forked from jabberd2/jabberd2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsm.xml.dist.in
831 lines (718 loc) · 31 KB
/
sm.xml.dist.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
<!-- Session manager configuration -->
<sm>
<!-- Our ID on the network (default: sm) -->
<id>sm</id>
<!-- The process ID file. Comment this out if you don't need to know
the process ID from outside the process (eg for control scripts) -->
<pidfile>@localstatedir@/@package@/pid/${id}.pid</pidfile>
<!-- Router connection configuration -->
<router>
<!-- IP/port the router is waiting for connections on -->
<ip>127.0.0.1</ip> <!-- default: 127.0.0.1 -->
<port>5347</port> <!-- default: 5347 -->
<!-- Username/password to authenticate as -->
<user>jabberd</user> <!-- default: jabberd -->
<pass>secret</pass> <!-- default: secret -->
<!-- File containing an SSL certificate and private key to use when
setting up an encrypted channel with the router. From
SSL_CTX_use_certificate_chain_file(3): "The certificates must be
in PEM format and must be sorted starting with the subject's
certificate (actual client or server certificate), followed
by intermediate CA certificates if applicable, and ending
at the highest level (root) CA" (the latter one being optional).
If this is commented out, or the file can't be read, no attempt
will be made to establish an encrypted channel with the router. -->
<!--
<pemfile>@sysconfdir@/server.pem</pemfile>
-->
<!-- Router connection retry -->
<retry>
<!-- If the connection to the router can't be established at
startup, we should try again this many times before exiting.
Use -1 to retry indefinitely. [default: 3] -->
<init>3</init>
<!-- If we lost the connection to the router during normal
operation (ie we've successfully connected to the router in
the past), we should try to reconnect this many times before
exiting. Use -1 to retry indefinitely. [default: 3] -->
<lost>3</lost>
<!-- Sleep for this many seconds before trying attempting a
reconnect. [default: 2] -->
<sleep>2</sleep>
</retry>
</router>
<!-- Log configuration - type is "syslog", "file" or "stdout" -->
<log type='syslog'>
<!-- If logging to syslog, this is the log ident -->
<ident>jabberd/sm</ident>
<!-- If logging to syslog, this is the log facility
(local0 - local7) [default: local3] -->
<facility>local3</facility>
<!-- If logging to file, this is the filename of the logfile -->
<!--
<file>@localstatedir@/@package@/log/sm.log</file>
-->
<!-- Filename of the debug logfile -->
<!--
<debug>@localstatedir@/@package@/log/debug-${id}.log</debug>
-->
</log>
<!-- Local network configuration -->
<local>
<!-- Who we identify ourselves as.
Users will have this as the domain part of their JID.
If you want your server to be accessible from other
Jabber servers, this IDs must be FQDN resolvable by DNSes.
If not set, the SM id is used. -->
<id>localhost.localdomain</id>
<!--
<id>vhost1.localdomain</id>
<id>vhost2.localdomain</id>
-->
</local>
<!-- Storage database configuration -->
<storage>
<!-- Dynamic storage modules path -->
<path>@pkglibdir@</path>
<!-- By default, we use the SQLite driver for all storage -->
<driver>sqlite</driver>
<!-- Its also possible to explicitly list alternate drivers for
specific data types. -->
<!-- Store vcards in a ldapvcard database instead -->
<!--
<driver type='vcard'>ldapvcard</driver>
-->
<!-- Only ldapvcard driver implements published-roster: -->
<!--
<driver type='published-roster'>ldapvcard</driver>
-->
<!-- Use ldapvcard driver for published-roster-groups.
See description in section sm/user/template/mapped-groups.
Used by mod_published_roster.
See ldapvcard section for options.
When resolving group id to group name, it searches for
groupsobjectclass objects at groupsdn base using group id
(in groupsidattr) as key and returns the first value of
groupattr of first found entry.
E.g.. in general case, if group id is "some-dep", and groupsdn
is o=org, and class is jabberGroup, it searches for
(&(objectClass=jabberGroup)(cn=some-dep)) and returns value of
jabberPublishedItem attribute, which may contain textual description.
