Confusion with http_file_share

15 views
Skip to first unread message

Nikita Sorokin

unread,
Aug 21, 2025, 10:48:12 AMAug 21
to Prosody IM Users
Hello!

I'm hoping for help from this community!

I am running prosody 13.0.2 on ubuntu + nginx.
I have a group of domains for the main configuration:


and I have another domain hide.com for conversejs + bosch/websocket

My problem: I can't share files. Monal gives me 404 error when I am trying to send any file in my message. 

Here are my config files:

Prosody


---------- Server-wide settings ----------


admins = { "sor...@jabber.main.com" }


modules_enabled = {


-- Generally required

"disco"; -- Service discovery

"roster"; -- Allow users to have a roster. Recommended ;)

"saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.

"tls"; -- Add support for secure TLS on c2s/s2s connections


-- Not essential, but recommended

"blocklist"; -- Allow users to block communications with other users

"bookmarks"; -- Synchronise the list of open rooms between clients

"carbons"; -- Keep multiple online clients in sync

"dialback"; -- Support for verifying remote servers using DNS

"limits"; -- Enable bandwidth limiting for XMPP connections

"pep"; -- Allow users to store public and private data in their account

"private"; -- Legacy account storage mechanism (XEP-0049)

"smacks"; -- Stream management and resumption (XEP-0198)

"vcard4"; -- User profiles (stored in PEP)

"vcard_legacy"; -- Conversion between legacy vCard and PEP Avatar, vcard


-- Nice to have

"account_activity"; -- Record time when an account was last used

"cloud_notify"; -- Push notifications for mobile devices

"csi_simple"; -- Simple but effective traffic optimizations for mobile devices

"invites"; -- Create and manage invites

"invites_adhoc"; -- Allow admins/users to create invitations via their client

"invites_register"; -- Allows invited users to create accounts

"ping"; -- Replies to XMPP pings with pongs

-- "register"; -- Allow users to register on this server using a client and change passwords

"time"; -- Let others know the time here on this server

"uptime"; -- Report how long server has been running

"version"; -- Replies to server version requests

"mam"; -- Store recent messages to allow multi-device synchronization

"turn_external"; -- Provide external STUN/TURN service for e.g. audio/video calls

-- "muc_mam";

"cloud_notify_extensions";

"pubsub";

-- "http_file_share";


-- Admin interfaces

"admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands

"admin_shell"; -- Allow secure administration via 'prosodyctl shell'


-- HTTP modules

"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"

--"http_openmetrics"; -- for exposing metrics to stats collectors

"websocket"; -- XMPP over WebSockets


-- Other specific functionality

--"announce"; -- Send announcement to all online users

--"groups"; -- Shared roster support

--"mimicking"; -- Prevent address spoofing

--"motd"; -- Send a message to users when they log in

--"proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use

--"s2s_bidi"; -- Bi-directional server-to-server (XEP-0288)

--"server_contact_info"; -- Publish contact information for this service

--"tombstones"; -- Prevent registration of deleted accounts

--"watchregistrations"; -- Alert admins of registrations

--"welcome"; -- Welcome users who register accounts

"sasl2";

"sasl_ssdp";

}



modules_disabled = {


"register";

}



-- Server-to-server authentication


s2s_secure_auth = true



-- Rate limits


limits = {

c2s = {

rate = "50kb/s";

burst = "100kb";

};

s2sin = {

rate = "100kb/s";

burst = "200kb";

};

}


-- Required for init scripts and prosodyctl

pidfile = "/var/run/prosody/prosody.pid"


-- Authentication


authentication = "internal_hashed"


-- Storage


storage = "sql" -- Default is "internal"


-- For the "sql" backend, you can uncomment *one* of the below to configure:

sql = { driver = "SQLite3", database = "/var/lib/prosody/prosody.sqlite", sql_manage_tables = true } -- Default. 'database' is the filename.

archive_expires_after = "1w" -- Remove archived messages after 1 week

-- Logging configuration

-- For advanced logging see https://prosody.im/doc/logging

log = {

debug = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging

error = "/var/log/prosody/prosody.err";

"*syslog"; -- Uncomment this for logging to syslog

-- "*console"; -- Log to the console, useful for debugging when running in the foreground

}


-- Certificates


certificates = "certs"


-- Turn server


turn_external_host = "turn.hide.com"

turn_external_port = 5349

turn_external_secret = "very_secret"


