Автор Тема: Ejabberd  (Прочитано 1554 раз)

0 Пользователей и 1 Гость просматривают эту тему.

Оффлайн Aheles

  • Новичок форума
  • Topic Author
  • Сообщений: 3
Ejabberd
« : 01 Сентябрь 2016, 14:03:11 »
Здравствуйте. Пытаюсь установить ejabberd на Debian 7 (64bit) в конце установки запуск не происходит, получаю ошибку

Цитировать
Starting jabber server: ejabberd............................................................ failed.

В конциге данные прописаны верно, а именно имя администратора и доменное имя.

При попытке узнать статус получаю следующее

# ejabberdctl status
Цитировать
Failed RPC connection to the node ejabberd@4088834: nodedown

При попытке запустить таким образом

su ejabberd -c '/usr/sbin/ejabberdctl start &'


получаю ошибки
Spoiler: ShowHide

{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: .. Function: read_file_info. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./standard_error.beam. Function: get_file. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./supervisor_bridge.beam. Function: get_file. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./user_sup.beam. Function: get_file. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./user.beam. Function: get_file. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./kernel_config.beam. Function: get_file. Process: code_server."}
{error_logger,{{2016,9,1},{6,18,0}},std_error,"File operation error: eacces. Target: ./queue.beam. Function: get_file. Process: code_server."}

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: .. Function: read_file_info. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./standard_error.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./supervisor_bridge.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./user_sup.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./user.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./kernel_config.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::02:18:00 ===
File operation error: eacces. Target: ./queue.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./error_logger_tty_h.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./calendar.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./io_lib.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./io_lib_format.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./io_lib_pretty.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./io.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./c.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./erl_eval.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./orddict.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./file_io_server.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./erl_posix_msg.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
file:path_eval([".","/var/lib/ejabberd"],".erlang"): permission denied

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./string.beam. Function: get_file. Process: code_server.

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./dist_util.beam. Function: get_file. Process: code_server.
Failed RPC connection to the node ejabberd@4088834: nodedown

=ERROR REPORT==== 1-Sep-2016::06:18:00 ===
File operation error: eacces. Target: ./erl_scan.beam. Function: get_file. Process: code_server.

Эту проблему решил с
 Решил проблему,

Цитировать
chmod -R 755 /var/lib/ejabberd

Теперь при попытке запуска получаю следующие ошибки
Цитировать
# /etc/init.d/ejabberd start
Starting jabber server: ejabberd
Crash dump was written to: /var/log/ejabberd/erl_crash.dump
Kernel pid terminated (application_controller) ({application_start_failure,kernel,{shutdown,{kernel,start,[normal,[]]}}})

Crash dump was written to: /var/log/ejabberd/erl_crash.dump
Kernel pid terminated (application_controller) ({application_start_failure,kernel,{shutdown,{kernel,start,[normal,[]]}}})
.
Подскажите пожалуйста, как можно решить данную проблему.
« Последнее редактирование: 01 Сентябрь 2016, 17:37:01 от ogost »
 

Оффлайн BULATUS

  • Администратор
  • Ветеран
  • *****
  • Сообщений: 2061
Re: Ejabberd
« Ответ #1 : 01 Сентябрь 2016, 15:15:05 »
В конфиге нужно поправить всего несколько строк. Обратите внимание на строки которые нужно раскомментировать, где внести изменения, права на папки и файлы, какие порты открыть...   Конечно нужно сделать соответствующую запись в DNS. Если подробно распишите как поднимаете сервер (включая источник пакетов и сам конфиг) можно помочь... а пока гадание.

Оффлайн Aheles

  • Новичок форума
  • Topic Author
  • Сообщений: 3
Re: Ejabberd
« Ответ #2 : 01 Сентябрь 2016, 15:48:48 »
Сам сервер устанавливаю с репозитория
aptitude install ejabberd
Конфиг
Spoiler: ShowHide
%%%
%%%     Debian ejabberd configuration file
%%%     This config must be in UTF-8 encoding
%%%
%%% The parameters used in this configuration file are explained in more detail
%%% in the ejabberd Installation and Operation Guide.
%%% Please consult the Guide in case of doubts, it is available at
%%% /usr/share/doc/ejabberd/guide.html

%%% This configuration file contains Erlang terms.
%%% In case you want to understand the syntax, here are the concepts:
%%%
%%%  - The character to comment a line is %
%%%
%%%  - Each term ends in a dot, for example:
%%%      override_global.
%%%
%%%  - A tuple has a fixed definition, its elements are
%%%    enclosed in {}, and separated with commas:
%%%      {loglevel, 4}.
%%%
%%%  - A list can have as many elements as you want,
%%%    and is enclosed in [], for example:
%%%      [http_poll, web_admin, tls]
%%%
%%%  - A keyword of ejabberd is a word in lowercase.
%%%    The strings are enclosed in "" and can have spaces, dots...
%%%      {language, "en"}.
%%%      {ldap_rootdn, "dc=example,dc=com"}.
%%%
%%%  - This term includes a tuple, a keyword, a list and two strings:
%%%      {hosts, ["jabber.example.net", "im.example.com"]}.
%%%

%%%   ===================================
%%%   OVERRIDE OPTIONS STORED IN DATABASE

%%
%% Override global options (shared by all ejabberd nodes in a cluster).
%%
%%override_global.

