Commit 72549a69 authored by Luna's avatar Luna 😻

better documentation of the ports we're binding to

also remove some already-commented settings for ports
parent a396448d
......@@ -147,28 +147,40 @@ ca_file: "/opt/ejabberd/conf/cacert.pem"
###. ===============
###' LISTENING PORTS
##
## listen: The ports ejabberd will listen on, which service each is handled
## by and what options to start it with.
##
## non-extensive explanation of each port:
## - 5222 for c2s (also at `dig srv _xmpp-client._tcp.a3.pm`)
## - 5223 for c2s with tls enforced (same dig command, but _xmpps as prefix)
## - 5269 for s2s (also at `dig srv _xmpp-server._tcp.a3.pm`)
## - 5270 for s2s with tls enforced
## - 5280 for ejabberd's http methods (websockets, both, oauth, api)
## - 5281 for ejabberd's http with tls enabled
## - 5443 for ejabberd's http with tls enabled (http upload happens here)
listen:
-
# c2s with starttls
port: 5222
ip: "::"
module: ejabberd_c2s
##
## To enforce TLS encryption for client connections,
## use this instead of the "starttls" option:
##
starttls_required: true
##
## Stream compression
##
## zlib: true
##
max_stanza_size: 262144
shaper: c2s_shaper
access: c2s
-
## c2s with tls enforced
port: 5223
ip: "::"
module: ejabberd_c2s
tls: true
max_stanza_size: 65536
shaper: c2s_shaper
access: c2s
-
## main s2s
port: 5269
......@@ -184,6 +196,7 @@ listen:
max_stanza_size: 524288
shaper: s2s_shaper
tls: true
-
port: 5280
ip: "::"
......@@ -208,68 +221,6 @@ listen:
## register: true
captcha: true
##
## Direct-TLS for C2S (XEP-0368). A good practice is to forward
## traffic from port 443 to this port, possibly multiplexing it
## with HTTP using e.g. sslh [https://wiki.xmpp.org/web/Tech_pages/XEP-0368],
## so modern clients can bypass restrictive firewalls (in airports, hotels, etc.).
##
-
port: 5223
ip: "::"
module: ejabberd_c2s
tls: true
max_stanza_size: 65536
shaper: c2s_shaper
access: c2s
##
## ejabberd_service: Interact with external components (transports, ...)
##
## -
## port: 8888
## ip: "::"
## module: ejabberd_service
## access: all
## shaper_rule: fast
## ip: "127.0.0.1"
## privilege_access:
## roster: "both"
## message: "outgoing"
## presence: "roster"
## delegations:
## "urn:xmpp:mam:1":
## filtering: ["node"]
## "http://jabber.org/protocol/pubsub":
## filtering: []
## hosts:
## "icq.example.org":
## password: "secret"
## "sms.example.org":
## password: "secret"
##
## ejabberd_stun: Handles STUN Binding requests
##
## -
## port: 3478
## transport: udp
## module: ejabberd_stun
##
## To handle XML-RPC requests that provide admin credentials:
##
## -
## port: 4560
## ip: "::"
## module: ejabberd_xmlrpc
## maxsessions: 10
## timeout: 5000
## access_commands:
## admin:
## commands: all
## options: []
##
## To enable secure http upload
##
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment