Skip to content

Commit

Permalink
Move listeners configuration to their own section
Browse files Browse the repository at this point in the history
This is how it's done for modules and auth methods.
  • Loading branch information
gustawlippa committed Jul 24, 2024
1 parent bc1e232 commit c742a5c
Show file tree
Hide file tree
Showing 28 changed files with 67 additions and 67 deletions.
2 changes: 1 addition & 1 deletion doc/configuration/Modules.md
Original file line number Diff line number Diff line change
Expand Up @@ -192,4 +192,4 @@ These must **not** be enabled when using host types in `modules` or [`host_confi
* [mod_push_service_mongoosepush](../modules/mod_push_service_mongoosepush.md)
* [mod_shared_roster_ldap](../modules/mod_shared_roster_ldap.md)

Please note, that [`s2s`](s2s.md) and the XMPP components (XEP-0114) mechanism, as configured in the [`listen.service` section](listen-components.md), do not support dynamic domains as well.
Please note, that [`s2s`](s2s.md) and the XMPP components (XEP-0114) mechanism, as configured in the [`listen.service` section](../listeners/listen-components.md), do not support dynamic domains as well.
4 changes: 2 additions & 2 deletions doc/configuration/TLS-hardening.md
Original file line number Diff line number Diff line change
Expand Up @@ -61,9 +61,9 @@ By default, MongooseIM sets this option to `TLSv1.2:TLSv1.3` for each component.
The list below enumerates all components that use Fast TLS and describes how to change this string.

* `listen.c2s` - main user session abstraction + XMPP over TCP listener
* Please consult the respective section in [Listener modules](listen-c2s.md#listenc2stlsprotocol_options-only-for-fast_tls).
* Please consult the respective section in [Listener modules](../listeners/listen-c2s.md#listenc2stlsprotocol_options-only-for-fast_tls).
* `listen.s2s` - incoming S2S connections (XMPP Federation)
* Please consult the respective section in [Listener modules](listen-s2s.md#tls-options-for-s2s).
* Please consult the respective section in [Listener modules](../listeners/listen-s2s.md#tls-options-for-s2s).
* `s2s` - outgoing S2S connections (XMPP Federation)
* Please check [the documentation](s2s.md#s2sciphers) for `s2s_ciphers` option.
* `mod_global_distrib` - Global Distribution module
Expand Down
6 changes: 3 additions & 3 deletions doc/configuration/access.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ It has the following logic:

The `blocked` access class can be defined in the [`acl` section](acl.md) and match blacklisted users.

For this rule to take effect, it needs to be referenced in the options of a [C2S listener](listen-c2s.md#listenc2saccess).
For this rule to take effect, it needs to be referenced in the options of a [C2S listener](../listeners/listen-c2s.md#listenc2saccess).

### C2S Shaper

Expand All @@ -68,7 +68,7 @@ It has the following logic:

The `admin` access class can be defined in the `acl` to specify admin users who will bypass the `normal` shaper.

For this rule to take effect, it needs to be referenced in the options of a [C2S listener](listen-c2s.md#listenc2sshaper).
For this rule to take effect, it needs to be referenced in the options of a [C2S listener](../listeners/listen-c2s.md#listenc2sshaper).

### S2S Shaper

Expand All @@ -82,7 +82,7 @@ The `s2s_shaper` rule is used to determine the shaper used to limit the incoming

It assigns the `fast` shaper to all S2S connections.

For this rule to take effect, it needs to be referenced in the options of an [S2S listener](listen-s2s.md#listens2sshaper).
For this rule to take effect, it needs to be referenced in the options of an [S2S listener](../listeners/listen-s2s.md#listens2sshaper).

