XmppChat Ubuntu 11 "Install guide": Revision

1 -instalar jabberd-

sudo apt-get install ejabberd

2 -configurar servidor jabberd-

sudo dpkg-reconfigure ejabberd

3 -instalar el comando syslog-

sudo apt-get install libdbi-perl

4 -copiar lo siguiente en /etc/apache2/mods-enabled/proxy.conf cambiar misitio.com por el suyo

 

 

# If you want to use apache2 as a forward proxy, uncomment the

# 'ProxyRequests On' line and theblock below.

# WARNING: Be careful to restrict access inside theblock.

# Open proxy servers are dangerous both to your network and to the

# Internet at large.

#

# If you only want to use apache2 as a reverse proxy/gateway in

# front of some web application server, you DON'T need

# 'ProxyRequests On'.

 

ProxyRequests On

misitio.com:5280/http-bind>

        AddDefaultCharset off

        Order deny,allow

        Deny from all

        Allow from all

 

ProxyPass /http-bind http://misitio.com:5280/http-bind

ProxyPassReverse /http-bind http://misitio.com:5280/http-bind

 

5 - copiar esto o remplazar en /etc/ejabberd/ejabberd.cfg -

%%%

%%%     Debian ejabberd configuration file

%%%     This config must be in UTF-8 encoding

%%%

%%% The parameters used in this configuration file are explained in more detail

%%% in the ejabberd Installation and Operation Guide.

%%% Please consult the Guide in case of doubts, it is available at

%%% /usr/share/doc/ejabberd/guide.html

 

%%% This configuration file contains Erlang terms.

%%% In case you want to understand the syntax, here are the concepts:

%%%

%%%  - The character to comment a line is %

%%%

%%%  - Each term ends in a dot, for example:

%%%      override_global.

%%%

%%%  - A tuple has a fixed definition, its elements are

%%%    enclosed in {}, and separated with commas:

%%%      {loglevel, 4}.

%%%

%%%  - A list can have as many elements as you want,

%%%    and is enclosed in [], for example:

%%%      [http_poll, web_admin, tls]

%%%

%%%  - A keyword of ejabberd is a word in lowercase.

%%%    The strings are enclosed in "" and can have spaces, dots...

%%%      {language, "en"}.

%%%      {ldap_rootdn, "dc=example,dc=com"}.

%%%

%%%  - This term includes a tuple, a keyword, a list and two strings:

%%%      {hosts, ["jabber.example.net", "im.example.com"]}.

%%%

 

%%%   ===================================

%%%   OVERRIDE OPTIONS STORED IN DATABASE

 

%%

%% Override global options (shared by all ejabberd nodes in a cluster).

%%

%%override_global.

 

%%

%% Override local options (specific for this particular ejabberd node).

%%

%%override_local.

 

%%

%% Remove the Access Control Lists before new ones are added.

%%

%%override_acls.

 

 

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

%% Options which are set by Debconf and managed by ucf

 

%% Admin user

{acl, admin, {user, "nombre de usuario", "misitio.com"}}.

 

%% Hostname

{hosts, ["misitio.com"]}.

 

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

 

 

%%%   =========

%%%   DEBUGGING

 

%%

%% loglevel: Verbosity of log files generated by ejabberd.

%% 0: No ejabberd log at all (not recommended)

%% 1: Critical

%% 2: Error

%% 3: Warning

%% 4: Info

%% 5: Debug

%%

{loglevel, 4}.

 

%%

%% watchdog_admins: If an ejabberd process consumes too much memory,

%% send live notifications to those Jabber accounts.

%%

%%{watchdog_admins, ["bob@example.com"]}.

 

 

%%%   ================

%%%   SERVED HOSTNAMES

 

%%

%% hosts: Domains served by ejabberd.

%% You can define one or several, for example:

%% {hosts, ["example.net", "example.com", "example.org"]}.

%%

%% (This option is defined by debconf earlier)

%% {hosts, ["localhost"]}.

