Ejabberd

Автор Aheles, 01 сентября 2016, 14:03:11

« назад - далее »

0 Пользователи и 1 гость просматривают эту тему.

Aheles

Здравствуйте. Пытаюсь установить ejabberd на Debian 7 (64bit) в конце установки запуск не происходит, получаю ошибку

ЦитироватьStarting jabber server: ejabberd............................................................ failed.

В конциге данные прописаны верно, а именно имя администратора и доменное имя.

При попытке узнать статус получаю следующее

# ejabberdctl status
ЦитироватьFailed RPC connection to the node ejabberd@4088834: nodedown

При попытке запустить таким образом

su ejabberd -c '/usr/sbin/ejabberdctl start &'


получаю ошибки
Открыть содержимое (спойлер)

{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: .. Function: read_file_info. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./standard_error.beam. Function: get_file. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./supervisor_bridge.beam. Function: get_file. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./user_sup.beam. Function: get_file. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./user.beam. Function: get_file. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./kernel_config.beam. Function: get_file. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./queue.beam. Function: get_file. Process: code_server."}

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: .. Function: read_file_info. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./standard_error.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./supervisor_bridge.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./user_sup.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./user.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./kernel_config.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./queue.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./error_logger_tty_h.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./calendar.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./io_lib.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./io_lib_format.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./io_lib_pretty.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./io.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./c.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./erl_eval.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./orddict.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./file_io_server.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./erl_posix_msg.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
file:path_eval([".","/var/lib/ejabberd"],".erlang"): permission denied

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./string.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./dist_util.beam. Function: get_file. Process: code_server.
Failed RPC connection to the node ejabberd@4088834: nodedown

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./erl_scan.beam. Function: get_file. Process: code_server.
[свернуть]
Эту проблему решил с
Решил проблему,

Цитироватьchmod -R 755 /var/lib/ejabberd

Теперь при попытке запуска получаю следующие ошибки
Цитировать# /etc/init.d/ejabberd start
Starting jabber server: ejabberd
Crash dump was written to: /var/log/ejabberd/erl_crash.dump
Kernel pid terminated (application_controller) ({application_start_failure,kernel,{shutdown,{kernel,start,[normal,[]]}}})

Crash dump was written to: /var/log/ejabberd/erl_crash.dump
Kernel pid terminated (application_controller) ({application_start_failure,kernel,{shutdown,{kernel,start,[normal,[]]}}})
.
Подскажите пожалуйста, как можно решить данную проблему.

BULATUS

В конфиге нужно поправить всего несколько строк. Обратите внимание на строки которые нужно раскомментировать, где внести изменения, права на папки и файлы, какие порты открыть...   Конечно нужно сделать соответствующую запись в DNS. Если подробно распишите как поднимаете сервер (включая источник пакетов и сам конфиг) можно помочь... а пока гадание.

Aheles

#2
Сам сервер устанавливаю с репозитория
aptitude install ejabberd
Конфиг
Открыть содержимое (спойлер)
%%%
%%%     Debian ejabberd configuration file
%%%     This config must be in UTF-8 encoding
%%%
%%% The parameters used in this configuration file are explained in more detail
%%% in the ejabberd Installation and Operation Guide.
%%% Please consult the Guide in case of doubts, it is available at
%%% /usr/share/doc/ejabberd/guide.html

%%% This configuration file contains Erlang terms.
%%% In case you want to understand the syntax, here are the concepts:
%%%
%%%  - The character to comment a line is %
%%%
%%%  - Each term ends in a dot, for example:
%%%      override_global.
%%%
%%%  - A tuple has a fixed definition, its elements are
%%%    enclosed in {}, and separated with commas:
%%%      {loglevel, 4}.
%%%
%%%  - A list can have as many elements as you want,
%%%    and is enclosed in [], for example:
%%%      [http_poll, web_admin, tls]
%%%
%%%  - A keyword of ejabberd is a word in lowercase.
%%%    The strings are enclosed in "" and can have spaces, dots...
%%%      {language, "en"}.
%%%      {ldap_rootdn, "dc=example,dc=com"}.
%%%
%%%  - This term includes a tuple, a keyword, a list and two strings:
%%%      {hosts, ["jabber.example.net", "im.example.com"]}.
%%%

%%%   ===================================
%%%   OVERRIDE OPTIONS STORED IN DATABASE

%%
%% Override global options (shared by all ejabberd nodes in a cluster).
%%
%%override_global.

%%
%% Override local options (specific for this particular ejabberd node).
%%
%%override_local.

%%
%% Remove the Access Control Lists before new ones are added.
%%
%%override_acls.


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% Options which are set by Debconf and managed by ucf

%% Admin user
{acl, admin, {user, "admin", "myhost.com"}}.

%% Hostname
{hosts, ["myhost.com"]}.

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


%%%   =========
%%%   DEBUGGING

%%
%% loglevel: Verbosity of log files generated by ejabberd.
%% 0: No ejabberd log at all (not recommended)
%% 1: Critical
%% 2: Error
%% 3: Warning
%% 4: Info
%% 5: Debug
%%
{loglevel, 4}.

