Update changelog

Bump version in mix.exs
Use tagged version of coveralls
2020-01-17 12:05:36 +01:00 · 2020-01-17 11:42:11 +01:00 · 2020-01-17 08:59:10 +01:00 · 2020-01-16 15:26:20 +01:00 · 2020-01-16 15:08:57 +01:00 · 2020-01-15 14:49:37 +01:00
581 changed files with 125923 additions and 95724 deletions
@@ -1,15 +0,0 @@
-> What version of ejabberd are you using?
-
-
-
-> What operating system (version) are you using?
-
-
-
-> How did you install ejabberd (source, package, distribution)?
-
-
-
-> What did not work as expected? Are there error messages in the log? What
-> was the unexpected behavior? What was the expected result?
-
@@ -0,0 +1,29 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+assignees: ''
+
+---
+
+## Environment
+
+- ejabberd version: 18.09
+- Erlang version: `erl +V`
+- OS: Linux (Debian)
+- Installed from: source | distro package | official deb/rpm | official binary installer | other
+
+## Configuration (only if needed): grep -Ev '^$|^\s*#' ejabberd.yml
+
+```yaml
+loglevel: 4
+...
+```
+
+## Errors from error.log/crash.log
+
+No errors
+
+## Bug description
+
+Please, give us a precise description (what does not work, what is expected, etc.)
@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: Kind:Feature
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.
@@ -0,0 +1,38 @@
+# Configuration for Lock Threads - https://github.com/dessant/lock-threads
+
+# Number of days of inactivity before a closed issue or pull request is locked
+daysUntilLock: 365
+
+# Skip issues and pull requests created before a given timestamp. Timestamp must
+# follow ISO 8601 (`YYYY-MM-DD`). Set to `false` to disable
+skipCreatedBefore: false
+
+# Issues and pull requests with these labels will be ignored. Set to `[]` to disable
+exemptLabels: []
+
+# Label to add before locking, such as `outdated`. Set to `false` to disable
+lockLabel: false
+
+# Comment to post before locking. Set to `false` to disable
+lockComment: >
+  This thread has been automatically locked since there has not been
+  any recent activity after it was closed. Please open a new issue for
+  related bugs.
+
+# Assign `resolved` as the reason for locking. Set to `false` to disable
+setLockReason: true
+
+# Limit to only `issues` or `pulls`
+# only: issues
+
+# Optionally, specify configuration settings just for `issues` or `pulls`
+# issues:
+#   exemptLabels:
+#     - help-wanted
+#   lockLabel: outdated
+
+# pulls:
+#   daysUntilLock: 30
+
+# Repository to extend settings from
+# _extends: repo
@@ -1,13 +1,12 @@
 language: erlang

 otp_release:
-  - 17.5
-  - 18.3
-  - 19.2
+  - 19.3
+  - 22.2

 services:
-  - riak
  - redis-server
+  - postgresql

 before_install:
  #
@@ -22,6 +21,7 @@ before_install:
  - sudo add-apt-repository 'deb http://repo.mysql.com/apt/ubuntu/ precise mysql-5.6'
  - sudo apt-get -qq update
  - sudo apt-get -qq -o Dpkg::Options::=--force-confold install mysql-server
+  - sudo service mysql start
  - sudo mysql_upgrade
  # /END MYSQL 5.6
  - pip install --user coveralls-merge
@@ -31,40 +31,39 @@ install:

 before_script:
  # Ulimit: See Travis-CI issue report: https://github.com/travis-ci/travis-ci/issues/3328
-  - echo 'ulimit -n 4096' > riak
-  - sudo mv riak /etc/default/riak
-  - mkdir "$PWD/ebin"
-  - echo "[{riak_kv, [{add_paths, [\"$PWD/ebin/\"]}]}]." > advanced.config
-  - sudo mv advanced.config /etc/riak/advanced.config
-  - sudo service riak restart
-  - sudo riak-admin wait-for-service riak_kv 'riak@127.0.0.1'
-  - sudo riak-admin test
  - mysql -u root -e "CREATE USER 'ejabberd_test'@'localhost' IDENTIFIED BY 'ejabberd_test';"
  - mysql -u root -e "CREATE DATABASE ejabberd_test;"
  - mysql -u root -e "GRANT ALL ON ejabberd_test.* TO 'ejabberd_test'@'localhost';"
+  - mysql -u root ejabberd_test < sql/mysql.sql
  - psql -U postgres -c "CREATE USER ejabberd_test WITH PASSWORD 'ejabberd_test';"
  - psql -U postgres -c "CREATE DATABASE ejabberd_test;"
+  - psql -U postgres ejabberd_test -f sql/pg.sql
  - psql -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE ejabberd_test TO ejabberd_test;"
+  - psql -U postgres ejabberd_test -c "GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO ejabberd_test;"
+  - psql -U postgres ejabberd_test -c "GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO ejabberd_test;"

 script:
  - ./autogen.sh
-  - ./configure --prefix=/tmp/ejabberd --enable-all --disable-odbc
+  - ./configure --prefix=/tmp/ejabberd --enable-all --disable-odbc --disable-elixir
  - make
-  - make install
+  - make install -s
  - make xref
+  - ./tools/hook_deps.sh ebin
  - sed -i -e 's/ct:pal/ct:log/' test/suite.erl
  - ln -sf ../sql priv/
+  - echo "" >> rebar.config
+  - echo '{ct_extra_params, "-verbosity 20"}.' >> rebar.config
  - escript ./rebar skip_deps=true ct -v
-  - grep -q 'TEST COMPLETE, \([[:digit:]]*\) ok, .* of \1 ' logs/raw.log
+  - grep -q 'TEST COMPLETE,.* 0 failed' logs/raw.log
+  - test $(find logs -empty -name error.log)

 after_script:
  - find logs -name suite.log -exec cat '{}' ';'

 after_failure:
  - find logs -name exunit.log -exec cat '{}' ';'
-  # Try checking Riak database logs
-  - tail -n 100000 /var/log/riak/*.log
  - find logs -name ejabberd.log -exec cat '{}' ';'
+  - find logs -name suite.log -exec cat '{}' ';' | awk 'BEGIN{RS="\n=case";FS="\n"} /=result\s*failed/ {print "=case" $0}'

 after_success:
  - coveralls-merge erlang.json
@@ -1,5 +1,5 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.5 (GNU/Linux)
+Version: GnuPG v1

 mQGiBD4+owwRBAC14GIfUfCyEDSIePvEW3SAFUdJBtoQHH/nJKZyQT7h9bPlUWC3
 RODjQReyCITRrdwyrKUGku2FmeVGwn2u2WmDMNABLnpprWPkBdCk96+OmSLN9brZ
@@ -11,9 +11,9 @@ kYpXBACmWpP8NJTkamEnPCia2ZoOHODANwpUkP43I7jsDmgtobZX9qnrAXw+uNDI
 QJEXM6FSbi0LLtZciNlYsafwAPEOMDKpMqAK6IyisNtPvaLd8lH0bPAnWqcyefep
 rv0sxxqUEMcM3o7wwgfN83POkDasDbs3pjwPhxvhz6//62zQJ7Q2TXlTUUwgUmVs
 ZWFzZSBFbmdpbmVlcmluZyA8bXlzcWwtYnVpbGRAb3NzLm9yYWNsZS5jb20+iGwE
-ExECACwCGyMCHgECF4ACGQEGCwkIBwMCBhUKCQgCAwUWAgMBAAUCWKcFIAUJHirJ
-FAAKCRCMcY07UHLh9VcFAJ46pUyVd8BZ2r5CppMC1tmyQ3ceRgCfVPwuVsiS0VER
-5WUqtAQDt+DoetCIaQQTEQIAKQIbIwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAhkB
+ExECACwCGyMCHgECF4ACGQEGCwkIBwMCBhUKCQgCAwUWAgMBAAUCXEBY+wUJI87e
+5AAKCRCMcY07UHLh9RZPAJ9uvm0zlzfCN+DHxHVaoFLFjdVYTQCfborsC9tmEZYa
+whhogjeBkZkorbyIaQQTEQIAKQIbIwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAhkB
 BQJTAdRmBQkaZsvLAAoJEIxxjTtQcuH1X4MAoKNLWAbCBUj96637kv6Xa/fJuX5m
 AJwPtmgDfjUe2iuhXdTrFEPT19SB6ohmBBMRAgAmAhsjBgsJCAcDAgQVAggDBBYC
 AwECHgECF4AFAk53PioFCRP7AhUACgkQjHGNO1By4fUmzACeJdfqgc9gWTUhgmcM
@@ -428,5 +428,5 @@ GoaU9u41oyZTIiXPiFidJoIZCh7fdurP8pn3X+R5HUNXMr7M+ba8lSNxce/F3kmH
 0L7rsKqdh9d/aVxhJINJ+inVDnrXWVoXu9GBjT8Nco1iU9SIVAQYEQIADAUCTnc9
 7QUJE/sBuAASB2VHUEcAAQEJEIxxjTtQcuH1FJsAmwWK9vmwRJ/y9gTnJ8PWf0BV
 roUTAKClYAhZuX2nUNwH4vlEJQHDqYa5yQ==
-=HfUN
+=ghXk
 -----END PGP PUBLIC KEY BLOCK-----
@@ -0,0 +1,269 @@
+# Version 20.01
+
+* New features
+- Implement OAUTH authentication for clients
+- Implement OAUTH authentication in mqtt
+- Make logging infrastructure use new logger introduced introduced
+  in Erlang (requires OTP22)
+- New configuration parser/validator
+- Initial work on being able to use CockroachDB as database backend
+- Add gc command
+- Add option to disable using prepared statements on Postgresql
+- Implement routine for converting password to SCRAM format
+  for all backends not only SQL
+- Add infrastructure for having module documentation directly
+  in individual module source code
+- Generate man page automaticaly
+- Implement copy feature in mod_carboncopy
+
+* Fixes
+- Make webadmin work with configurable paths
+- Fix handling of result in xmlrpc module
+- Make webadmin work even when accessed through not declared domain
+- Better error reporting in xmlrpc
+- Limit ammount of results returned by disco queries to pubsub nodes
+- Improve validation of configured JWT keys
+- Fix race condition in Redis/SQL startup
+- Fix loading order of third party modules
+- Fix reloading of ACL rules
+- Make account removal requests properly route response
+- Improve handling of malformed inputs in send_message command
+- Omit push notification if storing message in offline storage
+  failed
+- Fix crash in stream management when timeout was not set
+
+# Version 19.09
+
+* Admin
+- The minimum required Erlang/OTP version is now 19.3
+- Fix API call using OAuth (#2982)
+- Rename MUC command arguments from Host to Service (#2976)
+
+* Webadmin
+- Don't treat 'Host' header as a virtual XMPP host (#2989)
+- Fix some links to Guide in WebAdmin and add new ones (#3003)
+- Use select fields to input host in WebAdmin Backup (#3000)
+- Check account auth provided in WebAdmin is a local host (#3000)
+
+* ACME
+- Improve ACME implementation
+- Fix IDA support in ACME requests
+- Fix unicode formatting in ACME module
+- Log an error message on IDNA failure
+- Support IDN hostnames in ACME requests
+- Don't attempt to create ACME directory on ejabberd startup
+- Don't allow requesting certificates for localhost or IP-like domains
+- Don't auto request certificate for localhost and IP-like domains
+- Add listener for ACME challenge in example config
+
+* Authentication
+- JWT-only authentication for some users (#3012)
+
+* MUC
+- Apply default role after revoking admin affiliation (#3023)
+- Custom exit message is not broadcast (#3004)
+- Revert "Affiliations other than admin and owner cannot invite to members_only rooms" (#2987)
+- When join new room with password, set pass and password_protected (#2668)
+- Improve rooms_* commands to accept 'global' as MUC service argument (#2976)
+- Rename MUC command arguments from Host to Service (#2976)
+
+* SQL
+- Fix transactions for Microsoft SQL Server (#2978)
+- Spawn SQL connections on demand only
+
+* Misc
+- Add support for XEP-0328: JID Prep
+- Added gsfonts for captcha
+- Log Mnesia table type on creation
+- Replicate Mnesia 'bosh' table when nodes are joined
+- Fix certificate selection for s2s (#3015)
+- Provide meaningful error when adding non-local users to shared roster (#3000)
+- Websocket: don't treat 'Host' header as a virtual XMPP host (#2989)
+- Fix sm ack related c2s error (#2984)
+- Don't hide the reason why c2s connection has failed
+- Unicode support
+- Correctly handle unicode in log messages
+- Fix unicode processing in ejabberd.yml
+
+# Version 19.08
+
+* Administration
+- Improve ejabberd halting procedure
+- Process unexpected erlang messages uniformly: logging a warning
+- mod_configure: Remove modules management
+
+* Configuration
+- Use new configuration validator
+- ejabberd_http: Use correct virtual host when consulting trusted_proxies
+- Fix Elixir modules detection in the configuration file
+- Make option 'validate_stream' global
+- Allow multiple definitions of host_config and append_host_config
+- Introduce option 'captcha_url'
+- mod_stream_mgmt: Allow flexible timeout format
+- mod_mqtt: Allow flexible timeout format in session_expiry option
+
+* Misc
+- Fix SQL connections leakage
+- New authentication method using JWT tokens
+- extauth: Add 'certauth' command
+- Improve SQL pool logic
+- Add and improve type specs
+- Improve extraction of translated strings
+- Improve error handling/reporting when loading language translations
+- Improve hooks validator and fix bugs related to hooks registration
+- Gracefully close inbound s2s connections
+- mod_mqtt: Fix usage of TLS
+- mod_offline: Make count_offline_messages cache work when using mam for storage
+- mod_privacy: Don't attempt to query 'undefined' active list
+- mod_privacy: Fix race condition
+
+* MUC
+- Add code for hibernating inactive muc_room processes
+- Improve handling of unexpected iq in mod_muc_room
+- Attach mod_muc_room processes to a supervisor
+- Restore room when receiving message or generic iq for not started room
+- Distribute routing of MUC messages accross all CPU cores
+
+* PubSub
+- Fix pending nodes retrieval for SQL backend
+- Check access_model when publishing PEP
+- Remove deprecated pubsub plugins
+- Expose access_model and publish_model in pubsub#metadata
+
+# Version 19.05
+
+* Admin
+- The minimum required Erlang/OTP version is now 19.1
+- Provide a suggestion when unknown command, module, option or request handler is detected
+- Deprecate some listening options: captcha, register, web_admin, http_bind and xmlrpc
+- Add commands to get Mnesia info: mnesia_info and mnesia_table_info
+- Fix Register command to respect mod_register's Access option
+- Fixes in Prosody import: privacy and rooms
+- Remove TLS options from the example config
+- Improve request_handlers validator
+- Fix syntax in example Elixir config file
+
+* Auth
+- Correctly support cache tags in ejabberd_auth
+- Don't process failed EXTERNAL authentication by mod_fail2ban
+- Don't call to mod_register when it's not loaded
+- Make anonymous auth don't {de}register user when there are other resources
+
+* Developer
+- Rename listening callback from start/2 to start/3
+- New hook called when room gets destroyed: room_destroyed
+- New hooks for tracking mucsub subscriptions changes: muc_subscribed, muc_unsubscribed
+- Make static hooks analyzer working again
+
+* MUC
+- Service admins are allowed to recreate room even if archiv is nonempty
+- New option user_mucsub_from_muc_archive
+- Avoid late arrival of get_disco_item response
+- Handle get_subscribed_rooms call from mod_muc_room pid
+- Fix room state cleanup from db on change of persistent option change
+- Make get_subscribed_rooms work even for non-persistant rooms
+- Allow non-moderator subscribers to get list of room subscribers
+
+* Offline
+- New option bounce_groupchat: make it not bounce mucsub/groupchat messages
+- New option use_mam_for_storage: fetch data from mam instead of spool table
+- When applying limit of max msgs in spool check only spool size
+- Do not store mucsub wrapped messages with no-store hint in offline storage
+- Always store ActivityMarker messages
+- Don't issue count/message fetch queries for offline from mam when not needed
+- Properly handle infinity as max number of message in mam offline storage
+- Sort messages by stanza_id when using mam storage in mod_offline
+- Return correct value from count_offline_messages with mam storage option
+- Make mod_offline put msg ignored by mam in spool when mam storage is on
+
+* SQL:
+- Add SQL schemas for MQTT tables
+- Report better errors on SQL terms decode failure
+- Fix PostgreSQL compatibility in mod_offline_sql:remove_old_messages
+- Fix handling of list arguments on pgsql
+- Preliminary support for SQL in process_rosteritems command
+
+* Tests
+- Add tests for user mucsub mam from muc mam
+- Add tests for offline with mam storage
+- Add tests for offline use_mam_for_storage
+- Initial Docker environment to run ejabberd test suite
+- Test offline:use_mam_for_storage, mam:user_mucsub_from_muc_archive used together
+
+* Websocket
+- Add WebSockets support to mod_mqtt
+- Return "Bad request" error when origin in websocket connection doesn't match
+- Fix RFC6454 violation on websocket connection when validating Origin header
+- Origin header validation on websocket connection
+
+* Other modules
+- mod_adhoc: Use xml:lang from stanza when it's missing in <command/> element
+- mod_announce: Add 'sessionid' attribute when required
+- mod_bosh: Don't put duplicate polling attribute in bosh payload
+- mod_http_api: Improve argument error messages and log messages
+- mod_http_upload: Feed whole image to eimp:identify/1
+- mod_http_upload: Log nicer warning on unknown host
+- mod_http_upload: Case-insensitive host comparison
+- mod_mqtt: Support other socket modules
+- mod_push: Check for payload in encrypted messages
+
+# Version 19.02
+
+* Admin
+- Fix in configure.ac the Erlang/OTP version: from 17.5 to 19.0
+- reload_config command: Fix crash when sql_pool_size option is used
+- reload_config command: Fix crash when SQL is not configured
+- rooms_empty_destroy command: Several fixes to behave more conservative
+- Fix serverhost->host parameter name for muc_(un)register_nick API
+
+* Configuration
+- Allow specifying tag for listener for api_permission purposes
+- Change default ciphers to intermediate
+- Define default ciphers/protocol_option in example config
+- Don't crash on malformed 'modules' section
+- mod_mam: New option clear_archive_on_room_destroy to prevent archive removal on room destroy
+- mod_mam: New option access_preferences to restrict who can modify the MAM preferences
+- mod_muc: New option access_mam to restrict who can modify that room option
+- mod_offline: New option store_groupchat to allow storing group chat messages
+
+* Core
+- Add MQTT protocol support
+- Fix (un)setting of priority
+- Use OTP application startup infrastructure for starting dependencies
+- Improve starting order of several dependencies
+
+* MAM
+- mod_mam_mnesia/sql: Improve check for empty archive
+- disallow room creation if archive not empty and clear_archive_on_room_destroy is false
+- allow check if archive is empty for or user or room
+- Additional checks for database failures
+
+* MUC
+- Make sure that room_destroyed is called even when some code throws in terminate
+- Update muc room state after adding extra access field to it
+- MUC/Sub: Send mucsub subscriber notification events with from set to room jid
+
+* Shared Roster
+- Don't perform roster push for non-local contacts
+- Handle versioning result when shared roster group has remote account
+- Fix SQL queries
+
+* Miscelanea
+- CAPTCHA: Add no-store hint to CAPTCHA challenge stanzas
+- HTTP: Reject http_api request with malformed Authentication header
+- mod_carboncopy: Don't lose carbons on presence change or session resumption
+- mod_mix: Fix submission-id and channel resource
+- mod_ping: Fix ping IQ reply/timeout processing (17.x regression)
+- mod_private: Hardcode item ID for PEP bookmarks
+- mod_push: Improve notification error handling
+- PIEFXIS: Fix user export when password is scrammed
+- Prosody: Improve import of roster items, rooms and attributes
+- Translations: fixed "make translations"
+- WebAdmin: Fix support to restart module with new options
+
+# Version 18.12
+
+* MAM data store compression
+* Proxy protocol support (http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt)
+* MUC Self-Ping optimization (XEP-0410)
+* Bookmarks conversion (XEP-0411)
@@ -0,0 +1,46 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at conduct@process-one.net. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/
@@ -0,0 +1,148 @@
+# Contributing to ejabberd
+
+We'd love for you to contribute to our source code and to make ejabberd even better than it is
+today! Here are the guidelines we'd like you to follow:
+
+* [Code of Conduct](#coc)
+* [Questions and Problems](#question)
+* [Issues and Bugs](#issue)
+* [Feature Requests](#feature)
+* [Issue Submission Guidelines](#submit)
+* [Pull Request Submission Guidelines](#submit-pr)
+* [Signing the CLA](#cla)
+
+## <a name="coc"></a> Code of Conduct
+
+Help us keep ejabberd community open-minded and inclusive. Please read and follow our [Code of Conduct][coc].
+
+## <a name="requests"></a> Questions, Bugs, Features
+
+### <a name="question"></a> Got a Question or Problem?
+
+Do not open issues for general support questions as we want to keep GitHub issues for bug reports
+and feature requests. You've got much better chances of getting your question answered on dedicated
+support platforms, the best being [Stack Overflow][stackoverflow].
+
+Stack Overflow is a much better place to ask questions since:
+
+- there are thousands of people willing to help on Stack Overflow
+- questions and answers stay available for public viewing so your question / answer might help
+  someone else
+- Stack Overflow's voting system assures that the best answers are prominently visible.
+
+To save your and our time, we will systematically close all issues that are requests for general
+support and redirect people to the section you are reading right now.
+
+Other channels for support are:
+- [ejabberd Mailing List][list]
+- [ejabberd XMPP room][muc]: ejabberd@conference.process-one.net
+
+### <a name="issue"></a> Found an Issue or Bug?
+
+If you find a bug in the source code, you can help us by submitting an issue to our
+[GitHub Repository][github]. Even better, you can submit a Pull Request with a fix.
+
+### <a name="feature"></a> Missing a Feature?
+
+You can request a new feature by submitting an issue to our [GitHub Repository][github-issues].
+
+If you would like to implement a new feature then consider what kind of change it is:
+
+* **Major Changes** that you wish to contribute to the project should be discussed first in an
+  [GitHub issue][github-issues] that clearly outlines the changes and benefits of the feature.
+* **Small Changes** can directly be crafted and submitted to the [GitHub Repository][github]
+  as a Pull Request. See the section about [Pull Request Submission Guidelines](#submit-pr).
+
+## <a name="submit"></a> Issue Submission Guidelines
+
+Before you submit your issue search the archive, maybe your question was already answered.
+
+If your issue appears to be a bug, and hasn't been reported, open a new issue. Help us to maximize
+the effort we can spend fixing issues and adding new features, by not reporting duplicate issues.
+
+The "[new issue][github-new-issue]" form contains a number of prompts that you should fill out to
+make it easier to understand and categorize the issue.
+
+## <a name="submit-pr"></a> Pull Request Submission Guidelines
+
+By submitting a pull request for a code or doc contribution, you need to have the right
+to grant your contribution's copyright license to ProcessOne. Please check [ProcessOne CLA][cla]
+for details.
+
+Before you submit your pull request consider the following guidelines:
+
+* Search [GitHub][github-pr] for an open or closed Pull Request
+  that relates to your submission. You don't want to duplicate effort.
+* Create the [development environment][developer-setup]
+* Make your changes in a new git branch:
+
+    ```shell
+    git checkout -b my-fix-branch master
+    ```
+* Test your changes and, if relevant, expand the automated test suite.
+* Create your patch commit, including appropriate test cases.
+* If the changes affect public APIs, change or add relevant [documentation][doc-repo].
+* Commit your changes using a descriptive commit message.
+
+    ```shell
+    git commit -a
+    ```
+  Note: the optional commit `-a` command line option will automatically "add" and "rm" edited files.
+
+* Push your branch to GitHub:
+
+    ```shell
+    git push origin my-fix-branch
+    ```
+
+* In GitHub, send a pull request to `ejabberd:master`. This will trigger the Travis integration and run the test.
+We will also notify you if you have not yet signed the [contribution agreement][cla].
+
+* If you find that the Travis integration has failed, look into the logs on Travis to find out
+if your changes caused test failures, the commit message was malformed etc. If you find that the
+tests failed or times out for unrelated reasons, you can ping a team member so that the build can be
+restarted.
+
+* If we suggest changes, then:
+
+  * Make the required updates.
+  * Test your changes and test cases.
+  * Commit your changes to your branch (e.g. `my-fix-branch`).
+  * Push the changes to your GitHub repository (this will update your Pull Request).
+
+    You can also amend the initial commits and force push them to the branch.
+
+    ```shell
+    git rebase master -i
+    git push origin my-fix-branch -f
+    ```
+
+    This is generally easier to follow, but separate commits are useful if the Pull Request contains
+    iterations that might be interesting to see side-by-side.
+
+That's it! Thank you for your contribution!
+
+## <a name="cla"></a> Signing the Contributor License Agreement (CLA)
+
+Upon submitting a Pull Request, we will ask you to sign our CLA if you haven't done
+so before. It's a quick process, we promise, and you will be able to do it all online
+
+You can read [ProcessOne Contribution License Agreement][cla] in PDF.
+
+This is part of the legal framework of the open-source ecosystem that adds some red tape,
+but protects both the contributor and the company / foundation behind the project. It also
+gives us the option to relicense the code with a more permissive license in the future.
+
+
+[coc]: https://github.com/processone/ejabberd/blob/master/CODE_OF_CONDUCT.md
+[stackoverflow]: https://stackoverflow.com/questions/tagged/ejabberd?sort=newest
+[list]: http://lists.jabber.ru/mailman/listinfo/ejabberd
+[muc]: xmpp:ejabberd@conference.process-one.net
+[github]: https://github.com/processone/ejabberd
+[github-issues]: https://github.com/processone/ejabberd/issues
+[github-new-issue]: https://github.com/processone/ejabberd/issues/new
+[github-pr]: https://github.com/processone/ejabberd/pulls
+[doc-repo]: https://github.com/processone/docs.ejabberd.im
+[developer-setup]: https://docs.ejabberd.im/developer/
+[cla]: https://www.process-one.net/resources/ejabberd-cla.pdf
+[license]: https://github.com/processone/ejabberd/blob/master/COPYING
@@ -0,0 +1,37 @@
+# Contributors
+
+We would like to thanks official ejabberd source code contributors:
+
+- Sergey Abramyan
+- Badlop
+- Ludovic Bocquet
+- Emilio Bustos
+- Thiago Camargo
+- Juan Pablo Carlino
+- Paweł Chmielowski
+- Gabriel Gatu
+- Tsukasa Hamano
+- Konstantinos Kallas
+- Evgeny Khramtsov
+- Ben Langfeld
+- Peter Lemenkov
+- Anna Mukharram
+- Johan Oudinet
+- Pablo Polvorin
+- Mickaël Rémond
+- Matthias Rieber
+- Rafael Roemhild
+- Christophe Romain
+- Jérôme Sautret
+- Sonny Scroggin
+- Alexey Shchepin
+- Shelley Shyan
+- Radoslaw Szymczyszyn
+- Stu Tomlinson
+- Christian Ulrich
+- Holger Weiß
+
+Please, if you think we are missing your contribution, do not hesitate to contact us at ProcessOne.
+In case you do not want to appear in this list, please, let us know as well.
+
+Thanks !
@@ -1,120 +0,0 @@
-FROM debian:jessie-slim
-MAINTAINER Rafael Römhild <rafael@roemhild.de>
-
-ENV EJABBERD_BRANCH=17.08 \
-    EJABBERD_USER=ejabberd \
-    EJABBERD_HTTPS=true \
-    EJABBERD_STARTTLS=true \
-    EJABBERD_S2S_SSL=true \
-    EJABBERD_HOME=/opt/ejabberd \
-    EJABBERD_DEBUG_MODE=false \
-    HOME=$EJABBERD_HOME \
-    PATH=$EJABBERD_HOME/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/sbin \
-    DEBIAN_FRONTEND=noninteractive \
-    XMPP_DOMAIN=localhost \
-    # Set default locale for the environment
-    LC_ALL=C.UTF-8 \
-    LANG=en_US.UTF-8 \
-    LANGUAGE=en_US.UTF-8
-
-# Add ejabberd user and group
-RUN groupadd -r $EJABBERD_USER \
-    && useradd -r -m \
-       -g $EJABBERD_USER \
-       -d $EJABBERD_HOME \
-       $EJABBERD_USER
-
-# Install packages and perform cleanup
-RUN set -x \
-    && buildDeps=' \
-        git-core \
-        build-essential \
-        automake \
-        libssl-dev \
-        zlib1g-dev \
-        libexpat-dev \
-        libyaml-dev \
-        libsqlite3-dev \
-        erlang-src erlang-dev \
-    ' \
-    && requiredAptPackages=' \
-        wget \
-        locales \
-        ldnsutils \
-        python2.7 \
-        python-jinja2 \
-        ca-certificates \
-        libyaml-0-2 \
-        erlang-base erlang-snmp erlang-ssl erlang-ssh erlang-webtool \
-        erlang-tools erlang-xmerl erlang-corba erlang-diameter erlang-eldap \
-        erlang-eunit erlang-ic erlang-odbc erlang-os-mon \
-        erlang-parsetools erlang-percept erlang-typer \
-        python-mysqldb \
-        imagemagick \
-    ' \
-    && apt-key adv \
-        --keyserver keys.gnupg.net \
-        --recv-keys 434975BD900CCBE4F7EE1B1ED208507CA14F4FCA \
-    && apt-get update \
-    && apt-get install -y $buildDeps $requiredAptPackages --no-install-recommends \
-    && dpkg-reconfigure locales && \
-        locale-gen C.UTF-8 \
-    && /usr/sbin/update-locale LANG=C.UTF-8 \
-    && echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen \
-    && locale-gen \
-    && cd /tmp \
-    && git clone https://github.com/processone/ejabberd.git \
-        --branch $EJABBERD_BRANCH --single-branch --depth=1 \
-    && cd ejabberd \
-    && chmod +x ./autogen.sh \
-    && ./autogen.sh \
-    && ./configure --enable-user=$EJABBERD_USER \
-        --enable-all \
-        --disable-tools \
-        --disable-pam \
-    && make debug=$EJABBERD_DEBUG_MODE \
-    && make install \
-    && mkdir $EJABBERD_HOME/ssl \
-    && mkdir $EJABBERD_HOME/conf \
-    && mkdir $EJABBERD_HOME/backup \
-    && mkdir $EJABBERD_HOME/upload \
-    && mkdir $EJABBERD_HOME/database \
-    && mkdir $EJABBERD_HOME/module_source \
-    && cd $EJABBERD_HOME \
-    && rm -rf /tmp/ejabberd \
-    && rm -rf /usr/local/etc/ejabberd \
-    && ln -sf $EJABBERD_HOME/conf /usr/local/etc/ejabberd \
-    && chown -R $EJABBERD_USER: $EJABBERD_HOME \
-    && rm -rf /var/lib/apt/lists/* \
-    && apt-get purge -y --auto-remove $buildDeps
-
-RUN wget -P /usr/local/share/ca-certificates/cacert.org http://www.cacert.org/certs/root.crt http://www.cacert.org/certs/class3.crt; \
-    update-ca-certificates
-
-# Create logging directories
-RUN mkdir -p /var/log/ejabberd
-RUN touch /var/log/ejabberd/crash.log /var/log/ejabberd/error.log /var/log/ejabberd/erlang.log
-
-# Wrapper for setting config on disk from environment
-# allows setting things like XMPP domain at runtime
-ADD ./docker/run.sh /sbin/run
-
-# Add run scripts
-ADD ./docker/scripts $EJABBERD_HOME/scripts
-ADD https://raw.githubusercontent.com/rankenstein/ejabberd-auth-mysql/master/auth_mysql.py $EJABBERD_HOME/scripts/lib/auth_mysql.py
-RUN chmod a+rx $EJABBERD_HOME/scripts/lib/auth_mysql.py
-
-# Add config templates
-ADD ./docker/conf /opt/ejabberd/conf
-
-# Continue as user
-USER $EJABBERD_USER
-
-# Set workdir to ejabberd root
-WORKDIR $EJABBERD_HOME
-
-VOLUME ["$EJABBERD_HOME/database", "$EJABBERD_HOME/ssl", "$EJABBERD_HOME/backup", "$EJABBERD_HOME/upload"]
-EXPOSE 4560 5222 5269 5280 5443
-
-CMD ["start"]
-ENTRYPOINT ["run"]
@@ -28,6 +28,9 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 datarootdir = @datarootdir@
 DOCDIR = $(DESTDIR)@docdir@

