First

[anni] / docs / installation_1 / pleroma-mongooseim.cfg

%%%
%%%               ejabberd configuration file
%%%
%%%'

%%% The parameters used in this configuration file are explained in more detail
%%% in the ejabberd Installation and Operation Guide.
%%% Please consult the Guide in case of doubts, it is included with
%%% your copy of ejabberd, and is also available online at
%%% http://www.process-one.net/en/ejabberd/docs/

%%% This configuration file contains Erlang terms.
%%% In case you want to understand the syntax, here are the concepts:
%%%
%%%  - The character to comment a line is %
%%%
%%%  - Each term ends in a dot, for example:
%%%      override_global.
%%%
%%%  - A tuple has a fixed definition, its elements are
%%%    enclosed in {}, and separated with commas:
%%%      {loglevel, 4}.
%%%
%%%  - A list can have as many elements as you want,
%%%    and is enclosed in [], for example:
%%%      [http_poll, web_admin, tls]
%%%
%%%    Pay attention that list elements are delimited with commas,
%%%    but no comma is allowed after the last list element. This will
%%%    give a syntax error unlike in more lenient languages (e.g. Python).
%%%
%%%  - A keyword of ejabberd is a word in lowercase.
%%%    Strings are enclosed in "" and can contain spaces, dots, ...
%%%      {language, "en"}.
%%%      {ldap_rootdn, "dc=example,dc=com"}.
%%%
%%%  - This term includes a tuple, a keyword, a list, and two strings:
%%%      {hosts, ["jabber.example.net", "im.example.com"]}.
%%%
%%%  - This config is preprocessed during release generation by a tool which
%%%    interprets double curly braces as substitution markers, so avoid this
%%%    syntax in this file (though it's valid Erlang).
%%%
%%%    So this is OK (though arguably looks quite ugly):
%%%      { {s2s_addr, "example-host.net"}, {127,0,0,1} }.
%%%
%%%    And I can't give an example of what's not OK exactly because
%%%    of this rule.
%%%


%%%.   =======================
%%%'   OVERRIDE STORED OPTIONS

%%
%% Override the old values stored in the database.
%%

%%
%% Override global options (shared by all ejabberd nodes in a cluster).
%%
%%override_global.

%%
%% Override local options (specific for this particular ejabberd node).
%%
%%override_local.

%%
%% Remove the Access Control Lists before new ones are added.
%%
%%override_acls.


%%%.   =========
%%%'   DEBUGGING

%%
%% loglevel: Verbosity of log files generated by ejabberd.
%% 0: No ejabberd log at all (not recommended)
%% 1: Critical
%% 2: Error
%% 3: Warning
%% 4: Info
%% 5: Debug
%%
{loglevel, 3}.

%%%.   ================
%%%'   SERVED HOSTNAMES

%%
%% hosts: Domains served by ejabberd.
%% You can define one or several, for example:
%% {hosts, ["example.net", "example.com", "example.org"]}.
%%
{hosts, ["pleroma.soykaf.com"] }.

%%
%% route_subdomains: Delegate subdomains to other XMPP servers.
%% For example, if this ejabberd serves example.org and you want
%% to allow communication with an XMPP server called im.example.org.
%%
%%{route_subdomains, s2s}.


%%%.   ===============
%%%'   LISTENING PORTS

%%
%% listen: The ports ejabberd will listen on, which service each is handled
%% by and what options to start it with.
%%
{listen,
 [
  %% BOSH and WS endpoints over HTTP
  { 5280, ejabberd_cowboy, [
      {num_acceptors, 10},
      {transport_options, [{max_connections, 1024}]},
      {modules, [

