В письме от 25 сентября 2014 08:54:58 пользователь A. Kulikouski написал:
> 25.09.2014 04:18, Вадим Илларионов пишет:
> > В письме от 25 сентября 2014 10:04:58 пользователь [email protected] написал:
> >> Можно посмотреть в сторону openfire
> >
> > Только он на яве.
>
> Для такого простого случая ява -- баааальшой минус.
Тогда ловите квинтэссенцию (без пустых и закомментаренных строк, с фейками
серверов/админов/паролей) обкатанного конфига ejabberd, работающего в данный
момент на usib.tv, uspost.ru, nedsib.ru
Учтите только, что у меня шаг табуляции - 4 символа. И для правильной
расцветки синтаксиса в миднайте можно на время правки дать файлу расширение
.erl, либо сделать симлинк с таким расширением и редактировать через него.
_______________________________
С уважением, *nix-администратор
Mobile: +7 (964) 103-65-67
Skype: gbIMoBou
JID = <mailto:>
Viber = Mobile
UIN: 7899517
{loglevel, 2}.
% Verbosity of log files generated by ejabberd.
{hosts, ["yoursite.ru"]}.
% Domains served by ejabberd. You can define one or several.
{watchdog_admins, ["[email protected]"]}. % If an
ejabberd process consumes too much memory, send live notifications to those
Jabber accounts.
{listen, [
% Which ports will ejabberd listen, which
service handles it and what options to start it with.
{5222, ejabberd_c2s, [
starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}, % If
TLS is compiled and you installed a SSL certificate, put the correct path to
the file.
{access, c2s},
{shaper, c2s_shaper},
{max_stanza_size, 65536}
]},
{5269, ejabberd_s2s_in, [
starttls, {certfile, "/etc/ejabberd/ejabberd.pem"},
{shaper, s2s_shaper},
{max_stanza_size, 131072}
]},
{5347, ejabberd_service, [
{name, "Шлюз в ICQ"},
{ip, {127,0,0,1}},
{access, all},
{shaper_rule, fast},
{hosts, ["icq.yoursite.ru", "sms.yoursite.ru"], [{password,
"icqPassWord"}]}
]},
{5348, ejabberd_service, [
{name, "Шлюз в MRA"},
{ip, {127,0,0,1}},
{access, all},
{shaper_rule, fast},
{host, "mrim.yoursite.ru", [{password, "mrimPassWord"}]}
]},
{5349, ejabberd_service, [
{name, "Шлюз в MSN"},
{ip, {127,0,0,1}},
{access, all},
{shaper_rule, fast},
{host, "msn.yoursite.ru", [{password, "msnPassWord"}]}
]},
{5350, ejabberd_service, [
{name, "Шлюз в контакте"},
{ip, {127,0,0,1}},
{access, all},
{shaper_rule, fast},
{host, "online.yoursite.ru", [{password, "vkPassWord"}]}
]},
{5280, ejabberd_http, [http_poll, web_admin]}
]}.
{s2s_use_starttls, true}.
% Enable STARTTLS + Dialback for S2S connections.
{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}. % You
must specify a certificate file.
{auth_method, ldap}.
% Authentication using LDAP
{ldap_servers, ["ldap.tld"]}.
{ldap_base, "dc=yoursite,dc=ru"}.
% Search base of LDAP directory
{ldap_rootdn, "cn=sysadmin,dc=yoursite,dc=ru"}. % LDAP
manager
{ldap_password, "DerUberParol"}.
% Password to LDAP manager
{ldap_uids, [{"mail", "%[email protected]"}]}.
% LDAP attribute that holds user ID
{shaper, normal, {maxrate, 1000}}.
% The "normal" shaper limits traffic speed to 1 kB/s
{shaper, fast, {maxrate, 50000}}.
% The "fast" shaper limits traffic speed to 50 kB/s
{acl, local, {user_regexp, "yoursite.ru"}}.
% Local users. Do not modify this line.
{acl, admin, {user, "sysadmin", "yoursite.ru"}}.
{acl, admin, {user, "sysadmin", "tld"}}.
{access, max_user_sessions, [{10, all}]}.