+# /share/doc/man/man5
+MANDIR = $(DESTDIR)@mandir@/man5
+
 # /usr/lib/ejabberd/ebin/
 BEAMDIR = $(EJABBERDDIR)/ebin

@@ -46,9 +49,21 @@ SODIR = $(PRIVDIR)/lib
 # /usr/lib/ejabberd/priv/msgs
 MSGSDIR = $(PRIVDIR)/msgs

+# /usr/lib/ejabberd/priv/css
+CSSDIR = $(PRIVDIR)/css
+
+# /usr/lib/ejabberd/priv/img
+IMGDIR = $(PRIVDIR)/img
+
+# /usr/lib/ejabberd/priv/js
+JSDIR = $(PRIVDIR)/js
+
 # /usr/lib/ejabberd/priv/sql
 SQLDIR = $(PRIVDIR)/sql

+# /usr/lib/ejabberd/priv/lua
+LUADIR = $(PRIVDIR)/lua
+
 # /var/lib/ejabberd/
 SPOOLDIR = $(DESTDIR)@localstatedir@/lib/ejabberd

@@ -76,6 +91,11 @@ else
  CHOWN_OUTPUT=&1
  INIT_USER=$(INSTALLUSER)
 endif
+# if no group was enabled, don't set privileges or ownership
+INSTALLGROUP=@INSTALLGROUP@
+ifneq ($(INSTALLGROUP),)
+  G_USER=-g $(INSTALLGROUP)
+endif

 all: deps src

@@ -84,9 +104,11 @@ deps: deps/.got
 deps/.got:
 	rm -rf deps/.got
 	rm -rf deps/.built
+	mkdir -p deps
 	$(REBAR) get-deps && :> deps/.got

 deps/.built: deps/.got
+	$(REBAR) configure-deps
 	$(REBAR) compile && :> deps/.built

 src: deps/.built
@@ -100,6 +122,11 @@ update:
 xref: all
 	$(REBAR) skip_deps=true xref

+hooks: all
+	tools/hook_deps.sh ebin
+
+options: all
+	tools/opt_types.sh ejabberd_option ebin

 translations:
 	tools/prepare-tr.sh
@@ -123,41 +150,54 @@ FILES_WILDCARD=$(call FILTER_DIRS,$(foreach w,$(1),$(wildcard $(w))))

 ifeq ($(MAKECMDGOALS),copy-files-sub)

-DEPS:=$(sort $(shell $(REBAR) -q list-deps|$(SED) -e '/[a-z0-9_-]+\s/d;s/ .*//'))
+DEPS:=$(sort $(shell $(REBAR) -q list-deps|$(SED) -ne '/ TAG / s/ .*// p; / REV / s/ .*// p; / BRANCH / s/ .*// p'))

 DEPS_FILES=$(call FILES_WILDCARD,$(foreach DEP,$(DEPS),deps/$(DEP)/ebin/*.beam deps/$(DEP)/ebin/*.app deps/$(DEP)/priv/* deps/$(DEP)/priv/lib/* deps/$(DEP)/priv/bin/* deps/$(DEP)/include/*.hrl deps/$(DEP)/COPY* deps/$(DEP)/LICENSE* deps/$(DEP)/lib/*/ebin/*.beam deps/$(DEP)/lib/*/ebin/*.app))
-DEPS_FILES_FILTERED=$(filter-out %/epam deps/elixir/ebin/elixir.app,$(DEPS_FILES))
+
+BINARIES=deps/epam/priv/bin/epam deps/eimp/priv/bin/eimp deps/fs/priv/mac_listener
+
+DEPS_FILES_FILTERED=$(filter-out $(BINARIES) deps/elixir/ebin/elixir.app,$(DEPS_FILES))
 DEPS_DIRS=$(sort deps/ $(foreach DEP,$(DEPS),deps/$(DEP)/) $(dir $(DEPS_FILES)))

-MAIN_FILES=$(filter-out %/configure.beam,$(call FILES_WILDCARD,ebin/*.beam ebin/*.app priv/msgs/*.msg priv/lib/* include/*.hrl COPYING))
-MAIN_DIRS=$(sort $(dir $(MAIN_FILES)) priv/bin priv/sql)
+MAIN_FILES=$(filter-out %/configure.beam,$(call FILES_WILDCARD,ebin/*.beam ebin/*.app priv/msgs/*.msg priv/css/*.css priv/img/*.png priv/js/*.js priv/lib/* include/*.hrl COPYING))
+MAIN_DIRS=$(sort $(dir $(MAIN_FILES)) priv/bin priv/sql priv/lua)

 define DEP_VERSION_template
 DEP_$(1)_VERSION:=$(shell $(SED) -e '/vsn/!d;s/.*, *"/$(1)-/;s/".*//' $(2) 2>/dev/null)
 endef

+DELETE_TARGET_SO=$(if $(subst X.soX,,X$(suffix $(1))X),,rm -f $(call TO_DEST,$(1));)
+
 $(foreach DEP,$(DEPS),$(eval $(call DEP_VERSION_template,$(DEP),deps/$(DEP)/ebin/$(DEP).app)))
 $(eval $(call DEP_VERSION_template,ejabberd,ebin/ejabberd.app))

 define COPY_template
-$(call TO_DEST,$(1)): $(1) $(call TO_DEST,$(dir $(1))) ; $$(INSTALL) -m 644 $(1) $(call TO_DEST,$(1))
+$(call TO_DEST,$(1)): $(1) $(call TO_DEST,$(dir $(1))) ; $(call DELETE_TARGET_SO, $(1)) $$(INSTALL) -m 644 $(1) $(call TO_DEST,$(1))
+endef
+
+define COPY_BINARY_template
+$(call TO_DEST,$(1)): $(1) $(call TO_DEST,$(dir $(1))) ; rm -f $(call TO_DEST,$(1)); $$(INSTALL) -m 755 $$(O_USER) $(1) $(call TO_DEST,$(1))
 endef

 $(foreach file,$(DEPS_FILES_FILTERED) $(MAIN_FILES),$(eval $(call COPY_template,$(file))))

+$(foreach file,$(BINARIES),$(eval $(call COPY_BINARY_template,$(file))))
+
 $(sort $(call TO_DEST,$(MAIN_DIRS) $(DEPS_DIRS))):
 	$(INSTALL) -d $@

-$(call TO_DEST,deps/epam/priv/bin/epam): $(LIBDIR)/%: deps/epam/priv/bin/epam $(call TO_DEST,deps/epam/priv/bin/)
-	$(INSTALL) -m 750 $(O_USER) $< $@
-
 $(call TO_DEST,priv/sql/lite.sql): sql/lite.sql $(call TO_DEST,priv/sql)
 	$(INSTALL) -m 644 $< $@

 $(call TO_DEST,priv/bin/captcha.sh): tools/captcha.sh $(call TO_DEST,priv/bin)
-	$(INSTALL) -m 750 $(O_USER) $< $@
+	$(INSTALL) -m 755 $(O_USER) $< $@

-copy-files-sub2: $(call TO_DEST,$(DEPS_FILES) $(MAIN_FILES) priv/bin/captcha.sh priv/sql/lite.sql)
+$(call TO_DEST,priv/lua/redis_sm.lua): priv/lua/redis_sm.lua $(call TO_DEST,priv/lua)
+	$(INSTALL) -m 644 $< $@
+
+copy-files-sub2: $(call TO_DEST,$(DEPS_FILES) $(MAIN_FILES) priv/bin/captcha.sh priv/sql/lite.sql priv/lua/redis_sm.lua)
+
+.PHONY: $(call TO_DEST,$(DEPS_FILES) $(MAIN_DIRS) $(DEPS_DIRS))

 endif

@@ -225,10 +265,11 @@ install: all copy-files
 	chmod -R 750 $(LOGDIR)
 	#
 	# Documentation
+	$(INSTALL) -d $(MANDIR)
 	$(INSTALL) -d $(DOCDIR)
-	[ -f doc/guide.html ] \
-		&& $(INSTALL) -m 644 doc/guide.html $(DOCDIR) \
-		|| echo "Documentation not included in sources"
+	[ -f man/ejabberd.yml.5 ] \
+		&& $(INSTALL) -m 644 man/ejabberd.yml.5 $(MANDIR) \
+		|| echo "Man page not included in sources"
 	$(INSTALL) -m 644 COPYING $(DOCDIR)

 uninstall: uninstall-binary
@@ -247,10 +288,18 @@ uninstall-binary:
 	rm -fr $(PBINDIR)
 	rm -f  $(SODIR)/*.so
 	rm -fr $(SODIR)
-	rm -f  $(MSGSDIR)/*.msgs
+	rm -f  $(MSGSDIR)/*.msg
 	rm -fr $(MSGSDIR)
+	rm -f  $(CSSDIR)/*.css
+	rm -fr $(CSSDIR)
+	rm -f  $(IMGDIR)/*.png
+	rm -fr $(IMGDIR)
+	rm -f  $(JSDIR)/*.js
+	rm -fr $(JSDIR)
 	rm -f  $(SQLDIR)/*.sql
 	rm -fr $(SQLDIR)
+	rm -fr $(LUADIR)/*.lua
+	rm -fr $(LUADIR)
 	rm -fr $(PRIVDIR)
 	rm -fr $(EJABBERDDIR)

@@ -295,8 +344,8 @@ dialyzer/erlang.plt:
 	@mkdir -p dialyzer
 	@dialyzer --build_plt --output_plt dialyzer/erlang.plt \
 	-o dialyzer/erlang.log --apps kernel stdlib sasl crypto \
-	public_key ssl mnesia inets odbc tools compiler erts \
-	runtime_tools asn1 observer xmerl et gs wx syntax_tools; \
+	public_key ssl mnesia inets odbc compiler erts \
+	os_mon asn1 syntax_tools; \
 	status=$$? ; if [ $$status -ne 2 ]; then exit $$status; else exit 0; fi

 dialyzer/deps.plt:
@@ -335,9 +384,6 @@ test:
 	@cd priv && ln -sf ../sql
 	$(REBAR) skip_deps=true ct

-quicktest:
-	$(REBAR) skip_deps=true ct suites=elixir
-
 .PHONY: src edoc dialyzer Makefile TAGS clean clean-rel distclean rel \
 	install uninstall uninstall-binary uninstall-all translations deps test \
-	quicktest erlang_plt deps_plt ejabberd_plt
+	quicktest erlang_plt deps_plt ejabberd_plt xref hooks options
@@ -1,177 +0,0 @@
-ejabberd Community Edition 
-==========================
-
-[![Build Status](https://travis-ci.org/processone/ejabberd.svg?branch=master)](https://travis-ci.org/processone/ejabberd) [![Hex version](https://img.shields.io/hexpm/v/ejabberd.svg "Hex version")](https://hex.pm/packages/ejabberd)
-
-ejabberd is a distributed, fault-tolerant technology that allows the creation
-of large-scale instant messaging applications. The server can reliably support
-thousands of simultaneous users on a single node and has been designed to
-provide exceptional standards of fault tolerance. As an open source
-technology, based on industry-standards, ejabberd can be used to build bespoke
-solutions very cost effectively.
-
-
-Key Features
------------
-
- **Cross-platform**  
-  ejabberd runs under Microsoft Windows and Unix-derived systems such as
-  Linux, FreeBSD and NetBSD.
-
- **Distributed**  
-  You can run ejabberd on a cluster of machines and all of them will serve the
-  same XMPP domain(s). When you need more capacity you can simply add a new
-  cheap node to your cluster. Accordingly, you do not need to buy an expensive
-  high-end machine to support tens of thousands concurrent users.
-
- **Fault-tolerant**  
-  You can deploy an ejabberd cluster so that all the information required for
-  a properly working service will be replicated permanently on all nodes. This
-  means that if one of the nodes crashes, the others will continue working
-  without disruption. In addition, nodes also can be added or replaced ‘on
-  the fly’.
-
- **Administrator-friendly**  
-  ejabberd is built on top of the Open Source Erlang. As a result you do not
-  need to install an external database, an external web server, amongst others
-  because everything is already included, and ready to run out of the box.
-  Other administrator benefits include:
-  - Comprehensive documentation.
-  - Straightforward installers for Linux and Mac OS X.
-  - Web administration.
-  - Shared roster groups.
-  - Command line administration tool.
-  - Can integrate with existing authentication mechanisms.
-  - Capability to send announce messages.
-
- **Internationalized**  
-  ejabberd leads in internationalization. Hence it is very well suited in a
-  globalized world. Related features are:
-  - Translated to 25 languages.
-  - Support for IDNA.
-
- **Open Standards**  
-  ejabberd is the first Open Source Jabber server claiming to fully comply to
-  the XMPP standard.
-  - Fully XMPP-compliant.
-  - XML-based protocol.
-  - Many protocols supported.
-
-
-Additional Features
-------------------
-
-Moreover, ejabberd comes with a wide range of other state-of-the-art features:
-
- **Modularity**
-  - Load only the modules you want.
-  - Extend ejabberd with your own custom modules.
-
- **Security**
-  - SASL and STARTTLS for c2s and s2s connections.
-  - STARTTLS and Dialback s2s connections.
-  - Web Admin accessible via HTTPS secure access.
-
- **Databases**
-  - Internal database for fast deployment (Mnesia).
-  - Native MySQL support.
-  - Native PostgreSQL support.
-  - ODBC data storage support.
-  - Microsoft SQL Server support.
-
- **Authentication**
-  - Internal authentication.
-  - PAM, LDAP and ODBC.
-  - External authentication script.
-
- **Others**
-  - Support for virtual hosting.
-  - Compressing XML streams with Stream Compression (XEP-0138).
-  - Statistics via Statistics Gathering (XEP-0039).
-  - IPv6 support both for c2s and s2s connections.
-  - Multi-User Chat module with support for clustering and HTML logging.
-  - Users Directory based on users vCards.
-  - Publish-Subscribe component with support for Personal Eventing.
-  - Support for web clients: HTTP Polling and HTTP Binding (BOSH).
-  - IRC transport.
-  - Component support: interface with networks such as AIM, ICQ and MSN.
-
-
-Quickstart guide
----------------
-
-### 0. Requirements
-
-To compile ejabberd you need:
-
- - GNU Make.
- - GCC.
- - Libexpat 1.95 or higher.
- - Libyaml 0.1.4 or higher.
- - Erlang/OTP 17.5 or higher.
- - OpenSSL 1.0.0 or higher, for STARTTLS, SASL and SSL encryption.
- - Zlib 1.2.3 or higher, for Stream Compression support (XEP-0138). Optional.
- - PAM library. Optional. For Pluggable Authentication Modules (PAM).
- - GNU Iconv 1.8 or higher, for the IRC Transport (mod_irc). Optional. Not
-   needed on systems with GNU Libc.
- - ImageMagick's Convert program. Optional. For CAPTCHA challenges.
-
-If your system splits packages in libraries and development headers, you must
-install the development packages also.
-
-### 1. Compile and install on *nix systems
-
-To compile ejabberd, execute the following commands.  The first one is only
-necessary if your source tree didn't come with a `configure` script (In this
-case you need autoconf installed).
-
-    ./autogen.sh
-    ./configure
-    make
-
-To install ejabberd, run this command with system administrator rights (root
-user):
-
-    sudo make install
-
-These commands will:
-
- Install the configuration files in `/etc/ejabberd/`
- Install ejabberd binary, header and runtime files in `/lib/ejabberd/`
- Install the administration script: `/sbin/ejabberdctl`
- Install ejabberd documentation in `/share/doc/ejabberd/`
- Create a spool directory: `/var/lib/ejabberd/`
- Create a directory for log files: `/var/log/ejabberd/`
-
-
-### 2. Start ejabberd
-
-You can use the `ejabberdctl` command line administration script to
-start and stop ejabberd. For example:
-
-    ejabberdctl start
-
-
-For detailed information please refer to the ejabberd Installation and
-Operation Guide available online and in the `doc` directory of the source
-tarball.
-
-
-Development
-----------
-
-In order to assist in the development of ejabberd, and particularly the
-execution of the test suite, a Vagrant environment is available at
-https://github.com/processone/ejabberd-vagrant-dev.
-
-To start ejabberd in development mode from the repository directory, you can
-type a command like:
-
-    EJABBERD_CONFIG_PATH=ejabberd.yml erl -pa ebin -pa deps/*/ebin -pa test -pa deps/elixir/lib/*/ebin/ -s ejabberd
-
-Links
-----
-
- Documentation: http://docs.ejabberd.im
- Community site: https://www.ejabberd.im
- ejabberd commercial offering and support: https://www.process-one.net/en/ejabberd
@@ -1 +0,0 @@
-README
@@ -0,0 +1,175 @@
+ejabberd Community Edition
+==========================
+
+[![Build Status](https://travis-ci.org/processone/ejabberd.svg?branch=master)](https://travis-ci.org/processone/ejabberd) [![Hex version](https://img.shields.io/hexpm/v/ejabberd.svg "Hex version")](https://hex.pm/packages/ejabberd)
+
+ejabberd is a distributed, fault-tolerant technology that allows the creation
+of large-scale instant messaging applications. The server can reliably support
+thousands of simultaneous users on a single node and has been designed to
+provide exceptional standards of fault tolerance. As an open source
+technology, based on industry-standards, ejabberd can be used to build bespoke
+solutions very cost effectively.
+
+
+Key Features
+------------
+
+- **Cross-platform**
+  ejabberd runs under Microsoft Windows and Unix-derived systems such as
+  Linux, FreeBSD and NetBSD.
+
+- **Distributed**
+  You can run ejabberd on a cluster of machines and all of them will serve the
+  same XMPP domain(s). When you need more capacity you can simply add a new
+  cheap node to your cluster. Accordingly, you do not need to buy an expensive
+  high-end machine to support tens of thousands concurrent users.
+
+- **Fault-tolerant**
+  You can deploy an ejabberd cluster so that all the information required for
+  a properly working service will be replicated permanently on all nodes. This
+  means that if one of the nodes crashes, the others will continue working
+  without disruption. In addition, nodes also can be added or replaced ‘on
+  the fly’.
+
+- **Administrator-friendly**
+  ejabberd is built on top of the Open Source Erlang. As a result you do not
+  need to install an external database, an external web server, amongst others
+  because everything is already included, and ready to run out of the box.
+  Other administrator benefits include:
+  - Comprehensive documentation.
+  - Straightforward installers for Linux and Mac OS X.
+  - Web administration.
+  - Shared roster groups.
+  - Command line administration tool.
+  - Can integrate with existing authentication mechanisms.
+  - Capability to send announce messages.
+
+- **Internationalized**
+  ejabberd leads in internationalization. Hence it is very well suited in a
+  globalized world. Related features are:
+  - Translated to 25 languages.
+  - Support for IDNA.
+
+- **Open Standards**
+  ejabberd is the first Open Source Jabber server claiming to fully comply to
+  the XMPP standard.
+  - Fully XMPP-compliant.
+  - XML-based protocol.
+  - Many protocols supported.
+
+
+Additional Features
+-------------------
+
+Moreover, ejabberd comes with a wide range of other state-of-the-art features:
+
+- **Modularity**
+  - Load only the modules you want.
+  - Extend ejabberd with your own custom modules.
+
+- **Security**
+  - SASL and STARTTLS for c2s and s2s connections.
+  - STARTTLS and Dialback s2s connections.
+  - Web Admin accessible via HTTPS secure access.
+
+- **Databases**
+  - Internal database for fast deployment (Mnesia).
+  - Native MySQL support.
+  - Native PostgreSQL support.
+  - ODBC data storage support.
+  - Microsoft SQL Server support.
+
+- **Authentication**
+  - Internal authentication.
+  - PAM, LDAP and ODBC.
+  - External authentication script.
+
+- **Others**
+  - Support for virtual hosting.
+  - Compressing XML streams with Stream Compression (XEP-0138).
+  - Statistics via Statistics Gathering (XEP-0039).
+  - IPv6 support both for c2s and s2s connections.
+  - Multi-User Chat module with support for clustering and HTML logging.
+  - Users Directory based on users vCards.
+  - Publish-Subscribe component with support for Personal Eventing.
+  - Support for web clients: HTTP Polling and HTTP Binding (BOSH).
+  - Component support: interface with networks such as AIM, ICQ and MSN.
+
+
+Quickstart guide
+----------------
+
+### 0. Requirements
+
+To compile ejabberd you need:
+
+ - GNU Make.
+ - GCC.
+ - Libexpat ≥ 1.95.
+ - Libyaml ≥ 0.1.4.
+ - Erlang/OTP ≥ 19.3.
+ - OpenSSL ≥ 1.0.0.
+ - Zlib ≥ 1.2.3, for Stream Compression support (XEP-0138). Optional.
+ - PAM library. Optional. For Pluggable Authentication Modules (PAM).
+ - ImageMagick's Convert program and Ghostscript fonts. Optional. For CAPTCHA
+   challenges.
+
+If your system splits packages in libraries and development headers, you must
+install the development packages also.
+
+### 1. Compile and install on *nix systems
+
+To compile ejabberd, execute the following commands.  The first one is only
+necessary if your source tree didn't come with a `configure` script (In this
+case you need autoconf installed).
+
+    ./autogen.sh
+    ./configure
+    make
+
+To install ejabberd, run this command with system administrator rights (root
+user):
+
+    sudo make install
+
+These commands will:
+
+- Install the configuration files in `/etc/ejabberd/`
+- Install ejabberd binary, header and runtime files in `/lib/ejabberd/`
+- Install the administration script: `/sbin/ejabberdctl`
+- Install ejabberd documentation in `/share/doc/ejabberd/`
+- Create a spool directory: `/var/lib/ejabberd/`
+- Create a directory for log files: `/var/log/ejabberd/`
+
+
+### 2. Start ejabberd
+
+You can use the `ejabberdctl` command line administration script to
+start and stop ejabberd. For example:
+
+    ejabberdctl start
+
+
+For detailed information please refer to the ejabberd Installation and
+Operation Guide available online and in the `doc` directory of the source
+tarball.
+
+
+Development
+-----------
+
+In order to assist in the development of ejabberd, and particularly the
+execution of the test suite, a Vagrant environment is available at
+https://github.com/processone/ejabberd-vagrant-dev.
+
+To start ejabberd in development mode from the repository directory, you can
+type a command like:
+
+    EJABBERD_CONFIG_PATH=ejabberd.yml erl -pa ebin -pa deps/*/ebin -pa test -pa deps/elixir/lib/*/ebin/ -s ejabberd
+
+Links
+-----
+
+- Documentation: https://docs.ejabberd.im
+- Community site: https://www.ejabberd.im
+- ejabberd commercial offering and support: https://www.process-one.net/en/ejabberd
@@ -1,14 +0,0 @@
-XmppAddr { iso(1) identified-organization(3)	
-           dod(6) internet(1) security(5) mechanisms(5) pkix(7)
-	   id-on(8) id-on-xmppAddr(5) }
-
-DEFINITIONS EXPLICIT TAGS ::=
-BEGIN
-
-id-on-xmppAddr  OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
-                dod(6) internet(1) security(5) mechanisms(5) pkix(7)
-                id-on(8) 5 }
-
-XmppAddr ::= UTF8String
-
-END
@@ -7,4 +7,4 @@ config :ejabberd,

 # Customize Mnesia directory:
 config :mnesia,
-  dir: 'mnesiadb/'
+  dir: 'database/'
@@ -12,9 +12,9 @@ defmodule Ejabberd.ConfigFile do
     language: "en",
     allow_contrib_modules: true,
     hosts: ["localhost"],
-     shaper: shaper,
-     acl: acl,
-     access: access]
+     shaper: shaper(),
+     acl: acl(),
+     access: access()]
  end

  defp shaper do
@@ -61,7 +61,6 @@ defmodule Ejabberd.ConfigFile do
    @opts [
      port: 5280,
      web_admin: true,
-      http_poll: true,
      http_bind: true,
      captcha: true]
  end
@@ -94,9 +93,6 @@ defmodule Ejabberd.ConfigFile do
  module :mod_disco do
  end

-  module :mod_irc do
-  end
-
  module :mod_http_bind do
  end

@@ -135,9 +131,10 @@ defmodule Ejabberd.ConfigFile do
  module :mod_register do
    @opts [welcome_message: [
      subject: "Welcome!",
-      body: "Hi.\nWelcome to this XMPP Server",
+      body: "Hi.\nWelcome to this XMPP Server"
+      ],
      ip_access: :trusted_network,
-      access: :register]]
+      access: :register] 
  end

