Skip to content

Instantly share code, notes, and snippets.

@chrisdchristo

chrisdchristo/101_ejabberd.md

Last active December 29, 2015 17:39
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save chrisdchristo/7705992 to your computer and use it in GitHub Desktop.
Save chrisdchristo/7705992 to your computer and use it in GitHub Desktop.
Download ZIP
101: ejabberd
Raw
101_ejabberd.md

101: ejabbered

ejabbered is a popular XMPP server to facilitate instant messaging.

Please replace all 'mydomain.com' with your own domain in the below configuration.

Kill all ejabberd processes:

killall beam beam.smp epmd ejabberd

then install (after removing):

sudo apt-get update
sudo apt-get remove --purge erlang-base erlang-nox libsctp1 lksctp-tools
sudo apt-get autoremove
sudo apt-get install --reinstall ejabberd

Uncomment ERLANG_MODE

You might need to uncomment the following line from /etc/default/ejabberd. So open it up:

sudo nano /etc/default/ejabberd

and uncomment this:

ERLANG_NODE=ejabberd

Point hostname to mydomain.com

Open up the config file:

sudo nano /etc/ejabberd/ejabberd.cfg

You need to point the hostname to mydomain.com, So change this line:

{hosts, ["localhost"]}.

to this:

{hosts, ["localhost","mydomain.com"]}.

Create admin user

Open up the config file:

sudo nano /etc/ejabberd/ejabberd.cfg

Create an admin user by changing the following line:

{acl, admin, {user, "", "localhost"}}.

to this:

{acl, admin, {user, "ejabberd_admin", "mydomain.com"}}.

Then you can register the user (after the ejabberd server has started).

sudo ejabberdctl register ejabberd_admin mydomain.com password

If you make a mistake with the register then just swap the word register for 'unregister' and remove the password from the command.

Restarting the server

Start with root user:

sudo service ejabberd restart

or if that doesn't work then start using ejabberd user:

su - ejabberd -c /usr/sbin/ejabberd

Check the ports are assigned:

netstat -atnp | grep 5222
netstat -atnp | grep 5280

Open ports 5222, 5269 and 5280 on your firewall for ejabberd to work properly.

Restarting the server

Start with root user:

sudo service ejabberd restart

or if that doesn't work then start using ejabberd user:

su - ejabberd -c /usr/sbin/ejabberd

Check the ports are assigned:

netstat -atnp | grep 5222
netstat -atnp | grep 5280

Open ports 5222, 5269 and 5280 for ejabberd to work properly.

OpenSSL

Make sure you add the ejabberd user to the ssl-cert group:

adduser ejabberd ssl-cert

Open up the config file:

sudo nano /etc/ejabberd/ejabberd.cfg

and replace the following lines:

{s2s_certfile, "/etc/ssl/custom/keys/official-www-mydomain-com-combined.pem"}.

{5222, ejabberd_c2s, [
  {access, c2s},
  {shaper, c2s_shaper},
  {max_stanza_size, 65536},
  %%zlib,
  starttls, {certfile, "/etc/ssl/custom/keys/official-www-mydomain-com-combined.pem"}
 ]},

OpenLDAP

Open up the config file:

sudo nano /etc/ejabberd/ejabberd.cfg

Replace the following lines (Include/exclude the comments where stated):

%{auth_method, internal}.
{auth_method, ldap}.
{ldap_servers, ["mydomain.com"]}.
{ldap_encrypt, none}.
{ldap_port, 389}.
{ldap_rootdn, "uid##ejabberd_admin,ou##users,dc##mydomain,dc##com"}.
{ldap_password, "password"}.
{ldap_base, "ou##users,dc##mydomain,dc##com"}.
{ldap_uids, [{"uid"}]}.

OpenLDAP SSL

Replace the following lines:

{ldap_encrypt, tls}.
{ldap_port, 636}.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment