Configuration

This is a list of directives which are only into Metronome or different from Prosody.

General Metronome Directives ~

• metronome_max_files_soft: set soft limit for files which can be opened by the server process. Default: 9216.
• metronome_max_files_hard: set hard limit for files which can be opened by the server process. Default: 9216.
• metronome_gc: specify operation values for the Garbage Collector in a table format, a fair warning you should never touch this if you don’t know what you’re doing or how GC in Lua works!
  Metronome already by default uses optimized values which are best
  suited for almost every operation case, changing this wrongly can
  possibly cause a warpcore breach! Example: metronome_gc = { setpause = 100, setstepmul = 150 }
• metronome_preload_libraries: specify which libraries need to be pre-loaded before the global state is initialized on server start.

Mail Configuration for Plugins ~

• mail_user: sets the login username for the SMTP server. Example: mail_user = “user@example.tld”
• mail_password: sets the login password for the SMTP server. Example: mail_password = “Password”
• mail_host: sets the hostname for the SMTP server. Example: mail_host = “mail.example.tld”
• mail_port: sets the TCP port to connect to the SMTP server. Example: mail_port = 587

mod_admin_telnet ~

• admin_telnet_strict_host_checks: check that a host is defined into Metronome’s config before allowing to activate it. Default: true
• admin_telnet_auth_user: sets the console password to this user’s password.

mod_admin_web ~

• admin_web_require_secure: require HTTPS to access the administration interface. Default: true

mod_auth_anonymous ~

• allow_anonymous_multiresourcing: allows anonymous users
  originating from the same ip address to connect multiple clients (may be
  necessary in case of NAT/PATs). Default: false.
• anonymous_jid_gentoken: string token for sha-1 hash generation of ip addresses. Default: generated from OS Time on module load.
• anonymous_randomize_for_trusted_addresses: do not hash the originating ip address matches one contained in the list, format is list-like e.g. << anonymous_randomize_for_trusted_addresses = { “127.0.0.1”, “10.24.56.9” } >>. Default: nil.

mod_bidi ~

• bidi_exclusion_list: exclude listed servers from being offered bidirectional streams. Example: bidi_exclusion_list = { “jabber.org”, “swift.im” }

mod_bosh ~

• force_https_bosh: only handle bind requests via HTTPS.
• bosh_no_raw_requests_logging: strip logging of raw request stanzas. Default: true.

mod_disco ~

• contact_info: set on discovery information contact information for the host, example,
  {
    [“abuse-addresses”] = { “mailto:abuse@lightwitch.org” },
    [“admin-addresses”] = { “https://lightwitch.org/contact” },
    [“support-addresses”] = { “https://lightwitch.org/im-service/support”, “xmpp:support@conference.lightwitch.org?join” }
  }

mod_gate_guard ~

• gate_blacklist: list of services blacklisted on all hosts, e.g. { “servername1.com”, “servername2.com” }
• gate_protect: list of local server’s host that need remote services to be whitelisted to be able to access.
• gate_whitelist: see above.
• gate_max_hits: max offense reports by other modules before a remote server is temporarily banned. Default: 50
• gate_expiretime: expiral time before the temporary ban is lifted. Default: 172800 seconds (2 days)

mod_gdpr ~

• gdpr_addendum: custom line to add to the s2s agreement, useful to add a link to the ToS.

mod_http ~

• http_alias_hosts: make a host an alias for another the format is lua table like, { [“nameofthealias.tld”] = “hosttobealiased.tld”, [“anotheralias.tld”] = “anotherhosttobealiased.tld” }

mod_http_upload ~

• http_file_allowed_mime_types: specify allowed mime types for uploads you have to specify both the extension and the mime using this format: { [“txt”] = “text/plain”, [“png”] = “image/png” }
• http_file_size_limit: size limit for uploads in bytes. Default: 3 MiB
• http_file_quota: account space quota for file uploads. Default: 40 MiB
• http_file_expire_after: expiration time for file uploads in seconds. Default: 172800 (2 days)
• http_file_perfom_expire_any: interval in seconds before executing global account expiration checks. Default: 1800
• http_file_expire_upload_slots: time in seconds before a granted upload slot is expired. Default: 900
• http_file_expire_file_caches: time in seconds before a file cached is expired. Default: 450
• http_file_throttle_time: expiral time in seconds to a given throttle, the module allows sending the size limit once in a given interval. Default: 180
• http_file_base_path: url base path for serving files. Default: share