          {"_", "/http-bind", mod_bosh},
          {"_", "/ws-xmpp", mod_websockets, [{ejabberd_service, [
                                        {access, all},
                                        {shaper_rule, fast},
                                        {ip, {127, 0, 0, 1}},
                                        {password, "secret"}]}
          %% Uncomment to enable connection dropping or/and server-side pings
          %{timeout, 600000}, {ping_rate, 2000}
          ]}
          %% Uncomment to serve static files
          %{"_", "/static/[...]", cowboy_static,
          %  {dir, "/var/www", [{mimetypes, cow_mimetypes, all}]}
          %},

          %% Example usage of mod_revproxy

          %% {"_", "/[...]", mod_revproxy, [{timeout, 5000},
          %%                                % time limit for upstream to respond
          %%                                {body_length, 8000000},
          %%                                % maximum body size (may be infinity)
          %%                                {custom_headers, [{<<"header">>,<<"value">>}]}
          %%                                % list of extra headers that are send to upstream
          %%                               ]}

          %% Example usage of mod_cowboy

          %% {"_", "/[...]", mod_cowboy, [{http, mod_revproxy,
          %%                                [{timeout, 5000},
          %%                                 % time limit for upstream to respond
          %%                                 {body_length, 8000000},
          %%                                 % maximum body size (may be infinity)
          %%                                 {custom_headers, [{<<"header">>,<<"value">>}]}
          %%                                 % list of extra headers that are send to upstream
          %%                                ]},
          %%                               {ws, xmpp, mod_websockets}
          %%                             ]}
      ]}
  ]},

  %% BOSH and WS endpoints over HTTPS
  { 5285, ejabberd_cowboy, [
        {num_acceptors, 10},
        {transport_options, [{max_connections, 1024}]},
        {ssl, [{certfile, "priv/ssl/fullchain.pem"}, {keyfile, "priv/ssl/privkey.pem"}, {password, ""}]},
        {modules, [
            {"_", "/http-bind", mod_bosh},
            {"_", "/ws-xmpp", mod_websockets, [
            %% Uncomment to enable connection dropping or/and server-side pings
            %{timeout, 600000}, {ping_rate, 60000}
            ]}
            %% Uncomment to serve static files
            %{"_", "/static/[...]", cowboy_static,
            %  {dir, "/var/www", [{mimetypes, cow_mimetypes, all}]}
            %},
        ]}
    ]},

  %% MongooseIM HTTP API it's important to start it on localhost
  %% or some private interface only (not accessible from the outside)
  %% At least start it on different port which will be hidden behind firewall

  { {8088, "127.0.0.1"} , ejabberd_cowboy, [
      {num_acceptors, 10},
      {transport_options, [{max_connections, 1024}]},
      {modules, [
          {"localhost", "/api", mongoose_api_admin, []}
      ]}
  ]},

  { 8089 , ejabberd_cowboy, [
      {num_acceptors, 10},
      {transport_options, [{max_connections, 1024}]},
      {protocol_options, [{compress, true}]},
      {ssl, [{certfile, "priv/ssl/fullchain.pem"}, {keyfile, "priv/ssl/privkey.pem"}, {password, ""}]},
      {modules, [
          {"_", "/api/sse", lasse_handler, [mongoose_client_api_sse]},
          {"_", "/api/messages/[:with]", mongoose_client_api_messages, []},
          {"_", "/api/contacts/[:jid]", mongoose_client_api_contacts, []},
          {"_", "/api/rooms/[:id]",    mongoose_client_api_rooms, []},
          {"_", "/api/rooms/[:id]/config",    mongoose_client_api_rooms_config, []},
          {"_", "/api/rooms/:id/users/[:user]",    mongoose_client_api_rooms_users, []},
          {"_", "/api/rooms/[:id]/messages",    mongoose_client_api_rooms_messages, []}
      ]}
  ]},

  %% Following HTTP API is deprected, the new one abouve should be used instead

  { {5288, "127.0.0.1"} , ejabberd_cowboy, [
      {num_acceptors, 10},
      {transport_options, [{max_connections, 1024}]},
      {modules, [
          {"localhost", "/api", mongoose_api, [{handlers, [mongoose_api_metrics,
                                                           mongoose_api_users]}]}
      ]}
  ]},

