Différences
Ci-dessous, les différences entre deux révisions de la page.
tuto:linux_divers:installer_ejabberd_sur_centos [25/01/2011 11:34] dani [Configuration de de base] |
tuto:linux_divers:installer_ejabberd_sur_centos [05/09/2013 17:19] |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
- | ====== Installation d' | ||
- | |||
- | Ejabberd est un serveur xmpp (jabber) robuste, écrit en erlang. Ce how-to décrit l' | ||
- | |||
- | ===== Installation d'une CentOS de base ===== | ||
- | |||
- | Suivre ce [[base_install_cos5|how-to]] pour l' | ||
- | |||
- | ===== Configuration des dépôts tiers ===== | ||
- | |||
- | Suivre ce [[extras_repo|how-to]] pour configurer les dépôts tiers | ||
- | |||
- | ===== Installer Ejabberd ===== | ||
- | |||
- | Le dépôt EPEL propose un paquet pour Ejabberd | ||
- | |||
- | <code bash> | ||
- | yum --enablerepo=epel install ejabberd | ||
- | </ | ||
- | |||
- | On peut aussi installer le serveur mysql pour le stockage des données | ||
- | <code bash> | ||
- | yum install mysql-server | ||
- | </ | ||
- | |||
- | Ainsi que les modules supplémentaires pour Ejabberd (intégrant entre autre le driver mysql natif) | ||
- | <code bash> | ||
- | yum --enablerepo=fws-testing install ejabberd-modules | ||
- | </ | ||
- | |||
- | ===== Préparations ===== | ||
- | Par soucis de performance, | ||
- | |||
- | ==== Configuration de mysqld ==== | ||
- | |||
- | Ejabberd a besoin du moteur InnoDB, il faut donc l' | ||
- | |||
- | Voici un exemple de configuration my.cnf (à ajuster en fonction des besoins) | ||
- | <code bash> | ||
- | cp -a /etc/my.cnf / | ||
- | echo '' | ||
- | vim /etc/my.cnf | ||
- | </ | ||
- | |||
- | Puis y placer les ligne suivantes: | ||
- | < | ||
- | [mysqld] | ||
- | pid-file=/ | ||
- | basedir=/ | ||
- | datadir=/ | ||
- | innodb_data_home_dir = / | ||
- | innodb_data_file_path = ibdata1: | ||
- | innodb_log_group_home_dir = / | ||
- | innodb_log_arch_dir = / | ||
- | innodb_buffer_pool_size = 16M | ||
- | innodb_additional_mem_pool_size = 2M | ||
- | innodb_log_file_size = 5M | ||
- | innodb_log_buffer_size = 8M | ||
- | innodb_flush_log_at_trx_commit = 1 | ||
- | innodb_lock_wait_timeout = 50 | ||
- | innodb_file_per_table | ||
- | |||
- | socket=/ | ||
- | # networking is enabled | ||
- | log-error=/ | ||
- | max_allowed_packet=16M | ||
- | user=mysql | ||
- | |||
- | [mysqld_safe] | ||
- | |||
- | |||
- | </ | ||
- | |||
- | ==== Création d'un mot de passe root (mysql) ==== | ||
- | |||
- | <code bash> | ||
- | / | ||
- | chmod 600 ~/.my.pw | ||
- | / | ||
- | echo ' | ||
- | echo " | ||
- | </ | ||
- | |||
- | ==== Création d'une base de donnée pour Ejabberd ==== | ||
- | |||
- | <code bash> | ||
- | / | ||
- | chmod 600 / | ||
- | mysql -e ' | ||
- | mysql -e "grant all privileges on ejabberd.* to ' | ||
- | mysql -e 'flush privileges' | ||
- | </ | ||
- | |||
- | ==== Importation du schéma pour Ejabberd ==== | ||
- | |||
- | <code bash> | ||
- | mysql ejabberd < / | ||
- | </ | ||
- | |||
- | ===== Configuration de de base ===== | ||
- | Le fichier de configuration d' | ||
- | La syntaxe est en erlang | ||
- | |||
- | Voici un exemple: | ||
- | |||
- | <code erlang> | ||
- | |||
- | % Users that have admin access. | ||
- | % will be successfully registered on server to get admin access: | ||
- | {acl, admin, {user, " | ||
- | % {acl, admin, {user, " | ||
- | |||
- | % Local users: | ||
- | {acl, local, {user_regexp, | ||
- | |||
- | % Blocked users: | ||
- | %{acl, blocked, {user, " | ||
- | |||
- | % Everybody can create pubsub nodes | ||
- | {access, pubsub_createnode, | ||
- | |||
- | |||
- | % Only admins can use configuration interface: | ||
- | {access, configure, [{allow, admin}]}. | ||
- | |||
- | % Registration is disabled | ||
- | {access, register, [{deny, | ||
- | |||
- | % Only admins can send announcement messages : | ||
- | {access, announce, [{allow, admin}]}. | ||
- | |||
- | % Only non-blocked users can use c2s connections: | ||
- | {access, c2s, [{deny, blocked}, | ||
- | | ||
- | |||
- | % Set shaper with name " | ||
- | {shaper, normal, {maxrate, 1000}}. | ||
- | |||
- | % Set shaper with name " | ||
- | {shaper, fast, {maxrate, 50000}}. | ||
- | |||
- | % For all users except admins used " | ||
- | {access, c2s_shaper, [{none, admin}, | ||
- | {normal, all}]}. | ||
- | |||
- | % For all S2S connections used " | ||
- | {access, s2s_shaper, [{fast, all}]}. | ||
- | |||
- | % Admins of this server are also admins of MUC service: | ||
