local env = os.getenv
local domain = env("DOMAIN") or "example.com"
local xmpp_component = env("XMPP_JID") or ("jews." .. domain)
local share_host = env("XMPP_SHARE_HOST") or ("share." .. domain)
local xmpp_secret = env("XMPP_SECRET") or ""

if xmpp_secret == "" then
  error("XMPP_SECRET is required for Prosody component authentication")
end

sasl_mechanisms = { "PLAIN", "SCRAM-SHA-1", "SCRAM-SHA-256" }

daemonize = false
pidfile = "/run/prosody/prosody.pid"

admins = { env("XMPP_ADMIN_JID") or ("admin@" .. domain) }

modules_enabled = {
  "disco";
  "roster";
  "saslauth";
  "tls";
  "blocklist";
  "bookmarks";
  "carbons";
  "dialback";
  "limits";
  "pep";
  "private";
  "smacks";
  "vcard4";
  "vcard_legacy";
  "cloud_notify";
  "csi_simple";
  "invites";
  "invites_adhoc";
  "invites_register";
  "ping";
  "time";
  "uptime";
  "version";
  "mam";
  "turn_external";
  "admin_adhoc";
  "admin_shell";
  "announce";
  "auth_external_insecure";
  "http";
}

s2s_secure_auth = true

limits = {
  c2s = { rate = "10mb/s"; };
  s2sin = { rate = "100mb/s"; };
}

authentication = "external_insecure"
archive_expires_after = "1w"

log = {
  error = "/var/log/prosody/prosody.err";
  info = "/var/log/prosody/prosody.log";
  debug = "/var/log/prosody/prosody-debug.log";
}

certificates = "certs"

component_ports = { 8888 }
component_interfaces = { "0.0.0.0" }

VirtualHost domain
  authentication = "external_insecure"
  external_auth_command = "/code/utilities/prosody/auth_django.sh"
  certificate = "/etc/prosody/certs/cert.pem"

Component xmpp_component
  component_secret = xmpp_secret

Component share_host "http_file_share"

http_ports = { 5280 }
http_interfaces = { "0.0.0.0", "::" }
http_external_url = "https://" .. share_host .. "/"