diff options
| -rw-r--r-- | core/configmanager.lua | 6 | ||||
| -rw-r--r-- | core/hostmanager.lua | 6 | ||||
| -rw-r--r-- | plugins/muc/muc.lib.lua | 2 | ||||
| -rw-r--r-- | prosody.cfg.lua.dist | 233 |
4 files changed, 118 insertions, 129 deletions
diff --git a/core/configmanager.lua b/core/configmanager.lua index e7677df6..54fb0a9a 100644 --- a/core/configmanager.lua +++ b/core/configmanager.lua @@ -112,7 +112,7 @@ do function parsers.lua.load(data, filename) local env; -- The ' = true' are needed so as not to set off __newindex when we assign the functions below - env = setmetatable({ Host = true; host = true; Component = true, component = true, + env = setmetatable({ Host = true, host = true, VirtualHost = true, Component = true, component = true, Include = true, include = true, RunScript = dofile }, { __index = function (t, k) return rawget(_G, k) or function (settings_table) @@ -124,7 +124,7 @@ do end}); rawset(env, "__currenthost", "*") -- Default is global - function env.Host(name) + function env.VirtualHost(name) if rawget(config, name) and rawget(config[name].core, "component_module") then error(format("Host %q clashes with previously defined %s Component %q, for services use a sub-domain like conference.%s", name, config[name].core.component_module:gsub("^%a+$", { component = "external", muc = "MUC"}), name, name), 0); @@ -133,7 +133,7 @@ do -- Needs at least one setting to logically exist :) set(name or "*", "core", "defined", true); end - env.host = env.Host; + env.Host, env.host = env.VirtualHost, env.VirtualHost; function env.Component(name) if rawget(config, name) and rawget(config[name].core, "defined") and not rawget(config[name].core, "component_module") then diff --git a/core/hostmanager.lua b/core/hostmanager.lua index eb880449..c8928b27 100644 --- a/core/hostmanager.lua +++ b/core/hostmanager.lua @@ -42,7 +42,7 @@ local function load_enabled_hosts(config) end if not activated_any_host then - log("error", "No hosts defined in the config file. This may cause unexpected behaviour as no modules will be loaded."); + log("error", "No active VirtualHost entries in the config file. This may cause unexpected behaviour as no modules will be loaded."); end eventmanager.fire_event("hosts-activated", defined_hosts); @@ -60,8 +60,8 @@ function activate(host, host_config) dialback_secret = configmanager.get(host, "core", "dialback_secret") or uuid_gen(); }; for option_name in pairs(host_config.core) do - if option_name:match("_ports$") then - log("warn", "%s: Option '%s' has no effect for virtual hosts - put it in global Host \"*\" instead", host, option_name); + if option_name:match("_ports$") or option_name:match("_interface$") then + log("warn", "%s: Option '%s' has no effect for virtual hosts - put it in the server-wide section instead", host, option_name); end end diff --git a/plugins/muc/muc.lib.lua b/plugins/muc/muc.lib.lua index 1081c5ff..18c80325 100644 --- a/plugins/muc/muc.lib.lua +++ b/plugins/muc/muc.lib.lua @@ -751,7 +751,7 @@ end function room_mt:set_role(actor, occupant_jid, role, callback, reason) if role == "none" then role = nil; end if role and role ~= "moderator" and role ~= "participant" and role ~= "visitor" then return nil, "modify", "not-acceptable"; end - if self:get_affiliation(actor) ~= "owner" then return nil, "cancel", "not-allowed"; end + if self:get_role(self._jid_nick[actor]) ~= "moderator" then return nil, "cancel", "not-allowed"; end local occupant = self._occupants[occupant_jid]; if not occupant then return nil, "modify", "not-acceptable"; end if occupant.affiliation == "owner" or occupant.affiliation == "admin" then return nil, "cancel", "not-allowed"; end diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index c959b4fe..a17eb877 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -1,138 +1,127 @@ -- Prosody Example Configuration File +-- +-- Information on configuring Prosody can be found on our +-- website at http://prosody.im/doc/configure +-- +-- Tip: You can check that the syntax of this file is correct +-- when you have finished by running: luac -p prosody.cfg.lua +-- If there are any errors, it will let you know what and where +-- they are, otherwise it will keep quiet. -- --- If it wasn't already obvious, -- starts a comment, and all --- text after it on a line is ignored by Prosody. --- --- The config is split into sections, a global section, and one --- for each defined host that we serve. You can add as many host --- sections as you like. --- --- Lists are written { "like", "this", "one" } --- Lists