-- BOSCH/Websocket/converse.js


http_external_url = "https://hide.com"

trusted_proxies = { "127.0.0.1", "::1" }

http_ports = { 5280 }

https_ports = { 5281 }

http_cors_override = {

    bosh = {

        enabled = true;

        access_control_allow_origins = { "https://hide.com" };

    };

    websocket = {

        enabled = true;

        access_control_allow_origins = { "https://hide.com" };

    };

}

ssl = {

    certificate = "/etc/letsencrypt/live/hide.com/fullchain.pem";

    key = "/etc/letsencrypt/live/hide.com/privkey.pem";

}

----------- Virtual hosts -----------


VirtualHost "jabber.main.com"

ssl = {

        certificate = "/etc/prosody/certs/jabber.sorokin.music.crt";

        key = "/etc/prosody/certs/jabber.sorokin.music.key";

    }


disco_items = {

    { "upload.main.com", "file sharing service" },

    { "conference.main.com", "group chat service" },

}

Component "upload.main.com" "http_file_share"

http_file_share_expires_after = 31 * 24 * 60 * 60

http_file_share_global_quota = 1024*1024*1024*10

ssl = {

    certificate = "/etc/prosody/certs/upload.main.com.crt";

    key = "/etc/prosody/certs/upload.main.com.key";

}

http_file_share_base_url = "https://upload.main.com"

http_file_share_max_size = 20485760


Component "conference.main.com" "muc"

modules_enabled = {

        "muc_mam";

    }

ssl = {

        certificate = "/etc/prosody/certs/conference.main.com.crt";

        key = "/etc/prosody/certs/conference.main.com.key";

    }

restrict_room_creation = true

component_admins_as_room_owners = true

max_history_messages = 2000


Nginx


for upload.main.com


server {

    listen 443 ssl;

    listen [::]:443 ssl;

    server_name upload.main.com;

    ssl_certificate /etc/letsencrypt/live/upload.main.com/fullchain.pem;

    ssl_certificate_key /etc/letsencrypt/live/upload.main.com/privkey.pem;

    location / {

        proxy_pass http://localhost:5280;

        proxy_set_header Host $host;

        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_set_header X-Forwarded_Proto $scheme;

        limit_except GET HEAD PUT {

            deny all;

        }

    }

}




server {

    listen 443 ssl;

    server_name hide.com;


    ssl_certificate /etc/letsencrypt/live/hide.com/fullchain.pem;

    ssl_certificate_key /etc/letsencrypt/live/hide.com/privkey.pem;


    # BOSH

    location /http-bind {

        proxy_pass http://localhost:5280/http-bind;

        proxy_set_header Host $host;

        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_buffering off;

        tcp_nodelay on;

    }


    # WebSocket

    location /xmpp-websocket {

        proxy_pass http://localhost:5280/xmpp-websocket;

        proxy_http_version 1.1;

        proxy_set_header Upgrade $http_upgrade;

        proxy_set_header Connection "upgrade";

        proxy_set_header Host $host;

        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_buffering off;

        tcp_nodelay on;

    }


    location / {

        root /var/www/hide.com;

        index index.html;

    }

}


logs from prosody:

sudo tail -f /var/log/prosody/prosody.log

Aug 17 19:26:28 jabber.main.com:mam debug Archive query id=MLhistory:128786E1-5D2B-429A-B8D5-EAC1A41C37DA completed, 0 items returned

Aug 17 19:26:28 c2s5bf4eca00680 debug Sending <r> from c2s-pre-ondrain - #queue=1

Aug 17 19:26:28 c2s5bf4eca00680 debug Sending[c2s]: <r xmlns='urn:xmpp:sm:3'>

Aug 17 19:26:28 connb81U9bqF0L-1 debug Sent 269 out of 269 buffered bytes

Aug 17 19:26:28 c2s5bf4eca00680 debug Received[c2s]: <r xml:lang='en' xmlns='urn:xmpp:sm:3'>

Aug 17 19:26:28 c2s5bf4eca00680 debug Received ack request, acking for 33

Aug 17 19:26:28 c2s5bf4eca00680 debug Sending[c2s]: <a xmlns='urn:xmpp:sm:3' h='33'>

Aug 17 19:26:28 connb81U9bqF0L-1 debug Sent 33 out of 33 buffered bytes

Aug 17 19:26:28 c2s5bf4eca00680 debug Received[c2s]: <a xml:lang='en' xmlns='urn:xmpp:sm:3' h='42'>

