switched vagrant to debian11; fixed http related variables; fixed http-file-share
This commit is contained in:
parent
034ebc4ebb
commit
bae19cf270
|
@ -8,7 +8,7 @@
|
||||||
Vagrant.configure("2") do |config|
|
Vagrant.configure("2") do |config|
|
||||||
#config.ssh.insert_key = false
|
#config.ssh.insert_key = false
|
||||||
config.vm.define "prosody" do |prosody|
|
config.vm.define "prosody" do |prosody|
|
||||||
prosody.vm.box = "generic/debian10"
|
prosody.vm.box = "generic/debian11"
|
||||||
prosody.vm.provider :libvirt do |libvirt|
|
prosody.vm.provider :libvirt do |libvirt|
|
||||||
libvirt.memory = 256
|
libvirt.memory = 256
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
## BOSH
|
## BOSH
|
||||||
prosody_bosh_enabled: 'true' # used in configure.yml
|
prosody_bosh_enabled: 'true' # used in configure.yml
|
||||||
prosody_http_ports: '5281, 5280 '
|
|
||||||
prosody_bosh_max_inactivity: '60'
|
prosody_bosh_max_inactivity: '60'
|
||||||
prosody_bosh_secure: 'true'
|
prosody_bosh_secure: 'true'
|
||||||
prosody_ssl_key: '/path/to/key'
|
prosody_ssl_key: '/path/to/key'
|
||||||
|
|
|
@ -2,10 +2,25 @@
|
||||||
prosody_http_file_share_enabled: 'true'
|
prosody_http_file_share_enabled: 'true'
|
||||||
|
|
||||||
prosody_http_file_share_component: 'upload.example.org'
|
prosody_http_file_share_component: 'upload.example.org'
|
||||||
prosody_http_file_share_size_limit: "10*1024*1024"
|
prosody_http_file_share_options:
|
||||||
prosody_http_file_share_daily_quota: "100*1024*1024 -- 100 MiB per day per user"
|
- name: 'http_file_share_size_limit'
|
||||||
prosody_http_file_share_global_quota: "1024*1024*1024 -- 1 GiB total"
|
value: '10*1024*1024'
|
||||||
prosody_http_file_share_expires_after: "7 * 86400 -- 1 week"
|
description: '10MB file upload limit'
|
||||||
prosody_http_file_share_allowed_file_types: "{} -- Access control"
|
- name: 'http_file_share_daily_quota'
|
||||||
prosody_http_file_share_safe_file_types: '{"image/*","video/*","audio/*","text/plain"} -- Safe to show in-line in e.g. browsers'
|
value: '100*1024*1024'
|
||||||
prosody_http_file_share_access: "{} -- Access control"
|
description: '100 MiB per day per user'
|
||||||
|
- name: 'http_file_share_global_quota'
|
||||||
|
value: '1024*1024*1024'
|
||||||
|
description: '1 GiB total'
|
||||||
|
- name: 'http_file_share_expires_after'
|
||||||
|
value: '7 * 86400'
|
||||||
|
description: '1 week'
|
||||||
|
- name: 'http_file_share_allowed_file_types'
|
||||||
|
value: '{}'
|
||||||
|
description: 'Access control'
|
||||||
|
- name: 'http_file_share_safe_file_types'
|
||||||
|
value: '{"image/*","video/*","audio/*","text/plain"}'
|
||||||
|
description: 'Safe to show in-line in e.g. browsers'
|
||||||
|
- name: 'http_file_share_access'
|
||||||
|
value: '{}'
|
||||||
|
description: 'Access control'
|
||||||
|
|
|
@ -41,6 +41,15 @@ prosody_storage: 'internal'
|
||||||
prosody_network_backend: "epoll"
|
prosody_network_backend: "epoll"
|
||||||
prosody_http_host: "example.org"
|
prosody_http_host: "example.org"
|
||||||
prosody_http_external_url: "https://example.org"
|
prosody_http_external_url: "https://example.org"
|
||||||
|
prosody_http_interfaces: '*'
|
||||||
|
prosody_http_ports: '5281, 5280 '
|
||||||
|
prosody_http_paths:
|
||||||
|
- name: 'files'
|
||||||
|
path: '/files/'
|
||||||
|
- name: 'bosh'
|
||||||
|
path: '/http-bind'
|
||||||
|
- name: 'file_share'
|
||||||
|
path: '/upload'
|
||||||
prosody_archive_expires_after: '1w'
|
prosody_archive_expires_after: '1w'
|
||||||
|
|
||||||
#If using sql storage
|
#If using sql storage
|
||||||
|
|
|
@ -110,6 +110,10 @@ prosody_modules:
|
||||||
- name: 'admin_adhoc'
|
- name: 'admin_adhoc'
|
||||||
description: 'Allows administration via an XMPP client that supports ad-hoc commands'
|
description: 'Allows administration via an XMPP client that supports ad-hoc commands'
|
||||||
module_enabled: 'true'
|
module_enabled: 'true'
|
||||||
|
|
||||||
|
- name: 'admin_shell'
|
||||||
|
description: 'Allows administration via command shell'
|
||||||
|
module_enabled: 'true'
|
||||||
|
|
||||||
- name: 'bosh'
|
- name: 'bosh'
|
||||||
description: 'Enable BOSH clients'
|
description: 'Enable BOSH clients'
|
||||||
|
@ -238,7 +242,7 @@ prosody_modules:
|
||||||
description: 'Can efficiently block, bounce, drop, forward, copy, redirect stanzas and more.'
