From 02b2fe4d2be8f2aa90eb8491f4c330fd53ea7885 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Thu, 4 Feb 2021 00:49:07 +0100 Subject: prosody.cfg.lua.dist: Add note about 'localhost' --- prosody.cfg.lua.dist | 3 +++ 1 file changed, 3 insertions(+) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 5dfa68b8..ade77ff4 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -196,6 +196,9 @@ certificates = "certs" -- Settings under each VirtualHost entry apply *only* to that host. VirtualHost "localhost" +-- Prosody requires at least one enabled VirtualHost to function. You can +-- safely remove or disable 'localhost' once you have added another. + --VirtualHost "example.com" -- certificate = "/path/to/example.crt" -- cgit v1.2.3 From 225e6d21e823b7199d41f58b8b661a298c78347a Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Thu, 10 Feb 2022 18:02:59 +0100 Subject: prosody.cfg.lua.dist: Add new modules mod_admin_shell enabled by default because it's awesome! mod_smacks and mod_bookmarks under recommended since they're recommended by the compliance suite XEP-0459 Invites under nice to have and enabled by default to enable a somewhat nice out of the box experience Other new modules mostly under Other mod_external_services left out since it's an advanced thing --- prosody.cfg.lua.dist | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index ade77ff4..b1a1c323 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -56,6 +56,8 @@ modules_enabled = { "vcard4"; -- User profiles (stored in PEP) "vcard_legacy"; -- Conversion between legacy vCard and PEP Avatar, vcard "limits"; -- Enable bandwidth limiting for XMPP connections + "bookmarks"; -- Synchronise open rooms between clients + "smacks"; -- Stream management and resumption (XEP-0198) -- Nice to have "version"; -- Replies to server version requests @@ -63,17 +65,23 @@ modules_enabled = { "time"; -- Let others know the time here on this server "ping"; -- Replies to XMPP pings with pongs "register"; -- Allow users to register on this server using a client and change passwords + "invites"; -- Create and manage invites + "invites_register"; -- Create accounts using invites + "invites_adhoc"; -- Create invites via AdHoc command --"mam"; -- Store messages in an archive and allow users to access it --"csi_simple"; -- Simple Mobile optimizations + --"turn_external"; -- Provide external TURN (and STUN) service -- Admin interfaces "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands --"admin_telnet"; -- Opens telnet console interface on localhost port 5582 + "admin_shell"; -- Allow secure administration via an UNIX socket -- HTTP modules --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" --"websocket"; -- XMPP over WebSockets --"http_files"; -- Serve static files from a directory over HTTP + --"http_openmetrics"; -- for exposing metrics to stats collectors -- Other specific functionality --"groups"; -- Shared roster support @@ -84,6 +92,9 @@ modules_enabled = { --"motd"; -- Send a message to users when they log in --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots. --"proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use + --"mimicking"; -- Prevent address spoofing + --"tombstones"; -- Prevent registration of deleted accounts + --"s2s_bidi"; -- Bi-directional server-to-server (XEP-0288) } -- These modules are auto-loaded, but should you want @@ -213,6 +224,9 @@ VirtualHost "localhost" --- Store MUC messages in an archive and allow users to access it --modules_enabled = { "muc_mam" } +---Set up a file sharing component +--Component "share.example.com" "http_file_share" + ---Set up an external component (default component port is 5347) -- -- External components allow adding various services, such as gateways/ -- cgit v1.2.3 From a37682ba2e398eabeb3de0b14760488ae121bba7 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sat, 5 Feb 2022 18:10:41 +0100 Subject: prosody.cfg.lua.dist: Remove installer_plugin_path Most users shouldn't need to add this, and it works out of the box. Not important enough to justify having it in the default config. --- prosody.cfg.lua.dist | 4 ---- 1 file changed, 4 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index b1a1c323..03413ef8 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -32,10 +32,6 @@ admins = { } -- will look for modules first. For community modules, see https://modules.prosody.im/ --plugin_paths = {} --- Single directory for custom prosody plugins and/or Lua libraries installation --- This path takes priority over plugin_paths, when prosody is searching for modules ---installer_plugin_path = "" - -- This is the list of modules