% Maximum number of simultaneous sessions allowed for a single user
{access, local, [{allow, local}]}.
% This rule allows access only for local users
{access, c2s, [
% Only non-blocked users can use c2s connections
{deny, blocked},
{allow, all}
]}.
{access, c2s_shaper, [{none, admin},
% For C2S connections, all users except admins use "normal" shaper
{normal, all}
]}.
{access, s2s_shaper, [{fast, all}]}.
% All S2S connections use "fast" shaper
{access, announce, [{allow, admin}]}.
% Only admins can send announcement messages
{access, configure, [{allow, admin}]}.
% Only admins can use configuration interface
{access, muc_admin, [{allow, admin}]}.
% Admins of this server are also admins of MUC service
{access, muc, [{allow, all}]}.
% All users are allowed to use MUC service
{access, pubsub_createnode, [{allow, all}]}. %
Everybody can create pubsub nodes
{access, register, [{deny, all}]}.
% In-band registration allows registration of any possible username.
{language, "ru"}.
% Default language used for server messages.
{modules, [
% Modules enabled in all ejabberd virtual hosts.
{mod_adhoc, []},
{mod_announce, [{access, announce}]},
% recommends mod_adhoc
{mod_caps, []},
{mod_configure, []},
% requires mod_adhoc
{mod_disco, [
{extra_domains, [
"users.jabber.org",
"icq.yoursite.ru",
"sms.yoursite.ru"
]}
]},
{mod_irc, []},
{mod_last, []},
{mod_muc, [
{access, muc},
{access_create, muc},
{access_persistent, muc},
{access_admin, muc_admin}
]},
{mod_offline, []},
{mod_privacy, []},
{mod_private, []},
{mod_proxy65, [
{name, "Файлообменный прокси"}
]},
{mod_pubsub, [
% requires mod_caps
{access_createnode, pubsub_createnode},
{plugins, ["default", "pep"]}
]},
{mod_roster, []},
{mod_shared_roster_ldap,[
{ldap_base, "dc=yoursite,dc=ru"},
{ldap_filter, "(initials=*)"},
{ldap_rfilter, "(initials=*)"},
{ldap_memberattr, "uid"},
{ldap_useruid, "uid"},
{ldap_userdesc, "cn"},
{ldap_uidattr, "cn"},
{ldap_groupdesc, "departmentNumber"},
{ldap_groupattr, "ou"}
]},
{mod_stats, []},
{mod_time, []},
{mod_vcard_ldap, [
{ldap_vcard_map, [
{"NICKNAME", "%s", ["cn"]},
{"GIVEN", "%s", ["givenName"]},
{"MIDDLE", "%s", ["initials"]},
{"FAMILY", "%s", ["sn"]},
{"FN", "%s", ["displayName"]},
{"EMAIL", "%s", ["mail"]},
{"ORGNAME", "%s", ["o"]},
{"ORGUNIT", "%s", ["departmentNumber"]},
{"CTRY", "%s", ["co"]},
{"LOCALITY", "%s", ["l"]},
{"STREET", "%s", ["street"]},
{"REGION", "%s", ["st"]},
{"PCODE", "%s", ["postalCode"]},
{"TITLE", "%s", ["title"]},
{"URL", "%s", ["labeledURI"]},
{"DESC", "%s", ["description"]},
{"BDAY", "%s", ["birthDate"]},
{"TEL", "%s", ["telephoneNumber"]}
]},
{ldap_search_fields, [
{"User", "cn"},
{"Name", "givenName"},
{"Family Name", "sn"},
{"Email", "mail"},
{"Company", "o"},
{"Department", "departmentNumber"},
{"Role", "title"},
{"Birthday", "birthDate"},
{"Description", "description"},
{"Country", "co"},
{"Phone", "telephoneNumber"}
]},
{ldap_search_reported, [
{"Full Name", "FN"},
{"Nickname", "NICKNAME"},
{"Birthday", "BDAY"},
{"Country", "CTRY"},
{"Email", "EMAIL"}
]}
]},
{mod_version, []}
]}.
_______________________________________________
Sysadmins mailing list
[email protected]
https://lists.altlinux.org/mailman/listinfo/sysadmins
