prosody.cfg.lua.dist: TURN configuration improvements and example

prosody.cfg.lua.dist: Enable csi_simple by default It was added here in 2018, and at that time probably a bit too new to be enabled by default. Times change, and most people have this enabled now.

usermanager, mod_saslauth: Default to internal_hashed if no auth module specified The default config was updated in this way long ago, but if no option was present in the config, Prosody would load internal_plain. This change can result in changes (for the better) for people using very old configuration files lacking an 'authentication' setting.

prosody.cfg.lua.dist: Remove require_encryption options Reasons: - These now default to enabled when not specified since 38b5b05407be - Practically all servers require encryption these days for c2s/s2s. - Disabling encryption can be considered a special case that doesn't need to be in the default config file.

core.certmanager: Turn soft dependency on LuaSec into a hard The default network backend server_epoll already requires LuaSec so Prosody won't even start without it, so we can get rid of these lines here too.

various: Require encryption by default for real These options have been specified (and enabled) in the default config file for a long time. However if unspecified in the config, they were not enabled. Now they are. This may result in a change of behaviour for people using very old config files that lack the require_encryption options. But that's what we want.

mod_invites_register: Default to require encryption In line with the Prosody-wide default change for 0.12.

mod_legacyauth: Default to require encryption

prosody.cfg.lua.dist: Remove mod_http_files Serving web pages outside of specialized modules seems like a rare use case that doesn't warrant a spot in the default config file. Many users seem to have it confused with mod_http_upload, so removing it should help with that.

prosody.cfg.lua.dist: Move Dialback down Mostly a source of security issues lately