Auto ban anonymous IP:
* New settings: "Ban anonymous user's IP when user is banned from a chatroom": * if enabled, every time a streamer bans an anonymous user, it will ban its IP on the chat server, * banned IPs are logged on disk, so server's admin can use them to feed fail2ban (for example), * option disabled by default, because could be used to create trapped-rooms on public servers
This commit is contained in:
John Livingston
@ -152,6 +152,7 @@ async function getProsodyConfig (options: RegisterServerOptionsV5): Promise<Pros
|
||||
'prosody-components-interfaces',
|
||||
'prosody-components-list',
|
||||
'chat-no-anonymous',
|
||||
'auto-ban-anonymous-ip',
|
||||
'federation-dont-publish-remotely',
|
||||
'disable-channel-configuration'
|
||||
])
|
||||
@ -163,6 +164,7 @@ async function getProsodyConfig (options: RegisterServerOptionsV5): Promise<Pros
|
||||
}
|
||||
const logByDefault = (settings['prosody-muc-log-by-default'] as boolean) ?? true
|
||||
const disableAnon = (settings['chat-no-anonymous'] as boolean) || false
|
||||
const autoBanIP = (settings['auto-ban-anonymous-ip'] as boolean) || false
|
||||
const logExpirationSetting = (settings['prosody-muc-expiration'] as string) ?? DEFAULTLOGEXPIRATION
|
||||
const enableC2S = (settings['prosody-c2s'] as boolean) || false
|
||||
// enableRoomS2S: room can be joined from remote XMPP servers (Peertube or not)
|
||||
@ -224,7 +226,7 @@ async function getProsodyConfig (options: RegisterServerOptionsV5): Promise<Pros
|
||||
|
||||
const config = new ProsodyConfigContent(paths, prosodyDomain)
|
||||
if (!disableAnon) {
|
||||
config.useAnonymous()
|
||||
config.useAnonymous(autoBanIP)
|
||||
}
|
||||
config.useHttpAuthentication(authApiUrl)
|
||||
const useWS = !!options.registerWebSocketRoute // this comes with Peertube >=5.0.0, and is a prerequisite to websocket
|
||||
|
||||
@ -207,10 +207,13 @@ class ProsodyConfigContent {
|
||||
this.muc.set('muc_room_default_history_length', 20)
|
||||
}
|
||||
|
||||
useAnonymous (): void {
|
||||
useAnonymous (autoBanIP: boolean): void {
|
||||
this.anon = new ProsodyConfigVirtualHost('anon.' + this.prosodyDomain)
|
||||
this.anon.set('authentication', 'anonymous')
|
||||
this.anon.set('modules_enabled', ['ping'])
|
||||
if (autoBanIP) {
|
||||
this.anon.add('modules_enabled', 'muc_ban_ip')
|
||||
}
|
||||
}
|
||||
|
||||
useHttpAuthentication (url: string): void {
|
||||
|
||||
@ -83,7 +83,7 @@ Please read
|
||||
private: true
|
||||
})
|
||||
|
||||
// ********** Moderation and advances customization
|
||||
// ********** Advanced channel customization
|
||||
registerSetting({
|
||||
type: 'html',
|
||||
private: true,
|
||||
@ -197,6 +197,14 @@ Please read
|
||||
descriptionHTML: loc('no_anonymous_description'),
|
||||
private: false
|
||||
})
|
||||
registerSetting({
|
||||
name: 'auto-ban-anonymous-ip',
|
||||
label: loc('auto_ban_anonymous_ip_label'),
|
||||
type: 'input-checkbox',
|
||||
default: false,
|
||||
descriptionHTML: loc('auto_ban_anonymous_ip_description'),
|
||||
private: true
|
||||
})
|
||||
|
||||
// ********** Theming
|
||||
registerSetting({
|
||||
|
||||
Reference in New Issue
Block a user