  module :mod_roster do
@@ -1,667 +0,0 @@
-###
-###               ejabberd configuration file
-###
-###
-
-### The parameters used in this configuration file are explained in more detail
-### in the ejabberd Installation and Operation Guide.
-### Please consult the Guide in case of doubts, it is included with
-### your copy of ejabberd, and is also available online at
-### http://www.process-one.net/en/ejabberd/docs/
-
-### The configuration file is written in YAML.
-### Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
-### However, ejabberd treats different literals as different types:
-###
-### - unquoted or single-quoted strings. They are called "atoms".
-###   Example: dog, 'Jupiter', '3.14159', YELLOW
-###
-### - numeric literals. Example: 3, -45.0, .0
-###
-### - quoted or folded strings.
-###   Examples of quoted string: "Lizzard", "orange".
-###   Example of folded string:
-###   > Art thou not Romeo,
-###     and a Montague?
-
-###   =======
-###   LOGGING
-
-##
-## loglevel: Verbosity of log files generated by ejabberd.
-## 0: No ejabberd log at all (not recommended)
-## 1: Critical
-## 2: Error
-## 3: Warning
-## 4: Info
-## 5: Debug
-##
-loglevel: 4
-
-##
-## rotation: Describe how to rotate logs. Either size and/or date can trigger
-## log rotation. Setting count to N keeps N rotated logs. Setting count to 0
-## does not disable rotation, it instead rotates the file and keeps no previous
-## versions around. Setting size to X rotate log when it reaches X bytes.
-## To disable rotation set the size to 0 and the date to ""
-## Date syntax is taken from the syntax newsyslog uses in newsyslog.conf.
-## Some examples:
-##  $D0     rotate every night at midnight
-##  $D23    rotate every day at 23:00 hr
-##  $W0D23  rotate every week on Sunday at 23:00 hr
-##  $W5D16  rotate every week on Friday at 16:00 hr
-##  $M1D0   rotate on the first day of every month at midnight
-##  $M5D6   rotate on every 5th day of the month at 6:00 hr
-##
-log_rotate_size: 10485760
-log_rotate_date: ""
-log_rotate_count: 1
-
-##
-## overload protection: If you want to limit the number of messages per second
-## allowed from error_logger, which is a good idea if you want to avoid a flood
-## of messages when system is overloaded, you can set a limit.
-## 100 is ejabberd's default.
-log_rate_limit: 100
-
-##
-## watchdog_admins: Only useful for developers: if an ejabberd process
-## consumes a lot of memory, send live notifications to these XMPP
-## accounts.
-##
-## watchdog_admins:
-##   - "bob@example.com"
-
-
-###   ================
-###   SERVED HOSTNAMES
-
-##
-## hosts: Domains served by ejabberd.
-## You can define one or several, for example:
-## hosts:
-##   - "example.net"
-##   - "example.com"
-##   - "example.org"
-##
-hosts:
-  - "localhost"
-
-##
-## route_subdomains: Delegate subdomains to other XMPP servers.
-## For example, if this ejabberd serves example.org and you want
-## to allow communication with an XMPP server called im.example.org.
-##
-## route_subdomains: s2s
-
-###   ===============
-###   LISTENING PORTS
-
-##
-## listen: The ports ejabberd will listen on, which service each is handled
-## by and what options to start it with.
-##
-listen:
-  -
-    port: 5222
-    module: ejabberd_c2s
-    ##
-    ## If TLS is compiled in and you installed a SSL
-    ## certificate, specify the full path to the
-    ## file and uncomment these lines:
-    ##
-    ## certfile: "/path/to/ssl.pem"
-    ## starttls: true
-    ##
-    ## To enforce TLS encryption for client connections,
-    ## use this instead of the "starttls" option:
-    ##
-    ## starttls_required: true
-    ##
-    ## Custom OpenSSL options
-    ##
-    ## protocol_options:
-    ##   - "no_sslv3"
-    ##   - "no_tlsv1"
-    max_stanza_size: 65536
-    shaper: c2s_shaper
-    access: c2s
-  -
-    port: 5269
-    module: ejabberd_s2s_in
-  ##
-  ## ejabberd_service: Interact with external components (transports, ...)
-  ##
-  ## -
-  ##   port: 8888
-  ##   module: ejabberd_service
-  ##   access: all
-  ##   shaper_rule: fast
-  ##   ip: "127.0.0.1"
-  ##   hosts:
-  ##     "icq.example.org":
-  ##       password: "secret"
-  ##     "sms.example.org":
-  ##       password: "secret"
-
-  ##
-  ## ejabberd_stun: Handles STUN Binding requests
-  ##
-  ## -
-  ##   port: 3478
-  ##   transport: udp
-  ##   module: ejabberd_stun
-
-  ##
-  ## To handle XML-RPC requests that provide admin credentials:
-  ##
-  ## -
-  ##   port: 4560
-  ##   module: ejabberd_xmlrpc
-  -
-    port: 5280
-    module: ejabberd_http
-    ## request_handlers:
-    ##   "/pub/archive": mod_http_fileserver
-    web_admin: true
-    http_poll: true
-    http_bind: true
-    ## register: true
-    captcha: true
-
-##
-## s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
-## Allowed values are: false optional required required_trusted
-## You must specify a certificate file.
-##
-## s2s_use_starttls: optional
-
-##
-## s2s_certfile: Specify a certificate file.
-##
-## s2s_certfile: "/path/to/ssl.pem"
-
-## Custom OpenSSL options
-##
-## s2s_protocol_options:
-##   - "no_sslv3"
-##   - "no_tlsv1"
-
-##
-## domain_certfile: Specify a different certificate for each served hostname.
-##
-## host_config:
-##   "example.org":
-##     domain_certfile: "/path/to/example_org.pem"
-##   "example.com":
-##     domain_certfile: "/path/to/example_com.pem"
-
-##
-## S2S whitelist or blacklist
-##
-## Default s2s policy for undefined hosts.
-##
-## s2s_access: s2s
-
-##
-## Outgoing S2S options
-##
-## Preferred address families (which to try first) and connect timeout
-## in milliseconds.
-##
-## outgoing_s2s_families:
-##   - ipv4
-##   - ipv6
-## outgoing_s2s_timeout: 10000
-
-###   ==============
-###   AUTHENTICATION
-
-##
-## auth_method: Method used to authenticate the users.
-## The default method is the internal.
-## If you want to use a different method,
-## comment this line and enable the correct ones.
-##
-auth_method: internal
-
-##
-## Store the plain passwords or hashed for SCRAM:
-## auth_password_format: plain
-## auth_password_format: scram
-##
-## Define the FQDN if ejabberd doesn't detect it:
-## fqdn: "server3.example.com"
-
-##
-## Authentication using external script
-## Make sure the script is executable by ejabberd.
-##
-## auth_method: external
-## extauth_program: "/path/to/authentication/script"
-
-##
-## Authentication using ODBC
-## Remember to setup a database in the next section.
-##
-## auth_method: odbc
-
-##
-## Authentication using PAM
-##
-## auth_method: pam
-## pam_service: "pamservicename"
-
-##
-## Authentication using LDAP
-##
-## auth_method: ldap
-##
-## List of LDAP servers:
-## ldap_servers:
-##   - "localhost"
-##
-## Encryption of connection to LDAP servers:
-## ldap_encrypt: none
-## ldap_encrypt: tls
-##
-## Port to connect to on LDAP servers:
-## ldap_port: 389
-## ldap_port: 636
-##
-## LDAP manager:
-## ldap_rootdn: "dc=example,dc=com"
-##
-## Password of LDAP manager:
-## ldap_password: "******"
-##
-## Search base of LDAP directory:
-## ldap_base: "dc=example,dc=com"
-##
-## LDAP attribute that holds user ID:
-## ldap_uids:
-##   - "mail": "%u@mail.example.org"
-##
-## LDAP filter:
-## ldap_filter: "(objectClass=shadowAccount)"
-
-##
-## Anonymous login support:
-##   auth_method: anonymous
-##   anonymous_protocol: sasl_anon | login_anon | both
-##   allow_multiple_connections: true | false
-##
-## host_config:
-##   "public.example.org":
-##     auth_method: anonymous
-##     allow_multiple_connections: false
-##     anonymous_protocol: sasl_anon
-##
-## To use both anonymous and internal authentication:
-##
-## host_config:
-##   "public.example.org":
-##     auth_method:
-##       - internal
-##       - anonymous
-
-###   ==============
-###   DATABASE SETUP
-
-## ejabberd by default uses the internal Mnesia database,
-## so you do not necessarily need this section.
-## This section provides configuration examples in case
-## you want to use other database backends.
-## Please consult the ejabberd Guide for details on database creation.
-
-##
-## MySQL server:
-##
-## odbc_type: mysql
-## odbc_server: "server"
-## odbc_database: "database"
-## odbc_username: "username"
-## odbc_password: "password"
-##
-## If you want to specify the port:
-## odbc_port: 1234
-
-##
-## PostgreSQL server:
-##
-## odbc_type: pgsql
-## odbc_server: "server"
-## odbc_database: "database"
-## odbc_username: "username"
-## odbc_password: "password"
-##
-## If you want to specify the port:
-## odbc_port: 1234
-##
-## If you use PostgreSQL, have a large database, and need a
-## faster but inexact replacement for "select count(*) from users"
-##
-## pgsql_users_number_estimate: true
-
-##
-## ODBC compatible or MSSQL server:
-##
-## odbc_type: odbc
-## odbc_server: "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"
-
-##
-## Number of connections to open to the database for each virtual host
-##
-## odbc_pool_size: 10
-
-##
-## Interval to make a dummy SQL request to keep the connections to the
-## database alive. Specify in seconds: for example 28800 means 8 hours
-##
-## odbc_keepalive_interval: undefined
-
-###   ===============
-###   TRAFFIC SHAPERS
-
-shaper:
-  ##
-  ## The "normal" shaper limits traffic speed to 1000 B/s
-  ##
-  normal: 1000
-
-  ##
-  ## The "fast" shaper limits traffic speed to 50000 B/s
-  ##
-  fast: 50000
-
-##
-## This option specifies the maximum number of elements in the queue
-## of the FSM. Refer to the documentation for details.
-##
-max_fsm_queue: 1000
-
-###.   ====================
-###'   ACCESS CONTROL LISTS
-acl:
-  ##
-  ## The 'admin' ACL grants administrative privileges to XMPP accounts.
-  ## You can put here as many accounts as you want.
-  ##
-  ## admin:
-  ##   user:
-  ##     - "aleksey": "localhost"
-  ##     - "ermine": "example.org"
-  ##
-  ## Blocked users
-  ##
-  ## blocked:
-  ##   user:
-  ##     - "baduser": "example.org"
-  ##     - "test"
-
-  ## Local users: don't modify this.
-  ##
-  local:
-    user_regexp: ""
-
-  ##
-  ## More examples of ACLs
-  ##
-  ## jabberorg:
-  ##   server:
-  ##     - "jabber.org"
-  ## aleksey:
-  ##   user:
-  ##     - "aleksey": "jabber.ru"
-  ## test:
-  ##   user_regexp: "^test"
-  ##   user_glob: "test*"
-
-  ##
-  ## Loopback network
-  ##
-  loopback:
-    ip:
-      - "127.0.0.0/8"
-
-  ##
-  ## Bad XMPP servers
-  ##
-  ## bad_servers:
-  ##   server:
-  ##     - "xmpp.zombie.org"
-  ##     - "xmpp.spam.com"
-
-##
-## Define specific ACLs in a virtual host.
-##
-## host_config:
-##   "localhost":
-##     acl:
-##       admin:
-##         user:
-##           - "bob-local": "localhost"
-
-###   ============
-###   ACCESS RULES
-access:
-  ## Maximum number of simultaneous sessions allowed for a single user:
-  max_user_sessions:
-    all: 10
-  ## Maximum number of offline messages that users can have:
-  max_user_offline_messages:
-    admin: 5000
-    all: 100
-  ## This rule allows access only for local users:
-  local:
-    local: allow
-  ## Only non-blocked users can use c2s connections:
-  c2s:
-    blocked: deny
-    all: allow
-  ## For C2S connections, all users except admins use the "normal" shaper
-  c2s_shaper:
-    admin: none
-    all: normal
-  ## All S2S connections use the "fast" shaper
-  s2s_shaper:
-    all: fast
-  ## Only admins can send announcement messages:
-  announce:
-    admin: allow
-  ## Only admins can use the configuration interface:
-  configure:
-    admin: allow
-  ## Admins of this server are also admins of the MUC service:
-  muc_admin:
-    admin: allow
-  ## Only accounts of the local ejabberd server can create rooms:
-  muc_create:
-    local: allow
-  ## All users are allowed to use the MUC service:
-  muc:
-    all: allow
-  ## Only accounts on the local ejabberd server can create Pubsub nodes:
-  pubsub_createnode:
-    local: allow
-  ## In-band registration allows registration of any possible username.
-  ## To disable in-band registration, replace 'allow' with 'deny'.
-  register:
-    all: allow
-  ## Only allow to register from localhost
-  trusted_network:
-    loopback: allow
-  ## Do not establish S2S connections with bad servers
-  ## s2s:
-  ##   bad_servers: deny
-  ##   all: allow
-
-## By default the frequency of account registrations from the same IP
-## is limited to 1 account every 10 minutes. To disable, specify: infinity
-## registration_timeout: 600
-
-##
-## Define specific Access Rules in a virtual host.
-##
-## host_config:
-##   "localhost":
-##     access:
-##       c2s:
-##         admin: allow
-##         all: deny
-##       register:
-##         all: deny
-
-###   ================
-###   DEFAULT LANGUAGE
-
-##
-## language: Default language used for server messages.
-##
-language: "en"
-
-##
-## Set a different default language in a virtual host.
-##
-## host_config:
-##   "localhost":
-##     language: "ru"
-
-###   =======
-###   CAPTCHA
-
-##
-## Full path to a script that generates the image.
-##
-## captcha_cmd: "/lib/ejabberd/priv/bin/captcha.sh"
-
-##
-## Host for the URL and port where ejabberd listens for CAPTCHA requests.
-##
-## captcha_host: "example.org:5280"
-
-##
-## Limit CAPTCHA calls per minute for JID/IP to avoid DoS.
-##
-## captcha_limit: 5
-
-###   =======
-###   MODULES
-
-##
-## Modules enabled in all ejabberd virtual hosts.
-##
-modules:
-  mod_adhoc: {}
-  ## mod_admin_extra: {}
-  mod_announce: # recommends mod_adhoc
-    access: announce
-  mod_blocking: {} # requires mod_privacy
-  mod_caps: {}
-  mod_carboncopy: {}
-  mod_client_state:
-    queue_chat_states: true
-    queue_presence: false
-  mod_configure: {} # requires mod_adhoc
-  mod_disco: {}
-  ## mod_echo: {}
-  mod_irc: {}
-  mod_http_bind: {}
-  ## mod_http_fileserver:
-  ##   docroot: "/var/www"
-  ##   accesslog: "/var/log/ejabberd/access.log"
-  mod_last: {}
-  mod_muc:
-    ## host: "conference.@HOST@"
-    access: muc
-    access_create: muc_create
-    access_persistent: muc_create
-    access_admin: muc_admin
-  ## mod_muc_log: {}
-  mod_offline:
-    access_max_user_messages: max_user_offline_messages
-  mod_ping: {}
-  ## mod_pres_counter:
-  ##   count: 5
-  ##   interval: 60
-  mod_privacy: {}
-  mod_private: {}
-  ## mod_proxy65: {}
-  mod_pubsub:
-    access_createnode: pubsub_createnode
-    ## reduces resource comsumption, but XEP incompliant
-    ignore_pep_from_offline: true
-    ## XEP compliant, but increases resource comsumption
-    ## ignore_pep_from_offline: false
-    last_item_cache: false
-    plugins:
-      - "flat"
-      - "hometree"
-      - "pep" # pep requires mod_caps
-  mod_register:
-    ##
-    ## Protect In-Band account registrations with CAPTCHA.
-    ##
-    ## captcha_protected: true
-
-    ##
-    ## Set the minimum informational entropy for passwords.
-    ##
-    ## password_strength: 32
-
-    ##
-    ## After successful registration, the user receives
-    ## a message with this subject and body.
-    ##
-    welcome_message:
-      subject: "Welcome!"
-      body: |-
-        Hi.
-        Welcome to this XMPP server.
-
-    ##
-    ## When a user registers, send a notification to
-    ## these XMPP accounts.
-    ##
-    ## registration_watchers:
-    ##   - "admin1@example.org"
-
-    ##
-    ## Only clients in the server machine can register accounts
-    ##
-    ip_access: trusted_network
-
-    ##
-    ## Local c2s or remote s2s users cannot register accounts
-    ##
-    ## access_from: deny
-
-    access: register
-  mod_roster: {}
-  mod_shared_roster: {}
-  mod_stats: {}
-  mod_time: {}
-  mod_vcard: {}
-  mod_version: {}
-
-##
-## Enable modules with custom options in a specific virtual host
-##
-## host_config:
-##   "localhost":
-##     modules:
-##       mod_echo:
-##         host: "mirror.localhost"
-
-##
-## Enable modules management via ejabberdctl for installation and
-## uninstallation of public/private contributed modules
-## (enabled by default)
-##
-
-allow_contrib_modules: true
-
-### Local Variables:
-### mode: yaml
-### End:
-### vim: set filetype=yaml tabstop=8
@@ -3,7 +3,7 @@

 AC_PREREQ(2.53)
 AC_INIT(ejabberd, m4_esyscmd([echo `git describe --tags 2>/dev/null || echo 0.0` | sed 's/-g.*//;s/-/./' | tr -d '\012']), [ejabberd@process-one.net], [ejabberd])
-REQUIRE_ERLANG_MIN="6.4 (Erlang/OTP 17.5)"
+REQUIRE_ERLANG_MIN="8.3 (Erlang/OTP 19.3)"
 REQUIRE_ERLANG_MAX="100.0.0 (No Max)"

 AC_CONFIG_MACRO_DIR([m4])
@@ -84,6 +84,14 @@ AC_ARG_ENABLE(roster_gateway_workaround,
  *) AC_MSG_ERROR(bad value ${enableval} for --enable-roster-gateway-workaround) ;;
 esac],[roster_gateway_workaround=false])

+AC_ARG_ENABLE(new_sql_schema,
+[AC_HELP_STRING([--enable-new-sql-schema], [use new SQL schema (default: no)])],
+[case "${enableval}" in
+  yes) new_sql_schema=true ;;
+  no)  new_sql_schema=false ;;
+  *) AC_MSG_ERROR(bad value ${enableval} for --enable-new-sql-schema) ;;
+esac],[new_sql_schema=false])
+
 AC_ARG_ENABLE(full_xml,
 [AC_HELP_STRING([--enable-full-xml], [use XML features in XMPP stream (ex: CDATA) (default: no, requires XML compliant clients)])],
 [case "${enableval}" in
@@ -101,10 +109,10 @@ AC_ARG_ENABLE(mssql,
 esac],[db_type=generic])

 AC_ARG_ENABLE(all,
-[AC_HELP_STRING([--enable-all], [same as --enable-odbc --enable-mysql --enable-pgsql --enable-sqlite --enable-pam --enable-zlib --enable-riak --enable-redis --enable-elixir --enable-iconv --enable-stun --enable-sip --enable-debug --enable-tools (useful for Dialyzer checks, default: no)])],
+[AC_HELP_STRING([--enable-all], [same as --enable-odbc --enable-mysql --enable-pgsql --enable-sqlite --enable-pam --enable-zlib --enable-redis --enable-elixir --enable-stun --enable-sip --enable-debug --enable-tools (useful for Dialyzer checks, default: no)])],
 [case "${enableval}" in
-  yes) odbc=true mysql=true pgsql=true sqlite=true pam=true zlib=true riak=true redis=true elixir=true iconv=true stun=true sip=true debug=true tools=true ;;
-  no) odbc=false mysql=false pgsql=false sqlite=false pam=false zlib=false riak=false redis=false elixir=false iconv=false stun=false sip=false debug=false tools=false ;;
+  yes) odbc=true mysql=true pgsql=true sqlite=true pam=true zlib=true redis=true elixir=true stun=true sip=true debug=true tools=true ;;
+  no) odbc=false mysql=false pgsql=false sqlite=false pam=false zlib=false redis=false elixir=false stun=false sip=false debug=false tools=false ;;
  *) AC_MSG_ERROR(bad value ${enableval} for --enable-all) ;;
 esac],[])

@@ -164,14 +172,6 @@ AC_ARG_ENABLE(zlib,
  *) AC_MSG_ERROR(bad value ${enableval} for --enable-zlib) ;;
 esac],[if test "x$zlib" = "x"; then zlib=true; fi])

-AC_ARG_ENABLE(riak,
-[AC_HELP_STRING([--enable-riak], [enable Riak support (default: no)])],
-[case "${enableval}" in
-  yes) riak=true ;;
-  no)  riak=false ;;
-  *) AC_MSG_ERROR(bad value ${enableval} for --enable-riak) ;;
-esac],[if test "x$riak" = "x"; then riak=false; fi])
-
 AC_ARG_ENABLE(redis,
 [AC_HELP_STRING([--enable-redis], [enable Redis support (default: no)])],
 [case "${enableval}" in
@@ -188,14 +188,6 @@ AC_ARG_ENABLE(elixir,
  *) AC_MSG_ERROR(bad value ${enableval} for --enable-elixir) ;;
 esac],[if test "x$elixir" = "x"; then elixir=false; fi])

-AC_ARG_ENABLE(iconv,
-[AC_HELP_STRING([--enable-iconv], [enable iconv support (default: yes)])],
-[case "${enableval}" in
-  yes) iconv=true ;;
-  no)  iconv=false ;;
-  *) AC_MSG_ERROR(bad value ${enableval} for --enable-iconv) ;;
-esac],[if test "x$iconv" = "x"; then iconv=true; fi])
-
 AC_ARG_ENABLE(debug,
 [AC_HELP_STRING([--enable-debug], [enable debug information (default: yes)])],
 [case "${enableval}" in
@@ -236,14 +228,6 @@ AC_ARG_ENABLE(sip,
  *) AC_MSG_ERROR(bad value ${enableval} for --enable-sip) ;;
 esac],[if test "x$sip" = "x"; then sip=false; fi])

-AC_ARG_ENABLE(graphics,
-[AC_HELP_STRING([--enable-graphics], [enable support for graphic images manipulation (default: yes)])],
-[case "${enableval}" in
-  yes) graphics=true ;;
-  no)  graphics=false ;;
-  *) AC_MSG_ERROR(bad value ${enableval} for --enable-graphics) ;;
-esac],[if test "x$graphics" = "x"; then graphics=true; fi])
-
 AC_CONFIG_FILES([Makefile
 		 vars.config
 		 src/ejabberd.app.src])
@@ -261,8 +245,19 @@ if test "$ENABLEUSER" != ""; then
  echo "allow this system user to start ejabberd: $ENABLEUSER"
  AC_SUBST([INSTALLUSER], [$ENABLEUSER])
 fi
-
-ERLANG_DEPRECATED_TYPES_CHECK
+ENABLEGROUP=""
+AC_ARG_ENABLE(group,
+  [AS_HELP_STRING([--enable-group[[[[=GROUP]]]]], [allow this system group to start ejabberd (default: no)])],
+  [case "${enableval}" in
+     yes) ENABLEGROUP=`groups |head -n 1` ;;
+     no) ENABLEGROUP="" ;;
+     *) ENABLEGROUP=$enableval
+   esac],
+  [])
+if test "$ENABLEGROUP" != ""; then
+  echo "allow this system group to start ejabberd: $ENABLEGROUP"
+  AC_SUBST([INSTALLGROUP], [$ENABLEGROUP])
+fi

 if test "$sqlite" = "true"; then
   AX_LIB_SQLITE3([3.6.19])
@@ -271,8 +266,20 @@ if test "$sqlite" = "true"; then
   fi
 fi

+enabled_backends=""
+for backend in odbc mysql pgsql sqlite redis; do
+    if eval test x\${$backend} = xtrue; then
+       if test "x$enabled_backends" = "x"; then
+          enabled_backends=$backend
+       else
+          enabled_backends="$enabled_backends, $backend"
+       fi
+    fi
+done
+
 AC_SUBST(hipe)
 AC_SUBST(roster_gateway_workaround)
+AC_SUBST(new_sql_schema)
 AC_SUBST(full_xml)
 AC_SUBST(db_type)
 AC_SUBST(odbc)
@@ -281,19 +288,17 @@ AC_SUBST(pgsql)
 AC_SUBST(sqlite)
 AC_SUBST(pam)
 AC_SUBST(zlib)
-AC_SUBST(riak)
 AC_SUBST(redis)
 AC_SUBST(elixir)
-AC_SUBST(iconv)
 AC_SUBST(stun)
 AC_SUBST(sip)
 AC_SUBST(debug)
-AC_SUBST(graphics)
 AC_SUBST(tools)
 AC_SUBST(latest_deps)
 AC_SUBST(system_deps)
 AC_SUBST(CFLAGS)
 AC_SUBST(CPPFLAGS)
 AC_SUBST(LDFLAGS)
+AC_SUBST(enabled_backends)

