On 11/12/2014 8:18 AM, Kim Alvefur wrote:
On 2014-11-12 08:59, deoren wrote:
Is there anything further I can do to help troubleshoot the changes newer than 
r1518?

Posting debug logs and your config would be helpful  And using the
commit hash instead of the commit number would be better.

--
Zash


Sorry Zash, I saw a similar numbering scheme to Subversion and grabbed at that. 
Referring to the commit hash still seems odd to me (although I understand that 
this is likely ignorance on my part).

Should I mail the logs (normal & debug copies) to you directly, share a link to 
them from Google Drive or send them on to the list? The last one I looked at was 
about 7.7 MB and I didn't know exactly what snippet from the log would be relevant 
to you. I assumed the list would reject an attachment that large if I tried.

Thanks.

I've attached the /etc/prosody/prosody.cfg.lua file.

--
You received this message because you are subscribed to the Google Groups 
"prosody-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to prosody-dev+unsubscr...@googlegroups.com.
To post to this group, send email to prosody-dev@googlegroups.com.
Visit this group at http://groups.google.com/group/prosody-dev.
For more options, visit https://groups.google.com/d/optout.
-- ######################################################################### --
-- NOTE: Due to the database password listed herein I've set ownership to:
--       'root:prosody' and permissions to '750' to prevent accidental exposure.
-- ######################################################################### --

-- Prosody XMPP Server Configuration
--
-- Information on configuring Prosody can be found on our
-- website at http://prosody.im/doc/configure
--
-- Tip: You can check that the syntax of this file is correct
-- when you have finished by running: prosodyctl check config
-- If there are any errors, it will let you know what and where
-- they are, otherwise it will keep quiet.
--
-- Good luck, and happy Jabbering!


---------- Server-wide settings ----------
-- Settings in this section apply to the whole server and are the default 
settings
-- for any virtual hosts

-- Plugins are searched in all the specified paths in order, and finally 
-- checked in the default plugin directory. 
--
-- https://prosody.im/doc/plugins_directory
-- https://todo.whyaskwhy.org/issues/1925
plugin_paths = { "/opt/prosody-modules" }

-- This is a (by default, empty) list of accounts that are admins
-- for the server. Note that you must create the accounts separately
-- (see http://prosody.im/doc/creating_accounts for info)
-- Example: admins = { "us...@example.com", "us...@example.net" }
admins = { "ad...@example.org" }

-- Enable use of libevent for better performance under high load
-- For more information see: http://prosody.im/doc/libevent
use_libevent = true;

-- This is the list of modules Prosody will load on startup.
-- It looks for mod_modulename.lua in the plugins folder, so make sure that 
exists too.
-- Documentation on modules can be found at: http://prosody.im/doc/modules
modules_enabled = {

    -- -------------------------------------------------------------------------
    -- Make sure to update the module table with any changes made here
    -- 
https://todo.whyaskwhy.org/projects/xmpp-server/wiki/XMPP_Chat_Server_Configuration#Modules
    -- -------------------------------------------------------------------------

    -- Generally required
        "roster"; -- Allow users to have a roster. Recommended ;)
        "saslauth"; -- Authentication for clients and servers. Recommended if 
you want to log in.
        "tls"; -- Add support for secure TLS on c2s/s2s connections
        -- "dialback"; -- s2s dialback support
        "disco"; -- Service discovery

    -- Not essential, but recommended
        "private"; -- Private XML storage (for room bookmarks, etc.)
        "vcard"; -- Allow users to set vCards
    
    -- These are commented by default as they have a performance impact
        --"privacy"; -- Support privacy lists
        --"compression"; -- Stream compression (requires the lua-zlib package 
installed)

    -- Nice to have
        "version"; -- Replies to server version requests
        "uptime"; -- Report how long server has been running
        "time"; -- Let others know the time here on this server
        "ping"; -- Replies to XMPP pings with pongs
        "pep"; -- Enables users to publish their mood, activity, playing music 
and more
        --"register"; -- Allow users to register on this server using a client 
and change passwords

    -- Admin interfaces
        "admin_adhoc"; -- Allows administration via an XMPP client that 
supports ad-hoc commands
        --"admin_telnet"; -- Opens telnet console interface on localhost port 
5582

    -- HTTP modules
        "bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
        --"http_files"; -- Serve static files from a directory over HTTP

    -- Other specific functionality
        "groups"; -- Shared roster support
        "announce"; -- Send announcement to all online users
        --"welcome"; -- Welcome users who register accounts
        --"watchregistrations"; -- Alert admins of registrations
        "motd"; -- Send a message to users when they log in
        --"legacyauth"; -- Legacy authentication. Only used by some old clients 
and bots.