%%
%% Override local options (specific for this particular ejabberd node).
%%
%%override_local.

%%
%% Remove the Access Control Lists before new ones are added.
%%
%%override_acls.


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% Options which are set by Debconf and managed by ucf

%% Admin user
{acl, admin, {user, "admin", "myhost.com"}}.

%% Hostname
{hosts, ["myhost.com"]}.

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


%%%   =========
%%%   DEBUGGING

%%
%% loglevel: Verbosity of log files generated by ejabberd.
%% 0: No ejabberd log at all (not recommended)
%% 1: Critical
%% 2: Error
%% 3: Warning
%% 4: Info
%% 5: Debug
%%
{loglevel, 4}.

%%
%% watchdog_admins: If an ejabberd process consumes too much memory,
%% send live notifications to those Jabber accounts.
%%
%%{watchdog_admins, ["bob@example.com"]}.


%%%   ================
%%%   SERVED HOSTNAMES

%%
%% hosts: Domains served by ejabberd.
%% You can define one or several, for example:
%% {hosts, ["example.net", "example.com", "example.org"]}.
%%
%% (This option is defined by debconf earlier)
%% {hosts, ["localhost"]}.

%%
%% route_subdomains: Delegate subdomains to other Jabber server.
%% For example, if this ejabberd serves example.org and you want
%% to allow communication with a Jabber server called im.example.org.
%%
%%{route_subdomains, s2s}.


%%%   ===============
%%%   LISTENING PORTS

%%
%% listen: Which ports will ejabberd listen, which service handles it
%% and what options to start it with.
%%
{listen,
 [
  {5222, ejabberd_c2s, [
         {access, c2s},
         {shaper, c2s_shaper},
         {max_stanza_size, 65536},
                        %%zlib,
         starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}
             ]},

  %%
  %% To enable the old SSL connection method (deprecated) in port 5223:
  %%
  %%{5223, ejabberd_c2s, [
  %%         {access, c2s},
  %%         {shaper, c2s_shaper},
  %%         {max_stanza_size, 65536},
  %%                    zlib,
  %%         tls, {certfile, "/etc/ejabberd/ejabberd.pem"}
  %%             ]},

  {5269, ejabberd_s2s_in, [
            {shaper, s2s_shaper},
            {max_stanza_size, 131072}
           ]},

  %% External MUC jabber-muc
  %%{5554, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {host, "muc.localhost", [{password, "secret"}]}
  %%             ]},

  %% Jabber ICQ Transport
  %%{5555, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {hosts, ["icq.localhost", "sms.localhost"],
  %%                   [{password, "secret"}]}
  %%             ]},

  %% AIM Transport
  %%{5556, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {host, "aim.localhost", [{password, "secret"}]}
  %%             ]},

  %% MSN Transport
  %%{5557, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {host, "msn.localhost", [{password, "secret"}]}
  %%             ]},

  %% Yahoo! Transport
  %%{5558, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {host, "yahoo.localhost", [{password, "secret"}]}
  %%             ]},

  %% External JUD (internal is more powerful,
  %% but doesn't allow to register users from other servers)
  %%{5559, ejabberd_service, [
  %%             {ip, {127, 0, 0, 1}},
  %%             {access, all},
  %%             {shaper_rule, fast},
  %%             {host, "jud.localhost", [{password, "secret"}]}
  %%             ]},

  {5280, ejabberd_http, [
          %%{request_handlers,
          %% [
          %%  {["pub", "archive"], mod_http_fileserver}
          %% ]},
          %%captcha,
          http_bind,
          http_poll,
          web_admin
         ]}

 ]}.

%%
%% max_fsm_queue: Enable limiting of lengths of "message queues"
%% for outgoing connections. Roughly speaking, each message in such
%% queues represents one XML stanza queued to be sent into
%% an output stream it is serving.
%% The default value is an atom 'undefined' which specifies no limiting.
%%
%% When specified globally, this option limits the message queue lengths
%% for all ejabberd_c2s_in and ejabberd_service listeners,
%% as well as for outgoing s2s connections.
%%
%% This option can also be specified as an option for ejabberd_c2s_in
%% and ejabberd_service listeners, in wich case it will override
%% the value of the global option.
%%
{max_fsm_queue, 1000}.

%%
%% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
%% Allowed values are: true or false.
%% You must specify a certificate file.
%%
{s2s_use_starttls, true}.

%%
%% s2s_certfile: Specify a certificate file.
%%
{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.

%%
%% domain_certfile: Specify a different certificate for each served hostname.
%%
%%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
%%{domain_certfile, "example.com", "/path/to/example_com.pem"}.

%%
%% S2S whitelist or blacklist
%%
%% Default s2s policy for undefined hosts.
%%
%%{s2s_default_policy, allow}.

%%
%% Allow or deny communication with specific servers.
%%
%%{{s2s_host, "goodhost.org"}, allow}.
%%{{s2s_host, "badhost.org"}, deny}.

