Вы читаете slabak

Previous Entry | Next Entry

Парился долго с настройкой. Столкнулся с неявными вещами.
Например генерация ключа...

После установки в каталоге /etc/ejabberd/
должно быть три файла:

ejabberd.cfg - конфигурационный файл
ejabberd.pem - файл с ключом
inetrc - конфигурация хостов


Файл ejabberd.cfg:
% Default Debian ejabberd.cfg
% This config must be in UTF-8 encoding

override_acls.

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% ucf section

%% Admin user
{acl, admin, {user, "adminname", "site.local"}}.

%% Hostname
{hosts, ["site.local", "localhost"]}.

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

% Users that have admin access. Add line like one of the following after you
% will be successfully registered on server to get admin access:
%{acl, admin, {user, "eshe_admin"}}.

% Blocked users:
{acl, blocked, {user, "test"}}.

% Local users:
{acl, local, {user_regexp, ""}}.

% Another examples of ACLs:
%{acl, jabberorg, {server, "jabber.org"}}.
%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%{acl, test, {user_regexp, "^test"}}.
%{acl, test, {user_glob, "test*"}}.

% Everybody can create pubsub nodes
{access, pubsub_createnode, [{allow, all}]}.

% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

% Every username can be registered via in-band registration:
{access, register, [{allow, all}]}.

% None username can be registered via in-band registration:
%{access, register, [{deny, all}]}.

% After successful registration user will get message with following subject
% and body:
%{welcome_message,
% {"Превед!",
% "Добро пожаловать на джаббер-сервер репозитория. "
% "Чтобы узнать подробнее о джаббере сходи на http://jabber.org"}}.
% Replace them with 'none' if you don't want to send such message:

{welcome_message, none}.

% List of people who will get notifications about registered users
%{registration_watchers, ["admin1@localhost",
% "admin2@localhost"]}.

% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.


% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
{allow, all}]}.

% Set shaper with name "normal" to limit traffic speed to 1000B/s
{shaper, normal, {maxrate, 1000}}.

% Set shaper with name "fast" to limit traffic speed to 50000B/s
{shaper, fast, {maxrate, 50000}}.

% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
{normal, all}]}.

% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

% All users are allowed to use MUC service:
%{access, muc, [{allow, all}]}.

% This rule allows access only for local users:
%{access, local, [{allow, local}]}.


% Authentication method. If you want to use internal user base, then use
% this line:
{auth_method, internal}.

% For LDAP authentication use these lines instead of above one:
%{auth_method, ldap}.
%{ldap_servers, ["localhost"]}. % List of LDAP servers
%{ldap_uidattr, "uid"}. % LDAP attribute that holds user ID
%{ldap_base, "dc=example,dc=com"}. % Search base of LDAP directory
%{ldap_rootdn, "dc=example,dc=com"}. % LDAP manager
%{ldap_password, "******"}. % Password to LDAP manager

% For authentication via external script use the following:
%{auth_method, external}.
%{extauth_program, "/path/to/authentication/script"}.

% For authentication via ODBC use the following:
%{auth_method, odbc}.
%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.

%% Anonymous login support:
%% auth_method: anonymous
%% anonymous_protocol: sasl_anon|login_anon|both
%% allow_multiple_connections: true|false
%%{host_config, "public.example.org", [{auth_method, anonymous},
%% {allow_multiple_connections, false},
%% {anonymous_protocol, sasl_anon}]}.
%% To use both anonymous and internal authentication:
%%{host_config, "public.example.org", [{auth_method, [anonymous, internal]}]}.
%%{host_config, "repo.local", [{auth_method, [anonymous, internal]}]}.

% Host(s) name: (replace for your hostname(s))
% Old {host, "localhost"}. option is equivalent to {hosts, ["localhost"]}.
%{hosts, ["localhost"]}.

%% Define the maximum number of time a single user is allowed to connect:
{max_user_sessions, 10}.

% Default language for server messages
{language, "en"}.

% Listened ports:
{listen,
%Ordinary client-2-server service
[{5222, ejabberd_c2s, [{access, c2s},
{max_stanza_size, 65536},
starttls, {certfile, "/etc/ejabberd/ejabberd.pem"},
{shaper, c2s_shaper}]},

% SSL-enabled client-2-server service
{5223, ejabberd_c2s, [{access, c2s},
{max_stanza_size, 65536},
tls, {certfile, "/etc/ejabberd/ejabberd.pem"},
{shaper, c2s_shaper}]},

% Server-2-server service
% {5269, ejabberd_s2s_in, [{shaper, s2s_shaper},
% {max_stanza_size, 131072}]},
%
% External MUC jabber-muc (but internal mod_muc is better :))
% {5554, ejabberd_service, [{ip, {127, 0, 0, 1}},
% {access, all},
% {host, "muc.localhost", [{password, "secret"}]}]},

% Jabber ICQ Transport
% {5555, ejabberd_service, [{ip, {127, 0, 0, 1}},
% {access, all},
% {hosts, ["icq.localhost", "sms.localhost"], [{password, "secret"}]}]},