### MUC

Expand Down
2 changes: 1 addition & 1 deletion doc/configuration/acl.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ The `acl` section is used to define **access classes** to which the connecting u
* Key is the name of the access class,
* Value is a TOML array of patterns - TOML tables, whose format is described below.
* **Default:** no default - each access class needs to be specified explicitly.
* **Example:** the `local` access class is used for the regular users connecting to the [C2S listener](listen-c2s.md#client-to-server-c2s-listenc2s). The pattern `{}` matches all users from the current server, because it is equivalent to `{match = "current_domain"}` (see below).
* **Example:** the `local` access class is used for the regular users connecting to the [C2S listener](../listeners/listen-c2s.md#client-to-server-c2s-listenc2s). The pattern `{}` matches all users from the current server, because it is equivalent to `{match = "current_domain"}` (see below).

```toml
local = [{}]
Expand Down
4 changes: 2 additions & 2 deletions doc/configuration/configuration-files.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ This [TOML](https://github.com/toml-lang/toml) file contains the configuration o
The file is divided into the following sections:

* [**general**](general.md) - Served XMPP domains, log level, server language and some other miscellaneous settings.
* [**listen**](listen-general.md) - Configured listeners, receiving incoming XMPP and HTTP connections.
* [**listen**](listen.md) - Configured listeners, receiving incoming XMPP and HTTP connections.
* [**auth**](auth.md) - Supported client authentication methods and their options.
* [**internal_databases**](internal-databases.md) - Options for Mnesia and CETS. They are primarily used for clustering.
* [**outgoing_pools**](outgoing-connections.md) - Outgoing connections to external services, including databases, message queues and HTTP services.
Expand Down Expand Up @@ -69,4 +69,4 @@ TLS is configured in one of two ways: some modules need a private key and certif

In order to create private key & certificate bundle, you may simply concatenate them.

More information about configuring TLS for these endpoints is available in the [listen section configuration](listen-c2s.md#tls-options-for-c2s) page.
More information about configuring TLS for these endpoints is available in the [listen section configuration](../listeners/listen-c2s.md#tls-options-for-c2s) page.
2 changes: 1 addition & 1 deletion doc/configuration/general.md
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ In order to configure these host types independently, use the [`host_config` sec
If you use the host type mechanism, make sure you only configure modules which support dynamic domains in the [`modules`](./Modules.md) or [`host_config.modules`](./host_config.md#host_configmodules) sections.
MongooseIM will **not** start otherwise.
Most of the modules are compatible with host types, but please read the particular extension module's page, or the [incompatible modules list](./Modules.md#modules-incompatible-with-dynamic-domains) to see which do not.
Moreover, [`s2s`](s2s.md) as well as XMPP components (XEP-0114), as configured in the [`listen.service` section](listen-components.md#xmpp-components-listenservice), do not support dynamic domains.
Moreover, [`s2s`](s2s.md) as well as XMPP components (XEP-0114), as configured in the [`listen.service` section](../listeners/listen-components.md#xmpp-components-listenservice), do not support dynamic domains.

!!! Note
At least one of `general.hosts` or `general.host_types` have to be provided.
Expand Down
2 changes: 1 addition & 1 deletion doc/configuration/host_config.md
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,7 @@ c2s = [
The `register` rule is defined only for `domain2.com`.

!!! Note
Some access rules are checked outside of the context of any domain, e.g. the [access rule for external components](listen-components.md#listenserviceaccess) - defining them in `host_config` would have no effect.
Some access rules are checked outside of the context of any domain, e.g. the [access rule for external components](../listeners/listen-components.md#listenserviceaccess) - defining them in `host_config` would have no effect.

### `host_config.s2s`

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@ The `listen` section specifies how MongooseIM handles incoming connections.

* **Syntax:** Each listener is specified in a subsection starting with `[[listen.type]]` where `type` is one of the allowed listener types, handling different types of incoming connections:

* [`c2s`](./listen-c2s.md) - client-to-server XMPP connections,
* [`s2s`](./listen-s2s.md) - server-to-server XMPP connections,
* [`service`](./listen-components.md) - XMPP connections from external components,
* [`http`](./listen-http.md) - HTTP connections from clients or other services.
* [`c2s`](../listeners/listen-c2s.md) - client-to-server XMPP connections,
* [`s2s`](../listeners/listen-s2s.md) - server-to-server XMPP connections,
* [`service`](../listeners/listen-components.md) - XMPP connections from external components,
* [`http`](../listeners/listen-http.md) - HTTP connections from clients or other services.

The double-bracket syntax is used because there can be multiple listeners of a given type, so for each listener type there is a TOML array of one or more tables (subsections).

Expand Down
8 changes: 4 additions & 4 deletions doc/configuration/release-options.md
Original file line number Diff line number Diff line change
Expand Up @@ -127,21 +127,21 @@ These options are inserted into the `rel/files/mongooseim.toml` template.
### c2s_port

* **Type:** parameter
* **Option:** [`listen.c2s.port`](listen-general.md#listenport)
* **Option:** [`listen.c2s.port`](listen.md#listenport)
* **Syntax:** integer
* **Example:** `{c2s_port, "5222"}.`

### s2s_port

* **Type:** parameter
* **Option:** [`listen.s2s.port`](listen-general.md#listenport)
* **Option:** [`listen.s2s.port`](listen.md#listenport)
* **Syntax:** integer
* **Example:** `{s2s_port, "5269"}.`

### cowboy_port

* **Type:** parameter
* **Option:** [`listen.http.port`](listen-general.md#listenport)
* **Option:** [`listen.http.port`](listen.md#listenport)
* **Syntax:** integer
* **Example:** `{http_port, "5280"}.`

Expand Down Expand Up @@ -218,7 +218,7 @@ These options are inserted into the `rel/files/mongooseim.toml` template.
### tls_config

* **Type:** block
* **Option:** [`listen.c2s.tls.*`](listen-c2s.md#tls-options-for-c2s)
* **Option:** [`listen.c2s.tls.*`](../listeners/listen-c2s.md#tls-options-for-c2s)
* **Syntax:** TOML key-value pairs
* **Example:**

Expand Down
4 changes: 2 additions & 2 deletions doc/configuration/shaper.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ This is the typical definition of an XMPP shaper, which accepts the maximum data
```