|
description: 'Can efficiently block, bounce, drop, forward, copy, redirect stanzas and more.'
|
||||||
module_enabled: '{{ firewall_module_enabled }}'
|
module_enabled: '{{ firewall_module_enabled }}'
|
||||||
extra_options:
|
extra_options:
|
||||||
- 'firewall_scripts = { "{{ prosody_community_modules_path }}/mod_firewall/scripts/spam-blocking.pfw", "{{ prosody_custom_script_path }}/servers_blocklist.pfw", "{{ prosody_custom_script_path }}/users_blocklist.pfw", "{{ prosody_custom_script_path }}/invite_from_muc.pfw" }'
|
- 'firewall_scripts = { "{{ prosody_community_modules_path }}/mod_firewall/scripts/spam-blocking.pfw", "{{ prosody_installer_plugin_path }}/servers_blocklist.pfw", "{{ prosody_installer_plugin_path }}/users_blocklist.pfw", "{{ prosody_installer_plugin_path }}/invite_from_muc.pfw" }'
|
||||||
# spam-blocking.pfw is the default Prosody one, needed by the two following
|
# spam-blocking.pfw is the default Prosody one, needed by the two following
|
||||||
|
|
||||||
- name: 'http_altconnect'
|
- name: 'http_altconnect'
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
- name: '[Firewall] - Make sure that script directory exists'
|
- name: '[Firewall] - Make sure that script directory exists'
|
||||||
file:
|
file:
|
||||||
path: "{{ prosody_custom_script_path }}"
|
path: "{{ prosody_installer_plugin_path }}"
|
||||||
state: directory
|
state: directory
|
||||||
owner: root
|
owner: root
|
||||||
group: prosody
|
group: prosody
|
||||||
|
@ -11,7 +11,7 @@
|
||||||
- name: '[Firewall] - Deploy Firewall scripts'
|
- name: '[Firewall] - Deploy Firewall scripts'
|
||||||
template:
|
template:
|
||||||
src: "etc/prosody/custom_scripts/{{ item }}.j2"
|
src: "etc/prosody/custom_scripts/{{ item }}.j2"
|
||||||
dest: "{{ prosody_custom_script_path }}/{{ item }}"
|
dest: "{{ prosody_installer_plugin_path }}/{{ item }}"
|
||||||
owner: root
|
owner: root
|
||||||
group: prosody
|
group: prosody
|
||||||
mode: 0644
|
mode: 0644
|
||||||
|
@ -24,7 +24,7 @@
|
||||||
- name: '[Firewall] - Deploy Firewall lists'
|
- name: '[Firewall] - Deploy Firewall lists'
|
||||||
template:
|
template:
|
||||||
src: "etc/prosody/custom_scripts/{{ item }}.j2"
|
src: "etc/prosody/custom_scripts/{{ item }}.j2"
|
||||||
dest: "{{ prosody_custom_script_path }}/{{ item }}"
|
dest: "{{ prosody_installer_plugin_path }}/{{ item }}"
|
||||||
owner: root
|
owner: root
|
||||||
group: prosody
|
group: prosody
|
||||||
mode: 0644
|
mode: 0644
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
-- {{ ansible_managed }}
|
-- {{ ansible_managed }}
|
||||||
|
|
||||||
--BOSH setting
|
--BOSH setting
|
||||||
http_ports = { {{ prosody_http_ports }} }
|
|
||||||
bosh_max_inactivity = {{ prosody_bosh_max_inactivity }}
|
bosh_max_inactivity = {{ prosody_bosh_max_inactivity }}
|
||||||
consider_bosh_secure = {{ prosody_bosh_secure }} -- Use if proxying HTTPS->HTTP on the server side
|
consider_bosh_secure = {{ prosody_bosh_secure }} -- Use if proxying HTTPS->HTTP on the server side