%%
%% watchdog_admins: If an ejabberd process consumes too much memory,
%% send live notifications to those Jabber accounts.
%%
%%{watchdog_admins, ["bob@example.com"]}.


%%%   ================
%%%   SERVED HOSTNAMES

%%
%% hosts: Domains served by ejabberd.
%% You can define one or several, for example:
%% {hosts, ["example.net", "example.com", "example.org"]}.
%%
%% (This option is defined by debconf earlier)
%% {hosts, ["localhost"]}.

%%
%% route_subdomains: Delegate subdomains to other Jabber server.
%% For example, if this ejabberd serves example.org and you want
%% to allow communication with a Jabber server called im.example.org.
%%
%%{route_subdomains, s2s}.


%%%   ===============
%%%   LISTENING PORTS

%%
%% listen: Which ports will ejabberd listen, which service handles it
%% and what options to start it with.
%%
{listen,
[
  {5222, ejabberd_c2s, [
         {access, c2s},
         {shaper, c2s_shaper},
         {max_stanza_size, 65536},
                        %%zlib,
         starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}
             ]},

  %%
  %% To enable the old SSL connection method (deprecated) in port 5223:
  %%
  %%{5223, ejabberd_c2s, [
  %%         {access, c2s},
  %%         {shaper, c2s_shaper},
  %%         {max_stanza_size, 65536},
  %%                    zlib,
  %%         tls, {certfile, "/etc/ejabberd/ejabberd.pem"}
  %%             ]},

  {5269, ejabberd_s2s_in, [
            {shaper, s2s_shaper},
            {max_stanza_size, 131072}
           ]},

  %% External MUC jabber-muc
  %%{5554, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {host, "muc.localhost", [{password, "secret"}]}
  %%             ]},

  %% Jabber ICQ Transport
  %%{5555, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {hosts, ["icq.localhost", "sms.localhost"],
  %%                   [{password, "secret"}]}
  %%             ]},

  %% AIM Transport
  %%{5556, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {host, "aim.localhost", [{password, "secret"}]}
  %%             ]},

  %% MSN Transport
  %%{5557, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {host, "msn.localhost", [{password, "secret"}]}
  %%             ]},

  %% Yahoo! Transport
  %%{5558, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {host, "yahoo.localhost", [{password, "secret"}]}
  %%             ]},

  %% External JUD (internal is more powerful,
  %% but doesn't allow to register users from other servers)
  %%{5559, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {host, "jud.localhost", [{password, "secret"}]}
  %%             ]},

  {5280, ejabberd_http, [
          %%{request_handlers,
          %% [
          %%  {["pub", "archive"], mod_http_fileserver}
          %% ]},
          %%captcha,
          http_bind,
          http_poll,
          web_admin
         ]}

]}.

%%
%% max_fsm_queue: Enable limiting of lengths of "message queues"
%% for outgoing connections. Roughly speaking, each message in such
%% queues represents one XML stanza queued to be sent into
%% an output stream it is serving.
%% The default value is an atom 'undefined' which specifies no limiting.
%%
%% When specified globally, this option limits the message queue lengths
%% for all ejabberd_c2s_in and ejabberd_service listeners,
%% as well as for outgoing s2s connections.
%%
%% This option can also be specified as an option for ejabberd_c2s_in
%% and ejabberd_service listeners, in wich case it will override
%% the value of the global option.
%%
{max_fsm_queue, 1000}.

%%
%% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
%% Allowed values are: true or false.
%% You must specify a certificate file.
%%
{s2s_use_starttls, true}.

%%
%% s2s_certfile: Specify a certificate file.
%%
{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.

%%
%% domain_certfile: Specify a different certificate for each served hostname.
%%
%%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
%%{domain_certfile, "example.com", "/path/to/example_com.pem"}.

%%
%% S2S whitelist or blacklist
%%
%% Default s2s policy for undefined hosts.
%%
%%{s2s_default_policy, allow}.

%%
%% Allow or deny communication with specific servers.
%%
%%{{s2s_host, "goodhost.org"}, allow}.
%%{{s2s_host, "badhost.org"}, deny}.

%%
%% The maximum allowed delay for retry to connect
%% after a failed connection attempt to a remote server, in seconds.
%% The default value is 300 seconds (5 minutes).
%%
%% The reconnection algorythm works like this: if connection fails,
%% ejabberd makes an initial random delay between 1 and 15 seconds,
%% then retries, and if this attempt fails, makes another delay,
%% twice as long as previous. These attempts are performed either
%% until a successful connection is made or until the next calculated
%% delay is greated or equal than the value of s2s_max_retry_delay.
%%
%%{s2s_max_retry_delay, 300}.

%%
%% Outgoing S2S options
%%
%% Preferred address families (which to try first) and connect timeout
%% in milliseconds.
%%
%%{outgoing_s2s_options, [ipv4, ipv6], 10000}.


