177 lines
5 KiB
YAML
177 lines
5 KiB
YAML
---
|
|
prosody_server_username: prosody
|
|
prosody_server_data_dir: "/var/lib/{{ prosody_server_username }}"
|
|
prosody_server_run_dir: "/var/run/{{ prosody_server_username }}"
|
|
|
|
# Base HTTP URL of the Prosody plugins (modules) repository from which
|
|
# to download new modules.
|
|
prosody_plugins_src_base_url: https://hg.prosody.im/prosody-modules/raw-file/
|
|
|
|
# List of community Prosody plugins to install.
|
|
prosody_plugins: [] # Empty by default, structure like this:
|
|
# - name: conversejs # Name of the plugin to install.
|
|
# state: present # Whether the plugin should be installed or not.
|
|
# version: 2681f74750b2 # Branch or commit of the version to install.
|
|
# # If set, hash of the downloaded module file to compare against.
|
|
# checksum: sha1:6d84b4f4d5108bce25fa9103157ddfc519362460
|
|
|
|
# List of directories where Prosody plugins are searched.
|
|
prosody_plugin_paths:
|
|
- /usr/local/lib/prosody/modules
|
|
|
|
# List of JIDs granted administrative privileges to the XMPP server.
|
|
prosody_admins: []
|
|
|
|
# Whether or not to enable user registration by default.
|
|
prosody_allow_registration: false
|
|
|
|
# Whether to force TLS connections by default.
|
|
prosody_c2s_require_encryption: true
|
|
|
|
# List of ports to listen on for connections from XMPP clients.
|
|
prosody_c2s_ports:
|
|
- 5222
|
|
|
|
# Whether or not to require server-to-server connections to use TLS.
|
|
prosody_s2s_require_encryption: true
|
|
|
|
# List of ports to listen on for connections from XMPP servers.
|
|
prosody_s2s_ports:
|
|
- 5269
|
|
|
|
# Whether to authenticate other servers using only TLS certificates.
|
|
prosody_s2s_secure_auth: true
|
|
|
|
# List of Prosody modules enabled by default.
|
|
prosody_modules_enabled:
|
|
- roster
|
|
- saslauth
|
|
- tls
|
|
- dialback
|
|
- disco
|
|
- carbons
|
|
- pep
|
|
- private
|
|
- blocklist
|
|
- vcard
|
|
- version
|
|
- uptime
|
|
- time
|
|
- ping
|
|
- register
|
|
- admin_adhoc
|
|
|
|
# List of Prosody modules disabled by default.
|
|
prosody_modules_disabled: []
|
|
|
|
prosody_http_files_dir: "/var/www/prosody"
|
|
|
|
# List of Prosody VirtualHosts to configure.
|
|
prosody_virtualhosts:
|
|
- domain: localhost
|
|
#state: present
|
|
#enabled: true
|
|
#certificate: /etc/prosody/certs/localhost.crt
|
|
#key: /etc/prosody/certs/localhost.key
|
|
# The password should be encrypted with Ansible Vault.
|
|
#password: "passphrase to decrypt TLS key file"
|
|
|
|
# List of Prosody Components to configure.
|
|
prosody_components: []
|
|
# - hostname: conference.example.com
|
|
# plugin: muc
|
|
# options:
|
|
# restrict_room_creation: local
|
|
|
|
# List of Tor Onion service names whose onions should be added to the
|
|
# Prosody configuration's VirtualHosts list. This is mainly intended
|
|
# to make it possible to use Prosody HTTP modules that need to pass an
|
|
# HTTP Host header matching one of Tor's stealth Onion service onions.
|
|
#prosody_virtualhost_onions:
|
|
# - name: example-onion
|
|
# options: # Same as the `prosody_config.VirtualHost` keys.
|
|
# # The special string `__PROSODY_DOMAIN__` will be replaced with
|
|
# # the Onion domain extracted from the Tor `hostname` file.
|
|
# http_external_url: "http://__PROSODY_DOMAIN__/"
|
|
|
|
# Complete Prosody configuration.
|
|
prosody_config:
|
|
|
|
# Default TCP socket network interfaces to bind.
|
|
# See https://prosody.im/doc/ports#default_interfaces
|
|
#interfaces:
|
|
# - "*" # All IPv4 interfaces.
|
|
# - "::" # All IPv6 interfaces.
|
|
|
|
# Default private interfaces to bind to.
|
|
# See https://prosody.im/doc/ports#default_interfaces
|
|
#local_interfaces:
|
|
# - "127.0.0.1"
|
|
# - "::1"
|
|
|
|
admins: "{{ prosody_admins }}"
|
|
|
|
#data_path: "{{ prosody_server_data_dir }}"
|
|
plugin_paths: "{{ prosody_plugin_paths }}"
|
|
|
|
modules_enabled: "{{ prosody_modules_enabled }}"
|
|
modules_disabled: "{{ prosody_modules_disabled }}"
|
|
|
|
allow_registration: "{{ prosody_allow_registration }}"
|
|
|
|
# Client-to-server settings.
|
|
c2s_require_encryption: "{{ prosody_c2s_require_encryption }}"
|
|
c2s_ports: "{{ prosody_c2s_ports }}"
|
|
#c2s_interfaces:
|
|
# - "*"
|
|
# - "::"
|
|
|
|
# Server-to-server settings.
|
|
s2s_require_encryption: "{{ prosody_s2s_require_encryption }}"
|
|
s2s_secure_auth: "{{ prosody_s2s_secure_auth }}"
|
|
#s2s_insecure_domains: []
|
|
#s2s_secure_domains: []
|
|
s2s_ports: "{{ prosody_s2s_ports }}"
|
|
#s2s_interfaces:
|
|
# - "*"
|
|
# - "::"
|
|
|
|
pidfile: "{{ prosody_server_run_dir }}/prosody.pid"
|
|
|
|
authentication: internal_hashed
|
|
|
|
# See https://prosody.im/doc/storage
|
|
#default_storage: internal
|
|
#storage: internal
|
|
#sql_manage_tables: true
|
|
#sql:
|
|
#driver: SQLite3
|
|
#database: prosody.sqlite
|
|
#username: prosody
|
|
#password: secret
|
|
#host: localhost
|
|
|
|
archive_expires_after: "1w"
|
|
|
|
log:
|
|
info: "/var/log/prosody/prosody.log"
|
|
error: "/var/log/prosody/prosody.err"
|
|
|
|
#statistics: internal
|
|
#conflict_resolve: kick_old
|
|
#ignore_presence_priority: false
|
|
|
|
# Location of directory to find certificates in (relative to main config file)
|
|
certificates: certs
|
|
|
|
VirtualHosts: "{{ prosody_virtualhosts }}"
|
|
Components: "{{ prosody_components }}"
|
|
|
|
# List of user accounts registered with the Prosody server.
|
|
prosody_users: []
|
|
# - jid: admin@localhost
|
|
# password: password
|
|
# state: present
|
|
# - jid: test@localhost
|
|
# password: password
|
|
# state: absent
|