Prosody will load on startup. -- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too. -- Documentation for bundled modules can be found at: https://prosody.im/doc/modules -- cgit v1.2.3 From c8515415ec9ea46ced67cd7a9e74e9a4c3abebce Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sat, 5 Feb 2022 18:14:17 +0100 Subject: prosody.cfg.lua.dist: Remove mention of deprecated daemonize option Just run ./prosody like me! --- prosody.cfg.lua.dist | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 03413ef8..7f25f36d 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -178,7 +178,7 @@ log = { info = "prosody.log"; -- Change 'info' to 'debug' for verbose logging error = "prosody.err"; -- "*syslog"; -- Uncomment this for logging to syslog - -- "*console"; -- Log to the console, useful for debugging with daemonize=false + -- "*console"; -- Log to the console, useful for debugging when running in the foreground } -- Uncomment to enable statistics -- cgit v1.2.3 From 99e90a99142facdeffd4af56ae1c7b8360609c9e Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sat, 5 Feb 2022 18:17:52 +0100 Subject: prosody.cfg.lua.dist: Remove https_certificate, this should Just Work now --- prosody.cfg.lua.dist | 3 --- 1 file changed, 3 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 7f25f36d..d3796f63 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -195,9 +195,6 @@ log = { -- Location of directory to find certificates in (relative to main config file): certificates = "certs" --- HTTPS currently only supports a single certificate, specify it here: ---https_certificate = "certs/localhost.crt" - ----------- Virtual hosts ----------- -- You need to add a VirtualHost entry for each domain you wish Prosody to serve. -- Settings under each VirtualHost entry apply *only* to that host. -- cgit v1.2.3 From deccf683d20f69e3f5dbfef349e34767191bb466 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Thu, 10 Feb 2022 17:15:18 +0100 Subject: prosody.cfg.lua.dist: Move Dialback down Mostly a source of security issues lately --- prosody.cfg.lua.dist | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index d3796f63..f2a80e52 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -41,7 +41,6 @@ modules_enabled = { "roster"; -- Allow users to have a roster. Recommended ;) "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. "tls"; -- Add support for secure TLS on c2s/s2s connections - "dialback"; -- s2s dialback support "disco"; -- Service discovery -- Not essential, but recommended @@ -54,6 +53,7 @@ modules_enabled = { "limits"; -- Enable bandwidth limiting for XMPP connections "bookmarks"; -- Synchronise open rooms between clients "smacks"; -- Stream management and resumption (XEP-0198) + "dialback"; -- s2s dialback support -- Nice to have "version"; -- Replies to server version requests -- cgit v1.2.3 From ca1d202df0464ad72e98d7d341c407d271d7d64a Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Thu, 10 Feb 2022 18:35:39 +0100 Subject: prosody.cfg.lua.dist: Remove mod_http_files Serving web pages outside of specialized modules seems like a rare use case that doesn't warrant a spot in the default config file. Many users seem to have it confused with mod_http_upload, so removing it should help with that. --- prosody.cfg.lua.dist | 1 - 1 file changed, 1 deletion(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index f2a80e52..0d6c2ef4 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -76,7 +76,6 @@ modules_enabled = { -- HTTP modules --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" --"websocket"; -- XMPP over WebSockets - --"http_files"; -- Serve static files from a directory over HTTP --"http_openmetrics"; -- for exposing metrics to stats collectors -- Other specific functionality -- cgit v1.2.3 From ecf01c937d3fd7289a53bdba402e00a36a1c10c0 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 14 Feb 2022 15:58:08 +0000 Subject: prosody.cfg.lua.dist: Remove require_encryption options Reasons: - These now default to enabled when not specified since 38b5b05407be - Practically all servers require encryption these days for c2s/s2s. - Disabling encryption can be considered a special case that doesn't need to be in the default config file. --- prosody.cfg.lua.dist | 10 ---------- 1 file changed, 10 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 0d6c2ef4..54426d6f 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -105,16 +105,6 @@ modules_disabled = { -- For more information see https://prosody.im/doc/creating_accounts allow_registration = false --- Force clients to use encrypted connections? This option will --- prevent clients from authenticating