To make use of it, the [corresponding rule](access.md#c2s-shaper) should be defined in the `access` section.
Finally, the C2S listener has to be configured to use the defined shaper - see the [C2S Example](listen-c2s.md#c2s-example).
Finally, the C2S listener has to be configured to use the defined shaper - see the [C2S Example](../listeners/listen-c2s.md#c2s-listener-configuration-example).

### S2S Shaper

Expand All @@ -44,7 +44,7 @@ For S2S connections we need to increase the limit as they receive the accumulate
```

To make use of it, the [corresponding rule](access.md#s2s-shaper) should be defined in the `access` section.
Finally, the C2S listener has to be configured to use the defined shaper - see the [S2S Example](listen-s2s.md#s2s-example).
Finally, the S2S listener has to be configured to use the defined shaper - see the [S2S Example](../listeners/listen-s2s.md#s2s-listener-configuration-example).

### MAM Shapers

Expand Down
2 changes: 1 addition & 1 deletion doc/developers-guide/domain_management.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
!!! warning
Some [modules](../configuration/Modules.md#modules-incompatible-with-dynamic-domains) do not work with dynamic domains.
This is also the case for [`s2s`](../configuration/s2s.md) and the XMPP components (XEP-0114) mechanism, as configured in the [`listen.service` section](../configuration/listen-components.md#xmpp-components-listenservice).
This is also the case for [`s2s`](../configuration/s2s.md) and the XMPP components (XEP-0114) mechanism, as configured in the [`listen.service` section](../listeners/listen-components.md#xmpp-components-listenservice).

## MongooseIM core component

Expand Down
4 changes: 2 additions & 2 deletions doc/graphql-api/Admin-GraphQL.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

The new GraphQL admin API contains all the commands available through the REST API, and the vast majority of the CLI (`mongooseimctl`) commands. Only commands that wouldn't have worked well with GraphQL style have been omitted.

We can distinguish two levels of the administration. A global admin (has access to all commands), and the admin per domain (has access only to the own domain). Each of them is handled by a different endpoint. Please see the configuration [Listen](../../configuration/listen/#handler-types-graphql-api-mongoose_graphql_handler) section for more details.
We can distinguish two levels of the administration. A global admin (has access to all commands), and the admin per domain (has access only to the own domain). Each of them is handled by a different endpoint. Please see the configuration [Listen](../listeners/listen-http.md#handler-types-graphql-api-mongoose_graphql_handler) section for more details.

There is only one schema for both admin types. Admin per domain simply has no permissions to execute global commands or commands with not owned domain. The API documentation clearly says which commands are global.

Expand All @@ -27,7 +27,7 @@ with the word `Basic` followed by a space and a base64-encoded string.

### Global admin endpoint

The authentication for global admin is optional because this endpoint shouldn't be exposed outside. The credentials set in the handler section in the config enables the authentication. Please see the [GraphQL handler](../configuration/listen-http.md#handler-types-graphql-api-mongoose_graphql_handler) section for more details.
The authentication for global admin is optional because this endpoint shouldn't be exposed outside. The credentials set in the handler section in the config enables the authentication. Please see the [GraphQL handler](../listeners/listen-http.md#handler-types-graphql-api-mongoose_graphql_handler) section for more details.

The base64-encoded string should have the form
`LOGIN:PASSWORD`, where:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
# Client to server (C2S): `[[listen.c2s]]`

Handles XMPP client-to-server (C2S) connections.
The recommended [port number](./listen-general.md#listenport) for a C2S listener is 5222 [as registered in the XMPP protocol](https://tools.ietf.org/html/rfc6120#section-14.7).
The recommended [port number](../configuration/listen.md#listenport) for a C2S listener is 5222 [as registered in the XMPP protocol](https://tools.ietf.org/html/rfc6120#section-14.7).