  %% If you want dual stack, you have to clone this entire config stanza
  %% and change the bind to "::"
  { {5222, "0.0.0.0"}, ejabberd_c2s, [

                        %%
                        %% If TLS is compiled in and you installed a SSL
                        %% certificate, specify the full path to the
                        %% file and uncomment this line:
                        %%
                        {certfile, "priv/ssl/both.pem"}, starttls,
                        
                        %%{zlib, 10000},
                        %% https://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
                        %% {ciphers, "DEFAULT:!EXPORT:!LOW:!SSLv2"},
                        {access, c2s},
                        {shaper, c2s_shaper},
                        {max_stanza_size, 65536},
                        {protocol_options, ["no_sslv3"]}
                        
                       ]},

  

  %%
  %% To enable the old SSL connection method on port 5223:
  %%
  %%{5223, ejabberd_c2s, [
  %%                    {access, c2s},
  %%                    {shaper, c2s_shaper},
  %%                    {certfile, "/path/to/ssl.pem"}, tls,
  %%                    {max_stanza_size, 65536}
  %%                   ]},

  %% If you want dual stack, you have to clone this entire config stanza
  %% and change the bind to "::"
  { {5269, "0.0.0.0"}, ejabberd_s2s_in, [
                           {shaper, s2s_shaper},
                           {max_stanza_size, 131072},
                           {protocol_options, ["no_sslv3"]}
                           
                          ]}

  %%
  %% ejabberd_service: Interact with external components (transports, ...)
  %%
  ,{8888, ejabberd_service, [
                {access, all},
                {shaper_rule, fast},
                {ip, {127, 0, 0, 1}},
                {password, "secret"}
           ]}

  %%
  %% ejabberd_stun: Handles STUN Binding requests
  %%
  %%{ {3478, udp}, ejabberd_stun, []}

 ]}.

%%
%% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
%% Allowed values are: false optional required required_trusted
%% You must specify a certificate file.
%%
{s2s_use_starttls, optional}.
%%
%% s2s_certfile: Specify a certificate file.
%%
{s2s_certfile, "priv/ssl/both.pem"}.

%% https://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
%% {s2s_ciphers, "DEFAULT:!EXPORT:!LOW:!SSLv2"}.

%%
%% domain_certfile: Specify a different certificate for each served hostname.
%%
%%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
%%{domain_certfile, "example.com", "/path/to/example_com.pem"}.

%%
%% S2S whitelist or blacklist
%%
%% Default s2s policy for undefined hosts.
%%
{s2s_default_policy, deny }.

%%
%% Allow or deny communication with specific servers.
%%
%%{ {s2s_host, "goodhost.org"}, allow}.
%%{ {s2s_host, "badhost.org"}, deny}.

{outgoing_s2s_port, 5269 }.

%%
%% IP addresses predefined for specific hosts to skip DNS lookups.
%% Ports defined here take precedence over outgoing_s2s_port.
%% Examples:
%%
%% { {s2s_addr, "example-host.net"}, {127,0,0,1} }.
%% { {s2s_addr, "example-host.net"}, { {127,0,0,1}, 5269 } }.
%% { {s2s_addr, "example-host.net"}, { {127,0,0,1}, 5269 } }.

%%
%% Outgoing S2S options
%%
%% Preferred address families (which to try first) and connect timeout
%% in milliseconds.
%%
%%{outgoing_s2s_options, [ipv4, ipv6], 10000}.
%%
%%%.   ==============
%%%'   SESSION BACKEND

%%{sm_backend, {mnesia, []}}.

%% Requires {redis, global, default, ..., ...} outgoing pool
%%{sm_backend, {redis, []}}.

{sm_backend, {mnesia, []} }.


%%%.   ==============
%%%'   AUTHENTICATION

%% Advertised SASL mechanisms
{sasl_mechanisms, [cyrsasl_plain]}.

