Archive

Posts Tagged ‘Prosody’

Prosody: easiest, lightest and fast jabber server written in lua

January 15th, 2017 No comments

Hi there! After long time without any post i’ve come back to you with new experience and few new posts. So today we gonna do install Prosody jabber server to our Linux VPS.

Few month ago a’ve installed Prosody in my server and i was surprised: the setup was really quickly, i edited all configs during 5-10 minutes since i started to do it and afterwards it is really fast and not eating all memory like ejabberd likes do. No more words, let’s begin, guys!

Like everytime, i’ve used CentOS. Let’s install it:

# yum install prosody

We should say “yes” to all packages, that will ask you to install. It is depends packages that necessary for normal Prosody work. Install from repo will fast, so i think we can go to config edit step. I’ve skiped all coments inside config for your comfort and put my own. I described only important things. If you want lern more about Prosody config – just read config’s content. My guide – is for fast install.

admins = { "system@yourdomain.com"  }

modules_enabled = {

-- Generally required

"roster"; -- Allow users to have a roster. Recommended 😉

"saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.

"tls"; -- Add support for secure TLS on c2s/s2s connections

"dialback"; -- s2s dialback support

"disco"; -- Service discovery

-- Not essential, but recommended

"private"; -- Private XML storage (for room bookmarks, etc.)

"vcard"; -- Allow users to set vCards

-- These are commented by default as they have a performance impact

--"privacy"; -- Support privacy lists

--"compression"; -- Stream compression (Note: Requires installed lua-zlib RPM package)

-- Nice to have

"version"; -- Replies to server version requests

"uptime"; -- Report how long server has been running

"time"; -- Let others know the time here on this server

"ping"; -- Replies to XMPP pings with pongs

"pep"; -- Enables users to publish their mood, activity, playing music and more

"register"; -- Allow users to register on this server using a client and change passwords

-- Admin interfaces

"admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands

--"admin_telnet"; -- Opens telnet console interface on localhost port 5582

-- HTTP modules

--"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"

--"http_files"; -- Serve static files from a directory over HTTP

-- Other specific functionality

"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.

"groups"; -- Shared roster support

--"announce"; -- Send announcement to all online users

--"welcome"; -- Welcome users who register accounts

--"watchregistrations"; -- Alert admins of registrations

--"motd"; -- Send a message to users when they log in

--"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.

};

modules_disabled = {

-- "offline"; -- Store offline messages

-- "c2s"; -- Handle client connections

-- "s2s"; -- Handle server-to-server connections

};

allow_registration = true;

min_seconds_between_registrations = 300;

ssl = {

key = "/etc/prosody/sert/yourdomain.com.key";

certificate = "/etc/prosody/sert/fullchain.cer";

}

c2s_require_encryption = false

s2s_secure_auth = false

authentication = "internal_plain"

storage = "sql" -- Default is "internal" (Note: "sql" requires installed

sql = { driver = "MySQL", database = "databasename", username = "databaseuser", password = "databasepwd", host = "localhost" }

log = {

info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging

error = "/var/log/prosody/prosody.err"; -- Log errors also to file

}

pidfile = "/var/run/prosody/prosody.pid";

Include "conf.d/*.cfg.lua"

It is not finish. You also should create virtualhost for your domain in Prosody. You can edit an exist example.com.cfg.lua or create own one. I just edited an exist example.com.cfg.lua:

VirtualHost "example.com"
ssl = {
        key = "/etc/prosody/sert/example.com.key";
        certificate = "/etc/prosody/sert/fullchain.cer";
}
Component "conference.example.com" "muc"

So as you can see, i implemented 2 things in there. The first is i used mysql database, the second – i wrought path for SSL sertificate. I think that is big deal, because Jabber servers sometimes cant to connect to each other if one of them without SSL-sertificate. So i just used Let’s encrypt. How you can generate it too read in my previously topic. Lets make MySQL data base for our server:

# mysql - root -p
mysql> create database jabber;
mysql> grant usage on *.* to jabber@localhost identified by 'jabberpassword';
mysql> grant all privileges on jabber.* to jabber@localhost ;

So, we just created user and database for MySQL. After that you need to put this data to the Prosody config. You did it, right? Ok, go to the next step. Put Prosody service to autostart:

# systemctl enable prosody

We forgot something. Yes, we definatley forgot something, i see it, but i don’t know what. Oh, i see! Ofcource we forgot to put rules into firewall:

# nano /etc/sysconfig/iptables

Put this rules to file:

-A INPUT -p tcp -m state --state NEW -m tcp --dport 5222 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 5269 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 5223 -j ACCEPT

Yes, that’s so much better! Let’s start this beauty:

# systemctl start prosody

That’s it. You can connect to your new Jabber server and register from client.