2004-07-06 23:34:50 +02:00
|
|
|
\documentclass[a4paper,10pt]{article}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2003-01-24 21:18:33 +01:00
|
|
|
\usepackage{graphics}
|
2003-01-23 21:57:55 +01:00
|
|
|
\usepackage{hevea}
|
|
|
|
\usepackage{verbatim}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\usepackage[twosideshift=0pt]{geometry}
|
|
|
|
|
|
|
|
\usepackage[pdftex,colorlinks,unicode,urlcolor=blue,linkcolor=blue,pdftitle=Ejabberd\
|
|
|
|
Installation\ and\ Operation\ Guide,pdfauthor=Alexey\
|
|
|
|
Shchepin,pdfsubject=ejabberd,pdfkeywords=ejabberd]{hyperref}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2003-02-08 19:21:05 +01:00
|
|
|
\newcommand{\logoscale}{0.7}
|
|
|
|
\newcommand{\imgscale}{0.58}
|
|
|
|
\newcommand{\insimg}[1]{\insscaleimg{\imgscale}{#1}}
|
|
|
|
|
|
|
|
\newcommand{\insscaleimg}[2]{
|
|
|
|
\imgsrc{#2}{}
|
2003-02-03 21:23:08 +01:00
|
|
|
\begin{latexonly}
|
2003-02-08 19:21:05 +01:00
|
|
|
\scalebox{#1}{\includegraphics{#2}}
|
2003-02-03 21:23:08 +01:00
|
|
|
\end{latexonly}
|
|
|
|
}
|
2003-01-24 21:18:33 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\newcommand{\bracehack}{\def\{{\char"7B}\def\}{\char"7D}}
|
|
|
|
|
2003-01-25 21:13:36 +01:00
|
|
|
\newcommand{\ns}[1]{\texttt{#1}}
|
2004-07-06 23:34:50 +02:00
|
|
|
\newcommand{\jid}[1]{\texttt{#1}}
|
|
|
|
\newcommand{\option}[1]{\texttt{#1}}
|
|
|
|
\newcommand{\poption}[1]{{\bracehack\texttt{#1}}}
|
|
|
|
\newcommand{\node}[1]{\texttt{#1}}
|
|
|
|
\newcommand{\term}[1]{\texttt{#1}}
|
|
|
|
\newcommand{\shell}[1]{\texttt{#1}}
|
2003-01-23 21:57:55 +01:00
|
|
|
\newcommand{\ejabberd}{\texttt{ejabberd}}
|
|
|
|
\newcommand{\Jabber}{Jabber}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\newcommand{\module}[1]{\texttt{#1}}
|
|
|
|
\newcommand{\modconfigure}{\module{mod\_configure}}
|
|
|
|
\newcommand{\moddisco}{\module{mod\_disco}}
|
|
|
|
\newcommand{\modirc}{\module{mod\_irc}}
|
|
|
|
\newcommand{\modlast}{\module{mod\_last}}
|
|
|
|
\newcommand{\modmuc}{\module{mod\_muc}}
|
|
|
|
\newcommand{\modecho}{\module{mod\_echo}}
|
|
|
|
\newcommand{\modoffline}{\module{mod\_offline}}
|
|
|
|
\newcommand{\modprivacy}{\module{mod\_privacy}}
|
|
|
|
\newcommand{\modprivate}{\module{mod\_private}}
|
|
|
|
\newcommand{\modpubsub}{\module{mod\_pubsub}}
|
|
|
|
\newcommand{\modregister}{\module{mod\_register}}
|
|
|
|
\newcommand{\modroster}{\module{mod\_roster}}
|
|
|
|
\newcommand{\modstats}{\module{mod\_stats}}
|
|
|
|
\newcommand{\modtime}{\module{mod\_time}}
|
|
|
|
\newcommand{\modvcard}{\module{mod\_vcard}}
|
|
|
|
\newcommand{\modversion}{\module{mod\_version}}
|
|
|
|
|
|
|
|
\newcommand{\titem}[1]{\item[\bracehack\texttt{#1}]}
|
|
|
|
|
2003-02-10 15:31:27 +01:00
|
|
|
%\setcounter{tocdepth}{3}
|
2004-07-06 23:34:50 +02:00
|
|
|
\begin{latexonly}
|
|
|
|
\global\parskip=9pt plus 3pt minus 1pt
|
|
|
|
\global\parindent=0pt
|
|
|
|
|
|
|
|
\gdef\ahrefurl#1{\href{#1}{\texttt{#1}}}
|
|
|
|
\gdef\footahref#1#2{#2\footnote{\href{#1}{\texttt{#1}}}}
|
|
|
|
\end{latexonly}
|
|
|
|
|
|
|
|
\newcommand{\tjepref}[2]{\footahref{http://www.jabber.org/jeps/jep-#1.html}{#2}}
|
|
|
|
\newcommand{\jepref}[1]{\tjepref{#1}{JEP-#1}}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\newcommand{\iqdiscitem}[1]{\titem{iqdisc} #1 IQ queries processing
|
|
|
|
discipline (see~\ref{sec:modiqdiscoption}).}
|
|
|
|
\newcommand{\hostitem}[1]{\titem{host} Defines hostname of service
|
|
|
|
(see~\ref{sec:modhostoption}). If not present
|
|
|
|
then prefix \jid{#1.} is added to main \ejabberd{} hostname.}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
\title{Ejabberd Installation and Operation Guide}
|
|
|
|
\author{Alexey Shchepin \\
|
|
|
|
\ahrefurl{mailto:alexey@sevcom.net} \\
|
|
|
|
\ahrefurl{xmpp:aleksey@jabber.ru}}
|
2004-07-06 23:34:50 +02:00
|
|
|
\date{June 24, 2004}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
\begin{document}
|
|
|
|
\begin{titlepage}
|
|
|
|
\maketitle{}
|
|
|
|
|
|
|
|
{\centering
|
2003-02-08 19:21:05 +01:00
|
|
|
\insscaleimg{\logoscale}{logo.png}
|
2003-01-24 21:18:33 +01:00
|
|
|
\par
|
2003-01-23 21:57:55 +01:00
|
|
|
}
|
|
|
|
\end{titlepage}
|
|
|
|
%\newpage
|
2003-02-11 19:09:14 +01:00
|
|
|
\tableofcontents{}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
\newpage
|
|
|
|
\section{Introduction}
|
|
|
|
\label{sec:intro}
|
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
\ejabberd{} is a Free and Open Source fault-tolerant distributed \Jabber{}
|
2004-07-06 23:34:50 +02:00
|
|
|
server. It is written mostly in Erlang.
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
The main features of \ejabberd{} are:
|
2003-02-03 21:23:08 +01:00
|
|
|
\begin{itemize}
|
2003-10-12 20:21:16 +02:00
|
|
|
\item Works on most of popular platforms: *nix (tested on Linux, FreeBSD and
|
|
|
|
NetBSD) and Win32
|
2004-07-06 23:34:50 +02:00
|
|
|
\item Distributed: You can run \ejabberd{} on a cluster of machines to let all of
|
|
|
|
them serve one Jabber domain.
|
2003-07-14 20:06:03 +02:00
|
|
|
\item Fault-tolerance: You can setup an \ejabberd{} cluster so that all the
|
2003-02-10 15:31:27 +01:00
|
|
|
information required for a properly working service will be stored
|
2003-07-13 11:00:01 +02:00
|
|
|
permanently on more than one node. This means that if one of the nodes
|
2003-02-11 19:09:14 +01:00
|
|
|
crashes, then the others will continue working without disruption.
|
2004-07-06 23:34:50 +02:00
|
|
|
You can also add or replace nodes ``on the fly''.
