prosody
b8301ba2c437
prosody.cfg.lua.dist
Software / code / prosody
Comparison
prosody.cfg.lua.dist @ 9637:b8301ba2c437 0.11
prosody.cfg.lua.dist: Tidy up some comments
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sun, 18 Nov 2018 15:05:15 +0000 |
| parent | 9636:fa35724dbdba |
| child | 10176:9178d18a4ed7 |
| child | 11553:b0d8920ed5e5 |
comparison
equal
deleted
inserted
replaced
| 9636:fa35724dbdba | 9637:b8301ba2c437 |
|---|---|
| 100 | 100 |
| 101 c2s_require_encryption = true | 101 c2s_require_encryption = true |
| 102 | 102 |
| 103 -- Force servers to use encrypted connections? This option will | 103 -- Force servers to use encrypted connections? This option will |
| 104 -- prevent servers from authenticating unless they are using encryption. | 104 -- prevent servers from authenticating unless they are using encryption. |
| 105 -- Note that this is different from authentication | |
| 106 | 105 |
| 107 s2s_require_encryption = true | 106 s2s_require_encryption = true |
| 108 | 107 |
| 109 | |
| 110 -- Force certificate authentication for server-to-server connections? | 108 -- Force certificate authentication for server-to-server connections? |
| 111 -- This provides ideal security, but requires servers you communicate | |
| 112 -- with to support encryption AND present valid, trusted certificates. | |
| 113 -- NOTE: Your version of LuaSec must support certificate verification! | |
| 114 -- For more information see https://prosody.im/doc/s2s#security | |
| 115 | 109 |
| 116 s2s_secure_auth = false | 110 s2s_secure_auth = false |
| 117 | 111 |
| 118 -- Some servers have invalid or self-signed certificates. You can list | 112 -- Some servers have invalid or self-signed certificates. You can list |
| 119 -- remote domains here that will not be required to authenticate using | 113 -- remote domains here that will not be required to authenticate using |
| 120 -- certificates. They will be authenticated using DNS instead, even | 114 -- certificates. They will be authenticated using DNS instead, even |
| 121 -- when s2s_secure_auth is enabled. | 115 -- when s2s_secure_auth is enabled. |
| 122 | 116 |
| 123 --s2s_insecure_domains = { "insecure.example" } | 117 --s2s_insecure_domains = { "insecure.example" } |
| 124 | 118 |
| 125 -- Even if you leave s2s_secure_auth disabled, you can still require valid | 119 -- Even if you disable s2s_secure_auth, you can still require valid |
| 126 -- certificates for some domains by specifying a list here. | 120 -- certificates for some domains by specifying a list here. |
| 127 | 121 |
| 128 --s2s_secure_domains = { "jabber.org" } | 122 --s2s_secure_domains = { "jabber.org" } |
| 129 | 123 |
| 130 -- Select the authentication backend to use. The 'internal' providers | 124 -- Select the authentication backend to use. The 'internal' providers |
| 131 -- use Prosody's configured data storage to store the authentication data. | 125 -- use Prosody's configured data storage to store the authentication data. |
| 132 -- To allow Prosody to offer secure authentication mechanisms to clients, the | |
| 133 -- default provider stores passwords in plaintext. If you do not trust your | |
| 134 -- server please see https://prosody.im/doc/modules/mod_auth_internal_hashed | |
| 135 -- for information about using the hashed backend. | |
| 136 | 126 |
| 137 authentication = "internal_hashed" | 127 authentication = "internal_hashed" |
| 138 | 128 |
| 139 -- Select the storage backend to use. By default Prosody uses flat files | 129 -- Select the storage backend to use. By default Prosody uses flat files |
| 140 -- in its configured data directory, but it also supports more backends | 130 -- in its configured data directory, but it also supports more backends |