 

%%

%% route_subdomains: Delegate subdomains to other Jabber server.

%% For example, if this ejabberd serves example.org and you want

%% to allow communication with a Jabber server called im.example.org.

%%

%%{route_subdomains, s2s}.

 

 

%%%   ===============

%%%   LISTENING PORTS

 

%%

%% listen: Which ports will ejabberd listen, which service handles it

%% and what options to start it with.

%%

{listen,

 [

  {5222, ejabberd_c2s, [

                        inet6,

{access, c2s},

{shaper, c2s_shaper},

{max_stanza_size, 65536},

                        %%zlib,

starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}

      ]},

 

  %%

  %% To enable the old SSL connection method (deprecated) in port 5223:

  %%

  %%{5223, ejabberd_c2s, [

  %% {access, c2s},

  %% {shaper, c2s_shaper},

  %% {max_stanza_size, 65536},

  %%                    zlib,

  %% tls, {certfile, "/etc/ejabberd/ejabberd.pem"}

  %%       ]},

 

  {5269, ejabberd_s2s_in, [

  {shaper, s2s_shaper},

  {max_stanza_size, 131072}

 ]},

 

  %% External MUC jabber-muc

  %%{5554, ejabberd_service, [

  %%    {ip, {127, 0, 0, 1}},

  %%    {access, all},

  %%    {shaper_rule, fast},

  %%    {host, "muc.localhost", [{password, "secret"}]}

  %%    ]},

 

  %% Jabber ICQ Transport

  %%{5555, ejabberd_service, [

  %%    {ip, {127, 0, 0, 1}},

  %%    {access, all},

  %%    {shaper_rule, fast},

  %%    {hosts, ["icq.localhost", "sms.localhost"],

  %%       [{password, "secret"}]}

  %%    ]},

 

  %% AIM Transport

  %%{5556, ejabberd_service, [

  %%    {ip, {127, 0, 0, 1}},

  %%    {access, all},

  %%    {shaper_rule, fast},

  %%    {host, "aim.localhost", [{password, "secret"}]}

  %%    ]},

 

  %% MSN Transport

  %%{5557, ejabberd_service, [

  %%    {ip, {127, 0, 0, 1}},

  %%    {access, all},

  %%    {shaper_rule, fast},

  %%    {host, "msn.localhost", [{password, "secret"}]}

  %%    ]},

 

  %% Yahoo! Transport

  %%{5558, ejabberd_service, [

  %%    {ip, {127, 0, 0, 1}},

  %%    {access, all},

  %%    {shaper_rule, fast},

  %%    {host, "yahoo.localhost", [{password, "secret"}]}

  %%    ]},

 

  %% External JUD (internal is more powerful,

  %% but doesn't allow to register users from other servers)

  %%{5559, ejabberd_service, [

  %%    {ip, {127, 0, 0, 1}},

  %%    {access, all},

  %%    {shaper_rule, fast},

  %%    {host, "jud.localhost", [{password, "secret"}]}

  %%    ]},

 

  {5280, ejabberd_http, [

%%{request_handlers,

%% [

%%  {["pub", "archive"], mod_http_fileserver}

%% ]},

%%captcha,

http_bind,

http_poll,

web_admin

]}

 

 ]}.

 

%%

%% max_fsm_queue: Enable limiting of lengths of "message queues"

%% for outgoing connections. Roughly speaking, each message in such

%% queues represents one XML stanza queued to be sent into

%% an output stream it is serving.

%% The default value is an atom 'undefined' which specifies no limiting.

%%

%% When specified globally, this option limits the message queue lengths

%% for all ejabberd_c2s_in and ejabberd_service listeners,

%% as well as for outgoing s2s connections.

%%

%% This option can also be specified as an option for ejabberd_c2s_in

%% and ejabberd_service listeners, in wich case it will override

%% the value of the global option.

%%

{max_fsm_queue, 1000}.

 

%%

%% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.

%% Allowed values are: true or false.

%% You must specify a certificate file.

%%

{s2s_use_starttls, true}.