 AC_OUTPUT
@@ -1,402 +0,0 @@
-ejabberd container
-
- [Introduction](#introduction)
-    - [Version](#version)
- [Quick Start](#quick-start)
- [Usage](#usage)
-    - [Persistence](#persistence)
-    - [SSL Certificates](#ssl-certificates)
-    - [Base Image](#base-image)
-    - [Cluster Example](#cluster-example)
- [Runtime Configuration](#runtime-configuration)
-    - [Served Hostnames](#served-hostnames)
-    - [Authentication](#authentication)
-    - [Admins](#admins)
-    - [Users](#users)
-    - [SSL](#ssl)
-    - [Erlang](#erlang)
-    - [Modules](#modules)
-    - [Logging](#logging)
-    - [Mount Configurations](#mount-configurations)
- [Maintenance](#maintenance)
-    - [Register Users](#register-users)
-    - [Creating Backups](#creating-backups)
-    - [Restoring Backups](#restoring-backups)
- [Debug](#debug)
-    - [Erlang Shell](#erlang-shell)
-    - [System Shell](#system-shell)
-    - [System Commands](#system-commands)
- [Exposed Ports](#exposed-ports)
-
-# Introduction
-
-This [ejabberd][] docker container is based on the work done by [rroemhild][]. See more [in this blogpost][].
-This container includes the necessary files to build your own containerized ejabberd,
-but *IT IS NOT* used to generate official images on the docker [hub][].
-This container is not maintained by [ProcessOne][].
-
-[ProcessOne][] provides and maintain official containers on the docker [hub][], which targets developers for now and will becomes production ready in a near future.
-These [new containers] allow to build and run ejabberd in a simple and lightweight environment.
-
-[ejabberd]: https://www.ejabberd.im/
-[rroemhild]: https://github.com/rroemhild/docker-ejabberd/
-[in this blogpost]: https://blog.process-one.net/ejabberd-16-12/
-[hub]: https://hub.docker.com/r/ejabberd/ecs/
-[new containers]: https://github.com/processone/docker-ejabberd/
-[ProcessOne]: https://www.process-one.net/
-
-## Version
-
-Current Version: `17.08`
-
-Docker Tag Names are based on ejabberd versions in git [branches][] and [tags][]. The image tag `:latest` is based on the master branch.
-
-[tags]: https://github.com/rroemhild/docker-ejabberd/tags
-[branches]: https://github.com/rroemhild/docker-ejabberd/branches
-
-# Quick Start
-
-You can start of with the following container:
-
-```bash
-docker run -d \
-    --name "ejabberd" \
-    -p 5222:5222 \
-    -p 5269:5269 \
-    -p 5280:5280 \
-    -h 'xmpp.example.de' \
-    -e "XMPP_DOMAIN=example.de" \
-    -e "ERLANG_NODE=ejabberd" \
-    -e "EJABBERD_ADMINS=admin@example.de admin2@example.de" \
-    -e "EJABBERD_USERS=admin@example.de:password1234 admin2@example.de" \
-    -e "TZ=Europe/Berlin" \
-    rroemhild/ejabberd
-```
-
-or with the [docker-compose](examples/docker-compose/docker-compose.yml) example
-
-```bash
-wget https://raw.githubusercontent.com/rroemhild/docker-ejabberd/master/examples/docker-compose/docker-compose.yml
-docker-compose up
-```
-
-# Usage
-
-## Persistence
-
-For storage of the application data, you can mount volumes at
-
-* `/opt/ejabberd/ssl`
-* `/opt/ejabberd/backup`
-* `/opt/ejabberd/upload`
-* `/opt/ejabberd/database`
-
-or use a data container
-
-```bash
-docker create --name ejabberd-data rroemhild/ejabberd-data
-docker run -d --name ejabberd --volumes-from ejabberd-data rroemhild/ejabberd
-```
-
-## SSL Certificates
-
-TLS is enabled by default and the run script will auto-generate two snake-oil certificates during boot if you don't provide your SSL certificates.
-
-To use your own certificates, there are two options.
-
-1. Mount the volume `/opt/ejabberd/ssl` to a local directory with the `.pem` files:
-
-    * /tmp/ssl/host.pem (SERVER_HOSTNAME)
-    * /tmp/ssl/xmpp_domain.pem (XMPP_DOMAIN)
-
-    Make sure that the certificate and private key are in one `.pem` file. If one file is missing it will be auto-generated. I.e. you can provide your certificate for your **XMMP_DOMAIN** and use a snake-oil certificate for the `SERVER_HOSTNAME`.
-
-2. Specify the certificates via environment variables: **EJABBERD_SSLCERT_HOST** and **EJABBERD_SSLCERT_EXAMPLE_COM**. For the
-domain certificates, make sure you match the domain names given in **XMPP_DOMAIN** and replace dots and dashes with underscore.
-
-## Base Image
-
-Build your own ejabberd container image and add your config templates, certificates or [extend](#cluster-example) it for your needs.
-
-```
-FROM rroemhild/ejabberd
-ADD ./ejabberd.yml.tpl /opt/ejabberd/conf/ejabberd.yml.tpl
-ADD ./ejabberdctl.cfg.tpl /opt/ejabberd/conf/ejabberdctl.cfg.tpl
-ADD ./example.com.pem /opt/ejabberd/ssl/example.com.pem
-```
-
-If you need root privileges switch to `USER root` and go back to `USER ejabberd` when you're done.
-
-## Cluster Example
-
-The [docker-compose-cluster](examples/docker-compose-cluster) example demonstrates how to extend this container image to setup a multi-master cluster.
-
-# Runtime Configuration
-
-You can additionally provide extra runtime configuration in a downstream image by replacing the config template `ejabberd.yml.tpl` with one based on this image's template and include extra interpolation of environment variables. The template is parsed by Jinja2 with the runtime environment (equivalent to Python's `os.environ` available as `env`).
-
-## Served Hostnames
-
-By default the container will serve the XMPP domain `localhost`. In order to serve a different domain at runtime, provide the **XMPP_DOMAIN** variable with a domain name. You can add more domains separated with whitespace.
-
-```
-XMPP_DOMAIN=example.ninja xyz.io test.com
-```
-
-## Authentication
-
-Authentication methods can be set with the **EJABBERD_AUTH_METHOD** environment variable. The default authentication mode is `internal`.
-
-Supported authentication methods:
-
-* anonymous
-* internal
-* external
-* ldap
-
-Internal and anonymous authentication example:
-
-```
-EJABBERD_AUTH_METHOD=internal anonymous
-```
-
-[External authentication](http://docs.ejabberd.im/admin/guide/configuration/#external-script) example:
-```
-EJABBERD_AUTH_METHOD=external
-EJABBERD_EXTAUTH_PROGRAM="/opt/ejabberd/scripts/authenticate-user.sh"
-EJABBERD_EXTAUTH_INSTANCES=3
-EJABBERD_EXTAUTH_CACHE=600
-```
-**EJABBERD_EXTAUTH_INSTANCES** must be an integer with a minimum value of 1. **EJABBERD_EXTAUTH_CACHE** can be set to "false" or an integer value representing cache time in seconds. Note that caching should not be enabled if internal auth is also enabled.
-
-### Password format
-
-The variable `EJABBERD_AUTH_PASSWORD_FORMAT` controls in which format user passwords are
-stored. Possible values are `plain` and `scram`. The default is to store
-[SCRAM](https://en.wikipedia.org/wiki/Salted_Challenge_Response_Authentication_Mechanism)bled
-passwords, meaning that it is impossible to obtain the original plain password from the
-stored information.
-
-NOTE: SCRAM does not work with SIP/TURN foreign authentication methods. In this case, you
-may have to disable the option. More details can be found here:
-https://docs.ejabberd.im/admin/configuration/#internal
-
-If using SCRAM with an SQL database that has plaintext passwords stored, use the command
-
-```
-ejabberdctl convert_to_scram example.org
-```
-
-to convert all your existing plaintext passwords to scrambled format.
-
-### MySQL Authentication
-
-Set `EJABBERD_AUTH_METHOD=external` and `EJABBERD_EXTAUTH_PROGRAM=/opt/ejabberd/scripts/lib/auth_mysql.py` to enable MySQL authentication. Use the following environment variables to configure the database connection and the layout of the database. Password changing, registration, and unregistration are optional features and are enabled only if the respective queries are provided.
-
- **AUTH_MYSQL_HOST**: The MySQL host
- **AUTH_MYSQL_USER**: Username to connect to the MySQL host
- **AUTH_MYSQL_PASSWORD**: Password to connect to the MySQL host
- **AUTH_MYSQL_DATABASE**: Database name where to find the user information
- **AUTH_MYSQL_HASHALG**: Format of the password in the database. Default is cleartext. Options are `crypt`, `md5`, `sha1`, `sha224`, `sha256`, `sha384`, `sha512`. `crypt` is recommended, as it is salted. When setting the password, `crypt` uses SHA-512 (prefix `$6$`).
- **AUTH_MYSQL_QUERY_GETPASS**: Get the password for a user. Use the placeholders `%(user)s`, `%(host)s`. Example: `SELECT password FROM users WHERE username = CONCAT(%(user)s, '@', %(host)s)`
- **AUTH_MYSQL_QUERY_SETPASS**: Update the password for a user. Leave empty to disable. Placeholder `%(password)s` contains the hashed password. Example: `UPDATE users SET password = %(password)s WHERE username = CONCAT(%(user)s, '@', %(host)s)`
- **AUTH_MYSQL_QUERY_REGISTER**: Register a new user. Leave empty to disable. Example: `INSERT INTO users ( username, password ) VALUES ( CONCAT(%(user)s, '@', %(host)s), %(password)s )`
- **AUTH_MYSQL_QUERY_UNREGISTER**: Removes a user. Leave empty to disable. Example: `DELETE FROM users WHERE username = CONCAT(%(user)s, '@', %(host)s)`
-
-Note that the MySQL authentication script writes a debug log into the file `/var/log/ejabberd/extauth.log`. To get its content, execute the following command:
-
-```bash
-docker exec -ti ejabberd tail -n50 -f /var/log/ejabberd/extauth.log
-```
-
-To find out more about the mysql authentication script, check out the [ejabberd-auth-mysql](https://github.com/rankenstein/ejabberd-auth-mysql) repository.
-
-### LDAP Auth
-
-Full documentation http://docs.ejabberd.im/admin/guide/configuration/#ldap.
-
-Connection
-
- **EJABBERD_LDAP_SERVERS**: List of IP addresses or DNS names of your LDAP servers. This option is required.
- **EJABBERD_LDAP_ENCRYPT**: The value `tls` enables encryption by using LDAP over SSL. The default value is: `none`.
- **EJABBERD_LDAP_TLS_VERIFY**: `false|soft|hard` This option specifies whether to verify LDAP server certificate or not when TLS is enabled. The default is `false` which means no checks are performed.
- **EJABBERD_LDAP_TLS_CACERTFILE**: Path to file containing PEM encoded CA certificates.
- **EJABBERD_LDAP_TLS_DEPTH**: Specifies the maximum verification depth when TLS verification is enabled. The default value is 1.
- **EJABBERD_LDAP_PORT**: The default port is `389` if encryption is disabled; and `636` if encryption is enabled.
- **EJABBERD_LDAP_ROOTDN**: Bind DN. The default value is "" which means ‘anonymous connection’.
- **EJABBERD_LDAP_PASSWORD**: Bind password. The default value is "".
- **EJABBERD_LDAP_DEREF_ALIASES**: `never|always|finding|searching`
-   Whether or not to dereference aliases. The default is `never`.
-
-Authentication
-
- **EJABBERD_LDAP_BASE**: LDAP base directory which stores users accounts. This option is required.
- **EJABBERD_LDAP_UIDS**: `ldap_uidattr:ldap_uidattr_format` The default attributes are `uid:%u`.
- **EJABBERD_LDAP_FILTER**: RFC 4515 LDAP filter. The default Filter value is undefined.
- **EJABBERD_LDAP_DN_FILTER**: `{ Filter: FilterAttrs }` This filter is applied on the results returned by the main filter. By default ldap_dn_filter is undefined.
-
-## Admins
-
-Set one or more admin user (seperated by whitespace) with the **EJABBERD_ADMINS** environment variable. You can register admin users with the **EJABBERD_USERS** environment variable during container startup, use you favorite XMPP client or the `ejabberdctl` command line utility.
-
-```
-EJABBERD_ADMINS=admin@example.ninja
-```
-
-## Users
-
-Automatically register users during container startup. Uses random password if you don't provide a password for the user. Format is `JID:PASSWORD`. Register more users separated with whitespace.
-
-Register the admin user from **EJABBERD_ADMINS** with a give password:
-
-```
-EJABBERD_USERS=admin@example.ninja:password1234
-```
-
-Or without a random password printed to stdout (check container logs):
-
-```
-EJABBERD_USERS=admin@example.ninja
-```
-
-Register more than one user:
-
-```
-EJABBERD_USERS=admin@example.ninja:password1234 user1@test.com user1@xyz.io
-```
-
-## SSL
- **EJABBERD_SKIP_MAKE_SSLCERT**: Skip generating ssl certificates. Default: false
- **EJABBERD_SSLCERT_HOST**: SSL Certificate for the hostname.
- **EJABBERD_SSLCERT_EXAMPLE_COM**: SSL Certificates for XMPP domains.
- **EJABBERD_STARTTLS**: Set to `false` to disable StartTLS for client to server connections. Defaults
- to `true`.
- **EJABBERD_S2S_SSL**: Set to `false` to disable SSL in server 2 server connections. Defaults to `true`.
- **EJABBERD_HTTPS**: If your proxy terminates SSL you may want to disable HTTPS on port 5280 and 5443. Defaults to `true`.
- **EJABBERD_PROTOCOL_OPTIONS_TLSV1**: Allow TLSv1 protocol. Defaults to `false`.
- **EJABBERD_PROTOCOL_OPTIONS_TLSV1_1**: Allow TLSv1.1 protocol. Defaults to `true`.
- **EJABBERD_CIPHERS**: Cipher suite. Defaults to `HIGH:!aNULL:!3DES`.
- **EJABBERD_DHPARAM**: Set to `true` to use or generate custom DH parameters. Defaults to `false`.
- **EJABBERD_SKIP_MAKE_DHPARAM**: Skip generating DH params. Default: false
-
-## Erlang
- **ERLANG_NODE**: Allows to explicitly specify erlang node for ejabberd. Set to `ejabberd` lets erlang add the hostname. Defaults to `ejabberd@localhost`.
- **ERLANG_COOKIE**: Set erlang cookie. Defaults to auto-generated cookie.
- **ERLANG_OPTIONS**: Overwrite additional options passed to erlang while starting ejabberd.
-
-## Modules
- **EJABBERD_SKIP_MODULES_UPDATE**: If you do not need to update ejabberd modules specs, skip the update task and speedup start. Defaults to `false`.
- **EJABBERD_MOD_MUC_ADMIN**: Activate the mod_muc_admin module. Defaults to `false`.
- **EJABBERD_MOD_ADMIN_EXTRA**: Activate the mod_muc_admin module. Defaults to `true`.
- **EJABBERD_REGISTER_TRUSTED_NETWORK_ONLY**: Only allow user registration from the trusted_network access rule. Defaults to `true`.
- **EJABBERD_MOD_VERSION**: Activate the mod_version module. Defaults to `true`.
- **EJABBERD_SOURCE_MODULES**: List of modules, which will be installed from sources localized in ${EJABBERD_HOME}/module_source.
- **EJABBERD_CONTRIB_MODULES**: List of modules, which will be installed from contrib repository.
- **EJABBERD_RESTART_AFTER_MODULE_INSTALL**: If any modules were installed, restart the server, if the option is enabled.
- **EJABBERD_CUSTOM_AUTH_MODULE_OVERRIDE**: If a custom module was defined for handling auth, we need to override the pre-defined auth methods in the config.
-
-## Logging
-
-Use the **EJABBERD_LOGLEVEL** environment variable to set verbosity. Defaults to `4` (Info).
-
-```
-loglevel: Verbosity of log files generated by ejabberd.
-0: No ejabberd log at all (not recommended)
-1: Critical
-2: Error
-3: Warning
-4: Info
-5: Debug
-```
-
-## Mount Configurations
-
-If you prefer to use your own configuration files and avoid passing docker environment variables (```-e```), you can do so by mounting a host directory.
-Pass in an additional ```-v``` to the ```docker run``` command, like so:
-```
-docker run -d \
-    --name "ejabberd" \
-    -p 5222:5222 \
-    -p 5269:5269 \
-    -p 5280:5280 \
-    -h 'xmpp.example.de' \
-    -v /<host_path>/conf:/opt/ejabberd/conf \
-    rroemhild/ejabberd
-```
-
-Your ```/<host_path>/conf``` folder should look like so:
-
-```
-/<host_path>/conf/
-├── ejabberdctl.cfg
-├── ejabberd.yml
-└── inetrc
-```
-
-Example configuration files can be downloaded from the ejabberd [github](https://github.com/rroemhild/ejabberd) page.
-
-When these files exist in ```/opt/ejabberd/conf```, the run script will ignore the configuration templates.
-
-# Maintenance
-
-The `ejabberdctl` command is in the search path and can be run by:
-
-```bash
-docker exec CONTAINER ejabberdctl help
-```
-
-## Register Users
-
-```bash
-docker exec CONTAINER ejabberdctl register user XMPP_DOMAIN PASSWORD
-```
-
-## Creating Backups
-
-Create a backupfile with ejabberdctl and copy the file from the container to localhost
-
-```bash
-docker exec CONTAINER ejabberdctl backup /opt/ejabberd/backup/ejabberd.backup
-docker cp CONTAINER:/opt/ejabberd/backup/ejabberd.backup /tmp/ejabberd.backup
-```
-
-## Restoring Backups
-
-Copy the backupfile from localhost to the running container and restore with ejabberdctl
-
-```bash
-docker cp /tmp/ejabberd.backup CONTAINER:/opt/ejabberd/backup/ejabberd.backup
-docker exec CONTAINER ejabberdctl restore /opt/ejabberd/backup/ejabberd.backup
-```
-
-# Debug
-
-## Erlang Shell
-
-Set `-i` and `-t` option and append `live` to get an interactive erlang shell:
-
-```bash
-docker run -i -t -P rroemhild/ejabberd live
-```
-
-You can terminate the erlang shell with `q().`.
-
-## System Shell
-
-```bash
-docker run -i -t rroemhild/ejabberd shell
-```
-
-## System Commands
-
-```bash
-docker run -i -t rroemhild/ejabberd env
-```
-
-# Exposed Ports
-
-* 4560 (XMLRPC)
-* 5222 (Client 2 Server)
-* 5269 (Server 2 Server)
-* 5280 (HTTP admin/websocket/http-bind)
-* 5443 (HTTP Upload)
@@ -1,441 +0,0 @@
-###
-###               ejabberd configuration file
-###
-###
-
-### The parameters used in this configuration file are explained in more detail
-### in the ejabberd Installation and Operation Guide.
-### Please consult the Guide in case of doubts, it is included with
-### your copy of ejabberd, and is also available online at
-### http://www.process-one.net/en/ejabberd/docs/
-
-###   =======
-###   LOGGING
-
-loglevel: {{ env['EJABBERD_LOGLEVEL'] or 4 }}
-log_rotate_size: 10485760
-log_rotate_count: 0
-log_rate_limit: 100
-
-## watchdog_admins:
-##   - "bob@example.com"
-
-###   ================
-###   SERVED HOSTNAMES
-
-hosts:
-{%- for xmpp_domain in env['XMPP_DOMAIN'].split() %}
-  - "{{ xmpp_domain }}"
-{%- endfor %}
-
-##
-## route_subdomains: Delegate subdomains to other XMPP servers.
-## For example, if this ejabberd serves example.org and you want
-## to allow communication with an XMPP server called im.example.org.
-##
-## route_subdomains: s2s
-
-###   ===============
-###   LISTENING PORTS
-
-listen:
-  -
-    port: 5222
-    module: ejabberd_c2s
-    {%- if env['EJABBERD_STARTTLS'] == "true" %}
-    starttls_required: true
-    {%- endif %}
-    protocol_options:
-      - "no_sslv3"
-    {%- if env.get('EJABBERD_PROTOCOL_OPTIONS_TLSV1', "false") == "false" %}
-      - "no_tlsv1"
-    {%- endif %}
-    {%- if env.get('EJABBERD_PROTOCOL_OPTIONS_TLSV1_1', "true") == "false" %}
-      - "no_tlsv1_1"
-    {%- endif %}
-    max_stanza_size: 65536
-    shaper: c2s_shaper
-    access: c2s
-    ciphers: "{{ env.get('EJABBERD_CIPHERS', 'HIGH:!aNULL:!3DES') }}"
-    {%- if env.get('EJABBERD_DHPARAM', false) == "true" %}
-    dhfile: "/opt/ejabberd/ssl/dh.pem"
-    {%- endif %}
-  -
-    port: 5269
-    module: ejabberd_s2s_in
-  -
-    port: 4560
-    module: ejabberd_xmlrpc
-    access_commands:
-      configure:
-        all: []
-
-  -
-    port: 5280
-    module: ejabberd_http
-    request_handlers:
-      "/websocket": ejabberd_http_ws
-    ##  "/pub/archive": mod_http_fileserver
-    web_admin: true
-    http_bind: true
-    ## register: true
-    captcha: true
-    {%- if env['EJABBERD_HTTPS'] == "true" %}
-    tls: true
-    certfile: "/opt/ejabberd/ssl/host.pem"
-    {% endif %}
-  -
-    port: 5443
-    module: ejabberd_http
-    request_handlers:
-      "": mod_http_upload
-    {%- if env['EJABBERD_HTTPS'] == "true" %}
-    tls: true
-    certfile: "/opt/ejabberd/ssl/host.pem"
-    {% endif %}
-
-
-###   SERVER TO SERVER
-###   ================
-
-{%- if env['EJABBERD_S2S_SSL'] == "true" %}
-s2s_use_starttls: required
-s2s_certfile: "/opt/ejabberd/ssl/host.pem"
-s2s_protocol_options:
-  - "no_sslv3"
-  {%- if env.get('EJABBERD_PROTOCOL_OPTIONS_TLSV1', "false") == "false" %}
-  - "no_tlsv1"
-  {%- endif %}
-  {%- if env.get('EJABBERD_PROTOCOL_OPTIONS_TLSV1_1', "true") == "false" %}
-  - "no_tlsv1_1"
-  {%- endif %}
-s2s_ciphers: "{{ env.get('EJABBERD_CIPHERS', 'HIGH:!aNULL:!3DES') }}"
-{%- if env.get('EJABBERD_DHPARAM', false) == "true" %}
-s2s_dhfile: "/opt/ejabberd/ssl/dh.pem"
-{%- endif %}
-{% endif %}
-
-###   ==============
-###   AUTHENTICATION
-
-auth_method:
-{%- for auth_method in env.get('EJABBERD_AUTH_METHOD', 'internal').split() %}
-  - {{ auth_method }}
-{%- endfor %}
-
-auth_password_format: {{ env.get('EJABBERD_AUTH_PASSWORD_FORMAT', 'scram') }}
-
-{%- if 'anonymous' in env.get('EJABBERD_AUTH_METHOD', 'internal').split() %}
-anonymous_protocol: both
-allow_multiple_connections: true
-{%- endif %}
-
-
-## LDAP authentication
-
-{%- if 'ldap' in env.get('EJABBERD_AUTH_METHOD', 'internal').split() %}
-
-ldap_servers:
-{%- for ldap_server in env.get('EJABBERD_LDAP_SERVERS', 'internal').split() %}
-  - "{{ ldap_server }}"
-{%- endfor %}
-
-ldap_encrypt: {{ env.get('EJABBERD_LDAP_ENCRYPT', 'none') }}
-ldap_tls_verify: {{ env.get('EJABBERD_LDAP_TLS_VERIFY', 'false') }}
-
-{%- if env['EJABBERD_LDAP_TLS_CACERTFILE'] %}
-ldap_tls_cacertfile: "{{ env['EJABBERD_LDAP_TLS_CACERTFILE'] }}"
-{%- endif %}
-
-ldap_tls_depth: {{ env.get('EJABBERD_LDAP_TLS_DEPTH', 1) }}
-
-{%- if env['EJABBERD_LDAP_PORT'] %}
-ldap_port: {{ env['EJABBERD_LDAP_PORT'] }}
-{%- endif %}
-
-{%- if env['EJABBERD_LDAP_ROOTDN'] %}
-ldap_rootdn: "{{ env['EJABBERD_LDAP_ROOTDN'] }}"
-{%- endif %}
-
-{%- if env['EJABBERD_LDAP_PASSWORD'] %}
-ldap_password: "{{ env['EJABBERD_LDAP_PASSWORD'] }}"
-{%- endif %}
-
-ldap_deref_aliases: {{ env.get('EJABBERD_LDAP_DEREF_ALIASES', 'never') }}
-ldap_base: "{{ env['EJABBERD_LDAP_BASE'] }}"
-
-{%- if env['EJABBERD_LDAP_UIDS'] %}
-ldap_uids:
-{%- for ldap_uid in env['EJABBERD_LDAP_UIDS'].split() %}
-  "{{ ldap_uid.split(':')[0] }}": "{{ ldap_uid.split(':')[1] }}"
-{%- endfor %}
-{%- endif %}
-
-{%- if env['EJABBERD_LDAP_FILTER'] %}
-ldap_filter: "{{ env['EJABBERD_LDAP_FILTER'] }}"
-{%- endif %}
-
-{%- if env['EJABBERD_LDAP_DN_FILTER'] %}
-ldap_dn_filter:
-{%- for dn_filter in env['EJABBERD_LDAP_DN_FILTER'].split() %}
-  "{{ dn_filter.split(':')[0] }}": ["{{ dn_filter.split(':')[1] }}"]
-{%- endfor %}
-{%- endif %}
-
-{%- endif %}
-
-{%- if 'external' in env.get('EJABBERD_AUTH_METHOD', 'internal').split() %}
-  {%- if env['EJABBERD_EXTAUTH_PROGRAM'] %}
-extauth_program: "{{ env['EJABBERD_EXTAUTH_PROGRAM'] }}"
-  {%- endif %}
-  {%- if env['EJABBERD_EXTAUTH_INSTANCES'] %}
-extauth_instances: {{ env['EJABBERD_EXTAUTH_INSTANCES'] }}
-  {%- endif %}
-  {%- if 'internal' in env.get('EJABBERD_AUTH_METHOD').split() %}
-extauth_cache: false
-  {%- elif env['EJABBERD_EXTAUTH_CACHE'] %}
-extauth_cache: {{ env['EJABBERD_EXTAUTH_CACHE'] }}
-  {%- endif %}
-{% endif %}
-
-###   ===============
-###   TRAFFIC SHAPERS
-
-shaper:
-  normal: 1000
-  fast: 50000
-max_fsm_queue: 1000
-
-###   ====================
-###   ACCESS CONTROL LISTS
-
-acl:
-  admin:
-    user:
-    {%- if env['EJABBERD_ADMINS'] %}
-      {%- for admin in env['EJABBERD_ADMINS'].split() %}
-      - "{{ admin.split('@')[0] }}": "{{ admin.split('@')[1] }}"
-      {%- endfor %}
-    {%- else %}
-      - "admin": "{{ env['XMPP_DOMAIN'].split()[0] }}"
-    {%- endif %}
-  local:
-    user_regexp: ""
-
-###   ============
-###   ACCESS RULES
-
-access:
-  ## Maximum number of simultaneous sessions allowed for a single user:
-  max_user_sessions:
-    all: 10
-  ## Maximum number of offline messages that users can have:
-  max_user_offline_messages:
-    admin: 5000
-    all: 100
-  ## This rule allows access only for local users:
-  local:
-    local: allow
-  ## Only non-blocked users can use c2s connections:
-  c2s:
-    blocked: deny
-    all: allow
-  ## For C2S connections, all users except admins use the "normal" shaper
-  c2s_shaper:
-    admin: none
-    all: normal
-  ## All S2S connections use the "fast" shaper
-  s2s_shaper:
-    all: fast
-  ## Only admins can send announcement messages:
-  announce:
-    admin: allow
-  ## Only admins can use the configuration interface:
-  configure:
-    admin: allow
-  ## Admins of this server are also admins of the MUC service:
-  muc_admin:
-    admin: allow
-  ## Only accounts of the local ejabberd server, or only admins can create rooms, depending on environment variable:
-  muc_create:
-    {%- if env['EJABBERD_MUC_CREATE_ADMIN_ONLY'] == "true" %}
-    admin: allow
-    {% else %}
-    local: allow
-    {% endif %}
-  ## All users are allowed to use the MUC service:
-  muc:
-    all: allow
-  ## Only accounts on the local ejabberd server can create Pubsub nodes:
-  pubsub_createnode:
-    local: allow
-  ## In-band registration allows registration of any possible username.
-  register:
-    {%- if env['EJABBERD_REGISTER_ADMIN_ONLY'] == "true" %}
-    all: deny
-    admin: allow
-    {% else %}
-    all: allow
-    {% endif %}
-  ## Only allow to register from localhost
-  trusted_network:
-    loopback: allow
-  soft_upload_quota:
-    all: 400 # MiB
-  hard_upload_quota:
-    all: 500 # MiB
-
-
-language: "en"
-
-###   =======
-###   MODULES
-
-modules:
-  mod_adhoc: {}
-  {%- if env['EJABBERD_MOD_ADMIN_EXTRA'] == "true" %}
-  mod_admin_extra: {}
-  {% endif %}
-  mod_announce: # recommends mod_adhoc
-    access: announce
-  mod_blocking: {} # requires mod_privacy
-  mod_caps: {}
-  mod_carboncopy: {}
-  mod_client_state:
-    queue_chat_states: true
-    queue_presence: false
-  mod_configure: {} # requires mod_adhoc
-  mod_disco: {}
-  ## mod_echo: {}
-  mod_irc: {}
-  mod_http_bind: {}
-  ## mod_http_fileserver:
-  ##   docroot: "/var/www"
-  ##   accesslog: "/var/log/ejabberd/access.log"
-  mod_last: {}
-  mod_mam:
-    default: always
-  mod_muc:
-    host: "conference.@HOST@"
-    access: muc
-    access_create: muc_create
-    access_persistent: muc_create
-    access_admin: muc_admin
-    history_size: 50
-    default_room_options:
-      persistent: true
-  {%- if env['EJABBERD_MOD_MUC_ADMIN'] == "true" %}
-  mod_muc_admin: {}
-  {% endif %}
-  ## mod_muc_log: {}
-  ## mod_multicast: {}
-  mod_offline:
-    access_max_user_messages: max_user_offline_messages
-  mod_ping: {}
-  ## mod_pres_counter:
-  ##   count: 5
-  ##   interval: 60
-  mod_privacy: {}
-  mod_private: {}
-  ## mod_proxy65: {}
-  mod_pubsub:
-    access_createnode: pubsub_createnode
-    ## reduces resource comsumption, but XEP incompliant
-    ignore_pep_from_offline: true
-    ## XEP compliant, but increases resource comsumption
-    ## ignore_pep_from_offline: false
-    last_item_cache: false
-    plugins:
-      - "flat"
-      - "hometree"
-      - "pep" # pep requires mod_caps
-  mod_push: {}
-  mod_push_keepalive: {}
-  mod_register:
-    ##
-    ## Protect In-Band account registrations with CAPTCHA.
-    ##
-    ## captcha_protected: true
-
-    ##
-    ## Set the minimum informational entropy for passwords.
-    ##
-    ## password_strength: 32
-
-    ##
-    ## After successful registration, the user receives
-    ## a message with this subject and body.
-    ##
-    welcome_message:
-      subject: "Welcome!"
-      body: |-
-        Hi.
-        Welcome to this XMPP server.
-
-    ##
-    ## Only clients in the server machine can register accounts
-    ##
-    {%- if env['EJABBERD_REGISTER_TRUSTED_NETWORK_ONLY'] == "true" %}
-    ip_access: trusted_network
-    {% endif %}
-
-    access: register
-  mod_roster: {}
-  mod_shared_roster: {}
-  mod_stats: {}
-  mod_time: {}
-  mod_vcard: {}
-  {% if env.get('EJABBERD_MOD_VERSION', true) == "true" %}
-  mod_version: {}
-  {% endif %}
-  mod_http_upload:
-    docroot: "/opt/ejabberd/upload"
-    {%- if env['EJABBERD_HTTPS'] == "true" %}
-    put_url: "https://@HOST@:5443"
-    {%- else %}
-    put_url: "http://@HOST@:5443"
-    {% endif %}
-  mod_http_upload_quota:
-    max_days: 10
-
-###   ============
-###   HOST CONFIG
-
-host_config:
-{%- for xmpp_domain in env['XMPP_DOMAIN'].split() %}
-  "{{ xmpp_domain }}":
-    domain_certfile: "/opt/ejabberd/ssl/{{ xmpp_domain }}.pem"
-{%- endfor %}
-
-{%- if env['EJABBERD_CONFIGURE_ODBC'] == "true" %}
-###   ====================
-###   ODBC DATABASE CONFIG
-sql_type: {{ env['EJABBERD_ODBC_TYPE'] }}
-sql_server: "{{ env['EJABBERD_ODBC_SERVER'] }}"
-sql_database: "{{ env['EJABBERD_ODBC_DATABASE'] }}"
-sql_username: "{{ env['EJABBERD_ODBC_USERNAME'] }}"
-sql_password: "{{ env['EJABBERD_ODBC_PASSWORD'] }}"
-
-default_db: sql
-{% endif %}
-
-{%- if env['EJABBERD_DEFAULT_DB'] is defined %}
-default_db: {{ env['EJABBERD_DEFAULT_DB'] }}
-{% endif %}
-
-###   =====================
-###   SESSION MANAGEMENT DB
-sm_db_type: {{ env['EJABBERD_SESSION_DB'] or "mnesia" }}
-
-{%- if env['EJABBERD_CONFIGURE_REDIS'] == "true" %}
-###   ====================
-###   REDIS DATABASE CONFIG
-redis_server: {{ env['EJABBERD_REDIS_SERVER'] or "localhost" }}
-redis_port: {{ env['EJABBERD_REDIS_PORT'] or 6379 }}
-{%- if env['EJABBERD_REDIS_PASSWORD'] is defined %}
-redis_password: {{ env['EJABBERD_REDIS_PASSWORD'] }}
-{% endif %}
-redis_db: {{ env['EJABBERD_REDIS_DB'] or 0}}
-redis_reconnect_timeout: {{ env['EJABBERD_REDIS_RECONNECT_TIMEOUT'] or 1 }}
-redis_connect_timeout: {{ env['EJABBERD_REDIS_CONNECT_TIMEOUT'] or 1 }}
-{% endif %}
@@ -1,187 +0,0 @@
-#
-# In this file you can configure options that are passed by ejabberdctl
-# to the erlang runtime system when starting ejabberd
-#
-
-#' POLL: Kernel polling ([true|false])
-#
-# The kernel polling option requires support in the kernel.
-# Additionally, you need to enable this feature while compiling Erlang.
-#
-# Default: true
-#
-#POLL=true
-
-#.
-#' SMP: SMP support ([enable|auto|disable])
-#
-# Explanation in Erlang/OTP documentation:
-# enable: starts the Erlang runtime system with SMP support enabled.
-#   This may fail if no runtime system with SMP support is available.
-# auto: starts the Erlang runtime system with SMP support enabled if it
-#   is available and more than one logical processor are detected.
-# disable: starts a runtime system without SMP support.
-#
-# Default: auto
-#
-#SMP=auto
-
-#.
-#' ERL_MAX_PORTS: Maximum number of simultaneously open Erlang ports
-#
-# ejabberd consumes two or three ports for every connection, either
-# from a client or from another Jabber server. So take this into
-# account when setting this limit.
-#
-# Default: 32000
-# Maximum: 268435456
-#
-#ERL_MAX_PORTS=32000
-
-#.
-#' FIREWALL_WINDOW: Range of allowed ports to pass through a firewall
-#
-# If Ejabberd is configured to run in cluster, and a firewall is blocking ports,
-# it's possible to make Erlang use a defined range of port (instead of dynamic
-# ports) for node communication.
-#
-# Default: not defined
-# Example: 4200-4210
-#
-#FIREWALL_WINDOW=
-
-#.
-#' INET_DIST_INTERFACE: IP address where this Erlang node listens other nodes
-#
-# This communication is used by ejabberdctl command line tool,
-# and in a cluster of several ejabberd nodes.
-#
-# Default: 127.0.0.1
-#
-#INET_DIST_INTERFACE=127.0.0.1
-
-#.
-#' ERL_EPMD_ADDRESS: IP addresses where epmd listens for connections
-#
-# IMPORTANT: This option works only in Erlang/OTP R14B03 and newer.
-#
-# This environment variable may be set to a comma-separated
-# list of IP addresses, in which case the epmd daemon
-# will listen only on the specified address(es) and on the
-# loopback address (which is implicitly added to the list if it
-# has not been specified). The default behaviour is to listen on
-# all available IP addresses.
-#
-# Default: 0.0.0.0
-#
-#ERL_EPMD_ADDRESS=127.0.0.1
-
-#.
-#' ERL_PROCESSES: Maximum number of Erlang processes
-#
-# Erlang consumes a lot of lightweight processes. If there is a lot of activity
-# on ejabberd so that the maximum number of processes is reached, people will
-# experience greater latency times. As these processes are implemented in
-# Erlang, and therefore not related to the operating system processes, you do
-# not have to worry about allowing a huge number of them.
-#
-# Default: 250000
-# Maximum: 268435456
-#
-#ERL_PROCESSES=250000
-
-#.
-#' ERL_MAX_ETS_TABLES: Maximum number of ETS and Mnesia tables
-#
-# The number of concurrent ETS and Mnesia tables is limited. When the limit is
-# reached, errors will appear in the logs:
-#   ** Too many db tables **
-# You can safely increase this limit when starting ejabberd. It impacts memory
-# consumption but the difference will be quite small.
-#
-# Default: 1400
-#
-#ERL_MAX_ETS_TABLES=1400
-
-#.
-#' ERL_OPTIONS: Additional Erlang options
-#
-# The next variable allows to specify additional options passed to erlang while
-# starting ejabberd. Some useful options are -noshell, -detached, -heart. When
-# ejabberd is started from an init.d script options -noshell and -detached are
-# added implicitly. See erl(1) for more info.
-#
-# It might be useful to add "-pa /usr/local/lib/ejabberd/ebin" if you
-# want to add local modules in this path.
-#
-# Default: ""
-#
-ERL_OPTIONS="{{ env['ERL_OPTIONS'] or "-noshell" }}"
-
-#.
-#' ERLANG_NODE: Erlang node name
-#
-# The next variable allows to explicitly specify erlang node for ejabberd
-# It can be given in different formats:
-# ERLANG_NODE=ejabberd
-#   Lets erlang add hostname to the node (ejabberd uses short name in this case)
-# ERLANG_NODE=ejabberd@hostname
-#   Erlang uses node name as is (so make sure that hostname is a real
-#   machine hostname or you'll not be able to control ejabberd)
-# ERLANG_NODE=ejabberd@hostname.domainname
-#   The same as previous, but erlang will use long hostname
-#   (see erl (1) manual for details)
-#
-# Default: ejabberd@localhost
-#
-ERLANG_NODE={{ env['ERLANG_NODE'] or "ejabberd@localhost" }}
-
-#.
-#' EJABBERD_PID_PATH: ejabberd PID file
-#
-# Indicate the full path to the ejabberd Process identifier (PID) file.
-# If this variable is defined, ejabberd writes the PID file when starts,
-# and deletes it when stops.
-# Remember to create the directory and grant write permission to ejabberd.
-#
-# Default: don't write PID file
-#
-#EJABBERD_PID_PATH=/var/run/ejabberd/ejabberd.pid
-
-#.
-#' EJABBERD_CONFIG_PATH: ejabberd configuration file
-#
-# Specify the full path to the ejabberd configuration file. If the file name has
-# yml or yaml extension, it is parsed as a YAML file; otherwise, Erlang syntax is
-# expected.
-#
-# Default: $ETC_DIR/ejabberd.yml
-#
-#EJABBERD_CONFIG_PATH=/etc/ejabberd/ejabberd.yml
-
-#.
-#' CONTRIB_MODULES_PATH: contributed ejabberd modules path
-#
-# Specify the full path to the contributed ejabberd modules. If the path is not
-# defined, ejabberd will use ~/.ejabberd-modules in home of user running ejabberd.
-#
-# Default: $HOME/.ejabberd-modules
-#
-#CONTRIB_MODULES_PATH=/opt/ejabberd-modules
-
-#.
-#' EJABBERD_BYPASS_WARNINGS: Bypass LIVE warning
-#
-# Default: don't bypass the warning
-#
-EJABBERD_BYPASS_WARNINGS=true
-
-#.
-#' SPOOL_DIR: Database spool dir
-#
-# Specify the full path to the database spool dir used in binary installer for
-# backwards compatibility.
-#
-# Docker: rroemhild/ejabberd
-#
-SPOOL_DIR=$EJABBERD_HOME/database/$ERLANG_NODE
@@ -1,3 +0,0 @@
-{lookup,["file","native"]}.
-{host,{127,0,0,1}, ["localhost","hostalias"]}.
-{file, resolv, "/etc/resolv.conf"}.
@@ -1,3 +0,0 @@
-FROM rroemhild/ejabberd
-ENV EJABBERD_HOME /opt/ejabberd
-COPY ./scripts $EJABBERD_HOME/scripts
@@ -1,23 +0,0 @@
-# Ejabberd cluster with docker compose
-
-This example uses [dnsdocker](https://github.com/tonistiigi/dnsdock) to discover other nodes and setup a multi-master cluster.
-
-Build the ejabberd cluster image:
-
-```bash
-git clone https://github.com/rroemhild/docker-ejabberd.git
-cd docker-ejabberd/examples/docker-compose-cluster
-docker-compose build
-```
-
-Start dnsdocker and the first ejabberd node:
-
-```bash
-docker-compose up -d
-```
-
-Wait until the first ejabberd node is up and running `docker-compose logs ejabberd`, then add some ejabberd nodes to the cluster:
-
-```bash
-docker-compose scale ejabberd=4
-```
@@ -1,25 +0,0 @@
-dnsdock:
-  image: tonistiigi/dnsdock
-  volumes:
-    - /var/run/docker.sock:/var/run/docker.sock
-  ports:
-    - 172.17.42.1:53:53/udp
-
-ejabberd:
-  build: .
-  ports:
-    - 5222
-    - 5269
-    - 5280
-  environment:
-    - XMPP_DOMAIN=example.com
-    - ERLANG_NODE=ejabberd
-    - EJABBERD_ADMINS=admin@example.com
-    - EJABBERD_USERS=admin@example.com:test321 user@example.com
-    - ERLANG_COOKIE=testCluster
-    - SKIP_MODULES_UPDATE=true
-    - EJABBERD_CLUSTER=true
-    - USE_DNS=true
-  dns: 172.17.42.1
-  domainname: dockercomposecluster_ejabberd.docker
-  tty: true
@@ -1,37 +0,0 @@
-# overwrite get_nodename to discover hostname from DNS
-get_nodename() {
-    local hostname=${HOSTNAME}
-
-    # get hostname from dns
-    if ( is_true ${USE_DNS} ); then
-        # wait for dns registration
-        sleep 1
-
-        nodename=$(discover_dns_hostname ${HOSTIP})
-
-        is_set ${nodename} \
-            && hostname=${nodename}
-    fi
-
-    echo $hostname
-    return 0
-}
-
-
-# discover hostname from dns with a reverse lookup
-discover_dns_hostname() {
-    local hostip=$1
-
-    # try to get the hostname from dns
-    local dnsname=$(drill -x ${hostip} \
-        | grep PTR \
-        | awk '{print $5}' \
-        | grep -E "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*.[a-zA-Z]+\.$" \
-        | cut -d '.' -f1 \
-        | tail -1)
-
-    is_set ${dnsname} \
-        && echo ${dnsname}
-
-    return 0
-}
@@ -1,28 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-get_cluster_node_from_dns() {
-    local cluster_host=$(drill ${DOMAINNAME} \
-        | grep ${DOMAINNAME} \
-        | grep -v ${HOSTIP} \
-        | awk '{print $5}' \
-        | grep -v "^$" \
-        | head -1)
-    echo $(discover_dns_hostname ${cluster_host})
-}
-
-
-file_exist ${FIRST_START_DONE_FILE} \
-    && exit 0
-
-
-join_cluster $(get_cluster_node_from_dns)
-
-
-exit 0
@@ -1 +0,0 @@
-# simple docker-compose example
@@ -1,11 +0,0 @@
-ejabberd:
-  image: rroemhild/ejabberd
-  ports:
-    - 5222:5222
-    - 5269:5269
-    - 5280:5280
-  environment:
-    - ERLANG_NODE=ejabberd
-    - XMPP_DOMAIN=example.com xyz.io
-    - EJABBERD_ADMINS=admin@example.com
-    - EJABBERD_USERS=admin@example.com:password4321 user1@xyz.io
@@ -1,99 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-# discover hostname
-readonly nodename=$(get_nodename)
-
-is_zero ${ERLANG_NODE} \
-    && export ERLANG_NODE="ejabberd@localhost"
-
-## backward compatibility
-# if ERLANG_NODE is true reset it to "ejabberd" and add
-# hostname to the nodename.
-# else: export ${ERLANG_NODE} with nodename
-if (is_true ${ERLANG_NODE}); then
-    export ERLANG_NODE="ejabberd@${nodename}"
-fi
-
-
-run_scripts() {
-    local run_script_dir="${EJABBERD_HOME}/scripts/${1}"
-    for script in ${run_script_dir}/*.sh ; do
-        if [ -f ${script} -a -x ${script} ] ; then
-            ${script}
-        fi
-    done
-}
-
-
-pre_scripts() {
-    run_scripts "pre"
-}
-
-
-post_scripts() {
-    run_scripts "post"
-}
-
-stop_scripts() {
-    run_scripts "stop"
-}
-
-
-ctl() {
-    local action="$1"
-    ${EJABBERDCTL} ${action} >/dev/null
-}
-
-
-_trap() {
-    echo "Stopping ejabberd..."
-    stop_scripts
-    if ctl stop ; then
-        local cnt=0
-        sleep 1
-        while ctl status || test $? = 1 ; do
-            cnt=`expr $cnt + 1`
-            if [ $cnt -ge 60 ] ; then
-                break
-            fi
-            sleep 1
-        done
-    fi
-}
-
-
-# Catch signals and shutdown ejabberd
-trap _trap SIGTERM SIGINT
-
-## run ejabberd
-case "$@" in
-    start)
-        pre_scripts
-        tail -n 0 -F ${LOGDIR}/crash.log \
-                ${LOGDIR}/error.log \
-                ${LOGDIR}/erlang.log &
-        echo "Starting ejabberd..."
-        exec ${EJABBERDCTL} "foreground" &
-        child=$!
-        ${EJABBERDCTL} "started"
-        post_scripts
-        wait $child
-    ;;
-    live)
-        pre_scripts
-        echo "Starting ejabberd in 'live' mode..."
-        exec ${EJABBERDCTL} "live"
-    ;;
-    shell)
-        exec "/bin/bash"
-    ;;
-    *)
-        exec $@
-    ;;
-esac
@@ -1,53 +0,0 @@
-readonly HOSTIP=$(hostname -i)
-readonly HOSTNAME=$(hostname -f)
-readonly DOMAINNAME=$(hostname -d)
-
-readonly ERLANGCOOKIEFILE="${EJABBERD_HOME}/.erlang.cookie"
-readonly EJABBERDCTL="/usr/local/sbin/ejabberdctl"
-readonly CONFIGFILE="${EJABBERD_HOME}/conf/ejabberd.yml"
-readonly CONFIGTEMPLATE="${EJABBERD_HOME}/conf/ejabberd.yml.tpl"
-readonly CTLCONFIGFILE="${EJABBERD_HOME}/conf/ejabberdctl.cfg"
-readonly CTLCONFIGTEMPLATE="${EJABBERD_HOME}/conf/ejabberdctl.cfg.tpl"
-readonly SSLCERTDIR="${EJABBERD_HOME}/ssl"
-readonly SSLCERTHOST="${SSLCERTDIR}/host.pem"
-readonly SSLDHPARAM="${SSLCERTDIR}/dh.pem"
-readonly LOGDIR="/usr/local/var/log/ejabberd"
-readonly FIRST_START_DONE_FILE="/${EJABBERD_HOME}/first-start-done"
-readonly CLUSTER_NODE_FILE="/${EJABBERD_HOME}/cluster-done"
-
-readonly PYTHON_JINJA2="import os;
-import sys;
-import jinja2;
-sys.stdout.write(
-    jinja2.Template
-        (sys.stdin.read()
-    ).render(env=os.environ))"
-
-# backward compatibility environment variables
-set +e
-
-[[ -n $EJABBERD_ADMIN ]] \
-    && export EJABBERD_ADMINS=${EJABBERD_ADMIN}
-
-[[ -n $AUTH_METHOD ]] \
-    && export EJABBERD_AUTH_METHOD=${AUTH_METHOD}
-
-[[ -n $SKIP_MODULES_UPDATE ]] \
-    && export EJABBERD_SKIP_MODULES_UPDATE=${SKIP_MODULES_UPDATE}
-
-[[ -n $ERL_OPTIONS ]] \
-    && export ERLANG_OPTIONS=${ERL_OPTIONS}
-
-[[ -n $SSLCERT_HOST ]] \
-    && export EJABBERD_SSLCERT_HOST=${SSLCERT_HOST}
-
-[[ -n $SSLCERT_EXAMPLE_COM ]] \
-    && export EJABBERD_SSLCERT_EXAMPLE_COM=${SSLCERT_EXAMPLE_COM}
-
-[[ -n $LOGLEVEL ]] \
-    && export EJABBERD_LOGLEVEL=${LOGLEVEL}
-
-[[ -n $EJABBERD_WEB_ADMIN_SSL ]] \
-    && export EJABBERD_HTTPS=${EJABBERD_WEB_ADMIN_SSL}
-
-set -e
@@ -1,66 +0,0 @@
-is_set() {
-    local var=$1
-
-    [[ -n $var ]]
-}
-
-
-is_zero() {
-    local var=$1
-
-    [[ -z $var ]]
-}
-
-
-file_exist() {
-    local file=$1
-
-    [[ -e $file ]]
-}
-
-
-is_true() {
-    local var=${1,,}
-    local choices=("yes" "1" "y" "true")
-    for ((i=0;i < ${#choices[@]};i++)) {
-        [[ "${choices[i]}" == $var ]] && return 0
-    }
-    return 1
-}
-
-
-# overwrite this function to get hostname from other sources
-# like dns or etcd
-get_nodename() {
-    echo ${HOSTNAME}
-}
-
-
-join_cluster() {
-    local cluster_node=$1
-
-    is_zero ${cluster_node} \
-        && exit 0
-
-    echo "Join cluster..."
-
-    local erlang_node_name=${ERLANG_NODE%@*}
-    local erlang_cluster_node="${erlang_node_name}@${cluster_node}"
-
-    response=$(${EJABBERDCTL} ping ${erlang_cluster_node})
-    while [ "$response" != "pong" ]; do
-        echo "Waiting for ${erlang_cluster_node}..."
-        sleep 2
-        response=$(${EJABBERDCTL} ping ${erlang_cluster_node})
-    done
-
-    echo "Join cluster at ${erlang_cluster_node}... "
-    NO_WARNINGS=true ${EJABBERDCTL} join_cluster $erlang_cluster_node
-
-    if [ $? -eq 0 ]; then
-        touch ${CLUSTER_NODE_FILE}
-    else
-        echo "cloud not join cluster"
-        exit 1
-    fi
-}
@@ -1 +0,0 @@
-# Overridable file
@@ -1 +0,0 @@
-# Overridable file
@@ -1,24 +0,0 @@
-#!/bin/bash
-set -e
-
-# Updates the known modules as to be found in https://github.com/processone/ejabberd-contrib
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-run_modules_update_specs() {
-    echo -n 'Updating module specs... '
-    ${EJABBERDCTL} modules_update_specs
-}
-
-
-is_true ${EJABBERD_SKIP_MODULES_UPDATE} \
-    && exit 0
-
-run_modules_update_specs
-
-
-exit 0
@@ -1,143 +0,0 @@
-#!/bin/bash
-set -e
-
-# Installs modules as defined in environment variables
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-install_module_from_source() {
-    local module_name=$1
-    local module_source_path=${EJABBERD_HOME}/module_source/${module_name}
-    local module_install_folder=${EJABBERD_HOME}/.ejabberd-modules/sources
-    
-    echo "Analyzing module ${module_name} for installation"
-    # Make sure that the module exists in the source folder before attempting a copy
-
-    if [ ! -d ${module_source_path} ]; then
-        echo "Error: Module ${module_name} not found in ${EJABBERD_HOME}/module_source"
-        echo "Please use a shared volume to populate your module in ${EJABBERD_HOME}/module_source"
-        return 1;
-    fi
-
-    # Check to see if the module is already installed
-    local install_count=$(${EJABBERDCTL} modules_installed | grep -ce "^${module_name}[[:space:]]")
-    if [ $install_count -gt 0 ]; then
-        echo "Error: Module already installed: ${module_name}"
-        return 1;
-    fi
-
-    # Copy the module into the shared folder
-    echo "Copying module to ejabberd folder ${module_install_folder}"
-    mkdir -p ${module_install_folder}
-    cp -R ${module_source_path} ${module_install_folder}
-
-    # Run the ejabberdctl module_check on the module
-    echo "Running module_check on ${module_name}"
-    ${EJABBERDCTL} module_check ${module_name}
-    if [ $? -ne 0 ]; then
-        echo "Module check failed for ${module_name}"
-        return 1;
-    fi
-    echo "Module check succeeded for ${module_name}"
-
-    # Install the module
-    echo "Running module_install on ${module_name}"
-    ${EJABBERDCTL} module_install ${module_name}
-    if [ $? -ne 0 ]; then
-        echo "Module installation failed for ${module_name}"
-        return 1;
-    fi
-    echo "Module installation succeeded for ${module_name}"
-
-    return 0;
-}
-
-install_module_from_ejabberd_contrib() {
-    local module_name=$1
-
-    # Check to see if the module is already installed
-    local install_count=$(${EJABBERDCTL} modules_installed | grep -ce "^${module_name}[[:space:]]")
-    if [ $install_count -gt 0 ]; then
-        echo "Error: Module already installed: ejabberd_contrib ${module_name}"
-        return 1;
-    fi
-
-    # Install the module
-    echo "Running module_install on ejabberd_contrib ${module_name}"
-    ${EJABBERDCTL} module_install ${module_name}
-    if [ $? -ne 0 ]; then
-        echo "Module installation failed for ejabberd_contrib ${module_name}"
-        return 1;
-    fi
-    echo "Module installation succeeded for ejabberd_contrib ${module_name}"
-
-    return 0;
-}
-
-enable_custom_auth_module_override() {
-    module_name=$1;
-    # When using custom authentication modules, the module name must be
-    # in the following pattern: ejabberd_auth_foo, where foo is the
-    # value you will use for your auth_method yml configuration.
-    required_prefix="ejabberd_auth_"
-
-    if [[ "${module_name}" != "${required_prefix}"* ]]; then
-        echo "Error: module_name must begin with ${required_prefix}"
-        exit 1;
-    fi
-
-    echo "Checking custom auth module: ${module_name}"
-    # Make sure the auth module is installed
-    local install_count=$(${EJABBERDCTL} modules_installed | grep -ce "^${module_name}[[:space:]]")
-    if [ $install_count -eq 0  ]; then
-        echo "Error: custom auth_module not installed: ${module_name}"
-        return 1;
-    fi
-
-    custom_auth_method=${module_name#$required_prefix}
-    echo -e "\nauth_method: [${custom_auth_method}]" >> ${CONFIGFILE}
-    echo "Custom auth module ${module_name} configuration complete."
-}
-
-file_exist ${FIRST_START_DONE_FILE} \
-    && exit 0
-
-is_restart_needed=0;
-
-if [ -n "${EJABBERD_SOURCE_MODULES}" ]; then
-    for module_name in ${EJABBERD_SOURCE_MODULES} ; do
-        install_module_from_source ${module_name}
-    done
-    is_restart_needed=1;
-fi
-
-# Check the EJABBERD_CONTRIB_MODULES variable for any ejabberd_contrib modules
-if [ -n "${EJABBERD_CONTRIB_MODULES}" ]; then
-    for module_name in ${EJABBERD_CONTRIB_MODULES} ; do
-        install_module_from_ejabberd_contrib ${module_name}
-    done
-    is_restart_needed=1;
-fi
-
-# If a custom module was defined for handling auth, we need to override
-# the pre-defined auth methods in the config.
-if [ -n "${EJABBERD_CUSTOM_AUTH_MODULE_OVERRIDE}" ]; then
-    enable_custom_auth_module_override "${EJABBERD_CUSTOM_AUTH_MODULE_OVERRIDE}"
-    is_restart_needed=1;
-fi
-
-# If any modules were installed, restart the server, if the option is enabled
-if [ ${is_restart_needed} -eq 1 ]; then
-    if is_true ${EJABBERD_RESTART_AFTER_MODULE_INSTALL} ; then
-        echo "Restarting ejabberd after successful module installation(s)"
-        ${EJABBERDCTL} restart
-        child=$!
-        ${EJABBERDCTL} "started"
-        wait $child
-    fi
-fi
-
-exit 0
@@ -1,118 +0,0 @@
-#!/bin/bash
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-# Do not exit if users already registered
-set +e
-
-randpw() {
-    < /dev/urandom tr -dc A-Z-a-z-0-9 | head -c ${1:-16};
-    echo;
-}
-
-
-register_user() {
-    local user=$1
-    local domain=$2
-    local password=$3
-
-    ${EJABBERDCTL} register ${user} ${domain} ${password}
-    return $?
-}
-
-
-register_all_users() {
-    # register users from environment $EJABBERD_USERS with given
-    # password or random password written to stout. Use whitespace
-    # to seperate users.
-    #
-    # sample:
-    # - add a user with an given password:
-    #   -e "EJABBERD_USERS=admin@example.com:adminSecret"
-    # - add a user with a random password:
-    #   -e "EJABBERD_USERS=user@example.com"
-    # - set password for admin and use random for user1:
-    #   -e "EJABBERD_USERS=admin@example.com:adminSecret user@example.com"
-
-    for user in ${EJABBERD_USERS} ; do
-        local jid=${user%%:*}
-        local password=${user#*:}
-
-        local username=${jid%%@*}
-        local domain=${jid#*@}
-
-        [[ "${password}" == "${jid}" ]] \
-            && password=$(randpw)
-
-        register_user ${username} ${domain} ${password}
-        local retval=$?
-
-        [[ ${retval} -eq 0 ]] \
-            && echo "Password for user ${username}@${domain} is ${password}"
-    done
-}
-
-
-file_exist ${FIRST_START_DONE_FILE} \
-    && exit 0
-
-
-file_exist ${CLUSTER_NODE_FILE} \
-    && exit 0
-
-
-is_set ${EJABBERD_USERS} \
-    && register_all_users
-
-
-##################################
-## Keep for backward compatibility
-
-register_all_ejabberd_admins() {
-    # add all admins from environment $EJABBERD_ADMINS with the passwords from
-    # environment $EJABBERD_ADMIN_PASS.
-
-    local passwords
-    local IFS=' '
-    read -a passwords <<< "${EJABBERD_ADMIN_PWD}"
-
-    for admin in ${EJABBERD_ADMINS} ; do
-        local user=${admin%%@*}
-        local domain=${admin#*@}
-        local password=${passwords[0]}
-        passwords=("${passwords[@]:1}")
-        register_user ${user} ${domain} ${password}
-    done
-}
-
-
-register_all_ejabberd_admins_randpw() {
-    # add all admins from environment $EJABBERD_ADMINS with a random
-    # password and write the password to stdout.
-
-    for admin in ${EJABBERD_ADMINS} ; do
-        local user=${admin%%@*}
-        local domain=${admin#*@}
-        local password=$(randpw)
-
-        register_user ${user} ${domain} ${password}
-        local retval=$?
-
-        [[ ${retval} -eq 0 ]] \
-            && echo "Password for user ${user}@${domain} is ${password}"
-    done
-}
-
-
-is_set ${EJABBERD_ADMIN_PWD} \
-    && register_all_ejabberd_admins
-
-
-is_true ${EJABBERD_ADMIN_RANDPWD} \
-    && register_all_ejabberd_admins_randpw
-
-
-exit 0
@@ -1,14 +0,0 @@
-#!/bin/bash
-set -e
-
-# Write a first-start-done file
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-if [ ! -e "${FIRST_START_DONE_FILE}" ]; then
-    touch ${FIRST_START_DONE_FILE}
-fi
@@ -1,23 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-readonly whoami=$(whoami)
-
-
-change_ejabberd_run_user() {
-    echo "Change ejabberd install user to root..."
-    sed -i "s/INSTALLUSER=${EJABBERD_USER}/INSTALLUSER=${whoami}/" ${EJABBERDCTL}
-}
-
-
-[[ "${whoami}" == "root" ]] \
-    && change_ejabberd_run_user
-
-
-exit 0
@@ -1,33 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-# Instead of having to mount a direction, specify the ssl certs
-# via environment variables:
-# `EJABBERD_SSLCERT_HOST` and `EJABBERD_SSLCERT_{domain_name}`.
-# For example: `EJABBERD_SSLCERT_EXAMPLE_COM`.
-
-write_file_from_env() {
-    echo "Writing $1 to $2"
-    mkdir -p "$(dirname $2)"
-    echo "${!1}" > $2
-}
-
-# Write the host certificate
-is_set ${EJABBERD_SSLCERT_HOST} \
-  && write_file_from_env "EJABBERD_SSLCERT_HOST" ${SSLCERTHOST}
-
-# Write the domain certificates for each XMPP_DOMAIN
-for xmpp_domain in ${XMPP_DOMAIN} ; do
-    var="EJABBERD_SSLCERT_$(echo $xmpp_domain | awk '{print toupper($0)}' | sed 's/\./_/g;s/-/_/g')"
-    if is_set ${!var} ; then
-        file_exist "${SSLCERTDIR}/${xmpp_domain}.pem" \
-          || write_file_from_env "$var" "${SSLCERTDIR}/${xmpp_domain}.pem"
-    fi
-done
-
-exit 0
@@ -1,91 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-make_snakeoil_certificate() {
-    local domain=$1
-    local certfile=$2
-
-    openssl req -subj "/CN=${domain}" \
-                -new \
-                -newkey rsa:4096 \
-                -days 365 \
-                -nodes \
-                -x509 \
-                -keyout /tmp/selfsigned.key \
-                -out /tmp/selfsigned.crt
-
-    echo "Writing ssl cert and private key to '${certfile}'..."
-    cat /tmp/selfsigned.crt /tmp/selfsigned.key > ${certfile}
-    rm /tmp/selfsigned.crt /tmp/selfsigned.key
-}
-
-
-make_host_snakeoil_certificate() {
-    local IFS=@
-    local domain='localhost'
-    local erlang_node=${ERLANG_NODE}
-
-    if is_true ${erlang_node} ; then
-        domain=${HOSTNAME}
-    elif is_set ${erlang_node} ; then
-        set ${erlang_node}
-        local nodehost=$2
-        if is_zero ${nodehost} ; then
-            domain=${HOSTNAME}
-        else
-            domain=${nodehost}
-        fi
-    fi
-
-    echo -n "Missing ssl cert for your host. "
-    echo "Generating snakeoil ssl cert for ${domain}..."
-
-    make_snakeoil_certificate ${domain} ${SSLCERTHOST}
-}
-
-
-make_domain_snakeoil_certificate() {
-    local domain=$1
-    local certfile=$2
-
-    echo -n "Missing ssl cert for your xmpp domain. "
-    echo "Generating snakeoil ssl cert for ${domain}..."
-
-    make_snakeoil_certificate ${domain} ${certfile}
-}
-
-
-## backward compatibility
-# link old xmpp_domain.pem file to the first <domainname>.pem in XMPP_DOMAIN
-readonly SSLCERTDOMAIN="${SSLCERTDIR}/xmpp_domain.pem"
-if file_exist ${SSLCERTDOMAIN} ; then
-    for xmpp_domain in ${XMPP_DOMAIN} ; do
-        file_exist "${SSLCERTDIR}/${xmpp_domain}.pem" \
-          || ln -s ${SSLCERTDOMAIN} "${SSLCERTDIR}/${xmpp_domain}.pem"
-        break
-    done
-fi
-
-
-is_true ${EJABBERD_SKIP_MAKE_SSLCERT} \
-    && echo "Skip certificate generation" \
-    && exit 0
-
-# generate host ssl cert if missing
-file_exist ${SSLCERTHOST} \
-  || make_host_snakeoil_certificate
-
-# generate xmmp domain ssl certificates if missing
-for xmpp_domain in ${XMPP_DOMAIN} ; do
-  domain_certfile="${SSLCERTDIR}/${xmpp_domain}.pem"
-  file_exist ${domain_certfile} \
-    || make_domain_snakeoil_certificate ${xmpp_domain} ${domain_certfile}
-done
-
-exit 0
@@ -1,28 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-make_dhparam() {
-	local dhfile=$1
-	local bits=$2
-
-	echo "Writing dh file to '${dhfile}'..."
-	openssl dhparam -out ${dhfile} ${bits}
-}
-
-
-is_true ${EJABBERD_SKIP_MAKE_DHPARAM} \
-	&& echo "Skip DH param generation" \
-    && exit 0
-
-if is_true ${EJABBERD_DHPARAM} ; then
-	file_exist ${SSLDHPARAM} \
-		|| make_dhparam ${SSLDHPARAM} 4096
-fi
-
-exit 0
@@ -1,25 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-set_erlang_cookie() {
-    echo "Set erlang cookie to ${ERLANG_COOKIE}..."
-    echo ${ERLANG_COOKIE} > ${ERLANGCOOKIEFILE}
-    chmod 400 ${ERLANGCOOKIEFILE}
-}
-
-
-file_exist ${FIRST_START_DONE_FILE} \
-    && exit 0
-
-
-# set erlang cookie if ERLANG_COOKIE is set in environemt
-is_set ${ERLANG_COOKIE} \
-    && set_erlang_cookie
-
-exit 0
@@ -1,38 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-make_config() {
-    if [ ! -e ${CONFIGFILE} ]; then
-        echo "Generating ejabberd config file..."
-        cat ${CONFIGTEMPLATE} \
-          | python -c "${PYTHON_JINJA2}" \
-          > ${CONFIGFILE}
-    else
-        echo "ejabberd config file exists."
-    fi
-
-    if [ ! -e ${CTLCONFIGFILE} ]; then
-        echo "Generating ejabberdctl config file..."
-        cat ${CTLCONFIGTEMPLATE} \
-          | python -c "${PYTHON_JINJA2}" \
-          > ${CTLCONFIGFILE}
-    else
-        echo "ejabberdctl config file exists."
-    fi
-}
-
-
-file_exist ${FIRST_START_DONE_FILE} \
-    && exit 0
-
-
-# generate config file
-make_config
-
-exit 0
@@ -1,21 +0,0 @@
-#!/bin/bash
-set -e
-
-source "${EJABBERD_HOME}/scripts/lib/base_config.sh"
-source "${EJABBERD_HOME}/scripts/lib/config.sh"
-source "${EJABBERD_HOME}/scripts/lib/base_functions.sh"
-source "${EJABBERD_HOME}/scripts/lib/functions.sh"
-
-
-leave_cluster() {
-    echo "Leave cluster... "
-    rm ${CLUSTER_NODE_FILE}
-    NO_WARNINGS=true ${EJABBERDCTL} leave_cluster
-}
-
-
-file_exist ${CLUSTER_NODE_FILE} \
-    && leave_cluster
-
-
-exit 0
@@ -13,7 +13,7 @@ ExecStart=/bin/sh -c '@ctlscriptpath@/ejabberdctl start && @ctlscriptpath@/ejabb
 ExecStop=/bin/sh -c '@ctlscriptpath@/ejabberdctl stop && @ctlscriptpath@/ejabberdctl stopped'
 ExecReload=@ctlscriptpath@/ejabberdctl reload_config
 PrivateDevices=true
-ProtectSystem=full
+TimeoutSec=300

