prosody: enable limits

* feat: Enables limits with default values from upstream. * feat: Enables limits_exception module and adding jicofo and jvb. Removes the limits for the jicofo and jvb connections.
2021-06-07 13:09:26 -05:00 · 2021-06-07 13:09:26 -05:00 · 6f6fe7717c
parent db3d790e52
commit 6f6fe7717c
2 changed files with 19 additions and 0 deletions
--- a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua
+++ b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua
@ -3,6 +3,11 @@ admins = {
    "{{ .Env.JVB_AUTH_USER }}@{{ .Env.XMPP_AUTH_DOMAIN }}"
 }

+unlimited_jids = {
+    "{{ .Env.JICOFO_AUTH_USER }}@{{ .Env.XMPP_AUTH_DOMAIN }}",
+    "{{ .Env.JVB_AUTH_USER }}@{{ .Env.XMPP_AUTH_DOMAIN }}"
+}
+
 plugin_paths = { "/prosody-plugins/", "/prosody-plugins-custom" }
 http_default_host = "{{ .Env.XMPP_DOMAIN }}"

@ -130,6 +135,9 @@ VirtualHost "{{ .Env.XMPP_AUTH_DOMAIN }}"
        key = "/config/certs/{{ .Env.XMPP_AUTH_DOMAIN }}.key";
        certificate = "/config/certs/{{ .Env.XMPP_AUTH_DOMAIN }}.crt";
    }
+    modules_enabled = {
+        "limits_exception";
+    }
    authentication = "internal_hashed"

 {{ if .Env.XMPP_RECORDER_DOMAIN }}
--- a/prosody/rootfs/defaults/prosody.cfg.lua
+++ b/prosody/rootfs/defaults/prosody.cfg.lua
@ -43,6 +43,7 @@ modules_enabled = {
 	-- Not essential, but recommended
 		"private"; -- Private XML storage (for room bookmarks, etc.)
 		"vcard"; -- Allow users to set vCards
+		"limits"; -- Enable bandwidth limiting for XMPP connections

 	-- These are commented by default as they have a performance impact
 		--"privacy"; -- Support privacy lists
@ -93,6 +94,16 @@ allow_registration = false;

 daemonize = false;

+-- Enable rate limits for incoming client and server connections
+limits = {
+  c2s = {
+    rate = "10kb/s";
+  };
+  s2sin = {
+    rate = "30kb/s";
+  };
+}
+
 pidfile = "/config/data/prosody.pid";

 -- Force clients to use encrypted connections? This option will