 

%%

%% s2s_certfile: Specify a certificate file.

%%

{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.

 

%%

%% domain_certfile: Specify a different certificate for each served hostname.

%%

%%{domain_certfile, "example.org", "/path/to/example_org.pem"}.

%%{domain_certfile, "example.com", "/path/to/example_com.pem"}.

 

%%

%% S2S whitelist or blacklist

%%

%% Default s2s policy for undefined hosts.

%%

%%{s2s_default_policy, allow}.

 

%%

%% Allow or deny communication with specific servers.

%%

%%{{s2s_host, "goodhost.org"}, allow}.

%%{{s2s_host, "badhost.org"}, deny}.

 

%%

%% The maximum allowed delay for retry to connect

%% after a failed connection attempt to a remote server, in seconds.

%% The default value is 300 seconds (5 minutes). 

%%

%% The reconnection algorythm works like this: if connection fails,

%% ejabberd makes an initial random delay between 1 and 15 seconds,

%% then retries, and if this attempt fails, makes another delay,

%% twice as long as previous. These attempts are performed either

%% until a successful connection is made or until the next calculated

%% delay is greated or equal than the value of s2s_max_retry_delay.

%%

%%{s2s_max_retry_delay, 300}.

 

%%

%% Outgoing S2S options

%%

%% Preferred address families (which to try first) and connect timeout

%% in milliseconds.

%%

%%{outgoing_s2s_options, [ipv4, ipv6], 10000}.

 

 

%%%   ==============

%%%   AUTHENTICATION

 

%%

%% auth_method: Method used to authenticate the users.

%% The default method is the internal.

%% If you want to use a different method,

%% comment this line and enable the correct ones.

%%

%%{auth_method, internal}.

 

%%

%% Authentication using external script

%% Make sure the script is executable by ejabberd.

%%

%%{auth_method, external}.

%%{extauth_program, "/path/to/authentication/script"}.

{auth_method, external}.

{extauth_program, "/etc/ejabberd/ejabberd_elgg_auth.pl"}.

 

%%

%% Authentication using ODBC

%% Remember to setup a database in the next section.

%%

%%{auth_method, odbc}.

 

%%

%% Authentication using PAM

%%

%%{auth_method, pam}.

%%{pam_service, "pamservicename"}.

 

%%

%% Authentication using LDAP

%%

%%{auth_method, ldap}.

%%

%% List of LDAP servers:

%%{ldap_servers, ["localhost"]}.

%%

%% Encryption of connection to LDAP servers (LDAPS):

%%{ldap_encrypt, none}.

%%{ldap_encrypt, tls}.

%%

%% Port connect to LDAP server:

%%{ldap_port, 389}.

%%{ldap_port, 636}.

%%

%% LDAP manager:

%%{ldap_rootdn, "dc=example,dc=com"}.

%%

%% Password to LDAP manager:

%%{ldap_password, "******"}.

%%

%% Search base of LDAP directory:

%%{ldap_base, "dc=example,dc=com"}.

%%

%% LDAP attribute that holds user ID:

%%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.

%%

%% LDAP filter:

%%{ldap_filter, "(objectClass=shadowAccount)"}.

 

%%

%% Anonymous login support:

%%   auth_method: anonymous

%%   anonymous_protocol: sasl_anon | login_anon | both

%%   allow_multiple_connections: true | false

%%

%%{host_config, "public.example.org", [{auth_method, anonymous},

%%                                     {allow_multiple_connections, false},

%%                                     {anonymous_protocol, sasl_anon}]}.

%%

%% To use both anonymous and internal authentication:

%%

%%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.

 

 

%%%   ==============

%%%   DATABASE SETUP

 

%% ejabberd uses by default the internal Mnesia database,

%% so you can avoid this section.

%% This section provides configuration examples in case

%% you want to use other database backends.

%% Please consult the ejabberd Guide for details about database creation.

 

%% NOTE that ejabberd in Debian supports "out of the box"

%% only mnesia (default) and ODBC storage backends.

