Jabber Server
1. Introduction
2. ejabberd
2.1 Configuring ejabberd
2.2 DNS Records
2.3 ejabberd Port Forwarding
3. Transports
3.1 AIM Transport
3.2 MSN Transport
4. Gajim
Introduction
I've always fancied running my own Jabber server, but I would also like to run AIM and MSN transports. I have tried and failed to get Jabber 1.4 server workingg, so I have decided to give ejabberd a go.ejabberd
aptitude install ejabberd
Configuring ejabberd
Edit '/etc/ejabberd/ejabberd.cfg'. % are comments.nano /etc/ejabberd/ejabberd.cfgThis config file is read only once, and the settings are put into the ejabbed server database on startup. Unfortunately, that's probably already happened, so uncomment the 'override_acls' directive - this makes the server re-read the ACL settings from this file on next startup.
override_acls.Edit the line below '%% Admin user'. It wants to be something like
%% Admin user
{acl, admin, {user, "user", "example.org"}}.
Change the line below '%% Hostname' to set the hostname of the server:
%% Hostname
{hosts, ["example.org"]}.
If you want to disable user registrations, set up the following ACL
% None username can be registered via in-band registration:
{access, register, [{deny, all}]}.
Take a look through the rest of the settings.
Now restart the server, to pick up the new settings:
ejabberdctl restartejabberdctl can also register your admin / jabber user if you've turned off anonymous registration:
ejabberdctl register "user" example.org <password>
DNS Records
eJabberd server and clients, are able to use DNS SRV records for hostname resolution. DNS SRV records allow for delegation of services 'by port' to other hosts. These instructions should work for Bind and NSD3, please check following documentation for full details... There are 3 SRV records that can be created for a eJabberd server installation:_jabber._tcp.your_domain.com. 86400 IN SRV 5 0 5269 host.example.org. _xmpp-server._tcp.your_domain.com. 86400 IN SRV 5 0 5269 host.example.org. _xmpp-client._tcp.your_domain.com. 86400 IN SRV 5 0 5222 host.example.org.Replace example.org. with your domain name and host with hostname of your eJabbered server. Once the your DNS server is properly updated, you should test the listings using Dig. For example, to test the entry of _jabber._tcp.some_domain.com, using the DNS server my.dns_server.com, you would enter the command below:
dig @127.0.0.1 _jabber._tcp.example.org any +shortThis should provide you with the data from your DNS SRV record:
5 0 5269 host.example.org.
ejabberd Port Forwarding
Use NAT or firewall rule to forward/allow the following ports to your Jabber server...- TCP/5222
- TCP/5223
- TCP/5269
- TCP/5280
- http://jerakeen.org/blog/2007/10/running-a-jabber-server-with-ejabberd/
- http://michael-prokop.at/blog/2007/07/27/setting-up-your-own-jabber-server-ejabberd/
- http://morozovsky.blogspot.com/2007/11/task-installation-corporate-instant.html
- http://mattfleming.com/node/130
- http://www.debian-administration.org/articles/42
- http://www.debian-administration.org/articles/392
Transports
I no longer enable these transports since they were somewhat unstable on Debian Etch. I may re-visit these in the future...AIM Transport
apt-get install pyaimt
Configure pyaimt
Edit '/etc/pyaimt.conf.xml' to suit your environment.- The 'jid' setting should be what ID you want the transport to take on the network. Example: aim.myserver.org
- The 'mainServer' setting should be the IP address or DNS of the main Jabber server. Default: 127.0.0.1
- The 'secret' setting should match the secret specified for component connections in your main Jabber server. It's a password that only the Jabber server and the transport must know.
- The 'port' setting is the port that the transport and ejabberd server agree to use to connect between them. Use: 5556
- The 'name' setting should be what name you wish users to see in a service discovery request.
