[ejabberd] Proposed huge reorganization of ejabberd.cfg.example

Sergei Golovan sgolovan at nes.ru
Fri Sep 28 09:56:13 MSD 2007


On 9/26/07, Badlop <badlop at gmail.com> wrote:
>
> Here is my proposal. I include it here so you can comment any
> suggestion, quoting the problematic lines. Please compare it with the
> ejabberd Guide SVN:
> http://svn.process-one.net/ejabberd/trunk/doc/guide.html

I would make two config examples, one for a single host and one for
several virtual hosts showing technique for loading different modules,
using different authentication schemes etc. (using host_config)

>
> ---------------------- START ejabberd.cfg.example
> %%%
> %%%             ejabberd configuration file
> %%%
>
> %%% The ejabberd Guide provides detailed explanation
> %%% for the parameters used in this ejabberd configuration file.
> %%% Please consult the Guide in case of doubts.
>
> %%% $Id$
>
>
> % Override the old values stored in the database

Needs an explanation, what are 'local', 'global', 'acls'

> %override_global.
> %override_local.
> %override_acls.
>
>
> %%%   =========
> %%%   DEBUGGING
>
> % ejabberd loglevel (0: no log -> 5: debug)

Needs an explanation of levels 1, 2, 3, 4.

> {loglevel, 4}.
>
> % Watchdog admins receive live notifications if an ejabberd process
> % consumes too much memory
> %{watchdog_admins, ["bob at example.com"]}.
>
>
> %%%   =============
> %%%   VIRTUAL HOSTS

It's not a 'virtual hosts' section. SERVED HOSTNAMES probably.

>
> % Name of your Jabber server:
> {hosts, ["localhost"]}.
>
> % ejabberd can serve several virtual hosts, for example:
> {hosts, ["example.net", "example.com", "example.org"]}.

I would comment out the second {hosts} line.

>
> % If a virtual host is subdomain of another, like for example:
> % example.net and jabber.example.net
> % and you want them to work correctly, enable this option:
> %{route_subdomains, s2s}.

Was there a discussion about validity of these subdomains recently? I
don't remember the conclusion, but probably this section should be
removed.

>
>
> %%%   ===============
> %%%   LISTENING PORTS
>
> {listen,
>  [
>   {5222, ejabberd_c2s, [
>         {access, c2s},
>         {shaper, c2s_shaper},
>         % If TLS is compiled and you installed a certificate,
>         % put the correct path to your SSL certificate
>         % and uncomment this line:
>         %{certfile, "/path/to/ssl.pem"}, starttls,
>         {max_stanza_size, 65536}
>   ]},

Too complicated. But using two separate listeners for 5222 may cause
an error during ejabberd start (if user uncomments both). I don't know
which is better.

>
>   % To enable the old SSL connection method in port 5223:
>   %{5223, ejabberd_c2s,     [{access, c2s},
>   %                         {max_stanza_size, 65536},
>   %                         tls, {certfile, "/path/to/ssl.pem"}
>   %                        ]},
>
>   {5269, ejabberd_s2s_in,  [{shaper, s2s_shaper},
>                             {max_stanza_size, 131072}
>                            ]},
>
>   %{8888, ejabberd_service, [{access, all}, {shaper_rule, fast},
>   %                         {hosts, ["icq.localhost", "sms.localhost"],
>   %                          [{password, "secret"}]}]},

There should be more service examples. And it'd be better if they were
with {ip} option.

>
>   {5280, ejabberd_http,    [http_poll, web_admin]}
> ]}.
>
> % If SRV lookup fails, then port 5269 is used to communicate with remote server
> {outgoing_s2s_port, 5269}.

This option MUST be removed from the example. This port isn't for
change. (It was used by Aleksey when ejabberd couldn't use SRV and he
run several daemons on a single computer).

>
>
> %%%   ================
> %%%   DATABASE STORAGE

Which database?

>
> % ejabberd uses by default the internal Mnesia database.
> % For instructions about using other database backends,
> % please consult the ejabberd Guide.
>
>
> %%%   ===
> %%%   ACL

What's ACL? Don't use abbreviations in headers.

>
> % Jabber accounts with admin privileges
> %{acl, admin, {user, "aleksey", "localhost"}}.
> %{acl, admin, {user, "ermine"}}.
>
> % Blocked users:
> %{acl, blocked, {user, "test"}}.
>
> % Local users:
> {acl, local, {user_regexp, ""}}.
>
> % Another examples of ACLs:
> %{acl, jabberorg, {server, "jabber.org"}}.
> %{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
> %{acl, test, {user_regexp, "^test"}}.
> %{acl, test, {user_glob, "test*"}}.

One of the FAQ is "how to add two users to an ACL?". This section
should give an answer to this question.

>
>
>
> % For all users except admins used "normal" shaper
> {access, c2s_shaper, [{none, admin},
>                       {normal, all}]}.

Shapers section would be better to go before this definition.

>
> % For all S2S connections used "fast" shaper
> {access, s2s_shaper, [{fast, all}]}.
>
> % Admins of this server are also admins of MUC service:
> {access, muc_admin, [{allow, admin}]}.
>
> % All users are allowed to use MUC service:
> {access, muc, [{allow, all}]}.
>
> % Everybody can create pubsub nodes
> {access, pubsub_createnode, [{allow, all}]}.
>
> % This rule allows access only for local users:
> {access, local, [{allow, local}]}.
>
>
> %%%   =======
> %%%   SHAPERS

TRAFFIC SHAPERS would be better.

>
> % Set shaper with name "normal" to limit traffic speed to 1000B/s
> {shaper, normal, {maxrate, 1000}}.
>
> % Set shaper with name "fast" to limit traffic speed to 50000B/s
> {shaper, fast, {maxrate, 50000}}.


% vim:set ft=erlang:

> % Local Variables:
> % mode: erlang
> % End:


-- 
Sergei Golovan


More information about the ejabberd mailing list