%% Working with MySQL and PostgreSQL DB backends requires

%% building and installation of the corresponding Erlang modules,

%% not distributed as a part of ejabberd.

%% Refer to /usr/share/doc/ejabberd/README.Debian for details.

 

%%

%% MySQL server:

%%

{odbc_server, {mysql, "servidor de la base de datos elgg", "nombre de la base de datos elgg", "usuario de la base de datos elgg", "tu contrseña de root"}}.

%%

%% If you want to specify the port:

%%{odbc_server, {mysql, "server", 1234, "database", "username", "password"}}.

 

%%

%% PostgreSQL server:

%%

%%{odbc_server, {pgsql, "192.168.1.1", "portail", "portail", "nep0beW1"}}.

%%

%% If you want to specify the port:

%%{odbc_server, {pgsql, "server", 1234, "database", "username", "password"}}.

%%

%% If you use PostgreSQL, have a large database, and need a

%% faster but inexact replacement for "select count(*) from users"

%%

%%{pgsql_users_number_estimate, true}.

 

%%

%% ODBC compatible or MSSQL server:

%%

%%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.

 

%%

%% Number of connections to open to the database for each virtual host

%%

%%{odbc_pool_size, 10}.

 

%%

%% Interval to make a dummy SQL request to keep alive the connections

%% to the database. Specify in seconds: for example 28800 means 8 hours

%%

%%{odbc_keepalive_interval, undefined}.

 

 

%%%   ===============

%%%   TRAFFIC SHAPERS

 

%%

%% The "normal" shaper limits traffic speed to 1.000 B/s

%%

{shaper, normal, {maxrate, 1000}}.

 

%%

%% The "fast" shaper limits traffic speed to 50.000 B/s

%%

{shaper, fast, {maxrate, 50000}}.

 

 

%%%   ====================

%%%   ACCESS CONTROL LISTS

 

%%

%% The 'admin' ACL grants administrative privileges to Jabber accounts.

%% You can put as many accounts as you want.

%%

%%{acl, admin, {user, "aleksey", "localhost"}}.

%%{acl, admin, {user, "ermine", "example.org"}}.

 

%%

%% Blocked users

%%

%%{acl, blocked, {user, "baduser", "example.org"}}.

%%{acl, blocked, {user, "test"}}.

 

%%

%% Local users: don't modify this line.

%%

{acl, local, {user_regexp, ""}}.

 

%%

%% More examples of ACLs

%%

%%{acl, jabberorg, {server, "jabber.org"}}.

%%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.

%%{acl, test, {user_regexp, "^test"}}.

%%{acl, test, {user_glob, "test*"}}.

 

%%

%% Define specific ACLs in a virtual host.

%%

%%{host_config, "localhost",

%% [

%%  {acl, admin, {user, "bob-local", "localhost"}}

%% ]

%%}.

 

 

%%%   ============

%%%   ACCESS RULES

 

%% Define the maximum number of time a single user is allowed to connect:

{access, max_user_sessions, [{10, all}]}.

 

%% Maximum number of offline messages that users can have:

{access, max_user_offline_messages, [{5000, admin}, {100, all}]}. 

 

%% This rule allows access only for local users:

{access, local, [{allow, local}]}.

 

%% Only non-blocked users can use c2s connections:

{access, c2s, [{deny, blocked},

      {allow, all}]}.

 

%% For all users except admins used "normal" shaper

{access, c2s_shaper, [{none, admin},

     {normal, all}]}.

 

%% For all S2S connections used "fast" shaper

{access, s2s_shaper, [{fast, all}]}.

 

%% Only admins can send announcement messages:

{access, announce, [{allow, admin}]}.

 

%% Only admins can use configuration interface:

{access, configure, [{allow, admin}]}.

 

%% Admins of this server are also admins of MUC service:

{access, muc_admin, [{allow, admin}]}.

 

%% All users are allowed to use MUC service:

{access, muc, [{allow, all}]}.