 [Install]
 WantedBy=multi-user.target
@@ -1,588 +1,95 @@
 ###
-###'              ejabberd configuration file
+###              ejabberd configuration file
 ###
+### The parameters used in this configuration file are explained at
+###
+###       https://docs.ejabberd.im/admin/configuration
 ###
-
-### The parameters used in this configuration file are explained in more detail
-### in the ejabberd Installation and Operation Guide.
-### Please consult the Guide in case of doubts, it is included with
-### your copy of ejabberd, and is also available online at
-### http://www.process-one.net/en/ejabberd/docs/
-
 ### The configuration file is written in YAML.
+### *******************************************************
+### *******           !!! WARNING !!!               *******
+### *******     YAML IS INDENTATION SENSITIVE       *******
+### ******* MAKE SURE YOU INDENT SECTIONS CORRECTLY *******
+### *******************************************************
 ### Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
-### However, ejabberd treats different literals as different types:
 ###
-### - unquoted or single-quoted strings. They are called "atoms".
-###   Example: dog, 'Jupiter', '3.14159', YELLOW
-###
-### - numeric literals. Example: 3, -45.0, .0
-###
-### - quoted or folded strings.
-###   Examples of quoted string: "Lizzard", "orange".
-###   Example of folded string:
-###   > Art thou not Romeo,
-###     and a Montague?

-###.  =======
-###'  LOGGING
-
-##
-## loglevel: Verbosity of log files generated by ejabberd.
-## 0: No ejabberd log at all (not recommended)
-## 1: Critical
-## 2: Error
-## 3: Warning
-## 4: Info
-## 5: Debug
-##
-loglevel: 4
-
-##
-## rotation: Describe how to rotate logs. Either size and/or date can trigger
-## log rotation. Setting count to N keeps N rotated logs. Setting count to 0
-## does not disable rotation, it instead rotates the file and keeps no previous
-## versions around. Setting size to X rotate log when it reaches X bytes.
-## To disable rotation set the size to 0 and the date to ""
-## Date syntax is taken from the syntax newsyslog uses in newsyslog.conf.
-## Some examples:
-##  $D0     rotate every night at midnight
-##  $D23    rotate every day at 23:00 hr
-##  $W0D23  rotate every week on Sunday at 23:00 hr
-##  $W5D16  rotate every week on Friday at 16:00 hr
-##  $M1D0   rotate on the first day of every month at midnight
-##  $M5D6   rotate on every 5th day of the month at 6:00 hr
-##
-log_rotate_size: 10485760
-log_rotate_date: ""
-log_rotate_count: 1
-
-##
-## overload protection: If you want to limit the number of messages per second
-## allowed from error_logger, which is a good idea if you want to avoid a flood
-## of messages when system is overloaded, you can set a limit.
-## 100 is ejabberd's default.
-log_rate_limit: 100
-
-##
-## watchdog_admins: Only useful for developers: if an ejabberd process
-## consumes a lot of memory, send live notifications to these XMPP
-## accounts.
-##
-## watchdog_admins:
-##   - "bob@example.com"
-
-###.  ===============
-###'  NODE PARAMETERS
-
-##
-## net_ticktime: Specifies net_kernel tick time in seconds. This options must have
-## identical value on all nodes, and in most cases shouldn't be changed at all from
-## default value.
-##
-## net_ticktime: 60
-
-###.  ================
-###'  SERVED HOSTNAMES
-
-##
-## hosts: Domains served by ejabberd.
-## You can define one or several, for example:
-## hosts: 
-##   - "example.net"
-##   - "example.com"
-##   - "example.org"
-##
 hosts:
-  - "localhost"
+  - localhost

-##
-## route_subdomains: Delegate subdomains to other XMPP servers.
-## For example, if this ejabberd serves example.org and you want
-## to allow communication with an XMPP server called im.example.org.
-##
-## route_subdomains: s2s
+loglevel: info

-###.  ===============
-###'  LISTENING PORTS
+## If you already have certificates, list them here
+# certfiles:
+#  - /etc/letsencrypt/live/domain.tld/fullchain.pem
+#  - /etc/letsencrypt/live/domain.tld/privkey.pem

-## Define common macros used by listeners
-## define_macro:
-##   'CERTFILE': "/path/to/xmpp.pem"
-##   'CIPHERS': "ECDH:DH:!3DES:!aNULL:!eNULL:!MEDIUM@STRENGTH"
-##   'TLSOPTS':
-##     - "no_sslv2"
-##     - "no_sslv3"
-##     - "no_tlsv1"
-##     - "no_tlsv1_1"
-##     - "cipher_server_preference"
-##     - "no_compression"
-##   'DHFILE': "/path/to/dhparams.pem" # generated with: openssl dhparam -out dhparams.pem 2048
-
-##
-## listen: The ports ejabberd will listen on, which service each is handled
-## by and what options to start it with.
-##
-listen: 
-  - 
+listen:
+  -
    port: 5222
    ip: "::"
    module: ejabberd_c2s
-    ##
-    ## If TLS is compiled in and you installed a SSL
-    ## certificate, specify the full path to the
-    ## file and uncomment these lines:
-    ##
-    ## starttls: true
-    ## certfile: 'CERTFILE'
-    ## protocol_options: 'TLSOPTS'
-    ## dhfile: 'DHFILE'
-    ## ciphers: 'CIPHERS'
-    ##
-    ## To enforce TLS encryption for client connections,
-    ## use this instead of the "starttls" option:
-    ##
-    ## starttls_required: true
-    ##
-    ## Stream compression
-    ##
-    ## zlib: true
-    ##
-    max_stanza_size: 65536
+    max_stanza_size: 262144
    shaper: c2s_shaper
    access: c2s
-  - 
+    starttls_required: true
+  -
    port: 5269
    ip: "::"
    module: ejabberd_s2s_in
-  - 
+    max_stanza_size: 524288
+  -
+    port: 5443
+    ip: "::"
+    module: ejabberd_http
+    tls: true
+    request_handlers:
+      /admin: ejabberd_web_admin
+      /api: mod_http_api
+      /bosh: mod_bosh
+      /captcha: ejabberd_captcha
+      /upload: mod_http_upload
+      /ws: ejabberd_http_ws
+  -
    port: 5280
    ip: "::"
    module: ejabberd_http
    request_handlers:
-      "/ws": ejabberd_http_ws
-      "/bosh": mod_bosh
-      "/api": mod_http_api
-    ##  "/pub/archive": mod_http_fileserver
-    web_admin: true
-    ## register: true
-    captcha: true
-  ##
-  ## ejabberd_service: Interact with external components (transports, ...)
-  ##
-  ## - 
-  ##   port: 8888
-  ##   ip: "::"
-  ##   module: ejabberd_service
-  ##   access: all
-  ##   shaper_rule: fast
-  ##   ip: "127.0.0.1"
-  ##   privilege_access: 
-  ##      roster: "both"
-  ##      message: "outgoing"
-  ##      presence: "roster"
-  ##   delegations:
-  ##      "urn:xmpp:mam:1":
-  ##        filtering: ["node"]
-  ##      "http://jabber.org/protocol/pubsub":
-  ##        filtering: []
-  ##   hosts:
-  ##     "icq.example.org":
-  ##       password: "secret"
-  ##     "sms.example.org":
-  ##       password: "secret"
+      /admin: ejabberd_web_admin
+      /.well-known/acme-challenge: ejabberd_acme
+  -
+    port: 1883
+    ip: "::"
+    module: mod_mqtt
+    backlog: 1000

-  ##
-  ## ejabberd_stun: Handles STUN Binding requests
-  ##
-  ## - 
-  ##   port: 3478
-  ##   transport: udp
-  ##   module: ejabberd_stun
+s2s_use_starttls: optional

-  ##
-  ## To handle XML-RPC requests that provide admin credentials:
-  ##
-  ## - 
-  ##   port: 4560
-  ##   ip: "::"
-  ##   module: ejabberd_xmlrpc
-  ##   access_commands: {}
-
-  ##
-  ## To enable secure http upload
-  ##
-  ## - 
-  ##   port: 5444
-  ##   ip: "::"
-  ##   module: ejabberd_http
-  ##   request_handlers:
-  ##     "": mod_http_upload
-  ##   tls: true
-  ##   certfile: 'CERTFILE'
-  ##   protocol_options: 'TLSOPTS'
-  ##   dhfile: 'DHFILE'
-  ##   ciphers: 'CIPHERS'
-
-## Disabling digest-md5 SASL authentication. digest-md5 requires plain-text
-## password storage (see auth_password_format option).
-## disable_sasl_mechanisms: "digest-md5"
-
-###.  ==================
-###'  S2S GLOBAL OPTIONS
-
-##
-## s2s_use_starttls: Enable STARTTLS for S2S connections.
-## Allowed values are: false, optional or required
-## You must specify a certificate file.
-##
-## s2s_use_starttls: required
-
-##
-## s2s_certfile: Specify a certificate file.
-##
-## s2s_certfile: 'CERTFILE'
-
-## Custom OpenSSL options
-##
-## s2s_protocol_options: 'TLSOPTS'
-
-##
-## domain_certfile: Specify a different certificate for each served hostname.
-##
-## host_config:
-##   "example.org":
-##     domain_certfile: "/path/to/example_org.pem"
-##   "example.com":
-##     domain_certfile: "/path/to/example_com.pem"
-
-##
-## S2S whitelist or blacklist
-##
-## Default s2s policy for undefined hosts.
-##
-## s2s_access: s2s
-
-##
-## Outgoing S2S options
-##
-## Preferred address families (which to try first) and connect timeout
-## in seconds.
-##
-## outgoing_s2s_families:
-##   - ipv4
-##   - ipv6
-## outgoing_s2s_timeout: 190
-
-###.  ==============
-###'  AUTHENTICATION
-
-##
-## auth_method: Method used to authenticate the users.
-## The default method is the internal.
-## If you want to use a different method,
-## comment this line and enable the correct ones.
-##
-auth_method: internal
-
-##
-## Store the plain passwords or hashed for SCRAM:
-## auth_password_format: plain
-## auth_password_format: scram
-##
-## Define the FQDN if ejabberd doesn't detect it:
-## fqdn: "server3.example.com"
-
-##
-## Authentication using external script
-## Make sure the script is executable by ejabberd.
-##
-## auth_method: external
-## extauth_program: "/path/to/authentication/script"
-
-##
-## Authentication using SQL
-## Remember to setup a database in the next section.
-##
-## auth_method: sql
-
-##
-## Authentication using PAM
-##
-## auth_method: pam
-## pam_service: "pamservicename"
-
-##
-## Authentication using LDAP
-##
-## auth_method: ldap
-##
-## List of LDAP servers:
-## ldap_servers:
-##   - "localhost"
-##
-## Encryption of connection to LDAP servers:
-## ldap_encrypt: none
-## ldap_encrypt: tls
-##
-## Port to connect to on LDAP servers:
-## ldap_port: 389
-## ldap_port: 636
-##
-## LDAP manager:
-## ldap_rootdn: "dc=example,dc=com"
-##
-## Password of LDAP manager:
-## ldap_password: "******"
-##
-## Search base of LDAP directory:
-## ldap_base: "dc=example,dc=com"
-##
-## LDAP attribute that holds user ID:
-## ldap_uids:
-##   - "mail": "%u@mail.example.org"
-##
-## LDAP filter:
-## ldap_filter: "(objectClass=shadowAccount)"
-
-##
-## Anonymous login support:
-##   auth_method: anonymous
-##   anonymous_protocol: sasl_anon | login_anon | both
-##   allow_multiple_connections: true | false
-##
-## host_config:
-##   "public.example.org":
-##     auth_method: anonymous
-##     allow_multiple_connections: false
-##     anonymous_protocol: sasl_anon
-##
-## To use both anonymous and internal authentication:
-##
-## host_config:
-##   "public.example.org":
-##     auth_method:
-##       - internal
-##       - anonymous
-
-###.  ==============
-###'  DATABASE SETUP
-
-## ejabberd by default uses the internal Mnesia database,
-## so you do not necessarily need this section.
-## This section provides configuration examples in case
-## you want to use other database backends.
-## Please consult the ejabberd Guide for details on database creation.
-
-##
-## MySQL server:
-##
-## sql_type: mysql
-## sql_server: "server"
-## sql_database: "database"
-## sql_username: "username"
-## sql_password: "password"
-##
-## If you want to specify the port:
-## sql_port: 1234
-
-##
-## PostgreSQL server:
-##
-## sql_type: pgsql
-## sql_server: "server"
-## sql_database: "database"
-## sql_username: "username"
-## sql_password: "password"
-##
-## If you want to specify the port:
-## sql_port: 1234
-##
-## If you use PostgreSQL, have a large database, and need a
-## faster but inexact replacement for "select count(*) from users"
-##
-## pgsql_users_number_estimate: true
-
-##
-## SQLite:
-##
-## sql_type: sqlite
-## sql_database: "/path/to/database.db"
-
-##
-## ODBC compatible or MSSQL server:
-##
-## sql_type: odbc
-## sql_server: "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"
-
-##
-## Number of connections to open to the database for each virtual host
-##
-## sql_pool_size: 10
-
-##
-## Interval to make a dummy SQL request to keep the connections to the
-## database alive. Specify in seconds: for example 28800 means 8 hours
-##
-## sql_keepalive_interval: undefined
-
-###.  ===============
-###'  TRAFFIC SHAPERS
-
-shaper:
-  ##
-  ## The "normal" shaper limits traffic speed to 1000 B/s
-  ##
-  normal: 1000
-
-  ##
-  ## The "fast" shaper limits traffic speed to 50000 B/s
-  ##
-  fast: 50000
-
-##
-## This option specifies the maximum number of elements in the queue
-## of the FSM. Refer to the documentation for details.
-##
-max_fsm_queue: 1000
-
-###.   ====================
-###'   ACCESS CONTROL LISTS
 acl:
-  ##
-  ## The 'admin' ACL grants administrative privileges to XMPP accounts.
-  ## You can put here as many accounts as you want.
-  ##
-  ## admin:
-  ##   user:
-  ##     - "aleksey@localhost"
-  ##     - "ermine@example.org"
-  ##
-  ## Blocked users
-  ##
-  ## blocked:
-  ##   user:
-  ##     - "baduser@example.org"
-  ##     - "test"
-
-  ## Local users: don't modify this.
-  ##
-  local: 
+  local:
    user_regexp: ""
-
-  ##
-  ## More examples of ACLs
-  ##
-  ## jabberorg:
-  ##   server:
-  ##     - "jabber.org"
-  ## aleksey:
-  ##   user:
-  ##     - "aleksey@jabber.ru"
-  ## test:
-  ##   user_regexp: "^test"
-  ##   user_glob: "test*"
-
-  ##
-  ## Loopback network
-  ##
  loopback:
    ip:
-      - "127.0.0.0/8"
-      - "::1/128"
-      - "::FFFF:127.0.0.1/128"
+      - 127.0.0.0/8
+      - ::1/128

-  ##
-  ## Bad XMPP servers
-  ##
-  ## bad_servers:
-  ##   server:
-  ##     - "xmpp.zombie.org"
-  ##     - "xmpp.spam.com"
-
-##
-## Define specific ACLs in a virtual host.
-##
-## host_config:
-##   "localhost":
-##     acl:
-##       admin:
-##         user:
-##           - "bob-local@localhost"
-
-###.  ============
-###'  SHAPER RULES
-
-shaper_rules:
-  ## Maximum number of simultaneous sessions allowed for a single user:
-  max_user_sessions: 10
-  ## Maximum number of offline messages that users can have:
-  max_user_offline_messages:
-    - 5000: admin
-    - 100
-  ## For C2S connections, all users except admins use the "normal" shaper
-  c2s_shaper:
-    - none: admin
-    - normal
-  ## All S2S connections use the "fast" shaper
-  s2s_shaper: fast
-
-###.  ============
-###'  ACCESS RULES
 access_rules:
-  ## This rule allows access only for local users:
  local:
-    - allow: local
-  ## Only non-blocked users can use c2s connections:
+    allow: local
  c2s:
-    - deny: blocked
-    - allow
-  ## Only admins can send announcement messages:
+    deny: blocked
+    allow: all
  announce:
-    - allow: admin
-  ## Only admins can use the configuration interface:
-  configure: 
-    - allow: admin
-  ## Only accounts of the local ejabberd server can create rooms:
-  muc_create: 
-    - allow: local
-  ## Only accounts on the local ejabberd server can create Pubsub nodes:
-  pubsub_createnode: 
-    - allow: local
-  ## In-band registration allows registration of any possible username.
-  ## To disable in-band registration, replace 'allow' with 'deny'.
-  register: 
-    - allow
-  ## Only allow to register from localhost
-  trusted_network: 
-    - allow: loopback
-  ## Do not establish S2S connections with bad servers
-  ## If you enable this you also have to uncomment "s2s_access: s2s"
-  ## s2s: 
-  ##   - deny:
-  ##     - ip: "XXX.XXX.XXX.XXX/32"
-  ##   - deny:
-  ##     - ip: "XXX.XXX.XXX.XXX/32"
-  ##   - allow
+    allow: admin
+  configure:
+    allow: admin
+  muc_create:
+    allow: local
+  pubsub_createnode:
+    allow: local
+  trusted_network:
+    allow: loopback

-## ===============
-## API PERMISSIONS
-## ===============
-##
-## This section allows you to define who and using what method
-## can execute commands offered by ejabberd.
-##
-## By default "console commands" section allow executing all commands
-## issued using ejabberdctl command, and "admin access" section allows
-## users in admin acl that connect from 127.0.0.1 to  execute all
-## commands except start and stop with any available access method
-## (ejabberdctl, http-api, xmlrpc depending what is enabled on server).
-##
-## If you remove "console commands" there will be one added by
-## default allowing executing all commands, but if you just change
-## permissions in it, version from config file will be used instead
-## of default one.
-##
 api_permissions:
  "console commands":
    from:
@@ -591,222 +98,117 @@ api_permissions:
    what: "*"
  "admin access":
    who:
-      - access:
-          - allow:
-            - acl: loopback
-            - acl: admin
-      - oauth:
-        - scope: "ejabberd:admin"
-        - access:
-          - allow:
-            - acl: loopback
-            - acl: admin
+      access:
+        allow:
+          acl: loopback
+          acl: admin
+      oauth:
+        scope: "ejabberd:admin"
+        access:
+          allow:
+            acl: loopback
+            acl: admin
    what:
      - "*"
      - "!stop"
      - "!start"
  "public commands":
    who:
-      - ip: "127.0.0.1/8"
+      ip: 127.0.0.1/8
    what:
-      - "status"
-      - "connected_users_number"
+      - status
+      - connected_users_number

-## By default the frequency of account registrations from the same IP
-## is limited to 1 account every 10 minutes. To disable, specify: infinity
-## registration_timeout: 600
-  
-##
-## Define specific Access Rules in a virtual host.
-##
-## host_config:
-##   "localhost":
-##     access:
-##       c2s:
-##         - allow: admin
-##         - deny
-##       register:
-##         - deny
+shaper:
+  normal: 1000
+  fast: 50000

-###.  ================
-###'  DEFAULT LANGUAGE
+shaper_rules:
+  max_user_sessions: 10
+  max_user_offline_messages:
+    5000: admin
+    100: all
+  c2s_shaper:
+    none: admin
+    normal: all
+  s2s_shaper: fast

-##
-## language: Default language used for server messages.
-##
-language: "en"
-
-##
-## Set a different default language in a virtual host.
-##
-## host_config:
-##   "localhost":
-##     language: "ru"
-
-###.  =======
-###'  CAPTCHA
-
-##
-## Full path to a script that generates the image.
-##
-## captcha_cmd: "/lib/ejabberd/priv/bin/captcha.sh"
-
-##
-## Host for the URL and port where ejabberd listens for CAPTCHA requests.
-##
-## captcha_host: "example.org:5280"
-
-##
-## Limit CAPTCHA calls per minute for JID/IP to avoid DoS.
-##
-## captcha_limit: 5
-
-###.  =======
-###'  MODULES
-
-##
-## Modules enabled in all ejabberd virtual hosts.
-##
-modules: 
+modules:
  mod_adhoc: {}
  mod_admin_extra: {}
-  mod_announce: # recommends mod_adhoc
+  mod_announce:
    access: announce
-  mod_blocking: {} # requires mod_privacy
+  mod_avatar: {}
+  mod_blocking: {}
+  mod_bosh: {}
  mod_caps: {}
  mod_carboncopy: {}
  mod_client_state: {}
-  mod_configure: {} # requires mod_adhoc
-  ## mod_delegation: {} # for xep0356
+  mod_configure: {}
  mod_disco: {}
-  mod_echo: {}
-  mod_irc: {}
-  mod_bosh: {}
-  ## mod_http_fileserver:
-  ##   docroot: "/var/www"
-  ##   accesslog: "/var/log/ejabberd/access.log"
-  ## mod_http_upload:
-  ##   # docroot: "@HOME@/upload"
-  ##   put_url: "https://@HOST@:5444"
-  ##   thumbnail: false # otherwise needs the identify command from ImageMagick installed
-  ## mod_http_upload_quota:
-  ##   max_days: 30
+  mod_fail2ban: {}
+  mod_http_api: {}
+  mod_http_upload:
+    put_url: https://@HOST@:5443/upload
  mod_last: {}
-  ## XEP-0313: Message Archive Management
-  ## You might want to setup a SQL backend for MAM because the mnesia database is
-  ## limited to 2GB which might be exceeded on large servers
-  ## mod_mam: {} # for xep0313, mnesia is limited to 2GB, better use an SQL backend
-  mod_muc: 
-    ## host: "conference.@HOST@"
+  mod_mam:
+    ## Mnesia is limited to 2GB, better to use an SQL backend
+    ## For small servers SQLite is a good fit and is very easy
+    ## to configure. Uncomment this when you have SQL configured:
+    ## db_type: sql
+    assume_mam_usage: true
+    default: always
+  mod_mqtt: {}
+  mod_muc:
    access:
      - allow
    access_admin:
      - allow: admin
    access_create: muc_create
    access_persistent: muc_create
+    access_mam:
+      - allow
+    default_room_options:
+      mam: true
  mod_muc_admin: {}
-  ## mod_muc_log: {}
-  ## mod_multicast: {}
-  mod_offline: 
+  mod_offline:
    access_max_user_messages: max_user_offline_messages
  mod_ping: {}
-  ## mod_pres_counter:
-  ##   count: 5
-  ##   interval: 60
  mod_privacy: {}
  mod_private: {}
-  ## mod_proxy65: {}
-  mod_pubsub: 
+  mod_proxy65:
+    access: local
+    max_connections: 5
+  mod_pubsub:
    access_createnode: pubsub_createnode
-    ## reduces resource comsumption, but XEP incompliant
-    ignore_pep_from_offline: true
-    ## XEP compliant, but increases resource comsumption
-    ## ignore_pep_from_offline: false
-    last_item_cache: false
-    plugins: 
-      - "flat"
-      - "hometree"
-      - "pep" # pep requires mod_caps
+    plugins:
+      - flat
+      - pep
+    force_node_config:
+      ## Avoid buggy clients to make their bookmarks public
+      storage:bookmarks:
+        access_model: whitelist
  mod_push: {}
  mod_push_keepalive: {}
-  ## mod_register:
-    ##
-    ## Protect In-Band account registrations with CAPTCHA.
-    ##
-    ##   captcha_protected: true
-    ##
-    ## Set the minimum informational entropy for passwords.
-    ##
-    ##   password_strength: 32
-    ##
-    ## After successful registration, the user receives
-    ## a message with this subject and body.
-    ##
-    ##   welcome_message:
-    ##     subject: "Welcome!"
-    ##     body: |-
-    ##       Hi.
-    ##       Welcome to this XMPP server.
-    ##
-    ## When a user registers, send a notification to
-    ## these XMPP accounts.
-    ##
-    ##   registration_watchers:
-    ##     - "admin1@example.org"
-    ##
-    ## Only clients in the server machine can register accounts
-    ##
-    ##   ip_access: trusted_network
-    ##
-    ## Local c2s or remote s2s users cannot register accounts
-    ##
-    ##   access_from: deny
-    ##   access: register
-  mod_roster: {}
-  mod_shared_roster: {}
-  mod_stats: {}
-  mod_time: {}
-  mod_vcard:
-    search: false
-  mod_vcard_xupdate: {}
-  ## Convert all avatars posted by Android clients from WebP to JPEG
-  mod_avatar:
-    convert:
-      webp: jpeg
-  mod_version: {}
-  mod_stream_mgmt: {}
-  ##   Non-SASL Authentication (XEP-0078) is now disabled by default
-  ##   because it's obsoleted and is used mostly by abandoned
-  ##   client software
-  ## mod_legacy_auth: {}
-  ##   The module for S2S dialback (XEP-0220). Please note that you cannot
-  ##   rely solely on dialback if you want to federate with other servers,
-  ##   because a lot of servers have dialback disabled and instead rely on
-  ##   PKIX authentication. Make sure you have proper certificates installed
-  ##   and check your accessibility at https://xmpp.net/
+  mod_register:
+    ## Only accept registration requests from the "trusted"
+    ## network (see access_rules section above).
+    ## Think twice before enabling registration from any
+    ## address. See the Jabber SPAM Manifesto for details:
+    ## https://github.com/ge0rg/jabber-spam-fighting-manifesto
+    ip_access: trusted_network
+  mod_roster:
+    versioning: true
  mod_s2s_dialback: {}
-  mod_http_api: {}
+  mod_shared_roster: {}
+  mod_stream_mgmt:
+    resend_on_timeout: if_offline
+  mod_vcard: {}
+  mod_vcard_xupdate: {}
+  mod_version:
+    show_os: false

-##
-## Enable modules with custom options in a specific virtual host
-##
-## host_config:
-##   "localhost":
-##     modules:
-##       mod_echo:
-##         host: "mirror.localhost"
-
-##
-## Enable modules management via ejabberdctl for installation and
-## uninstallation of public/private contributed modules
-## (enabled by default)
-##
-
-allow_contrib_modules: true
-
-###.
-###'
 ### Local Variables:
 ### mode: yaml
 ### End:
-### vim: set filetype=yaml tabstop=8 foldmarker=###',###. foldmethod=marker:
+### vim: set filetype=yaml tabstop=8
@@ -33,10 +33,10 @@
 # from a client or from another Jabber server. So take this into
 # account when setting this limit.
 #
-# Default: 32000
+# Default: 65536 (or 8196 on Windows)
 # Maximum: 268435456
 #
-#ERL_MAX_PORTS=32000
+#ERL_MAX_PORTS=65536

 #.
 #' FIREWALL_WINDOW: Range of allowed ports to pass through a firewall
@@ -85,10 +85,10 @@
 # Erlang, and therefore not related to the operating system processes, you do
 # not have to worry about allowing a huge number of them.
 #
-# Default: 250000
+# Default: 262144
 # Maximum: 268435456
 #
-#ERL_PROCESSES=250000
+#ERL_PROCESSES=262144

 #.
 #' ERL_MAX_ETS_TABLES: Maximum number of ETS and Mnesia tables
@@ -99,9 +99,9 @@
 # You can safely increase this limit when starting ejabberd. It impacts memory
 # consumption but the difference will be quite small.
 #
-# Default: 1400
+# Default: 2053
 #
-#ERL_MAX_ETS_TABLES=1400
+#ERL_MAX_ETS_TABLES=2053

 #.
 #' ERL_OPTIONS: Additional Erlang options
@@ -11,6 +11,7 @@ INET_DIST_INTERFACE=""
 ERLANG_NODE=ejabberd@localhost

 # define default environment variables
+SCRIPT_DIR=$(cd "${0%/*}" && pwd)
 ERL="{{erl}}"
 IEX="{{bindir}}/iex"
 EPMD="{{epmd}}"
@@ -26,7 +27,7 @@ case $(id -un) in
            EXEC_CMD="as_install_user"
        else
            EXEC_CMD="as_current_user"
-            echo "WARNING: This is not recommended to run ejabberd as root" >&2
+            echo "WARNING: It is not recommended to run ejabberd as root" >&2
        fi
        ;;
    *)
@@ -40,19 +41,17 @@ case $(id -un) in
 esac

 # parse command line parameters
-for arg; do
-    case $arg in
-        -n|--node) ERLANG_NODE_ARG=$2; shift;;
-        -s|--spool) SPOOL_DIR=$2; shift;;
-        -l|--logs) LOGS_DIR=$2; shift;;
-        -f|--config) EJABBERD_CONFIG_PATH=$2; shift;;
-        -c|--ctl-config) EJABBERDCTL_CONFIG_PATH=$2; shift;;
-        -d|--config-dir) ETC_DIR=$2; shift;;
-        -t|--no-timeout) NO_TIMEOUT="--no-timeout";;
-        --) :;;
+while [ $# -gt 0 ]; do
+    case $1 in
+        -n|--node) ERLANG_NODE_ARG=$2; shift 2;;
+        -s|--spool) SPOOL_DIR=$2; shift 2;;
+        -l|--logs) LOGS_DIR=$2; shift 2;;
+        -f|--config) EJABBERD_CONFIG_PATH=$2; shift 2;;
+        -c|--ctl-config) EJABBERDCTL_CONFIG_PATH=$2; shift 2;;
+        -d|--config-dir) ETC_DIR=$2; shift 2;;
+        -t|--no-timeout) NO_TIMEOUT="--no-timeout"; shift;;
        *) break;;
    esac
-    shift
 done

 # define ejabberd variables if not already defined from the command line
@@ -109,7 +108,7 @@ export ERL_LIBS
 exec_cmd()
 {
    case $EXEC_CMD in
-        as_install_user) su -c '"$0" "$@"' "$INSTALLUSER" -- "$@" ;;
+        as_install_user) su -s /bin/sh -c '"$0" "$@"' "$INSTALLUSER" -- "$@" ;;
        as_current_user) "$@" ;;
    esac
 }
@@ -144,7 +143,7 @@ debugwarning()
        echo "To bypass permanently this warning, add to ejabberdctl.cfg the line:"
        echo "  EJABBERD_BYPASS_WARNINGS=true"
        echo "Press return to continue"
-        read -r
+        read -r input
        echo ""
    fi
 }
@@ -167,7 +166,7 @@ livewarning()
        echo "To bypass permanently this warning, add to ejabberdctl.cfg the line:"
        echo "  EJABBERD_BYPASS_WARNINGS=true"
        echo "Press return to continue"
-        read -r
+        read -r input
        echo ""
    fi
 }
@@ -262,7 +261,7 @@ cd "$SPOOL_DIR" || {
 case $1 in
    start)
        check_start
-        exec_erl "$ERLANG_NODE" $EJABBERD_OPTS -noinput -detached
+        exec_erl "$ERLANG_NODE" $EJABBERD_OPTS -detached
        ;;
    foreground)
        check_start
@@ -70,7 +70,7 @@ done
 echo '7. compile ejabberd'

 gmake
-for A in mod_irc mod_muc mod_pubsub; do
+for A in mod_muc mod_pubsub; do
    (cd $A; gmake)
 done

@@ -51,7 +51,6 @@ override_acls.
           {mod_offline,   []},
           {mod_echo,      [{host, "echo.jabber.dbc.mtview.ca.us"}]},
           {mod_private,   []},
-%          {mod_irc,       []},
           {mod_muc,       []},
           {mod_pubsub,    []},
           {mod_time,      []},
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,72 +0,0 @@
-%%%----------------------------------------------------------------------
-%%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
-%%%
-%%% This program is free software; you can redistribute it and/or
-%%% modify it under the terms of the GNU General Public License as
-%%% published by the Free Software Foundation; either version 2 of the
-%%% License, or (at your option) any later version.
-%%%
-%%% This program is distributed in the hope that it will be useful,
-%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
-%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-%%% General Public License for more details.
-%%%
-%%% You should have received a copy of the GNU General Public License along
-%%% with this program; if not, write to the Free Software Foundation, Inc.,
-%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-%%%
-%%%----------------------------------------------------------------------
-
-ifndef(EJABBERD_HRL).
-define(EJABBERD_HRL, true).
-
-define(VERSION, ejabberd_config:get_version()).
-
-define(MYHOSTS, ejabberd_config:get_myhosts()).
-
-define(MYNAME, hd(ejabberd_config:get_myhosts())).
-
-define(MYLANG, ejabberd_config:get_mylang()).
-
-define(MSGS_DIR, filename:join(["priv", "msgs"])).
-
-define(SQL_DIR, filename:join(["priv", "sql"])).
-
-define(CONFIG_PATH, <<"ejabberd.yml">>).
-
-define(LOG_PATH, "ejabberd.log").
-
-define(EJABBERD_URI, <<"http://www.process-one.net/en/ejabberd/">>).
-
-define(COPYRIGHT, "Copyright (c) 2002-2017 ProcessOne").
-
-%%-define(DBGFSM, true).
-
-record(scram,
-	{storedkey = <<"">>,
-         serverkey = <<"">>,
-         salt = <<"">>,
-         iterationcount = 0 :: integer()}).
-
-type scram() :: #scram{}.
-
-define(SCRAM_DEFAULT_ITERATION_COUNT, 4096).
-
-ifdef(ERL_DEPRECATED_TYPES).
-
-define(TDICT, dict()).
-define(TGB_TREE, gb_tree()).
-define(TGB_SET, gb_set()).
-define(TQUEUE, queue()).
-
-else.
-
-define(TDICT, dict:dict()).
-define(TGB_TREE, gb_trees:tree()).
-define(TGB_SET, gb_sets:set()).
-define(TQUEUE, queue:queue()).
-
-endif.
-
-endif.
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -18,10 +18,5 @@
 %%%
 %%%----------------------------------------------------------------------

-type matchspec_atom() :: '_' | '$1' | '$2' | '$3' | '$4'.
-record(carboncopy, {us       :: {binary(), binary()} | matchspec_atom(), 
-		     resource :: binary() | matchspec_atom(),
-		     version  :: binary() | matchspec_atom(),
-		     node = node() :: node() | matchspec_atom()}).
-
-define(CARBONCOPY_CACHE, carboncopy_cache).
+-record(passwd, {us = {<<"">>, <<"">>} :: {binary(), binary()} | '$1',
+                 password = <<"">> :: binary() | scram() | '_'}).
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -59,6 +59,7 @@
        %% access is: [accessRuleName] or [{Module, AccessOption, DefaultAccessRuleName}]
         access = []             :: [{atom(),atom(),atom()}|atom()],
         result = {res, rescode} :: rterm() | '_' | '$2',
+         args_rename = []        :: [{atom(),atom()}],
         args_desc = none        :: none | [string()] | '_',
         result_desc = none      :: none | string() | '_',
         args_example = none     :: none | [any()] | '_',
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -23,7 +23,7 @@
 	 path = []         :: [binary()],
 	 q = []            :: [{binary() | nokey, binary()}],
 	 us = {<<>>, <<>>} :: {binary(), binary()},
-	 auth              :: {binary(), binary()} | {oauth, binary(), []} | undefined,
+	 auth              :: {binary(), binary()} | {oauth, binary(), []} | undefined | invalid,
 	 lang = <<"">>     :: binary(),
 	 data = <<"">>     :: binary(),
 	 ip                :: {inet:ip_address(), inet:port_number()},
@@ -31,7 +31,10 @@
 	 port = 5280       :: inet:port_number(),
 	 opts = []         :: list(),
 	 tp = http         :: protocol(),
-	 headers = []      :: [{atom() | binary(), binary()}]}).
+	 headers = []      :: [{atom() | binary(), binary()}],
+	 length = 0        :: non_neg_integer(),
+	 sockmod           :: gen_tcp | fast_tls,
+	 socket            :: inet:socket() | fast_tls:tls_socket()}).

 -record(ws,
 	{socket                  :: inet:socket() | fast_tls:tls_socket(),
@@ -46,6 +49,6 @@
 	 buf                     :: binary(),
         http_opts = []          :: list()}).

-type method() :: 'GET' | 'HEAD' | 'DELETE' | 'OPTIONS' | 'PUT' | 'POST' | 'TRACE'.
+-type method() :: 'GET' | 'HEAD' | 'DELETE' | 'OPTIONS' | 'PUT' | 'POST' | 'TRACE' | 'PATCH'.
 -type protocol() :: http | https.
 -type http_request() :: #request{}.
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -24,3 +24,10 @@
          scope = []               :: [binary()] | '_',
          expire                   :: integer() | '$1' | '_'
         }).
+
+-record(oauth_client, {
+          client_id = <<"">>       :: binary() | '_',
+          client_name = <<"">>     :: binary() | '_',
+          grant_type               :: password | implicit | '_',
+          options                  :: [any()] | '_'
+         }).
@@ -2,7 +2,7 @@

 -type local_hint() :: integer() | {apply, atom(), atom()}.

-record(route, {domain :: binary() | '_',
-		server_host :: binary() | '_',
+-record(route, {domain :: binary(),
+		server_host :: binary(),
 		pid :: undefined | pid(),
-		local_hint :: local_hint() | undefined | '_'}).
+		local_hint :: local_hint() | undefined}).
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -30,7 +30,7 @@
 -type info() :: [{conn, atom()} | {ip, ip()} | {node, atom()}
                 | {oor, boolean()} | {auth_module, atom()}
                 | {num_stanzas_in, non_neg_integer()}
-		 | offline].
+		 | {atom(), term()}].
 -type prio() :: undefined | integer().

 -endif.
@@ -0,0 +1,41 @@
+%%%----------------------------------------------------------------------
+%%%
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
+%%%
+%%% This program is free software; you can redistribute it and/or
+%%% modify it under the terms of the GNU General Public License as
+%%% published by the Free Software Foundation; either version 2 of the
+%%% License, or (at your option) any later version.
+%%%
+%%% This program is distributed in the hope that it will be useful,
+%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
+%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+%%% General Public License for more details.
+%%%
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+%%%
+%%%----------------------------------------------------------------------
+-define(SQL_MARK, sql__mark_).
+-define(SQL(SQL), ?SQL_MARK(SQL)).
+
+-define(SQL_UPSERT_MARK, sql_upsert__mark_).
+-define(SQL_UPSERT(Host, Table, Fields),
+        ejabberd_sql:sql_query(Host, ?SQL_UPSERT_MARK(Table, Fields))).
+-define(SQL_UPSERT_T(Table, Fields),
+        ejabberd_sql:sql_query_t(?SQL_UPSERT_MARK(Table, Fields))).
+
+-define(SQL_INSERT_MARK, sql_insert__mark_).
+-define(SQL_INSERT(Table, Fields), ?SQL_INSERT_MARK(Table, Fields)).
+
+-record(sql_query, {hash :: binary(),
+		    format_query :: fun(),
+		    format_res :: fun(),
+		    args :: fun(),
+		    loc :: {module(), pos_integer()}}).
+
+-record(sql_escape, {string :: fun((binary()) -> binary()),
+		     integer :: fun((integer()) -> binary()),
+		     boolean :: fun((boolean()) -> binary()),
+		     in_array_string :: fun((binary()) -> binary())}).
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,17 +17,5 @@
 %%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
-
-define(SQL_MARK, sql__mark_).
-define(SQL(SQL), ?SQL_MARK(SQL)).
-
-define(SQL_UPSERT_MARK, sql_upsert__mark_).
-define(SQL_UPSERT(Host, Table, Fields),
-        ejabberd_sql:sql_query(Host, ?SQL_UPSERT_MARK(Table, Fields))).
-define(SQL_UPSERT_T(Table, Fields),
-        ejabberd_sql:sql_query_t(?SQL_UPSERT_MARK(Table, Fields))).
-
-record(sql_query, {hash, format_query, format_res, args, loc}).
-
-record(sql_escape, {string, integer, boolean}).
-
+-compile([{parse_transform, ejabberd_sql_pt}]).
+-include("ejabberd_sql.hrl").
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -18,18 +18,10 @@
 %%%
 %%%----------------------------------------------------------------------

-type conn_param() :: {binary(), binary(), inet:port_number(), binary()} |
-                      {binary(), binary(), inet:port_number()} |
-                      {binary(), binary()} |
-                      {binary()}.
-
-type irc_data() :: [{username, binary()} | {connections_params, [conn_param()]}].
-
-record(irc_connection,
-        {jid_server_host = {#jid{}, <<"">>, <<"">>} :: {jid(), binary(), binary()},
-         pid = self()                               :: pid()}).
-
-record(irc_custom,
-        {us_host = {{<<"">>, <<"">>}, <<"">>} :: {{binary(), binary()},
-                                                  binary()},
-         data = [] :: irc_data()}).
+-ifdef(DEPRECATED_GET_STACKTRACE).
+-define(EX_RULE(Class, Reason, Stack), Class:Reason:Stack).
+-define(EX_STACK(Stack), Stack).
+-else.
+-define(EX_RULE(Class, Reason, _), Class:Reason).
+-define(EX_STACK(_), erlang:get_stacktrace()).
+-endif.
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -37,14 +37,12 @@
 -define(XAC(Name, Attrs, Text),
 	?XAE(Name, Attrs, [?C(Text)])).