%%
%% The maximum allowed delay for retry to connect
%% after a failed connection attempt to a remote server, in seconds.
%% The default value is 300 seconds (5 minutes).
%%
%% The reconnection algorythm works like this: if connection fails,
%% ejabberd makes an initial random delay between 1 and 15 seconds,
%% then retries, and if this attempt fails, makes another delay,
%% twice as long as previous. These attempts are performed either
%% until a successful connection is made or until the next calculated
%% delay is greated or equal than the value of s2s_max_retry_delay.
%%
%%{s2s_max_retry_delay, 300}.

%%
%% Outgoing S2S options
%%
%% Preferred address families (which to try first) and connect timeout
%% in milliseconds.
%%
%%{outgoing_s2s_options, [ipv4, ipv6], 10000}.


%%%   ==============
%%%   AUTHENTICATION

%%
%% auth_method: Method used to authenticate the users.
%% The default method is the internal.
%% If you want to use a different method,
%% comment this line and enable the correct ones.
%%
{auth_method, internal}.

%%
%% Authentication using external script
%% Make sure the script is executable by ejabberd.
%%
%%{auth_method, external}.
%%{extauth_program, "/path/to/authentication/script"}.

%%
%% Authentication using ODBC
%% Remember to setup a database in the next section.
%%
%%{auth_method, odbc}.

%%
%% Authentication using PAM
%%
%%{auth_method, pam}.
%%{pam_service, "pamservicename"}.

%%
%% Authentication using LDAP
%%
%%{auth_method, ldap}.
%%
%% List of LDAP servers:
%%{ldap_servers, ["localhost"]}.
%%
%% Encryption of connection to LDAP servers (LDAPS):
%%{ldap_encrypt, none}.
%%{ldap_encrypt, tls}.
%%
%% Port connect to LDAP server:
%%{ldap_port, 389}.
%%{ldap_port, 636}.
%%
%% LDAP manager:
%%{ldap_rootdn, "dc=example,dc=com"}.
%%
%% Password to LDAP manager:
%%{ldap_password, "******"}.
%%
%% Search base of LDAP directory:
%%{ldap_base, "dc=example,dc=com"}.
%%
%% LDAP attribute that holds user ID:
%%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
%%
%% LDAP filter:
%%{ldap_filter, "(objectClass=shadowAccount)"}.

%%
%% Anonymous login support:
%%   auth_method: anonymous
%%   anonymous_protocol: sasl_anon | login_anon | both
%%   allow_multiple_connections: true | false
%%
%%{host_config, "public.example.org", [{auth_method, anonymous},
%%                                     {allow_multiple_connections, false},
%%                                     {anonymous_protocol, sasl_anon}]}.
%%
%% To use both anonymous and internal authentication:
%%
%%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.


%%%   ==============
%%%   DATABASE SETUP

%% ejabberd uses by default the internal Mnesia database,
%% so you can avoid this section.
%% This section provides configuration examples in case
%% you want to use other database backends.
%% Please consult the ejabberd Guide for details about database creation.

%% NOTE that ejabberd in Debian supports "out of the box"
%% only mnesia (default) and ODBC storage backends.
%% Working with MySQL and PostgreSQL DB backends requires
%% building and installation of the corresponding Erlang modules,
%% not distributed as a part of ejabberd.
%% Refer to /usr/share/doc/ejabberd/README.Debian for details.

%%
%% MySQL server:
%%
%%{odbc_server, {mysql, "server", "database", "username", "password"}}.
%%
%% If you want to specify the port:
%%{odbc_server, {mysql, "server", 1234, "database", "username", "password"}}.

%%
%% PostgreSQL server:
%%
%%{odbc_server, {pgsql, "server", "database", "username", "password"}}.
%%
%% If you want to specify the port:
%%{odbc_server, {pgsql, "server", 1234, "database", "username", "password"}}.
%%
%% If you use PostgreSQL, have a large database, and need a
%% faster but inexact replacement for "select count(*) from users"
%%
%%{pgsql_users_number_estimate, true}.

%%
%% ODBC compatible or MSSQL server:
%%
%%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.

%%
%% Number of connections to open to the database for each virtual host
%%
%%{odbc_pool_size, 10}.

%%
%% Interval to make a dummy SQL request to keep alive the connections
%% to the database. Specify in seconds: for example 28800 means 8 hours
%%
%%{odbc_keepalive_interval, undefined}.


%%%   ===============
%%%   TRAFFIC SHAPERS

%%
%% The "normal" shaper limits traffic speed to 1.000 B/s
%%
{shaper, normal, {maxrate, 1000}}.

%%
%% The "fast" shaper limits traffic speed to 50.000 B/s
%%
{shaper, fast, {maxrate, 50000}}.


%%%   ====================
%%%   ACCESS CONTROL LISTS

%%
%% The 'admin' ACL grants administrative privileges to Jabber accounts.
%% You can put as many accounts as you want.
%%
%%{acl, admin, {user, "aleksey", "localhost"}}.
%%{acl, admin, {user, "ermine", "example.org"}}.

%%
%% Blocked users
%%
%%{acl, blocked, {user, "baduser", "example.org"}}.
%%{acl, blocked, {user, "test"}}.

%%
%% Local users: don't modify this line.
%%
{acl, local, {user_regexp, ""}}.