-->
<!--
<driver type='published-roster-groups'>ldapvcard</driver>
-->
<!-- Rate limiting -->
<limits>
<!-- Maximum queries per second - if more than X queries are sent in Y
seconds, connection is throttled for Z seconds. The format
is:
<queries seconds='Y' throttle='Z'>X</bytes>
Default Y is 5, default Z is 60. set X to 0 to disable. -->
<!--
<queries>3</queries>
-->
</limits>
<!-- SQLite driver configuration -->
<sqlite>
<!-- Database name -->
<dbname>@localstatedir@/@package@/db/sqlite.db</dbname>
<!-- Use this to pass any SQL statements to the database immediately
after opening it. This is typically used to set pragmas for
performance tuning. -->
<sql>
<!-- This will cause the database to sync less often but it will
still sync at the most critical moments.
Default is FULL. -->
PRAGMA synchronous = NORMAL;
<!-- This command gathers statistics about tables and indices and
stores these information in internal tables.
This could be used to optimize the query. -->
-- ANALYZE;
</sql>
<!-- SQLite busy-timeout in milliseconds. -->
<busy-timeout>2000</busy-timeout>
</sqlite>
<!-- MySQL driver configuration -->
<mysql>
<!-- Database server host and port -->
<host>localhost</host>
<port>3306</port>
<!-- Database name -->
<dbname>jabberd2</dbname>
<!-- Database username and password -->
<user>jabberd2</user>
<pass>secret</pass>
<!-- Transaction support. If this is commented out, transactions
will be disabled. This might make database accesses faster,
but data may be lost if jabberd crashes.
This will need to be disabled if you are using a MySQL
earlier than v3.23.xx, as transaction support did not appear
until this version. -->
<transactions/>
</mysql>
<!-- PostgreSQL driver configuration -->
<pgsql>
<!-- PostgreSQL connection info.
For the rest of the options see
http://www.postgresql.org/docs/8.0/interactive/libpq.html -->
<conninfo>dbname=jabberd2 user=jabberd2 password=secret</conninfo>
<!-- Alternatively you may set connection settings separately.
These are used only in absence of 'conninfo' -->
<!-- Database server host and port -->
<host>localhost</host>
<port>5432</port>
<!-- Database name -->
<dbname>jabberd2</dbname>
<!-- Database schema -->
<schema>public</schema>
<!-- Database username and password -->
<user>jabberd2</user>
<pass>secret</pass>
<!-- Transaction support. If this is commented out, transactions
will be disabled. This might make database accesses faster,
but data may be lost if jabberd crashes. -->
<transactions/>
</pgsql>
<!-- Berkeley DB driver configuration. This does not support roster
maxitems or offline userquota (because the mod_roster
implementation does not implement the 'count' callback). -->
<db>
<!-- Directory to store database files under -->
<path>@localstatedir@/@package@/db</path>
<!-- Synchronize the database to disk after each write. If you
disable this, database accesses may be faster, but data may
be lost if jabberd crashes. -->
<sync/>
</db>
<!-- Oracle driver configuration -->
<oracle>
<!-- Database server host and port. -->
<host>localhost</host>
<port>1521</port>
<!-- Database name -->
<dbname>jabberd2</dbname>
<!-- Database username and password -->
<user>jabberd2</user>
<pass>secret</pass>
</oracle>
<!-- Filesystem driver configuration -->
<fs>
<!-- Directory to store database files under. -->
<path>@localstatedir@/lib/jabberd2/fs</path>
</fs>
<!-- LDAPVCARD driver configuration -->
<ldapvcard>
<!-- LDAP server host and port (default: 389) -->
<uri>ldap://localhost/ ldaps://ldap.example.com/</uri>
<!-- DN to bind as for searches. If unspecified, the searches
