licaon-kter
commented
3 years ago Read https://docs.ejabberd.im/archive/20_12/modules/#mod-register that none means... no one :)
/ps: in the future paste config on https://gist.github.com and put only the link here
Mans078
Before creating a ticket, please consider if this should fit the discussion forum better: https://github.com/processone/ejabberd/discussions
Environment
erl +VConfiguration (only if needed): grep -Ev '^$|^\s*#' ejabberd.yml
Errors from error.log/crash.log
No errors
Bug description
An error occurs when registering through the app. Unable to register. Here is my yaml file. My ejabberd-server version - ejabberd_21.01-2-bpo10+1. Help me please.
ejabberd configuration file
The parameters used in this configuration file are explained at
https://docs.ejabberd.im/admin/configuration
The configuration file is written in YAML.
***
!!! WARNING !!!
YAML IS INDENTATION SENSITIVE
MAKE SURE YOU INDENT SECTIONS CORRECTLY
***
Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
loglevel: Verbosity of log files generated by ejabberd
loglevel: info
rotation: Disable ejabberd's internal log rotation, as the Debian package
uses logrotate(8).
log_rotate_count: 4 hide_sensitive_log_data: false
hosts: Domains served by ejabberd.
You can define one or several, for example:
hosts:
- "localhost"
certfiles:
acme: auto: false
TLS configuration
define_macro: 'TLS_CIPHERS': "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256" 'TLS_OPTIONS':
- "no_tlsv1_2"
"no_compression"
'DH_FILE': "/etc/ejabberd/dh-4096.pem"
generated with: openssl dhparam -out dhparams.pem 2048
c2s_ciphers: 'TLS_CIPHERS' s2s_ciphers: 'TLS_CIPHERS' c2s_protocol_options: 'TLS_OPTIONS' s2s_protocol_options: 'TLS_OPTIONS' c2s_dhfile: 'DH_FILE' s2s_dhfile: 'DH_FILE'
listen:
- port: 5223 ip: "::" module: ejabberd_c2s max_stanza_size: 262144 shaper: c2s_shaper access: c2s tls: true protocol_options: 'TLS_OPTIONS'
- port: 5443 ip: "::" module: ejabberd_http tls: true protocol_options: 'TLS_OPTIONS' dhfile: 'DH_FILE' request_handlers: /api: mod_http_api
/bosh: mod_bosh
- port: 5280 ip: "::" module: ejabberd_http tls: true protocol_options: 'TLS_OPTIONS' dhfile: 'DH_FILE' request_handlers: /admin: ejabberd_web_admin /captcha: ejabberd_captcha /.well-known/acme-challenge: ejabberd_acme
-
port: 1883
ip: "::"
module: mod_mqtt
backlog: 1000
- port: 3478 transport: udp module: ejabberd_stun use_turn: true turn_min_port: 49152 turn_max_port: 65535
The server's public IPv4 address:
- port: 5349 transport: tcp module: ejabberd_stun use_turn: true tls: true turn_min_port: 49152 turn_max_port: 65535 ip: my_ip_adress turn_ipv4_address: my_ip_adress
The server's public IPv6 address:
Disabling digest-md5 SASL authentication. digest-md5 requires plain-text
password storage (see auth_password_format option).
disable_sasl_mechanisms:
s2s_use_starttls: required
Store the plain passwords or hashed for SCRAM:
auth_password_format: scram
Full path to a script that generates the image.
captcha_cmd: "/usr/share/ejabberd/captcha.sh" captcha_url: "https://@HOST@:5280/admin" captcha_limit: 5
acl: admin: user:
"admin@mydomain.com"
local: user_regexp: "" loopback: ip:
access_rules: local: allow: local c2s: deny: blocked allow: all announce: allow: admin configure: allow: admin muc_create: allow: local pubsub_createnode: allow: local trusted_network: allow: loopback
api_permissions: "console commands": from:
shaper: normal: rate: 3000 burst_size: 20000 fast: 100000
shaper_rules: max_user_sessions: 5 max_user_offline_messages: 5000: admin 500: all c2s_shaper: none: admin normal: all s2s_shaper: fast soft_upload_quota: 1000: all # MiB hard_upload_quota: 1100: all # MiB
modules: mod_adhoc: {} mod_admin_extra: {} mod_announce: access: announce mod_avatar: {} mod_blocking: {} mod_bosh: {} mod_caps: {} mod_carboncopy: {} mod_client_state: {} mod_configure: {}
mod_delegation: {} # for xep0356
mod_disco: server_info:
mod_fail2ban: {}
c2s_auth_ban_lifetime: 1300
c2s_max_auth_failures: 5
mod_http_api: {} mod_http_upload: put_url: https://@HOST@:5443/upload max_size: 4073741824 thumbnail: true secret_length: 40 file_mode: "0640" dir_mode: "0750" docroot: /var/www/upload custom_headers: "Access-Control-Allow-Origin": "https://@HOST@" "Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS" "Access-Control-Allow-Headers": "Content-Type" mod_http_upload_quota: max_days: 60
custom_headers:
"Access-Control-Allow-Origin": "https://@HOST@"
"Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS"
"Access-Control-Allow-Headers": "Content-Type"
mod_last: {} mod_mam:
Mnesia is limited to 2GB, better to use an SQL backend
For small servers SQLite is a good fit and is very easy
to configure. Uncomment this when you have SQL configured:
db_type: sql
mod_mqtt: {} mod_muc: access:
pep force_node_config: "eu.siacs.conversations.axolotl.*": access_model: open
Avoid buggy clients to make their bookmarks public
storage:bookmarks: access_model: whitelist mod_push: {} mod_push_keepalive: {} mod_register:
access: none
Only accept registration requests from the "trusted"
network (see access_rules section above).
Think twice before enabling registration from any
address. See the Jabber SPAM Manifesto for details:
https://github.com/ge0rg/jabber-spam-fighting-manifesto
captcha_protected: true ip_access: trusted_network access: register password_strength: 32 welcome_message: subject: "Welcome!" body: |- Hi. Welcome to this XMPP server.
mod_roster: versioning: true store_current_id: true mod_s2s_dialback: {} mod_shared_roster: {} mod_sic: {} mod_stream_mgmt: resend_on_timeout: if_offline mod_stun_disco: {} mod_vcard: search: false mod_vcard_xupdate: {} mod_version: show_os: false
Local Variables:
mode: yaml
End:
vim: set filetype=yaml tabstop=8