 

%% No username can be registered via in-band registration:

%% To enable in-band registration, replace 'deny' with 'allow'

% (note that if you remove mod_register from modules list then users will not

% be able to change their password as well as register).

% This setting is default because it's more safe.

{access, register, [{allow, all}]}.

 

%% By default frequency of account registrations from the same IP

%% is limited to 1 account every 10 minutes. To disable put: infinity

%%{registration_timeout, 600}.

 

%% Everybody can create pubsub nodes

{access, pubsub_createnode, [{allow, all}]}.

 

%%

%% Define specific Access rules in a virtual host.

%%

%%{host_config, "localhost",

%% [

%%  {access, c2s, [{allow, admin}, {deny, all}]},

%%  {access, register, [{deny, all}]}

%% ]

%%}.

 

 

%%%   ================

%%%   DEFAULT LANGUAGE

 

%%

%% language: Default language used for server messages.

%%

{language, "en"}.

 

%%

%% Set a different default language in a virtual host.

%%

%%{host_config, "localhost",

%% [{language, "ru"}]

%%}.

 

 

%%%   =======

%%%   CAPTCHA

 

%%

%% Full path to a script that generates the image.

%% Note that this script must be made executable

%% for the user ejabberd:ejabberd.

%%

%%{captcha_cmd, "/usr/lib/ejabberd/priv/bin/captcha.sh"}.

 

%%

%% Host part of the URL sent to the user.

%% The port specified must be configured as the "ejabberd_http"

%% listener which must have the "captcha" directive included

%% in its configuration (see the "LISTENING PORTS" section above).

%%

%%{captcha_host, "localhost:5280"}.

 

 

%%%   =======

%%%   MODULES

 

%%

%% Modules enabled in all ejabberd virtual hosts.

%%

{modules,

[

  {mod_adhoc,    []},

  {mod_announce, [{access, announce}]}, % requires mod_adhoc

  {mod_caps,     []},

  {mod_configure,[]}, % requires mod_adhoc

  {mod_ctlextra, []},

  {mod_http_bind, [

                               {max_inactivity, 30}

                              ]},

  %%{mod_disco,    []},

  %%{mod_echo,   [{host, "echo.localhost"}]},

  %%{mod_irc,      []},

  {mod_last_odbc,     []},

  %%{mod_muc,      [

                              %%{host, "conference.@HOST@"},

                              %%{access, muc},

                              %%{access_create, muc},

                              %%{access_persistent, muc},

                              %%{access_admin, muc_admin},

                              %%{max_users, 500}

                            %%]},

  %%{mod_muc_log,[]},

  {mod_offline_odbc,  []},

  %%{mod_privacy,  []},

  %%{mod_private_odbc,  []},

  %%{mod_proxy65,  [

                              %%{access, local},

                              %%{shaper, c2s_shaper}

                            %%]},

  {mod_pubsub,   [ % requires mod_caps

                              {access_createnode, pubsub_createnode},

                              {plugins, ["default", "pep"]}

                            ]},

  %%{mod_register, [

                              %%

                              %% After successful registration, the user receives

                              %% a message with this subject and body.

                              %%

                              %%{welcome_message, {"Welcome!",

                                                             %%"Welcome to a Jabber service powered by Debian. "

                                                             %%"For information about Jabber visit "

                                                             %%"http://www.jabber.org"}},

                              %% Replace it with 'none' if you don't want to send such message:

                              %%{welcome_message, none},

 

                              %%

                              %% When a user registers, send a notification to

                              %% these Jabber accounts.

                              %%

                              %%{registration_watchers, ["admin1@example.org"]},

 

                              %%{access, register}

                            %%]},

  {mod_roster_odbc,   []},

  %%{mod_service_log,[]},

  %%{mod_shared_roster,[]},

  {mod_stats,    []},

  {mod_time,     []},

  {mod_vcard_odbc,    []},

  {mod_version,  []}

]}.