--#########################################################################
-- Modules I've sought out and enabled
--#########################################################################

        -- Allows the server to proxy file transfers between 2 clients that 
        -- are behind NAT routers or firewalls, and otherwise wouldn't be able 
        -- to transfer files.
        "proxy65";

        -- Remove all but local proxies, leaving clients no other option but to
        -- use the proxy provided by this server
        "proxy65_whitelist";

        -- Use Dovecot as an auth backend.
        "auth_dovecot";

        -- https://code.google.com/p/prosody-modules/wiki/mod_carbons
        "carbons";

        -- https://code.google.com/p/prosody-modules/wiki/mod_mam
        "mam";

        -- https://code.google.com/p/prosody-modules/wiki/mod_mam_archive
        "mam_archive";

        -- 
https://code.google.com/p/prosody-modules/wiki/mod_auto_accept_subscriptions
        "auto_accept_subscriptions";

        -- https://code.google.com/p/prosody-modules/wiki/mod_log_auth
        "log_auth";

        -- https://code.google.com/p/prosody-modules/wiki/mod_smacks
        "smacks";

        -- http://prosody.im/doc/modules/mod_compression
        "compression";
};

-- These modules are auto-loaded, but should you want
-- to disable them then uncomment them here:
modules_disabled = {
    -- "offline"; -- Store offline messages
    -- "c2s"; -- Handle client connections
    -- "s2s"; -- Handle server-to-server connections
    -- "posix"; -- POSIX functionality, sends server to background, enables 
syslog, etc.
};

-- Can be a number from 1 to 9, where 9 is best. Higher compression levels will 
-- use more resources but less bandwidth
compression_level = 9

-- The number of seconds a disconnected session should stay alive for (to allow 
reconnect)
smacks_hibernation_time = "300"; -- 5 minutes; 

-- Using an alternate (non-default) port to work around firewall issues
--
-- In 0.9, port configuration is global, so configure ports and interfaces 
-- above any VirtualHost or Component sections if you need to:
--
proxy65_ports = { 8000 }

-- https://prosody.im/doc/modules/mod_motd
--motd_text = "Welcome to im.example.org."

-- Disable account creation by default, for security
-- For more information see http://prosody.im/doc/creating_accounts
allow_registration = false;

-- These are the SSL/TLS-related settings. If you don't want
-- to use SSL/TLS, you may comment or remove this
ssl = {
    key = "/etc/prosody/certs/im.example.org_server.key";

    -- Drop the CA cert into the C:\Program Files (x86)\Pidgin\ca-certs\
    -- directory for Pidgin to trust this cert.

    certificate = "/etc/prosody/certs/im.example.org_bundle.crt";
}

-- Force clients to use encrypted connections? This option will
-- prevent clients from authenticating unless they are using encryption.

c2s_require_encryption = true

-- Force certificate authentication for server-to-server connections?
-- This provides ideal security, but requires servers you communicate
-- with to support encryption AND present valid, trusted certificates.
-- NOTE: Your version of LuaSec must support certificate verification!
-- For more information see http://prosody.im/doc/s2s#security

s2s_secure_auth = false

-- Many servers don't support encryption or have invalid or self-signed
-- certificates. You can list domains here that will not be required to
-- authenticate using certificates. They will be authenticated using DNS.

--s2s_insecure_domains = { "gmail.com" }

-- Even if you leave s2s_secure_auth disabled, you can still require valid
-- certificates for some domains by specifying a list here.

--s2s_secure_domains = { "jabber.org" }

-- Required for init scripts and prosodyctl
pidfile = "/var/run/prosody/prosody.pid"

-- Select the authentication backend to use. The 'internal' providers
-- use Prosody's configured data storage to store the authentication data.
-- To allow Prosody to offer secure authentication mechanisms to clients, the
-- default provider stores passwords in plaintext. If you do not trust your
-- server please see http://prosody.im/doc/modules/mod_auth_internal_hashed
-- for information about using the hashed backend.

authentication = "dovecot"

--[[
#########################################################################
  Dovecot auth settings
#########################################################################
  https://code.google.com/p/prosody-modules/wiki/mod_auth_dovecot

  Note: Local Dovecot provides both TCP and UNIX socket connections
#########################################################################
]]

-- Connect to UNIX socket provided by local Dovecot instance
dovecot_auth_socket = "/var/spool/prosody/private/auth"

-- If true, sends the bare JID as authzid.
auth_append_host = true

-- dovecot_auth_host = "127.0.0.1"
-- dovecot_auth_port = "9999"

-- Select the storage backend to use. By default Prosody uses flat files
-- in its configured data directory, but it also supports more backends
-- through modules. An "sql" backend is included by default, but requires
-- additional dependencies. See http://prosody.im/doc/storage for more info.