Aug 17 19:26:28 c2s5bf4eca00680 debug #queue = 0 (acked: 1)

Aug 17 19:26:51 c2s5bf4ecd1b040 debug Handled 103 incoming stanzas

Aug 17 19:26:51 c2s5bf4ecd1b040 debug Received[c2s]: <iq type='get' id='0F994592-83B7-4FCD-AD01-A6FF5392C4BF' xml:lang='en' to='upload.main.com'>

Aug 17 19:26:51 upload.main.com:http_file_share info Issuing upload slot to sor...@jabber.main.com for 120 KiB

Aug 17 19:26:51 sql debug SQL transaction begin [function @mod_storage_sql.lua:370()]

Aug 17 19:26:51 sql debug SQL transaction success [function @mod_storage_sql.lua:370()]

Aug 17 19:26:51 sql debug SQL transaction begin [function @mod_storage_sql.lua:222()]

Aug 17 19:26:51 sql debug SQL transaction success [function @mod_storage_sql.lua:222()]

Aug 17 19:26:51 upload.main.com:http_file_share debug Total storage usage: 3.19 MiB / 10 GiB

Aug 17 19:26:51 c2s5bf4ecd1b040 debug Sending[c2s]: <iq type='result' to='sor...@jabber.main.com/Monal-iOS.d5616c63' from='upload.main.com' id='0F994592-83B7-4FCD-AD01-A6FF5392C4BF'>

Aug 17 19:26:51 c2s5bf4ecd1b040 debug Sending <r> from c2s-pre-ondrain - #queue=1

Aug 17 19:26:51 c2s5bf4ecd1b040 debug Sending[c2s]: <r xmlns='urn:xmpp:sm:3'>

Aug 17 19:26:51 connfM3DLKOqXCqV debug Sent 917 out of 917 buffered bytes

Aug 17 19:26:51 c2s5bf4ecd1b040 debug Received[c2s]: <r xml:lang='en' xmlns='urn:xmpp:sm:3'>

Aug 17 19:26:51 c2s5bf4ecd1b040 debug Received ack request, acking for 103

Aug 17 19:26:51 c2s5bf4ecd1b040 debug Sending[c2s]: <a xmlns='urn:xmpp:sm:3' h='103'>

Aug 17 19:26:51 connfM3DLKOqXCqV debug Sent 34 out of 34 buffered bytes

Aug 17 19:26:51 c2s5bf4ecd1b040 debug Received[c2s]: <a xml:lang='en' xmlns='urn:xmpp:sm:3' h='192'>

Aug 17 19:26:51 c2s5bf4ecd1b040 debug #queue = 0 (acked: 1)

Aug 17 19:26:51 connlOYdVw3zfK0L debug New connection FD 35 (127.0.0.1, 42962, 127.0.0.1, 5280) on server FD 18 (127.0.0.1, 5280)

Aug 17 19:26:51 connlOYdVw3zfK0L debug Connected (FD 35 (127.0.0.1, 42962, 127.0.0.1, 5280))

Aug 17 19:26:51 runnerTZwmurAjXtbV debug creating new coroutine

Aug 17 19:26:51 http.PUT-SAFM4EuQKfFI debug PUT /068a22cf-ba70-758c-a2b4-de4ec4a79b4b/4FFEBB0B-8159-4F0B-A482-F0F6C872C4C3.jpg HTTP/1.0

Aug 17 19:26:51 http.PUT-SAFM4EuQKfFI debug HTTP/1.0 404 Not Found

Aug 17 19:26:51 connlOYdVw3zfK0L debug Close after writing remaining buffered data

Aug 17 19:26:51 connlOYdVw3zfK0L debug Sent 764 out of 764 buffered bytes

Aug 17 19:26:51 connlOYdVw3zfK0L debug Closing now


Any help would be greatly appreciated!

Best,
Nikita

Zash

unread,
Aug 21, 2025, 4:10:53 PMAug 21
to prosod...@googlegroups.com
On Sun, Aug 17, 2025 at 03:07:14PM -0700, Nikita Sorokin wrote:
>http_file_share_base_url = "https://upload.main.com"

This setting is meant to be used when something other than Prosody is
handling uploads.

It is *not* for when you run Prosody behind a reverse proxy, for that
instead use `http_external_url = "https://upload.main.com"`

--
Zash
Reply all
Reply to author
Forward
0 new messages