From: "Вадим Илларионов" <gbimobou@gmail.com>
To: ALT Linux sysadmins' discussion <sysadmins@lists.altlinux.org>
Subject: Re: [Sysadmins] IM (Jabber ?) для локалки.
Date: Thu, 25 Sep 2014 15:21:01 +0900
Message-ID: <3112325.xHj1VoQ9tR@it-0.tln> (raw)
In-Reply-To: <5423AE32.6050904@schoolnet.by>
[-- Attachment #1: Type: text/plain, Size: 1388 bytes --]
В письме от 25 сентября 2014 08:54:58 пользователь A. Kulikouski написал:
> 25.09.2014 04:18, Вадим Илларионов пишет:
> > В письме от 25 сентября 2014 10:04:58 пользователь alexei@taf.ru написал:
> >> Можно посмотреть в сторону openfire
> >
> > Только он на яве.
>
> Для такого простого случая ява -- баааальшой минус.
Тогда ловите квинтэссенцию (без пустых и закомментаренных строк, с фейками
серверов/админов/паролей) обкатанного конфига ejabberd, работающего в данный
момент на usib.tv, uspost.ru, nedsib.ru
Учтите только, что у меня шаг табуляции - 4 символа. И для правильной
расцветки синтаксиса в миднайте можно на время правки дать файлу расширение
.erl, либо сделать симлинк с таким расширением и редактировать через него.
_______________________________
С уважением, *nix-администратор
Mobile: +7 (964) 103-65-67
Skype: gbIMoBou
JID = <mailto:>
Viber = Mobile
UIN: 7899517
[-- Attachment #2: ejabberd.cfg --]
[-- Type: text/plain, Size: 6161 bytes --]
{loglevel, 2}. % Verbosity of log files generated by ejabberd.
{hosts, ["yoursite.ru"]}. % Domains served by ejabberd. You can define one or several.
{watchdog_admins, ["sysadmin@yoursite.ru"]}. % If an ejabberd process consumes too much memory, send live notifications to those Jabber accounts.
{listen, [ % Which ports will ejabberd listen, which service handles it and what options to start it with.
{5222, ejabberd_c2s, [
starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}, % If TLS is compiled and you installed a SSL certificate, put the correct path to the file.
{access, c2s},
{shaper, c2s_shaper},
{max_stanza_size, 65536}
]},
{5269, ejabberd_s2s_in, [
starttls, {certfile, "/etc/ejabberd/ejabberd.pem"},
{shaper, s2s_shaper},
{max_stanza_size, 131072}
]},
{5347, ejabberd_service, [
{name, "Шлюз в ICQ"},
{ip, {127,0,0,1}},
{access, all},
{shaper_rule, fast},
{hosts, ["icq.yoursite.ru", "sms.yoursite.ru"], [{password, "icqPassWord"}]}
]},
{5348, ejabberd_service, [
{name, "Шлюз в MRA"},
{ip, {127,0,0,1}},
{access, all},
{shaper_rule, fast},
{host, "mrim.yoursite.ru", [{password, "mrimPassWord"}]}
]},
{5349, ejabberd_service, [
{name, "Шлюз в MSN"},
{ip, {127,0,0,1}},
{access, all},
{shaper_rule, fast},
{host, "msn.yoursite.ru", [{password, "msnPassWord"}]}
]},
{5350, ejabberd_service, [
{name, "Шлюз в контакте"},
{ip, {127,0,0,1}},
{access, all},
{shaper_rule, fast},
{host, "online.yoursite.ru", [{password, "vkPassWord"}]}
]},
{5280, ejabberd_http, [http_poll, web_admin]}
]}.
{s2s_use_starttls, true}. % Enable STARTTLS + Dialback for S2S connections.
{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}. % You must specify a certificate file.
{auth_method, ldap}. % Authentication using LDAP
{ldap_servers, ["ldap.tld"]}.
{ldap_base, "dc=yoursite,dc=ru"}. % Search base of LDAP directory
{ldap_rootdn, "cn=sysadmin,dc=yoursite,dc=ru"}. % LDAP manager
{ldap_password, "DerUberParol"}. % Password to LDAP manager
{ldap_uids, [{"mail", "%u@yoursite.ru"}]}. % LDAP attribute that holds user ID
{shaper, normal, {maxrate, 1000}}. % The "normal" shaper limits traffic speed to 1 kB/s
{shaper, fast, {maxrate, 50000}}. % The "fast" shaper limits traffic speed to 50 kB/s
{acl, local, {user_regexp, "yoursite.ru"}}. % Local users. Do not modify this line.
{acl, admin, {user, "sysadmin", "yoursite.ru"}}.
{acl, admin, {user, "sysadmin", "tld"}}.
{access, max_user_sessions, [{10, all}]}. % Maximum number of simultaneous sessions allowed for a single user
{access, local, [{allow, local}]}. % This rule allows access only for local users
{access, c2s, [ % Only non-blocked users can use c2s connections
{deny, blocked},
{allow, all}
]}.
{access, c2s_shaper, [{none, admin}, % For C2S connections, all users except admins use "normal" shaper
{normal, all}
]}.
{access, s2s_shaper, [{fast, all}]}. % All S2S connections use "fast" shaper
{access, announce, [{allow, admin}]}. % Only admins can send announcement messages
{access, configure, [{allow, admin}]}. % Only admins can use configuration interface
{access, muc_admin, [{allow, admin}]}. % Admins of this server are also admins of MUC service
{access, muc, [{allow, all}]}. % All users are allowed to use MUC service
{access, pubsub_createnode, [{allow, all}]}. % Everybody can create pubsub nodes
{access, register, [{deny, all}]}. % In-band registration allows registration of any possible username.
{language, "ru"}. % Default language used for server messages.
{modules, [ % Modules enabled in all ejabberd virtual hosts.
{mod_adhoc, []},
{mod_announce, [{access, announce}]}, % recommends mod_adhoc
{mod_caps, []},
{mod_configure, []}, % requires mod_adhoc
{mod_disco, [
{extra_domains, [
"users.jabber.org",
"icq.yoursite.ru",
"sms.yoursite.ru"
]}
]},
{mod_irc, []},
{mod_last, []},
{mod_muc, [
{access, muc},
{access_create, muc},
{access_persistent, muc},
{access_admin, muc_admin}
]},
{mod_offline, []},
{mod_privacy, []},
{mod_private, []},
{mod_proxy65, [
{name, "Файлообменный прокси"}
]},
{mod_pubsub, [ % requires mod_caps
{access_createnode, pubsub_createnode},
{plugins, ["default", "pep"]}
]},
{mod_roster, []},
{mod_shared_roster_ldap,[
{ldap_base, "dc=yoursite,dc=ru"},
{ldap_filter, "(initials=*)"},
{ldap_rfilter, "(initials=*)"},
{ldap_memberattr, "uid"},
{ldap_useruid, "uid"},
{ldap_userdesc, "cn"},
{ldap_uidattr, "cn"},
{ldap_groupdesc, "departmentNumber"},
{ldap_groupattr, "ou"}
]},
{mod_stats, []},
{mod_time, []},
{mod_vcard_ldap, [
{ldap_vcard_map, [
{"NICKNAME", "%s", ["cn"]},
{"GIVEN", "%s", ["givenName"]},
{"MIDDLE", "%s", ["initials"]},
{"FAMILY", "%s", ["sn"]},
{"FN", "%s", ["displayName"]},
{"EMAIL", "%s", ["mail"]},
{"ORGNAME", "%s", ["o"]},
{"ORGUNIT", "%s", ["departmentNumber"]},
{"CTRY", "%s", ["co"]},
{"LOCALITY", "%s", ["l"]},
{"STREET", "%s", ["street"]},
{"REGION", "%s", ["st"]},
{"PCODE", "%s", ["postalCode"]},
{"TITLE", "%s", ["title"]},
{"URL", "%s", ["labeledURI"]},
{"DESC", "%s", ["description"]},
{"BDAY", "%s", ["birthDate"]},
{"TEL", "%s", ["telephoneNumber"]}
]},
{ldap_search_fields, [
{"User", "cn"},
{"Name", "givenName"},
{"Family Name", "sn"},
{"Email", "mail"},
{"Company", "o"},
{"Department", "departmentNumber"},
{"Role", "title"},
{"Birthday", "birthDate"},
{"Description", "description"},
{"Country", "co"},
{"Phone", "telephoneNumber"}
]},
{ldap_search_reported, [
{"Full Name", "FN"},
{"Nickname", "NICKNAME"},
{"Birthday", "BDAY"},
{"Country", "CTRY"},
{"Email", "EMAIL"}
]}
]},
{mod_version, []}
]}.
next prev parent reply other threads:[~2014-09-25 6:21 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-24 19:24 A. Kulikovski
2014-09-25 1:04 ` alexei
2014-09-25 1:18 ` Вадим Илларионов
2014-09-25 5:54 ` A. Kulikouski
2014-09-25 6:21 ` Вадим Илларионов [this message]
2014-09-25 8:28 ` A. Kulikouski
2014-09-25 1:17 ` Вадим Илларионов
2014-09-25 6:52 ` Dmitriy L. Kruglikov
2014-09-25 7:07 ` Вадим Илларионов
2014-09-25 7:22 ` Dmitriy L. Kruglikov
2014-09-25 12:00 ` Вадим Илларионов
2014-09-25 13:03 ` Dmitriy L. Kruglikov
2014-09-25 20:28 ` Michael Shigorin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3112325.xHj1VoQ9tR@it-0.tln \
--to=gbimobou@gmail.com \
--cc=sysadmins@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux sysadmins discussion
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \
sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com
public-inbox-index sysadmins
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sysadmins
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git