/etc/pyaimt.conf.xml
<pyaimt>
<!-- The JabberID of the transport. -->
<jid>aim.example.org</jid>
<!-- The JabberID of the conference room handler. -->
<!-- GROUPCHAT IS NOT STABLE YET -->
<confjid>chatrooms.aim.example.org</confjid>
<!-- The component JID of the transport. Unless you're doing clustering, leave this alone -->
<!-- <compjid>aim1</compjid> -->
<!-- The IP address of the main Jabber server -->
<mainServer>127.0.0.1</mainServer>
<!-- The JID of the main Jabber server -->
<mainServerJID>example.org</mainServerJID>
<!-- The website of the Jabber service -->
<website>http://www.example.org/</website>
<!-- The TCP port to connect to the Jabber server on -->
<!-- (this is the default for Jabberd2) -->
<port>5556</port>
<!-- The TCP port that the web admin interface will answer on -->
<!-- (uncomment to enable) -->
<!-- <webport>12345</webport> -->
<!-- The authentication token to use when connecting to the Jabber server -->
<secret>secret</secret>
<!-- The default language to use (for error/status messages) -->
<lang>en</lang>
<!-- The hostname of the AOL login server you wish to connect to -->
<aimServer>login.oscar.aol.com</aimServer>
<!-- The port of the AOL server you wish to connect to -->
<aimPort>5190</aimPort>
<!-- The name of Socks Proxy if connecting thru a proxy -->
<!-- <socksProxyServer>im-proxy2</socksProxyServer> -->
<!-- The Socks Proxy port to use when connecting thru a proxy -->
<!-- <socksProxyPort>1080</socksProxyPort> -->
<!-- Send greeting on login (enter text to be sent to users here) -->
<!-- <sessionGreeting>enter message here</sessionGreeting> -->
<!-- Send message on successful registration -->
<!-- <registerMessage>You have successfully registered with PyAIMt</registerMessage> -->
<!-- Allow users of AIM gateway to chat with ICQ users -->
<!-- (uncomment to enable) -->
<crossChat/>
<!-- Disable registration with the transport -->
<!-- (uncomment to disable) -->
<!-- <disableRegister/> -->
<!-- Enable automatic invitation to reconnect on restart -->
<!-- (uncomment to enable) -->
<!-- <enableAutoInvite/> -->
<!-- Disable xhtml support (messages with fonts and colors) -->
<!-- (uncomment to disable) -->
<!-- <disableXHTML/> -->
<!-- Disable mail notifications -->
<!-- (uncomment to disable) -->
<disableMailNotifications/>
<!-- Disable use of default avatar if none is specified -->
<!-- (uncomment to disable) -->
<!-- <disableDefaultAvatar/> -->
<!-- Disable use of iq-based avatars (JEP-0008) -->
<!-- (uncomment to disable) -->
<!-- <disableIQAvatars/> -->
<!-- Disable use of vcard-based avatars (JEP-0153) -->
<!-- (uncomment to disable) -->
<!-- <disableVCardAvatars/> -->
<!-- Disable use of PEP-based avatars (JEP-0084) -->
<!-- (uncomment to disable) -->
<!-- NOT IMPLEMENTED YET -->
<!-- <disablePEPAvatars/> -->
<!-- You can choose which users you wish to have as administrators. These users can perform some tasks with Ad-Hoc commands that others cannot -->
<admins>
<jid>admin@example.org</jid>
</admins>
<!-- You can select which event loop PyAIMt will use. It's probably safe to leave this as the default -->
<!-- Use epoll for high-load Linux servers running kernel 2.6 or above -->
<!--<reactor>epoll</reactor>-->
<!-- Use kqueue for high-load FreeBSD servers -->
<!--<reactor>kqueue</reactor>-->
<!-- Use poll for high-load Unix servers -->
<!--<reactor>poll</reactor>-->
<!-- You can select which spool storage method you wish to use -->
<!-- Available methods are: -->
<!-- xmlfiles: single xml files in the spool directory in hashed dirs (default)-->
<!-- legacyaimtransport: compatible with c-based aim transport, less functionality -->
<!-- mysql: registration information stored in a MySQL database -->
<!--<xdbDriver>xmlfiles</xdbDriver>-->
<!-- For MySQL -->
<!--<xdbDriver>mysql</xdbDriver>-->
<!--<xdbDriver_mysql>-->
<!--<username>pyaimt</username>-->
<!--<password>pyaimt</password>-->
<!--<database>pyaimt</database>-->
<!--<server>localhost</server>-->
