[ejabberd] Proposed huge reorganization of ejabberd.cfg.example

Badlop badlop at gmail.com
Wed Sep 26 22:18:26 MSD 2007

ejabberd.cfg.example exists almost since Alexey started the project 5
years ago. While ejabberd has gained more and more features,
authentication methods, modules, virtual hosting, more ACL and
ACCESS... the example config file has grown more and more, retaining
its original organization.

I propose to reorganize ejabberd.cfg.example, grouping the options and
sorting them in a way as similar as possible to the ejabbed Guide.

This is a cheap way to make ejabberd.cfg more understandable without
having to modify its Erlang-oriented format.

During those years, some people suggested to use an XML or Apache-like
format, but I consider that it's better to improve the current format:
this reorganization, a config syntax checker [1]...

Here is my proposal. I include it here so you can comment any
suggestion, quoting the problematic lines. Please compare it with the
ejabberd Guide SVN:

I'll apply the suggestions I consider interesting, before submitting
to the ejabberd bug tracker.

---------------------- START ejabberd.cfg.example
%%%             ejabberd configuration file

%%% The ejabberd Guide provides detailed explanation
%%% for the parameters used in this ejabberd configuration file.
%%% Please consult the Guide in case of doubts.

%%% $Id$

% Override the old values stored in the database

%%%   =========

% ejabberd loglevel (0: no log -> 5: debug)
{loglevel, 4}.

% Watchdog admins receive live notifications if an ejabberd process
% consumes too much memory
%{watchdog_admins, ["bob at example.com"]}.

%%%   =============

% Name of your Jabber server:
{hosts, ["localhost"]}.

% ejabberd can serve several virtual hosts, for example:
{hosts, ["example.net", "example.com", "example.org"]}.

% If a virtual host is subdomain of another, like for example:
% example.net and jabber.example.net
% and you want them to work correctly, enable this option:
%{route_subdomains, s2s}.

%%%   ===============

  {5222, ejabberd_c2s, [
	{access, c2s},
	{shaper, c2s_shaper},
	% If TLS is compiled and you installed a certificate,
	% put the correct path to your SSL certificate
	% and uncomment this line:
	%{certfile, "/path/to/ssl.pem"}, starttls,
	{max_stanza_size, 65536}

  % To enable the old SSL connection method in port 5223:
  %{5223, ejabberd_c2s,     [{access, c2s},
  %			    {max_stanza_size, 65536},
  %			    tls, {certfile, "/path/to/ssl.pem"}
  %			   ]},

  {5269, ejabberd_s2s_in,  [{shaper, s2s_shaper},
			    {max_stanza_size, 131072}

  %{8888, ejabberd_service, [{access, all}, {shaper_rule, fast},
  %			    {hosts, ["icq.localhost", "sms.localhost"],
  %			     [{password, "secret"}]}]},

  {5280, ejabberd_http,    [http_poll, web_admin]}

% If SRV lookup fails, then port 5269 is used to communicate with remote server
{outgoing_s2s_port, 5269}.

% To enable STARTTLS+Dialback for S2S connections:
%{s2s_use_starttls, true}.
%{s2s_certfile, "/path/to/ssl.pem"}.
% If you want to specify a different certificate for each ejabberd virtual host:
%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
%{domain_certfile, "example.com", "/path/to/example_com.pem"}.

% S2S Whitelist or blacklist
% Default s2s policy for undefined hosts:
%{s2s_default_policy, allow}.
% To allow or deny specific servers:
%{{s2s_host,"goodhost.org"}, allow}.
%{{s2s_host,"badhost.org"}, deny}.

%%%   ==============

% The default authentication method is the internal:
{auth_method, internal}.

% For LDAP authentication use these lines instead of above one:
%{auth_method, ldap}.
%{ldap_servers, ["localhost"]}.    % List of LDAP servers
%{ldap_uids, [{"mail", "%u at mail.example.org"}]}.  % LDAP attribute
that holds user ID
%{ldap_base, "dc=example,dc=com"}. % Search base of LDAP directory
%{ldap_rootdn, "dc=example,dc=com"}. % LDAP manager
%{ldap_password, "******"}. % Password to LDAP manager

% For authentication via external script use the following:
%{auth_method, external}.
%{extauth_program, "/path/to/authentication/script"}.

