Yaky's

blog | notes | apps

Prosody

General check

prosodyctl check

List all user accounts

ls /var/lib/prosody//accounts/

Update certificates (run after every certificate renewal)

prosodyctl --root cert import /etc/letsencrypt/live

Example prosody.cfg.lua for Prosody 0.12+

---------- Server-wide settings ----------
admins = { }
modules_enabled = {
-- Generally required
"roster"; -- Allow users to have a roster. Recommended ;)
"saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
"tls"; -- Add support for secure TLS on c2s/s2s connections
"dialback"; -- s2s dialback support
"disco"; -- Service discovery
-- Not essential, but recommended
"carbons"; -- Keep multiple clients in sync
"pep"; -- Enables users to publish their avatar, mood, activity, playing music and more
"private"; -- Private XML storage (for room bookmarks, etc.)
"blocklist"; -- Allow users to block communications with other users
"vcard4"; -- User profiles (stored in PEP)
"vcard_legacy"; -- Conversion between legacy vCard and PEP Avatar, vcard
-- Nice to have
"version"; -- Replies to server version requests
"uptime"; -- Report how long server has been running
"time"; -- Let others know the time here on this server
"ping"; -- Replies to XMPP pings with pongs
"register"; -- Allow users to register on this server using a client and change passwords
"mam"; -- Message Archive Management for chats
"csi"; -- Allows clients to report active/inactive state
"csi_simple"; -- Simple mobile optimizations for csi
-- Admin interfaces
"admin_shell"; 
-- HTTP modules
"http"; -- Loaded as needed by other modules
--"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
--"websocket"; -- XMPP over WebSockets
--"http_files"; -- Serve static files from a directory over HTTP (not for sharing)
-- Other specific functionality
"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
--"limits"; -- Enable bandwidth limiting for XMPP connections
--"groups"; -- Shared roster support
--"server_contact_info"; -- Publish contact information for this service
--"announce"; -- Send announcement to all online users
--"welcome"; -- Welcome users who register accounts
--"watchregistrations"; -- Alert admins of registrations
--"motd"; -- Send a message to users when they log in
--"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
--"proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use
-- Mobile
"smacks"; 
"cloud_notify"; -- Push notifications (needed for iOS)
} 
 
modules_disabled = {
} 
 
-- Disable account creation
allow_registration = false
 
pidfile = "/run/prosody/prosody.pid";
 
c2s_require_encryption = true
s2s_require_encryption = true
s2s_secure_auth = true
 
authentication = "internal_hashed"
 
archive_expires_after = "28d" -- Remove archived messages after 4 weeks (GDPR says hi)
 
-- Replace 'info' with 'debug' for debugging
log = {
info = "/var/log/prosody/prosody.log";
error = "/var/log/prosody/prosody.err";
{ levels = { "error" }; to = "syslog";  };
} 
 
certificates = "certs"
 
-- Prosody 0.12.x and later will automatically find and serve an appropriate
-- certificate for HTTPS, based on the certificates already used for your XMPP
-- services and the hostname requested by the client or web browser.
-- No additional configuration should be necessary for most deployments.
 
----------- Virtual hosts -----------
 
VirtualHost "example.net"
 
------ Components ------
 
-- Group chats
Component "groups.example.net" "muc"
restrict_room_creation="local" 
modules_enabled = {
"muc_mam" -- Message Archive Management for groups
} 
muc_log_expires_after = "28d"
muc_log_cleanup_interval = 12 * 60 * 60
 
-- Share files via HTTP (v0.12+)
Component "share.example.net" "http_file_share"
-- This path is required for clients to work correctly
-- Have no idea why
http_paths = {
file_share = "/upload"
} 
http_file_share_size_limit = 128*1024*1024+16 -- 128 MiB
http_file_share_expire_after = 60*60*24*28 -- 28 days