%%
%% auth_method: Method used to authenticate the users.
%% The default method is the internal.
%% If you want to use a different method,
%% comment this line and enable the correct ones.
%%
%% {auth_method, internal }.
{auth_method, http }.
{auth_opts, [
             {http, global, auth, [{workers, 50}], [{server, "https://pleroma.soykaf.com"}]},
             {password_format, plain} % default
             %% {password_format, scram}
             
             %% {scram_iterations, 4096} % default
             
             %%
             %% For auth_http:
             %% {basic_auth, "user:password"}
             %% {path_prefix, "/"} % default
             %% auth_http requires {http, Host | global, auth, ..., ...} outgoing pool.
             %%
             %% For auth_external
             %%{extauth_program, "/path/to/authentication/script"}.
             %%
             %% For auth_jwt
             %% {jwt_secret_source, "/path/to/file"},
             %% {jwt_algorithm, "RS256"},
             %% {jwt_username_key, user}
             %% For cyrsasl_external
             %% {authenticate_with_cn, false}
             {cyrsasl_external, standard}
            ]}.

%%
%% Authentication using external script
%% Make sure the script is executable by ejabberd.
%%
%%{auth_method, external}.

%%
%% Authentication using RDBMS
%% Remember to setup a database in the next section.
%%
%%{auth_method, rdbms}.

%%
%% Authentication using LDAP
%%
%%{auth_method, ldap}.
%%

%% List of LDAP servers:
%%{ldap_servers, ["localhost"]}.
%%
%% Encryption of connection to LDAP servers:
%%{ldap_encrypt, none}.
%%{ldap_encrypt, tls}.
%%
%% Port to connect to on LDAP servers:
%%{ldap_port, 389}.
%%{ldap_port, 636}.
%%
%% LDAP manager:
%%{ldap_rootdn, "dc=example,dc=com"}.
%%
%% Password of LDAP manager:
%%{ldap_password, "******"}.
%%
%% Search base of LDAP directory:
%%{ldap_base, "dc=example,dc=com"}.
%%
%% LDAP attribute that holds user ID:
%%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
%%
%% LDAP filter:
%%{ldap_filter, "(objectClass=shadowAccount)"}.

%%
%% Anonymous login support:
%%   auth_method: anonymous
%%   anonymous_protocol: sasl_anon | login_anon | both
%%   allow_multiple_connections: true | false
%%
%%{host_config, "public.example.org", [{auth_method, anonymous},
%%                                     {allow_multiple_connections, false},
%%                                     {anonymous_protocol, sasl_anon}]}.
%%
%% To use both anonymous and internal authentication:
%%
%%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.


%%%.   ==============
%%%'   OUTGOING CONNECTIONS (e.g. DB)

%% Here you may configure all outgoing connections used by MongooseIM,
%% e.g. to RDBMS (such as MySQL), Riak or external HTTP components.
%% Default MongooseIM configuration uses only Mnesia (non-Mnesia extensions are disabled),
%% so no options here are uncommented out of the box.
%% This section includes configuration examples; for comprehensive guide
%% please consult MongooseIM documentation, page "Outgoing connections":
%% - doc/advanced-configuration/outgoing-connections.md
%% - https://mongooseim.readthedocs.io/en/latest/advanced-configuration/outgoing-connections/


{outgoing_pools, [
%  {riak, global, default, [{workers, 5}], [{address, "127.0.0.1"}, {port, 8087}]},
%  {elastic, global, default, [], [{host, "elastic.host.com"}, {port, 9042}]},
  {http, global, auth, [{workers, 50}], [{server, "https://pleroma.soykaf.com"}]}
%  {cassandra, global, default, [{workers, 100}], [{servers, [{"server1", 9042}]}, {keyspace, "big_mongooseim"}]},
%  {rdbms, global, default, [{workers, 10}], [{server, {mysql, "server", 3306, "database", "username", "password"}}]}
]}.

