prosody/defaults/mod.yml
meaz 6145d7dffb add script to allow invitation from muc in firewall (#13)
Fix this [Disroot/Disroot-Project#151 (comment)](Disroot/Disroot-Project#151 (comment))

Co-authored-by: meaz <meaz@disroot.org>
Reviewed-on: #13
Reviewed-by: muppeth <muppeth@no-reply@disroot.org>
Reviewed-by: antilopa <antilopa@no-reply@disroot.org>
Co-authored-by: meaz <meaz@no-reply@disroot.org>
Co-committed-by: meaz <meaz@no-reply@disroot.org>
2021-11-03 10:45:54 +00:00

297 lines
10 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

prosody_modules:
- name: 'roster'
description: 'Allow users to have a roster.'
module_enabled: 'true'
- name: 'saslauth'
description: 'Authentication for clients and servers. Recommended if you want to log in.'
module_enabled: 'true'
- name: 'tls'
description: 'Add support for secure TLS on c2s/s2s connections'
module_enabled: 'true'
- name: 'dialback'
description: 's2s dialback support'
module_enabled: 'true'
- name: 'compat_dialback'
description: 'This module provides a workaround for servers that do not set the to attribute on stream headers, which is required per RFC6120'
module_enabled: 'true'
- name: 'disco'
description: 'Service discovery'
module_enabled: 'true'
- name: 'private'
description: 'Private XML storage'
module_enabled: 'true'
- name: 'vcard4'
description: 'User profiles (stored in PEP)'
module_enabled: 'true'
- name: 'vcard_legacy'
description: 'Conversion between legacy vCard and PEP Avatar'
module_enabled: 'true'
- name: 'version'
description: 'Replies to server version requests'
module_enabled: 'true'
- name: 'uptime'
description: 'Report how long server has been running'
module_enabled: 'true'
- name: 'time'
description: 'Let others know the time here on this server'
module_enabled: 'true'
- name: 'ping'
description: 'Replies to XMPP pings with pongs'
module_enabled: 'true'
- name: 'pep'
description: 'Enables users to publish their mood, activity, playing music and more'
module_enabled: 'true'
- name: 'carbons'
description: 'Keep multiple clients in sync'
module_enabled: 'true'
- name: 'register'
description: 'Allow users to register on this server using a client and change passwords'
module_enabled: 'false'
- name: 'carbons_adhoc' # not sure it is needed Zash says if you dont knwo what it is probably you dont need it
description: 'carbons for legacy clients'
module_enabled: 'false'
- name: 'carbons_copies' # not sure it is needed Zash says if you dont knwo what it is probably you dont need it
description: 'carbons for legacy clients'
module_enabled: 'false'
- name: 'smacks'
description: 'Allows to resume a disconnected session and prevents message loss'
module_enabled: 'true'
- name: 'default_bookmarks'
description: 'Add a default bookmarks to new users'
module_enabled: 'true'
extra_options:
- 'default_bookmarks = { jid = "room@muc.server.com", name = "Shared room" };'
- name: 'cloud_notify'
description: 'Allows clients to register an “app server”.'
module_enabled: 'true'
extra_options:
- 'push_notification_important_body = "Important message";'
- 'push_notification_with_body = false -- Whether or not to send the message body to remote pubsub node'
- 'push_notification_with_sender = false -- Whether or not to send the message sender to remote pubsub node'
- 'push_max_errors = 5 -- persistent push errors are tolerated before notifications for the identifier in question are disabled'
- 'push_max_devices = 3 -- number of allowed devices per user'
- name: 'csi'
description: 'Implements Client State Indication'
module_enabled: 'true'
- name: 'csi_simple'
description: 'Buffer unimportant traffic to inactive devices'
module_enabled: 'true'
- name: 'throttle_presence'
description: 'Cuts down on presence traffic when clients indicate they are inactive'
module_enabled: 'false'
- name: 'filter_chatstates'
description: 'https://modules.prosody.im/mod_filter_chatstates.html'
module_enabled: 'true'
- name: 'admin_adhoc'
description: 'Allows administration via an XMPP client that supports ad-hoc commands'
module_enabled: 'true'
- name: 'bosh'
description: 'Enable BOSH clients'
module_enabled: 'true'
- name: 'websocket'
description: 'Supports for XMPP connections over Websockets'
module_enabled: 'true'
extra_options:
- 'consider_websocket_secure = true'
- 'cross_domain_websocket = true'
- name: 'posix'
description: 'POSIX functionality, sends server to background, enables syslog, etc.'
module_enabled: 'true'
- name: 'limits'
description: 'Enable bandwidth limiting for XMPP connections.'
module_enabled: 'false'
extra_options:
- 'limits = {'
- 'c2s = {'
- 'rate = "10kb/s";'
- 'burst = "2s";'
- '};'
- 's2sin = {'
- 'rate = "30kb/s";'
- 'burst = "2s";'
- '};'
- '}'
- name: 'groups'
description: 'Shared roster support.'
module_enabled: 'false'
- name: 'announce'
description: 'Send announcement to all online users'
module_enabled: 'true'
- name: 'welcome'
description: 'Welcome users who register accounts'
module_enabled: 'true'
- name: 'watchregistrations'
description: 'Alert admins of registrations'
module_enabled: 'false'
- name: 'motd'
description: 'Send a message to users when they log in'