-define(T(Text), translate:translate(Lang, Text)).
+-define(CT(Text), ?C((translate:translate(Lang, Text)))).

-define(CT(Text), ?C((?T(Text)))).
-
-define(XCT(Name, Text), ?XC(Name, (?T(Text)))).
+-define(XCT(Name, Text), ?XC(Name, (translate:translate(Lang, Text)))).

 -define(XACT(Name, Attrs, Text),
-	?XAC(Name, Attrs, (?T(Text)))).
+	?XAC(Name, Attrs, (translate:translate(Lang, Text)))).

 -define(LI(Els), ?XE(<<"li">>, Els)).

@@ -53,7 +51,7 @@

 -define(AC(URL, Text), ?A(URL, [?C(Text)])).

-define(ACT(URL, Text), ?AC(URL, (?T(Text)))).
+-define(ACT(URL, Text), ?AC(URL, (translate:translate(Lang, Text)))).

 -define(P, ?X(<<"p">>)).

@@ -65,7 +63,7 @@
 	     {<<"value">>, Value}])).

 -define(INPUTT(Type, Name, Value),
-	?INPUT(Type, Name, (?T(Value)))).
+	?INPUT(Type, Name, (translate:translate(Lang, Value)))).

 -define(INPUTS(Type, Name, Value, Size),
 	?XA(<<"input">>,
@@ -73,7 +71,7 @@
 	     {<<"value">>, Value}, {<<"size">>, Size}])).

 -define(INPUTST(Type, Name, Value, Size),
-	?INPUT(Type, Name, (?T(Value)), Size)).
+	?INPUT(Type, Name, (translate:translate(Lang, Value)), Size)).

 -define(ACLINPUT(Text),
 	?XE(<<"td">>,
@@ -90,12 +88,12 @@
 	?XAC(<<"p">>, [{<<"class">>, <<"result">>}], Text)).

 %% Guide Link
-define(XREST(Text), ?XRES((?T(Text)))).
+-define(XREST(Text), ?XRES((translate:translate(Lang, Text)))).

 -define(GL(Ref, Title),
 	?XAE(<<"div">>, [{<<"class">>, <<"guidelink">>}],
 	     [?XAE(<<"a">>,
-		   [{<<"href">>, <<"/admin/doc/guide.html#", Ref/binary>>},
+		   [{<<"href">>, <<"https://docs.ejabberd.im/admin/configuration/#", Ref/binary>>},
 		    {<<"target">>, <<"_blank">>}],
 		   [?C(<<"[Guide: ", Title/binary, "]">>)])])).

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -44,6 +44,7 @@
                      attributes = []    :: [{binary(), [binary()]}]}).

 -type tlsopts() :: [{encrypt, tls | starttls | none} |
+		    {tls_certfile, binary() | undefined} |
                    {tls_cacertfile, binary() | undefined} |
                    {tls_depth, non_neg_integer() | undefined} |
                    {tls_verify, hard | soft | false}].
@@ -61,3 +62,18 @@
 -type eldap_config() :: #eldap_config{}.
 -type eldap_search() :: #eldap_search{}.
 -type eldap_entry() :: #eldap_entry{}.
+
+-define(eldap_config(M, H),
+	#eldap_config{
+	   servers = M:ldap_servers(H),
+	   backups = M:ldap_backups(H),
+	   tls_options = [{encrypt, M:ldap_encrypt(H)},
+			  {tls_verify, M:ldap_tls_verify(H)},
+			  {tls_certfile, M:ldap_tls_certfile(H)},
+			  {tls_cacertfile, M:ldap_tls_cacertfile(H)},
+			  {tls_depth, M:ldap_tls_depth(H)}],
+	   port = M:ldap_port(H),
+	   dn = M:ldap_rootdn(H),
+	   password = M:ldap_password(H),
+	   base = M:ldap_base(H),
+	   deref_aliases = M:ldap_deref_aliases(H)}).
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,501 +0,0 @@
-%%%----------------------------------------------------------------------
-%%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
-%%%
-%%% This program is free software; you can redistribute it and/or
-%%% modify it under the terms of the GNU General Public License as
-%%% published by the Free Software Foundation; either version 2 of the
-%%% License, or (at your option) any later version.
-%%%
-%%% This program is distributed in the hope that it will be useful,
-%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
-%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-%%% General Public License for more details.
-%%%
-%%% You should have received a copy of the GNU General Public License along
-%%% with this program; if not, write to the Free Software Foundation, Inc.,
-%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-%%%
-%%%----------------------------------------------------------------------
-
-include("ns.hrl").
-include("fxml.hrl").
-
-define(STANZA_ERROR(Code, Type, Condition),
-	#xmlel{name = <<"error">>,
-	       attrs = [{<<"code">>, Code}, {<<"type">>, Type}],
-	       children =
-		   [#xmlel{name = Condition,
-			   attrs = [{<<"xmlns">>, ?NS_STANZAS}],
-			   children = []}]}).
-
-define(ERR_BAD_FORMAT,
-	?STANZA_ERROR(<<"406">>, <<"modify">>,
-		      <<"bad-format">>)).
-
-define(ERR_BAD_REQUEST,
-	?STANZA_ERROR(<<"400">>, <<"modify">>,
-		      <<"bad-request">>)).
-
-define(ERR_CONFLICT,
-	?STANZA_ERROR(<<"409">>, <<"cancel">>, <<"conflict">>)).
-
-define(ERR_FEATURE_NOT_IMPLEMENTED,
-	?STANZA_ERROR(<<"501">>, <<"cancel">>,
-		      <<"feature-not-implemented">>)).
-
-define(ERR_FORBIDDEN,
-	?STANZA_ERROR(<<"403">>, <<"auth">>, <<"forbidden">>)).
-
-define(ERR_GONE,
-	?STANZA_ERROR(<<"302">>, <<"modify">>, <<"gone">>)).
-
-define(ERR_INTERNAL_SERVER_ERROR,
-	?STANZA_ERROR(<<"500">>, <<"wait">>,
-		      <<"internal-server-error">>)).
-
-define(ERR_ITEM_NOT_FOUND,
-	?STANZA_ERROR(<<"404">>, <<"cancel">>,
-		      <<"item-not-found">>)).
-
-define(ERR_JID_MALFORMED,
-	?STANZA_ERROR(<<"400">>, <<"modify">>,
-		      <<"jid-malformed">>)).
-
-define(ERR_NOT_ACCEPTABLE,
-	?STANZA_ERROR(<<"406">>, <<"modify">>,
-		      <<"not-acceptable">>)).
-
-define(ERR_NOT_ALLOWED,
-	?STANZA_ERROR(<<"405">>, <<"cancel">>,
-		      <<"not-allowed">>)).
-
-define(ERR_NOT_AUTHORIZED,
-	?STANZA_ERROR(<<"401">>, <<"auth">>,
-		      <<"not-authorized">>)).
-
-define(ERR_PAYMENT_REQUIRED,
-	?STANZA_ERROR(<<"402">>, <<"auth">>,
-		      <<"payment-required">>)).
-
-define(ERR_RECIPIENT_UNAVAILABLE,
-	?STANZA_ERROR(<<"404">>, <<"wait">>,
-		      <<"recipient-unavailable">>)).
-
-define(ERR_REDIRECT,
-	?STANZA_ERROR(<<"302">>, <<"modify">>, <<"redirect">>)).
-
-define(ERR_REGISTRATION_REQUIRED,
-	?STANZA_ERROR(<<"407">>, <<"auth">>,
-		      <<"registration-required">>)).
-
-define(ERR_REMOTE_SERVER_NOT_FOUND,
-	?STANZA_ERROR(<<"404">>, <<"cancel">>,
-		      <<"remote-server-not-found">>)).
-
-define(ERR_REMOTE_SERVER_TIMEOUT,
-	?STANZA_ERROR(<<"504">>, <<"wait">>,
-		      <<"remote-server-timeout">>)).
-
-define(ERR_RESOURCE_CONSTRAINT,
-	?STANZA_ERROR(<<"500">>, <<"wait">>,
-		      <<"resource-constraint">>)).
-
-define(ERR_SERVICE_UNAVAILABLE,
-	?STANZA_ERROR(<<"503">>, <<"cancel">>,
-		      <<"service-unavailable">>)).
-
-define(ERR_SUBSCRIPTION_REQUIRED,
-	?STANZA_ERROR(<<"407">>, <<"auth">>,
-		      <<"subscription-required">>)).
-
-define(ERR_UNEXPECTED_REQUEST,
-	?STANZA_ERROR(<<"400">>, <<"wait">>,
-		      <<"unexpected-request">>)).
-
-define(ERR_UNEXPECTED_REQUEST_CANCEL,
-	?STANZA_ERROR(<<"401">>, <<"cancel">>,
-		      <<"unexpected-request">>)).
-
-%-define(ERR_,
-%	?STANZA_ERROR("", "", "")).
-
-define(STANZA_ERRORT(Code, Type, Condition, Lang,
-		      Text),
-	#xmlel{name = <<"error">>,
-	       attrs = [{<<"code">>, Code}, {<<"type">>, Type}],
-	       children =
-		   [#xmlel{name = Condition,
-			   attrs = [{<<"xmlns">>, ?NS_STANZAS}], children = []},
-		    #xmlel{name = <<"text">>,
-			   attrs = [{<<"xmlns">>, ?NS_STANZAS}],
-			   children =
-			       [{xmlcdata,
-				 translate:translate(Lang, Text)}]}]}).
-
-define(ERRT_BAD_FORMAT(Lang, Text),
-	?STANZA_ERRORT(<<"406">>, <<"modify">>,
-		       <<"bad-format">>, Lang, Text)).
-
-define(ERRT_BAD_REQUEST(Lang, Text),
-	?STANZA_ERRORT(<<"400">>, <<"modify">>,
-		       <<"bad-request">>, Lang, Text)).
-
-define(ERRT_CONFLICT(Lang, Text),
-	?STANZA_ERRORT(<<"409">>, <<"cancel">>, <<"conflict">>,
-		       Lang, Text)).
-
-define(ERRT_FEATURE_NOT_IMPLEMENTED(Lang, Text),
-	?STANZA_ERRORT(<<"501">>, <<"cancel">>,
-		       <<"feature-not-implemented">>, Lang, Text)).
-
-define(ERRT_FORBIDDEN(Lang, Text),
-	?STANZA_ERRORT(<<"403">>, <<"auth">>, <<"forbidden">>,
-		       Lang, Text)).
-
-define(ERRT_GONE(Lang, Text),
-	?STANZA_ERRORT(<<"302">>, <<"modify">>, <<"gone">>,
-		       Lang, Text)).
-
-define(ERRT_INTERNAL_SERVER_ERROR(Lang, Text),
-	?STANZA_ERRORT(<<"500">>, <<"wait">>,
-		       <<"internal-server-error">>, Lang, Text)).
-
-define(ERRT_ITEM_NOT_FOUND(Lang, Text),
-	?STANZA_ERRORT(<<"404">>, <<"cancel">>,
-		       <<"item-not-found">>, Lang, Text)).
-
-define(ERRT_JID_MALFORMED(Lang, Text),
-	?STANZA_ERRORT(<<"400">>, <<"modify">>,
-		       <<"jid-malformed">>, Lang, Text)).
-
-define(ERRT_NOT_ACCEPTABLE(Lang, Text),
-	?STANZA_ERRORT(<<"406">>, <<"modify">>,
-		       <<"not-acceptable">>, Lang, Text)).
-
-define(ERRT_NOT_ALLOWED(Lang, Text),
-	?STANZA_ERRORT(<<"405">>, <<"cancel">>,
-		       <<"not-allowed">>, Lang, Text)).
-
-define(ERRT_NOT_AUTHORIZED(Lang, Text),
-	?STANZA_ERRORT(<<"401">>, <<"auth">>,
-		       <<"not-authorized">>, Lang, Text)).
-
-define(ERRT_PAYMENT_REQUIRED(Lang, Text),
-	?STANZA_ERRORT(<<"402">>, <<"auth">>,
-		       <<"payment-required">>, Lang, Text)).
-
-define(ERRT_RECIPIENT_UNAVAILABLE(Lang, Text),
-	?STANZA_ERRORT(<<"404">>, <<"wait">>,
-		       <<"recipient-unavailable">>, Lang, Text)).
-
-define(ERRT_REDIRECT(Lang, Text),
-	?STANZA_ERRORT(<<"302">>, <<"modify">>, <<"redirect">>,
-		       Lang, Text)).
-
-define(ERRT_REGISTRATION_REQUIRED(Lang, Text),
-	?STANZA_ERRORT(<<"407">>, <<"auth">>,
-		       <<"registration-required">>, Lang, Text)).
-
-define(ERRT_REMOTE_SERVER_NOT_FOUND(Lang, Text),
-	?STANZA_ERRORT(<<"404">>, <<"cancel">>,
-		       <<"remote-server-not-found">>, Lang, Text)).
-
-define(ERRT_REMOTE_SERVER_TIMEOUT(Lang, Text),
-	?STANZA_ERRORT(<<"504">>, <<"wait">>,
-		       <<"remote-server-timeout">>, Lang, Text)).
-
-define(ERRT_RESOURCE_CONSTRAINT(Lang, Text),
-	?STANZA_ERRORT(<<"500">>, <<"wait">>,
-		       <<"resource-constraint">>, Lang, Text)).
-
-define(ERRT_SERVICE_UNAVAILABLE(Lang, Text),
-	?STANZA_ERRORT(<<"503">>, <<"cancel">>,
-		       <<"service-unavailable">>, Lang, Text)).
-
-define(ERRT_SUBSCRIPTION_REQUIRED(Lang, Text),
-	?STANZA_ERRORT(<<"407">>, <<"auth">>,
-		       <<"subscription-required">>, Lang, Text)).
-
-define(ERRT_UNEXPECTED_REQUEST(Lang, Text),
-	?STANZA_ERRORT(<<"400">>, <<"wait">>,
-		       <<"unexpected-request">>, Lang, Text)).
-
-define(ERR_AUTH_NO_RESOURCE_PROVIDED(Lang),
-	?ERRT_NOT_ACCEPTABLE(Lang, <<"No resource provided">>)).
-
-define(ERR_AUTH_BAD_RESOURCE_FORMAT(Lang),
-	?ERRT_NOT_ACCEPTABLE(Lang,
-			     <<"Illegal resource format">>)).
-
-define(ERR_AUTH_RESOURCE_CONFLICT(Lang),
-	?ERRT_CONFLICT(Lang, <<"Resource conflict">>)).
-
-define(STREAM_ERROR(Condition, Cdata),
-	#xmlel{name = <<"stream:error">>, attrs = [],
-	       children =
-		   [#xmlel{name = Condition,
-			   attrs = [{<<"xmlns">>, ?NS_STREAMS}],
-			   children = [{xmlcdata, Cdata}]}]}).
-
-define(SERR_BAD_FORMAT,
-	?STREAM_ERROR(<<"bad-format">>, <<"">>)).
-
-define(SERR_BAD_NAMESPACE_PREFIX,
-	?STREAM_ERROR(<<"bad-namespace-prefix">>, <<"">>)).
-
-define(SERR_CONFLICT,
-	?STREAM_ERROR(<<"conflict">>, <<"">>)).
-
-define(SERR_CONNECTION_TIMEOUT,
-	?STREAM_ERROR(<<"connection-timeout">>, <<"">>)).
-
-define(SERR_HOST_GONE,
-	?STREAM_ERROR(<<"host-gone">>, <<"">>)).
-
-define(SERR_HOST_UNKNOWN,
-	?STREAM_ERROR(<<"host-unknown">>, <<"">>)).
-
-define(SERR_IMPROPER_ADDRESSING,
-	?STREAM_ERROR(<<"improper-addressing">>, <<"">>)).
-
-define(SERR_INTERNAL_SERVER_ERROR,
-	?STREAM_ERROR(<<"internal-server-error">>, <<"">>)).
-
-define(SERR_INVALID_FROM,
-	?STREAM_ERROR(<<"invalid-from">>, <<"">>)).
-
-define(SERR_INVALID_ID,
-	?STREAM_ERROR(<<"invalid-id">>, <<"">>)).
-
-define(SERR_INVALID_NAMESPACE,
-	?STREAM_ERROR(<<"invalid-namespace">>, <<"">>)).
-
-define(SERR_INVALID_XML,
-	?STREAM_ERROR(<<"invalid-xml">>, <<"">>)).
-
-define(SERR_NOT_AUTHORIZED,
-	?STREAM_ERROR(<<"not-authorized">>, <<"">>)).
-
-define(SERR_POLICY_VIOLATION,
-	?STREAM_ERROR(<<"policy-violation">>, <<"">>)).
-
-define(SERR_REMOTE_CONNECTION_FAILED,
-	?STREAM_ERROR(<<"remote-connection-failed">>, <<"">>)).
-
-define(SERR_RESOURSE_CONSTRAINT,
-	?STREAM_ERROR(<<"resource-constraint">>, <<"">>)).
-
-define(SERR_RESTRICTED_XML,
-	?STREAM_ERROR(<<"restricted-xml">>, <<"">>)).
-
-define(SERR_SEE_OTHER_HOST(Host),
-	?STREAM_ERROR(<<"see-other-host">>, Host)).
-
-define(SERR_SYSTEM_SHUTDOWN,
-	?STREAM_ERROR(<<"system-shutdown">>, <<"">>)).
-
-define(SERR_UNSUPPORTED_ENCODING,
-	?STREAM_ERROR(<<"unsupported-encoding">>, <<"">>)).
-
-define(SERR_UNSUPPORTED_STANZA_TYPE,
-	?STREAM_ERROR(<<"unsupported-stanza-type">>, <<"">>)).
-
-define(SERR_UNSUPPORTED_VERSION,
-	?STREAM_ERROR(<<"unsupported-version">>, <<"">>)).
-
-define(SERR_XML_NOT_WELL_FORMED,
-	?STREAM_ERROR(<<"xml-not-well-formed">>, <<"">>)).
-
-%-define(SERR_,
-%	?STREAM_ERROR("", "")).
-
-define(STREAM_ERRORT(Condition, Cdata, Lang, Text),
-	#xmlel{name = <<"stream:error">>, attrs = [],
-	       children =
-		   [#xmlel{name = Condition,
-			   attrs = [{<<"xmlns">>, ?NS_STREAMS}],
-			   children = [{xmlcdata, Cdata}]},
-		    #xmlel{name = <<"text">>,
-			   attrs =
-			       [{<<"xml:lang">>, Lang},
-				{<<"xmlns">>, ?NS_STREAMS}],
-			   children =
-			       [{xmlcdata,
-				 translate:translate(Lang, Text)}]}]}).
-
-define(SERRT_BAD_FORMAT(Lang, Text),
-	?STREAM_ERRORT(<<"bad-format">>, <<"">>, Lang, Text)).
-
-define(SERRT_BAD_NAMESPACE_PREFIX(Lang, Text),
-	?STREAM_ERRORT(<<"bad-namespace-prefix">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_CONFLICT(Lang, Text),
-	?STREAM_ERRORT(<<"conflict">>, <<"">>, Lang, Text)).
-
-define(SERRT_CONNECTION_TIMEOUT(Lang, Text),
-	?STREAM_ERRORT(<<"connection-timeout">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_HOST_GONE(Lang, Text),
-	?STREAM_ERRORT(<<"host-gone">>, <<"">>, Lang, Text)).
-
-define(SERRT_HOST_UNKNOWN(Lang, Text),
-	?STREAM_ERRORT(<<"host-unknown">>, <<"">>, Lang, Text)).
-
-define(SERRT_IMPROPER_ADDRESSING(Lang, Text),
-	?STREAM_ERRORT(<<"improper-addressing">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_INTERNAL_SERVER_ERROR(Lang, Text),
-	?STREAM_ERRORT(<<"internal-server-error">>, <<"">>,
-		       Lang, Text)).
-
-define(SERRT_INVALID_FROM(Lang, Text),
-	?STREAM_ERRORT(<<"invalid-from">>, <<"">>, Lang, Text)).
-
-define(SERRT_INVALID_ID(Lang, Text),
-	?STREAM_ERRORT(<<"invalid-id">>, <<"">>, Lang, Text)).
-
-define(SERRT_INVALID_NAMESPACE(Lang, Text),
-	?STREAM_ERRORT(<<"invalid-namespace">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_INVALID_XML(Lang, Text),
-	?STREAM_ERRORT(<<"invalid-xml">>, <<"">>, Lang, Text)).
-
-define(SERRT_NOT_AUTHORIZED(Lang, Text),
-	?STREAM_ERRORT(<<"not-authorized">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_POLICY_VIOLATION(Lang, Text),
-	?STREAM_ERRORT(<<"policy-violation">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_REMOTE_CONNECTION_FAILED(Lang, Text),
-	?STREAM_ERRORT(<<"remote-connection-failed">>, <<"">>,
-		       Lang, Text)).
-
-define(SERRT_RESOURSE_CONSTRAINT(Lang, Text),
-	?STREAM_ERRORT(<<"resource-constraint">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_RESTRICTED_XML(Lang, Text),
-	?STREAM_ERRORT(<<"restricted-xml">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_SEE_OTHER_HOST(Host, Lang, Text),
-	?STREAM_ERRORT(<<"see-other-host">>, Host, Lang, Text)).
-
-define(SERRT_SYSTEM_SHUTDOWN(Lang, Text),
-	?STREAM_ERRORT(<<"system-shutdown">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_UNSUPPORTED_ENCODING(Lang, Text),
-	?STREAM_ERRORT(<<"unsupported-encoding">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_UNSUPPORTED_STANZA_TYPE(Lang, Text),
-	?STREAM_ERRORT(<<"unsupported-stanza-type">>, <<"">>,
-		       Lang, Text)).
-
-define(SERRT_UNSUPPORTED_VERSION(Lang, Text),
-	?STREAM_ERRORT(<<"unsupported-version">>, <<"">>, Lang,
-		       Text)).
-
-define(SERRT_XML_NOT_WELL_FORMED(Lang, Text),
-	?STREAM_ERRORT(<<"xml-not-well-formed">>, <<"">>, Lang,
-		       Text)).
-
-record(jid, {user = <<"">> :: binary(),
-              server = <<"">> :: binary(),
-              resource = <<"">> :: binary(),
-              luser = <<"">> :: binary(),
-              lserver = <<"">> :: binary(),
-              lresource = <<"">> :: binary()}).
-
-type(jid() :: #jid{}).
-
-type(ljid() :: {binary(), binary(), binary()}).
-
-record(iq, {id = <<"">>       :: binary(),
-             type = get        :: get | set | result | error,
-             xmlns = <<"">>    :: binary(),
-             lang  = <<"">>    :: binary(),
-             sub_el = #xmlel{} :: xmlel() | [xmlel()]}).
-
-type(iq_get()
-  :: #iq{
-         id     :: binary(),
-         type   :: get,
-         xmlns  :: binary(),
-         lang   :: binary(),
-         sub_el :: xmlel()
-     }
-).
-
-type(iq_set()
-  :: #iq{
-         id     :: binary(),
-         type   :: set,
-         xmlns  :: binary(),
-         lang   :: binary(),
-         sub_el :: xmlel()
-     }
-).
-
-type iq_request() :: iq_get() | iq_set().
-
-type(iq_result()
-  :: #iq{
-         id     :: binary(),
-         type   :: result,
-         xmlns  :: binary(),
-         lang   :: binary(),
-         sub_el :: [xmlel()]
-     }
-).
-
-type(iq_error()
-  :: #iq{
-         id     :: binary(),
-         type   :: error,
-         xmlns  :: binary(),
-         lang   :: binary(),
-         sub_el :: [xmlel()]
-     }
-).
-
-type iq_reply() :: iq_result() | iq_error() .
-
-type(iq() :: iq_request() | iq_reply()).
-
-record(rsm_in, {max :: integer() | error | undefined,
-                 direction :: before | aft | undefined,
-                 id :: binary() | undefined,
-                 index :: integer() | error | undefined}).
-
-record(rsm_out, {count :: integer() | undefined,
-                  index :: integer() | undefined,
-                  first :: binary() | undefined,
-                  last :: binary() | undefined}).
-
-type(rsm_in() :: #rsm_in{}).
-
-type(rsm_out() :: #rsm_out{}).
-
-type broadcast() :: {broadcast, broadcast_data()}.
-
-type broadcast_data() ::
-        {rebind, pid(), binary()} | %% ejabberd_c2s
-        {item, ljid(), mod_roster:subscription()} | %% mod_roster/mod_shared_roster
-        {exit, binary()} | %% mod_roster/mod_shared_roster
-        {privacy_list, mod_privacy:userlist(), binary()} | %% mod_privacy
-        {blocking, unblock_all | {block | unblock, [ljid()]}}. %% mod_blocking
-
-record(xmlelement, {name = ""     :: string(),
-                     attrs = []    :: [{string(), string()}],
-                     children = [] :: [{xmlcdata, iodata()} | xmlelement()]}).
-
-type xmlelement() :: #xmlelement{}.
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -17,24 +17,43 @@
 %%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 %%%
 %%%----------------------------------------------------------------------
-
 -define(PRINT(Format, Args), io:format(Format, Args)).
+
+-ifdef(LAGER).
 -compile([{parse_transform, lager_transform}]).

 -define(DEBUG(Format, Args),
-	lager:debug(Format, Args)).
+	begin lager:debug(Format, Args), ok end).

 -define(INFO_MSG(Format, Args),
-	lager:info(Format, Args)).
+	begin lager:info(Format, Args), ok end).

 -define(WARNING_MSG(Format, Args),
-	lager:warning(Format, Args)).
+	begin lager:warning(Format, Args), ok end).

 -define(ERROR_MSG(Format, Args),
-	lager:error(Format, Args)).
+	begin lager:error(Format, Args), ok end).

 -define(CRITICAL_MSG(Format, Args),
-	lager:critical(Format, Args)).
+	begin lager:critical(Format, Args), ok end).
+-else.
+-include_lib("kernel/include/logger.hrl").
+
+-define(DEBUG(Format, Args),
+	begin ?LOG_DEBUG(Format, Args), ok end).
+
+-define(INFO_MSG(Format, Args),
+	begin ?LOG_INFO(Format, Args), ok end).
+
+-define(WARNING_MSG(Format, Args),
+	begin ?LOG_WARNING(Format, Args), ok end).
+
+-define(ERROR_MSG(Format, Args),
+	begin ?LOG_ERROR(Format, Args), ok end).
+
+-define(CRITICAL_MSG(Format, Args),
+	begin ?LOG_CRITICAL(Format, Args), ok end).
+-endif.

 %% Use only when trying to troubleshoot test problem with ExUnit
 -define(EXUNIT_LOG(Format, Args),
@@ -42,3 +61,6 @@
            false -> ok;
            _ -> 'Elixir.Logger':bare_log(error, io_lib:format(Format, Args), [?MODULE])
        end).
+
+%% Uncomment if you want to debug p1_fsm/gen_fsm
+%%-define(DBGFSM, true).
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -19,12 +19,12 @@
 %%%----------------------------------------------------------------------

 -record(archive_msg,
-	{us = {<<"">>, <<"">>}                :: {binary(), binary()} | '$2',
-	 id = <<>>                            :: binary() | '_',
-	 timestamp = p1_time_compat:timestamp() :: erlang:timestamp() | '_' | '$1',
-	 peer = {<<"">>, <<"">>, <<"">>}      :: ljid() | '_' | '$3' | undefined,
-	 bare_peer = {<<"">>, <<"">>, <<"">>} :: ljid() | '_' | '$3',
-	 packet = #xmlel{}                    :: xmlel() | message() | '_',
+	{us = {<<"">>, <<"">>}                :: {binary(), binary()},
+	 id = <<>>                            :: binary(),
+	 timestamp = erlang:timestamp()       :: erlang:timestamp(),
+	 peer = {<<"">>, <<"">>, <<"">>}      :: ljid() | undefined,
+	 bare_peer = {<<"">>, <<"">>, <<"">>} :: ljid(),
+	 packet = #xmlel{}                    :: xmlel() | message(),
 	 nick = <<"">>                        :: binary(),
 	 type = chat                          :: chat | groupchat}).

@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -18,21 +18,19 @@
 %%%
 %%%----------------------------------------------------------------------

-include("ejabberd.hrl").
-
 -define(MAX_USERS_DEFAULT, 200).

 -define(SETS, gb_sets).

-define(DICT, dict).
-
 -record(lqueue,
 {
-    queue   :: p1_queue:queue(),
-    max = 0 :: integer()
+    queue = p1_queue:new()  :: p1_queue:queue(lqueue_elem()),
+    max   = 0               :: integer()
 }).

 -type lqueue() :: #lqueue{}.
+-type lqueue_elem() :: {binary(), message(), boolean(),
+			erlang:timestamp(), non_neg_integer()}.

 -record(config,
 {
@@ -63,8 +61,11 @@
    max_users                            = ?MAX_USERS_DEFAULT :: non_neg_integer() | none,
    logging                              = false :: boolean(),
    vcard                                = <<"">> :: binary(),
-    captcha_whitelist                    = (?SETS):empty() :: ?TGB_SET,
-    mam                                  = false :: boolean()
+    vcard_xupdate                        = undefined :: undefined | external | binary(),
+    captcha_whitelist                    = (?SETS):empty() :: gb_sets:set(),
+    mam                                  = false :: boolean(),
+    pubsub                               = <<"">> :: binary(),
+    lang                                 = ejabberd_option:language() :: binary()
 }).