|
|
|
|
\item Built-in \tjepref{0045}{Multi-User Chat} service
|
2003-07-13 11:00:01 +02:00
|
|
|
\item Built-in IRC transport
|
2004-07-06 23:34:50 +02:00
|
|
|
\item Built-in \tjepref{0060}{Publish-Subscribe} service
|
2003-07-13 11:00:01 +02:00
|
|
|
\item Built-in Jabber Users Directory service based on users vCards
|
2004-07-10 00:34:26 +02:00
|
|
|
\item Built-in web-based administration interface
|
2004-07-06 23:34:50 +02:00
|
|
|
\item Built-in \tjepref{0025}{HTTP Polling} service
|
2003-11-23 21:11:21 +01:00
|
|
|
\item SSL support
|
2004-03-20 21:55:58 +01:00
|
|
|
\item Support for LDAP authentification
|
2004-07-06 23:34:50 +02:00
|
|
|
\item Ability to interface with external components (JIT, MSN-t, Yahoo-t, etc.)
|
2003-11-23 21:11:21 +01:00
|
|
|
\item Migration from jabberd14 is possible
|
|
|
|
\item Mostly XMPP-compliant
|
2004-07-06 23:34:50 +02:00
|
|
|
\item Support for \jepref{0030} (Service Discovery).
|
|
|
|
\item Support for \jepref{0039} (Statistics Gathering).
|
2004-03-20 21:55:58 +01:00
|
|
|
\item Support for \ns{xml:lang}
|
2003-02-03 21:23:08 +01:00
|
|
|
\end{itemize}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
The misfeatures of \ejabberd{} are:
|
2003-11-23 21:11:21 +01:00
|
|
|
\begin{itemize}
|
|
|
|
\item No support for virtual domains
|
|
|
|
\item No support for STARTTLS
|
|
|
|
\end{itemize}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
|
|
|
|
\section{Installation}
|
|
|
|
\label{sec:installation}
|
|
|
|
|
|
|
|
\subsection{Installation Requirements}
|
|
|
|
\label{sec:installreq}
|
|
|
|
|
2003-07-13 11:00:01 +02:00
|
|
|
\subsubsection{Unix}
|
|
|
|
\label{sec:installrequnix}
|
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
To compile \ejabberd{}, you will need the following packages:
|
2003-01-23 21:57:55 +01:00
|
|
|
\begin{itemize}
|
|
|
|
\item GNU Make;
|
|
|
|
\item GCC;
|
|
|
|
\item libexpat 1.95 or later;
|
|
|
|
\item Erlang/OTP R8B or later.
|
|
|
|
\end{itemize}
|
|
|
|
|
2003-07-13 11:00:01 +02:00
|
|
|
\subsubsection{Windows}
|
|
|
|
\label{sec:installreqwin}
|
|
|
|
|
|
|
|
To compile \ejabberd{} in MS Windows environment, you will need the following
|
|
|
|
packages:
|
|
|
|
\begin{itemize}
|
2004-07-06 23:34:50 +02:00
|
|
|
\item MS Visual C++ 6.0 Compiler
|
|
|
|
\item \footahref{http://www.erlang.org/download/otp\_win32\_R9C-0.exe}{Erlang/OTP R9C-0}
|
|
|
|
\item \footahref{http://prdownloads.sourceforge.net/expat/expat\_win32bin\_1\_95\_7.exe?download}{Expat 1.95.7}
|
2004-03-21 21:27:09 +01:00
|
|
|
\item
|
2004-07-06 23:34:50 +02:00
|
|
|
\footahref{http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.9.1.tar.gz}{Iconv 1.9.1}
|
2004-03-21 21:27:09 +01:00
|
|
|
(optional)
|
2004-07-06 23:34:50 +02:00
|
|
|
\item \footahref{http://www.slproweb.com/products/Win32OpenSSL.html}{Shining Light OpenSSL}
|
2004-04-27 22:28:23 +02:00
|
|
|
(to enable SSL connections)
|
2003-07-13 11:00:01 +02:00
|
|
|
\end{itemize}
|
|
|
|
|
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
\subsection{Obtaining}
|
|
|
|
\label{sec:obtaining}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
Stable \ejabberd{} release can be obtained at
|
|
|
|
\ahrefurl{http://www.jabberstudio.org/projects/ejabberd/releases/}.
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
The latest alpha version can be retrieved from CVS\@.
|
2004-07-06 23:34:50 +02:00
|
|
|
\begin{verbatim}
|
|
|
|
export CVSROOT=:pserver:anonymous@jabberstudio.org:/home/cvs
|
|
|
|
cvs login
|
|
|
|
<press Enter when asked for a password>
|
|
|
|
cvs -z3 co ejabberd
|
|
|
|
\end{verbatim}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
|
|
|
|
\subsection{Compilation}
|
|
|
|
\label{sec:compilation}
|
2003-07-13 11:00:01 +02:00
|
|
|
\subsubsection{Unix}
|
|
|
|
\label{sec:compilationunix}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2003-01-28 20:45:13 +01:00
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
./configure
|
|
|
|
make
|
|
|
|
su
|
|
|
|
make install
|
2003-01-28 20:45:13 +01:00
|
|
|
\end{verbatim}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
This will install \ejabberd{} to \verb|/var/lib/ejabberd| directory,
|
|
|
|
\verb|ejabberd.cfg| to \verb|/etc/ejabberd| directory and create
|
|
|
|
\verb|/var/log/ejabberd| directory for log files.
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2003-07-13 11:00:01 +02:00
|
|
|
\subsubsection{Windows}
|
|
|
|
\label{sec:compilationwin}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\begin{itemize}
|
2004-04-27 22:28:23 +02:00
|
|
|
\item Install Erlang emulator (for example, into \verb|C:\Program Files\erl5.3|).
|
|
|
|
\item Install Expat library into \verb|C:\Program Files\Expat-1.95.7|
|
2004-07-06 23:34:50 +02:00
|
|
|
directory.
|
|
|
|
|
|
|
|
Copy file \verb|C:\Program Files\Expat-1.95.7\Libs\libexpat.dll|
|
2003-07-13 11:00:01 +02:00
|
|
|
to your Windows system directory (for example, \verb|C:\WINNT| or
|
|
|
|
\verb|C:\WINNT\System32|)
|
2004-04-27 22:28:23 +02:00
|
|
|
\item Build and install Iconv library into \verb|C:\Program Files\iconv-1.9.1| directory.
|
2004-07-06 23:34:50 +02:00
|
|
|
|
2004-04-27 22:28:23 +02:00
|
|
|
Copy file \verb|C:\Program Files\iconv-1.9.1\bin\iconv.dll| to your
|
2003-07-13 11:00:01 +02:00
|
|
|
Windows system directory.
|
|
|
|
|
2004-04-27 22:28:23 +02:00
|
|
|
Note: Instead of copying libexpat.dll and iconv.dll to Windows
|
2003-07-13 11:00:01 +02:00
|
|
|
directory, you can add directories
|
2004-04-27 22:28:23 +02:00
|
|
|
\verb|C:\Program Files\Expat-1.95.7\Libs| and
|
|
|
|
\verb|C:\Program Files\iconv-1.9.1\bin| to \verb|PATH| environment
|
2003-07-13 11:00:01 +02:00
|
|
|
variable.
|
|
|
|
\item Being in \verb|ejabberd\src| directory run:
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
configure.bat
|
2003-07-13 11:00:01 +02:00
|
|
|
nmake -f Makefile.win32
|
|
|
|
\end{verbatim}
|
|
|
|
\item Edit file \verb|ejabberd\src\ejabberd.cfg| and run
|
|
|
|
\begin{verbatim}
|
|
|
|
werl -s ejabberd -name ejabberd
|
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
\end{itemize}
|
2003-07-13 11:00:01 +02:00
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
%\subsection{Initial Configuration}
|
|
|
|
%\label{sec:initconfig}
|
|
|
|
|
|
|
|
|
2003-01-28 20:45:13 +01:00
|
|
|
\subsection{Starting}
|
|
|
|
\label{sec:starting}
|
|
|
|
|
2003-10-12 20:21:16 +02:00
|
|
|
To start \ejabberd{}, use the following command:
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
erl -pa /var/lib/ejabberd/ebin -name ejabberd -s ejabberd
|
2003-10-12 20:21:16 +02:00
|
|
|
\end{verbatim}
|
|
|
|
or
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
erl -pa /var/lib/ejabberd/ebin -sname ejabberd -s ejabberd
|
2003-10-12 20:21:16 +02:00
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
In the latter case Erlang node will be identified using only first part of host
|
|
|
|
name, i.\,e. other Erlang nodes outside this domain can't contact this node.