will be done anonymously. -->
<!--
<binddn>cn=Directory Manager</binddn>
<bindpw>secret</bindpw>
-->
<!-- see authreg.ldapfull in c2s.xml for description. -->
<!--
<type>ad</type>
-->
<!-- LDAP attribute that holds the user ID (default: uid) -->
<uidattr>uid</uidattr>
<objectclass>posixAccount</objectclass>
<pwattr>userPassword</pwattr>
<!-- if you use included jabberd.schema use this:
<uidattr>jid</uidattr>
<objectclass>jabberUser</objectclass>
<pwattr>jabberPassword</pwattr>
-->
<!-- Realm to append to uidattr. -->
<!--
<realm>example.org</realm>
-->
<!-- see authreg.ldapfull in c2s.xml for description. -->
<!--
<validattr>valid</validattr>
-->
<!-- base DN of the tree. You should specify a DN for each
authentication realm declared in the <local/> section above,
by using the realm attribute. -->
<basedn>o=Example Corp.</basedn>
<!-- attribute that holds published group name or id,
jabberPublishedGroup if not set -->
<!--
<groupattr>jabberPublishedGroup</groupattr>
-->
<!-- this option is helpful if your schema does not have designated
attribute that holds jabber group name
you can use any attribute in <groupattr> i.e. 'distinguishedName'
and then extract a part of it using Regular Expression;
first matching () group will be used -->
<!--
<groupattr_regex>OU=([^,]*),</groupattr_regex>
-->
<!-- boolean attribute that tells whether or not to publish this user
jabberPublishedItem by default -->
<!--
<publishedattr>jabberPublishedItem</publishedattr>
-->
<!-- If value specified, then keep cache of "published-roster"
database, which is used for all users. Cache is renewed when kept more seconds than value
specified. Setting this value increases perfomance of publishing
roster. If not specified, then we don't keep cache. -->
<publishedcachettl>60</publishedcachettl>
<mapped-groups>
<!-- If turned on, then mapping of group ids to names with
LDAP will works. -->
<!--
<map-groups/>
-->
<!-- base for searches for group id to group name mappings -->
<basedn>ou=jabbergroups, o=Example Corp.</basedn>
<!-- what objectclass to search, jabberGroup by default -->
<!--
<objectclass>jabberGroup</objectclass>
-->
<!-- what attribute to search, cn by default -->
<!--
<idattr>cn</idattr>
-->
<!-- attribute with text group name, description by default -->
<!--
<nameattr>description</nameattr>
-->
</mapped-groups>
</ldapvcard>
</storage>
<!-- Access control information -->
<aci>
<!-- The JIDs listed here will get access to all restricted
functions, regardless of restrictions further down -->
<acl type='all'>
<jid>[email protected]</jid>
</acl>
<!-- These JIDs can send broadcast messages (announce, motd) -->
<!--
<acl type='broadcast'>
<jid>[email protected]</jid>
<jid>[email protected]</jid>
</acl>
-->
<!-- These JIDs will receive messages addressed to the sm itself
(help requestes and such) -->
<!--
<acl type='messages'>
<jid>[email protected]</jid>
</acl>
-->
<!-- These JIDs can discover active user/session information -->
<!--
<acl type='disco'>
<jid>[email protected]</jid>
</acl>
-->
</aci>
<!-- Module chain configuration
Modules listed in a chain are called in the order specified at
the appropriate time for that chain (assuming that the module
knows how to work with that chain; otherwise it simply ignores
it).
Removing a module from these lists will stop the module being
called, even if it's compiled into the server.
Serveral modules have a presence in more than one chain. It is
possible to remove a module from one chain but not others, but
this may cause strange behaviour. Make sure you know what you're
doing.