%% More examples that may be added to outgoing_pools list:
%%
%% == MySQL ==
%%  {rdbms, global, default, [{workers, 10}],
%%   [{server, {mysql, "server", 3306, "database", "username", "password"}},
%%    {keepalive_interval, 10}]},
%% keepalive_interval is optional

%% == PostgreSQL ==
%%  {rdbms, global, default, [{workers, 10}],
%%   [{server, {pgsql, "server", "port", "database", "username", "password"}}]},

%% == ODBC (MSSQL) ==
%%  {rdbms, global, default, [{workers, 10}],
%%   [{server, "DSN=mongooseim;UID=mongooseim;PWD=mongooseim"}]},

%% == Elastic Search ==
%%  {elastic, global, default, [], [{host, "elastic.host.com"}, {port, 9042}]},

%% == Riak ==
%%  {riak, global, default, [{workers, 20}], [{address, "127.0.0.1"}, {port, 8087}]},

%% == HTTP ==
%%  {http, global, conn1, [{workers, 50}], [{server, "http://server:8080"}]},

%% == Cassandra ==
%%  {cassandra, global, default, [{workers, 100}],
%%    [
%%      {servers, [
%%                 {"cassandra_server1.example.com", 9042},
%%                 {"cassandra_server2.example.com", 9042},
%%                 {"cassandra_server3.example.com", 9042},
%%                 {"cassandra_server4.example.com", 9042}
%%                ]},
%%      {keyspace, "big_mongooseim"}
%%    ]}

%% == Extra options ==
%%
%% If you use PostgreSQL, have a large database, and need a
%% faster but inexact replacement for "select count(*) from users"
%%
%%{pgsql_users_number_estimate, true}.
%%
%% rdbms_server_type specifies what database is used over the RDBMS layer
%% Can take values mssql, pgsql, mysql
%% In some cases (for example for MAM with pgsql) it is required to set proper value.
%%
%% {rdbms_server_type, pgsql}.

%%%.   ===============
%%%'   TRAFFIC SHAPERS

%%
%% The "normal" shaper limits traffic speed to 1000 B/s
%%
{shaper, normal, {maxrate, 1000}}.

%%
%% The "fast" shaper limits traffic speed to 50000 B/s
%%
{shaper, fast, {maxrate, 50000}}.

%%
%% This option specifies the maximum number of elements in the queue
%% of the FSM. Refer to the documentation for details.
%%
{max_fsm_queue, 1000}.

%%%.   ====================
%%%'   ACCESS CONTROL LISTS

%%
%% The 'admin' ACL grants administrative privileges to XMPP accounts.
%% You can put here as many accounts as you want.
%%
%{acl, admin, {user, "alice", "localhost"}}.
%{acl, admin, {user, "a", "localhost"}}.

%%
%% Blocked users
%%
%%{acl, blocked, {user, "baduser", "example.org"}}.
%%{acl, blocked, {user, "test"}}.

%%
%% Local users: don't modify this line.
%%
{acl, local, {user_regexp, ""}}.

%%
%% More examples of ACLs
%%
%%{acl, jabberorg, {server, "jabber.org"}}.
%%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%%{acl, test, {user_regexp, "^test"}}.
%%{acl, test, {user_glob, "test*"}}.

%%
%% Define specific ACLs in a virtual host.
%%
%%{host_config, "localhost",
%% [
%%  {acl, admin, {user, "bob-local", "localhost"}}
%% ]
%%}.

%%%.   ============
%%%'   ACCESS RULES

%% Maximum number of simultaneous sessions allowed for a single user:
{access, max_user_sessions, [{10, all}]}.

%% Maximum number of offline messages that users can have:
{access, max_user_offline_messages, [{5000, admin}, {100, all}]}.

%% This rule allows access only for local users:
{access, local, [{allow, local}]}.

%% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
               {allow, all}]}.

