admins = { "vous@exemple.fr" } -- For more information see: https://prosody.im/doc/libevent -- use_libevent = true plugin_paths = { "/usr/lib/prosody/modules" } modules_enabled = { -- Generally required "roster"; -- Allow users to have a roster. Recommended ;) "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. "tls"; -- Add support for secure TLS on c2s/s2s connections "dialback"; -- s2s dialback support "disco"; -- Service discovery -- Not essential, but recommended "carbons"; -- Keep multiple clients in sync "carbons_copies"; "carbons_copies_adhoc"; "pep"; -- Enables users to publish their avatar, mood, activity, playing music and more "private"; -- Private XML storage (for room bookmarks, etc.) "blocklist"; -- Allow users to block communications with other users "vcard4"; -- User profiles (stored in PEP) "vcard_legacy"; -- Conversion between legacy vCard and PEP Avatar, vcard "smacks"; "bookmarks"; -- vieux module mais compatible avec la -- majorité des clients XMPP contrairement -- à bookmarks2 --"bookmarks2"; "presence"; -- voir l'état de l'utilisateur (en ligne, hors -- ligne, etc...) "offline"; -- Nice to have "version"; -- Replies to server version requests "uptime"; -- Report how long server has been running "time"; -- Let others know the time here on this server "ping"; -- Replies to XMPP pings with pongs "register"; -- Allow users to register on this server using a client and change passwords "mam"; -- Store messages in an archive and allow users to access it "csi"; "csi_simple"; -- Simple Mobile optimizations "csi_battery_saver"; "vjud"; -- recherche d'utilisateurs dans les salons -- Admin interfaces "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands -- HTTP modules "bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" "websocket"; -- XMPP over WebSockets -- Other specific functionality "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. "limits"; -- Enable bandwidth limiting for XMPP connections "groups"; -- Shared roster support "server_contact_info"; -- Publish contact information for this service "announce"; -- Send announcement to all online users "welcome"; -- Welcome users who register accounts "watchregistrations"; -- Alert admins of registrations "motd"; -- Send a message to users when they log in --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots. --"proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use } -- These modules are auto-loaded, but should you want -- to disable them then uncomment them here: modules_disabled = { -- "offline"; -- Store offline messages -- "c2s"; -- Handle client connections -- "s2s"; -- Handle server-to-server connections } motd_text = [[Bonjour à tous ! Bienvenue sur mon serveur XMPP. Clavardez heureux !]] welcome_message = "C'est ta première connexion, $username. Bienvenue à toi." daemonize = false; pidfile = "/run/prosody/prosody.pid"; trusted_proxies = { "127.0.0.1", "::1" } -- Force certificate authentication for server-to-server connections c2s_require_encryption = true -- chiffrement requis pour connexion client à serveur s2s_require_encryption = true -- chiffrement requis pour connexion entre serveurs s2s_secure_auth = true authentication = "internal_hashed" -- mam settings archive_expires_after = "never" -- historique permanent des chats log = { -- Log files (change 'info' to 'debug' for debug logs): info = "/var/log/prosody/prosody.log"; error = "/var/log/prosody/prosody.err"; -- Syslog: { levels = { "error" }; to = "syslog"; }; } -- http and certificate shenanigans certificates = "certs" -- Include "conf.d/*.cfg.lua" legacy_ssl_ports = { 5223 } -- http_ports = { 5280 } -- http_interface = { "*" } -- https_ports = { 5281 } -- https_interfaces { "*" } cross_domain_bosh = { "https://chat.exemple.fr" } cross_domain_websocket = { "https://chat.exemple.fr" } consider_bosh_secure = true consider_websocket_secure = true allow_registration = true -- nécessaire pour mod_invites registration_invite_only = true -- inscription autorisé seulement avec les invitations vjud_mode = "opt-in" -- l'utilisateur doit consentir pour que la recherche vjud -- le fasse remonter dans les résultats. -- https://prosody.im/security/advisory_20210512/ gc = { speed = 500; } c2s_stanza_size_limit = 256 * 1024 s2s_stanza_size_limit = 512 * 1024 limits = { c2s = { rate = "10kb/s"; }; s2sin = { rate = "3kb/s"; }; } -- https://prosody.im/security/advisory_20210512/ ssl = { key = "certs/exemple.fr.key"; certificate = "certs/exemple.fr.crt"; } VirtualHost "exemple.fr" invites_page = "https://chat.exemple.fr/invite?{invite.token}" webchat_url = "https://chat.exemple.fr/" http_external_url = "https://chat.exemple.fr/" invite_expiry = 86400 * 7 -- 7 jours avant qu'un lien d'invitation expire http_paths = { invites_page = "/invite"; invites_register_web = "/register"; } modules_enabled = { "invites"; "invites_adhoc"; "invites_page"; "invites_register"; "invites_register_web"; "http_libjs"; } contact_info = { abuse = { "mailto:vous@exemple.fr", "xmpp:vous@exemple.fr" }; admin = { "mailto:vous@exemple.fr", "xmpp:vous@exemple.fr" }; security = { "mailto:vous@exemple.fr", "xmpp:vous@exemple.fr" }; support = { "mailto:vous@exemple.fr", "xmpp:vous@exemple.fr" }; }; https_certificate = "certs/exemple.fr.crt"; ssl = { key = "certs/exemple.fr.key"; certificate = "certs/exemple.fr.crt"; } Component "f.exemple.fr" "http_upload_external" http_upload_external_base_url = "https://f.exemple.fr/" http_upload_external_secret = "its-a-secret" http_upload_external_file_size_limit = 104857600 -- limite de à 100Mo pour les envois de pjs ssl = { key = "certs/f.exemple.fr.key"; certificate = "certs/f.exemple.fr.crt"; } Component "salons.exemple.fr" "muc" name = "Salons (chatrooms) chez exemple.fr" modules_enabled = { "muc_mam", "vcard_muc" } muc_room_default_language = "fr" muc_log_expires_after = "never" -- histo permanent des groupes de -- chats log_all_rooms = true muc_log_by_default = true muc_log_presences = false restrict_room_creation = "admin" -- seul l'admin peut créer des salons ssl = { key = "certs/salons.exemple.fr.key"; certificate = "certs/salons.exemple.fr.crt"; }