Instructions for setting up Ejabberd with J2J / ICQ transport (with correct encoding) on Ubuntu Server
Hello.
Today we will set up our own jabber server for example.org on Ubuntu Server Edition.
On this server there will be a transport in ICQ and jabber. Logs will be written to the example.org/logs directory. Logs can be conveniently viewed from a mobile device (fancyindex + htpasswd + fail2ban).
The implication is that at least in Linux you already know. Also worth noting: the instruction is a guiding star, gives a general direction and does not call to carry it out 100% as it is written in it. Also, it does not cover 100% of the settings, you need to be able to configure the web-server and work with mysql.
Further for an example I will use Clodo.ru as a hoster. Naturally, various pieces of instructions can be applied on any other distribution kit / hoster.
')
Stage 1. Preparation of the server environment.
We register at the hoster, create a scale-server with ubuntu lucid 10.04 LTS 32-bit, 512MB of memory, 5GB SAS.
After receiving root access and other details go to the server.
We are waiting until dpkg updates the system to the current state:
Replace /etc/apt/sources.list with:
Create the file /etc/apt/apt.conf.d/03test with the contents:
Add the Spectrum key (our future Jabber transport):
Replace the hostname for convenience:
We edit the files in the output, replacing the lines with the example.org we need, after which we change the hostname:
Configure sudo for our user:
At the end of the file we enter:
Configuring access by key (google how it is done, the keywords ssh-agent, ssh-keygen -t rsa, ssh-copy-id) for the user user created by default.
We try to log in as user, and also check the operation of sudo su. After that, edit / etc / ssh / sshd_config.
Necessary options:
After that, we restart SSH (be careful here, we denied access by password, as well as root. You can fix the jambs here through VNC in the case of Clodo, or through KVM, in general, using physical access to the server console):
Russify the system with UTF-8 support:
Editing the file /var/lib/locales/supported.d/locale.gen
and / etc / environment file
We generate locales:
At this stage, you can restart the server by specifying UTF-8 in the SSH client. Russian language will appear.
Add to /etc/rc.local:
This will save money on the server (relevant for clodo).
Install the necessary packages:
During the installation, the system will ask for the root password from MySQL, how the mail server will function (we select the Internet Site, the domain name example.org).
In the zone for example.org we indicate:
Configuring aliases by editing the / etc / aliases file:
Generate aliases for postfix:
We send a test letter:
We look at the logs /var/log/mail.info, as well as the presence of a letter in the box myemail@gmail.com.
If everything is ok, let's go further!
Set up reboot notifications by email.
Under user we execute:
Write the string:
Attention, if the date specifies the modifier +%, we put an escaping before the percentage, for example: $ (date + \% m. \% D), or `date + \% m. \% D`, otherwise the crowns will be buried with incomprehensible errors .
Stage 2. Setting up our Jabber.
Download the ejabberd distribution.
Installation is simple.
Choose a language, carefully read the entire license agreement, choose “y” in response to the question: “Do you accept the terms of the license agreement? [y / n]: ”, select the installation directory (we leave the default /opt/ejabberd-2.1.6), the domain name is example.org, the admin user name is admin, the administrator password. We refuse cluster settings:
Ejabberd will install.
Server management comes from the directory /opt/ejabberd-2.1.6/bin
Read more in the ejabberd documentation.
Now we are interested in /opt/ejabberd-2.1.6/conf/ejabberd.cfg, we edit it by adding the necessary lines:
in the {modules,: section
in the {listen,: section
We check that the /opt/ejabberd-2.1.6/www directory is created and has the rights 0755.
Now you need to compile the mod_log_chat module and install it:
Now we run and test ejabberd, write someone a message, look at the logs. Everything should work. Stop the ejabberd.
Add to /etc/rc.local before exit 0:
Stage 3. We set up the transport on ICQ.
We will use pyicq-t.
Add user jabber:
Download pyicqt from pyicqt.googlecode.com to jabber and unpack the transport.
We edit config.xml, set everything up as in the config above, server 127.0.0.1, port 8888, secret token — password, encoding cp1251, login.icq.com, 5190, language ru — the config speaks for itself.
append to /etc/rc.local before exit 0:
Using mysql commands, create user j2j with password pass and database j2j.
Edit spectrum.cfg:
Pay attention to log_areas, it is better to leave the field empty, otherwise there will be a lot of garbage in the / var / log / spectrum log.
