Installing Prosody's Lightweight Jabber with LDAP Authentication via SASL
This is a simple recipe for setting up an IM server for communication within a company. In our company, Jabber is used for communication within the network, and some time ago we began to notice that jabberd14 mercilessly flows and loads the server. The search for a lightweight replacement led to the north of Prosody written in Lua. According to the developers, this is a modern flexible server for communication, focused on ease of setup and undemanding of resources. The work of the last couple of months confirms this in principle.
The server on which Jabber runs with Ubuntu 10.04 LTS, and the installation, as for any Debian-based distribution, is quite simple - add a repository to /etc/apt/sources.list:
add key:
')
and install:
As you noted above, in parallel, we installed SASL, which we use for authentication in the company's LDAP (the configuration of LDAP itself is not considered - we believe that it already exists).
Configure the saslauthd daemon parameters to work with the LDAP mechanism — add the following to / etc / default / saslauthd:
Create a configuration for the XMPP service /etc/sasl/xmpp.conf, we will check through the PLAIN and LOGIN mechanisms:
In the configuration file /etc/saslauthd.conf, we indicate the address of the LDAP server and the base DN by which we will search for users:
Now you can restart the saslauthd authentication daemon:
Setting up Prosody is quite simple - configuration files are represented by Lua scripts. Add to /etc/prosody/prosody.cfg.lua:
Restart Prosody:
Now users can use Jabber server and eating jabberd14 resources in the past. We did not understand why jabberd14 eats resources, perhaps one of the installed plug-ins was to blame, but Prosody performs all the functions we need by consuming minimal resources.
Additional plugins we use with Prosody:
Additional reading:
The server on which Jabber runs with Ubuntu 10.04 LTS, and the installation, as for any Debian-based distribution, is quite simple - add a repository to /etc/apt/sources.list:
deb packages.prosody.im/debian lucid mainadd key:
')
wget prosody.im/files/prosody-debian-packages.key -O- | sudo apt-key add -and install:
apt-get update && apt-get install prosody-0.9 liblua5.1-cyrussasl0 libsasl2-modules-ldap sasl2-binAs you noted above, in parallel, we installed SASL, which we use for authentication in the company's LDAP (the configuration of LDAP itself is not considered - we believe that it already exists).
Configure the saslauthd daemon parameters to work with the LDAP mechanism — add the following to / etc / default / saslauthd:
START=yes
MECHANISMS="ldap"Create a configuration for the XMPP service /etc/sasl/xmpp.conf, we will check through the PLAIN and LOGIN mechanisms:
pwcheck_method: saslauthd
mech_list: plain loginIn the configuration file /etc/saslauthd.conf, we indicate the address of the LDAP server and the base DN by which we will search for users:
ldap_servers: ldap://127.0.0.1
ldap_search_base: ou=users,dc=example,dc=comNow you can restart the saslauthd authentication daemon:
/etc/init.d/saslauthd restartSetting up Prosody is quite simple - configuration files are represented by Lua scripts. Add to /etc/prosody/prosody.cfg.lua:
-- Enable the cyrus backend
c2s_require_encryption = true
anonymous_login = false
allow_unencrypted_plain_auth = false
authentication = "cyrus"
cyrus_service_name = "xmpp" -- Optional, defaults to "xmpp"
cyrus_application_name = "xmpp"Restart Prosody:
/etc/init.d/prosody restartNow users can use Jabber server and eating jabberd14 resources in the past. We did not understand why jabberd14 eats resources, perhaps one of the installed plug-ins was to blame, but Prosody performs all the functions we need by consuming minimal resources.
Additional plugins we use with Prosody:
- roster_command - for managing roasters through prosodyctl (we have kroner signs everyone for everyone)
- muc_log - recording conversations in conferences
- muc_log_http - built-in web-interface for viewing conversations in conferences recorded by mod_muc_log
- webpresence - publishes Jabber user status
Additional reading:
Source: https://habr.com/ru/post/138995/
All Articles