1 -- Prosody XMPP Server Configuration
3 -- Information on configuring Prosody can be found on our
4 -- website at https://prosody.im/doc/configure
6 -- Tip: You can check that the syntax of this file is correct
7 -- when you have finished by running this command:
8 -- prosodyctl check config
9 -- If there are any errors, it will let you know what and where
10 -- they are, otherwise it will keep quiet.
12 -- Good luck, and happy Jabbering!
15 ---------- Server-wide settings ----------
16 -- Settings in this section apply to the whole server and are the default settings
17 -- for any virtual hosts
19 -- This is a (by default, empty) list of accounts that are admins
20 -- for the server. Note that you must create the accounts separately
21 -- (see https://prosody.im/doc/creating_accounts for info)
22 -- Example: admins = { "user1@example.com", "user2@example.net" }
24 <% scope.lookupvar('prosody::admins').each do |admin| -%>
29 <% if scope.lookupvar('prosody::user') != '' -%>
30 -- User to run prosody as
31 prosody_user = "<%= scope.lookupvar('prosody::user') %>"
33 <% if scope.lookupvar('prosody::group') != '' -%>
34 -- Group to run prosody as
35 prosody_group = "<%= scope.lookupvar('prosody::group') %>"
38 -- Which interfaces (addresses) to listen on
40 <% scope.lookupvar('prosody::interfaces').each do |interface| -%>
45 -- Enable use of libevent for better performance under high load
46 -- For more information see: https://prosody.im/doc/libevent
47 use_libevent = <%= scope.lookupvar('prosody::use_libevent') %>;
49 -- This is the list of modules Prosody will load on startup.
50 -- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
51 -- Documentation on modules can be found at: https://prosody.im/doc/modules
55 <% scope.lookupvar('prosody::modules_base').each do |mod| -%>
60 <% scope.lookupvar('prosody::modules').each do |mod| -%>
66 <%- community_modules = scope.lookupvar('prosody::community_modules')
67 if community_modules != [] -%>
68 -- Where to search for plugins/modules
70 <%- base_path = scope.lookupvar('prosody::community_modules::path')
71 community_modules.each do |mod| -%>
72 "<%= base_path + '/mod_' + mod %>";
77 <%- modules_disabled = scope.lookupvar('prosody::modules_disabled')
78 if modules_disabled != [] -%>
79 -- These modules are auto-loaded, but should you want
80 -- to disable them then uncomment them here:
82 <% scope.lookupvar('prosody::modules_disabled').each do |mod| -%>
88 -- Disable account creation by default, for security
89 -- For more information see https://prosody.im/doc/creating_accounts
90 allow_registration = <%= scope.lookupvar('prosody::allow_registration') %>;
93 -- send the server to background.
95 daemonize = <%= scope.lookupvar('prosody::daemonize') %>;
97 <% if scope.lookupvar('prosody::ssl_custom_config') -%>
98 -- These are the SSL/TLS-related settings. If you don't want
99 -- to use SSL/TLS, you may comment or remove this
101 <% unless scope.lookupvar('prosody::ssl_protocol').nil? -%>
102 protocol = "<%= scope.lookupvar('prosody::ssl_protocol') %>";
105 <%- scope.lookupvar('prosody::ssl_options').each do |option| -%>
109 ciphers = "<%= scope.lookupvar('prosody::ssl_ciphers') %>";
110 curve = "<%= scope.lookupvar('prosody::ssl_curve') %>";
111 <%- dhparam = scope.lookupvar('prosody::ssl_dhparam')
113 dhparam = "<%= dhparam %>";
115 <%- ssl_key = scope.lookupvar('prosody::ssl_key')
116 if ssl_key != :undef -%>
117 key = "<%= ssl_key %>";
119 <%- ssl_cert = scope.lookupvar('prosody::ssl_cert')
120 if ssl_cert != :undef -%>
121 certificate = "<%= ssl_cert %>";
126 -- Force clients to use encrypted connections? This option will
127 -- prevent clients from authenticating unless they are using encryption.
129 c2s_require_encryption = <%= scope.lookupvar('prosody::c2s_require_encryption') %>
131 -- Force servers to use encrypted connections?
133 s2s_require_encryption = <%= scope.lookupvar('prosody::s2s_require_encryption') %>
136 -- Force certificate authentication for server-to-server connections?
137 -- This provides ideal security, but requires servers you communicate
138 -- with to support encryption AND present valid, trusted certificates.