% For authentication via ODBC use the following:
%{auth_method, odbc}.
%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.

% Uncomment this if you are using postgres, having a large DB, and need a
% faster but inexact replacement for "select count(*) from users"
%{pgsql_users_number_estimate, true}.

% Anonymous login support:
%   auth_method: anonymous
%   anonymous_protocol: sasl_anon | login_anon | both
%   allow_multiple_connections: true | false
%{host_config, "public.example.org", [{auth_method, anonymous},
%                                     {allow_multiple_connections, false},
%                                     {anonymous_protocol, sasl_anon}]}.
% To use both anonymous and internal authentication:
%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.

%%%   ================

% ejabberd uses by default the internal Mnesia database.
% For instructions about using other database backends,
% please consult the ejabberd Guide.

%%%   ===
%%%   ACL

% Jabber accounts with admin privileges
%{acl, admin, {user, "aleksey", "localhost"}}.
%{acl, admin, {user, "ermine"}}.

% Blocked users:
%{acl, blocked, {user, "test"}}.

% Local users:
{acl, local, {user_regexp, ""}}.

% Another examples of ACLs:
%{acl, jabberorg, {server, "jabber.org"}}.
%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%{acl, test, {user_regexp, "^test"}}.
%{acl, test, {user_glob, "test*"}}.

%%%   ============

%% Define the maximum number of time a single user is allowed to connect:
{access, max_user_sessions, [{10, all}]}.

% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

% Every username can be registered via in-band registration:
% To disable in-band registration, replace 'allow' with 'deny'.
{access, register, [{allow, all}]}.

% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.

% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
	       {allow, all}]}.

% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
		      {normal, all}]}.

% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.

% Everybody can create pubsub nodes
{access, pubsub_createnode, [{allow, all}]}.

% This rule allows access only for local users:
{access, local, [{allow, local}]}.

%%%   =======

% Set shaper with name "normal" to limit traffic speed to 1000B/s
{shaper, normal, {maxrate, 1000}}.

% Set shaper with name "fast" to limit traffic speed to 50000B/s
{shaper, fast, {maxrate, 50000}}.

%%%   ================

% Default language for server messages
{language, "en"}.

%%%   =======

% Modules enabled in all ejabberd virtual hosts:
  {mod_adhoc,      []},
  {mod_announce,   [{access, announce}]}, % Depends on mod_adhoc
  {mod_configure,  []}, % Requires mod_adhoc
  {mod_disco,      []},
  %{mod_echo,       [{host, "echo.localhost"}]},
  {mod_irc,        []},
  {mod_last,       []},
  % Default options for mod_muc:
  %   host: "conference. at HOST@"
  %   access: all
  %   access_create: all
  %   access_persistent: all
  %   access_admin: none (only room creator has owner privileges)
  {mod_muc,        [{access, muc},
		    {access_create, muc},
		    {access_persistent, muc},
		    {access_admin, muc_admin}]},
  %{mod_muc_log,    []},
  {mod_offline,    []},
  {mod_privacy,    []},
  {mod_private,    []},
  %{mod_proxy65,    []},
  {mod_pubsub,     [{access_createnode, pubsub_createnode}]},
  {mod_register,   [
	% After successful registration, the user will receive a message with
	% the following subject and body:
	%{welcome_message, {"Welcome!", "Welcome to this Jabber server."}},
	% List of people who will get notifications when users register
	%{registration_watchers, ["admin1 at example.org", "admin2 at example.org"]},
	{access, register}
  {mod_roster,     []},
  {mod_stats,      []},
  {mod_time,       []},
  {mod_vcard,      []},
  {mod_version,    []}

% Local Variables:
% mode: erlang
% End:
---------------------- END

[1] https://support.process-one.net/browse/EJAB-51

More information about the ejabberd mailing list