Add to /etc/rc.local before exit 0:
Let's say apache2 for working with example.org is configured in /home/user/www/example.org.
Create a symlink:
lrwxrwxrwx 1 root root 24 2011-03-04 13:24 chat -> /opt/ejabberd-2.1.6/www/
Create /opt/ejabberd-2.1.6/www/.htaccess with the contents:
You can generate the file /opt/ejabberd-2.1.6/www/.htpasswd, for example, with these:
www.htaccesstools.com/htpasswd-generator
We will fail2ban protect us from brute force. Do not forget to add the necessary services to autoload:
That's all. After rebooting, if everything was done correctly, the server will work.
For use, I recommend the PSI + client with options for automatic user authorization and automatic retrieval of user nicknames. This is a hidden option, added to options / contactlist:
For Android, I recommend Xabber.
To test and configure in the process of reading the instructions you need to look and use:
Logs ejabberd: /opt/ejabberd-2.1.6/logs
These logs will tell you why the server did not start, what happens at all, where the problem is in the syntax, etc.
Spectrum logs: / var / log / spectrum
Similarly, when problems Spectrum will flood the log
Ejabberctl: /opt/ejabberd-2.1.6/bin/ejabberdctl
Used to create, delete, set user password. Ultra-useful utility, until you figure out the roster, automatic user authorization and automatic nick reception.
Documentation sites:
ejabberd.im
spectrum.im
code.google.com/p/pyicqt
google.com
In touch with you, write about typos and errors in habraposhchta or comments, I will correct.
Today we will set up our own jabber server for example.org on Ubuntu Server Edition.
On this server there will be a transport in ICQ and jabber. Logs will be written to the example.org/logs directory. Logs can be conveniently viewed from a mobile device (fancyindex + htpasswd + fail2ban).
The implication is that at least in Linux you already know. Also worth noting: the instruction is a guiding star, gives a general direction and does not call to carry it out 100% as it is written in it. Also, it does not cover 100% of the settings, you need to be able to configure the web-server and work with mysql.
Further for an example I will use Clodo.ru as a hoster. Naturally, various pieces of instructions can be applied on any other distribution kit / hoster.
')
Stage 1. Preparation of the server environment.
We register at the hoster, create a scale-server with ubuntu lucid 10.04 LTS 32-bit, 512MB of memory, 5GB SAS.
After receiving root access and other details go to the server.
We are waiting until dpkg updates the system to the current state:
ps uxa | egrep '(firstrun|local|apt|dpkg)'
Replace /etc/apt/sources.list with:
deb ru.archive.ubuntu.com/ubuntu lucid main restricted
deb ru.archive.ubuntu.com/ubuntu lucid-updates main restricted
deb ru.archive.ubuntu.com/ubuntu lucid universe
deb ru.archive.ubuntu.com/ubuntu lucid-updates universe
deb ru.archive.ubuntu.com/ubuntu lucid multiverse
deb ru.archive.ubuntu.com/ubuntu lucid-updates multiverse
deb ru.archive.ubuntu.com/ubuntu lucid-backports main restricted universe multiverse
deb archive.canonical.com/ubuntu lucid partner
deb security.ubuntu.com/ubuntu lucid-security main restricted
deb security.ubuntu.com/ubuntu lucid-security universe
deb security.ubuntu.com/ubuntu lucid-security multiverse
deb packages.spectrum.im lucid spectrum
Create the file /etc/apt/apt.conf.d/03test with the contents:
APT::Install-Recommends "false";
APT::Install-Suggests "false";
Add the Spectrum key (our future Jabber transport):
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 47A944AF1905866A
Replace the hostname for convenience:
fgrep -r $(uname -n) /etc
We edit the files in the output, replacing the lines with the example.org we need, after which we change the hostname:
hostname example.org
Configure sudo for our user:
visudo
At the end of the file we enter:
user ALL=(ALL) ALL
Configuring access by key (google how it is done, the keywords ssh-agent, ssh-keygen -t rsa, ssh-copy-id) for the user user created by default.
We try to log in as user, and also check the operation of sudo su. After that, edit / etc / ssh / sshd_config.
