/
prosody.cfg.lua.jinja
executable file
·90 lines (76 loc) · 4.47 KB
/
prosody.cfg.lua.jinja
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
{% set pgpassword = 'postgres:users:' + salt['pillar.get']('buddycloud:lookup:env') + '_prosody:password' %}
modules_enabled = {
"saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
"tls"; -- Add support for secure TLS on c2s/s2s connections
"dialback"; -- s2s dialback support
"disco"; -- Service discovery
"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
"ping"; -- Replies to XMPP pings with pongs
"register"; -- Allow users to register on this server using a client and change passwords
"admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
"watchregistrations"; -- Alert admins of registrations
"roster"; -- Stalk your friends' online state
"admin_telnet"; -- telnet to port 5582 (control, stats-monitoring)
}
modules_disabled = {
"time"; -- Let others know the time here on this server
"uptime"; -- Report how long server has been running
"version"; -- Replies to server version requests
}
c2s_require_encryption = false
{% if salt['pillar.get']('buddycloud:lookup:use_tls', False) -%}s2s_require_encryption = true{% endif -%};
s2s_secure_auth = false
admins = { "you@{{ salt['pillar.get']('buddycloud:lookup:domain') }}", "pusher.{{ salt['pillar.get']('buddycloud:lookup:domain') }}" }
daemonize = true
use_libevent = false
pidfile = "/var/run/prosody/prosody.pid"
allow_registration = false
storage = "sql2"
sql = {
driver = "PostgreSQL";
host = "{{ salt['pillar.get']('buddycloud:lookup:database-server') }}";
database = "{{ salt['pillar.get']('buddycloud:lookup:env') }}_prosody";
username = "{{ salt['pillar.get']('buddycloud:lookup:env') }}_prosody";
password = "{{ salt['pillar.get'](pgpassword) }}";
}
log = {
-- { levels = { min = "debug" }, to = "file", filename = "/var/log/buddycloud/prosody.debug.log" };
{ levels = { min = "error" }, to = "file", filename = "/var/log/buddycloud/prosody.error.log" };
{ levels = { min = "info" }, to = "file", filename = "/var/log/buddycloud/prosody.info.log" };
}
{% if salt['pillar.get']('buddycloud:lookup:use_tls', False) -%}
ssl = {
key = "/etc/certificates/{{ salt['pillar.get']('buddycloud:lookup:domain') }}.complete.pem";
certificate = "/etc/certificates/{{ salt['pillar.get']('buddycloud:lookup:domain') }}.complete.pem";
options = {"no_sslv2",
"no_sslv3",
"no_tlsv1",
"no_compression",
"cipher_server_preference",
"single_dh_use",
"single_ecdh_use",
"no_ticket"};
}
{% endif -%}
VirtualHost "{{ salt['pillar.get']('buddycloud:lookup:domain') }}"
authentication = "internal_hashed"
allow_unencrypted_plain_auth = true
allow_registration = true
anonymous = false
VirtualHost "anon.{{ salt['pillar.get']('buddycloud:lookup:domain') }}"
authentication = "anonymous"
anonymous = true
Component "channels.{{ salt['pillar.get']('buddycloud:lookup:domain') }}"
component_secret = "{{ salt['pillar.get']('buddycloud:lookup:xmpp-component-secret') }}"
Component "topics.{{ salt['pillar.get']('buddycloud:lookup:domain') }}"
component_secret = "{{ salt['pillar.get']('buddycloud:lookup:xmpp-component-secret') }}"
Component "media.{{ salt['pillar.get']('buddycloud:lookup:domain') }}"
component_secret = "{{ salt['pillar.get']('buddycloud:lookup:xmpp-component-secret') }}"
Component "search.{{ salt['pillar.get']('buddycloud:lookup:domain') }}"
component_secret = "{{ salt['pillar.get']('buddycloud:lookup:xmpp-component-secret') }}"
Component "directory.{{ salt['pillar.get']('buddycloud:lookup:domain') }}"
component_secret = "{{ salt['pillar.get']('buddycloud:lookup:xmpp-component-secret') }}"
Component "pusher.{{ salt['pillar.get']('buddycloud:lookup:domain') }}"
component_secret = "{{ salt['pillar.get']('buddycloud:lookup:xmpp-component-secret') }}"
Component "friend-finder.{{ salt['pillar.get']('buddycloud:lookup:domain') }}"
component_secret = "{{ salt['pillar.get']('buddycloud:lookup:xmpp-component-secret') }}"