module_enabled: 'true'
- name: 'legacyauth'
description: 'Legacy authentication. Only used by some old clients and bots.'
module_enabled: 'true'
- name: 'log_auth'
description: 'Log failed authentication attempts with their IP address'
module_enabled: 'true'
- name: 'register_redirect'
description: 'Registration Redirect.'
module_enabled: 'true'
extra_options:
- 'registrarion_url = "https://registration.example.com"'
- 'registration_text = "Your custom instructions banner here"'
- name: 'mam'
description: 'Implementation of XEP-0313: Message Archive Management https://modules.prosody.im/mod_mam.html'
module_enabled: 'true'
extra_options:
- 'max_archive_query_results = 50;'
- 'archive_expires_after = "6m"; -- six months'
- 'default_archive_policy = true; -- default'
- 'archive_cleanup_interval = 3600*24 -- how often it checks if there are messages older than archive_expires_after. In seconds.'
- name: 'blocklist'
description: 'ability to block users'
module_enabled: 'true'
- name: 'uptime_presence'
description: 'responds to a presence probe with timestamp from when the server was started'
module_enabled: 'true'
- name: 'bookmarks'
description: 'This module fetches users bookmarks from Private XML and pushes them to PEP on login'
module_enabled: 'true'
- name: 'presence_cache'
description: 'This module stores a timestamp of the latest presence received from users contacts'
module_enabled: 'true'
extra_options:
- 'presence_cache_size = 99'
- name: 'nodeinfo2'
description: 'This module exposes a nodeinfo2 .well-known URL for use e.g. from the-federation.info.'
module_enabled: 'true'
extra_options:
- 'nodeinfo2_expose_users = false -- if you dont want to expose statistics about the amount of users you host'
- 'nodeinfo2_expose_posts = false -- if you dont want to expose statistics about the amount of messages being exchanged by your users'
- name: 'lastlog'
description: 'Simple module that stores the timestamp of when a user logs in.'
module_enabled: 'true'
extra_options:
- 'lastlog_ip_address = false'
- 'lastlog_stamp_offline = false'
- name: 'http'
description: 'Prosody contains a mini built-in HTTP server, which is used for BOSH and other modules.'
module_enabled: 'true'
- name: 'watch_spam_reports'
description: 'This module sends a message to the server admins for incoming spam reports.'
module_enabled: 'true'
- name: 'spam_reporting'
description: 'When someone reports spam or abuse, a line about this is logged and an event is fired so that other modules can act on the report.'
module_enabled: 'true'
- name: 'server_contact_info'
description: 'Provides contact addresses.'
module_enabled: 'true'
extra_options:
- 'contact_info = {'
- 'admin = { "mailto:{{ prosody_admins }}", "xmpp:{{ prosody_admins }}" };'
- 'abuse = { "mailto:{{ prosody_abuse_info }}", "xmpp:{{ prosody_abuse_info }}" };'
- 'support = { "mailto:{{ prosody_contact_info }}", "xmpp:{{ prosody_contact_info }}" };'
- '};'
- name: 'turncredentials'
description: 'Setup turnserver for viop'
module_enabled: 'false'
extra_options:
- 'turncredentials_secret = mysecret'
- 'turncredentials_host = turn.example.com'
- 'turncredentials_port = 3478'
- 'turncredentials_ttl = 86400;'
- name: 'firewall'
description: 'Can efficiently block, bounce, drop, forward, copy, redirect stanzas and more.'
module_enabled: '{{ firewall_module_enabled }}'
extra_options:
- 'firewall_scripts = { "{{ prosody_community_modules_path }}/mod_firewall/scripts/spam-blocking.pfw", "{{ prosody_custom_script_path }}/servers_blocklist.pfw", "{{ prosody_custom_script_path }}/users_blocklist.pfw", "{{ prosody_custom_script_path }}/invite_from_muc.pfw }'
# spam-blocking.pfw is the default Prosody one, needed by the two following
- name: 'http_altconnect'
description: 'This module helps make BOSH and WebSocket connection endpoints discoverable via the HTTP'
module_enabled: 'true'
- name: 'http_upload'
description: 'Upload files via http'
module_enabled: 'true'
extra_options:
- 'http_upload_file_size_limit = 1024*1024 --bytes'
- 'http_upload_expire_after = 60 * 60 * 24 * 7 -- a week in seconds'
- 'http_upload_path = "/srv/prosody/files"'
- 'http_upload_quota = 1234 -- bytes, maximum size of all uploaded files per user'
- name: 'admin_blocklist'
description: 'This module uses the blocklists set by admins for blocking s2s connections'
module_enabled: 'true'
- name: 'statistics'
description: 'Provide statistic feed for monitoring'
module_enabled: 'true'
- name: 'checkcerts'
description: 'Checks your certificate to see if it is about to expire soon'
module_enabled: 'false'
- name: 'cloud_notify_filters'
description: 'Implements support for a group of push notification extensions by the Tigase team.'
module_enabled: 'true'
- name: 'cloud_notify_priority_tag'
description: 'Implements support for a Tigase XMPP extension, Priority of notifications.'
module_enabled: 'true'
- name: 'cloud_notify_encrypted'
description: 'Implements support for a Encrypted Push Notifications.'
module_enabled: 'true'
- name: 'muc_ban_ip'
description: 'Allows the users server to enforce bans by IP address'
module_enabled: 'true'