User Tools

Site Tools


ejabberd

This is an old revision of the document!


OpenSRF comes with a custom built Jabber server called ChopChop. For testing purposes and/or systems with small loads, ChopChop works quite well. It's extremely simple and fast. ChopChop has a number of drawbacks, however, for large server clusters. (E.g. Bug Entry). Because of this, we recommend using Ejabberd.

Quick Install

Most systems have Ejabberd packages.

Config

Installation should provide you with an ejabberd.cfg file. Below are the changes we make to the default config provided by Debian:

  1. Change the hosts section as appropriate. This setting is crucial and whatever you put here will show up in all of the other OpenSRF config files. "localhost" works fine for single-machine installs. IP addresses work fine. The important factor is that all connecting machines can correctly resolve the configured hostname.
  2. Change any max_stanza_size lines to 2000000. This ensures that you can send large message through the server.
  3. Change any "shaper" lines (there should be two of them like so : {shaper, normal, {maxrate, XYZ}}) to a maxrate of 500000.
  4. Change max_user_sessions (if your version of ejabberd has this setting) from the default of 10 to at least 100 for a single-machine system.
  5. Comment out the mod_offline module setting to prevent offline storage of messages.
    1. Should look something like this: %{mod_offline, []},
  6. Optional: If your installation does not install a s2s_certfile (.pem), feel free to change the s2s_use_starttls setting from "true" to "false". It's not needed.

Our default Debian config with the above changes, minus some commented out lines

  • Note: Any line beginnging with a "%" is a comment
% Users that have admin access.  Add line like one of the following after you
{acl, admin, {user, ""}}.

% Local users:
{acl, local, {user_regexp, ""}}.

% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

% Every username can be registered via in-band registration:
{access, register, [{allow, all}]}.

% None username can be registered via in-band registration:
%{access, register, [{deny, all}]}.

% After successful registration user will get message with following subject
% and body:
{welcome_message,
 {"Welcome!",
  "Welcome to Debian Jabber Service.  "
  "For information about Jabber visit http://jabber.org"}}.
% Replace them with 'none' if you don't want to send such message:
%{welcome_message, none}.

% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.


% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
               {allow, all}]}.

% Set shaper with name "normal" 
{shaper, normal, {maxrate, 500000}}.

% Set shaper with name "fast" 
{shaper, fast, {maxrate, 500000}}.

% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
                      {normal, all}]}.

% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.

% This rule allows access only for local users:
{access, local, [{allow, local}]}.


% Authentication method.  If you want to use internal user base, then use
% this line:
{auth_method, internal}.

% Host(s) name: (replace for your hostname(s))
% Old {host, "localhost"}. option is equivalent to {hosts, ["localhost"]}.
{hosts, ["localhost"]}.

% Default language for server messages
{language, "en"}.

% Listened ports:
{listen,
% Ordinary client-2-server service
 [{5222, ejabberd_c2s,     [{access, c2s},
                            {max_stanza_size, 1000000},
                            starttls, {certfile, "/etc/ejabberd/ejabberd.pem"},
                            {shaper, c2s_shaper}]},

% SSL-enabled client-2-server service
  {5223, ejabberd_c2s,     [{access, c2s},
                            {max_stanza_size, 1000000},
                            tls, {certfile, "/etc/ejabberd/ejabberd.pem"},
                            {shaper, c2s_shaper}]},

% Server-2-server service
  {5269, ejabberd_s2s_in,  [{shaper, s2s_shaper},
                            {max_stanza_size, 1000000}]},


% HTTP service (You may choose options HTTP-polling and Web-administering)
% When commenting out, be careful with commas
  {5280, ejabberd_http,    [http_poll, web_admin]}
 ]}.

% Use STARTTLS+Dialback for S2S connections
{s2s_use_starttls, true}.
{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.
%{domain_certfile, "example.org", "/etc/ejabberd/example_org.pem"}.
%{domain_certfile, "example.com", "/etc/ejabberd/example_com.pem"}.

% If SRV lookup fails, then port 5269 is used to communicate with remote server
{outgoing_s2s_port, 5269}.

% Used modules:
{modules,
 [
  {mod_adhoc,      []},
  {mod_announce,   [{access, announce}]}, % Depends on mod_adhoc
  {mod_register,   [{access, register}]},
  {mod_roster,     []},
  {mod_privacy,    []},
  {mod_configure,  []}, % Depends on mod_adhoc
  {mod_configure2, []},
  {mod_disco,      [{extra_domains, ["users.jabber.org"]}]},
  {mod_stats,      []},
  {mod_vcard,      []},
%  {mod_offline,    []},
  {mod_echo,       []},
  {mod_private,    []},
  {mod_irc,        []},
  {mod_muc,        [{access, muc},
                    {access_create, muc},
                    {access_admin, muc_admin}]},
%  {mod_muc_log,   []},
%  {mod_shared_roster, []},
  {mod_pubsub,     []},
  {mod_time,       []},
  {mod_last,       []},
  {mod_version,    []}
 ]}.

% vim:set ft=erlang:
% Local Variables:
% mode: erlang
% End:

Using Ejabberd

  1. Start the server. On debian, this is done with /etc/init.d/ejabberd restart
  2. Register users. You need at least a "router" user for the router service to use. It's also wise to create a user for each basic functional unit of the ILS.
    • We register the following users:
      1. "router" - For the router service. This is the only connection where the actual name matters. Other services need to know the name in order to communication with OpenSRF.
      2. "gateway" - for the apache gatway
      3. "osrf" - for all generic opensrf application and client connections
      4. "srfsh" - for srfsh logins
    • You can register users with various methods.
      1. From CVS, OpenSRF/examples/register.pl is a simple way to register new users. It requires the Net::Jabber perl module.

Installing Ejabberd From Source

As of Debian Etch (4.0) and Ubuntu Gutsy (7.10), Erlang and Ejabberd will install just fine via your system's package manager - so hopefully you will not have to build from source. But if you do, here are the instructions we have used in the past.

Install Erlang

Ejabberd is built on Erlang. Most systems have Erlang packages available. If not, building from source is a snap:

Get the latest source from here.

% ./configure && make && make install

Install Ejabberd

Get the latest source from here. cd into the src directory:

% ./configure && make


Thus far, we have been running Ejabber directly from the directory where it is built. This is probably just a laziness issue, but so far it's been the simplest way to handle it.


Configure and Run Ejabberd

The system needs an ejabberd user (with a real home directory) and a jabber group. Your mileage may vary:

% groupadd jabberd
% useradd -m -G jabberd ejabberd

From within the src directory :

% cp ejabberd.cfg.example ejabberd.cfg
% chown ejabberd:jabberd ../src -R
% chmod 750 ../src -R

Now edit ejabberd.cfg. There are two required changes:

  1. the "hosts" setting must be configured to use the same host that the OpenSRF applications are using (see bootstrap.conf and opensrf_core.xml config files). "localhost" is the default, and works fine for single-server installations.
  2. the "mod_offline" section MUST be commented out.

Now start the server. Still in the src dir:

% su ejabberd
% erl -s ejabberd -name ejabberd -ejabberd config "ejabberd.cfg" -detached

Test it

% telnet localhost 5222

If you can't connect (and this is the correctly configured port), re-run the above command without the "-detached" flag and you will see debug output.

Consult the Ejabberd site for more info.

ejabberd.1283792766.txt.gz · Last modified: 2022/02/10 13:33 (external edit)

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki

© 2008-2022 GPLS and others. Evergreen is open source software, freely licensed under GNU GPLv2 or later.
The Evergreen Project is a U.S. 501(c)3 non-profit organization.