GNU bug report logs - #68894
Prosody guix service required fixes.

Previous Next

Package: guix;

Reported by: "email <at> msavoritias.me" <email <at> msavoritias.me>

Date: Fri, 2 Feb 2024 15:47:01 UTC

Severity: normal

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: "email <at> msavoritias.me" <email <at> msavoritias.me>
To: bug-guix <at> gnu.org
Subject: Prosody guix service required fixes.
Date: Fri, 2 Feb 2024 17:46:11 +0200

[Message part 1 (text/plain, inline)]
Tried to write a system declaration that includes a prosody server.

This bug aims to collect some bugs that were found and some features 
that were needed during writing.


1. The opaque-prosody-configuration as used in this example 
https://guix.gnu.org/en/manual/devel/en/guix.html#index-prosody_002ecfg_002elua

is broken. A workaround for now is adding raw-content as a field inside 
prosody-configuration.


2. Prosody Includes a plugin installer now 
https://prosody.im/doc/installing_modules#using-the-installer

so the plugin-directory here 
https://guix.gnu.org/en/manual/devel/en/guix.html#index-plugin_002dpaths 
needs to be changed to wrap the module installer instead. since its 
easier to do that than manually copying modules.

This is for modules that are not part of guix yet. Ideally imo an xmpp 
package file would be ideal to host any module that are packaged plus 
all related software.


3. The modules enabled by default is outdated 
https://guix.gnu.org/en/manual/devel/en/guix.html#index-modules_002denabled

A simple example vcard is deprecated now. also not sure if register 
should be default now since we have invites.


4. Security should be the default at this point

https://guix.gnu.org/en/manual/devel/en/guix.html#index-c2s_002drequire_002dencryption_003f

https://guix.gnu.org/en/manual/devel/en/guix.html#index-s2s_002drequire_002dencryption_003f

https://guix.gnu.org/en/manual/devel/en/guix.html#index-s2s_002dsecure_002dauth_003f

should be turned to true by default. all are already true by default 
upstream https://prosody.im/doc/s2s#security


5. The internal authentication here 
https://guix.gnu.org/en/manual/devel/en/guix.html#index-authentication

|should be internal_hashed as per default. 
https://prosody.im/doc/authentication it should never be plain.|


|6. Also a field for http_file_share is mandatory nowadays. see 
https://prosody.im/doc/modules/mod_http_file_share|


|7. room creation should be local for safety reasons 
https://guix.gnu.org/en/manual/devel/en/guix.html#index-restrict_002droom_002dcreation|

|nobody allows non local anymore.|


I plan to get to do this btw after i am done with the joinjabber server 
at some point. :)


|Regards,|

|MSavoritias|

[Message part 2 (text/html, inline)]
This bug report was last modified 1 year and 140 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.