-
Notifications
You must be signed in to change notification settings - Fork 127
Ejabberd: Configuration
Guys, we don't exactly know why it seems to be so hard for you to drop the default ejabberd.cfg packaged by Debian. But it seems it badly hurts your feelings. We are sorry, but the default Debian ejabberd.cfg is a configuration for basic chat server (which is great for a chat server). Archipel needs more advanced options to be a real full XMPP server. So please, rm /etc/ejabberd/ejabberd.cfg
, copy the following sample in a new file named /etc/ejabberd/ejabberd.cfg
, and replace the occurrence of FQDN
by your actual FQDN (and also eventually update the path of the TLS certificate). Please, stop trying to adapt the default config file because most of the time, you miss several tokens and it makes Archipel sad. If you really can't remove the original file for sentimental reasons, rename it to ejabberd.cfg.orig
. Then, later, you will be able to print it, frame it, and cherish it until the rest of your life :)
Important note: If you can't start ejabberd with this config file, this is mainly because something is wrong with your module installation, and Archipel will certainly not work.
This sample file contains the ejabberd configuration needed for Archipel. It is not ready for production, but allows you to quickly start playing with Archipel. Note you have to replace all FQDN
by your accessible fully qualified domain name. If you have not access to a DNS, you need to add in all the host file of your platform
X.X.X.X your.fqdn.com
WARNING: some file paths need to be tweaked to match your ejabberd install
%%%
%%% ejabberd configuration file
%%%
%%% Archipel Sample Configuration
%%% =======================
%%% OVERRIDE STORED OPTIONS
%% loglevel: Verbosity of log files generated by ejabberd.
{loglevel, 3}.
%%% ================
%%% SERVED HOSTNAMES
%% CHANGE THIS
{hosts, ["FQDN"]}.
%%% ===============
%%% LISTENING PORTS
{listen,
[
%% If you have compiled the ejabberd-xmlrpc, uncomment the following line
%% {4560, ejabberd_xmlrpc, []},
{5222, ejabberd_c2s, [
{certfile, "/etc/ejabberd/ejabberd.pem"},
{access, c2s},
{max_stanza_size, 65536000}
]},
{5269, ejabberd_s2s_in, [
{max_stanza_size, 65536000}
]},
{5280, ejabberd_http, [
http_bind,
http_poll,
web_admin
]}
]}.
%%% ===============
%%% S2S
{route_subdomains, s2s}.
{s2s_use_starttls, true}.
{s2s_default_policy, allow}.
%%% ==============
%%% AUTHENTICATION
{auth_method, internal}.
%%% ===============
%%% TRAFFIC SHAPERS
{shaper, normal, {maxrate, 1000}}.
{shaper, fast, {maxrate, 50000}}.
%%% ====================
%%% ACCESS CONTROL LISTS
%% CHANGE THIS
{acl, admin, {user, "admin", "FQDN"}}.
{acl, local, {user_regexp, ""}}.
%% if you HAVE NOT compiled ejabberd-xmlrpc module, you
%% Need to declare all your hypervisors as ejabberd admin
%% The hypervisor JID is defined in archipel.conf. By default it
%% it is hypervisor@FQDN
{acl, admin, {user, "hypervisor", "FQDN"}}.
%% {acl, admin, {user, "hypervisor-x", "FQDN"}}.
%% {acl, admin, {user, "hypervisor-n", "FQDN"}}.
%%% ============
%%% ACCESS RULES
{access, max_user_sessions, [{10, all}]}.
{access, local, [{allow, local}]}.
{access, c2s, [{deny, blocked}, {allow, all}]}.
{access, c2s_shaper, [{none, admin}, {none, all}]}.
{access, s2s_shaper, [{fast, all}]}.
{access, announce, [{allow, admin}]}.
{access, configure, [{allow, admin}]}.
{access, muc_admin, [{allow, admin}]}.
{access, muc, [{allow, all}]}.
{access, muc_create, [{allow, local}]}.
{access, pubsub_createnode, [{allow, all}]}.
%%% ================
%%% DEFAULT LANGUAGE
{language, "en"}.
%%% =======
%%% REGISTRATION
{access, register, [{allow, all}]}.
{registration_timeout, infinity}.
%%% =======
%%% MODULES
{modules,
[
{mod_adhoc, []},
{mod_announce, [{access, announce}]}, % requires mod_adhoc
{mod_caps, []},
{mod_configure,[]},
{mod_disco, []},
{mod_http_bind,[
{max_inactivity, 480} % timeout value for the BOSH, usefull for a large number of VM
]},
{mod_irc, []},
{mod_last, []},
{mod_muc, [
{access, muc},
{access_create, muc_create},
{access_persistent, muc_create},
{access_admin, muc_admin}
]},
{mod_offline, []},
{mod_privacy, []},
{mod_private, []},
{mod_pubsub, [ % requires mod_caps
{access_createnode, pubsub_createnode},
{ignore_pep_from_offline, true},
{last_item_cache, false},
{plugins, ["flat", "hometree", "pep"]},
{max_items_node, 1000}
]},
{mod_register, [
{access, register}
]},
{mod_roster, []},
{mod_shared_roster,[]},
{mod_time, []},
{mod_vcard, []},
{mod_version, []},
{mod_admin_extra, []}
]}.
You then can start Ejabberd with the following command:
ejabberdctl start
Wait 10 seconds and check if it is started:
/opt/sbin/ejabberdctl status
> The node ejabberd@FQDN is started with status: started
> ejabberd 2.1.8 is running in that node
You need to register a XMPP admin account (if you want archipel to work out of the box, just name it admin
):
# ejabberdctl register admin your.fqdn.com yourpassword
Do not create any other account for virtual machine or hypervisor. You can create as much as user accounts as you want.