<!--<format>encrypted</format>--> <!-- Enable encryption of passwords -->
<!--</xdbDriver_mysql>-->
<!-- For XMLFiles -->
<!--<xdbDriver>xmlfiles</xdbDriver>-->
<!--<xdbDriver_xmlfiles>-->
<!--<format>encrypted</format>--> <!-- Enable encryption of passwords -->
<!--</xdbDriver_xmlfiles>-->
<!-- Only grab avatars when a chat is initiated. -->
<!-- <avatarsOnlyOnChat/> -->
<!-- Disable all avatar functionality. Might be necessary if you -->
<!-- do not have PIL installed. -->
<!-- <disableAvatars/> -->
<!-- Disable automatic send (via im) of away message when away set. -->
<!-- Note that away messages are -in addition to- the away status -->
<!-- message. -->
<!-- <disableAwayMessage/> -->
<!-- Use Jabber.com's XCP component protocol extensions. -->
<!-- <useXCP/> -->
<!-- SASL username used to bind to Jabber server. -->
<!-- secret, above, is used for sasl password -->
<!-- NOTE: This does not work with Twisted > 2.2.0. -->
<!-- <saslUsername>username</saslUsername> -->
<!-- Use external component binding. -->
<!-- This dodges the need to manually configure all jids that talk to this transport. -->
<!-- Jabberd2 requires saslUsername and useRouteWrap for this to work. -->
<!-- Wildfire as of 2.6.0 requires just this. -->
<!-- <useComponentBinding/> -->
<!-- Wrap stanzas in <route> stanza. -->
<!-- Jabberd2 requires this for useComponentBinding. -->
<!-- <useRouteWrap/> -->
<!-- JID of message archive service -->
<!-- <messageArchiveJID>datasink.example.org</messageArchiveJID> -->
<!-- If registration authentication is used, enter the method -->
<!-- Auth configs often require additional options to be specified. -->
<!-- See associated config entries per authRegister example. -->
<!-- NOTE: limited to LDAP for now -->
<!-- THIS IS UNTESTED AS OF YET -->
<!-- <authRegister>LDAP</authRegister> -->
<!-- For LDAP auth, make sure to uncomment <authRegister_LDAP> -->
<!-- and </authRegister_LDAP> and fill out the options in between. -->
<!-- <authRegister_LDAP> -->
<!-- The fqdn or ip address of the LDAP server -->
<!-- <server>ldap.example.org</server> -->
<!-- The Root DN to be used to perform LDAP searches -->
<!-- <rootDN>CN=Administrator,CN=Users,DC=example,DC=org</rootDN> -->
<!-- The password for the Root DN -->
<!-- <password>SECRET</password> -->
<!-- The Base DN to search for users -->
<!-- <baseDN>DC=example,DC=org</baseDN> -->
<!-- The attribute to search for the user ID. -->
<!-- 'samAccountname' in Windows, 'uid' on most other systems -->
<!-- <uidAttr>samAccountname</uidAttr> -->
<!-- </authRegister_LDAP> -->
</pyaimt>
Configure ejabberd
nano /etc/ejabberd/ejabberd.cfgUncomment the following section and edit and appropriate...
% AIM Transport
{5556, ejabberd_service, [{ip, {127, 0, 0, 1}},
{access, all},
{host, "aim.flexion.org", [{password, "secret"}]}]},
Now stop, then start (Yes!, stop then start) pyaimt and ejabberd.
/etc/init.d/pymsnt stop /etc/init.d/ejabberd stop /etc/init.d/pymsnt start /etc/init.d/ejabberd start
MSN Transport
apt-get install pymsnt python-imaging
Configure pymsnt
Edit '/etc/pymsnt.conf.xml' to suit your environment.- The 'jid' setting should be the ID you want PyMSNt to take on the network. Example: 'msn.example.org'.
- The 'host' setting should be a public DNS or IP address of the server the transport is running on. This is needed for file transfer!
- The 'mainServer' setting should be the IP address or DNS of the main Jabber server. Default: '127.0.0.1'.
- The 'port' setting is the port that PyMSNt and the Jabber server agree to use to connect between them. Use: 5557.
- The 'secret' setting should match the secret specified for component connections in your main Jabber server. It's a password that only the Jabber server and the transport must know.
- The 'website' setting should be a website to refer users to.
- Ensure that the transport can make outgoing connections on port 443 (HTTPS), 1863, as well as incoming connections on 8010 (for Jabber file transfers).