%%
%% More examples of ACLs
%%
%%{acl, jabberorg, {server, "jabber.org"}}.
%%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%%{acl, test, {user_regexp, "^test"}}.
%%{acl, test, {user_glob, "test*"}}.

%%
%% Define specific ACLs in a virtual host.
%%
%%{host_config, "localhost",
%% [
%%  {acl, admin, {user, "bob-local", "localhost"}}
%% ]
%%}.


%%%   ============
%%%   ACCESS RULES

%% Define the maximum number of time a single user is allowed to connect:
{access, max_user_sessions, [{10, all}]}.

%% Maximum number of offline messages that users can have:
{access, max_user_offline_messages, [{5000, admin}, {100, all}]}.

%% This rule allows access only for local users:
{access, local, [{allow, local}]}.

%% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
          {allow, all}]}.

%% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
            {normal, all}]}.

%% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

%% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.

%% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

%% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

%% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.

%% No username can be registered via in-band registration:
%% To enable in-band registration, replace 'deny' with 'allow'
% (note that if you remove mod_register from modules list then users will not
% be able to change their password as well as register).
% This setting is default because it's more safe.
{access, register, [{deny, all}]}.

%% By default frequency of account registrations from the same IP
%% is limited to 1 account every 10 minutes. To disable put: infinity
%%{registration_timeout, 600}.

%% Everybody can create pubsub nodes
{access, pubsub_createnode, [{allow, all}]}.

%%
%% Define specific Access rules in a virtual host.
%%
%%{host_config, "localhost",
%% [
%%  {access, c2s, [{allow, admin}, {deny, all}]},
%%  {access, register, [{deny, all}]}
%% ]
%%}.


%%%   ================
%%%   DEFAULT LANGUAGE

%%
%% language: Default language used for server messages.
%%
{language, "en"}.

%%
%% Set a different default language in a virtual host.
%%
%%{host_config, "localhost",
%% [{language, "ru"}]
%%}.


%%%   =======
%%%   CAPTCHA

%%
%% Full path to a script that generates the image.
%% Note that this script must be made executable
%% for the user ejabberd:ejabberd.
%%
%%{captcha_cmd, "/usr/lib/ejabberd/priv/bin/captcha.sh"}.

%%
%% Host part of the URL sent to the user.
%% The port specified must be configured as the "ejabberd_http"
%% listener which must have the "captcha" directive included
%% in its configuration (see the "LISTENING PORTS" section above).
%%
%%{captcha_host, "localhost:5280"}.


%%%   =======
%%%   MODULES

%%
%% Modules enabled in all ejabberd virtual hosts.
%%
{modules,
 [
  {mod_adhoc,    []},
  {mod_announce, [{access, announce}]}, % requires mod_adhoc
  {mod_caps,     []},
  {mod_configure,[]}, % requires mod_adhoc
  {mod_admin_extra, []},
  {mod_disco,    []},
  %%{mod_echo,   [{host, "echo.localhost"}]},
  {mod_irc,      []},
  %% NOTE that mod_http_fileserver must also be enabled in the
  %% "request_handlers" clause of the "ejabberd_http" listener
  %% configuration (see the "LISTENING PORTS" section above).
  %%{mod_http_fileserver, [
  %%                       {docroot, "/var/www"},
  %%                       {accesslog, "/var/log/ejabberd/access.log"}
  %%                      ]},
  {mod_last,     []},
  {mod_muc,      [
        %%{host, "conference.@HOST@"},
        {access, muc},
        {access_create, muc},
        {access_persistent, muc},
        {access_admin, muc_admin},
        {max_users, 500}
       ]},
  %%{mod_muc_log,[]},
  {mod_offline,  [{access_max_user_messages, max_user_offline_messages}]},
  {mod_privacy,  []},
  {mod_private,  []},
  {mod_proxy65,  [
        {access, local},
        {shaper, c2s_shaper}
       ]},
  {mod_pubsub,   [ % requires mod_caps
        {access_createnode, pubsub_createnode},
        {pep_sendlast_offline, false},
        {last_item_cache, false},
        %%{plugins, ["default", "pep"]}
        {plugins, ["flat", "hometree", "pep"]}  % pep requires mod_caps
       ]},
  {mod_register, [
        %%
        %% After successful registration, the user receives
        %% a message with this subject and body.
        %%
        {welcome_message, {"Welcome!",
                 "Welcome to a Jabber service powered by Debian. "
                 "For information about Jabber visit "
                 "http://www.jabber.org"}},
        %% Replace it with 'none' if you don't want to send such message:
        %%{welcome_message, none},

        %%
        %% When a user registers, send a notification to
        %% these Jabber accounts.
        %%
        %%{registration_watchers, ["admin1@example.org"]},

        {access, register}
       ]},
  {mod_roster,   []},
  %%{mod_service_log,[]},
  %%{mod_shared_roster,[]},
  {mod_stats,    []},
  {mod_time,     []},
  {mod_vcard,    []},
  {mod_version,  []}
 ]}.

%%
%% Enable modules with custom options in a specific virtual host
%%
%%{host_config, "localhost",
%% [{{add, modules},
%%   [
%%    {mod_echo, [{host, "mirror.localhost"}]}
%%   ]
%%  }
%% ]}.