|
|
|
|
|
|
|
|
Note that when using above command \ejabberd{} will search for config file
|
|
|
|
in current directory and will use current directory for storing user database
|
|
|
|
and logging.
|
2003-10-12 20:21:16 +02:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
To specify path to config file, log files and Mnesia database directory,
|
|
|
|
you may use the following command:
|
2003-10-12 20:21:16 +02:00
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
erl -pa /var/lib/ejabberd/ebin \
|
|
|
|
-sname ejabberd \
|
|
|
|
-s ejabberd \
|
|
|
|
-ejabberd config \"/etc/ejabberd/ejabberd.cfg\" \
|
|
|
|
log_path \"/var/log/ejabberd/ejabberd.log\" \
|
|
|
|
-sasl sasl_error_logger \{file,\"/var/log/ejabberd/sasl.log\"\} \
|
|
|
|
-mnesia dir \"/var/lib/ejabberd/spool\"
|
2003-10-12 20:21:16 +02:00
|
|
|
\end{verbatim}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
You can find other useful options in Erlang manual page (\shell{erl -man erl}).
|
2003-10-12 20:21:16 +02:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
To use more than 1024 connections, you should set environment variable
|
2003-10-12 20:21:16 +02:00
|
|
|
\verb|ERL_MAX_PORTS|:
|
2003-02-05 21:28:49 +01:00
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
export ERL_MAX_PORTS=32000
|
2003-02-05 21:28:49 +01:00
|
|
|
\end{verbatim}
|
|
|
|
Note that with this value \ejabberd{} will use more memory (approximately 6MB
|
2003-10-12 20:21:16 +02:00
|
|
|
more).
|
2003-02-05 21:28:49 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
To reduce memory usage, you may set environment variable
|
2003-10-12 20:21:16 +02:00
|
|
|
\verb|ERL_FULLSWEEP_AFTER|:
|
2003-01-28 20:45:13 +01:00
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
export ERL_FULLSWEEP_AFTER=0
|
2003-01-28 20:45:13 +01:00
|
|
|
\end{verbatim}
|
2003-10-12 20:21:16 +02:00
|
|
|
But in this case \ejabberd{} can start to work slower.
|
|
|
|
|
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
\section{Configuration}
|
|
|
|
\label{sec:configuration}
|
|
|
|
|
|
|
|
\subsection{Initial Configuration}
|
|
|
|
\label{sec:initconfig}
|
|
|
|
|
|
|
|
%\verbatiminput{../src/ejabberd.cfg}
|
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
The configuration file is initially loaded the first time \ejabberd{} is
|
2004-07-06 23:34:50 +02:00
|
|
|
executed, when it is parsed and stored in a database. Subsequently the
|
2003-02-11 19:09:14 +01:00
|
|
|
configuration is loaded from the database and any commands in the configuration
|
|
|
|
file are appended to the entries in the database. The configuration file
|
2004-07-06 23:34:50 +02:00
|
|
|
consists of a sequence of Erlang terms. Parts of lines after \term{`\%'} sign
|
2003-02-11 19:09:14 +01:00
|
|
|
are ignored. Each term is tuple, where first element is name of option, and
|
|
|
|
other are option values. E.\,g.\ if this file does not contain a ``host''
|
|
|
|
definition, then old value stored in the database will be used.
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
|
|
|
|
To override old values stored in the database the following lines can be added
|
|
|
|
in config:
|
2003-02-01 21:21:28 +01:00
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
override_global.
|
|
|
|
override_local.
|
|
|
|
override_acls.
|
2003-02-01 21:21:28 +01:00
|
|
|
\end{verbatim}
|
|
|
|
With this lines old global or local options or ACLs will be removed before
|
|
|
|
adding new ones.
|
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
\subsubsection{Host Name}
|
|
|
|
\label{sec:confighostname}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
Option \option{hostname} defines name of \Jabber{} domain that \ejabberd{}
|
2004-07-10 00:34:26 +02:00
|
|
|
serves. E.\,g.\ to use \jid{jabber.org} domain add the following line in the config:
|
2003-01-23 21:57:55 +01:00
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{host, "jabber.org"}.
|
2003-01-23 21:57:55 +01:00
|
|
|
\end{verbatim}
|
|
|
|
|
2003-01-24 21:18:33 +01:00
|
|
|
%This option is mandatory.
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-10 00:34:26 +02:00
|
|
|
\subsubsection{Default Language}
|
|
|
|
\label{sec:configlanguage}
|
|
|
|
|
|
|
|
Option \option{language} defines default language of \ejabberd{} messages, sent
|
|
|
|
to users. Default value is \term{"en"}. In order to take effect there must be a
|
|
|
|
translation file \term{<language>.msg} in \ejabberd{} \term{msgs} directory.
|
|
|
|
E.\,g.\ to use Russian as default language add the following line in the config:
|
|
|
|
\begin{verbatim}
|
|
|
|
{language, "ru"}.
|
|
|
|
\end{verbatim}
|
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
\subsubsection{Access Rules}
|
|
|
|
\label{sec:configaccess}
|
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
Access control in \ejabberd{} is performed via Access Control Lists (ACL). The
|
|
|
|
declarations of ACL in config file have following syntax:
|
2003-01-25 21:13:36 +01:00
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{acl, <aclname>, {<acltype>, ...}}.
|
2003-01-25 21:13:36 +01:00
|
|
|
\end{verbatim}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\term{<acltype>} can be one of following:
|
2003-01-25 21:13:36 +01:00
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{all} Matches all JIDs. Example:
|
2003-01-25 21:13:36 +01:00
|
|
|
\begin{verbatim}
|
|
|
|
{acl, all, all}.
|
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{\{user, <username>\}} Matches local user with name
|
|
|
|
\term{<username>}. Example:
|
2003-01-25 21:13:36 +01:00
|
|
|
\begin{verbatim}
|
|
|
|
{acl, admin, {user, "aleksey"}}.
|
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{\{user, <username>, <server>\}} Matches user with JID
|
|
|
|
\term{<username>@<server>} and any resource. Example:
|
2003-01-25 21:13:36 +01:00
|
|
|
\begin{verbatim}
|
|
|
|
{acl, admin, {user, "aleksey", "jabber.ru"}}.
|
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{\{server, <server>\}} Matches any JID from server
|
|
|
|
\term{<server>}. Example:
|
2003-01-25 21:13:36 +01:00
|
|
|
\begin{verbatim}
|
|
|
|
{acl, jabberorg, {server, "jabber.org"}}.
|
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{\{user\_regexp, <regexp>\}} Matches local user with name that
|
|
|
|
matches \term{<regexp>}. Example:
|
2003-01-29 21:21:14 +01:00
|
|
|
\begin{verbatim}
|
2003-02-06 20:09:22 +01:00
|
|
|
{acl, tests, {user, "^test[0-9]*$"}}.
|
2003-01-29 21:21:14 +01:00
|
|
|
\end{verbatim}
|
2003-02-06 20:09:22 +01:00
|
|
|
%$
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{\{user\_regexp, <regexp>, <server>\}} Matches user with name
|
|
|
|
that matches \term{<regexp>} and from server \term{<server>}. Example:
|
2003-01-29 21:21:14 +01:00
|
|
|
\begin{verbatim}
|
2003-02-06 20:09:22 +01:00
|
|
|
{acl, tests, {user, "^test", "localhost"}}.
