Difference between revisions of "Prosody"
m (Update SSL config for Heartbleed, Poodle bugs) |
|||
(13 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | '''Prosody''' is a small and fast XMPP | + | __NOTOC__ |
+ | '''Prosody''' is a small and fast XMPP (Jabber) server, written in Lua. You can use it in combination with [https://f-droid.org/repository/browse/?fdid=eu.siacs.conversations Conversations] for your [[Android]] phone, to provide your own federated instant messaging. It also hosts multiple XMPP virtual host domains. | ||
+ | |||
+ | == Install == | ||
+ | |||
+ | ;UPDATE October 2017: Version 0.10 was released, which includes Carbons, MAM and Letsencrypt renewal built-in. | ||
+ | |||
+ | On Ubuntu, you can install it like this: | ||
sudo apt-get install prosody | sudo apt-get install prosody | ||
− | Edit the config <tt>/etc/prosody/prosody.cfg.lua</tt> to make sure you have BOSH support, group rosters and compression enabled, | + | Edit the config <tt>/etc/prosody/prosody.cfg.lua</tt> to make sure you have BOSH support, group rosters and compression enabled, you probably want self-registration off, and if you want persistent message history across all (compatible) devices (like Hangouts)<ref>Then don't use Pidgin; the developers appear to be asleep at the wheel, e.g. [https://developer.pidgin.im/ticket/15508 Ticket #15508 Support for XEP-0280]. That said, here's how to [[Pidgin|patch it]].</ref> you'll need to enable message archive management (MAM) as well: |
modules_enabled = { | modules_enabled = { | ||
"compression"; | "compression"; | ||
+ | "carbons"; | ||
+ | "mam"; | ||
"bosh"; | "bosh"; | ||
"groups"; | "groups"; | ||
− | |||
} | } | ||
allow_registration = false; | allow_registration = false; | ||
− | |||
... | ... | ||
+ | |||
+ | == Configure a virtual host for your domain == | ||
Set up a virtual host config for your domain in <tt>/etc/prosody/conf.avail/yourdomain.cfg.lua</tt> | Set up a virtual host config for your domain in <tt>/etc/prosody/conf.avail/yourdomain.cfg.lua</tt> | ||
− | VirtualHost "yourdomain.com" | + | VirtualHost "'''yourdomain.com'''" |
enabled = true | enabled = true | ||
ssl = { | ssl = { | ||
− | key = "/etc/ssl/private/ | + | key = "/etc/ssl/private/'''yourdomain.com'''.key"; |
− | certificate = "/etc/ssl/certs/ | + | certificate = "/etc/ssl/certs/'''yourdomain.com'''.crt"; |
-- Ix nay on the SSL-ay (Heartbleed, Poodle, etc.) | -- Ix nay on the SSL-ay (Heartbleed, Poodle, etc.) | ||
options = {"no_sslv2", "no_sslv3", "no_ticket", "no_compression", | options = {"no_sslv2", "no_sslv3", "no_ticket", "no_compression", | ||
"cipher_server_preference", "single_dh_use", "single_ecdh_use"}; | "cipher_server_preference", "single_dh_use", "single_ecdh_use"}; | ||
− | |||
} | } | ||
-- optional, for IRC-style chatrooms | -- optional, for IRC-style chatrooms | ||
− | Component " | + | Component "conference.'''yourdomain.com'''" "muc" |
restrict_room_creation = "local" | restrict_room_creation = "local" | ||
-- optional, for file transfers | -- optional, for file transfers | ||
− | Component "chatproxy.yourdomain.com" "proxy65" | + | Component "chatproxy.'''yourdomain.com'''" "proxy65" |
− | Then enable | + | Then enable the config: |
+ | ln -s /etc/prosody/conf.avail/'''yourdomain'''.cfg /etc/prosody/conf.d/ | ||
== DNS configuration == | == DNS configuration == | ||
− | You need your chat, | + | You need your chat, conference, and chatproxy subdomains to be A records (not CNAME), and you also need 4 SRV records and a TXT record, thus: |
− | _xmpp-client._tcp.yourdomain.com | + | _jabber._tcp.'''yourdomain.com''' = SRV: 0 5 5269 chat.yourdomain.com |
− | _xmpp-server._tcp.yourdomain.com | + | _xmpp-client._tcp.'''yourdomain.com''' = SRV: 0 5 5222 chat.yourdomain.com |
+ | _xmpp-server._tcp.'''yourdomain.com''' = SRV: 0 5 5269 chat.yourdomain.com | ||
+ | _xmpp-server._tcp.conference.'''yourdomain.com''' = SRV: 0 5 5269 chat.yourdomain.com | ||