can also be of { 1, 2, 3 } numbers, and other things. --- Either commas, or semi-colons; may be used --- as seperators. --- --- A table is a list of values, except each value has a name. An --- example table would be: --- --- ssl = { key = "keyfile.key", certificate = "certificate.cert" } --- --- Whitespace (that is tabs, spaces, line breaks) is mostly --- insignificant, so --- can --- be placed anywhere that you deem fitting. --- --- Tip: You can check that the syntax of this file is correct when you --- have finished by running: luac -p prosody.cfg.lua --- If there are any errors, it will let you know what and where they --- are, otherwise it will keep quiet. --- --- The only thing left to do is rename this file to remove the .dist --- ending, and fill in the +-- The only thing left to do is rename this file to remove the .dist ending, and fill in the -- blanks. Good luck, and happy Jabbering! --- Server-wide settings go in this section -Host "*" - - -- This is a (by default, empty) list of accounts that are admins for the - -- server. Note that you must create the accounts separately (see - -- http://prosody.im/doc/creating_accounts) - -- Example: admins = { "user1@example.com", "user2@example.net" } - admins = { } - - -- Enable use of libevent for better performance under high load - -- For more information see: http://prosody.im/doc/libevent - --use_libevent = true; - - -- This is the list of modules Prosody will load on startup. It looks for - -- mod_modulename.lua in the plugins folder, so make sure that exists too. - -- Documentation on modules can be found at: http://prosody.im/doc/modules - modules_enabled = { - -- Generally required - "roster"; -- Allow users to have a roster. Recommended ;) - "saslauth"; -- Authentication for clients and servers. Recommended if - -- you want to log in. - "dialback"; -- s2s dialback support - "disco"; -- Service discovery - "posix"; -- POSIX functionality, daemonizes, enables syslog, etc. - - -- Not essential, but recommended - "private"; -- Private XML storage (for room bookmarks, etc.) - "vcard"; -- Allow users to set vCards - "tls"; -- Support for secure TLS on c2s/s2s connections - --"privacy"; -- Support privacy lists - --"compression"; -- Stream compression for client-to-server streams - - -- Nice to have - "legacyauth"; -- Legacy authentication. Only used by some old - -- clients and bots. - "version"; -- Replies to server version requests - "uptime"; -- Report how long server has been running - "time"; -- Let others know the time here on this server - "ping"; -- Replies to XMPP pings with pongs - "pep"; -- Enables users to publish their mood, activity, playing - -- music and more - "register"; -- Allow users to register on this server using a client - -- and change passwords - - -- Other specific functionality - --"console"; -- telnet to port 5582 - -- (needs console_enabled = true) - --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" - --"httpserver"; -- Serve static files from a directory over - -- HTTP - --"groups"; -- Shared roster support - --"announce"; -- Send announcement to all online users - --"welcome"; -- Welcome users who register accounts - --"watchregistrations"; -- Alert admins of registrations - } - -- These modules are auto-loaded, should you for (for some mad - -- reason) want to disable them then uncomment them below. - modules_disabled = { - --"presence"; - --"message"; - --"iq"; - } +---------- Server-wide settings ---------- +-- Settings in this section apply to the whole server and are the default settings +-- for any virtual hosts - -- Disable account creation by default, for security - -- For more information see http://prosody.im/doc/creating_accounts - allow_registration = false; +-- This is a (by default, empty) list of accounts that are admins +-- for the server. Note that you must create the accounts separately +-- (see http://prosody.im/doc/creating_accounts for info) +-- Example: admins = { "user1@example.com", "user2@example.net" } +admins = { } - --These are the SSL/TLS-related settings. - --ssl = { - -- key = "certs/localhost.key"; - -- certificate = "certs/localhost.cert"; - --} +-- Enable use of libevent for better performance under high load +-- For more information see: http://prosody.im/doc/libevent +--use_libevent = true; - -- Require encryption on client/server connections? - --c2s_require_encryption = false - --s2s_require_encryption = false +-- This is the list of modules Prosody will load on