 -type config() :: #config{}.
@@ -90,8 +91,8 @@
 {
    message_time    = 0 :: integer(),
    presence_time   = 0 :: integer(),
-    message_shaper  = none :: shaper:shaper(),
-    presence_shaper = none :: shaper:shaper(),
+    message_shaper  = none :: ejabberd_shaper:shaper(),
+    presence_shaper = none :: ejabberd_shaper:shaper(),
    message :: message() | undefined,
    presence :: {binary(), presence()} | undefined
 }).
@@ -101,21 +102,29 @@
    room                    = <<"">> :: binary(),
    host                    = <<"">> :: binary(),
    server_host             = <<"">> :: binary(),
-    access                  = {none,none,none,none} :: {atom(), atom(), atom(), atom()},
+    access                  = {none,none,none,none,none} :: {atom(), atom(), atom(), atom(), atom()},
    jid                     = #jid{} :: jid(),
    config                  = #config{} :: config(),
-    users                   = (?DICT):new() :: ?TDICT,
-    subscribers             = (?DICT):new() :: ?TDICT,
-    subscriber_nicks        = (?DICT):new() :: ?TDICT,
+    users                   = #{} :: users(),
+    subscribers             = #{} :: subscribers(),
+    subscriber_nicks        = #{} :: subscriber_nicks(),
    last_voice_request_time = treap:empty() :: treap:treap(),
-    robots                  = (?DICT):new() :: ?TDICT,
-    nicks                   = (?DICT):new() :: ?TDICT,
-    affiliations            = (?DICT):new() :: ?TDICT,
-    history                 :: lqueue(),
-    subject                 = <<"">> :: binary(),
+    robots                  = #{} :: robots(),
+    nicks                   = #{} :: nicks(),
+    affiliations            = #{} :: affiliations(),
+    history                 = #lqueue{} :: lqueue(),
+    subject                 = [] :: [text()],
    subject_author          = <<"">> :: binary(),
-    just_created            = false :: boolean(),
+    just_created            = erlang:system_time(microsecond) :: true | integer(),
    activity                = treap:empty() :: treap:treap(),
-    room_shaper             = none :: shaper:shaper(),
-    room_queue              :: p1_queue:queue() | undefined
+    room_shaper             = none :: ejabberd_shaper:shaper(),
+    room_queue              :: p1_queue:queue({message | presence, jid()}) | undefined,
+    hibernate_timer         = none :: reference() | none | hibernating
 }).
+
+-type users() :: #{ljid() => #user{}}.
+-type robots() :: #{jid() => {binary(), stanza()}}.
+-type nicks() :: #{binary() => [ljid()]}.
+-type affiliations() :: #{ljid() => affiliation() | {affiliation(), binary()}}.
+-type subscribers() :: #{ljid() => #subscriber{}}.
+-type subscriber_nicks() :: #{binary() => [ljid()]}.
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -2,7 +2,7 @@
 %%% RFC 1928 constants.
 %%%
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -0,0 +1,24 @@
+%%%----------------------------------------------------------------------
+%%% ejabberd, Copyright (C) 2017-2019 ProcessOne
+%%%
+%%% This program is free software; you can redistribute it and/or
+%%% modify it under the terms of the GNU General Public License as
+%%% published by the Free Software Foundation; either version 2 of the
+%%% License, or (at your option) any later version.
+%%%
+%%% This program is distributed in the hope that it will be useful,
+%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
+%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+%%% General Public License for more details.
+%%%
+%%% You should have received a copy of the GNU General Public License along
+%%% with this program; if not, write to the Free Software Foundation, Inc.,
+%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+%%%
+%%%----------------------------------------------------------------------
+-record(push_session,
+        {us = {<<"">>, <<"">>}                  :: {binary(), binary()},
+         timestamp = erlang:timestamp()         :: erlang:timestamp(),
+         service = {<<"">>, <<"">>, <<"">>}     :: ljid(),
+         node = <<"">>                          :: binary(),
+         xml                                    :: undefined | xmlel()}).
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -0,0 +1,209 @@
+%%%-------------------------------------------------------------------
+%%% @author Evgeny Khramtsov <ekhramtsov@process-one.net>
+%%% @copyright (C) 2002-2019 ProcessOne, SARL. All Rights Reserved.
+%%%
+%%% Licensed under the Apache License, Version 2.0 (the "License");
+%%% you may not use this file except in compliance with the License.
+%%% You may obtain a copy of the License at
+%%%
+%%%     http://www.apache.org/licenses/LICENSE-2.0
+%%%
+%%% Unless required by applicable law or agreed to in writing, software
+%%% distributed under the License is distributed on an "AS IS" BASIS,
+%%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%%% See the License for the specific language governing permissions and
+%%% limitations under the License.
+%%%
+%%%-------------------------------------------------------------------
+-define(MQTT_VERSION_4, 4).
+-define(MQTT_VERSION_5, 5).
+
+-record(connect, {proto_level             = 4     :: non_neg_integer(),
+		  will                            :: undefined | publish(),
+		  clean_start             = true  :: boolean(),
+		  keep_alive              = 0     :: non_neg_integer(),
+		  client_id               = <<>>  :: binary(),
+		  username                = <<>>  :: binary(),
+		  password                = <<>>  :: binary(),
+                  will_properties         = #{}   :: properties(),
+                  properties              = #{}   :: properties()}).
+-record(connack, {session_present = false    :: boolean(),
+		  code            = success  :: reason_code(),
+                  properties      = #{}      :: properties()}).
+
+-record(publish, {id :: undefined | non_neg_integer(),
+		  dup = false :: boolean(),
+		  qos = 0 :: qos(),
+		  retain = false :: boolean(),
+		  topic :: binary(),
+		  payload :: binary(),
+                  properties = #{} :: properties(),
+		  meta = #{} :: map()}).
+-record(puback, {id :: non_neg_integer(),
+                 code = success :: reason_code(),
+                 properties = #{} :: properties()}).
+-record(pubrec, {id :: non_neg_integer(),
+                 code = success :: reason_code(),
+                 properties = #{} :: properties()}).
+-record(pubrel, {id :: non_neg_integer(),
+                 code = success :: reason_code(),
+                 properties = #{} :: properties(),
+                 meta = #{} :: map()}).
+-record(pubcomp, {id :: non_neg_integer(),
+                  code = success :: reason_code(),
+                  properties = #{} :: properties()}).
+
+-record(subscribe, {id :: non_neg_integer(),
+		    filters :: [{binary(), sub_opts()}],
+                    properties = #{} :: properties(),
+                    meta = #{} :: map()}).
+-record(suback, {id :: non_neg_integer(),
+		 codes = [] :: [char() | reason_code()],
+                 properties = #{} :: properties()}).
+
+-record(unsubscribe, {id :: non_neg_integer(),
+		      filters :: [binary()],
+                      properties = #{} :: properties(),
+                      meta = #{} :: map()}).
+-record(unsuback, {id :: non_neg_integer(),
+                   codes = [] :: [reason_code()],
+                   properties = #{} :: properties()}).
+
+-record(pingreq, {meta = #{} :: map()}).
+-record(pingresp, {}).
+
+-record(disconnect, {code = 'normal-disconnection' :: reason_code(),
+                     properties = #{} :: properties()}).
+
+-record(auth, {code = success :: reason_code(),
+               properties = #{} :: properties()}).
+
+-record(sub_opts, {qos = 0 :: qos(),
+                   no_local = false :: boolean(),
+                   retain_as_published = false :: boolean(),
+                   retain_handling = 0 :: 0..2}).
+
+-type qos() :: 0|1|2.
+-type sub_opts() :: #sub_opts{}.
+-type utf8_pair() :: {binary(), binary()}.
+-type properties() :: #{assigned_client_identifier => binary(),
+			authentication_data => binary(),
+			authentication_method => binary(),
+			content_type => binary(),
+			correlation_data => binary(),
+			maximum_packet_size => pos_integer(),
+			maximum_qos => 0|1,
+			message_expiry_interval => non_neg_integer(),
+			payload_format_indicator => binary | utf8,
+			reason_string => binary(),
+			receive_maximum => pos_integer(),
+			request_problem_information => boolean(),
+			request_response_information => boolean(),
+			response_information => binary(),
+			response_topic => binary(),
+			retain_available => boolean(),
+			server_keep_alive => non_neg_integer(),
+			server_reference => binary(),
+			session_expiry_interval => non_neg_integer(),
+			shared_subscription_available => boolean(),
+			subscription_identifier => [non_neg_integer()] | non_neg_integer(),
+			subscription_identifiers_available => boolean(),
+			topic_alias => pos_integer(),
+			topic_alias_maximum => non_neg_integer(),
+			user_property => [utf8_pair()],
+			wildcard_subscription_available => boolean(),
+			will_delay_interval => non_neg_integer()}.
+-type property() :: assigned_client_identifier |
+                    authentication_data |
+                    authentication_method |
+                    content_type |
+                    correlation_data |
+                    maximum_packet_size |
+                    maximum_qos |
+                    message_expiry_interval |
+                    payload_format_indicator |
+                    reason_string |
+                    receive_maximum |
+                    request_problem_information |
+                    request_response_information |
+                    response_information |
+                    response_topic |
+                    retain_available |
+                    server_keep_alive |
+                    server_reference |
+                    session_expiry_interval |
+                    shared_subscription_available |
+                    subscription_identifier |
+                    subscription_identifiers_available |
+                    topic_alias |
+                    topic_alias_maximum |
+                    user_property |
+                    wildcard_subscription_available |
+                    will_delay_interval.
+-type reason_code() :: 'success' |
+                       'normal-disconnection' |
+                       'granted-qos-0' |
+                       'granted-qos-1' |
+                       'granted-qos-2' |
+                       'disconnect-with-will-message' |
+                       'no-matching-subscribers' |
+                       'no-subscription-existed' |
+                       'continue-authentication' |
+                       're-authenticate' |
+                       'unspecified-error' |
+                       'malformed-packet' |
+                       'protocol-error' |
+                       'implementation-specific-error' |
+                       'unsupported-protocol-version' |
+                       'client-identifier-not-valid' |
+                       'bad-user-name-or-password' |
+                       'not-authorized' |
+                       'server-unavailable' |
+                       'server-busy' |
+                       'banned' |
+                       'server-shutting-down' |
+                       'bad-authentication-method' |
+                       'keep-alive-timeout' |
+                       'session-taken-over' |
+                       'topic-filter-invalid' |
+                       'topic-name-invalid' |
+                       'packet-identifier-in-use' |
+                       'packet-identifier-not-found' |
+                       'receive-maximum-exceeded' |
+                       'topic-alias-invalid' |
+                       'packet-too-large' |
+                       'message-rate-too-high' |
+                       'quota-exceeded' |
+                       'administrative-action' |
+                       'payload-format-invalid' |
+                       'retain-not-supported' |
+                       'qos-not-supported' |
+                       'use-another-server' |
+                       'server-moved' |
+                       'shared-subscriptions-not-supported' |
+                       'connection-rate-exceeded' |
+                       'maximum-connect-time' |
+                       'subscription-identifiers-not-supported' |
+                       'wildcard-subscriptions-not-supported'.
+
+-type connect() :: #connect{}.
+-type connack() :: #connack{}.
+-type publish() :: #publish{}.
+-type puback() :: #puback{}.
+-type pubrel() :: #pubrel{}.
+-type pubrec() :: #pubrec{}.
+-type pubcomp() :: #pubcomp{}.
+-type subscribe() :: #subscribe{}.
+-type suback() :: #suback{}.
+-type unsubscribe() :: #unsubscribe{}.
+-type unsuback() :: #unsuback{}.
+-type pingreq() :: #pingreq{}.
+-type pingresp() :: #pingresp{}.
+-type disconnect() :: #disconnect{}.
+-type auth() :: #auth{}.
+
+-type mqtt_packet() :: connect() | connack() | publish() | puback() |
+		       pubrel() | pubrec() | pubcomp() | subscribe() |
+		       suback() | unsubscribe() | unsuback() | pingreq() |
+		       pingresp() | disconnect() | auth().
+-type mqtt_version() :: ?MQTT_VERSION_4 | ?MQTT_VERSION_5.
@@ -1,6 +1,6 @@
 %%%----------------------------------------------------------------------
 %%%
-%%% ejabberd, Copyright (C) 2002-2017   ProcessOne
+%%% ejabberd, Copyright (C) 2002-2019   ProcessOne
 %%%
 %%% This program is free software; you can redistribute it and/or
 %%% modify it under the terms of the GNU General Public License as
@@ -18,8 +18,6 @@
 %%%
 %%%----------------------------------------------------------------------

-include("ejabberd.hrl").
-
 %% -------------------------------
 %% Pubsub constants
 -define(ERR_EXTENDED(E, C), mod_pubsub:extended_error(E, C)).
@@ -28,8 +26,8 @@
 -define(MAXITEMS, 10).

 %% this is currently a hard limit.
-%% Would be nice to have it configurable. 
-define(MAX_PAYLOAD_SIZE, 60000).
+%% Would be nice to have it configurable.
+-define(MAX_PAYLOAD_SIZE, 250000).

 %% -------------------------------
 %% Pubsub types
@@ -60,7 +58,7 @@
 %% note: pos_integer() should always be used, but we allow anything else coded
 %% as binary, so one can have a custom implementation of nodetree with custom
 %% indexing (see nodetree_virtual). this also allows to use any kind of key for
-%% indexing nodes, as this can be usefull with external backends such as sql.
+%% indexing nodes, as this can be useful with external backends such as sql.

 -type(itemId() :: binary()).
 %% @type itemId() = string().
@@ -86,7 +84,7 @@
     Value::binary() | [binary()] | boolean()
 }).

-type(subOptions() :: [mod_pubsub:subOption(),...]).
+-type(subOptions() :: [mod_pubsub:subOption()]).

 -type(pubOption() ::
    {Option::binary(),
@@ -131,13 +129,13 @@
    id                  ,% :: mod_pubsub:nodeIdx(),
    parents = []        ,% :: [mod_pubsub:nodeId(),...],
    type    = <<"flat">>,% :: binary(),
-    owners  = []        ,% :: [jlib:ljid(),...],
+    owners  = []        ,% :: [jid:ljid(),...],
    options = []        % :: mod_pubsub:nodeOptions()
 }).

 -record(pubsub_state,
 {
-    stateid               ,% :: {jlib:ljid(), mod_pubsub:nodeIdx()},
+    stateid               ,% :: {jid:ljid(), mod_pubsub:nodeIdx()},
    nodeidx               ,% :: mod_pubsub:nodeIdx(),
    items         = []    ,% :: [mod_pubsub:itemId(),...],
    affiliation   = 'none',% :: mod_pubsub:affiliation(),
@@ -148,8 +146,8 @@
 {
    itemid                           ,% :: {mod_pubsub:itemId(), mod_pubsub:nodeIdx()},
    nodeidx                          ,% :: mod_pubsub:nodeIdx(),
-    creation     = {unknown, unknown},% :: {erlang:timestamp(), jlib:ljid()},
-    modification = {unknown, unknown},% :: {erlang:timestamp(), jlib:ljid()},
+    creation     = {unknown, unknown},% :: {erlang:timestamp(), jid:ljid()},
+    modification = {unknown, unknown},% :: {erlang:timestamp(), jid:ljid()},
    payload      = []                % :: mod_pubsub:payload()
 }).

@@ -163,7 +161,7 @@
 {
    nodeid   ,% :: {binary(), mod_pubsub:nodeIdx()},
    itemid   ,% :: mod_pubsub:itemId(),
-    creation ,% :: {erlang:timestamp(), jlib:ljid()},
+    creation ,% :: {erlang:timestamp(), jid:ljid()},
    payload  % :: mod_pubsub:payload()
 }).

@@ -1,130 +0,0 @@
-defmodule ExUnit.CTFormatter do
-  @moduledoc false
-
-  use GenEvent
-
-  import ExUnit.Formatter, only: [format_time: 2, format_test_failure: 5,
-                                  format_test_case_failure: 5]
-
-  def init(opts) do
-    file = File.open! "exunit.log", [:append]
-    # We do not print filter in log file as exclusion of test with tag
-    # pending: true is always done
-    config = %{
-      file: file,
-      seed: opts[:seed],
-      trace: opts[:trace],
-      colors: Keyword.put_new(opts[:colors], :enabled, false),
-      width: 80,
-      tests_counter: 0,
-      failures_counter: 0,
-      skipped_counter: 0,
-      invalids_counter: 0
-    }
-    {:ok, config}
-  end
-
-  def handle_event({:suite_started, _opts}, config) do
-    {:ok, config}
-  end
-
-  def handle_event({:suite_finished, run_us, load_us}, config) do
-    print_suite(config, run_us, load_us)
-    File.close config[:file]
-    :remove_handler
-  end
-
-  def handle_event({:test_started, %ExUnit.Test{} = test}, config) do
-    if config.tests_counter == 0, do: IO.binwrite config[:file], "== Running #{test.case} ==\n\n"
-    {:ok, config}
-  end
-
-  def handle_event({:test_finished, %ExUnit.Test{state: nil} = _test}, config) do
-    IO.binwrite config[:file], "."
-    {:ok, %{config | tests_counter: config.tests_counter + 1}}
-  end
-
-  def handle_event({:test_finished, %ExUnit.Test{state: {:skip, _}} = _test}, config) do
-    {:ok, %{config | tests_counter: config.tests_counter + 1,
-                     skipped_counter: config.skipped_counter + 1}}
-  end
-
-  def handle_event({:test_finished, %ExUnit.Test{state: {:invalid, _}} = _test}, config) do
-    IO.binwrite config[:file], "?"
-    {:ok, %{config | tests_counter: config.tests_counter + 1,
-                     invalids_counter: config.invalids_counter + 1}}
-  end
-
-  def handle_event({:test_finished, %ExUnit.Test{state: {:failed, failures}} = test}, config) do
-    formatted = format_test_failure(test, failures, config.failures_counter + 1,
-                                    config.width, &formatter(&1, &2, config))
-    print_failure(formatted, config)
-    print_logs(test.logs)
-
-    {:ok, %{config | tests_counter: config.tests_counter + 1,
-                     failures_counter: config.failures_counter + 1}}
-  end
-
-  def handle_event({:case_started, %ExUnit.TestCase{}}, config) do
-    {:ok, config}
-  end
-
-  def handle_event({:case_finished, %ExUnit.TestCase{state: nil}}, config) do
-    {:ok, config}
-  end
-
-  def handle_event({:case_finished, %ExUnit.TestCase{state: {:failed, failures}} = test_case}, config) do
-    formatted = format_test_case_failure(test_case, failures, config.failures_counter + 1,
-                                         config.width, &formatter(&1, &2, config))
-    print_failure(formatted, config)
-    {:ok, %{config | failures_counter: config.failures_counter + 1}}
-  end
-
-  ## Printing
-
-  defp print_suite(config, run_us, load_us) do
-    IO.binwrite config[:file], "\n\n"
-    IO.binwrite config[:file], format_time(run_us, load_us)
-    IO.binwrite config[:file], "\n\n"
-
-    # singular/plural
-    test_pl = pluralize(config.tests_counter, "test", "tests")
-    failure_pl = pluralize(config.failures_counter, "failure", "failures")
-
-    message =
-      "#{config.tests_counter} #{test_pl}, #{config.failures_counter} #{failure_pl}"
-      |> if_true(config.skipped_counter > 0, & &1 <> ", #{config.skipped_counter} skipped")
-      |> if_true(config.invalids_counter > 0, & &1 <> ", #{config.invalids_counter} invalid")
-
-    cond do
-      config.failures_counter > 0 -> IO.binwrite config[:file], message
-      config.invalids_counter > 0 -> IO.binwrite config[:file], message
-      true                        -> IO.binwrite config[:file], message
-    end
-
-    IO.binwrite config[:file], "\nRandomized with seed #{config.seed}\n\n\n\n"
-  end
-
-  defp if_true(value, false, _fun), do: value
-  defp if_true(value, true, fun), do: fun.(value)
-
-  defp print_failure(formatted, config) do
-    IO.binwrite config[:file], "\n"
-    IO.binwrite config[:file], formatted
-    IO.binwrite config[:file], "\n"
-  end
-
-  defp formatter(_,  msg, _config),
-    do: msg
-
-  defp pluralize(1, singular, _plural), do: singular
-  defp pluralize(_, _singular, plural), do: plural
-
-  defp print_logs(""), do: nil
-
-  defp print_logs(output) do
-    indent = "\n     "
-    output = String.replace(output, "\n", indent)
-    IO.puts(["     The following output was logged:", indent | output])
-  end
-end
@@ -23,7 +23,7 @@ defmodule Ejabberd.Config do
  # Could be also possible to interrupt the compilation&execution by throwing
  # an exception if necessary.
  def __before_compile__(_env) do
-    get_modules_parsed_in_order
+    get_modules_parsed_in_order()
    |> EjabberdModule.validate
    |> EjabberdLogger.log_errors
  end
@@ -48,9 +48,9 @@ defmodule Ejabberd.Config do
  Returns a list with all the opts, formatted for ejabberd.
  """
  def get_ejabberd_opts do
-    get_general_opts
-    |> Dict.put(:modules, get_modules_parsed_in_order())
-    |> Dict.put(:listeners, get_listeners_parsed_in_order())
+    get_general_opts()
+    |> Map.put(:modules, get_modules_parsed_in_order())
+    |> Map.put(:listeners, get_listeners_parsed_in_order())
    |> Ejabberd.Config.OptsFormatter.format_opts_for_ejabberd
  end

@@ -12,7 +12,6 @@ defmodule Ejabberd.Config.EjabberdModule do
  defstruct [:module, :attrs]

  alias Ejabberd.Config.EjabberdModule
-  alias Ejabberd.Config.Attr
  alias Ejabberd.Config.Validation

  @doc """
@@ -21,7 +21,7 @@ defmodule Ejabberd.Config.EjabberdLogger do
  defp do_log_errors({:attribute, errors}), do: Enum.each errors, &log_attribute_error/1
  defp do_log_errors({:dependency, errors}), do: Enum.each errors, &log_dependency_error/1

-  defp log_attribute_error({{attr_name, val}, :attr_not_supported}), do:
+  defp log_attribute_error({{attr_name, _val}, :attr_not_supported}), do:
    IO.puts "[ WARN ] Annotation @#{attr_name} is not supported."

  defp log_attribute_error({{attr_name, val}, :type_not_supported}), do:
@@ -7,9 +7,7 @@ defmodule Ejabberd.Config.Validation do
  @type mod_validation_result :: {:ok, EjabberdModule.t} | {:error, EjabberdModule.t, map}

  alias Ejabberd.Config.EjabberdModule
-  alias Ejabberd.Config.Attr
  alias Ejabberd.Config.Validator
-  alias Ejabberd.Config.ValidatorUtility

  @doc """
  Given a module or a list of modules it runs validators on them
@@ -18,7 +18,7 @@ defmodule Ejabberd.Config.Validator.Attrs do
  def validate({modules, mod, errors}) do
    errors = Enum.reduce mod.attrs, errors, fn(attr, err) ->
      case Attr.validate(attr) do
-        {:ok, attr} -> err
+        {:ok, _attr} -> err
        {:error, attr, cause} -> put_error(err, :attribute, {attr, cause})
      end
    end
@@ -15,7 +15,7 @@ defmodule Mix.Tasks.Ejabberd.Deps.Tree do
    # First we need to start manually the store to be available
    # during the compilation of the config file.
    Ejabberd.Config.Store.start_link
-    Ejabberd.Config.init(:ejabberd_config.get_ejabberd_config_path())
+    Ejabberd.Config.init(:ejabberd_config.path())

    Mix.shell.info "ejabberd modules"

@@ -40,7 +40,7 @@ defmodule Mix.Tasks.Ejabberd.Deps.Tree do
    end
  end

-  defp build_dependency_tree(mods, mod, []), do: %{module: mod, dependency: []}
+  defp build_dependency_tree(_mods, mod, []), do: %{module: mod, dependency: []}
  defp build_dependency_tree(mods, mod, deps) when is_list(deps) do
    dependencies = Enum.map deps, fn dep ->
      dep_deps = get_dependencies_of_mod(mods, dep)
@@ -65,7 +65,7 @@ defmodule Mix.Tasks.Ejabberd.Deps.Tree do

  defp keep_only_mods_not_used_as_dep(mods, mods_used_as_dep) do
    Enum.filter mods, fn %{module: mod} ->
-      not mod in mods_used_as_dep
+      not (mod in mods_used_as_dep)
    end
  end

@@ -17,4 +17,13 @@ defmodule ModPresenceDemo do
    info('Receive presence for #{user}')
    :none
  end
+
+  def depends(_host, _opts) do
+    []
+  end
+
+  def mod_options(_host) do
+    []
+  end
+  
 end
@@ -84,20 +84,3 @@ EOF
 	   AC_MSG_RESULT([ok])
 	fi
 ]) dnl ERLANG_VERSION_CHECK
-
-AC_DEFUN([ERLANG_DEPRECATED_TYPES_CHECK],
-[		AC_MSG_CHECKING([whether Erlang is using deprecated types])
-		cat > conftest.erl <<EOF
-module(conftest).
-
-record(state, {host = dict:new() :: dict:dict()}).
-EOF
-
-	if $ERLC conftest.erl > /dev/null 2>&1; then
-	   AC_MSG_RESULT([no])
-	   AC_SUBST(erlang_deprecated_types, false)
-	else
-	   AC_MSG_RESULT([yes])
-	   AC_SUBST(erlang_deprecated_types, true)
-	fi
-])
@@ -3,7 +3,7 @@ defmodule Ejabberd.Mixfile do

  def project do
    [app: :ejabberd,
-     version: "17.9.0",
+     version: "20.1.0",
     description: description(),
     elixir: "~> 1.4",
     elixirc_paths: ["lib"],
@@ -19,63 +19,101 @@ defmodule Ejabberd.Mixfile do

  def description do
    """
-    Robust, ubiquitous and massively scalable Jabber / XMPP Instant Messaging platform.
+    Robust, Ubiquitous and Massively Scalable Messaging Platform (XMPP, MQTT, SIP Server)
    """
  end

  def application do
    [mod: {:ejabberd_app, []},
-     applications: [:ssl],
+     applications: [:kernel, :stdlib, :sasl, :ssl],
     included_applications: [:lager, :mnesia, :inets, :p1_utils, :cache_tab,
-                             :fast_tls, :stringprep, :fast_xml, :xmpp,
-                             :stun, :fast_yaml, :esip, :jiffy, :p1_oauth2]
-                         ++ cond_apps()]
+                             :fast_tls, :stringprep, :fast_xml, :xmpp, :mqtree,
+                             :stun, :fast_yaml, :esip, :jiffy, :p1_oauth2,
+                             :eimp, :base64url, :jose, :pkix, :os_mon, :yconf,
+                             :p1_acme, :idna]
+     ++ cond_apps()]
+  end
+
+  defp if_function_exported(mod, fun, arity, okResult) do
+    :code.ensure_loaded(mod)
+    if :erlang.function_exported(mod, fun, arity) do
+      okResult
+    else
+      []
+    end
+  end
+
+  defp if_version_above(ver, okResult) do
+    if :erlang.system_info(:otp_release) > ver do
+      okResult
+    else
+      []
+    end
  end

  defp erlc_options do
    # Use our own includes + includes from all dependencies
    includes = ["include"] ++ deps_include(["fast_xml", "xmpp", "p1_utils"])
-    [:debug_info, {:d, :ELIXIR_ENABLED}] ++ Enum.map(includes, fn(path) -> {:i, path} end)
+    [:debug_info, {:d, :ELIXIR_ENABLED}] ++ cond_options() ++ Enum.map(includes, fn(path) -> {:i, path} end) ++
+    if_version_above('20', [{:d, :DEPRECATED_GET_STACKTRACE}]) ++
+    if_function_exported(:erl_error, :format_exception, 6, [{:d, :HAVE_ERL_ERROR}])
+  end
+
+  defp cond_options do
+    for {:true, option} <- [{config(:sip), {:d, :SIP}},
+                            {config(:stun), {:d, :STUN}},
+                            {config(:roster_gateway_workaround), {:d, :ROSTER_GATWAY_WORKAROUND}},
+                            {config(:new_sql_schema), {:d, :NEW_SQL_SCHEMA}}
+                           ], do:
+    option
  end

  defp deps do
-    [{:lager, "~> 3.4.0"},
+    [{:lager, "~> 3.6.0"},
     {:p1_utils, "~> 1.0"},
     {:fast_xml, "~> 1.1"},
-     {:xmpp, "~> 1.1"},
+     {:xmpp, "~> 1.4"},
     {:cache_tab, "~> 1.0"},
     {:stringprep, "~> 1.0"},
     {:fast_yaml, "~> 1.0"},
-     {:fast_tls, "~> 1.0"},
+     {:fast_tls, "~> 1.1"},
     {:stun, "~> 1.0"},
     {:esip, "~> 1.0"},
-     {:jiffy, "~> 0.14.7"},
+     {:p1_mysql, "~> 1.0"},
+     {:mqtree, "~> 1.0"},
+     {:p1_pgsql, "~> 1.1"},
+     {:jiffy, "~> 1.0"},
     {:p1_oauth2, "~> 0.6.1"},
-     {:distillery, "~> 1.0"},
-     {:ex_doc, ">= 0.0.0", only: :dev}]
+     {:distillery, "~> 2.0"},
+     {:pkix, "~> 1.0"},
+     {:ex_doc, ">= 0.0.0", only: :dev},
+     {:eimp, "~> 1.0"},
+     {:base64url, "~> 0.0.1"},
+     {:yconf, "~> 1.0"},
+     {:jose, "~> 1.8"},
+     {:idna, "~> 6.0"},
+     {:p1_acme, "~> 1.0"}]
    ++ cond_deps()
  end

  defp deps_include(deps) do
-    base = case Mix.Project.deps_paths()[:ejabberd] do
-      nil -> "deps"
-      _ -> ".."
+    base = if Mix.Project.umbrella?() do
+      "../../deps"
+    else
+      case Mix.Project.deps_paths()[:ejabberd] do
+        nil -> "deps"
+        _ -> ".."
+      end
    end
    Enum.map(deps, fn dep -> base<>"/#{dep}/include" end)
  end

  defp cond_deps do
-    for {:true, dep} <- [{config(:mysql), {:p1_mysql, "~> 1.0"}},
-                         {config(:pgsql), {:p1_pgsql, "~> 1.1"}},
-                         {config(:sqlite), {:sqlite3, "~> 1.1"}},
-                         {config(:riak), {:riakc, "~> 2.4"}},
+    for {:true, dep} <- [{config(:sqlite), {:sqlite3, "~> 1.1"}},
                         {config(:redis), {:eredis, "~> 1.0"}},
                         {config(:zlib), {:ezlib, "~> 1.0"}},
-                         {config(:iconv), {:iconv, "~> 1.0"}},
                         {config(:pam), {:epam, "~> 1.0"}},
-                         {config(:tools), {:luerl, github: "rvirding/luerl", tag: "v0.2"}},
-                         {config(:tools), {:meck, "~> 0.8.4"}},
-                         {config(:tools), {:moka, github: "processone/moka", tag: "1.0.5c"}}], do:
+                         {config(:tools), {:luerl, "~> 0.3.1"}}], do:
      dep
  end

@@ -84,8 +122,7 @@ defmodule Ejabberd.Mixfile do
                         {config(:mysql), :p1_mysql},
                         {config(:pgsql), :p1_pgsql},
                         {config(:sqlite), :sqlite3},
-                         {config(:zlib), :ezlib},
-                         {config(:iconv), :iconv}], do:
+                         {config(:zlib), :ezlib}], do:
      app
  end

@@ -103,7 +140,7 @@ defmodule Ejabberd.Mixfile do
  defp vars do
    case :file.consult("vars.config") do
      {:ok,config} -> config
-      _ -> [zlib: true, iconv: true]
+      _ -> [zlib: true]
    end
  end

@@ -132,7 +169,12 @@ defmodule Mix.Tasks.Compile.Asn1 do
    mappings     = Enum.zip(source_paths, dest_paths)
    options      = project[:asn1_options] || []

-    Erlang.compile(manifest(), mappings, :asn1, :erl, opts[:force], fn
+    force = case opts[:force] do
+        :true -> [force: true]
+        _ -> [force: false]
+    end
+
+    Erlang.compile(manifest(), mappings, :asn1, :erl, force, fn
      input, output ->
        options = options ++ [:noobj, outdir: Erlang.to_erl_file(Path.dirname(output))]
        case :asn1ct.compile(Erlang.to_erl_file(input), options) do
--- a/Show More
+++ b/Show More