%%% $Id: ejabberd.cfg.example 2497 2009-08-17 20:27:28Z cromain $

%%% Local Variables:
%%% mode: erlang
%%% End:
%%% vim: set filetype=erlang tabstop=8:

Конфиг стандартный, только домен вписан и имя пользователя. Запись в DNS A
« Последнее редактирование: 01 Сентябрь 2016, 17:38:08 от ogost »
 

Онлайн ogost

  • Главный модератор
  • Ветеран
  • *****
  • Сообщений: 3161
  • Linux Registered User #547151
Re: Ejabberd
« Ответ #3 : 01 Сентябрь 2016, 17:41:17 »
Впредь убирайте простыни под спойлер.
На визи Пару лет назад поднимал ejabberd, никаких манипуляций с правами на файл не требуется, это противоречит со смыслом существования репозиториев. Завтра если найду рабочий конфиг, то выложу.

Оффлайн Aheles

  • Новичок форума
  • Topic Author
  • Сообщений: 3
Re: Ejabberd
« Ответ #4 : 01 Сентябрь 2016, 18:17:27 »
ogost, приношу извинения, буду убирать под спойлер. Хорошо, буду ждать, если разберусь, тогда отпишу.
 

Оффлайн BULATUS

  • Администратор
  • Ветеран
  • *****
  • Сообщений: 2061
Re: Ejabberd
« Ответ #5 : 01 Сентябрь 2016, 23:14:27 »
Рабочий кофиг
Откорректируйте его под себя, изменив "мой_домен" на свой.
Spoiler: ShowHide

%%%
%%%     Debian ejabberd configuration file
%%%     This config must be in UTF-8 encoding
%%%
%%% The parameters used in this configuration file are explained in more detail
%%% in the ejabberd Installation and Operation Guide.
%%% Please consult the Guide in case of doubts, it is available at
%%% /usr/share/doc/ejabberd/guide.html

%%% This configuration file contains Erlang terms.
%%% In case you want to understand the syntax, here are the concepts:
%%%
%%%  - The character to comment a line is %
%%%
%%%  - Each term ends in a dot, for example:
%%%      override_global.
%%%
%%%  - A tuple has a fixed definition, its elements are
%%%    enclosed in {}, and separated with commas:
%%%      {loglevel, 4}.
%%%
%%%  - A list can have as many elements as you want,
%%%    and is enclosed in [], for example:
%%%      [http_poll, web_admin, tls]
%%%
%%%  - A keyword of ejabberd is a word in lowercase.
%%%    The strings are enclosed in "" and can have spaces, dots...
%%%      {language, "en"}.
%%%      {ldap_rootdn, "dc=example,dc=com"}.
%%%
%%%  - This term includes a tuple, a keyword, a list and two strings:
%%%      {hosts, ["jabber.example.net", "im.example.com"]}.
%%%

%%%   ===================================
%%%   OVERRIDE OPTIONS STORED IN DATABASE

%%
%% Override global options (shared by all ejabberd nodes in a cluster).
%%
%%override_global.

%%
%% Override local options (specific for this particular ejabberd node).
%%
%%override_local.

%%
%% Remove the Access Control Lists before new ones are added.
%%
%%override_acls.


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% Options which are set by Debconf and managed by ucf

%% Admin user
{acl, admin, {user, "admin", "мой_домен.ru"}}.

%% Hostname
{hosts, ["мой_домен.ru"]}.

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


%%%   =========
%%%   DEBUGGING

%%
%% loglevel: Verbosity of log files generated by ejabberd.
%% 0: No ejabberd log at all (not recommended)
%% 1: Critical
%% 2: Error
%% 3: Warning
%% 4: Info
%% 5: Debug
%%
{loglevel, 4}.

%%
%% watchdog_admins: If an ejabberd process consumes too much memory,
%% send live notifications to those Jabber accounts.
%%
%%{watchdog_admins, ["bob@example.com"]}.


%%%   ================
%%%   SERVED HOSTNAMES

%%
%% hosts: Domains served by ejabberd.
%% You can define one or several, for example:
%% {hosts, ["example.net", "example.com", "example.org"]}.
%%
%% (This option is defined by debconf earlier)
%% {hosts, ["localhost"]}.

%%
%% route_subdomains: Delegate subdomains to other Jabber server.
%% For example, if this ejabberd serves example.org and you want
%% to allow communication with a Jabber server called im.example.org.
%%
{route_subdomains, s2s}.


%%%   ===============
%%%   LISTENING PORTS

%%
%% listen: Which ports will ejabberd listen, which service handles it
%% and what options to start it with.
%%
{listen,
 [
  {5222, ejabberd_c2s, [
{access, c2s},
{shaper, c2s_shaper},
{max_stanza_size, 65536},
                        %%zlib,
starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}
       ]},

  %%
  %% To enable the old SSL connection method (deprecated) in port 5223:
  %%
  %%{5223, ejabberd_c2s, [
  %% {access, c2s},
  %% {shaper, c2s_shaper},
  %% {max_stanza_size, 65536},
  %%                    zlib,
  %% tls, {certfile, "/usr/local/etc/ejabberd/ssl.pem"}
  %%        ]},