Necessary options:
PermitRootLogin no
PasswordAuthentication no
RSAAuthentication yes
PubkeyAuthentication yes
After that, we restart SSH (be careful here, we denied access by password, as well as root. You can fix the jambs here through VNC in the case of Clodo, or through KVM, in general, using physical access to the server console):
service ssh restart
Russify the system with UTF-8 support:
Editing the file /var/lib/locales/supported.d/locale.gen
ru_RU.UTF-8 UTF-8
en_US.UTF-8 UTF-8
and / etc / environment file
LANGUAGE=ru_RU.UTF-8
LANG=ru_RU.UTF-8
We generate locales:
dpkg-reconfigure locales
At this stage, you can restart the server by specifying UTF-8 in the SSH client. Russian language will appear.
Add to /etc/rc.local:
sysctl -w vm.swappiness=100
su -c 'echo 0 > /sys/devices/system/xenmgm/xenmgm0/memmin_bytes'
su -c 'echo 60000000 > /sys/devices/system/xenmgm/xenmgm0/reserve_free_bytes'
This will save money on the server (relevant for clodo).
Install the necessary packages:
apt-get install libpurple0-minimal htop strace apache2 mysql-server spectrum python python-twisted python-imaging postfix iptables fail2ban mailutils mpack subversion
During the installation, the system will ask for the root password from MySQL, how the mail server will function (we select the Internet Site, the domain name example.org).
In the zone for example.org we indicate:
example.org. A 1.2.3.4 ( IP-)
example.org MX 10 example.org.
_xmpp-server._tcp.example.org. SRV 0 0 5269 example.org.
_xmpp-client._tcp.example.org. SRV 0 0 5222 example.org.
_jabber._tcp.example.org. SRV 0 0 5269 example.org.
example.org. TXT "v=spf1 a mx ~all"
* CNAME @
Configuring aliases by editing the / etc / aliases file:
root: myemail@gmail.com
user:: myemail@gmail.com
Generate aliases for postfix:
newaliases
We send a test letter:
mail -s test user [ enter]
CC: [ enter]
[ ctrl+d]
We look at the logs /var/log/mail.info, as well as the presence of a letter in the box myemail@gmail.com.
If everything is ok, let's go further!
Set up reboot notifications by email.
Under user we execute:
crontab -e
Write the string:
@reboot echo "server rebooted at `date`" | mail -s "Server `uname -n` Rebooted!" user@example.org
Attention, if the date specifies the modifier +%, we put an escaping before the percentage, for example: $ (date + \% m. \% D), or `date + \% m. \% D`, otherwise the crowns will be buried with incomprehensible errors .
Stage 2. Setting up our Jabber.
Download the ejabberd distribution.
cd /usr/src
wget www.process-one.net/downloads/ejabberd/2.1.6/ejabberd-2.1.6-linux-x86-installer.bin.gz
gunzip ejabberd-2.1.6-linux-x86-installer.bin.gz
chmod +x ejabberd-2.1.6-linux-x86-installer.bin
./ejabberd-2.1.6-linux-x86-installer.bin
Installation is simple.
Choose a language, carefully read the entire license agreement, choose “y” in response to the question: “Do you accept the terms of the license agreement? [y / n]: ”, select the installation directory (we leave the default /opt/ejabberd-2.1.6), the domain name is example.org, the admin user name is admin, the administrator password. We refuse cluster settings:
[y/N]: N
----------------------------------------------------------------------------
ejabberd .
? [Y/n]: Y
Ejabberd will install.
Server management comes from the directory /opt/ejabberd-2.1.6/bin
Read more in the ejabberd documentation.
Now we are interested in /opt/ejabberd-2.1.6/conf/ejabberd.cfg, we edit it by adding the necessary lines:
in the {modules,: section
{mod_log_chat, [{path, "/opt/ejabberd-2.1.6/www"}, {format, html}]},
in the {listen,: section
{8888, ejabberd_service, [
{access, all},
{shaper_rule, fast},
{ip, {127, 0, 0, 1}},
{hosts, ["icq.example.org”, "sms.example.org"],
[{password, "iearhg98a3hg89h3498gha9"}]
}
]},
{8883, ejabberd_service, [
{access, all},
{shaper_rule, fast},
{ip, {127, 0, 0, 1}},
{hosts, ["j2j.example.org"],
[{password, "ojer0jg0a9jg09j0gjreg0"}]
}
]},
We check that the /opt/ejabberd-2.1.6/www directory is created and has the rights 0755.
Now you need to compile the mod_log_chat module and install it:
cd /usr/src
svn co svn.process-one.net/ejabberd-modules
cp ejabberd-modules/mod_log_chat/trunk/src/mod_log_chat.erl /opt/ejabberd-2.1.6/
cd /opt/ejabberd-2.1.6
bin/erlc -I includes/ejabberd/include mod_log_chat.erl
mv mod_log_chat.beam lib/ejabberd-2.1.6/ebin/
rm mod_log_chat.erl
Now we run and test ejabberd, write someone a message, look at the logs. Everything should work. Stop the ejabberd.
cd /opt/ejabberd-2.1.6/bin
./start
./stop
Add to /etc/rc.local before exit 0:
sleep 10
su -c '/opt/ejabberd-2.1.6/bin/start'
Stage 3. We set up the transport on ICQ.
We will use pyicq-t.
Add user jabber:
useradd -m -s /bin/bash jabber
passwd jabber
su jabber
cd
Download pyicqt from pyicqt.googlecode.com to jabber and unpack the transport.
wget pyicqt.googlecode.com/files/pyicqt-0.8.1.5.tar.gz
tar zvxf pyicqt-0.8.1.5.tar.gz
mv pyicqt-0.8.1.5 pyicqt
cd pyicqt
cp config_example.xml config.xml
We edit config.xml, set everything up as in the config above, server 127.0.0.1, port 8888, secret token — password, encoding cp1251, login.icq.com, 5190, language ru — the config speaks for itself.
append to /etc/rc.local before exit 0:
su -c 'python /home/jabber/pyicqt/PyICQt.py > /home/jabber/pyicqt/log 2>&1 &' - jabber
Stage 4. Configure j2j transport:
cd /etc/spectrum/
wget spectrum.im/attachments/download/14/mysql_schema.sql
Using mysql commands, create user j2j with password pass and database j2j.
mysql -u j2j -p'pass' j2j < mysql_schema.sql
mv spectrum.cfg.example spectrum.cfg
Edit spectrum.cfg:
jid=j2j.example.org
password=_
port=8883
filetransfer_cache=/var/lib/spectrum/filetransfer_cache
name=j2j
language=en
enable_public_registration=1
[logging]
log_file=/var/log/spectrum/$jid.log
log_areas=
[database]
type=mysql
host=localhost
user=j2j
password=pass
database=j2j
prefix=j2j_
Pay attention to log_areas, it is better to leave the field empty, otherwise there will be a lot of garbage in the / var / log / spectrum log.
Add to /etc/rc.local before exit 0:
/etc/init.d/spectrum start
Step 5. Configuring viewing logs:
Let's say apache2 for working with example.org is configured in /home/user/www/example.org.
Create a symlink:
lrwxrwxrwx 1 root root 24 2011-03-04 13:24 chat -> /opt/ejabberd-2.1.6/www/
Create /opt/ejabberd-2.1.6/www/.htaccess with the contents:
Options +Indexes
IndexOptions FancyIndexing
IndexOptions +SuppressSize
IndexOrderDefault Descending Date
AuthType Basic
AuthName "wat"
AuthUserFile /opt/ejabberd-2.1.6/www/.htpasswd
Require valid-user
You can generate the file /opt/ejabberd-2.1.6/www/.htpasswd, for example, with these:
www.htaccesstools.com/htpasswd-generator
We will fail2ban protect us from brute force. Do not forget to add the necessary services to autoload:
update-rc.d SERVICENAME defaults
That's all. After rebooting, if everything was done correctly, the server will work.
For use, I recommend the PSI + client with options for automatic user authorization and automatic retrieval of user nicknames. This is a hidden option, added to options / contactlist:
bool options.contactlist.resolve-nicks-on-contact-add true
For Android, I recommend Xabber.
To test and configure in the process of reading the instructions you need to look and use:
Logs ejabberd: /opt/ejabberd-2.1.6/logs
These logs will tell you why the server did not start, what happens at all, where the problem is in the syntax, etc.
Spectrum logs: / var / log / spectrum
Similarly, when problems Spectrum will flood the log
Ejabberctl: /opt/ejabberd-2.1.6/bin/ejabberdctl
Used to create, delete, set user password. Ultra-useful utility, until you figure out the roster, automatic user authorization and automatic nick reception.
Documentation sites:
ejabberd.im
spectrum.im
code.google.com/p/pyicqt
google.com
In touch with you, write about typos and errors in habraposhchta or comments, I will correct.
Source: https://habr.com/ru/post/118676/
All Articles