%% For C2S connections, all users except admins use the "normal" shaper
{access, c2s_shaper, [{none, admin},
                      {normal, all}]}.

%% All S2S connections use the "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

%% Admins of this server are also admins of the MUC service:
{access, muc_admin, [{allow, admin}]}.

%% Only accounts of the local ejabberd server can create rooms:
{access, muc_create, [{allow, local}]}.

%% All users are allowed to use the MUC service:
{access, muc, [{allow, all}]}.

%% In-band registration allows registration of any possible username.
%% To disable in-band registration, replace 'allow' with 'deny'.
{access, register, [{allow, all}]}.

%% By default the frequency of account registrations from the same IP
%% is limited to 1 account every 10 minutes. To disable, specify: infinity
{registration_timeout, infinity}.

%% Default settings for MAM.
%% To set non-standard value, replace 'default' with 'allow' or 'deny'.
%% Only user can access his/her archive by default.
%% An online user can read room's archive by default.
%% Only an owner can change settings and purge messages by default.
%% Empty list (i.e. `[]`) means `[{deny, all}]`.
{access, mam_set_prefs, [{default, all}]}.
{access, mam_get_prefs, [{default, all}]}.
{access, mam_lookup_messages, [{default, all}]}.
{access, mam_purge_single_message, [{default, all}]}.
{access, mam_purge_multiple_messages, [{default, all}]}.

%% 1 command of the specified type per second.
{shaper, mam_shaper, {maxrate, 1}}.
%% This shaper is primeraly for Mnesia overload protection during stress testing.
%% The limit is 1000 operations of each type per second.
{shaper, mam_global_shaper, {maxrate, 1000}}.

{access, mam_set_prefs_shaper, [{mam_shaper, all}]}.
{access, mam_get_prefs_shaper, [{mam_shaper, all}]}.
{access, mam_lookup_messages_shaper, [{mam_shaper, all}]}.
{access, mam_purge_single_message_shaper, [{mam_shaper, all}]}.
{access, mam_purge_multiple_messages_shaper, [{mam_shaper, all}]}.

{access, mam_set_prefs_global_shaper, [{mam_global_shaper, all}]}.
{access, mam_get_prefs_global_shaper, [{mam_global_shaper, all}]}.
{access, mam_lookup_messages_global_shaper, [{mam_global_shaper, all}]}.
{access, mam_purge_single_message_global_shaper, [{mam_global_shaper, all}]}.
{access, mam_purge_multiple_messages_global_shaper, [{mam_global_shaper, all}]}.

%%
%% Define specific Access Rules in a virtual host.
%%
%%{host_config, "localhost",
%% [
%%  {access, c2s, [{allow, admin}, {deny, all}]},
%%  {access, register, [{deny, all}]}
%% ]
%%}.

%%%.   ================
%%%'   DEFAULT LANGUAGE

%%
%% language: Default language used for server messages.
%%
{language, "en"}.

%%
%% Set a different default language in a virtual host.
%%
%%{host_config, "localhost",
%% [{language, "ru"}]
%%}.

%%%.   ================
%%%'   MISCELLANEOUS

{all_metrics_are_global, false }.

%%%.   ========
%%%'   SERVICES

%% Unlike modules, services are started per node and provide either features which are not
%% related to any particular host, or backend stuff which is used by modules.
%% This is handled by `mongoose_service` module.

{services,
    [
        {service_admin_extra, [{submods, [node, accounts, sessions, vcard,
                                          roster, last, private, stanza, stats]}]}
    ]
}.