  {5269, ejabberd_s2s_in, [
   {shaper, s2s_shaper},
   {max_stanza_size, 131072}
  ]},

  %% External MUC jabber-muc
  %%{5554, ejabberd_service, [
  %%     {ip, {127, 0, 0, 1}},
  %%     {access, all},
  %%     {shaper_rule, fast},
  %%     {host, "muc.localhost", [{password, "secret"}]}
  %%     ]},

  %% Jabber ICQ Transport
  {5555, ejabberd_service, [
      {ip, {127, 0, 0, 1}},
      {access, all},
      {shaper_rule, fast},
      {hosts, ["icq.мой_домен.ru", "sms.icq.мой_домен.ru"],
         [{password, "secret"}]}
      ]},

  %% AIM Transport
  %%{5556, ejabberd_service, [
  %%     {ip, {127, 0, 0, 1}},
  %%     {access, all},
  %%     {shaper_rule, fast},
  %%     {host, "aim.localhost", [{password, "secret"}]}
  %%     ]},

  %% MSN Transport
  %%{5557, ejabberd_service, [
  %%     {ip, {127, 0, 0, 1}},
  %%     {access, all},
  %%     {shaper_rule, fast},
  %%     {host, "msn.localhost", [{password, "secret"}]}
  %%     ]},

  %% Yahoo! Transport
  %%{5558, ejabberd_service, [
  %%     {ip, {127, 0, 0, 1}},
  %%     {access, all},
  %%     {shaper_rule, fast},
  %%     {host, "yahoo.localhost", [{password, "secret"}]}
  %%     ]},

  %% External JUD (internal is more powerful,
  %% but doesn't allow to register users from other servers)
  %%{5559, ejabberd_service, [
  %%     {ip, {127, 0, 0, 1}},
  %%     {access, all},
  %%     {shaper_rule, fast},
  %%     {host, "jud.localhost", [{password, "secret"}]}
  %%     ]},

  {5280, ejabberd_http, [
%%{request_handlers,
%% [
%%  {["pub", "archive"], mod_http_fileserver}
%% ]},
%%captcha,
http_bind,
http_poll,
web_admin
]}

 ]}.

%%
%% max_fsm_queue: Enable limiting of lengths of "message queues"
%% for outgoing connections. Roughly speaking, each message in such
%% queues represents one XML stanza queued to be sent into
%% an output stream it is serving.
%% The default value is an atom 'undefined' which specifies no limiting.
%%
%% When specified globally, this option limits the message queue lengths
%% for all ejabberd_c2s_in and ejabberd_service listeners,
%% as well as for outgoing s2s connections.
%%
%% This option can also be specified as an option for ejabberd_c2s_in
%% and ejabberd_service listeners, in wich case it will override
%% the value of the global option.
%%
{max_fsm_queue, 1000}.

%%
%% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
%% Allowed values are: true or false.
%% You must specify a certificate file.
%%
{s2s_use_starttls, true}.

%%
%% s2s_certfile: Specify a certificate file.
%%
{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.

%%
%% domain_certfile: Specify a different certificate for each served hostname.
%%
%%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
%%{domain_certfile, "example.com", "/path/to/example_com.pem"}.

%%
%% S2S whitelist or blacklist
%%
%% Default s2s policy for undefined hosts.
%%
{s2s_default_policy, allow}.

%%
%% Allow or deny communication with specific servers.
%%
%%{{s2s_host, "goodhost.org"}, allow}.
%%{{s2s_host, "badhost.org"}, deny}.

%%
%% The maximum allowed delay for retry to connect
%% after a failed connection attempt to a remote server, in seconds.
%% The default value is 300 seconds (5 minutes).
%%
%% The reconnection algorythm works like this: if connection fails,
%% ejabberd makes an initial random delay between 1 and 15 seconds,
%% then retries, and if this attempt fails, makes another delay,
%% twice as long as previous. These attempts are performed either
%% until a successful connection is made or until the next calculated
%% delay is greated or equal than the value of s2s_max_retry_delay.
%%
%%{s2s_max_retry_delay, 300}.

%%
%% Outgoing S2S options
%%
%% Preferred address families (which to try first) and connect timeout
%% in milliseconds.
%%
%%{outgoing_s2s_options, [ipv4, ipv6], 10000}.


%%%   ==============
%%%   AUTHENTICATION

%%
%% auth_method: Method used to authenticate the users.
%% The default method is the internal.
%% If you want to use a different method,
%% comment this line and enable the correct ones.
%%
{auth_method, internal}.

%%
%% Authentication using external script
%% Make sure the script is executable by ejabberd.
%%
%%{auth_method, external}.
%%{extauth_program, "/path/to/authentication/script"}.

%%
%% Authentication using ODBC
%% Remember to setup a database in the next section.
%%
%%{auth_method, odbc}.

%%
%% Authentication using PAM
%%
%%{auth_method, pam}.
%%{pam_service, "pamservicename"}.