When configuring sm for ANONYMOUS access, remove all instances
of the following modules:
active announce amp offline privacy
roster template-roster roster-publish pep vacation status
iq-last iq-private iq-vcard
and do not enable auto-create option. -->
<modules>
<!-- Dynamic sm modules path -->
<path>@pkglibdir@</path>
<!-- sess-start. The modules in this chain are called when a session
is first started (usually on request by c2s as part of the
authentication process). This is normally used to load
per-session data. -->
<chain id='sess-start'>
<module>status</module> <!-- record status information -->
</chain>
<!-- sess-end. The modules in this chain are called just before a
session is destroyed (after the client has disconnected). -->
<chain id='sess-end'>
<module>status</module> <!-- update status information -->
<module>iq-last</module> <!-- update logout time -->
</chain>
<!-- in-sess. The modules in this chain are called when a packet
arrives from an active user session. Note that this chain is
also responsible for delivering packets to their destinations -
this is usually handled by the "deliver" module. -->
<chain id='in-sess'>
<module>validate</module> <!-- validate packet type -->
<module>status</module> <!-- update status information -->
<module>privacy</module> <!-- manage privacy lists -->
<module>roster</module> <!-- handle roster get/sets and s10ns -->
<module>vacation</module> <!-- manage vacation settings -->
<!-- <module>pep</module> <!- - personal eventing -->
<module>iq-vcard</module> <!-- store and retrieve the user's vcard -->
<module>iq-ping</module> <!-- return the server ping -->
<module>iq-private</module> <!-- manage the user's private data store -->
<module>disco</module> <!-- respond to agents requests from sessions -->
<module>amp</module> <!-- advanced message processing -->
<module>offline</module> <!-- if we're coming online for the first time, deliver queued messages -->
<module>announce</module> <!-- deliver motd -->
<!-- <module>verify</module> <!- - verify user by e-mail -->
<module>presence</module> <!-- process and distribute presence updates -->
<module>deliver</module> <!-- deliver packets with full jids directly -->
</chain>
<!-- out-sess. The modules in this chain are called just before a
packet is delivered to an active user session. -->
<chain id='out-sess'>
<!-- <module>pep</module> <!- - personal eventing -->
</chain>
<!-- in-router. The modules in this chain are called when a packet
arrives from the router (ie another component or s2s), but
before any processing is done. This is a good place to filter
incoming packets. -->
<chain id='in-router'>
<module>session</module> <!-- perform session actions as required by c2s -->
<module>validate</module> <!-- validate packet type -->
<module>presence</module> <!-- drop incoming presence if user not online -->
<module>privacy</module> <!-- filter incoming packets based on privacy rules -->
</chain>
<!-- out-router. The modules in this chain are called just before a
packet is delivered to the router (destined for another
component or s2s). This is a good place to filter outgoing
packets. -->
<chain id='out-router'>
<module>privacy</module> <!-- filter outgoing packets based on privacy rules -->
</chain>
<!-- pkt-sm. The modules in this chain are called when a packet
arrives that is addressed to the session manager itself (ie the
to JID has no node part). This is normally used to provide
session-manager-wide services (like service discovery). -->
<chain id='pkt-sm'>
<module>iq-last</module> <!-- return the server uptime -->
<module>iq-ping</module> <!-- return the server ping -->
<module>iq-time</module> <!-- return the current server time -->
<module>iq-version</module> <!-- return the server name and version -->
<module>amp</module> <!-- advanced message processing -->
<module>disco</module> <!-- build the disco list; respond to disco queries -->
<module>announce</module> <!-- send broadcast messages (announce, motd, etc) -->
<module>help</module> <!-- resend sm messages to administrators -->
<module>echo</module> <!-- echo messages sent to /echo -->
<module>status</module> <!-- track status information -->
<module>presence</module> <!-- proces server presence subscriptions -->
</chain>
<!-- pkt-user. The modules in this chain are called when a packet
arrives that is address to a specific user. Note that this
chain is also responsible for delivering packets to user
sessions as appropriate - this is usually handled by the
"deliver" module. -->
<chain id='pkt-user'>
<module>roster</module> <!-- handle s10n responses -->
<module>presence</module> <!-- process and distribute incoming presence from external entities -->
<module>disco</module> <!-- respond to disco queries -->
<module>iq-vcard</module> <!-- grab user vcards -->
<module>amp</module> <!-- advanced message processing -->
<module>deliver</module> <!-- deliver the packet to an active session if we can -->
<module>vacation</module> <!-- send vacation messages -->
<module>offline</module> <!-- save messages and s10ns for later -->
<module>iq-last</module> <!-- return time since last logout -->
</chain>
<!-- pkt-router. The modules in this chain are called when a
special-purpose packet arrives from the router (eg domain
advertisements). -->
<chain id='pkt-router'>
<module>session</module> <!-- take sessions offline if their c2s disappears -->
<module>disco</module> <!-- query new components for service information -->
</chain>