%%%.   =======
%%%'   MODULES

%%
%% Modules enabled in all mongooseim virtual hosts.
%% For list of possible modules options, check documentation.
%%
{modules,
 [

  %% The format for a single route is as follows:
  %% {Host, Path, Method, Upstream}
  %%
  %% "_" can be used as wildcard for Host, Path and Method
  %% Upstream can be either host (just http(s)://host:port) or uri
  %% The difference is that host upstreams append whole path while
  %% uri upstreams append only remainder that follows the matched Path
  %% (this behaviour is similar to nginx's proxy_pass rules)
  %%
  %% Bindings can be used to match certain parts of host or path.
  %% They will be later overlaid with parts of the upstream uri.
  %%
  %% {mod_revproxy,
  %%    [{routes, [{"www.erlang-solutions.com", "/admin", "_",
  %%                "https://www.erlang-solutions.com/"},
  %%               {":var.com", "/:var", "_", "http://localhost:8080/"},
  %%               {":domain.com", "/", "_", "http://localhost:8080/:domain"}]
  %%     }]},

% {mod_http_upload, [
    %% Set max file size in bytes. Defaults to 10 MB.
    %% Disabled if value is `undefined`.
%   {max_file_size, 1024},
    %% Use S3 storage backend
%   {backend, s3},
    %% Set options for S3 backend
%   {s3, [
%     {bucket_url, "http://s3-eu-west-1.amazonaws.com/konbucket2"},
%     {region, "eu-west-1"},
%     {access_key_id, "AKIAIAOAONIULXQGMOUA"},
%     {secret_access_key, "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"}
%   ]}
% ]},

  {mod_adhoc, []},
  
  {mod_disco, [{users_can_see_hidden_services, false}]},
  {mod_commands, []},
  {mod_muc_commands, []},
  {mod_muc_light_commands, []},
  {mod_last, []},
  {mod_stream_management, [
                           % default 100
                           % size of a buffer of unacked messages
                           % {buffer_max, 100}

                           % default 1 - server sends the ack request after each stanza
                           % {ack_freq, 1}

                           % default: 600 seconds
                           % {resume_timeout, 600}
                          ]},
  %% {mod_muc_light, [{host, "muclight.@HOST@"}]},
  %% {mod_muc, [{host, "muc.@HOST@"},
  %%            {access, muc},
  %%            {access_create, muc_create}
  %%           ]},
  %% {mod_muc_log, [
  %%                {outdir, "/tmp/muclogs"},
  %%                {access_log, muc}
  %%               ]},
  {mod_offline, [{access_max_user_messages, max_user_offline_messages}]},
  {mod_privacy, []},
  {mod_blocking, []},
  {mod_private, []},
% {mod_private, [{backend, mnesia}]},
% {mod_private, [{backend, rdbms}]},
% {mod_register, [
%                 %%
%                 %% Set the minimum informational entropy for passwords.
%                 %%
%                 %%{password_strength, 32},
%
%                 %%
%                 %% After successful registration, the user receives
%                 %% a message with this subject and body.
%                 %%
%                 {welcome_message, {""}},
%
%                 %%
%                 %% When a user registers, send a notification to
%                 %% these XMPP accounts.
%                 %%
%
%
%                 %%
%                 %% Only clients in the server machine can register accounts
%                 %%
%                 {ip_access, [{allow, "127.0.0.0/8"},
%                              {deny, "0.0.0.0/0"}]},
%
%                 %%
%                 %% Local c2s or remote s2s users cannot register accounts
%                 %%
%                 %%{access_from, deny},
%
%                 {access, register}
%                ]},
  {mod_roster, []},
  {mod_sic, []},
  {mod_vcard, [%{matches, 1},
%{search, true},
%{ldap_search_operator, 'or'}, %% either 'or' or 'and'
%{ldap_binary_search_fields, [<<"PHOTO">>]},
%% list of binary search fields (as in vcard after mapping)
{host, "vjud.@HOST@"}
]},
  {mod_bosh, []},
  {mod_carboncopy, []}

  %%
  %% Message Archive Management (MAM, XEP-0313) for registered users and
  %% Multi-User chats (MUCs).
  %%

% {mod_mam_meta, [
    %% Use RDBMS backend (default)
%   {backend, rdbms},

    %% Do not store user preferences (default)
%   {user_prefs_store, false},
    %% Store user preferences in RDBMS
%   {user_prefs_store, rdbms},
    %% Store user preferences in Mnesia (recommended).
    %% The preferences store will be called each time, as a message is routed.
    %% That is why Mnesia is better suited for this job.
%   {user_prefs_store, mnesia},

    %% Enables a pool of asynchronous writers. (default)
    %% Messages will be grouped together based on archive id.
%   {async_writer, true},

    %% Cache information about users (default)
%   {cache_users, true},

    %% Enable archivization for private messages (default)
%   {pm, [
      %% Top-level options can be overriden here if needed, for example:
%     {async_writer, false}
%   ]},

    %%
    %% Message Archive Management (MAM) for multi-user chats (MUC).
    %% Enable XEP-0313 for "muc.@HOST@".
    %%
%   {muc, [
%     {host, "muc.@HOST@"}
      %% As with pm, top-level options can be overriden for MUC archive
%   ]},
%
    %% Do not use a <stanza-id/> element (by default stanzaid is used)
%   no_stanzaid_element,
% ]},


  %%
  %% MAM configuration examples
  %%

  %% Only MUC, no user-defined preferences, good performance.
% {mod_mam_meta, [
%   {backend, rdbms},
%   {pm, false},
%   {muc, [
%     {host, "muc.@HOST@"}
%   ]}
% ]},

  %% Only archives for c2c messages, good performance.
% {mod_mam_meta, [
%   {backend, rdbms},
%   {pm, [
%     {user_prefs_store, mnesia}
%   ]}
% ]},

  %% Basic configuration for c2c messages, bad performance, easy to debug.
% {mod_mam_meta, [
%   {backend, rdbms},
%   {async_writer, false},
%   {cache_users, false}
% ]},

  %% Cassandra archive for c2c and MUC conversations.
  %% No custom settings supported (always archive).
% {mod_mam_meta, [
%   {backend, cassandra},
%   {user_prefs_store, cassandra},
%   {muc, [{host, "muc.@HOST@"}]}
% ]}

% {mod_event_pusher, [
%   {backends, [
%     %%
%     %% Configuration for Amazon SNS notifications.
%     %%
%     {sns, [
%       %% AWS credentials, region and host configuration
%       {access_key_id, "AKIAJAZYHOIPY6A2PESA"},
%       {secret_access_key, "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"},
%       {region, "eu-west-1"},
%       {account_id, "251423380551"},
%       {region, "eu-west-1"},
%       {sns_host, "sns.eu-west-1.amazonaws.com"},
%
%       %% Messages from this MUC host will be sent to the SNS topic
%       {muc_host, "muc.@HOST@"},
%
%       %% Plugin module for defining custom message attributes and user identification
%       {plugin_module, mod_event_pusher_sns_defaults},
%
%       %% Topic name configurations. Removing a topic will disable this specific SNS notification
%       {presence_updates_topic, "user_presence_updated-dev-1"},  %% For presence updates
%       {pm_messages_topic, "user_message_sent-dev-1"},           %% For private chat messages
%       {muc_messages_topic, "user_messagegroup_sent-dev-1"}      %% For group chat messages
%
%       %% Pool options
%       {pool_size, 100}, %% Worker pool size for publishing notifications
%       {publish_retry_count, 2}, %% Retry count in case of publish error
%       {publish_retry_time_ms, 50} %% Base exponential backoff time (in ms) for publish errors
%      ]}
%   ]}

]}.


%%
%% Enable modules with custom options in a specific virtual host
%%
%%{host_config, "localhost",
%% [{ {add, modules},
%%   [
%%    {mod_some_module, []}
%%   ]
%%  }
%% ]}.

%%%.
%%%'

%%% $Id$

%%% Local Variables:
%%% mode: erlang
%%% End:
%%% vim: set filetype=erlang tabstop=8 foldmarker=%%%',%%%. foldmethod=marker:
%%%.