unless they are using encryption. - -c2s_require_encryption = true - --- Force servers to use encrypted connections? This option will --- prevent servers from authenticating unless they are using encryption. - -s2s_require_encryption = true - -- Force certificate authentication for server-to-server connections? s2s_secure_auth = false -- cgit v1.2.3 From 601c2fb6dd9b26269d067899a6dec714da5c5557 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 14 Feb 2022 15:49:43 +0000 Subject: prosody.cfg.lua.dist: Enable csi_simple by default It was added here in 2018, and at that time probably a bit too new to be enabled by default. Times change, and most people have this enabled now. --- prosody.cfg.lua.dist | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 54426d6f..5089780f 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -56,6 +56,7 @@ modules_enabled = { "dialback"; -- s2s dialback support -- Nice to have + "csi_simple"; -- Simple Mobile optimizations "version"; -- Replies to server version requests "uptime"; -- Report how long server has been running "time"; -- Let others know the time here on this server @@ -65,7 +66,6 @@ modules_enabled = { "invites_register"; -- Create accounts using invites "invites_adhoc"; -- Create invites via AdHoc command --"mam"; -- Store messages in an archive and allow users to access it - --"csi_simple"; -- Simple Mobile optimizations --"turn_external"; -- Provide external TURN (and STUN) service -- Admin interfaces -- cgit v1.2.3 From c67bda6d514dac370315e64e582afd9a8966c028 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 14 Feb 2022 15:51:13 +0000 Subject: prosody.cfg.lua.dist: TURN configuration improvements and example --- prosody.cfg.lua.dist | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 5089780f..35aa0065 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -66,7 +66,7 @@ modules_enabled = { "invites_register"; -- Create accounts using invites "invites_adhoc"; -- Create invites via AdHoc command --"mam"; -- Store messages in an archive and allow users to access it - --"turn_external"; -- Provide external TURN (and STUN) service + --"turn_external"; -- Provide external STUN/TURN service for e.g. audio/video calls -- Admin interfaces "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands @@ -161,6 +161,17 @@ archive_expires_after = "1w" -- Remove archived messages after 1 week -- You can also configure messages to be stored in-memory only. For more -- archiving options, see https://prosody.im/doc/modules/mod_mam + +-- Audio/video call relay (STUN/TURN) +-- To ensure clients connected to the server can establish connections for +-- low-latency media streaming (such as audio and video calls), it is +-- recommended to run a STUN/TURN server for clients to use. If you do this, +-- specify the details here so clients can discover it. +-- Find more information at https://prosody.im/doc/turn + +--turn_external_host = "turn.example.com" +--turn_external_secret = "your-secret-turn-access-token" + -- Logging configuration -- For advanced logging see https://prosody.im/doc/logging log = { -- cgit v1.2.3 From 274b2a0249d921f2cb98874073f60ea360159af4 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 14 Feb 2022 15:59:03 +0000 Subject: prosody.cfg.lua.dist: Update s2s_secure_auth comment and default --- prosody.cfg.lua.dist | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 35aa0065..844c0f8a 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -105,9 +105,10 @@ modules_disabled = { -- For more information see https://prosody.im/doc/creating_accounts allow_registration = false --- Force certificate authentication for server-to-server connections? +-- Require valid certificates for server-to-server connections? +-- If false, other methods such as dialback (DNS) may be used instead. -s2s_secure_auth = false +s2s_secure_auth = true -- Some servers have invalid or self-signed certificates. You can list -- remote domains here that will not be required to authenticate using -- cgit v1.2.3 From fde42d8486b1573ce7a5a6d8837c9e758cabfb2b Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 14 Feb 2022 16:01:34 +0000 Subject: prosody.cfg.lua.dist: Comment improvements --- prosody.cfg.lua.dist | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 844c0f8a..1a268188 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -122,7 +122,8 @@ s2s_secure_auth = true --s2s_secure_domains = { "jabber.org" } --- Enable rate limits for incoming client and server connections +-- Enable rate limits for incoming client and server connections. These help +-- protect from excessive resource consumption and denial-of-service