%%%   ==============
%%%   AUTHENTICATION

%%
%% auth_method: Method used to authenticate the users.
%% The default method is the internal.
%% If you want to use a different method,
%% comment this line and enable the correct ones.
%%
{auth_method, internal}.

%%
%% Authentication using external script
%% Make sure the script is executable by ejabberd.
%%
%%{auth_method, external}.
%%{extauth_program, "/path/to/authentication/script"}.

%%
%% Authentication using ODBC
%% Remember to setup a database in the next section.
%%
%%{auth_method, odbc}.

%%
%% Authentication using PAM
%%
%%{auth_method, pam}.
%%{pam_service, "pamservicename"}.

%%
%% Authentication using LDAP
%%
%%{auth_method, ldap}.
%%
%% List of LDAP servers:
%%{ldap_servers, ["localhost"]}.
%%
%% Encryption of connection to LDAP servers (LDAPS):
%%{ldap_encrypt, none}.
%%{ldap_encrypt, tls}.
%%
%% Port connect to LDAP server:
%%{ldap_port, 389}.
%%{ldap_port, 636}.
%%
%% LDAP manager:
%%{ldap_rootdn, "dc=example,dc=com"}.
%%
%% Password to LDAP manager:
%%{ldap_password, "******"}.
%%
%% Search base of LDAP directory:
%%{ldap_base, "dc=example,dc=com"}.
%%
%% LDAP attribute that holds user ID:
%%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
%%
%% LDAP filter:
%%{ldap_filter, "(objectClass=shadowAccount)"}.

%%
%% Anonymous login support:
%%   auth_method: anonymous
%%   anonymous_protocol: sasl_anon | login_anon | both
%%   allow_multiple_connections: true | false
%%
%%{host_config, "public.example.org", [{auth_method, anonymous},
%%                                     {allow_multiple_connections, false},
%%                                     {anonymous_protocol, sasl_anon}]}.
%%
%% To use both anonymous and internal authentication:
%%
%%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.


%%%   ==============
%%%   DATABASE SETUP

%% ejabberd uses by default the internal Mnesia database,
%% so you can avoid this section.
%% This section provides configuration examples in case
%% you want to use other database backends.
%% Please consult the ejabberd Guide for details about database creation.

%% NOTE that ejabberd in Debian supports "out of the box"
%% only mnesia (default) and ODBC storage backends.
%% Working with MySQL and PostgreSQL DB backends requires
%% building and installation of the corresponding Erlang modules,
%% not distributed as a part of ejabberd.
%% Refer to /usr/share/doc/ejabberd/README.Debian for details.

%%
%% MySQL server:
%%
%%{odbc_server, {mysql, "server", "database", "username", "password"}}.
%%
%% If you want to specify the port:
%%{odbc_server, {mysql, "server", 1234, "database", "username", "password"}}.

%%
%% PostgreSQL server:
%%
%%{odbc_server, {pgsql, "server", "database", "username", "password"}}.
%%
%% If you want to specify the port:
%%{odbc_server, {pgsql, "server", 1234, "database", "username", "password"}}.
%%
%% If you use PostgreSQL, have a large database, and need a
%% faster but inexact replacement for "select count(*) from users"
%%
%%{pgsql_users_number_estimate, true}.

%%
%% ODBC compatible or MSSQL server:
%%
%%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.

%%
%% Number of connections to open to the database for each virtual host
%%
%%{odbc_pool_size, 10}.

%%
%% Interval to make a dummy SQL request to keep alive the connections
%% to the database. Specify in seconds: for example 28800 means 8 hours
%%
%%{odbc_keepalive_interval, undefined}.


%%%   ===============
%%%   TRAFFIC SHAPERS

%%
%% The "normal" shaper limits traffic speed to 1.000 B/s
%%
{shaper, normal, {maxrate, 1000}}.

%%
%% The "fast" shaper limits traffic speed to 50.000 B/s
%%
{shaper, fast, {maxrate, 50000}}.


%%%   ====================
%%%   ACCESS CONTROL LISTS

%%
%% The 'admin' ACL grants administrative privileges to Jabber accounts.
%% You can put as many accounts as you want.
%%
%%{acl, admin, {user, "aleksey", "localhost"}}.
%%{acl, admin, {user, "ermine", "example.org"}}.

%%
%% Blocked users
%%
%%{acl, blocked, {user, "baduser", "example.org"}}.
%%{acl, blocked, {user, "test"}}.

%%
%% Local users: don't modify this line.
%%
{acl, local, {user_regexp, ""}}.

%%
%% More examples of ACLs
%%
%%{acl, jabberorg, {server, "jabber.org"}}.
%%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%%{acl, test, {user_regexp, "^test"}}.
%%{acl, test, {user_glob, "test*"}}.

%%
%% Define specific ACLs in a virtual host.
%%
%%{host_config, "localhost",
%% [
%%  {acl, admin, {user, "bob-local", "localhost"}}
%% ]
%%}.


