3 files changed, 16 insertions, 0 deletions

diff --git a/README.md b/README.md
index f7b428d..2defa3e 100644
--- a/README.md
+++ b/README.md
@@ -48,6 +48,7 @@ on the box itself will be taken care of by the playbook):
 | ----------- | -------- | ---- |
 | SSH         | TCP      | 22   |
 | HTTP        | TCP      | 80   |
+| XEP-0065    | TCP,UDP  | 5000 |
 | XMPP Client | TCP      | 5222 |
 | XMPP Server | TCP      | 5269 |
 
diff --git a/files/prosody.cfg.lua b/files/prosody.cfg.lua
index 57d307a..89d426e 100644
--- a/files/prosody.cfg.lua
+++ b/files/prosody.cfg.lua
@@ -25,6 +25,7 @@ modules_enabled = {
     "ping";
     "posix";
     "private";
+    "proxy65";
     "register";
     "roster";
     "saslauth";
diff --git a/playbook.yaml b/playbook.yaml
index 127c383..8c53a57 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -28,6 +28,20 @@
       - WWW
       - XMPP
      become: true
+   - name: Ensure port 5000/tcp is open for XEP-0065
+     community.general.ufw:
+      rule: allow
+      port: 5000
+      proto: tcp
+      state: enabled
+     become: true
+   - name: Ensure port 5000/udp is open for XEP-0065
+     community.general.ufw:
+      rule: allow
+      port: 5000
+      proto: udp
+      state: enabled
+     become: true
    - name: Ensure certbot on-renew hook is installed
      ansible.builtin.copy:
       src: "{{ playbook_dir }}/files/on_renew.sh"