## General C2S options
## Configuration options

The following options are supported for each C2S listener:

Expand All @@ -20,7 +20,7 @@ The rule that determines who is allowed to connect. By default, the rule is `"al
* **Example:** `shaper = "c2s_shaper"`

The rule that determines what traffic shaper is used to limit the incoming XMPP traffic to prevent the server from being flooded with incoming data.
The rule referenced here needs to be defined in the [`access`](./access.md) configuration section.
The rule referenced here needs to be defined in the [`access`](../configuration/access.md) configuration section.
The value of the access rule needs to be either the shaper name or the string `"none"`, which means no shaper.

### `listen.c2s.max_connections`
Expand Down Expand Up @@ -68,7 +68,7 @@ newer software save a round trip.
A subset of enabled methods to login with for this listener.
This option allows to enable only some backends.
It is useful, if you want to have several listeners for different type of users (for example, some users use PKI while other users use LDAP auth).
Same syntax as for [`auth.methods`](./auth.md#authmethods) option.
Same syntax as for [`auth.methods`](../configuration/auth.md#authmethods) option.

## TLS options for C2S

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ According to [XEP-0114: Jabber Component Protocol](http://xmpp.org/extensions/xe
This interface does not support [dynamic domains](../configuration/general.md#generalhost_types).
Do not use them both at the same time.

## General component options
## Configuration options

The following options are supported for each component listener under `listen.service` subsection:

Expand All @@ -32,7 +32,7 @@ The external component needs to authenticate with this password to connect.
* **Example:** `shaper = "component_shaper"`

The traffic shaper used to limit the XMPP traffic to prevent the server from being flooded with incoming data.
Contrary to the C2S and S2S shapers, here the shaper name directly references the shaper that needs to be defined in the [`shaper`](shaper.md) section.
Contrary to the C2S and S2S shapers, here the shaper name directly references the shaper that needs to be defined in the [`shaper`](../configuration/shaper.md) section.

### `listen.service.check_from`
* **Syntax:** boolean
Expand Down Expand Up @@ -76,11 +76,11 @@ By setting this option to `kick_old`, we drop any old connections registered at
* **Default:** not set - no limit
* **Example:** `max_fsm_queue = 1000`

Message queue limit to prevent resource exhaustion; overrides the value set in the [`general`](./general.md#generalmax_fsm_queue) section.
Message queue limit to prevent resource exhaustion; overrides the value set in the [`general`](../configuration/general.md#generalmax_fsm_queue) section.

## Custom extension to the protocol

In order to register a component for all virtual hosts served by the server (see [`hosts`](./general.md#generalhosts) in the [`general`](./general.md) section), the component must add the attribute `is_subdomain="true"` to the opening stream element.
In order to register a component for all virtual hosts served by the server (see [`hosts`](../configuration/general.md#generalhosts) in the [`general`](../configuration/general.md) section), the component must add the attribute `is_subdomain="true"` to the opening stream element.
This maybe helpful if someone wants to have a single instance of a component serving multiple virtual hosts.
The `is_subdomain` attribute is optional and the default behaviour is as described in [XEP-0114: Jabber Component Protocol](http://xmpp.org/extensions/xep-0114.html).

Expand All @@ -89,7 +89,7 @@ The `is_subdomain` attribute is optional and the default behaviour is as describ
The following section configures a service listener, accepting connections from external components.
The IP address is limited to loopback to prevent connections from different hosts.
All components are allowed to connect, but they need to provide the password.
The shaper named `fast` needs to be defined in the [`shaper`](./shaper.md) section.
The shaper named `fast` needs to be defined in the [`shaper`](../configuration/shaper.md) section.