|
2003-01-29 21:21:14 +01:00
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{\{server\_regexp, <regexp>\}} Matches any JID from server that
|
|
|
|
matches \term{<regexp>}. Example:
|
2003-01-29 21:21:14 +01:00
|
|
|
\begin{verbatim}
|
2003-02-06 20:09:22 +01:00
|
|
|
{acl, icq, {server, "^icq\\."}}.
|
2003-01-29 21:21:14 +01:00
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{\{node\_regexp, <user\_regexp>, <server\_regexp>\}} Matches user
|
|
|
|
with name that matches \term{<user\_regexp>} and from server that matches
|
|
|
|
\term{<server\_regexp>}. Example:
|
2003-01-29 21:21:14 +01:00
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{acl, aleksey, {node_regexp, "^aleksey$", "^jabber.(ru|org)$"}}.
|
2003-01-29 21:21:14 +01:00
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{\{user\_glob, <glob>\}}
|
|
|
|
\titem{\{user\_glob, <glob>, <server>\}}
|
|
|
|
\titem{\{server\_glob, <glob>\}}
|
|
|
|
\titem{\{node\_glob, <user\_glob>, <server\_glob>\}} This is same as
|
2003-02-11 19:09:14 +01:00
|
|
|
above, but uses shell glob patterns instead of regexp. These patterns can
|
|
|
|
have following special characters:
|
2003-01-29 21:21:14 +01:00
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{*} matches any string including the null string.
|
|
|
|
\titem{?} matches any single character.
|
|
|
|
\titem{[...]} matches any of the enclosed characters. Character
|
|
|
|
ranges are specified by a pair of characters separated by a \term{`-'}.
|
|
|
|
If the first character after \term{`['} is a \term{`!'}, then any
|
2003-01-29 21:21:14 +01:00
|
|
|
character not enclosed is matched.
|
|
|
|
\end{description}
|
2003-01-25 21:13:36 +01:00
|
|
|
\end{description}
|
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
The following ACLs pre-defined:
|
2003-02-01 21:21:28 +01:00
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{all} Matches all JIDs.
|
|
|
|
\titem{none} Matches none JIDs.
|
2003-02-01 21:21:28 +01:00
|
|
|
\end{description}
|
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
An entry allowing or denying different services would look similar to this:
|
2003-01-25 21:13:36 +01:00
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{access, <accessname>, [{allow, <aclname>},
|
|
|
|
{deny, <aclname>},
|
|
|
|
...
|
|
|
|
]}.
|
2003-01-25 21:13:36 +01:00
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
When a JID is checked to have access to \term{<accessname>}, the server
|
2003-02-11 19:09:14 +01:00
|
|
|
sequentially checks if this JID mathes one of the ACLs that are second elements
|
|
|
|
in each tuple in list. If it is matched, then the first element of matched
|
2004-07-06 23:34:50 +02:00
|
|
|
tuple is returned else ``\term{deny}'' is returned.
|
2003-01-25 21:13:36 +01:00
|
|
|
|
|
|
|
Example:
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{access, configure, [{allow, admin}]}.
|
|
|
|
{access, something, [{deny, badmans},
|
|
|
|
{allow, all}]}.
|
2003-01-25 21:13:36 +01:00
|
|
|
\end{verbatim}
|
|
|
|
|
2003-02-01 21:21:28 +01:00
|
|
|
Following access rules pre-defined:
|
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{all} Always return ``\term{allow}''
|
|
|
|
\titem{none} Always return ``\term{deny}''
|
2003-02-01 21:21:28 +01:00
|
|
|
\end{description}
|
|
|
|
|
|
|
|
|
2003-02-11 21:45:35 +01:00
|
|
|
\subsubsection{Shapers Configuration}
|
|
|
|
\label{sec:configshaper}
|
|
|
|
|
|
|
|
With shapers is possible to bound connection traffic. The declarations of
|
|
|
|
shapers in config file have following syntax:
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{shaper, <shapername>, <kind>}.
|
2003-02-11 21:45:35 +01:00
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
Currently implemented only one kind of shaper: \term{maxrate}. It have
|
2003-02-11 21:45:35 +01:00
|
|
|
following syntax:
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{maxrate, <rate>}
|
2003-02-11 21:45:35 +01:00
|
|
|
\end{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
where \term{<rate>} means maximum allowed incomig rate in bytes/second.
|
|
|
|
E.\,g.\ to define shaper with name ``\term{normal}'' and maximum allowed rate
|
2003-02-11 21:45:35 +01:00
|
|
|
1000\,bytes/s, add following line in config:
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{shaper, normal, {maxrate, 1000}}.
|
2003-02-11 21:45:35 +01:00
|
|
|
\end{verbatim}
|
|
|
|
|
|
|
|
|
2003-02-01 21:21:28 +01:00
|
|
|
\subsubsection{Listened Sockets}
|
|
|
|
\label{sec:configlistened}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
Option \option{listen} defines list of listened sockets and what services
|
2003-02-01 21:21:28 +01:00
|
|
|
runned on them. Each element of list is a tuple with following elements:
|
|
|
|
\begin{itemize}
|
|
|
|
\item Port number;
|
|
|
|
\item Module that serves this port;
|
|
|
|
\item Options to this module.
|
|
|
|
\end{itemize}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
Currently these modules are implemented:
|
2003-02-01 21:21:28 +01:00
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{ejabberd\_c2s} This module serves C2S connections.
|
2003-02-01 21:21:28 +01:00
|
|
|
|
2003-10-09 20:09:05 +02:00
|
|
|
The following options are defined:
|
2003-02-01 21:21:28 +01:00
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{\{access, <access rule>\}} This option defines access of users
|
|
|
|
to this C2S port. Default value is ``\term{all}''.
|
|
|
|
\titem{\{shaper, <access rule>\}} This option is like previous, but
|
|
|
|
use shapers instead of ``\term{allow}'' and ``\term{deny}''. Default
|
|
|
|
value is ``\term{none}''.
|
|
|
|
\titem{\{ip, IPAddress\}} This option specifies which network interface to
|
|
|
|
listen on. For example \verb|{ip, {192, 168, 1, 1}}|.
|
|
|
|
\titem{inet6} Set up the socket for IPv6.
|
|
|
|
\titem{ssl} This option specifies that traffic on this port will be
|
2004-05-08 21:30:38 +02:00
|
|
|
encrypted using SSL. You should also set ``\verb|certfile|'' option.
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{\{certfile, Path\}} Path to a file containing the SSL certificate.
|
|
|
|
\end{description}
|
|
|
|
\titem{ejabberd\_s2s\_in} This module serves incoming S2S connections.
|
|
|
|
\titem{ejabberd\_service} This module serves connections from \Jabber{}
|
|
|
|
services (i.\,e.\ that use the \ns{jabber:component:accept} namespace).
|
|
|
|
|
|
|
|
The following additional options are defined for \term{ejabberd\_service}
|
|
|
|
(options \option{access}, \option{shaper}, \option{ip}, \option{inet6} are
|
|
|
|
still valid):
|
|
|
|
\begin{description}
|
|
|
|
\titem{\{host, Hostname, [HostOptions]\}} This option defines hostname of connected
|
|
|
|
service and allows to specify additional options, e.\,g.\
|
|
|
|
\poption{\{password, Secret\}}.
|
|
|
|
\titem{\{hosts, [Hostnames], [HostOptions]\}} The same as above, but allows to
|
|
|
|
specify several hostnames.
|
|
|
|
\end{description}
|
|
|
|
\titem{ejabberd\_http} This module serves incoming HTTP connections.
|
|
|
|
|
|
|
|
The following options are defined:
|
|
|
|
\begin{description}
|
|
|
|
\titem{http\_poll} This option enables \tjepref{0025}{HTTP Polling} .