%%%   ============
%%%   ACCESS RULES

%% Define the maximum number of time a single user is allowed to connect:
{access, max_user_sessions, [{10, all}]}.

%% Maximum number of offline messages that users can have:
{access, max_user_offline_messages, [{5000, admin}, {100, all}]}.

%% This rule allows access only for local users:
{access, local, [{allow, local}]}.

%% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
          {allow, all}]}.

%% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
            {normal, all}]}.

%% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

%% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.

%% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

%% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

%% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.

%% No username can be registered via in-band registration:
%% To enable in-band registration, replace 'deny' with 'allow'
% (note that if you remove mod_register from modules list then users will not
% be able to change their password as well as register).
% This setting is default because it's more safe.
{access, register, [{deny, all}]}.

%% By default frequency of account registrations from the same IP
%% is limited to 1 account every 10 minutes. To disable put: infinity
%%{registration_timeout, 600}.

%% Everybody can create pubsub nodes
{access, pubsub_createnode, [{allow, all}]}.

%%
%% Define specific Access rules in a virtual host.
%%
%%{host_config, "localhost",
%% [
%%  {access, c2s, [{allow, admin}, {deny, all}]},
%%  {access, register, [{deny, all}]}
%% ]
%%}.


%%%   ================
%%%   DEFAULT LANGUAGE

%%
%% language: Default language used for server messages.
%%
{language, "en"}.

%%
%% Set a different default language in a virtual host.
%%
%%{host_config, "localhost",
%% [{language, "ru"}]
%%}.


%%%   =======
%%%   CAPTCHA

%%
%% Full path to a script that generates the image.
%% Note that this script must be made executable
%% for the user ejabberd:ejabberd.
%%
%%{captcha_cmd, "/usr/lib/ejabberd/priv/bin/captcha.sh"}.

%%
%% Host part of the URL sent to the user.
%% The port specified must be configured as the "ejabberd_http"
%% listener which must have the "captcha" directive included
%% in its configuration (see the "LISTENING PORTS" section above).
%%
%%{captcha_host, "localhost:5280"}.


%%%   =======
%%%   MODULES

%%
%% Modules enabled in all ejabberd virtual hosts.
%%
{modules,
[
  {mod_adhoc,    []},
  {mod_announce, [{access, announce}]}, % requires mod_adhoc
  {mod_caps,     []},
  {mod_configure,[]}, % requires mod_adhoc
  {mod_admin_extra, []},
  {mod_disco,    []},
  %%{mod_echo,   [{host, "echo.localhost"}]},
  {mod_irc,      []},
  %% NOTE that mod_http_fileserver must also be enabled in the
  %% "request_handlers" clause of the "ejabberd_http" listener
  %% configuration (see the "LISTENING PORTS" section above).
  %%{mod_http_fileserver, [
  %%                       {docroot, "/var/www"},
  %%                       {accesslog, "/var/log/ejabberd/access.log"}
  %%                      ]},
  {mod_last,     []},
  {mod_muc,      [
        %%{host, "conference.@HOST@"},
        {access, muc},
        {access_create, muc},
        {access_persistent, muc},
        {access_admin, muc_admin},
        {max_users, 500}
       ]},
  %%{mod_muc_log,[]},
  {mod_offline,  [{access_max_user_messages, max_user_offline_messages}]},
  {mod_privacy,  []},
  {mod_private,  []},
  {mod_proxy65,  [
        {access, local},
        {shaper, c2s_shaper}
       ]},
  {mod_pubsub,   [ % requires mod_caps
        {access_createnode, pubsub_createnode},
        {pep_sendlast_offline, false},
        {last_item_cache, false},
        %%{plugins, ["default", "pep"]}
        {plugins, ["flat", "hometree", "pep"]}  % pep requires mod_caps
       ]},
  {mod_register, [
        %%
        %% After successful registration, the user receives
        %% a message with this subject and body.
        %%
        {welcome_message, {"Welcome!",
                 "Welcome to a Jabber service powered by Debian. "
                 "For information about Jabber visit "
                 "http://www.jabber.org"}},
        %% Replace it with 'none' if you don't want to send such message:
        %%{welcome_message, none},

        %%
        %% When a user registers, send a notification to
        %% these Jabber accounts.
        %%
        %%{registration_watchers, ["admin1@example.org"]},

        {access, register}
       ]},
  {mod_roster,   []},
  %%{mod_service_log,[]},
  %%{mod_shared_roster,[]},
  {mod_stats,    []},
  {mod_time,     []},
  {mod_vcard,    []},
  {mod_version,  []}
]}.

%%
%% Enable modules with custom options in a specific virtual host
%%
%%{host_config, "localhost",
%% [{{add, modules},
%%   [
%%    {mod_echo, [{host, "mirror.localhost"}]}
%%   ]
%%  }
%% ]}.