<!-- user-load. The modules in this chain are called to load
per-user data. This will happen before a user can be used (ie
before a session is created). -->
<chain id='user-load'>
<module>active</module> <!-- get active status -->
<module>roster</module> <!-- load the roster and trust list -->
<module>roster-publish</module> <!-- load the published roster -->
<module>privacy</module> <!-- load privacy lists -->
<module>vacation</module> <!-- load vacation settings -->
<!-- <module>verify</module> <!- - verify user by e-mail -->
</chain>
<!-- user-unload. The modules in this chain are called right
after last per-user session is destroyed. -->
<chain id='user-unload'>
</chain>
<!-- user-create. The modules in this chain are called when a user
creation request is received (usually from c2s as part of a
registration request). This initialises any per-user data. -->
<chain id='user-create'>
<module>active</module> <!-- activate new users -->
<module>template-roster</module> <!-- populate roster from template -->
</chain>
<!-- user-delete. The modules in this chain are called when a user
deletion request is received (usually from c2s as part of a
registration removal request). This deletes all data that may
have been previously created for the user during normal
operation. -->
<chain id='user-delete'>
<module>active</module> <!-- deactivate users -->
<module>announce</module> <!-- delete motd data -->
<module>offline</module> <!-- bounce queued messages -->
<module>privacy</module> <!-- delete privacy lists -->
<module>roster</module> <!-- delete roster -->
<module>vacation</module> <!-- delete vacation settings -->
<module>status</module> <!-- delete status information -->
<module>iq-last</module> <!-- delete last logout time -->
<module>iq-private</module> <!-- delete private data -->
<module>iq-vcard</module> <!-- delete vcard -->
<!-- <module>verify</module> <!- - verify user by e-mail -->
</chain>
<!-- disco-extend. The modules in this chain are called when a disco
info request is send to session manager. It implements XEP-0128
Service Discovery Extensions mechanizm to add additional
information to disco#info reply. -->
<chain id='disco-extend'>
<module>iq-version</module> <!-- add XEP-xxxx Software Information -->
<module>help</module> <!-- add XEP-0157 Contact Addresses -->
</chain>
</modules>
<!-- Service discovery configuration -->
<discovery>
<!-- Service identity. these specify the category, type and name of
this service that will be included in discovery information
responses. -->
<identity>
<category>server</category> <!-- default: server -->
<type>im</type> <!-- default: im -->
<name>Jabber IM server</name> <!-- default: Jabber IM server -->
</identity>
<!-- The discovery module can respond to jabber:iq:agents queries
for compatibility with older clients. Comment this out to
disable this. -->
<agents/>
<!-- Static service list.
The discover module can discover disco-capable services
automatically as they come online. Most XEP-0114 components,
however, will not support discovery. In order to get them to
appear in disco/agents lists returned to the client, they
should be listed here.
Note that if a disco-capable service with the same name as one
listed below comes online, the information it provides will
override the information listed below.
The "category" and "type" attributes, and the list of supported
namespaces are only used for agents compatibility. If you have
disabled this above, you may omit them. -->
<items>
<!-- example entry for a user directory -->
<!--
<item category='service' type='jud' jid='users.jabber.org' name='Jabber User Directory'/>
-->
<!-- example entry for a groupchat (conference) service -->
<!--
<item category='conference' type='public' jid='conference.jabber.org' name='Text conferencing'/>
-->
</items>
<!-- Server information added to server discovery information
in http://jabber.org/network/serverinfo jabber:x:data form. (XEP-0157)
May contain many values per item -->
<!--
<serverinfo>
<admin-addresses>
<value>mailto:[email protected]</value>
<value>xmpp:[email protected]</value>
</admin-addresses>
<abuse-addresses>
<value>mailto:[email protected]</value>
<value>xmpp:[email protected]</value>
</abuse-addresses>
<feedback-addresses>
<value>http://example.org/feedback.php</value>
</feedback-addresses>
<sales-addresses/>
<security-addresses/>
<support-addresses/>
</serverinfo>
-->
</discovery>
<!-- User options -->
<user>
<!-- By default, users must explicitly created before they can start
a session. The creation process is usually triggered by a c2s
component in response to a client registering a new user.
Enabling this option will make it so that user creation will be
triggered the first time a non-existant user attempts to start
a session. This is useful if you already have users in an
external authentication database (eg LDAP) and you don't want
them to have to register. -->
<!--
<auto-create/>
-->
<!-- Define maximum size in bytes of fields of vcards.
There is a recommendation that the avatar picture SHOULD NOT
be larger than 16 KiB. -->
<!--
<vcard>
<max-field-size>
<default>16384</default>
<avatar>16384</avatar>
</max-field-size>
</vcard>
-->
<!-- Templates. If defined, the contents of these files will be
stored in the users data store when they are created. -->
<template>
<!-- Uncomment <publish> if you wish to forcibly publish
roster template from ldap on each user login -->
<!--
<publish>
-->
<!-- Key used for fetching published roster items.