|
|
|
|
support. It is available then at \verb|http://server:port/http-poll/|.
|
|
|
|
|
|
|
|
\titem{web\_admin} This option enables web-based interface for \ejabberd{}
|
|
|
|
administration which is available at \verb|http://server:port/admin/|,
|
|
|
|
login and password should be equal to username and password of one of
|
|
|
|
registered users who have permission defined in ``configure'' access rule.
|
2003-02-01 21:21:28 +01:00
|
|
|
\end{description}
|
|
|
|
\end{description}
|
|
|
|
|
2004-05-22 21:48:35 +02:00
|
|
|
For example, the following configuration defines that:
|
|
|
|
\begin{itemize}
|
|
|
|
\item C2S connections are listened on port 5222 and 5223 (SSL) and denied for
|
2004-07-06 23:34:50 +02:00
|
|
|
user ``\term{bad}''
|
2004-05-22 21:48:35 +02:00
|
|
|
\item S2S connections are listened on port 5269
|
2004-07-06 23:34:50 +02:00
|
|
|
\item HTTP connections are listened on port 5280 and administration interface
|
|
|
|
and HTTP Polling support are enabled
|
2004-05-22 21:48:35 +02:00
|
|
|
\item All users except admins have traffic limit 1000\,B/s
|
2004-07-10 00:34:26 +02:00
|
|
|
\item AIM transport \jid{aim.example.org} is connected to port 5233 with
|
2004-07-06 23:34:50 +02:00
|
|
|
password ``\term{aimsecret}''
|
2004-07-10 00:34:26 +02:00
|
|
|
\item JIT transports \jid{icq.example.org} and \jid{sms.example.org} are
|
2004-07-06 23:34:50 +02:00
|
|
|
connected to port 5234 with password ``\term{jitsecret}''
|
2004-07-10 00:34:26 +02:00
|
|
|
\item MSN transport \jid{msn.example.org} is connected to port 5235 with
|
2004-07-06 23:34:50 +02:00
|
|
|
password ``\term{msnsecret}''
|
2004-07-10 00:34:26 +02:00
|
|
|
\item Yahoo! transport \jid{yahoo.example.org} is connected to port 5236 with
|
2004-07-06 23:34:50 +02:00
|
|
|
password ``\term{yahoosecret}''
|
2004-07-10 00:34:26 +02:00
|
|
|
\item Gadu-Gadu transport \jid{gg.example.org} is connected to port 5237 with
|
|
|
|
password ``\term{ggsecret}''
|
|
|
|
\item ILE service \jid{ile.example.org} is connected to port 5238 with
|
2004-07-06 23:34:50 +02:00
|
|
|
password ``\term{ilesecret}''
|
2004-05-22 21:48:35 +02:00
|
|
|
\end{itemize}
|
2004-07-10 00:34:26 +02:00
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{acl, blocked, {user, "bad"}}.
|
|
|
|
{access, c2s, [{deny, blocked},
|
|
|
|
{allow, all}]}.
|
|
|
|
{shaper, normal, {maxrate, 1000}}.
|
|
|
|
{access, c2s_shaper, [{none, admin},
|
|
|
|
{normal, all}]}.
|
|
|
|
{listen,
|
|
|
|
[{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}]},
|
|
|
|
{5223, ejabberd_c2s, [{access, c2s},
|
|
|
|
ssl, {certfile, "/path/to/ssl.pem"}]},
|
|
|
|
{5269, ejabberd_s2s_in, []},
|
|
|
|
{5280, ejabberd_http, [http_poll, web_admin]},
|
|
|
|
{5233, ejabberd_service, [{host, "aim.example.org",
|
|
|
|
[{password, "aimsecret"}]}]},
|
|
|
|
{5234, ejabberd_service, [{hosts, ["icq.example.org", "sms.example.org"],
|
|
|
|
[{password, "jitsecret"}]}]},
|
|
|
|
{5235, ejabberd_service, [{host, "msn.example.org",
|
|
|
|
[{password, "msnsecret"}]}]},
|
|
|
|
{5236, ejabberd_service, [{host, "yahoo.example.org",
|
|
|
|
[{password, "yahoosecret"}]}]},
|
|
|
|
{5237, ejabberd_service, [{host, "gg.example.org",
|
|
|
|
[{password, "ggsecret"}]}]},
|
|
|
|
{5238, ejabberd_service, [{host, "ile.example.org",
|
|
|
|
[{password, "ilesecret"}]}]}
|
|
|
|
]
|
|
|
|
}.
|
|
|
|
\end{verbatim}
|
|
|
|
Note, that for jabberd14- or wpjabberd-based services you have to make the
|
|
|
|
transports log and do XDB by themselves:
|
2004-05-22 21:48:35 +02:00
|
|
|
\begin{verbatim}
|
|
|
|
<!--
|
2004-07-06 23:34:50 +02:00
|
|
|
You have to add elogger and rlogger entries here when using ejabberd.
|
2004-05-22 21:48:35 +02:00
|
|
|
In this case the transport will do the logging.
|
|
|
|
-->
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
<log id='logger'>
|
2004-05-22 21:48:35 +02:00
|
|
|
<host/>
|
|
|
|
<logtype/>
|
|
|
|
<format>%d: [%t] (%h): %s</format>
|
2004-07-06 23:34:50 +02:00
|
|
|
<file>/var/log/jabber/service.log</file>
|
2004-05-22 21:48:35 +02:00
|
|
|
</log>
|
|
|
|
|
|
|
|
<!--
|
|
|
|
Some Jabber server implementations do not provide
|
|
|
|
XDB services (for example jabberd 2.0 and ejabberd).
|
2004-07-06 23:34:50 +02:00
|
|
|
xdb_file_so is loaded in to handle all XDB requests.
|
2004-05-22 21:48:35 +02:00
|
|
|
-->
|
|
|
|
|
|
|
|
<xdb id="xdb">
|
|
|
|
<host/>
|
|
|
|
<load>
|
2004-07-06 23:34:50 +02:00
|
|
|
<!-- this is a lib of wpjabber or jabberd -->
|
|
|
|
<xdb_file>/usr/lib/jabber/xdb_file.so</xdb_file>
|
2004-05-22 21:48:35 +02:00
|
|
|
</load>
|
|
|
|
<xdb_file xmlns="jabber:config:xdb_file">
|
|
|
|
<spool><jabberd:cmdline flag='s'>/var/spool/jabber</jabberd:cmdline></spool>
|
|
|
|
</xdb_file>
|
|
|
|
</xdb>
|
2003-02-01 21:21:28 +01:00
|
|
|
\end{verbatim}
|
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
\subsubsection{Modules}
|
|
|
|
\label{sec:configmodules}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
Option \term{modules} defines the list of modules that will be loaded after
|
2003-01-23 21:57:55 +01:00
|
|
|
\ejabberd{} startup. Each list element is a tuple where first element is a
|
2003-02-11 19:09:14 +01:00
|
|
|
name of a module and second is list of options to this module. See
|
2003-01-23 21:57:55 +01:00
|
|
|
section~\ref{sec:modules} for detailed information on each module.
|
|
|
|
|
|
|
|
Example:
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{modules,
|
|
|
|
[{mod_register, []},
|
|
|
|
{mod_roster, []},
|
|
|
|
{mod_privacy, []},
|
|
|
|
{mod_configure, []},
|
|
|
|
{mod_disco, []},
|
|
|
|
{mod_stats, []},
|
|
|
|
{mod_vcard, []},
|
|
|
|
{mod_offline, []},
|
|
|
|
{mod_echo, [{host, "echo.localhost"}]},
|
|
|
|
{mod_private, []},
|
|
|
|
{mod_irc, []},
|
|
|
|
{mod_muc, []},
|
|
|
|
{mod_pubsub, []},
|
|
|
|
{mod_time, [{iqdisc, no_queue}]},
|
|
|
|
{mod_last, []},
|
|
|
|
{mod_version, []}
|
|
|
|
]}.