%%% $Id: ejabberd.cfg.example 2497 2009-08-17 20:27:28Z cromain $

%%% Local Variables:
%%% mode: erlang
%%% End:
%%% vim: set filetype=erlang tabstop=8:
[свернуть]
Конфиг стандартный, только домен вписан и имя пользователя. Запись в DNS A

ogost

Впредь убирайте простыни под спойлер.
На визи Пару лет назад поднимал ejabberd, никаких манипуляций с правами на файл не требуется, это противоречит со смыслом существования репозиториев. Завтра если найду рабочий конфиг, то выложу.

Aheles

ogost, приношу извинения, буду убирать под спойлер. Хорошо, буду ждать, если разберусь, тогда отпишу.

BULATUS

#5
Рабочий кофиг
Откорректируйте его под себя, изменив "мой_домен" на свой.
Открыть содержимое (спойлер)


%%%
%%%     Debian ejabberd configuration file
%%%     This config must be in UTF-8 encoding
%%%
%%% The parameters used in this configuration file are explained in more detail
%%% in the ejabberd Installation and Operation Guide.
%%% Please consult the Guide in case of doubts, it is available at
%%% /usr/share/doc/ejabberd/guide.html

%%% This configuration file contains Erlang terms.
%%% In case you want to understand the syntax, here are the concepts:
%%%
%%%  - The character to comment a line is %
%%%
%%%  - Each term ends in a dot, for example:
%%%      override_global.
%%%
%%%  - A tuple has a fixed definition, its elements are
%%%    enclosed in {}, and separated with commas:
%%%      {loglevel, 4}.
%%%
%%%  - A list can have as many elements as you want,
%%%    and is enclosed in [], for example:
%%%      [http_poll, web_admin, tls]
%%%
%%%  - A keyword of ejabberd is a word in lowercase.
%%%    The strings are enclosed in "" and can have spaces, dots...
%%%      {language, "en"}.
%%%      {ldap_rootdn, "dc=example,dc=com"}.
%%%
%%%  - This term includes a tuple, a keyword, a list and two strings:
%%%      {hosts, ["jabber.example.net", "im.example.com"]}.
%%%

%%%   ===================================
%%%   OVERRIDE OPTIONS STORED IN DATABASE

%%
%% Override global options (shared by all ejabberd nodes in a cluster).
%%
%%override_global.

%%
%% Override local options (specific for this particular ejabberd node).
%%
%%override_local.

%%
%% Remove the Access Control Lists before new ones are added.
%%
%%override_acls.


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% Options which are set by Debconf and managed by ucf

%% Admin user
{acl, admin, {user, "admin", "мой_домен.ru"}}.

%% Hostname
{hosts, ["мой_домен.ru"]}.

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


%%%   =========
%%%   DEBUGGING

%%
%% loglevel: Verbosity of log files generated by ejabberd.
%% 0: No ejabberd log at all (not recommended)
%% 1: Critical
%% 2: Error
%% 3: Warning
%% 4: Info
%% 5: Debug
%%
{loglevel, 4}.

%%
%% watchdog_admins: If an ejabberd process consumes too much memory,
%% send live notifications to those Jabber accounts.
%%
%%{watchdog_admins, ["bob@example.com"]}.


%%%   ================
%%%   SERVED HOSTNAMES

%%
%% hosts: Domains served by ejabberd.
%% You can define one or several, for example:
%% {hosts, ["example.net", "example.com", "example.org"]}.
%%
%% (This option is defined by debconf earlier)
%% {hosts, ["localhost"]}.

%%
%% route_subdomains: Delegate subdomains to other Jabber server.
%% For example, if this ejabberd serves example.org and you want
%% to allow communication with a Jabber server called im.example.org.
%%
{route_subdomains, s2s}.


%%%   ===============
%%%   LISTENING PORTS

%%
%% listen: Which ports will ejabberd listen, which service handles it
%% and what options to start it with.
%%
{listen,
[
  {5222, ejabberd_c2s, [
{access, c2s},
{shaper, c2s_shaper},
{max_stanza_size, 65536},
                        %%zlib,
starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}
       ]},

  %%
  %% To enable the old SSL connection method (deprecated) in port 5223:
  %%
  %%{5223, ejabberd_c2s, [
  %% {access, c2s},
  %% {shaper, c2s_shaper},
  %% {max_stanza_size, 65536},
  %%                    zlib,
  %% tls, {certfile, "/usr/local/etc/ejabberd/ssl.pem"}
  %%        ]},

  {5269, ejabberd_s2s_in, [
   {shaper, s2s_shaper},
   {max_stanza_size, 131072}
  ]},

  %% External MUC jabber-muc
  %%{5554, ejabberd_service, [
  %%     {ip, {127, 0, 0, 1}},
  %%     {access, all},
  %%     {shaper_rule, fast},
  %%     {host, "muc.localhost", [{password, "secret"}]}
  %%     ]},

