⬆️ ⬇️

Instructions for setting up Ejabberd with J2J / ICQ transport (with correct encoding) on ​​Ubuntu Server

Hello.



Today we will set up our own jabber server for example.org on Ubuntu Server Edition.

On this server there will be a transport in ICQ and jabber. Logs will be written to the example.org/logs directory. Logs can be conveniently viewed from a mobile device (fancyindex + htpasswd + fail2ban).

The implication is that at least in Linux you already know. Also worth noting: the instruction is a guiding star, gives a general direction and does not call to carry it out 100% as it is written in it. Also, it does not cover 100% of the settings, you need to be able to configure the web-server and work with mysql.



Further for an example I will use Clodo.ru as a hoster. Naturally, various pieces of instructions can be applied on any other distribution kit / hoster.

')



Stage 1. Preparation of the server environment.



We register at the hoster, create a scale-server with ubuntu lucid 10.04 LTS 32-bit, 512MB of memory, 5GB SAS.

After receiving root access and other details go to the server.

We are waiting until dpkg updates the system to the current state:



ps uxa | egrep '(firstrun|local|apt|dpkg)'



Replace /etc/apt/sources.list with:



deb ru.archive.ubuntu.com/ubuntu lucid main restricted

deb ru.archive.ubuntu.com/ubuntu lucid-updates main restricted

deb ru.archive.ubuntu.com/ubuntu lucid universe

deb ru.archive.ubuntu.com/ubuntu lucid-updates universe

deb ru.archive.ubuntu.com/ubuntu lucid multiverse

deb ru.archive.ubuntu.com/ubuntu lucid-updates multiverse

deb ru.archive.ubuntu.com/ubuntu lucid-backports main restricted universe multiverse

deb archive.canonical.com/ubuntu lucid partner

deb security.ubuntu.com/ubuntu lucid-security main restricted

deb security.ubuntu.com/ubuntu lucid-security universe

deb security.ubuntu.com/ubuntu lucid-security multiverse

deb packages.spectrum.im lucid spectrum




Create the file /etc/apt/apt.conf.d/03test with the contents:



APT::Install-Recommends "false";

APT::Install-Suggests "false";




Add the Spectrum key (our future Jabber transport):



sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 47A944AF1905866A



Replace the hostname for convenience:



fgrep -r $(uname -n) /etc



We edit the files in the output, replacing the lines with the example.org we need, after which we change the hostname:



hostname example.org



Configure sudo for our user:



visudo



At the end of the file we enter:



user ALL=(ALL) ALL



Configuring access by key (google how it is done, the keywords ssh-agent, ssh-keygen -t rsa, ssh-copy-id) for the user user created by default.



We try to log in as user, and also check the operation of sudo su. After that, edit / etc / ssh / sshd_config.



Necessary options:



PermitRootLogin no

PasswordAuthentication no

RSAAuthentication yes

PubkeyAuthentication yes




After that, we restart SSH (be careful here, we denied access by password, as well as root. You can fix the jambs here through VNC in the case of Clodo, or through KVM, in general, using physical access to the server console):



service ssh restart



Russify the system with UTF-8 support:



Editing the file /var/lib/locales/supported.d/locale.gen

ru_RU.UTF-8 UTF-8

en_US.UTF-8 UTF-8




and / etc / environment file



LANGUAGE=ru_RU.UTF-8

LANG=ru_RU.UTF-8




We generate locales:



dpkg-reconfigure locales



At this stage, you can restart the server by specifying UTF-8 in the SSH client. Russian language will appear.



Add to /etc/rc.local:



sysctl -w vm.swappiness=100

su -c 'echo 0 > /sys/devices/system/xenmgm/xenmgm0/memmin_bytes'

su -c 'echo 60000000 > /sys/devices/system/xenmgm/xenmgm0/reserve_free_bytes'




This will save money on the server (relevant for clodo).



Install the necessary packages:

apt-get install libpurple0-minimal htop strace apache2 mysql-server spectrum python python-twisted python-imaging postfix iptables fail2ban mailutils mpack subversion



During the installation, the system will ask for the root password from MySQL, how the mail server will function (we select the Internet Site, the domain name example.org).



In the zone for example.org we indicate:



example.org. A 1.2.3.4 ( IP-)

example.org MX 10 example.org.

_xmpp-server._tcp.example.org. SRV 0 0 5269 example.org.

_xmpp-client._tcp.example.org. SRV 0 0 5222 example.org.

_jabber._tcp.example.org. SRV 0 0 5269 example.org.

example.org. TXT "v=spf1 a mx ~all"

* CNAME @




Configuring aliases by editing the / etc / aliases file:



root: myemail@gmail.com

user:: myemail@gmail.com




Generate aliases for postfix:



newaliases



We send a test letter:



mail -s test user [ enter]

CC: [ enter]

[ ctrl+d]




We look at the logs /var/log/mail.info, as well as the presence of a letter in the box myemail@gmail.com.

If everything is ok, let's go further!



Set up reboot notifications by email.



Under user we execute:



crontab -e



Write the string:

@reboot echo "server rebooted at `date`" | mail -s "Server `uname -n` Rebooted!" user@example.org



Attention, if the date specifies the modifier +%, we put an escaping before the percentage, for example: $ (date + \% m. \% D), or `date + \% m. \% D`, otherwise the crowns will be buried with incomprehensible errors .



Stage 2. Setting up our Jabber.



Download the ejabberd distribution.



cd /usr/src

wget www.process-one.net/downloads/ejabberd/2.1.6/ejabberd-2.1.6-linux-x86-installer.bin.gz

gunzip ejabberd-2.1.6-linux-x86-installer.bin.gz

chmod +x ejabberd-2.1.6-linux-x86-installer.bin

./ejabberd-2.1.6-linux-x86-installer.bin




Installation is simple.

Choose a language, carefully read the entire license agreement, choose “y” in response to the question: “Do you accept the terms of the license agreement? [y / n]: ”, select the installation directory (we leave the default /opt/ejabberd-2.1.6), the domain name is example.org, the admin user name is admin, the administrator password. We refuse cluster settings:

[y/N]: N



----------------------------------------------------------------------------

ejabberd .



? [Y/n]: Y




Ejabberd will install.



Server management comes from the directory /opt/ejabberd-2.1.6/bin

Read more in the ejabberd documentation.



Now we are interested in /opt/ejabberd-2.1.6/conf/ejabberd.cfg, we edit it by adding the necessary lines:



in the {modules,: section



{mod_log_chat, [{path, "/opt/ejabberd-2.1.6/www"}, {format, html}]},



in the {listen,: section



{8888, ejabberd_service, [

{access, all},

{shaper_rule, fast},

{ip, {127, 0, 0, 1}},

{hosts, ["icq.example.org”, "sms.example.org"],

[{password, "iearhg98a3hg89h3498gha9"}]

}

]},



{8883, ejabberd_service, [

{access, all},

{shaper_rule, fast},

{ip, {127, 0, 0, 1}},

{hosts, ["j2j.example.org"],

[{password, "ojer0jg0a9jg09j0gjreg0"}]

}

]},




We check that the /opt/ejabberd-2.1.6/www directory is created and has the rights 0755.



Now you need to compile the mod_log_chat module and install it:



cd /usr/src

svn co svn.process-one.net/ejabberd-modules

cp ejabberd-modules/mod_log_chat/trunk/src/mod_log_chat.erl /opt/ejabberd-2.1.6/

cd /opt/ejabberd-2.1.6

bin/erlc -I includes/ejabberd/include mod_log_chat.erl

mv mod_log_chat.beam lib/ejabberd-2.1.6/ebin/

rm mod_log_chat.erl




Now we run and test ejabberd, write someone a message, look at the logs. Everything should work. Stop the ejabberd.



cd /opt/ejabberd-2.1.6/bin

./start

./stop




Add to /etc/rc.local before exit 0:



sleep 10

su -c '/opt/ejabberd-2.1.6/bin/start'




Stage 3. We set up the transport on ICQ.