% AIM Transport
% {5556, ejabberd_service, [{ip, {127, 0, 0, 1}},
% {access, all},
% {host, "aim.localhost", [{password, "secret"}]}]},

% MSN Transport
% {5557, ejabberd_service, [{ip, {127, 0, 0, 1}},
% {access, all},
% {host, "msn.localhost", [{password, "secret"}]}]},

% Yahoo! Transport
% {5558, ejabberd_service, [{ip, {127, 0, 0, 1}},
% {access, all},
% {host, "yahoo.localhost", [{password, "secret"}]}]},

% External JUD (internal is more powerful,
% but doesn't allow to register users from other servers)
% {5559, ejabberd_service, [{ip, {127, 0, 0, 1}},
% {access, all},
% {host, "jud.localhost", [{password, "secret"}]}]},

% HTTP service (You may choose options HTTP-polling and Web-administering)
% When commenting out, be careful with commas
{5280, ejabberd_http, [http_poll, web_admin]}
]}.

% Use STARTTLS+Dialback for S2S connections
{s2s_use_starttls, true}.
{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.
%{domain_certfile, "example.org", "/etc/ejabberd/example_org.pem"}.
%{domain_certfile, "example.com", "/etc/ejabberd/example_com.pem"}.

% If SRV lookup fails, then port 5269 is used to communicate with remote server
%{outgoing_s2s_port, 5269}.

% Used modules:
{modules,
[
{mod_adhoc, []},
{mod_announce, [{access, announce}]}, % Depends on mod_adhoc
{mod_register, [{access, register}]},
{mod_roster, []},
{mod_privacy, []},
{mod_configure, []}, % Depends on mod_adhoc
{mod_configure2, []},
{mod_disco, [{extra_domains, ["users.jabber.org"]}]},
{mod_stats, []},
{mod_vcard, []},
{mod_offline, []},
{mod_echo, []},
{mod_private, []},
{mod_irc, []},
% Default options for mod_muc:
% host: "conference." ++ ?MYNAME
% access: all
% access_create: all
% access_admin: none (only room creator has owner privileges)
{mod_muc, [{access, muc},
{access_create, muc},
{access_admin, muc_admin}]},
{mod_muc_log, []},
{mod_shared_roster, []},
{mod_pubsub, [{access_createnode, pubsub_createnode}]},
{mod_time, []},
{mod_last, []},
{mod_shared_roster, [{iqdisc, no_queue}]},
{mod_version, []}
]}.

% vim:set ft=erlang:
% Local Variables:
% mode: erlang
% End:


Файл inetrc:
{file, hosts, "/etc/hosts"}.
{file, resolv, "/etc/resolv.conf"}.
% сначала ищем записи в hosts, а затем обращаемся к DNS
{lookup, [file, dns]}.


также в файле /etc/hosts
должен быть прописан хосты, например так:

127.0.0.1 localhost
127.0.1.1 site
192.168.1.4 site.local


Чтобы подключиться к веб админилке нужно сначала зарегить пароль для админа
#sudo ejabberdctl register admin site.local super_password

далее зайти с помощью браузера на

http://site.local:5280/admin

в поле логин: admin@site.local
пароль: super_password

Ещё нужно сгенерировать сертификат, если его ещё нет, делаем так:
# cd /etc/ejabberd/
# openssl req -new -x509 -newkey rsa:1024 -days 3650 -keyout privkey.pem -out server.pem
Отвечаем на вопросы, и делаем далее:
# cat privkey.pem >> server.pem
# rm privkey.pem
# mv server.pem ejabberd.pem

Чтобы админилка была по русски, надо отправить следующее сообщение из клиента в консоли XML:
  <iq id='5'
      to='example.org'
      type='get'
      xml:lang='ru'>
    <query xmlns='http://jabber.org/protocol/disco#items'/>
  </iq>



Comments

( 4 комментария — Оставить комментарий )
(Анонимно)
6 янв, 2011 07:24 (UTC)
Imbri prospect times together like another which leads ears were monarchs.
Pleased Reborn Year[url=http://sdjfh.in/flexpen/],[/url] everybody under the sun! :)
dtulyakov
4 фев, 2011 21:42 (UTC)
Чтобы админка была по русски,
% Default language for server messages
{language, "en"}.

достаточно в конфиге указать это
% Default language for server messages
{language, "ru"}.
russoturisto
14 мар, 2011 11:19 (UTC)
_
Как думаете , чего таки будет с япошками - накроет волной их или атомные станции взорвутся?
(Анонимно)
27 мар, 2011 01:01 (UTC)
Проект Pintotonic
Проект Pintotonic проводит конкурс ремиксов,приз - релиз на Truth Capsule Label.
скачать паки здесь - http://pintotonic.promodj.ru/samples/
ознакомиться с оригиналами здесь - http://pintotonic.promodj.ru/groups/184453.html
( 4 комментария — Оставить комментарий )

Latest Month

Январь 2008
Вс Пн Вт Ср Чт Пт Сб
  12345
6789101112
13141516171819
20212223242526
2728293031  
Разработано LiveJournal.com
Designed by Lilia Ahner