attacks. limits = { c2s = { @@ -224,7 +225,7 @@ VirtualHost "localhost" ---Set up an external component (default component port is 5347) -- -- External components allow adding various services, such as gateways/ --- transports to other networks like ICQ, MSN and Yahoo. For more info +-- bridges to non-XMPP networks and services. For more info -- see: https://prosody.im/doc/components#adding_an_external_component -- --Component "gateway.example.com" -- cgit v1.2.3 From 25cb355e101c2b76e0fa190b2fca3c8c991a7a4a Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 14 Feb 2022 16:27:58 +0000 Subject: prosody.cfg.lua.dist: Improve section-like layout via headers and spacing --- prosody.cfg.lua.dist | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 1a268188..d4956434 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -105,6 +105,7 @@ modules_disabled = { -- For more information see https://prosody.im/doc/creating_accounts allow_registration = false +-- Server-to-server authentication -- Require valid certificates for server-to-server connections? -- If false, other methods such as dialback (DNS) may be used instead. @@ -122,6 +123,8 @@ s2s_secure_auth = true --s2s_secure_domains = { "jabber.org" } + +-- Rate limits -- Enable rate limits for incoming client and server connections. These help -- protect from excessive resource consumption and denial-of-service attacks. @@ -134,11 +137,14 @@ limits = { }; } +-- Authentication -- Select the authentication backend to use. The 'internal' providers -- use Prosody's configured data storage to store the authentication data. authentication = "internal_hashed" + +-- Storage -- Select the storage backend to use. By default Prosody uses flat files -- in its configured data directory, but it also supports more backends -- through modules. An "sql" backend is included by default, but requires @@ -174,6 +180,7 @@ archive_expires_after = "1w" -- Remove archived messages after 1 week --turn_external_host = "turn.example.com" --turn_external_secret = "your-secret-turn-access-token" + -- Logging configuration -- For advanced logging see https://prosody.im/doc/logging log = { @@ -183,10 +190,12 @@ log = { -- "*console"; -- Log to the console, useful for debugging when running in the foreground } + -- Uncomment to enable statistics -- For more info see https://prosody.im/doc/statistics -- statistics = "internal" + -- Certificates -- Every virtual host and component needs a certificate so that clients and -- servers can securely verify its identity. Prosody will automatically load -- cgit v1.2.3 From 94140346fffb660695ff1eaf472c61eb92ef29f2 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 14 Feb 2022 16:29:38 +0000 Subject: prosody.cfg.lua.dist: Comment improvements: authentication --- prosody.cfg.lua.dist | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index d4956434..d7b47fc7 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -140,9 +140,14 @@ limits = { -- Authentication -- Select the authentication backend to use. The 'internal' providers -- use Prosody's configured data storage to store the authentication data. +-- For more information see https://prosody.im/doc/authentication authentication = "internal_hashed" +-- Many authentication providers, including the default one, allow you to +-- create user accounts via Prosody's admin interfaces. For details, see the +-- documentation at https://prosody.im/doc/creating_accounts + -- Storage -- Select the storage backend to use. By default Prosody uses flat files -- cgit v1.2.3 From c3f82ad2e9868b49cbc429f44559c652200fa088 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Mon, 14 Feb 2022 16:30:01 +0000 Subject: prosody.cfg.lua.dist: Comment improvements: s2s authentication --- prosody.cfg.lua.dist | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index d7b47fc7..78f65e42 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -113,8 +113,8 @@ s2s_secure_auth = true -- Some servers have invalid or self-signed certificates. You can list -- remote domains here that will not be required to authenticate using --- certificates. They will be authenticated using DNS instead, even --- when s2s_secure_auth is enabled. +-- certificates. They will be authenticated using other methods instead, +-- even when s2s_secure_auth is enabled. --s2s_insecure_domains = { "insecure.example" } -- cgit v1.2.3 From db4d41bd5aeb2bdd5b32d4f0e50775cc2b5404de Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Fri, 11 Feb 2022 00:16:36 +0100 Subject: prosody.cfg.lua.dist: Remove allow_registration in favor of invites This settings should now only be used by public