− | + | TXT: _xmpp-client-xbosh=<nowiki>https://chat</nowiki>.'''yourdomain.com'''/http-bind/ | |
== Add some users == | == Add some users == | ||
Line 52: | Line 63: | ||
Add yourself with | Add yourself with | ||
− | sudo prosodyctl adduser yourusername@yourdomain.com | + | sudo prosodyctl adduser ''yourusername@yourdomain.com'' |
== Enabling sane multi-client support == | == Enabling sane multi-client support == | ||
− | + | Message archive management should really use a database: | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
storage = { | storage = { | ||
− | archive2 = "sql"; -- mam_archive requires SQL storage. | + | archive2 = "sql"; -- mam_archive requires SQL storage. |
} | } | ||
− | + | sql = { driver = "SQLite3", database = "prosody.db" } | |
default_archive_policy = true; | default_archive_policy = true; | ||
max_archive_query_results = 100; | max_archive_query_results = 100; | ||
+ | |||
+ | [[PostgreSQL]] and MySQL are also supported. For SQL to work, you will need to install additional dependencies, for example: | ||
+ | |||
+ | apt install lua-dbi-sqlite lua-dbi-postgresql | ||
== Links == | == Links == |
Latest revision as of 23:23, 14 December 2020
Prosody is a small and fast XMPP (Jabber) server, written in Lua. You can use it in combination with Conversations for your Android phone, to provide your own federated instant messaging. It also hosts multiple XMPP virtual host domains.
Install
- UPDATE October 2017
- Version 0.10 was released, which includes Carbons, MAM and Letsencrypt renewal built-in.
On Ubuntu, you can install it like this:
sudo apt-get install prosody
Edit the config /etc/prosody/prosody.cfg.lua to make sure you have BOSH support, group rosters and compression enabled, you probably want self-registration off, and if you want persistent message history across all (compatible) devices (like Hangouts)[1] you'll need to enable message archive management (MAM) as well:
modules_enabled = { "compression"; "carbons"; "mam"; "bosh"; "groups"; } allow_registration = false; ...
Configure a virtual host for your domain
Set up a virtual host config for your domain in /etc/prosody/conf.avail/yourdomain.cfg.lua
VirtualHost "yourdomain.com" enabled = true ssl = { key = "/etc/ssl/private/yourdomain.com.key"; certificate = "/etc/ssl/certs/yourdomain.com.crt"; -- Ix nay on the SSL-ay (Heartbleed, Poodle, etc.) options = {"no_sslv2", "no_sslv3", "no_ticket", "no_compression", "cipher_server_preference", "single_dh_use", "single_ecdh_use"}; } -- optional, for IRC-style chatrooms Component "conference.yourdomain.com" "muc" restrict_room_creation = "local" -- optional, for file transfers Component "chatproxy.yourdomain.com" "proxy65"
Then enable the config:
ln -s /etc/prosody/conf.avail/yourdomain.cfg /etc/prosody/conf.d/
DNS configuration
You need your chat, conference, and chatproxy subdomains to be A records (not CNAME), and you also need 4 SRV records and a TXT record, thus:
_jabber._tcp.yourdomain.com = SRV: 0 5 5269 chat.yourdomain.com _xmpp-client._tcp.yourdomain.com = SRV: 0 5 5222 chat.yourdomain.com _xmpp-server._tcp.yourdomain.com = SRV: 0 5 5269 chat.yourdomain.com _xmpp-server._tcp.conference.yourdomain.com = SRV: 0 5 5269 chat.yourdomain.com TXT: _xmpp-client-xbosh=https://chat.yourdomain.com/http-bind/
Add some users
Add yourself with
sudo prosodyctl adduser yourusername@yourdomain.com
Enabling sane multi-client support
Message archive management should really use a database:
storage = { archive2 = "sql"; -- mam_archive requires SQL storage. } sql = { driver = "SQLite3", database = "prosody.db" } default_archive_policy = true; max_archive_query_results = 100;
PostgreSQL and MySQL are also supported. For SQL to work, you will need to install additional dependencies, for example:
apt install lua-dbi-sqlite lua-dbi-postgresql
Links
- ↑ Then don't use Pidgin; the developers appear to be asleep at the wheel, e.g. Ticket #15508 Support for XEP-0280. That said, here's how to patch it.
More documentation at