%%
%% Authentication using LDAP
%%
%%{auth_method, ldap}.
%%
%% List of LDAP servers:
%%{ldap_servers, ["localhost"]}.
%%
%% Encryption of connection to LDAP servers (LDAPS):
%%{ldap_encrypt, none}.
%%{ldap_encrypt, tls}.
%%
%% Port connect to LDAP server:
%%{ldap_port, 389}.
%%{ldap_port, 636}.
%%
%% LDAP manager:
%%{ldap_rootdn, "dc=example,dc=com"}.
%%
%% Password to LDAP manager:
%%{ldap_password, "******"}.
%%
%% Search base of LDAP directory:
%%{ldap_base, "dc=example,dc=com"}.
%%
%% LDAP attribute that holds user ID:
%%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
%%
%% LDAP filter:
%%{ldap_filter, "(objectClass=shadowAccount)"}.

%%
%% Anonymous login support:
%%   auth_method: anonymous
%%   anonymous_protocol: sasl_anon | login_anon | both
%%   allow_multiple_connections: true | false
%%
%%{host_config, "public.example.org", [{auth_method, anonymous},
%%                                     {allow_multiple_connections, false},
%%                                     {anonymous_protocol, sasl_anon}]}.
%%
%% To use both anonymous and internal authentication:
%%
%%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.


%%%   ==============
%%%   DATABASE SETUP

%% ejabberd uses by default the internal Mnesia database,
%% so you can avoid this section.
%% This section provides configuration examples in case
%% you want to use other database backends.
%% Please consult the ejabberd Guide for details about database creation.

%% NOTE that ejabberd in Debian supports "out of the box"
%% only mnesia (default) and ODBC storage backends.
%% Working with MySQL and PostgreSQL DB backends requires
%% building and installation of the corresponding Erlang modules,
%% not distributed as a part of ejabberd.
%% Refer to /usr/share/doc/ejabberd/README.Debian for details.

%%
%% MySQL server:
%%
%%{odbc_server, {mysql, "server", "database", "username", "password"}}.
%%
%% If you want to specify the port:
%%{odbc_server, {mysql, "server", 1234, "database", "username", "password"}}.

%%
%% PostgreSQL server:
%%
%%{odbc_server, {pgsql, "server", "database", "username", "password"}}.
%%
%% If you want to specify the port:
%%{odbc_server, {pgsql, "server", 1234, "database", "username", "password"}}.
%%
%% If you use PostgreSQL, have a large database, and need a
%% faster but inexact replacement for "select count(*) from users"
%%
%%{pgsql_users_number_estimate, true}.

%%
%% ODBC compatible or MSSQL server:
%%
%%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.

%%
%% Number of connections to open to the database for each virtual host
%%
%%{odbc_pool_size, 10}.

%%
%% Interval to make a dummy SQL request to keep alive the connections
%% to the database. Specify in seconds: for example 28800 means 8 hours
%%
%%{odbc_keepalive_interval, undefined}.


%%%   ===============
%%%   TRAFFIC SHAPERS

%%
%% The "normal" shaper limits traffic speed to 1.000 B/s
%%
{shaper, normal, {maxrate, 1000}}.

%%
%% The "fast" shaper limits traffic speed to 50.000 B/s
%%
{shaper, fast, {maxrate, 50000}}.


%%%   ====================
%%%   ACCESS CONTROL LISTS

%%
%% The 'admin' ACL grants administrative privileges to Jabber accounts.
%% You can put as many accounts as you want.
%%
%%{acl, admin, {user, "aleksey", "localhost"}}.
%%{acl, admin, {user, "ermine", "example.org"}}.

%%
%% Blocked users
%%
%%{acl, blocked, {user, "baduser", "example.org"}}.
%%{acl, blocked, {user, "test"}}.

%%
%% Local users: don't modify this line.
%%
{acl, local, {user_regexp, ""}}.

%%
%% More examples of ACLs
%%
%%{acl, jabberorg, {server, "jabber.org"}}.
%%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%%{acl, test, {user_regexp, "^test"}}.
%%{acl, test, {user_glob, "test*"}}.

%%
%% Define specific ACLs in a virtual host.
%%
%%{host_config, "localhost",
%% [
%%  {acl, admin, {user, "bob-local", "localhost"}}
%% ]
%%}.


%%%   ============
%%%   ACCESS RULES

%% Define the maximum number of time a single user is allowed to connect:
{access, max_user_sessions, [{10, all}]}.

%% Maximum number of offline messages that users can have:
{access, max_user_offline_messages, [{5000, admin}, {100, all}]}.

%% This rule allows access only for local users:
{access, local, [{allow, local}]}.

%% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
       {allow, all}]}.

%% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
      {normal, all}]}.

%% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

%% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.

%% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

%% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

%% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.

%% No username can be registered via in-band registration:
%% To enable in-band registration, replace 'deny' with 'allow'
% (note that if you remove mod_register from modules list then users will not
% be able to change their password as well as register).
% This setting is default because it's more safe.
{access, register, [{deny, all}]}.

%% By default frequency of account registrations from the same IP
%% is limited to 1 account every 10 minutes. To disable put: infinity
%%{registration_timeout, 600}.

%% Everybody can create pubsub nodes
{access, pubsub_createnode, [{allow, all}]}.

%%
%% Define specific Access rules in a virtual host.
%%
%%{host_config, "localhost",
%% [
%%  {access, c2s, [{allow, admin}, {deny, all}]},
%%  {access, register, [{deny, all}]}
%% ]
%%}.