mod_http_upload_external ~

• http_file_size_limit: size limit for uploads in bytes. Default: 100 MiB
• http_file_expire_after: expiration time for file uploads in seconds. Default: 172800 (2 days)
• http_file_no_expire_whitelist: list of JID addresses which uploads are never expired. Format: { “alice@capuleti.lit”, “bob@capuleti.lit” }
• http_file_external_url: external url base address which all files are served from, this option is required.
• http_file_secret: secret required to authorize and verify upload slots PUT requests.
• http_file_external_delete_url: external url base address to
  signal file deletion, if not provided all adhoc file handling / auto
  purging features are disabled. Warning: if using https, SNI is not supported.
• http_file_delete_secret: secret required to authorize and verify upload slots DELETE requests. 

mod_incidents_handling ~

• incidents_expire_time: time in seconds before a reported incident expires. Default: 0 (never)

mod_jingle_nodes ~

• jingle_nodes_host: select the hostname where jingle relay node discovery is hosted, defaults to module host.
• jingle_nodes_stun: switch to turn stun discovery on and off, defaults to true
• jingle_nodes_turn: switch to turn turn discovery on and off, defaults to true
• jingle_nodes_tcp: switch on tcp support, defaults to true
• jingle_nodes_udp: switch on udp support, defaults to true
• jingle_nodes_port: select the port advertised into service labels, defaults to 3478
• jingle_nodes_turn_credentials: credentials allowed to the TURN access
• jingle_nodes_turn_secret: passphrase to identify to the proxy
• jingle_nodes_turn_credentials_ttl: Time to leave for TURN credentials
• jingle_nodes_restricted: make the module serve only the local site

mod_mam ~

• mam_forbid_purge: forbid users to wipe their own messages’ archive. Default: false.
• mam_max_retrievable_results: max numbers of results which can be retrieved at once. Default: 150.
• mam_save_time: number of seconds after which the cached archives will be stashed to disk. Default: 300.
• mam_stores_cap: max number of log entries which each archive can contain, after which the oldest entry will be popped. Default: 10000.
• mam_allowed_elements: the name of all message stanza payloads which are allowed to be stored into archive entries. Format: { “encrypted”, “encryption” }
• mam_unload_cache_time: max amount of inactivity in seconds before an archive cache is unloaded. Default: 3600.

mod_mam_browser ~

• mam_browser_base: http path were the MAM web interface should be served. Default: mam
• mam_browser_host: http host were the interface should be accessible from. Default: the module host.

mod_messagefilter ~

• messagefilter_anon_hosts: list of internal anonymous hosts to be filtered.
• messagefilter_bmsg: string specifying the message to use when rejecting messages.
• messagefilter_patterns: list of Lua patterns for matches.

mod_message_carbons ~

• allowed_inactive_csi_carbon_payloads: specify allowed payloads if session is in inactive state. Format: { “urn:xmpp:eme:0”, “urn:xmpp:chat-markers:0” } (also the default)

mod_muc ~

• allow_destruction_redirection:
  allow to temporarily tombstone the room after destruction and report a
  “moved” error condition reporting the new muc address. Default: true
• expire_destruction_redirection: time in seconds before a given redirection tombstone is removed. Default: 259200 (3 days)
• expire_inactive_rooms: expire unused persistent rooms after a given time lapse in seconds. Default: false
• expire_inactive_rooms_time: given time before destroying the room. Default: 2592000 (30 days)
• expire_inactive_rooms_whitelist: whitelist rooms to prevent destruction of inactive rooms. Format: { “muc@conference.example.tld” }
• instant_room_on_creation: deliver an instant room without sending the first configuration payload. Default: false
• room_default_config: set a table containing the default configuration that will be set on creation. Example: { persistent = true, logging = true }

