Archives
/
docker-ejabberd
mirror of https://github.com/processone/docker-ejabberd
2
0
Fork 0
Code Issues Releases Wiki Activity

Update config and put 5280 listener back

Browse Source
pull/32/head
Christophe Romain 5 years ago
parent 0c5e1d8dcd
commit ae7eb92dbf
2 changed files with 27 additions and 2 deletions
Show Stats Download Patch File Download Diff File

2
ecs/Dockerfile
Unescape Escape View File

@ -74,7 +74,7 @@ ADD --chown=ejabberd:ejabberd https://download.process-one.net/cacert.pem conf/c
# Set up runtime environment
USER ejabberd
VOLUME ["$HOME/database","$HOME/conf","$HOME/logs"]
EXPOSE 5222 5269 5443
EXPOSE 5222 5269 5280 5443
ENTRYPOINT ["/home/ejabberd/bin/ejabberdctl"]
CMD ["foreground"]

27
ecs/conf/ejabberd.yml
Unescape Escape View File

@ -42,6 +42,25 @@ certfiles:
ca_file: "/home/ejabberd/conf/cacert.pem"
define_macro:
# TLS options for client not being able to use modern ciphers (Windows XP+, Android 3.0+)
CIPHERS_INTERMEDIATE: "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"
PROTOCOL_OPTIONS_INTERMEDIATE:
- "no_sslv2"
- "no_sslv3"
# TLS options for client able to use modern ciphers (Windows 7+, Android 5.0+)
CIPHERS_MODERN: "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
PROTOCOL_OPTIONS_MODERN:
- "no_sslv2"
- "no_sslv3"
- "no_tlsv1"
- "no_tlsv1_1"
c2s_ciphers: CIPHERS_INTERMEDIATE
c2s_protocol_options: PROTOCOL_OPTIONS_INTERMEDIATE
listen:
-
port: 5222
@ -68,7 +87,14 @@ listen:
"/oauth": ejabberd_oauth
web_admin: true
captcha: false
ciphers: CIPHERS_INTERMEDIATE
protocol_options: PROTOCOL_OPTIONS_INTERMEDIATE
tls: true
-
port: 5280
ip: "::"
module: ejabberd_http
web_admin: true
s2s_use_starttls: optional
@ -79,7 +105,6 @@ acl:
ip:
- "127.0.0.0/8"
- "::1/128"
- "::FFFF:127.0.0.1/128"
access_rules:
local:

Write Preview
Loading…
Cancel
Save