In some environments it is desirable to isolate one or more hosts, and prevent communication with external, or even other internal domains.
Loading mod_isolate_host on a host will prevent all communication with JIDs outside of the current domain, though it is possible to configure exceptions.
Note: if you just want to prevent communication with external domains, this is possible without a plugin. See Prosody: Disabling s2s for more information.
This module was sponsored by Exa Networks.
To isolate all hosts by default, add the module to your global modules_enabled:
modules_enabled = {
...
"isolate_host";
...
}Alternatively you can isolate a single host by putting a modules_enabled line under the VirtualHost directive:
VirtualHost "example.com"
modules_enabled = { "isolate_host" }After enabling the module, you can add further options to add exceptions for the isolation:
| Option | Description |
|---|---|
| isolate_except_domains | A list of domains to allow communication with. |
| isolate_except_users | A list of user JIDs allowed to bypass the isolation and communicate with other domains. |
Note: Admins of hosts are always allowed to communicate with other domains
| 0.9 | Works |
With the plugin installer in Prosody 0.12 you can use:
sudo prosodyctl install --server=https://modules.prosody.im/rocks/ mod_isolate_hostFor earlier versions see the documentation for installing 3rd party modules