|
||||||
|
|
||||||
|
|
|
@ -3,10 +3,6 @@
|
||||||
-- Component config for http_file_share
|
-- Component config for http_file_share
|
||||||
Component "{{ prosody_http_file_share_component }}" "http_file_share"
|
Component "{{ prosody_http_file_share_component }}" "http_file_share"
|
||||||
|
|
||||||
http_file_share_size_limit = {{ prosody_http_file_share_size_limit }}
|
{% for item in prosody_http_file_share_options %}
|
||||||
http_file_share_daily_quota = {{ prosody_http_file_share_daily_quota }}
|
{{ item.name }} = {{ item.value }} -- {{ item.description }}
|
||||||
http_file_share_global_quota = {{ prosody_http_file_share_global_quota }}
|
{% endfor %}
|
||||||
http_file_share_expires_after = {{ prosody_http_file_share_expires_after }}
|
|
||||||
http_file_share_allowed_file_types = {{ prosody_http_file_share_allowed_file_types }}
|
|
||||||
http_file_share_safe_file_types = {{ prosody_http_file_share_safe_file_types }}
|
|
||||||
http_file_share_access = {{ prosody_http_file_share_access }}
|
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
# rules will be checked against the blocklist.txt file
|
# rules will be checked against the blocklist.txt file
|
||||||
# Check mod_firewall/scripts/spam-blocking.pfw
|
# Check mod_firewall/scripts/spam-blocking.pfw
|
||||||
|
|
||||||
%LIST blocklist: file:{{ prosody_custom_script_path }}/servers_blocklist.txt
|
%LIST blocklist: file:{{ prosody_installer_plugin_path }}/servers_blocklist.txt
|
||||||
|
|
||||||
::user/spam_handle_unknown_custom
|
::user/spam_handle_unknown_custom
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
# rules will be checked against the blocklist.txt file
|
# rules will be checked against the blocklist.txt file
|
||||||
# Check mod_firewall/scripts/spam-blocking.pfw
|
# Check mod_firewall/scripts/spam-blocking.pfw
|
||||||
|
|
||||||
%LIST blocklist: file:{{ prosody_custom_script_path }}/users_blocklist.txt
|
%LIST blocklist: file:{{ prosody_installer_plugin_path }}/users_blocklist.txt
|
||||||
|
|
||||||
::user/spam_handle_unknown_custom
|
::user/spam_handle_unknown_custom
|
||||||
|
|
||||||
|
|
|
@ -35,6 +35,13 @@ contact_info = { {{ prosody_contact_info }} }
|
||||||
|
|
||||||
http_host = "{{ prosody_http_host }}"
|
http_host = "{{ prosody_http_host }}"
|
||||||
http_external_url = "{{ prosody_http_external_url }}"
|
http_external_url = "{{ prosody_http_external_url }}"
|
||||||
|
http_ports = "{{ prosody_http_ports }}"
|
||||||
|
http_interfaces = { "{{ prosody_http_interfaces }}" }
|
||||||
|
http_paths = {
|
||||||
|
{% for item in prosody_http_paths %}
|
||||||
|
{{ item.name }} = "{{ item.path }}";
|
||||||
|
{% endfor %}
|
||||||
|
}
|
||||||
|
|
||||||
-- See https://prosody.im/doc/configure
|
-- See https://prosody.im/doc/configure
|
||||||
c2s_direct_tls_ports = { {{ prosody_c2s_direct_tls_ports }} }
|
c2s_direct_tls_ports = { {{ prosody_c2s_direct_tls_ports }} }
|
||||||
|
|
Loading…
Reference in New Issue