/etc/pymsnt.conf.xml
<pymsnt> <!-- This file contains options to be configured by the server administrator. --> <!-- Please read through all the options in this file --> <!-- The JabberID of the transport --> <jid>msn.example.org</jid> <!-- The public IP or DNS name of the machine the transport is running on --> <!-- This is needed for file transfer!! --> <host>msn.example.org</host> <!-- The component JID of the transport. Unless you're doing clustering, leave this alone --> <!-- <compjid>msn1</compjid> --> <!-- The name of the transport in the service discovery list. --> <!-- <discoName>MSN Transport</discoName> --> <!-- The Twisted reactor to choose. Pick poll or epoll on Linux, kqueue on BSD. Or leave as default (best found) --> <!-- <reactor>poll</reactor> --> <!-- The IP address of the main Jabber server to connect to --> <mainServer>127.0.0.1</mainServer> <!-- The TCP port to connect to the Jabber server on (this is the default for Jabberd2) --> <port>5557</port> <!-- The authentication token to use when connecting to the Jabber server --> <secret>secret</secret> <!-- Use Jabber.com's XCP component protocol extensions. --> <!-- <useXCP/> --> <!-- The default language to use --> <lang>en</lang> <!-- The website of the Jabber service --> <website>http://www.example.org</website> <!-- Comment out the following options to disable them, or uncomment them to enable them --> <!-- Send email notification messages to users --> <!-- <mailNotifications/> --> <!-- Send greeting on login --> <!-- <sessionGreeting>You have just started a session with PyMSNt</sessionGreeting> --> <!-- Send message on successful registration --> <!-- <registerMessage>You have successfully registered with PyMSNt</registerMessage> --> <!-- Allow users to register with this transport --> <allowRegister/> <!-- Get all avatars. If this is set to true then avatars are grabbed for all your contacts immediately. If false then avatars are only grabbed when you're in a chat with a contact --> <getAllAvatars/> <!-- The amount of time a user has to join a groupchat they are invited to before the transport makes them leave the room. (MSN protocol requires autojoining of groupchats) --> <!-- <groupchatTimeout>120</groupchatTimeout> --> <!-- File transfer settings --> <!-- The maximum size of a file transfer (in bytes). For unlimited, comment out, or set to 0 --> <ftSizeLimit>524288</ftSizeLimit> <!-- The maximum rate for file transfer (in bytes). For unlimited, comment out, or set to 0 --> <ftRateLimit>2048</ftRateLimit> <!-- Please give the port to listen for Jabber socks5 transfers on. --> <ftJabberPort>8010</ftJabberPort> <!-- Please give the port to listen for HTTP GETs here (Used in old-style OOB file transfers. Best to leave this disabled unless you know you need it.) --> <!--<ftOOBPort>8011</ftOOBPort>--> <!-- Please give the root URL the transport should send to clients. (You can use an Apache reverse proxy to put this on your ordinary website) --> <!-- Eg, the transport will listen on port 8011 for HTTP GETs to /RANDOM_FILE.ext. You can set apache to forward any requests to http://yourhost.com:80/msn/files/RANDOM_FILE.ext to http://yourhost.com:8011/RANDOM_FILE.ext. This saves you from opening extra ports. --> <!--<ftOOBRoot>http://host.com/msn/files/</ftOOBRoot>--> <!-- You can choose which users you wish to have as administrators. These users can perform some tasks with Ad-Hoc commands that others cannot --> <admins> <jid>admin@example.org</jid> </admins> <!-- Log settings --> <!-- The logging level 0 -> No logging 1 -> Log tracebacks 2 -> Log tracebacks, warnings and errors 3 -> Log all sorts of informational (mostly useless stuff) 4 -> Log the MSN protocol code sent --> <debugLevel>2</debugLevel> </pymsnt>
Configure ejabberd
nano /etc/ejabberd/ejabberd.cfgUncomment the following section and edit and appropriate...
% MSN Transport
{5557, ejabberd_service, [{ip, {127, 0, 0, 1}},
{access, all},
{host, "msn.flexion.org", [{password, "secret"}]}]},
Now stop, then start (Yes!, stop then start) pymsnt and ejabberd.
/etc/init.d/pymsnt stop /etc/init.d/ejabberd stop /etc/init.d/pymsnt start /etc/init.d/ejabberd startNOTE! In order for incoming file transfers to work, also setup Port forwarding for TCP/8010 to your Jabber server. References
- http://delx.cjb.net/pymsnt/
- http://www.ejabberd.im/pymsnt
- http://code.google.com/p/pyaimt/
- http://www.ejabberd.im/pyaimt
- http://xmpppy.sourceforge.net/yahoo/
- http://debian.cihar.com/
- http://osdir.com/ml/network.jabber.py-transports/2006-03/msg00224.html
- https://www.comefrom.de/blog/index.php?/archives/13-Installing-PyICQt-for-ejabberd-the-debian-way.html
Gajim
Gajim is my preferred Jabber client since it is available for all major desktop operating systems and fully supports Jabber servers.$Id: JabberServer,v 1.32 2008/09/02 11:49:16 martin Exp $
Wiki Index All Recent Edit Top