139 -- NOTE: Your version of LuaSec must support certificate verification!
140 -- For more information see https://prosody.im/doc/s2s#security
142 s2s_secure_auth = <%= scope.lookupvar('prosody::s2s_secure_auth') %>
144 -- Many servers don't support encryption or have invalid or self-signed
145 -- certificates. You can list domains here that will not be required to
146 -- authenticate using certificates. They will be authenticated using DNS.
148 s2s_insecure_domains = {
149 <% scope.lookupvar('prosody::s2s_insecure_domains').each do |domain| -%>
154 -- Even if you leave s2s_secure_auth disabled, you can still require valid
155 -- certificates for some domains by specifying a list here.
157 s2s_secure_domains = {
158 <% scope.lookupvar('prosody::s2s_secure_domains').each do |domain| -%>
163 ------ Custom config options ------
166 def print_recursive(object, indentation = 0)
169 '{ "' + object.join('"; "') + '" }'
171 "{\n" + ' ' * (indentation + 2) + object.map {|k,v| + "#{k} = " + print_recursive(v, indentation + 2)}.join(";\n" + ' ' * (indentation + 2)) + ";\n" + (' ' * indentation) + '}'
172 when TrueClass, FalseClass
175 '"' + object.to_s + '"'
180 <% scope.lookupvar('prosody::custom_options').sort.each do |option, value| -%>
181 <%= option %> = <%= print_recursive(value) %>
184 -- Required for init scripts and prosodyctl
185 pidfile = "<%= scope.lookupvar('prosody::pidfile') %>"
187 -- Select the authentication backend to use. The 'internal' providers
188 -- use Prosody's configured data storage to store the authentication data.
189 -- To allow Prosody to offer secure authentication mechanisms to clients, the
190 -- default provider stores passwords in plaintext. If you do not trust your
191 -- server please see https://prosody.im/doc/modules/mod_auth_internal_hashed
192 -- for information about using the hashed backend.
194 authentication = "<%= scope.lookupvar('prosody::authentication') %>"
196 -- Select the storage backend to use. By default Prosody uses flat files
197 -- in its configured data directory, but it also supports more backends
198 -- through modules. An "sql" backend is included by default, but requires
199 -- additional dependencies. See https://prosody.im/doc/storage for more info.
201 <%- storage = scope.lookupvar('prosody::storage')
203 if storage.is_a?(String) -%>
204 storage = "<%= storage %>"
205 <%- elsif storage.is_a?(Hash) -%>
207 <%- storage.sort.each do |type,location| -%>
208 <%= type %> = "<%= location %>";
214 <%- sql = scope.lookupvar('prosody::sql')
216 sql = { driver = "<%= sql['driver'] %>", database = "<%= sql ['database'] %>", username = "<%= sql['username'] %>", password = "<%= sql['password'] %>", host = "<%= sql['host'] %>" }
219 -- Logging configuration
220 -- For advanced logging see https://prosody.im/doc/logging
222 <%= scope.lookupvar('prosody::log_level') -%> = "<%= scope.lookupvar('prosody::info_log') -%>"; -- Change 'info' to 'debug' for verbose logging
223 error = "<%= scope.lookupvar('prosody::error_log') -%>";
224 <% scope.lookupvar('prosody::log_sinks').each do |sink| -%>
227 <% scope.lookupvar('prosody::log_advanced').each do |level, destination| -%>
228 { levels = { <%= level %> }; to = <%= destination %>; };
232 ------ Components ------
233 -- You can specify components to add hosts that provide special services,
234 -- like multi-user conferences, and transports.
235 -- For more information on components, see https://prosody.im/doc/components
237 <% scope.lookupvar('prosody::components').sort.each do |name, component| %>
238 Component "<%= name %>" <% if component.include?('type') then %>"<%= component['type'] %>"<% end %>
239 <%- if component.include?('secret') -%>
240 component_secret = "<%= component['secret'] %>"
242 <%- if component.include?('options') -%>
243 <%- component['options'].sort.each do |k, v| -%>
244 <%- if ( v.is_a? Array ) -%>
245 <%= k %> = { "<%= v.join('", "') %>" };
253 ------ Additional config files ------
254 -- For organizational purposes you may prefer to add VirtualHost and
255 -- Component definitions in their own config files. This line includes
256 -- all config files in /etc/prosody/conf.d/
258 Include "conf.d/*.cfg.lua"