Port Multiplexing

In the latest version of Metronome it’s possible take full advantage of new SRV records specified in XEP-0368, it’s perhaps possible via mod_net_multiplex to run all services capable of multiplexing on a single defined port or more ports, I will give here a brief example on how to run everything on the HTTPS port, 443.

Host “*”
   modules_enabled = { “http”, “net_multiplex” }
   interfaces = { “127.0.0.1”, “::1” }
   ssl = { key = “/etc/metronome/certs/localhost.key”, certificate = “/etc/metronome/certs/localhost.cert” }
   http_external_url = { scheme = “https”, port = 443 }
— Sets a https scheme for module:http_url()
 
  http_ports = {} — disables binding of HTTP ports by mod_http
   
https_ports = {} — disables binding HTTPS ports by mod_http
   
multiplex_secure_ports = { 443 } — multiplex services on port 443, and expose mod_http’s since we disabled portmanager’s binding

So this way we disabled the module default binding and only allowed to access it through the multiplexed port alongside all the other services.

Be aware that Multiplexing causes some issues with HTTPS in which browsers may prompt for a certificate, that’s caused by LuaSec verify options which can’t be turned off on a multiplexed secure listener as doing so will break SASL External for both c2s and s2s.