  %% Jabber ICQ Transport
  {5555, ejabberd_service, [
      {ip, {127, 0, 0, 1}},
      {access, all},
      {shaper_rule, fast},
      {hosts, ["icq.мой_домен.ru", "sms.icq.мой_домен.ru"],
         [{password, "secret"}]}
      ]},

  %% AIM Transport
  %%{5556, ejabberd_service, [
  %%     {ip, {127, 0, 0, 1}},
  %%     {access, all},
  %%     {shaper_rule, fast},
  %%     {host, "aim.localhost", [{password, "secret"}]}
  %%     ]},

  %% MSN Transport
  %%{5557, ejabberd_service, [
  %%     {ip, {127, 0, 0, 1}},
  %%     {access, all},
  %%     {shaper_rule, fast},
  %%     {host, "msn.localhost", [{password, "secret"}]}
  %%     ]},

  %% Yahoo! Transport
  %%{5558, ejabberd_service, [
  %%     {ip, {127, 0, 0, 1}},
  %%     {access, all},
  %%     {shaper_rule, fast},
  %%     {host, "yahoo.localhost", [{password, "secret"}]}
  %%     ]},

  %% External JUD (internal is more powerful,
  %% but doesn't allow to register users from other servers)
  %%{5559, ejabberd_service, [
  %%     {ip, {127, 0, 0, 1}},
  %%     {access, all},
  %%     {shaper_rule, fast},
  %%     {host, "jud.localhost", [{password, "secret"}]}
  %%     ]},

  {5280, ejabberd_http, [
%%{request_handlers,
%% [
%%  {["pub", "archive"], mod_http_fileserver}
%% ]},
%%captcha,
http_bind,
http_poll,
web_admin
]}

]}.

%%
%% max_fsm_queue: Enable limiting of lengths of "message queues"
%% for outgoing connections. Roughly speaking, each message in such
%% queues represents one XML stanza queued to be sent into
%% an output stream it is serving.
%% The default value is an atom 'undefined' which specifies no limiting.
%%
%% When specified globally, this option limits the message queue lengths
%% for all ejabberd_c2s_in and ejabberd_service listeners,
%% as well as for outgoing s2s connections.
%%
%% This option can also be specified as an option for ejabberd_c2s_in
%% and ejabberd_service listeners, in wich case it will override
%% the value of the global option.
%%
{max_fsm_queue, 1000}.

%%
%% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
%% Allowed values are: true or false.
%% You must specify a certificate file.
%%
{s2s_use_starttls, true}.

%%
%% s2s_certfile: Specify a certificate file.
%%
{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.

%%
%% domain_certfile: Specify a different certificate for each served hostname.
%%
%%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
%%{domain_certfile, "example.com", "/path/to/example_com.pem"}.

%%
%% S2S whitelist or blacklist
%%
%% Default s2s policy for undefined hosts.
%%
{s2s_default_policy, allow}.

%%
%% Allow or deny communication with specific servers.
%%
%%{{s2s_host, "goodhost.org"}, allow}.
%%{{s2s_host, "badhost.org"}, deny}.

%%
%% The maximum allowed delay for retry to connect
%% after a failed connection attempt to a remote server, in seconds.
%% The default value is 300 seconds (5 minutes).
%%
%% The reconnection algorythm works like this: if connection fails,
%% ejabberd makes an initial random delay between 1 and 15 seconds,
%% then retries, and if this attempt fails, makes another delay,
%% twice as long as previous. These attempts are performed either
%% until a successful connection is made or until the next calculated
%% delay is greated or equal than the value of s2s_max_retry_delay.
%%
%%{s2s_max_retry_delay, 300}.

%%
%% Outgoing S2S options
%%
%% Preferred address families (which to try first) and connect timeout
%% in milliseconds.
%%
%%{outgoing_s2s_options, [ipv4, ipv6], 10000}.


%%%   ==============
%%%   AUTHENTICATION

%%
%% auth_method: Method used to authenticate the users.
%% The default method is the internal.
%% If you want to use a different method,
%% comment this line and enable the correct ones.
%%
{auth_method, internal}.

%%
%% Authentication using external script
%% Make sure the script is executable by ejabberd.
%%
%%{auth_method, external}.
%%{extauth_program, "/path/to/authentication/script"}.

%%
%% Authentication using ODBC
%% Remember to setup a database in the next section.
%%
%%{auth_method, odbc}.

%%
%% Authentication using PAM
%%
%%{auth_method, pam}.
%%{pam_service, "pamservicename"}.

%%
%% Authentication using LDAP
%%
%%{auth_method, ldap}.
%%
%% List of LDAP servers:
%%{ldap_servers, ["localhost"]}.
%%
%% Encryption of connection to LDAP servers (LDAPS):
%%{ldap_encrypt, none}.
%%{ldap_encrypt, tls}.
%%
%% Port connect to LDAP server:
%%{ldap_port, 389}.
%%{ldap_port, 636}.
%%
%% LDAP manager:
%%{ldap_rootdn, "dc=example,dc=com"}.
%%
%% Password to LDAP manager:
%%{ldap_password, "******"}.
%%
%% Search base of LDAP directory:
%%{ldap_base, "dc=example,dc=com"}.
%%
%% LDAP attribute that holds user ID:
%%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
%%
%% LDAP filter:
%%{ldap_filter, "(objectClass=shadowAccount)"}.