mod_muc_limits ~

• See wiki on prosody-modules for basic settings.
• muc_throttle_host_exclusion: list of hosts to be excluded from throttling.
• muc_whitelist_parent_peers: exclude upper level parent host domain from throttling. Default: false
• muc_disconnect_after_throttles: disconnect client or server sessions after a certain number of throttles. Default: 20
• muc_use_gate_guard: trigger and report all rate limit violations to mod_gate_guard. Default: true
• muc_gate_guard_max_hits: hits number override before a remote server is banned for exceeding offenses. Default: 150
• muc_gate_guard_ban_time: ban time override for the offending server in seconds. Default: 3600 (1 hour)

mod_muc_log ~

• muc_log_allowed_elements: the name of all message stanza payloads which are allowed to be stored into archive entries. Format: { “encrypted”, “encryption” }

mod_muc_log_http ~

• muc_log_http_config: define configuration, format: 
  { url_base = “logs”, — The Base URL path where the plugin will listen
     theme = “metronome” — An optional custom theme for the log pages, default is metronome (check themes directory) }

mod_muc_log_mam ~

• muc_log_mam_check_inactive: how many time in seconds before checking for inactive rooms. Default: 1800.
• muc_log_mam_expire_caches: how many seconds of room inactivity must have passed before killing a room MAM cache. Default: 3600

mod_offline ~

• offline_store_limit: number defining a quota after which incoming offline messages will be discarded. Default: 40.

mod_pastebin ~

• pastebin_path: set a base path for pastes. Default: “/pastebin/”

mod_pep ~

• pep_custom_singleton_nodes: a list of node namespaces which will be threated as singleton nodes.
• pep_deactivate_service_time: time of inactivity in seconds
  after which personal services will be brought down and deactivated.
  Default: 259200 (3 days). Minimal value: 10800 (3 hours).

mod_public_service  ~

• public_service_vcard: format,
  { name = “LW.Org IM Public Service.”,
    url = “https://lightwitch.org/im-service”,
    foundation_year = “2009”,
    country = “USA”,
    email = “someadmin@lightwitch.org”,
    admin_jid = “someadmin@lightwitch.org”,
    geo = “49.47,7.15”,
    ca = { name = “Let’s Encrypt”, url = “https://letsencrypt.org/” },
    oob_registration_uri = “https://lightwitch.org/xmpp/register }

mod_pubsub ~

• pubsub_admins: list of jids who have service-wide administration access.
• unrestricted_node_creation: unrestrict node creation to everyone.

mod_register ~

• registration_compat: enable compatibility / legacy mode. Default: true
• allow_registration: enable In-Band Registration. Default: false
• additional_registration_fields: add additional registration fields, you can make a field mandatory by adding a trailing + Example: { “email+”, “phone” }
• register_min_pass_length: define the minimum number of characters a password can be composed of. Default: 8
• register_max_pass_length: define the maximum number of characters a password can be composed of. Default: 30
• register_require_verification: lock accounts of users registering with IBR to verify via E-Mail. Default: false

mod_register_api ~

• reg_api_auth_token: sets the authentication token required by Metronome to accept json post data from a web app.
• reg_api_secure: defines if the module accepts only secure connections. Default: true
• reg_api_ttime: defines how the amount of time in seconds before the module accepts another request from the same ip. Default: nil (not set)
• reg_api_wl: defines a set of ip addresses to always allow registration of.
• reg_api_bl: defines a set of ip addresses to prevent from registering.
• reg_api_filtered_mails: patterns of mail domains forbidden.
• reg_api_filtered_nodes: patterns of usernames which can’t be used.
• reg_api_nameapi: use NameAPI to assert if mail domain used for registration is DEA service. Default: false
• reg_api_nameapi_apikey: the used NameAPI key, required by the above option.
• reg_api_plain_http_errors: serve errors as plain text. Default: false
• reg_api_base: path were to serve API pages. Default: /register_account/
• reg_api_urlhost: url / http host were to serve the API pages. Default: the module host
• reg_api_mailfrom: FROM address for mails generated from Metronome, required for verification/reset.
• reg_api_mailreto: REPLY-TO address for mails generated from Metronome, required for verification/reset.