-- This controls what messages are archived if the user hasn't set a matching 
rule, or another personal default.
--
--    false means to store no messages. This is the default.
--    "roster" means to store messages to/from contacts in the users roster.
--    true means is to store all messages. 
default_archive_policy = true;

-- This is the largest number of messages that are allowed to be retrieved 
-- in one request. 
max_archive_query_results = 20;

-- https://prosody.im/doc/modules/mod_storage_sql
storage = {

    "sql", -- Default is "internal"

    -- Option for mod_mam. The literal 'sql2' appears to be required.
    -- https://todo.whyaskwhy.org/issues/1804
    archive2 = "sql2",

}

-- For the "sql" backend, you can uncomment *one* of the below to configure:
--sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 
'database' is the filename.
sql = { 
        driver = "MySQL";
        database = "prosody_db";
        username = "prosody_usr";
        password = "NOT_REAL_PASSWORD";

        --[[
            We're using stunnel to forward MySQL connections from
            localhost:3307 to 192.168.100.2:3307 stunnel. Remote node then
            decrypts and hands MySQL client connections to localhost:3306.

          ]]

        host = "127.0.0.1";
        port = "3307";

}
--sql = { driver = "PostgreSQL", database = "prosody", username = "prosody", 
password = "secret", host = "localhost" }

-- If Prosody has the necessary permissions it will automatically initialize
-- the database (creating tables and indexes) when you point it to a new empty
-- database. Any schema upgrades will also be automatic.
--
-- In particular it is recommended that you grant Prosody the following SQL
-- permissions on its database: SELECT, INSERT, UPDATE, DELETE, CREATE, ALTER,
-- INDEX.
--
-- If you do not wish Prosody to attempt automatic table and schema management,
-- set sql_manage_tables to false in your config.
-- Default: true
sql_manage_tables = true;

-- Logging configuration
-- For advanced logging see http://prosody.im/doc/logging
-- The supported logging levels are: "debug", "info", "warn", "error".
log = {
--    info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for 
verbose logging
--    error = "/var/log/prosody/prosody.err";
--
--  https://todo.whyaskwhy.org/issues/1717
--  https://todo.whyaskwhy.org/issues/1764
    debug = "*syslog"; -- Send debug and higher to the syslog sink
}

----------- Virtual hosts -----------
-- You need to add a VirtualHost entry for each domain you wish Prosody to 
serve.
-- Settings under each VirtualHost entry apply *only* to that host.

VirtualHost "example.org"
VirtualHost "im.example.org"

--VirtualHost "example.com"
--    enabled = false -- Remove this line to enable this host

    -- Assign this host a certificate for TLS, otherwise it would use the one
    -- set in the global section (if any).
    -- Note that old-style SSL on port 5223 only supports one certificate, and 
will always
    -- use the global one.
--    ssl = {
--        key = "/etc/prosody/certs/example.com.key";
--        certificate = "/etc/prosody/certs/example.com.crt";
--    }




------ Components ------
-- You can specify components to add hosts that provide special services,
-- like multi-user conferences, and transports.
-- For more information on components, see http://prosody.im/doc/components

---Set up a MUC (multi-user chat) room server on conference.example.com:
--Component "conference.example.com" "muc"

-- Set up a SOCKS5 bytestream proxy for server-proxied file transfers:
Component "proxy.im.example.org" "proxy65"

    -- Prosody wants this to be a separate A record, even if it is the same
    -- host that Prosody runs on
    proxy65_address = "proxy.im.example.org"

    -- Which users are allowed to use the proxy? 
    -- Note: Adding one other user under my control for testing purposes.
    proxy65_acl = { "us...@example.org", "us...@example.org", 
"ad...@example.org" }


---Set up an external component (default component port is 5347)
--
-- External components allow adding various services, such as gateways/
-- transports to other networks like ICQ, MSN and Yahoo. For more info
-- see: http://prosody.im/doc/components#adding_an_external_component
--
--Component "gateway.example.com"
--    component_secret = "password"

Reply via email to