|
2003-01-23 21:57:55 +01:00
|
|
|
\end{verbatim}
|
|
|
|
|
|
|
|
|
2003-02-03 21:23:08 +01:00
|
|
|
\subsection{Online Configuration and Monitoring}
|
2003-01-23 21:57:55 +01:00
|
|
|
\label{sec:onlineconfig}
|
|
|
|
|
2004-07-10 22:06:27 +02:00
|
|
|
\subsubsection{Web-based Administration Interface}
|
|
|
|
\label{sec:webadm}
|
|
|
|
|
2004-07-10 00:34:26 +02:00
|
|
|
To perform online reconfiguration of \ejabberd{} you need to enable
|
|
|
|
\term{ejabberd\_http} listener with option \term{web\_admin} (see
|
|
|
|
section~\ref{sec:configlistened}). After that you can open URL
|
|
|
|
\verb|http://server:port/admin/| with you favorite web-browser and enter
|
|
|
|
username and password of \ejabberd{} administrator. E.\,g. with such config:
|
|
|
|
\begin{verbatim}
|
|
|
|
...
|
|
|
|
{host, "example.org"}.
|
|
|
|
...
|
|
|
|
{listen,
|
|
|
|
[...
|
|
|
|
{5280, ejabberd_http, [web_admin]},
|
|
|
|
...
|
|
|
|
]
|
|
|
|
}.
|
|
|
|
\end{verbatim}
|
|
|
|
you should enter URL \verb|http://example.org:5280/admin/|. After
|
|
|
|
authentification you should see something like in figure~\ref{fig:webadmmain}.
|
2003-02-08 19:21:05 +01:00
|
|
|
\begin{figure}[htbp]
|
|
|
|
\centering
|
2004-07-10 00:34:26 +02:00
|
|
|
\insimg{webadmmain.png}
|
|
|
|
\caption{Web-administration top page}
|
|
|
|
\label{fig:webadmmain}
|
2003-02-08 19:21:05 +01:00
|
|
|
\end{figure}
|
2004-07-10 00:34:26 +02:00
|
|
|
Here you can edit access restrictions, manage users, create backup files,
|
|
|
|
manage DB, enable/disable listened ports, and view statistics.
|
2003-02-03 21:23:08 +01:00
|
|
|
|
|
|
|
|
2004-07-10 22:06:27 +02:00
|
|
|
\subsubsection{\term{ejabberdctl} tool}
|
|
|
|
\label{sec:ejabberdctl}
|
|
|
|
|
|
|
|
It is possible to do some administration operations using \term{ejabberdctl}
|
|
|
|
command-line tool. You can check available options running this command
|
|
|
|
without arguments:
|
|
|
|
\begin{verbatim}
|
|
|
|
% ejabberdctl
|
|
|
|
Usage: ejabberdctl node command
|
|
|
|
|
|
|
|
Available commands:
|
|
|
|
stop stop ejabberd
|
|
|
|
restart restart ejabberd
|
|
|
|
reopen-log reopen log file
|
|
|
|
register user password register a user
|
|
|
|
unregister user unregister a user
|
|
|
|
backup file store a database backup in file
|
|
|
|
restore file restore a database backup from file
|
|
|
|
install-fallback file install a database fallback from file
|
|
|
|
dump file dump a database in a text file
|
|
|
|
load file restore a database from a text file
|
|
|
|
registered-users list all registered users
|
|
|
|
|
|
|
|
Example:
|
|
|
|
ejabberdctl ejabberd@host restart
|
|
|
|
\end{verbatim}
|
|
|
|
|
|
|
|
|
2003-02-03 21:23:08 +01:00
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
\section{Distribution}
|
|
|
|
\label{sec:distribution}
|
|
|
|
|
|
|
|
|
2003-01-25 21:13:36 +01:00
|
|
|
\subsection{How it works}
|
|
|
|
\label{sec:howitworks}
|
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
A \Jabber{} domain is served by one or more \ejabberd{} nodes. These nodes can
|
2004-07-10 00:34:26 +02:00
|
|
|
be runned on different machines that are connected via a network. They all
|
|
|
|
must have the ability to connect to port 4369 of all another nodes, and must
|
|
|
|
have the same magic cookie (see Erlang/OTP documentation, in other words the
|
|
|
|
file \term{\~{}ejabberd/.erlang.cookie} must be the same on all nodes). This is
|
2003-01-25 21:13:36 +01:00
|
|
|
needed because all nodes exchange information about connected users, S2S
|
2003-01-29 21:21:14 +01:00
|
|
|
connections, registered services, etc\ldots
|
2003-01-25 21:13:36 +01:00
|
|
|
|
2003-07-13 11:00:01 +02:00
|
|
|
Each \ejabberd{} node have following modules:
|
2003-01-25 21:13:36 +01:00
|
|
|
\begin{itemize}
|
|
|
|
\item router;
|
|
|
|
\item local router.
|
|
|
|
\item session manager;
|
|
|
|
\item S2S manager;
|
|
|
|
\end{itemize}
|
|
|
|
|
|
|
|
|
|
|
|
\subsubsection{Router}
|
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
This module is the main router of \Jabber{} packets on each node. It routes
|
|
|
|
them based on their destinations domains. It has two tables: local and global
|
2003-01-25 21:13:36 +01:00
|
|
|
routes. First, domain of packet destination searched in local table, and if it
|
2003-02-11 19:09:14 +01:00
|
|
|
found, then the packet is routed to appropriate process. If no, then it
|
|
|
|
searches in global table, and is routed to the appropriate \ejabberd{} node or
|
2003-07-13 11:00:01 +02:00
|
|
|
process. If it does not exists in either tables, then it sent to the S2S
|
2003-02-11 19:09:14 +01:00
|
|
|
manager.
|
2003-01-25 21:13:36 +01:00
|
|
|
|
|
|
|
|
|
|
|
\subsubsection{Local Router}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
This module routes packets which have a destination domain equal to this server
|
2003-07-13 11:00:01 +02:00
|
|
|
name. If destination JID has a non-empty user part, then it routed to the
|
|
|
|
session manager, else it is processed depending on it's content.
|
2003-01-25 21:13:36 +01:00
|
|
|
|
|
|
|
|
|
|
|
\subsubsection{Session Manager}
|
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
This module routes packets to local users. It searches for what user resource
|
|
|
|
packet must be sended via presence table. If this resource is connected to
|
|
|
|
this node, it is routed to C2S process, if it connected via another node, then
|
|
|
|
the packet is sent to session manager on that node.
|
2003-01-25 21:13:36 +01:00
|
|
|
|
|
|
|
|
|
|
|
\subsubsection{S2S Manager}
|
|
|
|
|
2003-02-11 19:09:14 +01:00
|
|
|
This module routes packets to other \Jabber{} servers. First, it checks if an
|
|
|
|
open S2S connection from the domain of the packet source to the domain of
|
|
|
|
packet destination already exists. If it is open on another node, then it
|
|
|
|
routes the packet to S2S manager on that node, if it is open on this node, then
|
|
|
|
it is routed to the process that serves this connection, and if a connection
|
|
|
|
does not exist, then it is opened and registered.