startup. +-- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too. +-- Documentation on modules can be found at: http://prosody.im/doc/modules +modules_enabled = { - -- Logging configuration - -- For advanced logging see http://prosody.im/doc/logging - log = "prosody.log"; - debug = false; -- Log debug messages? + -- Generally required + "roster"; -- Allow users to have a roster. Recommended ;) + "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. + "tls"; -- Add support for secure TLS on c2s/s2s connections + "dialback"; -- s2s dialback support + "disco"; -- Service discovery + + -- Not essential, but recommended + "private"; -- Private XML storage (for room bookmarks, etc.) + "vcard"; -- Allow users to set vCards + --"privacy"; -- Support privacy lists + --"compression"; -- Stream compression + + -- Nice to have + "legacyauth"; -- Legacy authentication. Only used by some old clients and bots. + "version"; -- Replies to server version requests + "uptime"; -- Report how long server has been running + "time"; -- Let others know the time here on this server + "ping"; -- Replies to XMPP pings with pongs + "pep"; -- Enables users to publish their mood, activity, playing music and more + "register"; -- Allow users to register on this server using a client and change passwords + + -- Other specific functionality + --"posix"; -- POSIX functionality, sends server to background, enables syslog, etc. + --"console"; -- Opens admin telnet interface on localhost port 5582 + --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" + --"httpserver"; -- Serve static files from a directory over HTTP + --"groups"; -- Shared roster support + --"announce"; -- Send announcement to all online users + --"welcome"; -- Welcome users who register accounts + --"watchregistrations"; -- Alert admins of registrations +}; + +-- These modules are auto-loaded, should you +-- for (for some mad reason) want to disable +-- them then uncomment them below +modules_disabled = { + -- "presence"; + -- "message"; + -- "iq"; +}; + +-- Disable account creation by default, for security +-- For more information see http://prosody.im/doc/creating_accounts +allow_registration = false; + +-- These are the SSL/TLS-related settings. If you don't want +-- to use SSL/TLS, you may comment or remove this +ssl = { + key = "certs/localhost.key"; + certificate = "certs/localhost.cert"; +} + +-- Require encryption on client/server connections? +--c2s_require_encryption = false +--s2s_require_encryption = false + +-- Logging configuration +-- For advanced logging see http://prosody.im/doc/logging +log = "prosody.log"; +debug = false; -- Log debug messages? + +----------- Virtual hosts ----------- +-- You need to add a VirtualHost entry for each domain you wish Prosody to serve. +-- Settings under each VirtualHost entry apply *only* to that host. + +VirtualHost "localhost" + +VirtualHost "example.com" + enabled = false -- Remove this line to enable this host --- This allows clients to connect to localhost. No harm in it. -Host "localhost" + -- Assign this host a certificate for TLS, otherwise it would use the one + -- set in the global section (if any). + -- Note that old-style SSL on port 5223 only supports one certificate, and will always + -- use the global one. + ssl = { + key = "certs/example.com.key"; + certificate = "certs/example.com.crt"; + } --- Section for example.com --- (replace example.com with your domain name) -Host "example.com" - enabled = false -- This will disable the host, preserving the config, but - -- denying connections (remove to enable!) +------ Components ------ +-- You can specify components to add hosts that provide special services, +-- like multi-user conferences, and transports. +-- For more information on components, see http://prosody.im/doc/components - -- Assign this host a certificate for TLS, otherwise it would use the one - -- set in the global section (if any). Note that old-style SSL on port 5223 - -- only supports one certificate, and will always use the global one. - --ssl = { - -- key = "certs/example.com.key"; - -- certificate = "certs/example.com.crt"; - --} - --- Set up a MUC (multi-user chat) room server on conference.example.com: +---Set up a MUC (multi-user chat) room server on conference.example.com: --Component "conference.example.com" "muc" -- Set up a SOCKS5 bytestream proxy for server-proxied file transfers: --Component "proxy.example.com" "proxy65" + +---Set up an external component (default component port is 5347) +--Component "gateway.example.com" +-- component_secret = "password" |