%%
%% Anonymous login support:
%%   auth_method: anonymous
%%   anonymous_protocol: sasl_anon | login_anon | both
%%   allow_multiple_connections: true | false
%%
%%{host_config, "public.example.org", [{auth_method, anonymous},
%%                                     {allow_multiple_connections, false},
%%                                     {anonymous_protocol, sasl_anon}]}.
%%
%% To use both anonymous and internal authentication:
%%
%%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.


%%%   ==============
%%%   DATABASE SETUP

%% ejabberd uses by default the internal Mnesia database,
%% so you can avoid this section.
%% This section provides configuration examples in case
%% you want to use other database backends.
%% Please consult the ejabberd Guide for details about database creation.

%% NOTE that ejabberd in Debian supports "out of the box"
%% only mnesia (default) and ODBC storage backends.
%% Working with MySQL and PostgreSQL DB backends requires
%% building and installation of the corresponding Erlang modules,
%% not distributed as a part of ejabberd.
%% Refer to /usr/share/doc/ejabberd/README.Debian for details.

%%
%% MySQL server:
%%
%%{odbc_server, {mysql, "server", "database", "username", "password"}}.
%%
%% If you want to specify the port:
%%{odbc_server, {mysql, "server", 1234, "database", "username", "password"}}.

%%
%% PostgreSQL server:
%%
%%{odbc_server, {pgsql, "server", "database", "username", "password"}}.
%%
%% If you want to specify the port:
%%{odbc_server, {pgsql, "server", 1234, "database", "username", "password"}}.
%%
%% If you use PostgreSQL, have a large database, and need a
%% faster but inexact replacement for "select count(*) from users"
%%
%%{pgsql_users_number_estimate, true}.

%%
%% ODBC compatible or MSSQL server:
%%
%%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.

%%
%% Number of connections to open to the database for each virtual host
%%
%%{odbc_pool_size, 10}.

%%
%% Interval to make a dummy SQL request to keep alive the connections
%% to the database. Specify in seconds: for example 28800 means 8 hours
%%
%%{odbc_keepalive_interval, undefined}.


%%%   ===============
%%%   TRAFFIC SHAPERS

%%
%% The "normal" shaper limits traffic speed to 1.000 B/s
%%
{shaper, normal, {maxrate, 1000}}.

%%
%% The "fast" shaper limits traffic speed to 50.000 B/s
%%
{shaper, fast, {maxrate, 50000}}.


%%%   ====================
%%%   ACCESS CONTROL LISTS

%%
%% The 'admin' ACL grants administrative privileges to Jabber accounts.
%% You can put as many accounts as you want.
%%
%%{acl, admin, {user, "aleksey", "localhost"}}.
%%{acl, admin, {user, "ermine", "example.org"}}.

%%
%% Blocked users
%%
%%{acl, blocked, {user, "baduser", "example.org"}}.
%%{acl, blocked, {user, "test"}}.

%%
%% Local users: don't modify this line.
%%
{acl, local, {user_regexp, ""}}.

%%
%% More examples of ACLs
%%
%%{acl, jabberorg, {server, "jabber.org"}}.
%%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%%{acl, test, {user_regexp, "^test"}}.
%%{acl, test, {user_glob, "test*"}}.

%%
%% Define specific ACLs in a virtual host.
%%
%%{host_config, "localhost",
%% [
%%  {acl, admin, {user, "bob-local", "localhost"}}
%% ]
%%}.


%%%   ============
%%%   ACCESS RULES

%% Define the maximum number of time a single user is allowed to connect:
{access, max_user_sessions, [{10, all}]}.

%% Maximum number of offline messages that users can have:
{access, max_user_offline_messages, [{5000, admin}, {100, all}]}.

%% This rule allows access only for local users:
{access, local, [{allow, local}]}.

%% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
       {allow, all}]}.

%% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
      {normal, all}]}.

%% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

%% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.

%% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

%% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

%% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.

%% No username can be registered via in-band registration:
%% To enable in-band registration, replace 'deny' with 'allow'
% (note that if you remove mod_register from modules list then users will not
% be able to change their password as well as register).
% This setting is default because it's more safe.
{access, register, [{deny, all}]}.

%% By default frequency of account registrations from the same IP
%% is limited to 1 account every 10 minutes. To disable put: infinity
%%{registration_timeout, 600}.

%% Everybody can create pubsub nodes
{access, pubsub_createnode, [{allow, all}]}.

%%
%% Define specific Access rules in a virtual host.
%%
%%{host_config, "localhost",
%% [
%%  {access, c2s, [{allow, admin}, {deny, all}]},
%%  {access, register, [{deny, all}]}
%% ]
%%}.


