From: "email@msavoritias.me" <email@msavoritias.me>
To: 68894@debbugs.gnu.org
Subject: bug#68894: Prosody guix service required fixes.
Date: Fri, 2 Feb 2024 17:46:11 +0200 [thread overview]
Message-ID: <41a23fb5-7698-bc69-8c22-80c5433b53cd@fannys.me> (raw)
[-- Attachment #1: Type: text/plain, Size: 2227 bytes --]
Tried to write a system declaration that includes a prosody server.
This bug aims to collect some bugs that were found and some features
that were needed during writing.
1. The opaque-prosody-configuration as used in this example
https://guix.gnu.org/en/manual/devel/en/guix.html#index-prosody_002ecfg_002elua
is broken. A workaround for now is adding raw-content as a field inside
prosody-configuration.
2. Prosody Includes a plugin installer now
https://prosody.im/doc/installing_modules#using-the-installer
so the plugin-directory here
https://guix.gnu.org/en/manual/devel/en/guix.html#index-plugin_002dpaths
needs to be changed to wrap the module installer instead. since its
easier to do that than manually copying modules.
This is for modules that are not part of guix yet. Ideally imo an xmpp
package file would be ideal to host any module that are packaged plus
all related software.
3. The modules enabled by default is outdated
https://guix.gnu.org/en/manual/devel/en/guix.html#index-modules_002denabled
A simple example vcard is deprecated now. also not sure if register
should be default now since we have invites.
4. Security should be the default at this point
https://guix.gnu.org/en/manual/devel/en/guix.html#index-c2s_002drequire_002dencryption_003f
https://guix.gnu.org/en/manual/devel/en/guix.html#index-s2s_002drequire_002dencryption_003f
https://guix.gnu.org/en/manual/devel/en/guix.html#index-s2s_002dsecure_002dauth_003f
should be turned to true by default. all are already true by default
upstream https://prosody.im/doc/s2s#security
5. The internal authentication here
https://guix.gnu.org/en/manual/devel/en/guix.html#index-authentication
|should be internal_hashed as per default.
https://prosody.im/doc/authentication it should never be plain.|
|6. Also a field for http_file_share is mandatory nowadays. see
https://prosody.im/doc/modules/mod_http_file_share|
|7. room creation should be local for safety reasons
https://guix.gnu.org/en/manual/devel/en/guix.html#index-restrict_002droom_002dcreation|
|nobody allows non local anymore.|
I plan to get to do this btw after i am done with the joinjabber server
at some point. :)
|Regards,|
|MSavoritias|
[-- Attachment #2: Type: text/html, Size: 4741 bytes --]
next reply other threads:[~2024-02-02 15:47 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-02 15:46 email [this message]
2024-02-02 16:59 ` bug#68894: Prosody guix service required fixes Clément Lassieur
2024-02-03 7:56 ` email
2024-02-03 10:31 ` Clément Lassieur
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41a23fb5-7698-bc69-8c22-80c5433b53cd@fannys.me \
--to=email@msavoritias.me \
--cc=68894@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).