mirror of
https://git.kaidan.im/lnj/ansible-role-ejabberd
synced 2020-03-25 15:46:19 +01:00
102 lines
3.3 KiB
Django/Jinja
102 lines
3.3 KiB
Django/Jinja
# Example xcauth.py configuration file
|
|
#
|
|
# Preferably put this in /etc,
|
|
# and make it readable only for the user the XMPP server is running under
|
|
|
|
# Type: ejabberd, prosody (=generic), saslauthd, or postfix
|
|
#
|
|
type=ejabberd
|
|
|
|
# Secret: API token
|
|
# Shown in the Nextcloud JSXC administration settings
|
|
#
|
|
# :warning: The real secret must not fall into the wrong hands!
|
|
# Anyone knowing it can authenticate as any user to the XMPP server.
|
|
#
|
|
secret={{ xmpp_cloud_auth_token }}
|
|
|
|
# URL: Where JSXC for Nextcloud (>=3.2.0) can be queried
|
|
# Shown in the Nextcloud JSXC administration settings
|
|
#
|
|
url={{ xmpp_cloud_auth_url }}
|
|
|
|
# Request timeout
|
|
# The timeout to apply for both the connection setup and awaiting
|
|
# a response. If set to a tuple, the first value applies to connection
|
|
# setup only, the second for waiting for the response.
|
|
#
|
|
#timeout=5,10
|
|
|
|
# Database to use for additional information
|
|
# - When serving multiple domains
|
|
# - When wishing to cache user information
|
|
# (to reduce the load on Nextcloud and continue if it is unavailable shortly)
|
|
# (see [Database documentation](./doc/Database.md) for more information).
|
|
#
|
|
# Can be any path allowed by SQLite3, including the ':memory:' special value.
|
|
#
|
|
#db=/var/lib/xcauth/xcauth.sqlite3
|
|
|
|
# Log: Log directory
|
|
# In this directory, xcauth.{log,err} will be created
|
|
#
|
|
#log=/var/log/ejabberd
|
|
#log=/var/log/prosody
|
|
log=/var/log/xcauth
|
|
|
|
# User caching: Cache database/policy
|
|
# Where to store a cache database to avoid queries.
|
|
# - 'none' (default): Disable the cache
|
|
# - 'memory': Use an in-memory cache
|
|
# - 'db': Use the main db specified with `--db`
|
|
# (`--db=:memory:` and `--cache-storage=db` does not count as
|
|
# an in-memory database for the `--cache-bcrypt` logic below)
|
|
#
|
|
#cache-storage=none
|
|
|
|
# User caching: TTL since last query
|
|
# Use cache entry if most recent query is not older than this timespan
|
|
# Time is measured in seconds, unless `s`, `m`, `h`, `d`, `w` is used
|
|
# as a suffix (seconds, minutes, hours, days, weeks, respectively).
|
|
#
|
|
#cache-query-ttl=4h
|
|
|
|
# User caching: TTL since last verification
|
|
# Use cache entry if most recent verification against the backend is
|
|
# not older than this and has been queried at least once every
|
|
# `cache-query-ttl`. Time is measured as for `cache-query-ttl`
|
|
#
|
|
#cache-verification-ttl=1d
|
|
|
|
# User caching: TTL when backend unreachable
|
|
# Use cache entry if the request to the backend files for a reason
|
|
# other than "password invalid". Then, independent of the other TTLs above,
|
|
# any verification younger than this time will be considered valid.
|
|
# Time is measured as for `cache-query-ttl`.
|
|
#
|
|
#cache-unreachable-ttl=1w
|
|
|
|
# User caching: Password hashing complexity
|
|
# Hash passwords with 2^cache-bcrypt-rounds before storing (i.e., every
|
|
# increasing this parameter results in twice as much computation time,
|
|
# both for XMPP cloud auth and an attacker).
|
|
#
|
|
# If this is a tuple, the first value will be used for persistent,
|
|
# the second for in-memory databases (with `cache-storage=memory`).
|
|
#
|
|
# The current default for bcrypt of Summer 2018 is 12.
|
|
#
|
|
#cache-bcrypt-rounds=12,4
|
|
|
|
# Shared roster: ejabberdctl path
|
|
# Which ejabberdctl to use, and whether to use an ejabberctl at all.
|
|
# When set, updates *ejabberd* shared roster from the Nextcloud name
|
|
# and group information on each login.
|
|
#
|
|
# Default: none (shared roster update disabled)
|
|
#
|
|
ejabberdctl=/usr/sbin/ejabberdctl
|
|
|
|
# Debug: Log more
|
|
#
|
|
#debug
|