- | {access, muc_admin, [{allow, admin}]}. | ||
- | |||
- | % All users are allowed to use MUC service: | ||
- | {access, muc, [{allow, all}]}. | ||
- | {access, muc_log, [{allow, admin}, {deny, all}]}. | ||
- | |||
- | |||
- | % Allow access only for local users: | ||
- | {access, local, [{allow, local}]}. | ||
- | |||
- | |||
- | %% Being Acls for MSN users | ||
- | |||
- | % This example will deny communication with MSN users, except | ||
- | % The ones listed in good_msn_users | ||
- | |||
- | % Requires mod_filter | ||
- | |||
- | {acl, good_msn_users, | ||
- | {acl, good_msn_users, | ||
- | {acl, good_msn_users, | ||
- | {acl, msn_users, {server_glob, | ||
- | |||
- | {access, mod_filter, [{allow, all}]}. | ||
- | {access, mod_filter_presence, | ||
- | {access, mod_filter_message, | ||
- | {access, mod_filter_iq, | ||
- | |||
- | {access, mod_filter, [ | ||
- | % Filter incoming messages; allow only good messages | ||
- | {allow, good_msn_users}, | ||
- | {deny, msn_users}, | ||
- | % Filter the rest, including outgoing messages | ||
- | {filter_msn, | ||
- | ]}. | ||
- | |||
- | {access, filter_msn, [ | ||
- | % Users can send messages to good MSN users | ||
- | {allow, good_msn_users}, | ||
- | % but not to other MSN users | ||
- | {deny, msn_users}, | ||
- | % All non-MSN traffic is allowed | ||
- | {allow, all} | ||
- | ]}. | ||
- | |||
- | %% End filter example | ||
- | |||
- | % Auth MySQL | ||
- | {auth_method, | ||
- | |||
- | % mysql database access, with native mysql driver | ||
- | {odbc_server, | ||
- | |||
- | % Host name: | ||
- | {hosts, [" | ||
- | |||
- | |||
- | %% Define the maximum number of time a single user is allowed to connect: | ||
- | {max_user_sessions, | ||
- | |||
- | % Default language for server messages | ||
- | {language, " | ||
- | |||
- | % Listened ports: | ||
- | {listen, [ | ||
- | % Standard port 5222 with TLS support (and required) | ||
- | | ||
- | % Deprecated SSL port on 5223 | ||
- | | ||
- | |||
- | % Uncomment this line to allow s2s connections: | ||
- | % ,{5269, ejabberd_s2s_in, | ||
- | |||
- | % Example of transport configuration | ||
- | % ,{5347, ejabberd_service, | ||
- | | ||
- | ]}. | ||
- | |||
- | % If SRV lookup fails, then port 5269 is used to communicate with remote server | ||
- | % Uncomment this line to allow s2s connections | ||
- | % {outgoing_s2s_port, | ||
- | |||
- | % Modules | ||
- | {modules, | ||
- | | ||
- | % {mod_register, | ||
- | {mod_roster_odbc, | ||
- | {mod_privacy_odbc, | ||
- | {mod_adhoc, | ||
- | {mod_configure, | ||
- | {mod_configure2, | ||
- | {mod_disco, | ||
- | {mod_stats, | ||
- | {mod_vcard_odbc, | ||
- | %% if you prefer ldap based vcard service, use the following | ||
- | %% adapt it to your needs | ||
- | % {mod_vcard_ldap, | ||
- | % [ | ||
- | % {ldap_base, " | ||
- | % {ldap_filter, | ||
- | % {ldap_vcard_map, | ||
- | %% vcard patterns | ||
- | % | ||
- | % {" | ||
- | % {" | ||
- | % {" | ||
- | % {" | ||
- | % {" | ||
- | % {" | ||
- | % {" | ||
- | % {" | ||
- | % {" | ||
- | % {" | ||
- | % ]}, | ||
- | % %% Search form | ||
- | % {ldap_search_fields, | ||
- | % | ||
- | % {" | ||
- | % {" | ||
- | % {" | ||
- | % %% vCard fields to be reported | ||
- | % %% Note that JID is always returned with search results | ||
- | % {ldap_search_reported, | ||
- | % | ||
- | % {" | ||
- | % ]}, | ||
- | % {mod_vcard_odbc, | ||
- | {mod_caps, | ||
- | {mod_offline_odbc, | ||
- | {mod_announce, | ||
- | {mod_private_odbc, | ||
- | {mod_irc, | ||
- | % Default options for mod_muc: | ||
- | % host: " | ||
- | % | ||
- | % | ||
- | % | ||
- | {mod_muc, | ||
- | {mod_muc_log, | ||
- | {mod_shared_roster, | ||
- | {mod_pubsub, | ||
- | {access_createnode, | ||
- | {plugins, [" | ||
- | ]}, | ||
- | {mod_time, | ||
- | {mod_last_odbc, | ||
- | % {mod_xmlrpc, | ||
- | {mod_version, | ||
- | {mod_admin_extra, | ||
- | % {mod_archive_odbc, | ||
- | % {default_auto_save, | ||
- | % {enforce_default_auto_save, | ||
- | % {default_expire, | ||
- | % {enforce_min_expire, | ||
- | % {enforce_max_expire, | ||
- | % {replication_expire, | ||
- | % {session_duration, | ||
- | % {wipeout_interval, | ||
- | % {mod_log_chat, | ||
- | |||
- | |||
- | {mod_echo, | ||
- | ]}. | ||
- | |||
- | %%% Local Variables: | ||
- | %%% mode: erlang | ||
- | %%% End: | ||
- | |||
- | </ | ||
- | |||
- | On remplace maintenant par le mot de passe mysql pour ejabberd: | ||
- | <code bash> | ||
- | export PASS=$(cat / | ||
- | sed -i -e " | ||
- | unset PASS | ||
- | </ | ||
- | |||