view mod_admin_blocklist/mod_admin_blocklist.lua @ 6261:1c62edeb9147

mod_pastebin: Update Readme diff --git a/mod_pastebin/README.md b/mod_pastebin/README.md --- a/mod_pastebin/README.md +++ b/mod_pastebin/README.md @@ -37,12 +37,14 @@ For example: Pastes will be available by default at `http://<your-prosody>:5280/pastebin/` by default. -In Prosody 0.9 and later this can be changed with [HTTP -settings](https://prosody.im/doc/http). +Ports and path can be changed with [HTTP +settings](https://prosody.im/doc/http), for example like: -In 0.8 and older this can be changed with `pastebin_ports` (see below), -or you can forward another external URL from your web server to Prosody, -use `pastebin_url` to set that URL. +``` {.lua} + http_paths = { + pastebin = "/$host-paste"; + } +``` # Discovery @@ -82,27 +84,16 @@ The line and character tresholds are adv pastebin_line_threshold The maximum number of lines a message may have before it is sent to the pastebin. (default 4 lines) pastebin_trigger A string of characters (e.g. "!paste ") which if detected at the start of a message, always sends the message to the pastebin, regardless of length. (default: not set) pastebin_expire_after Number of hours after which to expire (remove) a paste, defaults to 24. Set to 0 to store pastes permanently on disk. - pastebin_ports List of ports to run the HTTP server on, same format as mod_httpserver's http_ports[^1] - pastebin_url Base URL to display for pastebin links, must end with / and redirect to Prosody's built-in HTTP server[^2] # Compatibility - ------ ------- - trunk Works + ------ --------------------- + trunk Works as of 25-06-13 + 13 Works 0.12 Works - 0.11 Works - 0.10 Works - 0.9 Works - 0.8 Works - ------ ------- + ------ --------------------- # Todo - Maximum paste length - Web interface to submit pastes? - -[^1]: As of Prosody 0.9, `pastebin_ports` is replaced by `http_ports`, - see [Prosody HTTP server documentation](https://prosody.im/doc/http) - -[^2]: See also - [http_external_url](https://prosody.im/doc/http#external_url)
author Menel <menel@snikket.de>
date Fri, 13 Jun 2025 11:39:58 +0200
parents 96e83b4a93f7
children
line wrap: on
line source

-- mod_admin_blocklist
--
-- If a local admin has blocked a domain, don't allow s2s to that domain
--
-- Copyright (C) 2015-2022 Kim Alvefur
--
-- This file is MIT/X11 licensed.
--

module:depends("blocklist");

local st = require"util.stanza";
local jid_split = require"util.jid".split;

local usermanager = require "core.usermanager";

local admins;
if usermanager.get_jids_with_role then
	local set = require "util.set";
	local include_roles = module:get_option_set("admin_blocklist_roles", { "prosody:operator"; "prosody:admin" });

	admins = set.new();
	for role in include_roles do
		admins:include(set.new(usermanager.get_jids_with_role(role, module.host)));
	end
else -- COMPAT w/pre-0.12
	admins = module:get_option_inherited_set("admins", {});
end
admins = admins /
	function (admin) -- Filter out non-local admins
		local user, host = jid_split(admin);
		if host == module.host then return user; end
	end

local blocklists = module:open_store("blocklist");

local function is_blocked(host)
	for admin in admins do
		local blocklist = blocklists:get(admin);
		if blocklist and blocklist[host] then
			return true;
		end
	end
end

module:hook("route/remote", function (event)
	local origin, stanza = event.origin, event.stanza;
	if is_blocked(event.to_host) then
		if origin and stanza then
			origin.send(st.error_reply(stanza, "cancel", "not-allowed", "Communication with this domain is not allowed"));
			return true;
		end
		return false;
	end
end, -9);


module:hook("s2s-stream-features", function (event)
	local session = event.origin;
	if is_blocked(session.from_host) then
		session:close("policy-violation");
		return false;
	end
end, 1000);

module:hook("stanza/http://etherx.jabber.org/streams:features", function (event)
	local session = event.origin;
	if is_blocked(session.to_host) then
		session:close("policy-violation");
		return true;
	end
end, 1000);