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
|
2003-02-08 19:21:05 +01:00
|
|
|
\appendix{}
|
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
\section{Built-in Modules}
|
|
|
|
\label{sec:modules}
|
|
|
|
|
2003-01-24 21:18:33 +01:00
|
|
|
\subsection{Common Options}
|
|
|
|
\label{sec:modcommonopts}
|
|
|
|
|
2003-10-09 20:09:05 +02:00
|
|
|
The following options are used by many modules, so they are described in
|
|
|
|
separate section.
|
2003-01-24 21:18:33 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\subsubsection{Option \option{iqdisc}}
|
|
|
|
\label{sec:modiqdiscoption}
|
2003-01-24 21:18:33 +01:00
|
|
|
|
|
|
|
Many modules define handlers for processing IQ queries of different namespaces
|
2004-07-06 23:34:50 +02:00
|
|
|
to this server or to user (e.\,g.\ to \jid{example.org} or to
|
|
|
|
\jid{user@example.org}). This option defines processing discipline of
|
2003-02-11 19:09:14 +01:00
|
|
|
these queries. Possible values are:
|
2003-01-24 21:18:33 +01:00
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{no\_queue} All queries of namespace with this processing
|
2003-01-24 21:18:33 +01:00
|
|
|
discipline processed immediately. This also means that no other packets can
|
|
|
|
be processed until finished this. Hence this discipline is not recommended
|
2004-07-06 23:34:50 +02:00
|
|
|
if processing of query can take relatively long time.
|
|
|
|
\titem{one\_queue} In this case created separate queue for processing
|
2003-10-11 19:39:36 +02:00
|
|
|
of IQ queries of namespace with this discipline, and processing of this queue
|
|
|
|
is done in parallel with processing of other packets. This discipline is most
|
2003-01-24 21:18:33 +01:00
|
|
|
recommended.
|
2004-07-06 23:34:50 +02:00
|
|
|
\titem{parallel} In this case for all packets with this discipline
|
2003-07-13 11:00:01 +02:00
|
|
|
spawned separate Erlang process, so all these packets processed in parallel.
|
2003-10-11 19:39:36 +02:00
|
|
|
Although spawning of Erlang process have relatively low cost, this can broke
|
|
|
|
server normal work, because Erlang emulator have limit on number of processes
|
|
|
|
(32000 by default).
|
2003-01-24 21:18:33 +01:00
|
|
|
\end{description}
|
|
|
|
|
|
|
|
Example:
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{modules,
|
|
|
|
[
|
|
|
|
...
|
|
|
|
{mod_time, [{iqdisc, no_queue}]},
|
|
|
|
...
|
|
|
|
]}.
|
2003-01-24 21:18:33 +01:00
|
|
|
\end{verbatim}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\subsubsection{Option \option{host}}
|
|
|
|
\label{sec:modhostoption}
|
2003-01-25 21:13:36 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
This option explicitly defines hostname for the module which acts as a service.
|
2003-01-25 21:13:36 +01:00
|
|
|
|
|
|
|
Example:
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{modules,
|
|
|
|
[
|
|
|
|
...
|
|
|
|
{mod_echo, [{host, "echo.example.org"}]},
|
|
|
|
...
|
|
|
|
]}.
|
2003-01-25 21:13:36 +01:00
|
|
|
\end{verbatim}
|
|
|
|
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\subsection{\modconfigure{}}
|
|
|
|
\label{sec:modconfigure}
|
2003-01-25 21:13:36 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
Options:
|
|
|
|
\begin{description}
|
|
|
|
\iqdiscitem{\ns{ejabberd:config}}
|
|
|
|
\end{description}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
|
|
|
|
\subsection{\moddisco{}}
|
|
|
|
\label{sec:moddisco}
|
|
|
|
|
|
|
|
This module adds support for \jepref{0030} (Service Discovery).
|
2003-10-11 19:39:36 +02:00
|
|
|
|
|
|
|
Options:
|
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\iqdiscitem{\ns{http://jabber.org/protocol/disco\#items} and
|
|
|
|
\ns{http://jabber.org/protocol/disco\#info}}
|
|
|
|
\titem{extra\_domains} List of domains that will be added to server
|
|
|
|
items reply
|
2003-10-11 19:39:36 +02:00
|
|
|
\end{description}
|
|
|
|
|
|
|
|
Example:
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
{modules,
|
|
|
|
[
|
|
|
|
...
|
|
|
|
{mod_disco, [{extra_domains, ["jit.example.com",
|
|
|
|
"etc.example.com"]}]},
|
|
|
|
...
|
|
|
|
]}.
|
|
|
|
\end{verbatim}
|
2003-10-11 19:39:36 +02:00
|
|
|
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\subsection{\modecho{}}
|
|
|
|
\label{sec:modecho}
|
2003-10-11 19:39:36 +02:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
This module acts as a service and simply returns to sender any \Jabber{} packet. Module may be
|
|
|
|
useful for debugging.
|
2003-10-11 19:39:36 +02:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
Options:
|
|
|
|
\begin{description}
|
|
|
|
\hostitem{echo}
|
|
|
|
\end{description}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\subsection{\modirc{}}
|
|
|
|
\label{sec:modirc}
|
|
|
|
|
|
|
|
This module implements IRC transport.
|
|
|
|
|
|
|
|
Options:
|
|
|
|
\begin{description}
|
|
|
|
\hostitem{irc}
|
2004-07-11 22:51:54 +02:00
|
|
|
\titem{access} Specifies who is allowed to use IRC transport (default value is \term{all}).
|
2004-07-06 23:34:50 +02:00
|
|
|
\end{description}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-11 22:51:54 +02:00
|
|
|
Example:
|
|
|
|
\begin{verbatim}
|
|
|
|
{modules,
|
|
|
|
[
|
|
|
|
...
|
|
|
|
{mod_irc, [{access, all}]},
|
|
|
|
...
|
|
|
|
]}.
|
|
|
|
\end{verbatim}
|
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\subsection{\modlast{}}
|
|
|
|
\label{sec:modlast}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
This module adds support for \jepref{0012} (Last Activity)
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
Options:
|
|
|
|
\begin{description}
|
|
|
|
\iqdiscitem{\ns{jabber:iq:last}}
|
|
|
|
\end{description}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\subsection{\modmuc{}}
|
|
|
|
\label{sec:modmuc}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
This module implements \jepref{0045} (Multi-User Chat) service.
|
2003-10-09 20:09:05 +02:00
|
|
|
|
|
|
|
Options:
|
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\hostitem{conference}
|
|
|
|
\titem{access} Specifies who is allowed to use MUC service (default value is \term{all}).
|
|
|
|
\titem{access\_create} Specifies who is allowed to create new rooms at
|
|
|
|
MUC service (default value is \term{all}).
|
|
|
|
\titem{access\_admin} Specifies who is allowed to administrate MUC service
|
|
|
|
(default value is \term{none}, which means that only creator may administer her room).
|
2003-10-09 20:09:05 +02:00
|
|
|
\end{description}
|
|
|
|
|
|
|
|
Example:
|
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
% Define admin ACL
|
|
|
|
{acl, admin, {user, "admin"}}
|
|
|
|
|
|
|
|
% Define MUC admin access rule
|
|
|
|
{access, muc_admin, [{allow, admin}]}
|
|
|
|
|
|
|
|
{modules,
|
|
|
|
[
|
|
|
|
...
|
|
|
|
{mod_muc, [{access, all},
|
|
|
|
{access_create, all},
|
|
|
|
{access_admin, muc_admin}]},
|
|
|
|
...
|
|
|
|
]}.
|
2003-10-09 20:09:05 +02:00
|
|
|
\end{verbatim}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\subsection{\modoffline{}}
|
|
|
|
\label{sec:modoffline}
|
|
|
|
|
|
|
|
This module implements offline message storage.
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
|
|
|
|
\subsection{\modprivacy{}}
|
|
|
|
\label{sec:modprivacy}
|
|
|
|
|
|
|
|
This module implements Privacy Rules as defined in XMPP IM
|
|
|
|
(see \ahrefurl{http://www.jabber.org/ietf/}).
|
2003-01-25 21:13:36 +01:00
|
|
|
|
|
|
|
Options:
|
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\iqdiscitem{\ns{jabber:iq:privacy}}
|
2003-01-25 21:13:36 +01:00
|
|
|
\end{description}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\subsection{\modprivate{}}
|
|
|
|
\label{sec:modprivate}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
This module adds support of \jepref{0049} (Private XML Storage).
