"
## transport: udp
## module: ejabberd_sip
##-
## port: 5060
## ip: "0.0.0.0"
## module: ejabberd_sip
##-
## port: 5061
## ip: "0.0.0.0"
## module: ejabberd_sip
## tls: true
s2s_use_starttls : optional
@ -94,31 +130,29 @@ acl:
user_regexp : ""
loopback:
ip:
- "127.0.0.0/8"
- "::1/128"
- "::FFFF:127.0.0.1/128"
- 127.0 .0 .0 /8
- : : 1 /128
- : : FFFF:127.0.0.1/128
admin:
user:
- "admin@localhost"
access_rules:
local:
- allow : local
allow : local
c2s:
- deny : blocked
- allow
deny : blocked
allow : all
announce:
- allow : admin
allow : admin
configure:
- allow : admin
allow : admin
muc_create:
- allow : local
allow : local
pubsub_createnode:
- allow : local
register:
- allow
allow : local
trusted_network:
- allow : loopback
allow : loopback
api_permissions:
"console commands" :
@ -128,26 +162,26 @@ api_permissions:
what : "*"
"admin access" :
who:
- access:
- allow:
- acl : loopback
- acl : admin
- oauth:
- scope : "ejabberd:admin"
- access:
- allow:
- acl : loopback
- acl : admin
access:
allow:
acl : loopback
acl : admin
oauth:
scope : "ejabberd:admin"
access:
allow:
acl : loopback
acl : admin
what:
- "*"
- "!stop"
- "!start"
"public commands" :
who:
- ip : "127.0.0.1/8"
ip : 127.0 .0 .1 /8
what:
- "status"
- "connected_users_number"
- status
- connected_users_number
shaper:
normal : 1000
@ -156,11 +190,11 @@ shaper:
shaper_rules:
max_user_sessions : 10
max_user_offline_messages:
- 5000 : admin
- 100
5000 : admin
100 : all
c2s_shaper:
- none : admin
- norma l
none : admin
normal : al l
s2s_shaper : fast
max_fsm_queue : 10000
@ -185,15 +219,15 @@ modules:
mod_fail2ban : {}
mod_http_api : {}
mod_http_upload:
put_url : "https://@HOST@:5443/upload"
put_url : https://@HOST@:5443/upload
mod_last : {}
## mod_mam:
mod_mam:
## Mnesia is limited to 2GB, better to use an SQL backend
## For small servers SQLite is a good fit and is very easy
## to configure. Uncomment this when you have SQL configured:
## db_type: sql
## assume_mam_usage: true
## default: always
assume_mam_usage : true
default : never
mod_mqtt : {}
mod_muc:
access:
@ -202,9 +236,11 @@ modules:
- allow : admin
access_create : muc_create
access_persistent : muc_create
access_mam:
- allow
default_room_options:
allow_subscription : true # enable MucSub
## mam: tru e
mam : fals e
mod_muc_admin : {}
mod_offline:
access_max_user_messages : max_user_offline_messages
@ -217,11 +253,11 @@ modules:
mod_pubsub:
access_createnode : pubsub_createnode
plugins:
- "flat"
- "pep"
- flat
- pep
force_node_config:
## Avoid buggy clients to make their bookmarks public
"storage:bookmarks" :
storage:bookmarks :
access_model : whitelist
mod_push : {}
mod_push_keepalive : {}
@ -234,6 +270,7 @@ modules:
ip_access : trusted_network
mod_roster:
versioning : true
mod_sip : {}
mod_s2s_dialback : {}
mod_shared_roster : {}
mod_stream_mgmt: