local env = os.getenv
local xmpp_secret = env("XMPP_SECRET") or ""

if xmpp_secret == "" then
  error("XMPP_SECRET is required for Prosody component authentication")
end

sasl_mechanisms = { "PLAIN" }
plugin_paths = { "/code/utilities/prosody/modules" }

daemonize = false
pidfile = "/tmp/prosody.pid"

admins = { env("XMPP_ADMIN_JID") or "admin@example.com" }

modules_enabled = {
  "disco";
  "roster";
  "saslauth";
  "tls";
  "blocklist";
  "carbons";
  "dialback";
  "limits";
  "pep";
  "private";
  "csi_simple";
  "ping";
  "time";
  "uptime";
  "version";
  "vcard4";
  "vcard_legacy";
  "admin_adhoc";
  "announce";
  "http";
}

s2s_secure_auth = true

limits = {
  c2s = { rate = "10mb/s"; };
  s2sin = { rate = "100mb/s"; };
}

authentication = "gia"
archive_expires_after = "1w"

log = {
  error = "/var/log/prosody/prosody.err";
  info = "/var/log/prosody/prosody.log";
  debug = "/var/log/prosody/prosody-debug.log";
}

certificates = "certs"
ssl = {
  key = "/etc/prosody/certs/cert.pem";
  certificate = "/etc/prosody/certs/cert.pem";
}

component_ports = { 8888 }
component_interfaces = { "0.0.0.0" }
http_ports = { 5280 }
http_interfaces = { "0.0.0.0", "::" }
http_external_url = "https://share.example.com/"

VirtualHost "example.com"
  authentication = "gia"
  external_auth_command = "/code/utilities/prosody/auth_django.sh"
  ssl = {
    key = "/etc/prosody/certs/cert.pem";
    certificate = "/etc/prosody/certs/cert.pem";
  }

Component "jews.example.com"
  component_secret = xmpp_secret
  ssl = {
    key = "/etc/prosody/certs/cert.pem";
    certificate = "/etc/prosody/certs/cert.pem";
  }