 

%%

%% Enable modules with custom options in a specific virtual host

%%

%%{host_config, "localhost",

%% [{{add, modules},

%%   [

%%    {mod_echo, [{host, "mirror.localhost"}]}

%%   ]

%%  }

%% ]}.

 

 

%%% $Id: ejabberd.cfg.example 2497 2009-08-17 20:27:28Z cromain $

 

%%% Local Variables:

%%% mode: erlang

%%% End:

%%% vim: set filetype=erlang tabstop=8:

 

6 - copiar o remplazar esto en etc/ejabberd/ejabberd_elgg_auth.pl -
#!/usr/bin/perl
# Mysql external auth script
# Features: auth and isUser work, but setPass doesn't.
# Restrictions: Username or passwords may not contain some special characters: $'"` nor line breaks
# Security considerations: 
#  - i am not sure whether password is shown in the "echo" sentence when listing processes, perhaps not if echo is a shell builtin
#  - character filtering may not be perfect, but the most important '$"` are filtered out by this script
#  - mysql user password should not be set on command-line, instead use --defaults-extra-file=... The file must contain [client] in the first line and password=... next (check some man page for more details)
#  
# 2005-1-24 Modified by Alejandro Grijalba (SuD) http://www.latinsud.com
# Based on check_pass_null.pl script
my $dbUser="root";  # The username to connect to mysql
my $dbName="nombre de la base de datos"; # The name of the database inside mysql
my $dbTable="tabla de usuarios ejemplo elgg_users_entity"; # The name of the table inside the database
my $fieldUser="email";   # The name of the field that holds jabber user names
my $fieldPass="password";   # The name of the field that holds jabber passwords
use Unix::Syslog qw(:macros :subs);
my $domain = $ARGV[0] || "mysite.com";
while(1)
  {
   # my $rin = '',$rout;
   # vec($rin,fileno(STDIN),1) = 1;
   # $ein = $rin;
   # my $nfound = select($rout=$rin,undef,undef,undef);
    my $buf = "";
    syslog LOG_INFO,"waiting for packet";
    my $nread = sysread STDIN,$buf,2;
    do { syslog LOG_INFO,"port closed"; exit; } unless $nread == 2;
    my $len = unpack "n",$buf;
    my $nread = sysread STDIN,$buf,$len;
    my ($op,$user,$password) = split /:/,$buf;
    
    # Filter dangerous characters
    $user =~ s/[."\n\r'\$`]//g;
    $password =~ s/[."\n\r'\$`]//g;
    
    #$user =~ s/\./\//og;
    my $jid = "$user\@$domain";
    my $result;
    syslog(LOG_INFO,"request (%s)", $op);
  SWITCH:
      {
$op eq 'auth' and do
 {
    $orden = "echo \"select count(*) from $dbTable where $fieldUser='$user' and $fieldPass='$password';\" | 
    mysql --defaults-extra-file=./datosSql -s -B -u $dbUser $dbName | 
grep '^ *[1-9][0-9]* *\$' &> /dev/null";
    #syslog(LOG_INFO,"Executing: %s",$orden);
    # if command returned 0 we return 1
    $result = !system($orden);
 },last SWITCH;
$op eq 'setpass' and do
 {
             $result = 0;
 },last SWITCH;
        $op eq 'isuser' and do
          {
             # password is null. Return 1 if the user $user\@$domain exitst.
    $result = 0;
    $orden = "echo \"select count(*) from $dbTable where $fieldUser='$user';\" | 
    mysql --defaults-extra-file=./datosSql -s -B -u $dbUser $dbName | 
grep '^ *[1-9][0-9]* *\$' &> /dev/null";
    #syslog(LOG_INFO,"ejabberd_mysql_ext_auth: Executing is_user: %s",$orden);
    # if command returned 0 we return 1
    $result = !system($orden);
          },last SWITCH;
      };
    my $out = pack "nn",2,$result ? 1 : 0;
    syswrite STDOUT,$out;
  }
closelog;
7 - una ves todo bien configurado instalar el plugin xmpp chat -
pueden ver una demostracion en www.floops.com.ar