%%%   ================
%%%   DEFAULT LANGUAGE

%%
%% language: Default language used for server messages.
%%
{language, "ru"}.

%%
%% Set a different default language in a virtual host.
%%
%%{host_config, "localhost",
%% [{language, "ru"}]
%%}.


%%%   =======
%%%   CAPTCHA

%%
%% Full path to a script that generates the image.
%% Note that this script must be made executable
%% for the user ejabberd:ejabberd.
%%
%%{captcha_cmd, "/usr/lib/ejabberd/priv/bin/captcha.sh"}.

%%
%% Host part of the URL sent to the user.
%% The port specified must be configured as the "ejabberd_http"
%% listener which must have the "captcha" directive included
%% in its configuration (see the "LISTENING PORTS" section above).
%%
%%{captcha_host, "localhost:5280"}.


%%%   =======
%%%   MODULES

%%
%% Modules enabled in all ejabberd virtual hosts.
%%
{modules,
[
  {mod_adhoc,    []},
  {mod_announce, [{access, announce}]}, % requires mod_adhoc
  {mod_caps,     []},
  {mod_configure,[]}, % requires mod_adhoc
  {mod_admin_extra, []},
  {mod_disco,    []},
  %%{mod_echo,   [{host, "echo.localhost"}]},
  {mod_irc,      []},
  %% NOTE that mod_http_fileserver must also be enabled in the
  %% "request_handlers" clause of the "ejabberd_http" listener
  %% configuration (see the "LISTENING PORTS" section above).
  %%{mod_http_fileserver, [
  %%                       {docroot, "/var/www"},
  %%                       {accesslog, "/var/log/ejabberd/access.log"}
  %%                      ]},
  {mod_last,     []},
  {mod_muc,      [
  %%{host, "conference.@HOST@"},
  {access, muc},
  {access_create, muc},
  {access_persistent, muc},
  {access_admin, muc_admin},
  {max_users, 500}
]},
  %%{mod_muc_log,[]},
  {mod_offline,  [{access_max_user_messages, max_user_offline_messages}]},
  {mod_privacy,  []},
  {mod_private,  []},
  {mod_proxy65,  [
  {access, local},
  {shaper, c2s_shaper}
]},
  {mod_pubsub,   [ % requires mod_caps
  {access_createnode, pubsub_createnode},
  {pep_sendlast_offline, false},
  {last_item_cache, false},
  %%{plugins, ["default", "pep"]}
  {plugins, ["flat", "hometree", "pep"]}  % pep requires mod_caps
]},
  {mod_register, [
  %%
  %% After successful registration, the user receives
  %% a message with this subject and body.
  %%
  {welcome_message, {"Добро пожаловать!",
     "Welcome to a Jabber service powered by Debian. "
     "For information about Jabber visit "
     "http://www.jabber.org"}},
  %% Replace it with 'none' if you don't want to send such message:
  %%{welcome_message, none},

  %%
  %% When a user registers, send a notification to
  %% these Jabber accounts.
  %%
  %%{registration_watchers, ["admin1@example.org"]},

  {access, register}
]},
  {mod_roster,   []},
  %%{mod_service_log,[]},
  %%{mod_shared_roster,[]},
  {mod_stats,    []},
  {mod_time,     []},
  {mod_vcard,    []},
  {mod_version,  []}
]}.

%%
%% Enable modules with custom options in a specific virtual host
%%
%%{host_config, "localhost",
%% [{{add, modules},
%%   [
%%    {mod_echo, [{host, "mirror.localhost"}]}
%%   ]
%%  }
%% ]}.


%%% $Id: ejabberd.cfg.example 2497 2009-08-17 20:27:28Z cromain $

%%% Local Variables:
%%% mode: erlang
%%% End:
%%% vim: set filetype=erlang tabstop=8:


и замените deny на allow - без этого пользователи сервера не смогут регистрироваться напрямую из своего Jabber-клиента.
Закомментируйте строки Jabber ICQ Transport если аська Вам не нужна. Если да, то транспорт настраивать отдельно.

Перезапустить /etc/init.d/ejabberd restart

В браузере http://мой_домен.ru:5280/admin можно управлять и администрировать.

Установка ejabberd под Linux

[свернуть]

Теперь про DNS...
нужно сделать три записи, например...
Открыть содержимое (спойлер)
Имя jabber
Тип А
Адрес Ввш ip


Имя xmpp-client
Тип CRV
Адрес ваш домен
Приоритет 0
Условный вес SRV-записи 0
Порт 5222


Имя xmpp-server
Тип CRV
Адрес ваш домен
Приоритет 0
Условный вес SRV-записи 0
Порт 5269


DNS SRV

[свернуть]

Cообщение объединено 01 сентября 2016, 23:16:31

Насчет прав... прав только root. Не надо туда лезть и открывать доступ. ;) На это обращайте внимание всегда.

BULATUS

Aheles, просто интересно... как там у вас, получилось?