mod_s2s ~

• s2s_check_inactivity: defines in how many seconds Metronome checks if there’re idle streams to close down. Default: 900.
• s2s_max_inactivity: the seconds in which opened s2s streams are considered to be idle. Default: 1800.
• s2s_strict_mode: setting this to true will bounce every non
  compliant rfc server which will attempt to federate, if set to false
  mod_s2s will automatically depend on mod_dialback.

mod_saslauth ~

• blacklist_sasl_mechanisms: a list of mechanisms which should not be presented to clients. Example: blacklist_sasl_mechanisms = { “DIGEST-MD5”, “PLAIN” }
• allowed_sasl_failures: a number value definining the max times a client can fail authentication. Default: 3. Example: allowed_sasl_failures = 5

mod_sec_labels ~

• security_catalog_name: string defining the name for the security catalog. Default: “Default”
• security_catalog_desc: string describing the function of the catalog. Default: “Default Catalog”.
• security_labels: table containing the labels definition. You can find an example here.

mod_spim_block ~

• spim_recaptcha_client_key: your reCAPTCHA client key to use to submit challenges. This is required.
• spim_recaptcha_server_key: your reCAPTCHA server side secret key for verification with the API. This is required.
• spim_exceptions: list of host excepting from spim blocking. Example: { “domain-a.com”, “domain-b.com” }
• spim_secure: if the spim token form is served on a secure url. Default: true
• spim_base: the subdirectory path serving the form. Default: spim
• spim_http_host: host were to serve challenges. Default: the module host
• spim_reset_count: the number of blocking actions before a module resets its cache. Default: 2000
• spim_s2s_ban_time: ban time in seconds for remote server exceeding SPIM trap triggering. Default: 3600 

mod_storage_cache ~

• storage_cache_save_data: enable serialization of cache data to disk, will load on server startup and dump on shutdown. Default: true

mod_stream_management ~

• sm_resume_timeout: seconds before sessions get destroyed and garbage collected by the server definitevily. Default: 360
• sm_max_unacked_stanzas: max number of unacked stanzas before Metronome requests acknowledgement to the client. Default: 10

mod_stanza_optimizations ~

• allowed_inactive_message_payloads: specify allowed payloads if session is in inactive state. Format: { “http://jabber.org/protocol/pubsub#event”, “urn:xmpp:eme:0”, “urn:xmpp:chat-markers:0”, “urn:xmpp:mam:2” } (also the default)
• csi_max_queued_stanzas: max number of queued stanzas before Metronome flushes the queue. Default: 1000
• csi_config_block_chatstates: CSI configurable adhoc option to block all chat states from being delivered in both active and inactive state. Default: false
• csi_config_queue_all_muc_messages_but_mentions: CSI
  configurable adhoc option to queue all groupchat messages until a
  mention is received or another queue flush triggering criteria is met.
  Default: true

mod_vcard (mod_muc_vcard) ~

• vcard_max_size: the max size of the vCard in bytes.

mod_vjud ~

• auto_optin_host: define which host served by Metronome does auto-optin its created users to the directory.
• restrict_to_hosts: define a list of host to restrict the directory’s opt-in to.
• synchronize_to_host_vcards: specify (as string) the local
  xmpp host which only users are able to optin and also will have their
  data be automatically synchronized whit their vcard values.
• ud_disco_name: User Directory service discovery name.

mod_websocket ~

• websockets_no_raw_requests_logging: strip logging of raw request stanzas. Default: true.
• consider_websockets_secure: this boolean option allows to
  automatically consider websockets connection secure and offer weak
  authentication methods on ’em. (Default is false / unset)
• cross_domain_websockets: allow to make cross domain (CORS) websocket requests. (Default is false / unset)