1786
|
1 |
#summary Prevent communication between hosts |
|
2 |
#labels Stage-Beta |
|
3 |
|
|
4 |
= Introduction = |
|
5 |
|
|
6 |
In some environments it is desirable to isolate one or more hosts, and prevent communication with external, or even other internal domains. |
|
7 |
|
|
8 |
Loading mod_isolate_host on a host will prevent all communication with JIDs outside of the current domain, though it is possible to configure exceptions. |
|
9 |
|
|
10 |
*Note:* if you just want to prevent communication with external domains, this is possible without a plugin. See [http://prosody.im/doc/s2s#disabling Prosody: Disabling s2s] for more information. |
|
11 |
|
|
12 |
This module was sponsored by [http://exa-networks.co.uk/ Exa Networks]. |
|
13 |
|
|
14 |
= Configuration = |
|
15 |
|
|
16 |
To isolate all hosts by default, add the module to your global modules_enabled: |
|
17 |
|
|
18 |
{{{ |
|
19 |
modules_enabled = { |
|
20 |
... |
|
21 |
"isolate_host"; |
|
22 |
... |
|
23 |
} |
|
24 |
}}} |
|
25 |
|
|
26 |
Alternatively you can isolate a single host by putting a modules_enabled line under the VirtualHost directive: |
|
27 |
|
|
28 |
{{{ |
|
29 |
VirtualHost "example.com" |
|
30 |
modules_enabled = { "isolate_host" } |
|
31 |
}}} |
|
32 |
|
|
33 |
After enabling the module, you can add further options to add exceptions for the isolation: |
|
34 |
|
|
35 |
|| *Option* || *Description* || |
|
36 |
|| isolate_except_domains || A list of domains to allow communication with. || |
|
37 |
|| isolate_except_users || A list of user JIDs allowed to bypass the isolation and communicate with other domains. || |
|
38 |
|
|
39 |
*Note:* Admins of hosts are always allowed to communicate with other domains |
|
40 |
|
|
41 |
= Compatibility = |
|
42 |
|| 0.9 || Works || |