%%%   ================
%%%   DEFAULT LANGUAGE

%%
%% language: Default language used for server messages.
%%
{language, "ru"}.

%%
%% Set a different default language in a virtual host.
%%
%%{host_config, "localhost",
%% [{language, "ru"}]
%%}.


%%%   =======
%%%   CAPTCHA

%%
%% Full path to a script that generates the image.
%% Note that this script must be made executable
%% for the user ejabberd:ejabberd.
%%
%%{captcha_cmd, "/usr/lib/ejabberd/priv/bin/captcha.sh"}.

%%
%% Host part of the URL sent to the user.
%% The port specified must be configured as the "ejabberd_http"
%% listener which must have the "captcha" directive included
%% in its configuration (see the "LISTENING PORTS" section above).
%%
%%{captcha_host, "localhost:5280"}.


%%%   =======
%%%   MODULES

%%
%% Modules enabled in all ejabberd virtual hosts.
%%
{modules,
 [
  {mod_adhoc,    []},
  {mod_announce, [{access, announce}]}, % requires mod_adhoc
  {mod_caps,     []},
  {mod_configure,[]}, % requires mod_adhoc
  {mod_admin_extra, []},
  {mod_disco,    []},
  %%{mod_echo,   [{host, "echo.localhost"}]},
  {mod_irc,      []},
  %% NOTE that mod_http_fileserver must also be enabled in the
  %% "request_handlers" clause of the "ejabberd_http" listener
  %% configuration (see the "LISTENING PORTS" section above).
  %%{mod_http_fileserver, [
  %%                       {docroot, "/var/www"},
  %%                       {accesslog, "/var/log/ejabberd/access.log"}
  %%                      ]},
  {mod_last,     []},
  {mod_muc,      [
  %%{host, "conference.@HOST@"},
  {access, muc},
  {access_create, muc},
  {access_persistent, muc},
  {access_admin, muc_admin},
  {max_users, 500}
]},
  %%{mod_muc_log,[]},
  {mod_offline,  [{access_max_user_messages, max_user_offline_messages}]},
  {mod_privacy,  []},
  {mod_private,  []},
  {mod_proxy65,  [
  {access, local},
  {shaper, c2s_shaper}
]},
  {mod_pubsub,   [ % requires mod_caps
  {access_createnode, pubsub_createnode},
  {pep_sendlast_offline, false},
  {last_item_cache, false},
  %%{plugins, ["default", "pep"]}
  {plugins, ["flat", "hometree", "pep"]}  % pep requires mod_caps
]},
  {mod_register, [
  %%
  %% After successful registration, the user receives
  %% a message with this subject and body.
  %%
  {welcome_message, {"Добро пожаловать!",
     "Welcome to a Jabber service powered by Debian. "
     "For information about Jabber visit "
     "http://www.jabber.org"}},
  %% Replace it with 'none' if you don't want to send such message:
  %%{welcome_message, none},

  %%
  %% When a user registers, send a notification to
  %% these Jabber accounts.
  %%
  %%{registration_watchers, ["admin1@example.org"]},

  {access, register}
]},
  {mod_roster,   []},
  %%{mod_service_log,[]},
  %%{mod_shared_roster,[]},
  {mod_stats,    []},
  {mod_time,     []},
  {mod_vcard,    []},
  {mod_version,  []}
 ]}.

%%
%% Enable modules with custom options in a specific virtual host
%%
%%{host_config, "localhost",
%% [{{add, modules},
%%   [
%%    {mod_echo, [{host, "mirror.localhost"}]}
%%   ]
%%  }
%% ]}.


%%% $Id: ejabberd.cfg.example 2497 2009-08-17 20:27:28Z cromain $

%%% Local Variables:
%%% mode: erlang
%%% End:
%%% vim: set filetype=erlang tabstop=8:

и замените deny на allow - без этого пользователи сервера не смогут регистрироваться напрямую из своего Jabber-клиента.
Закомментируйте строки Jabber ICQ Transport если аська Вам не нужна. Если да, то транспорт настраивать отдельно.

Перезапустить /etc/init.d/ejabberd restart
В браузере http://мой_домен.ru:5280/admin можно управлять и администрировать.

 Установка ejabberd под Linux



Теперь про DNS...
нужно сделать три записи, например...
Spoiler: ShowHide
Имя jabber
Тип А
Адрес Ввш ip

Имя xmpp-client
Тип CRV
Адрес ваш домен
Приоритет 0
Условный вес SRV-записи 0
Порт 5222

Имя xmpp-server
Тип CRV
Адрес ваш домен
Приоритет 0
Условный вес SRV-записи 0
Порт 5269

 DNS SRV



Cообщение объединено 01 Сентябрь 2016, 23:16:31
Насчет прав... прав только root. Не надо туда лезть и открывать доступ. ;) На это обращайте внимание всегда.
« Последнее редактирование: 01 Сентябрь 2016, 23:28:04 от BULATUS »
 

Оффлайн BULATUS

  • Администратор
  • Ветеран
  • *****
  • Сообщений: 2061
Re: Ejabberd
« Ответ #6 : 06 Сентябрь 2016, 19:53:00 »
Aheles, просто интересно... как там у вас, получилось?

Теги: