% $Id$

%override_acls.


% Users that have admin access.  Add line like one of the following after you
% will be successfully registered on server to get admin access:
%{acl, admin, {user, "aleksey"}}.
%{acl, admin, {user, "ermine"}}.

% Blocked users:
%{acl, blocked, {user, "test"}}.

% Local users:
{acl, local, {user_regexp, ""}}.

% Another examples of ACLs:
%{acl, jabberorg, {server, "jabber.org"}}.
%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%{acl, test, {user_regexp, "^test"}}.
%{acl, test, {user_glob, "test*"}}.


% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

% Every username can be registered via in-band registration:
{access, register, [{allow, all}]}.

% After successful registration user will get message with following subject
% and body:
{welcome_message,
 {"Welcome!",
  "Welcome to Jabber Service.  "
  "For information about Jabber visit http://jabber.org"}}.
% Replace them with 'none' if you don't want to send such message:
%{welcome_message, none}.

% List of people who will get notifications about registered users
%{registration_watchers, ["admin1@localhost",
%                         "admin2@localhost"]}.

% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.


% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
	       {allow, all}]}.

% Set shaper with name "normal" to limit traffic speed to 1000B/s
{shaper, normal, {maxrate, 1000}}.

% Set shaper with name "fast" to limit traffic speed to 50000B/s
{shaper, fast, {maxrate, 50000}}.

% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
		      {normal, all}]}.

% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.

% This rule allows access only for local users:
{access, local, [{allow, local}]}.


% Authentification method.  If you want to use internal user base, then use
% this line:
{auth_method, internal}.

% For LDAP authentification use these lines instead of above one:
%{auth_method, ldap}.
%{ldap_servers, ["localhost"]}.    % List of LDAP servers
%{ldap_uidattr, "uid"}.            % LDAP attribute that holds user ID
%{ldap_base, "dc=example,dc=com"}. % Base of LDAP directory
%{ldap_rootdn, "dc=example,dc=com"}. % LDAP manager
%{ldap_password, "******"}. % Password to LDAP manager

% For authentification via external script use the following:
%{auth_method, external}.
%{extauth_program, "/path/to/authentification/script"}.

% For authentification via ODBC use the following:
%{auth_method, odbc}.
%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.


% Host name(s):
{hosts, ["localhost"]}.

% Default language:
{language, "en"}.

% Listened ports:
{listen,
 [
  {5222, ejabberd_c2s,     [{access, c2s},
                            {shaper, c2s_shaper}]},

% To create selfsigned certificate run the following command from the
% command prompt:
%
% openssl req -new -x509 -days 365 -nodes -out ejabberd.pem -keyout ejabberd.pem
%
% and answer the questions.
%  {5222, ejabberd_c2s,     [{access, c2s},
%                            starttls, {certfile, "./ejabberd.pem"},
%                            {shaper, c2s_shaper}]},

% When using SSL/TLS ssl option is not recommended (it requires patching
% erlang ssl application). Use tls option instead (as shown below).
%  {5223, ejabberd_c2s,     [{access, c2s},
%                            tls, {certfile, "./ejabberd.pem"},
%                            {shaper, c2s_shaper}]},

  {5269, ejabberd_s2s_in,  [{shaper, s2s_shaper}]},

%  {5555, ejabberd_service, [{access, all},
%			    {host, "icq.localhost", [{password, "secret"}]}]},

  {5280, ejabberd_http,    [http_poll, web_admin]}
 ]}.

% If SRV lookup fails, then port 5269 is used to communicate with remote server
{outgoing_s2s_port, 5269}.


% Used modules:
{modules,
 [
  {mod_register,      [{access, register}]},
  {mod_roster,        []},
  {mod_shared_roster, []},
  {mod_privacy,       []},
  {mod_configure,     []},
  {mod_disco,         []},
  {mod_stats,         []},
  {mod_vcard,         []},
  {mod_offline,       []},
  {mod_announce,      [{access, announce}]},
  {mod_private,       []},
% Default options for mod_muc:
%   host: "conference." ++ ?MYNAME
%   access: all
%   access_create: all
%   access_admin: none (only room creator has owner privileges)
  {mod_muc,           [{access, muc},
		       {access_create, muc},
		       {access_admin, muc_admin}]},
  {mod_pubsub,        []},
  {mod_time,          []},
  {mod_last,          []},
  {mod_version,       []}
 ]}.


% Local Variables:
% mode: erlang
% End: