Note about direct-tls connections in example config

author Evgeniy Khramtsov <ekhramtsov@process-one.net>

Fri, 12 Jan 2018 07:27:33 +0000 (10:27 +0300)

committer Evgeniy Khramtsov <ekhramtsov@process-one.net>

Fri, 12 Jan 2018 07:27:33 +0000 (10:27 +0300)
author Evgeniy Khramtsov <ekhramtsov@process-one.net>
Fri, 12 Jan 2018 07:27:33 +0000 (10:27 +0300)
committer Evgeniy Khramtsov <ekhramtsov@process-one.net>
Fri, 12 Jan 2018 07:27:33 +0000 (10:27 +0300)
diff --git a/ejabberd.yml.example b/ejabberd.yml.example

index 4ff2835dc3bfd3f61e7af671a9f13a3ae595b5d7..a2ef80e1630473e808fbfd22aa8320f282e621e5 100644 (file)
--- a/ejabberd.yml.example
+++ b/ejabberd.yml.example
@@ -185,6 +185,21 @@ listen:
      web_admin: true
      ## register: true
      captcha: true
+  ##
+  ## Direct-TLS for C2S (XEP-0368). A good practice is to forward
+  ## traffic from port 443 to this port, possibly multiplexing it
+  ## with HTTP using e.g. sslh [https://wiki.xmpp.org/web/Tech_pages/XEP-0368],
+  ## so modern clients can bypass restrictive firewalls (in airports, hotels, etc.).
+  ##
+  ## -
+  ##   port: 5223
+  ##   ip: "::"
+  ##   module: ejabberd_c2s
+  ##   tls: true
+  ##   max_stanza_size: 65536
+  ##   shaper: c2s_shaper
+  ##   access: c2s
+
    ##
    ## ejabberd_service: Interact with external components (transports, ...)
    ##
author	Evgeniy Khramtsov <ekhramtsov@process-one.net>
	Fri, 12 Jan 2018 07:27:33 +0000 (10:27 +0300)
committer	Evgeniy Khramtsov <ekhramtsov@process-one.net>
	Fri, 12 Jan 2018 07:27:33 +0000 (10:27 +0300)