Linux ejabberd

From John Freier
Revision as of 08:30, 18 May 2016 by Jfreier (Talk | contribs)

Jump to: navigation, search

ejabberd is an open source platform built on Jabber/XMPP.

XMPP (Extensible Messaging and Presence Protocol)

https://github.com/processone/ejabberd

ejabberd does not store messages on the server. There are mods available to do this called Message Archive Management (aka MAM).

Offline messages there is a mod to store these messages, mod_offline.

Install

OSX - I just downloaded the installer and app.

Fedora 

 # yum install ejabberd

Startup

To start, stop, status, restart 

 # ejabberdctl start

There is no auto startup script for ejabberd for Fedora if you google around you can find one.

Config

Host - Updated the host to include my domain. 

 {hosts, ["localhost", "johnfreier.com"]}.

Turned off the web admin interface 

 %%web_admin

Turned off user registration. Switch 'allow' to 'deny'. You will need to register users before turning this off. 

 {access, register, [{deny, all}]}.

TTLS - I needed to enable TTLS to be able to communicate between servers. To get this working correctly I also needed to uncomment out the pem cert. 

 {s2s_use_starttls, true}.
  
 {s2s_certfile, "/etc/ejabberd/ejabberd.pem"}

Added my user to the list of admin users. 

 {acl, admin, {user, "myusername", "johnfreier.com"}}.


Register an account CLI

This is how you register an account. 

 # ejabberdctl register myuser johnfreier.com password


File Locations

Configs 

 /etc/ejabberd/*

Logs 

 /var/log/ejabberd/*

Web Admin URL

If you choose to use the web admin interface.

http://yourdomain:5280/admin/

Ports

When ejabber is started by default it opens the following ports from nmap. 

 5222/tcp open     xmpp-client
 5269/tcp open     xmpp-server
 5280/tcp open     xmpp-bosh

5222 - standard port for clients to connect to. 5269 - standard port for servers to connect to. 5280 - is the same port as the web admin interface but when the webadmin interface is disabled this is still open??

After reading I heard about these ports. 

 4369 - I believe this port is used for the ./ejabberctl to talk to the server.

Might want to block port 4369 and 5280. 

# iptables -I INPUT ! -i lo -p tcp --dport 4369 -j DROP
# iptables -A INPUT -p tcp --dport 5280 -j DROP

The first line will block all but localhost because 4369 is needed for localhost only

Server 2 Server (S2S)

This is a feature that allows servers to talk to other servers.

Config properties that prefix with s2s_* are configurations with Server 2 Server.

To disable this feature look for and comment out. 

 ejabberd_s2s_in

Setup SSL

  • Attempt not yet verified.


== Resources http://michael-prokop.at/blog/2007/07/27/setting-up-your-own-jabber-server-ejabberd/ https://www.digitalocean.com/community/tutorials/how-to-install-ejabberd-xmpp-server-on-ubuntu https://docs.ejabberd.im/admin/guide/installation/ http://louwrentius.com/setting-up-a-jabber-instant-messaging-server-_http-title-site-doesnt-have-a-title-texthtml-charsetutf-8.html

Retrieved from "http://wiki.johnfreier.com/index.php?title=Linux_ejabberd&oldid=778"