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
Options:
|
|
|
|
\begin{description}
|
|
|
|
\iqdiscitem{\ns{jabber:iq:private}}
|
|
|
|
\end{description}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\subsection{\modpubsub{}}
|
|
|
|
\label{sec:modpubsub}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
This module implements \jepref{0060} (Publish-Subscribe Service).
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
Options:
|
|
|
|
\begin{description}
|
|
|
|
\hostitem{pubsub}
|
|
|
|
\titem{served\_hosts} Specifies which hosts are served by the service.
|
|
|
|
If absent then only main \ejabberd{} host is served.
|
|
|
|
\end{description}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
Example:
|
|
|
|
\begin{verbatim}
|
|
|
|
{modules,
|
|
|
|
[
|
|
|
|
...
|
|
|
|
{mod_pubsub, [{served_hosts, ["example.com",
|
|
|
|
"example.org"]}]}
|
|
|
|
...
|
|
|
|
]}.
|
|
|
|
\end{verbatim}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
\subsection{\modregister{}}
|
|
|
|
\label{sec:modregister}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
This module adds support for \jepref{0077} (In-Band Registration).
|
|
|
|
|
|
|
|
Options:
|
|
|
|
\begin{description}
|
2004-07-11 22:51:54 +02:00
|
|
|
\titem{access} Specifies rule to restrict registration.
|
|
|
|
If this rule returns ``deny'' on requested user name, then
|
|
|
|
registration is not allowed for it. (default value is \term{all}, which means
|
|
|
|
no restrictions).
|
2004-07-06 23:34:50 +02:00
|
|
|
\iqdiscitem{\ns{jabber:iq:register}}
|
|
|
|
\end{description}
|
|
|
|
|
|
|
|
Example:
|
|
|
|
\begin{verbatim}
|
|
|
|
% Deny registration for users with too short name
|
|
|
|
{acl, shortname, {user_glob, "?"}}.
|
|
|
|
{acl, shortname, {user_glob, "??"}}.
|
|
|
|
% Another variant: {acl, shortname, {user_regexp, "^..?$"}}.
|
|
|
|
|
|
|
|
{access, register, [{deny, shortname},
|
|
|
|
{allow, all}]}.
|
|
|
|
|
|
|
|
{modules,
|
|
|
|
[
|
|
|
|
...
|
2004-07-11 22:51:54 +02:00
|
|
|
{mod_register, [{access, register}]},
|
2004-07-06 23:34:50 +02:00
|
|
|
...
|
|
|
|
]}.
|
|
|
|
\end{verbatim}
|
|
|
|
|
|
|
|
|
|
|
|
\subsection{\modroster{}}
|
|
|
|
\label{sec:modroster}
|
|
|
|
|
|
|
|
This module implements roster management.
|
|
|
|
|
|
|
|
Options:
|
|
|
|
\begin{description}
|
|
|
|
\iqdiscitem{\ns{jabber:iq:roster}}
|
|
|
|
\end{description}
|
|
|
|
|
|
|
|
|
|
|
|
\subsection{\modstats{}}
|
|
|
|
\label{sec:modstats}
|
|
|
|
|
|
|
|
This module adds support for \jepref{0039} (Statistics Gathering).
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2003-01-25 21:13:36 +01:00
|
|
|
Options:
|
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\iqdiscitem{\ns{http://jabber.org/protocol/stats}}
|
2003-01-25 21:13:36 +01:00
|
|
|
\end{description}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
TBD about access.
|
|
|
|
|
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
\subsection{\modtime{}}
|
|
|
|
\label{sec:modtime}
|
|
|
|
|
2003-01-25 21:13:36 +01:00
|
|
|
This module answers UTC time on \ns{jabber:iq:time} queries.
|
|
|
|
|
|
|
|
Options:
|
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\iqdiscitem{\ns{jabber:iq:time}}
|
|
|
|
\end{description}
|
|
|
|
|
|
|
|
|
|
|
|
\subsection{\modvcard{}}
|
|
|
|
\label{sec:modvcard}
|
|
|
|
|
|
|
|
This module implements simple Jabber User Directory (based on user vCards)
|
|
|
|
and answers server vCard on \ns{vcard-temp} queries.
|
|
|
|
|
|
|
|
Options:
|
|
|
|
\begin{description}
|
|
|
|
\hostitem{vjud}
|
|
|
|
\iqdiscitem{\ns{vcard-temp}}
|
2004-07-10 00:34:26 +02:00
|
|
|
\titem{search} Specifies wheather search is enabled (value is \term{true}, default) or
|
|
|
|
disabled (value is \term{false}) by the service. If \term{search} is set to \term{false},
|
|
|
|
option \term{host} is ignored and service does not appear in Jabber Discovery items.
|
2003-01-25 21:13:36 +01:00
|
|
|
\end{description}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-10 00:34:26 +02:00
|
|
|
Example:
|
|
|
|
\begin{verbatim}
|
|
|
|
{modules,
|
|
|
|
[
|
|
|
|
...
|
|
|
|
{mod_vcard, [{search, false}]}
|
|
|
|
...
|
|
|
|
]}.
|
|
|
|
\end{verbatim}
|
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
\subsection{\modversion{}}
|
|
|
|
\label{sec:modversion}
|
|
|
|
|
2003-01-25 21:13:36 +01:00
|
|
|
This module answers \ejabberd{} version on \ns{jabber:iq:version} queries.
|
|
|
|
|
|
|
|
Options:
|
|
|
|
\begin{description}
|
2004-07-06 23:34:50 +02:00
|
|
|
\iqdiscitem{\ns{jabber:iq:version}}
|
2003-01-25 21:13:36 +01:00
|
|
|
\end{description}
|
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2003-02-08 19:21:05 +01:00
|
|
|
\section{I18n/L10n}
|
|
|
|
\label{sec:i18nl10n}
|
|
|
|
|
2004-07-06 23:34:50 +02:00
|
|
|
All built-in modules support \texttt{xml:lang} attribute inside IQ queries.
|
2004-07-10 00:34:26 +02:00
|
|
|
E.\,g.\ on figure~\ref{fig:discorus} showed the reply on the following query:
|
2003-02-08 19:21:05 +01:00
|
|
|
\begin{verbatim}
|
2004-07-06 23:34:50 +02:00
|
|
|
<iq id='5'
|
|
|
|
to='e.localhost'
|
|
|
|
type='get'
|
|
|
|
xml:lang='ru'>
|
|
|
|
<query xmlns='http://jabber.org/protocol/disco#items'/>
|
|
|
|
</iq>
|
2003-02-08 19:21:05 +01:00
|
|
|
\end{verbatim}
|
|
|
|
|
|
|
|
\begin{figure}[htbp]
|
|
|
|
\centering
|
|
|
|
\insimg{discorus.png}
|
|
|
|
\caption{Discovery result when \texttt{xml:lang='ru'}}
|
|
|
|
\label{fig:discorus}
|
|
|
|
\end{figure}
|
2003-01-23 21:57:55 +01:00
|
|
|
|
2004-07-10 00:34:26 +02:00
|
|
|
Also web-interface supports \verb|Accept-Language| HTTP header (see
|
|
|
|
figure~\ref{fig:webadmmainru}, compare it with figure~\ref{fig:webadmmain})
|
|
|
|
|
|
|
|
\begin{figure}[htbp]
|
|
|
|
\centering
|
|
|
|
\insimg{webadmmainru.png}
|
|
|
|
\caption{Web-administration top page with HTTP header
|
|
|
|
``\verb|Accept-Language: ru|''}
|
|
|
|
\label{fig:webadmmainru}
|
|
|
|
\end{figure}
|
|
|
|
|
2003-01-23 21:57:55 +01:00
|
|
|
|
|
|
|
\end{document}
|