switched vagrant to debian11; fixed http related variables; fixed http-file-share
This commit is contained in:
parent
034ebc4ebb
commit
bae19cf270
|
@ -8,7 +8,7 @@
|
|||
Vagrant.configure("2") do |config|
|
||||
#config.ssh.insert_key = false
|
||||
config.vm.define "prosody" do |prosody|
|
||||
prosody.vm.box = "generic/debian10"
|
||||
prosody.vm.box = "generic/debian11"
|
||||
prosody.vm.provider :libvirt do |libvirt|
|
||||
libvirt.memory = 256
|
||||
end
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
## BOSH
|
||||
prosody_bosh_enabled: 'true' # used in configure.yml
|
||||
prosody_http_ports: '5281, 5280 '
|
||||
prosody_bosh_max_inactivity: '60'
|
||||
prosody_bosh_secure: 'true'
|
||||
prosody_ssl_key: '/path/to/key'
|
||||
|
|
|
@ -2,10 +2,25 @@
|
|||
prosody_http_file_share_enabled: 'true'
|
||||
|
||||
prosody_http_file_share_component: 'upload.example.org'
|
||||
prosody_http_file_share_size_limit: "10*1024*1024"
|
||||
prosody_http_file_share_daily_quota: "100*1024*1024 -- 100 MiB per day per user"
|
||||
prosody_http_file_share_global_quota: "1024*1024*1024 -- 1 GiB total"
|
||||
prosody_http_file_share_expires_after: "7 * 86400 -- 1 week"
|
||||
prosody_http_file_share_allowed_file_types: "{} -- Access control"
|
||||
prosody_http_file_share_safe_file_types: '{"image/*","video/*","audio/*","text/plain"} -- Safe to show in-line in e.g. browsers'
|
||||
prosody_http_file_share_access: "{} -- Access control"
|
||||
prosody_http_file_share_options:
|
||||
- name: 'http_file_share_size_limit'
|
||||
value: '10*1024*1024'
|
||||
description: '10MB file upload limit'
|
||||
- name: 'http_file_share_daily_quota'
|
||||
value: '100*1024*1024'
|
||||
description: '100 MiB per day per user'
|
||||
- name: 'http_file_share_global_quota'
|
||||
value: '1024*1024*1024'
|
||||
description: '1 GiB total'
|
||||
- name: 'http_file_share_expires_after'
|
||||
value: '7 * 86400'
|
||||
description: '1 week'
|
||||
- name: 'http_file_share_allowed_file_types'
|
||||
value: '{}'
|
||||
description: 'Access control'
|
||||
- name: 'http_file_share_safe_file_types'
|
||||
value: '{"image/*","video/*","audio/*","text/plain"}'
|
||||
description: 'Safe to show in-line in e.g. browsers'
|
||||
- name: 'http_file_share_access'
|
||||
value: '{}'
|
||||
description: 'Access control'
|
||||
|
|
|
@ -41,6 +41,15 @@ prosody_storage: 'internal'
|
|||
prosody_network_backend: "epoll"
|
||||
prosody_http_host: "example.org"
|
||||
prosody_http_external_url: "https://example.org"
|
||||
prosody_http_interfaces: '*'
|
||||
prosody_http_ports: '5281, 5280 '
|
||||
prosody_http_paths:
|
||||
- name: 'files'
|
||||
path: '/files/'
|
||||
- name: 'bosh'
|
||||
path: '/http-bind'
|
||||
- name: 'file_share'
|
||||
path: '/upload'
|
||||
prosody_archive_expires_after: '1w'
|
||||
|
||||
#If using sql storage
|
||||
|
|
|
@ -110,6 +110,10 @@ prosody_modules:
|
|||
- name: 'admin_adhoc'
|
||||
description: 'Allows administration via an XMPP client that supports ad-hoc commands'
|
||||
module_enabled: 'true'
|
||||
|
||||
- name: 'admin_shell'
|
||||
description: 'Allows administration via command shell'
|
||||
module_enabled: 'true'
|
||||
|
||||
- name: 'bosh'
|
||||
description: 'Enable BOSH clients'
|
||||
|
@ -238,7 +242,7 @@ prosody_modules:
|
|||
description: 'Can efficiently block, bounce, drop, forward, copy, redirect stanzas and more.'