Only one might be set at a time.
If not set, all items are fetched. -->
<!--
<fetch-key>
<domain/>
<user/>
<fixed>grouping-key</fixed>
</fetch-key>
-->
<!-- If <check-remove-domain> given, then published contact is checked
against sm user database and if user is unknown to sm, contact
will be deleted from user's roster (if it is in roster).
If no domain set (tag empty) all contacts are checked. -->
<!--
<check-remove-domain>jabber.example.com</check-remove-domain>
-->
<!-- Alternatively if <force-create-contacts/> is not commented,
published contact is added to sm user database
and user set known to sm, so it won't auto-unsubscribe
on connection established -->
<!--
<force-create-contacts/>
-->
<!-- Keep cache of "active" database specified number of seconds.
This will significantly speed up publishing of roster.
If unspecified or 0, no cache is used. -->
<active-cache-ttl>60</active-cache-ttl>
<!-- If <fix-subscriptions/> is not commented, set "to" and "from" subscriptions of
user's contacts to subscriptions of corresponding published
contacts. -->
<!--
<fix-subscriptions/>
-->
<!-- If <override-names/> is uncommented, then displayed names of
contacts in user's roster will be updated accordingly to
published roster (if they differ). If commented, then user can
rename contacts in roster -->
<!--
<override-names/>
-->
<!-- when mapped-groups is on (<map-groups/> is uncommented), the actual
group names for published contacts are read from
published-roster-groups storage type, which may be set
to ldapvcard driver. The key for searching is published user's
group, and returned value is used as group name. So you can assign
textual group IDs to users rather then group names.
group-cache-ttl keeps cache of mapping from group id to name for
specified number of seconds. If unspecified or 0, no cache is used.
-->
<!--
<mapped-groups>
<map-groups/>
<group-cache-ttl>120</group-cache-ttl>
</mapped-groups>
-->
<!-- If <force-groups> is commented out, published roster's contact
added to user's roster only when user does not have this contact.
If <force-groups> is uncommented, then these checks are performed
against each roster item already in user's roster:
If roster item already present in user's roster in
group of same name, no changes are made with this group (note
that contact may be in more than one group).
If <prefix> or <suffix> are given, then contact removed
from any matching groups.
After that, contact is added to group from published roster.
In other words, all groups of updated contact, that match prefix
or suffix, are replaced with group of published contact.
This is done because there is no way to determine that group was
published or greated by user. -->
<!--
<force-groups>
<prefix>MyOrg.</prefix>
<suffix>(MyOrg)</suffix>
</force-groups>
-->
<!--
</publish>
-->
<!-- If defined, the contents of these files will be
stored in the users data store when they are created. -->
<!-- If you defined publish, you should comment-out <roster> -->
<!--
<roster>@sysconfdir@/templates/roster.xml</roster>
-->
</template>
</user>
<!-- Advanced Message Processing module configuration -->
<amp>
<!-- You can disable some actions -->
<!--
<disableactions>
<drop/>
<error/>
<alert/>
<notify/>
</disableactions>
-->
<!-- You can disable some conditions -->
<!--
<disableconditions>
<expireat/>
<matchresource/>
<deliver/>
</disableconditions>
-->
<!-- You need to enable this if your server has offline storage disabled -->
<!--
<offlinestoragedisabled/>
-->
</amp>
<!-- Offline module configuration -->
<offline>
<!-- Do not store messages in offline store -->
<!--
<dropmessages/>
-->
<!-- Store headline messages in offline store -->
<!--
<storeheadlines/>
-->
<!-- Do not store subscription requests in offline store -->
<!--
<dropsubscriptions/>
-->
<!-- Offline storage message quota.
Specifies how many messages will be stored in user offline store -->
<!--
<userquota>500</userquota>
-->
</offline>
<!-- roster module configuration -->
<roster>
<!-- maximum items per user roster -->
<!--
<maxitems>100</maxitems>
-->
</roster>
<!-- status module configuration -->
<status>
<!-- presence service resource
disabled when commented out -->
<!--
<resource>webstatus</resource>
-->
</status>
</sm>
<!--
vim: syntax=xml
-->