1 -- Prosody Example Configuration File
3 -- Information on configuring Prosody can be found on our
4 -- website at http://prosody.im/doc/configure
6 -- Tip: You can check that the syntax of this file is correct
7 -- when you have finished by running: luac -p prosody.cfg.lua
8 -- If there are any errors, it will let you know what and where
9 -- they are, otherwise it will keep quiet.
11 -- The only thing left to do is rename this file to remove the .dist ending, and fill in the
12 -- blanks. Good luck, and happy Jabbering!
15 ---------- Server-wide settings ----------
16 -- Settings in this section apply to the whole server and are the default settings
17 -- for any virtual hosts
19 -- This is a (by default, empty) list of accounts that are admins
20 -- for the server. Note that you must create the accounts separately
21 -- (see http://prosody.im/doc/creating_accounts for info)
22 -- Example: admins = { "user1@example.com", "user2@example.net" }
25 -- Enable use of libevent for better performance under high load
26 -- For more information see: http://prosody.im/doc/libevent
27 --use_libevent = true;
29 -- This is the list of modules Prosody will load on startup.
30 -- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
31 -- Documentation on modules can be found at: http://prosody.im/doc/modules
35 "roster"; -- Allow users to have a roster. Recommended ;)
36 "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
37 "tls"; -- Add support for secure TLS on c2s/s2s connections
38 "dialback"; -- s2s dialback support
39 "disco"; -- Service discovery
41 -- Not essential, but recommended
42 "private"; -- Private XML storage (for room bookmarks, etc.)
43 "vcard"; -- Allow users to set vCards
45 -- These are commented by default as they have a performance impact
46 --"privacy"; -- Support privacy lists
47 --"compression"; -- Stream compression
50 "version"; -- Replies to server version requests
51 "uptime"; -- Report how long server has been running
52 "time"; -- Let others know the time here on this server
53 "ping"; -- Replies to XMPP pings with pongs
54 "pep"; -- Enables users to publish their mood, activity, playing music and more
55 "register"; -- Allow users to register on this server using a client and change passwords
58 "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
59 --"admin_telnet"; -- Opens telnet console interface on localhost port 5582
62 --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
63 --"http_files"; -- Serve static files from a directory over HTTP
65 -- Other specific functionality
66 --"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
67 --"groups"; -- Shared roster support
68 --"announce"; -- Send announcement to all online users
69 --"welcome"; -- Welcome users who register accounts
70 --"watchregistrations"; -- Alert admins of registrations
71 --"motd"; -- Send a message to users when they log in
72 --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
75 -- These modules are auto-loaded, but should you want
76 -- to disable them then uncomment them here:
78 -- "offline"; -- Store offline messages
79 -- "c2s"; -- Handle client connections
80 -- "s2s"; -- Handle server-to-server connections
83 -- Disable account creation by default, for security
84 -- For more information see http://prosody.im/doc/creating_accounts
85 allow_registration = false;
87 -- These are the SSL/TLS-related settings. If you don't want
88 -- to use SSL/TLS, you may comment or remove this
90 key = "certs/localhost.key";
91 certificate = "certs/localhost.crt";
94 -- Force clients to use encrypted connections? This option will
95 -- prevent clients from authenticating unless they are using encryption.
97 c2s_require_encryption = false
99 -- Force certificate authentication for server-to-server connections?
100 -- This provides ideal security, but requires servers you communicate
101 -- with to support encryption AND present valid, trusted certificates.
102 -- For more information see http://prosody.im/doc/s2s#security
106 -- Many servers don't support encryption or have invalid or self-signed
107 -- certificates. You can list domains here that will not be required to
108 -- authenticate using certificates. They will be authenticated using DNS.
110 -- s2s_insecure_domains = { "gmail.com" }
112 -- Even if you leave s2s_secure disabled, you can still require it for
113 -- some domains by specifying a list here.
115 -- s2s_secure_domains = { "jabber.org" }
117 -- Select the authentication backend to use. The 'internal' providers
118 -- use Prosody's configured data storage to store the authentication data.
119 -- To allow Prosody to offer secure authentication mechanisms to clients, the
120 -- default provider stores passwords in plaintext. If you do not trust your
121 -- server please see http://prosody.im/doc/modules/mod_auth_internal_hashed
122 -- for information about using the hashed backend.
124 authentication = "internal_plain"
126 -- Select the storage backend to use. By default Prosody uses flat files
127 -- in its configured data directory, but it also supports more backends
128 -- through modules. An "sql" backend is included by default, but requires
129 -- additional dependencies. See http://prosody.im/doc/storage for more info.
131 --storage = "sql" -- Default is "internal"
133 -- For the "sql" backend, you can uncomment *one* of the below to configure:
134 --sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename.
135 --sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
136 --sql = { driver = "PostgreSQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
138 -- Logging configuration
139 -- For advanced logging see http://prosody.im/doc/logging
141 info = "prosody.log"; -- Change 'info' to 'debug' for verbose logging
142 error = "prosody.err";
143 -- "*syslog"; -- Uncomment this for logging to syslog
144 -- "*console"; -- Log to the console, useful for debugging with daemonize=false
147 ----------- Virtual hosts -----------
148 -- You need to add a VirtualHost entry for each domain you wish Prosody to serve.
149 -- Settings under each VirtualHost entry apply *only* to that host.
151 VirtualHost "localhost"
153 VirtualHost "example.com"
154 enabled = false -- Remove this line to enable this host
156 -- Assign this host a certificate for TLS, otherwise it would use the one
157 -- set in the global section (if any).
158 -- Note that old-style SSL on port 5223 only supports one certificate, and will always
159 -- use the global one.
161 key = "certs/example.com.key";
162 certificate = "certs/example.com.crt";
165 ------ Components ------
166 -- You can specify components to add hosts that provide special services,
167 -- like multi-user conferences, and transports.
168 -- For more information on components, see http://prosody.im/doc/components
170 ---Set up a MUC (multi-user chat) room server on conference.example.com:
171 --Component "conference.example.com" "muc"
173 -- Set up a SOCKS5 bytestream proxy for server-proxied file transfers:
174 --Component "proxy.example.com" "proxy65"
176 ---Set up an external component (default component port is 5347)
178 -- External components allow adding various services, such as gateways/
179 -- transports to other networks like ICQ, MSN and Yahoo. For more info
180 -- see: http://prosody.im/doc/components#adding_an_external_component
182 --Component "gateway.example.com"
183 -- component_secret = "password"