|
||||
module_enabled: '{{ firewall_module_enabled }}'
|
||||
extra_options:
|
||||
- 'firewall_scripts = { "{{ prosody_community_modules_path }}/mod_firewall/scripts/spam-blocking.pfw", "{{ prosody_custom_script_path }}/servers_blocklist.pfw", "{{ prosody_custom_script_path }}/users_blocklist.pfw", "{{ prosody_custom_script_path }}/invite_from_muc.pfw" }'
|
||||
- 'firewall_scripts = { "{{ prosody_community_modules_path }}/mod_firewall/scripts/spam-blocking.pfw", "{{ prosody_installer_plugin_path }}/servers_blocklist.pfw", "{{ prosody_installer_plugin_path }}/users_blocklist.pfw", "{{ prosody_installer_plugin_path }}/invite_from_muc.pfw" }'
|
||||
# spam-blocking.pfw is the default Prosody one, needed by the two following
|
||||
|
||||
- name: 'http_altconnect'
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- name: '[Firewall] - Make sure that script directory exists'
|
||||
file:
|
||||
path: "{{ prosody_custom_script_path }}"
|
||||
path: "{{ prosody_installer_plugin_path }}"
|
||||
state: directory
|
||||
owner: root
|
||||
group: prosody
|
||||
|
@ -11,7 +11,7 @@
|
|||
- name: '[Firewall] - Deploy Firewall scripts'
|
||||
template:
|
||||
src: "etc/prosody/custom_scripts/{{ item }}.j2"
|
||||
dest: "{{ prosody_custom_script_path }}/{{ item }}"
|
||||
dest: "{{ prosody_installer_plugin_path }}/{{ item }}"
|
||||
owner: root
|
||||
group: prosody
|
||||
mode: 0644
|
||||
|
@ -24,7 +24,7 @@
|
|||
- name: '[Firewall] - Deploy Firewall lists'
|
||||
template:
|
||||
src: "etc/prosody/custom_scripts/{{ item }}.j2"
|
||||
dest: "{{ prosody_custom_script_path }}/{{ item }}"
|
||||
dest: "{{ prosody_installer_plugin_path }}/{{ item }}"
|
||||
owner: root
|
||||
group: prosody
|
||||
mode: 0644
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
-- {{ ansible_managed }}
|
||||
|
||||
--BOSH setting
|
||||
http_ports = { {{ prosody_http_ports }} }
|
||||
bosh_max_inactivity = {{ prosody_bosh_max_inactivity }}
|
||||
consider_bosh_secure = {{ prosody_bosh_secure }} -- Use if proxying HTTPS->HTTP on the server side
|
||||
|
||||
|
|
|
@ -3,10 +3,6 @@
|
|||
-- Component config for http_file_share
|
||||
Component "{{ prosody_http_file_share_component }}" "http_file_share"
|
||||
|
||||
http_file_share_size_limit = {{ prosody_http_file_share_size_limit }}
|
||||
http_file_share_daily_quota = {{ prosody_http_file_share_daily_quota }}
|
||||
http_file_share_global_quota = {{ prosody_http_file_share_global_quota }}
|
||||
http_file_share_expires_after = {{ prosody_http_file_share_expires_after }}
|
||||
http_file_share_allowed_file_types = {{ prosody_http_file_share_allowed_file_types }}
|
||||
http_file_share_safe_file_types = {{ prosody_http_file_share_safe_file_types }}
|
||||
http_file_share_access = {{ prosody_http_file_share_access }}
|
||||
{% for item in prosody_http_file_share_options %}
|
||||
{{ item.name }} = {{ item.value }} -- {{ item.description }}
|
||||
{% endfor %}
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
# rules will be checked against the blocklist.txt file
|
||||
# Check mod_firewall/scripts/spam-blocking.pfw
|
||||
|
||||
%LIST blocklist: file:{{ prosody_custom_script_path }}/servers_blocklist.txt
|
||||
%LIST blocklist: file:{{ prosody_installer_plugin_path }}/servers_blocklist.txt
|
||||
|
||||
::user/spam_handle_unknown_custom
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
# rules will be checked against the blocklist.txt file
|
||||
# Check mod_firewall/scripts/spam-blocking.pfw
|
||||
|
||||
%LIST blocklist: file:{{ prosody_custom_script_path }}/users_blocklist.txt
|
||||
%LIST blocklist: file:{{ prosody_installer_plugin_path }}/users_blocklist.txt
|
||||
|
||||
::user/spam_handle_unknown_custom
|
||||
|
||||
|
|
|
@ -35,6 +35,13 @@ contact_info = { {{ prosody_contact_info }} }
|
|||
|
||||
http_host = "{{ prosody_http_host }}"
|
||||
http_external_url = "{{ prosody_http_external_url }}"
|
||||
http_ports = "{{ prosody_http_ports }}"
|
||||
http_interfaces = { "{{ prosody_http_interfaces }}" }
|
||||
http_paths = {
|
||||
{% for item in prosody_http_paths %}
|
||||
{{ item.name }} = "{{ item.path }}";
|
||||
{% endfor %}
|
||||
}
|
||||
|
||||
-- See https://prosody.im/doc/configure
|
||||
c2s_direct_tls_ports = { {{ prosody_c2s_direct_tls_ports }} }
|
||||
|
|
Loading…
Reference in New Issue