We will use pyicq-t.



Add user jabber:



useradd -m -s /bin/bash jabber

passwd jabber

su jabber

cd




Download pyicqt from pyicqt.googlecode.com to jabber and unpack the transport.



wget pyicqt.googlecode.com/files/pyicqt-0.8.1.5.tar.gz

tar zvxf pyicqt-0.8.1.5.tar.gz

mv pyicqt-0.8.1.5 pyicqt

cd pyicqt

cp config_example.xml config.xml




We edit config.xml, set everything up as in the config above, server 127.0.0.1, port 8888, secret token — password, encoding cp1251, login.icq.com, 5190, language ru — the config speaks for itself.



append to /etc/rc.local before exit 0:



su -c 'python /home/jabber/pyicqt/PyICQt.py > /home/jabber/pyicqt/log 2>&1 &' - jabber



Stage 4. Configure j2j transport:




cd /etc/spectrum/

wget spectrum.im/attachments/download/14/mysql_schema.sql


Using mysql commands, create user j2j with password pass and database j2j.



mysql -u j2j -p'pass' j2j < mysql_schema.sql

mv spectrum.cfg.example spectrum.cfg




Edit spectrum.cfg:



jid=j2j.example.org

password=_

port=8883

filetransfer_cache=/var/lib/spectrum/filetransfer_cache

name=j2j

language=en

enable_public_registration=1



[logging]

log_file=/var/log/spectrum/$jid.log

log_areas=

[database]

type=mysql

host=localhost

user=j2j

password=pass

database=j2j

prefix=j2j_





Pay attention to log_areas, it is better to leave the field empty, otherwise there will be a lot of garbage in the / var / log / spectrum log.



Add to /etc/rc.local before exit 0:



/etc/init.d/spectrum start



Step 5. Configuring viewing logs:




Let's say apache2 for working with example.org is configured in /home/user/www/example.org.



Create a symlink:

lrwxrwxrwx 1 root root 24 2011-03-04 13:24 chat -> /opt/ejabberd-2.1.6/www/



Create /opt/ejabberd-2.1.6/www/.htaccess with the contents:



Options +Indexes

IndexOptions FancyIndexing

IndexOptions +SuppressSize

IndexOrderDefault Descending Date

AuthType Basic

AuthName "wat"

AuthUserFile /opt/ejabberd-2.1.6/www/.htpasswd

Require valid-user




You can generate the file /opt/ejabberd-2.1.6/www/.htpasswd, for example, with these:

www.htaccesstools.com/htpasswd-generator



We will fail2ban protect us from brute force. Do not forget to add the necessary services to autoload:



update-rc.d SERVICENAME defaults



That's all. After rebooting, if everything was done correctly, the server will work.



For use, I recommend the PSI + client with options for automatic user authorization and automatic retrieval of user nicknames. This is a hidden option, added to options / contactlist:



bool options.contactlist.resolve-nicks-on-contact-add true



For Android, I recommend Xabber.



To test and configure in the process of reading the instructions you need to look and use:



Logs ejabberd: /opt/ejabberd-2.1.6/logs

These logs will tell you why the server did not start, what happens at all, where the problem is in the syntax, etc.



Spectrum logs: / var / log / spectrum

Similarly, when problems Spectrum will flood the log



Ejabberctl: /opt/ejabberd-2.1.6/bin/ejabberdctl

Used to create, delete, set user password. Ultra-useful utility, until you figure out the roster, automatic user authorization and automatic nick reception.



Documentation sites:

ejabberd.im

spectrum.im

code.google.com/p/pyicqt

google.com



In touch with you, write about typos and errors in habraposhchta or comments, I will correct.

Source: https://habr.com/ru/post/118676/



All Articles