Configuring Prosody

Prosody's configuration is held in a single file, prosody.cfg.lua. If you install Prosody under GNU/Linux then you should find it in /etc/prosody/prosody.cfg.lua. On other systems, or when not installed, it will be under the same directory as the prosody main executable.

An example config file is given, with a .dist extension. It is thoroughly commented, and can serve as the base for your own.

Adding a virtual host to the server is as easy as adding a line to the configuration file. For example.org, one would add:

   Host "example.org"

Any options specific to example.org can then be placed under this header.

A special host section holds settings relating to all hosts, settings which are used unless a certain host overrides them.

   Host "*"

The multiple ways of creating accounts into your Prosody server is described on our page 'Creating accounts'.

Also straightforward…

   Component "conference.example.org" "muc"

and so on. You can get more help on configuring components.

enabled - May be true or false. Specifies whether this host is enabled or not. Disabled hosts are not loaded and do not accept connections while Prosody is running.

ssl - table Holds settings related to SSL/TLS security and encryption.

An example ssl setting is:

   ssl = { 
                key = "certs/example.com.key";
                certificate = "certs/example.com.crt";
         }

For more help configuring or troubleshooting SSL/TLS, please see Advanced SSL/TLS Configuration.

modules_enabled - List of modules to load for the host (or all hosts if in global section) Example:

   modules_enabled = {
                       "dialback",
                       "roster",
                       "saslauth" }

modules_disabled - Allows you to disable the loading of a list of modules for a particular host, if those modules are set in the global section. Same syntax as modules_enabled.

admins - List of administrators of the current host e.g.

admins = { "admin1@example.com", "admin2@example.com" }

c2s_ports - Ports on which to listen for client connections. Default is { 5222 }

c2s_interface - Interface on which to listen for client connections. Default is “0.0.0.0”

c2s_timeout - Timeout unauthenticated client connections. Off by default, no timeout.

s2s_ports - Ports on which to listen for server-to-server connections. Default is { 5269 }

s2s_interface - Interface on which to listen for server-to-server connections. Default is “0.0.0.0”

s2s_timeout - Timeout unauthenticated server connections. Default is 60 seconds.

legacy_ssl_ports - Ports on which to listen for SSL connections. Default is {} (ie. empty list, none).

legacy_ssl_interface - Interface on which to listen for legacy SSL connections. Default is “0.0.0.0”

c2s_require_encryption - This will force encryption for client to server connections. May be true or false, defaults to false.

s2s_require_encryption - This will force encryption for server to server connections. May be true or false, defaults to false.

data_path - Location of the Prosody data storage directory, without a trailing slash. Default is “data”, or the path set with ./configure –datadir=/path/to/data

log - Set logging options. May be a filename, or if mod_posix is loaded it may be “*syslog”. Advanced logging configuration is possible, see Logging Configuration for more details.

anonymous_login - Allow anyone to log into the server without a password using SASL ANONYMOUS (client must support it). When enabled, normal logins are not possible, and communication with remote domains is disabled by default for anonymous users. For more information see anonymous logins.

disallow_s2s - Prevent users on this host (or all hosts if specified under Host “*”) from contacting remote servers. Default is false unless anonymous logins have been enabled (in which case it defaults to true).

max_resources - The maximum number of connections a single user may have logged into the server. Defaults to 10.

conflict_resolve - How to resolve resource conflicts. May be “random” (assign a random resource), “increment” (append a unique integer to the resource), “kick_new” (deny the new connection), “kick_old” (disconnect the existing session). Default is “kick_old”.

To allow clients to create themselves accounts on your server (also known as “in-band” registration) you will need mod_register loaded. This usually means adding “register” to modules_enabled as described above. The options in this section only apply when mod_register is active.

An alternative way to create user accounts on non-Windows servers is to use prosodyctl. A Windows utility for the same purpose is planned.

allow_registration - Whether to allow registration of new accounts via Jabber clients. Default is false.

Additional options are documented on the mod_register page.

These options are for POSIX systems only, eg. GNU/Linux, BSD, and Mac OSX. Basically everyone except Windows Additionally they only work when mod_posix is loaded, that is, when “posix” is in the list of modules_enabled.

daemonize - Enable automatic daemonization when mod_posix is loaded. Default is “true”.

pidfile - File in which to write pid (process id) when daemonized. Default none.

For more options take a look at the mod_posix documentation.

• Creating accounts
• Setting up BOSH
• Configuring components
• Using prosodyctl
• Logging Configuration
• Enable compression