prosody-modules
c0cb43817b7c
mod_watchuntrusted/README.md

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_watchuntrusted/README.md @ 6113:c0cb43817b7c

mod_compliance_latest: using module:log_status diff --git a/mod_compliance_latest/mod_compliance_latest.lua b/mod_compliance_latest/mod_compliance_latest.lua --- a/mod_compliance_latest/mod_compliance_latest.lua +++ b/mod_compliance_latest/mod_compliance_latest.lua @@ -1,6 +1,6 @@ local success, err = pcall(function() module:depends("compliance_2023") end) if not success then - module:log("error", "Error, can't load module: mod_compliance_2023. Is this module downloaded in a folder readable by prosody?") - return 1, "Error: Couldn't load dependency mod_compliance_2023." +module:log_status( "error", "Error, can't load module: mod_compliance_2023. Is this module downloaded into a folder readable by prosody?" ) +return false end
author Menel <menel@snikket.de>
date Mon, 23 Dec 2024 14:09:56 +0100
parent 6003:fe081789f7b5
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: |
    Warn admins about outgoing s2s connections that are refused due to
    invalid or untrusted certificates
...

Introduction
============

Similar to mod\_watchregistrations, this module warns admins when an s2s
connection fails due for encryption or trust reasons.

The certificate shows the SHA1 hash, so it can easily be used together
with mod\_s2s\_auth\_fingerprint.

Configuration
=============

    modules_enabled = {
        -- other modules --
        "watchuntrusted",

    }

    untrusted_fail_watchers = { "admin@example.lit" }
    untrusted_fail_notification = "Establishing a secure connection from $from_host to $to_host failed. Certificate hash: $sha1. $errors"

  Option                          Default                                                                                                         Description
  ------------------------------- --------------------------------------------------------------------------------------------------------------- --------------------------------------------------------------------------------------
  untrusted\_fail\_watchers       All admins                                                                                                      The users to send the message to
  untrusted\_fail\_notification   "Establishing a secure connection from \$from\_host to \$to\_host failed. Certificate hash: \$sha1. \$errors"   The message to send, \$from\_host, \$to\_host, \$sha1 and \$errors are replaced
  untrusted\_message\_type        `"chat"`                                                                                                        Which kind of message to send. `"normal"` or `"headline"` are other sensible options
  untrusted\_ignore\_domains      Empty                                                                                                           The domains that this module should not warn about

Compatibility
=============

  ------- -------
  trunk   Works
  ------- -------