```toml
[[listen.service]]
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ Manages all HTTP-based services, such as BOSH (HTTP long-polling), WebSocket, Gr
It uses the [Cowboy](https://ninenines.eu/docs/en/cowboy/2.6/manual) web server.
Recommended port number: 5280 for BOSH/WS.

## General HTTP listeners option
## Configuration options

Following configuration option is used to set up an HTTP handler:

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,16 +4,16 @@ Handles incoming server-to-server (S2S) connections (federation).
The recommended port number for an S2S listener is 5269 [as registered in the XMPP protocol](https://tools.ietf.org/html/rfc6120#section-14.7).

!!! Note
Many S2S options are configured in the [`s2s`](./s2s.md) section of the configuration file, and they apply to both incoming and outgoing connections.
Many S2S options are configured in the [`s2s`](../configuration/s2s.md) section of the configuration file, and they apply to both incoming and outgoing connections.

## General s2s options
## Configuration options

### `listen.s2s.shaper`
* **Syntax:** string, name of the shaper rule or `"none"`
* **Default:** `"none"` - no shaper
* **Example:** `shaper = "s2s_shaper"`

Name of the rule that determines what traffic shaper is used to limit the incoming XMPP traffic to prevent the server from being flooded with incoming data. The rule referenced here needs to be defined in the [`access`](./access.md) config section, and it should return the shaper name or the value `"none"`.
Name of the rule that determines what traffic shaper is used to limit the incoming XMPP traffic to prevent the server from being flooded with incoming data. The rule referenced here needs to be defined in the [`access`](../configuration/access.md) config section, and it should return the shaper name or the value `"none"`.

## TLS options for S2S

Expand All @@ -23,7 +23,7 @@ You can specify additional options of the TLS encryption in the `tls` subsection
## S2S listener configuration example

The following section configures an S2S listener with some basic settings set up.
The `s2s_shaper` access rule is used, which requires a definition in the [`access`](./access.md) section.
The `s2s_shaper` access rule is used, which requires a definition in the [`access`](../configuration/access.md) section.

```toml
[[listen.s2s]]
Expand Down
Loading

0 comments on commit c742a5c

Please sign in to comment.