servers, which have their own documentation --- prosody.cfg.lua.dist | 3 --- 1 file changed, 3 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 78f65e42..ab4072cc 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -101,9 +101,6 @@ modules_disabled = { -- "posix"; -- POSIX functionality, sends server to background, etc. } --- Disable account creation by default, for security --- For more information see https://prosody.im/doc/creating_accounts -allow_registration = false -- Server-to-server authentication -- Require valid certificates for server-to-server connections? -- cgit v1.2.3 From 09f6d8f21d321dc352553924da3ae63ea99482c0 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 13 Feb 2022 21:52:43 +0100 Subject: prosody.cfg.lua.dist: Remove example certificate, this should just work --- prosody.cfg.lua.dist | 1 - 1 file changed, 1 deletion(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index ab4072cc..8f5f43cc 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -218,7 +218,6 @@ VirtualHost "localhost" --VirtualHost "example.com" --- certificate = "/path/to/example.crt" ------ Components ------ -- You can specify components to add hosts that provide special services, -- cgit v1.2.3 From 1990010e21321f2df3720aeae5aac56480fd13e8 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 2 Mar 2022 14:22:02 +0000 Subject: prosody.cfg.lua.dist: Remove network_backend option The only sensible option for most people these days is "epoll". The option is still supported, but it should only be needed by packagers for specific platforms (e.g. BSD may choose libevent for kqueue) or other special cases. --- prosody.cfg.lua.dist | 4 ---- 1 file changed, 4 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 8f5f43cc..cb4718a3 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -23,10 +23,6 @@ -- Example: admins = { "user1@example.com", "user2@example.net" } admins = { } --- Prosody includes several alternative modules for keeping track of network connections. --- For more information see: https://prosody.im/doc/network_backend ---network_backend = "epoll" - -- Prosody will always look in its source directory for modules, but -- this option allows you to specify additional locations where Prosody -- will look for modules first. For community modules, see https://modules.prosody.im/ -- cgit v1.2.3 From eda989030aee68514bac22b6ccefa5801a847246 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 2 Mar 2022 14:27:05 +0000 Subject: prosody.cfg.lua.dist: Reword plugin_paths to de-emphasize Prosody's source dir The previous wording may contribute to people trying to install custom modules to Prosody's source directory instead of adding to plugin_paths. --- prosody.cfg.lua.dist | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index cb4718a3..8a6bac59 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -23,9 +23,8 @@ -- Example: admins = { "user1@example.com", "user2@example.net" } admins = { } --- Prosody will always look in its source directory for modules, but --- this option allows you to specify additional locations where Prosody --- will look for modules first. For community modules, see https://modules.prosody.im/ +-- You can use this option allows you to specify additional locations where Prosody +-- will first look for modules. For community modules, see https://modules.prosody.im/ --plugin_paths = {} -- This is the list of modules Prosody will load on startup. -- cgit v1.2.3 From 4102ef8e05fe21ac650f86ba11c1eca8081f827d Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 2 Mar 2022 14:27:28 +0000 Subject: prosody.cfg.lua.dist: Remove mod_admin_telnet mod_admin_shell should preferably be used instead --- prosody.cfg.lua.dist | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 8a6bac59..128ba836 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -65,8 +65,7 @@ modules_enabled = { -- Admin interfaces "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands - --"admin_telnet"; -- Opens telnet console interface on localhost port 5582 - "admin_shell"; -- Allow secure administration via an UNIX socket + "admin_shell"; -- Allow secure administration via 'prosodyctl shell' -- HTTP modules --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" -- cgit v1.2.3 From 55dd856a507a69b68b04ec2ec961fd9c55ac6ecc Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 2 Mar 2022 14:32:02 +0000 Subject: prosody.cfg.lua.dist: Improve mod_mam description to indicate its purpose --- prosody.cfg.lua.dist | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 128ba836..13912349 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -60,7 +60,7 @@ modules_enabled = { "invites"; -- Create and manage invites "invites_register"; -- Create accounts using invites "invites_adhoc"; -- Create invites via AdHoc command - --"mam"; -- Store messages in an archive and allow users to access it + --"mam"; -- Store recent messages to allow multi-device synchronization --"turn_external"; -- Provide external STUN/TURN service for e.g. audio/video calls -- Admin interfaces -- cgit v1.2.3 From 855f8db6adc3e86cd54991f194356d5e9bb9f391 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 2 Mar 2022 14:32:32 +0000 Subject: prosody.cfg.lua.dist: Alphabetical ordering of modules within each section --- prosody.cfg.lua.dist | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index 13912349..e617c3a0 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -33,33 +33,33 @@ admins = { } modules_enabled = { -- Generally required + "disco"; -- Service discovery "roster"; -- Allow users to have a roster. Recommended ;) "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. "tls"; -- Add support for secure TLS on c2s/s2s connections - "disco"; -- Service discovery -- Not essential, but recommended + "blocklist"; -- Allow users to block communications with other users + "bookmarks"; -- Synchronise open rooms between clients "carbons"; -- Keep multiple clients in sync + "dialback"; -- s2s dialback support + "limits"; -- Enable bandwidth limiting for XMPP connections "pep"; -- Enables users to publish their avatar, mood, activity, playing music and more "private"; -- Private XML storage (for room bookmarks, etc.) - "blocklist"; -- Allow users to block communications with other users + "smacks"; -- Stream management and resumption (XEP-0198) "vcard4"; -- User profiles (stored in PEP) "vcard_legacy"; -- Conversion between legacy vCard and PEP Avatar, vcard - "limits"; -- Enable bandwidth limiting for XMPP connections - "bookmarks"; -- Synchronise open rooms between clients - "smacks"; -- Stream management and resumption (XEP-0198) - "dialback"; -- s2s dialback support -- Nice to have "csi_simple"; -- Simple Mobile optimizations - "version"; -- Replies to server version requests - "uptime"; -- Report how long server has been running - "time"; -- Let others know the time here on this server - "ping"; -- Replies to XMPP pings with pongs - "register"; -- Allow users to register on this server using a client and change passwords "invites"; -- Create and manage invites "invites_register"; -- Create accounts using invites "invites_adhoc"; -- Create invites via AdHoc command + "ping"; -- Replies to XMPP pings with pongs + "register"; -- Allow users to register on this server using a client and change passwords + "time"; -- Let others know the time here on this server + "uptime"; -- Report how long server has been running + "version"; -- Replies to server version requests --"mam"; -- Store recent messages to allow multi-device synchronization --"turn_external"; -- Provide external STUN/TURN service for e.g. audio/video calls @@ -69,21 +69,21 @@ modules_enabled = { -- HTTP modules --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" - --"websocket"; -- XMPP over WebSockets --"http_openmetrics"; -- for exposing metrics to stats collectors + --"websocket"; -- XMPP over WebSockets -- Other specific functionality - --"groups"; -- Shared roster support - --"server_contact_info"; -- Publish contact information for this service --"announce"; -- Send announcement to all online users - --"welcome"; -- Welcome users who register accounts - --"watchregistrations"; -- Alert admins of registrations - --"motd"; -- Send a message to users when they log in + --"groups"; -- Shared roster support --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots. - --"proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use --"mimicking"; -- Prevent address spoofing - --"tombstones"; -- Prevent registration of deleted accounts + --"motd"; -- Send a message to users when they log in + --"proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use --"s2s_bidi"; -- Bi-directional server-to-server (XEP-0288) + --"server_contact_info"; -- Publish contact information for this service + --"tombstones"; -- Prevent registration of deleted accounts + --"watchregistrations"; -- Alert admins of registrations + --"welcome"; -- Welcome users who register accounts } -- These modules are auto-loaded, but should you want -- cgit v1.2.3 From ebf9f9d157c048291687984912014d398482f1c5 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 2 Mar 2022 15:20:21 +0000 Subject: prosody.cfg.lua.dist: Improved descriptions for a number of modules --- prosody.cfg.lua.dist | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index e617c3a0..c56062dd 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -40,21 +40,21 @@ modules_enabled = { -- Not essential, but recommended "blocklist"; -- Allow users to block communications with other users - "bookmarks"; -- Synchronise open rooms between clients - "carbons"; -- Keep multiple clients in sync - "dialback"; -- s2s dialback support + "bookmarks"; -- Synchronise the list of open rooms between clients + "carbons"; -- Keep multiple online clients in sync + "dialback"; -- Support for verifying remote servers using DNS "limits"; -- Enable bandwidth limiting for XMPP connections - "pep"; -- Enables users to publish their avatar, mood, activity, playing music and more - "private"; -- Private XML storage (for room bookmarks, etc.) + "pep"; -- Allow users to store public and private data in their account + "private"; -- Legacy account storage mechanism (XEP-0049) "smacks"; -- Stream management and resumption (XEP-0198) "vcard4"; -- User profiles (stored in PEP) "vcard_legacy"; -- Conversion between legacy vCard and PEP Avatar, vcard -- Nice to have - "csi_simple"; -- Simple Mobile optimizations + "csi_simple"; -- Simple but effective traffic optimizations for mobile devices "invites"; -- Create and manage invites - "invites_register"; -- Create accounts using invites - "invites_adhoc"; -- Create invites via AdHoc command + "invites_adhoc"; -- Allow admins/users to create invitations via their client + "invites_register"; -- Allows invited users to create accounts "ping"; -- Replies to XMPP pings with pongs "register"; -- Allow users to register on this server using a client and change passwords "time"; -- Let others know the time here on this server -- cgit v1.2.3 From a4d57c4fc733a85518a821f799f3ee821962899b Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 2 Mar 2022 16:53:52 +0000 Subject: prosody.cfg.lua.dist: Add comments explaining the individual TURN options --- prosody.cfg.lua.dist | 3 +++ 1 file changed, 3 insertions(+) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index c56062dd..dd80ffa1 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -173,7 +173,10 @@ archive_expires_after = "1w" -- Remove archived messages after 1 week -- specify the details here so clients can discover it. -- Find more information at https://prosody.im/doc/turn +-- Specify the address of the TURN service (you may use the same domain as XMPP) --turn_external_host = "turn.example.com" + +-- This secret must be set to the same value in both Prosody and the TURN server --turn_external_secret = "your-secret-turn-access-token" -- cgit v1.2.3 From ab4b25e28f22ffd3dd2810a3e25efcda57c474f4 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Thu, 3 Mar 2022 10:23:10 +0000 Subject: prosody.cfg.lua.dist: Fix plugin_paths description (thanks Zash) --- prosody.cfg.lua.dist | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index dd80ffa1..bdbf1a3f 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -23,8 +23,9 @@ -- Example: admins = { "user1@example.com", "user2@example.net" } admins = { } --- You can use this option allows you to specify additional locations where Prosody --- will first look for modules. For community modules, see https://modules.prosody.im/ +-- This option allows you to specify additional locations where Prosody +-- will search first for modules. For additional modules you can install, see +-- the community module repository at https://modules.prosody.im/ --plugin_paths = {} -- This is the list of modules Prosody will load on startup. -- cgit v1.2.3 From 0b44cfec12cfaae679fb68cc75835698a0bd2709 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Thu, 3 Mar 2022 10:24:59 +0000 Subject: prosody.cfg.lua.dist: Remove comment about mod_*.lua above modules_enabled This is a very old statement, but people generally don't need to check for the files, and shouldn't be encouraged to put them in Prosody's source dir. The installer will be the way forward for most people, and hg for the rest. Manually moving files into the right place is not something most users should be doing. --- prosody.cfg.lua.dist | 1 - 1 file changed, 1 deletion(-) (limited to 'prosody.cfg.lua.dist') diff --git a/prosody.cfg.lua.dist b/prosody.cfg.lua.dist index bdbf1a3f..267a650c 100644 --- a/prosody.cfg.lua.dist +++ b/prosody.cfg.lua.dist @@ -29,7 +29,6 @@ admins = { } --plugin_paths = {} -- This is the list of modules Prosody will load on startup. --- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too. -- Documentation for bundled modules can be found at: https://prosody.im/doc/modules modules_enabled = { -- cgit v1.2.3