Installation d'Ejabberd sur CentOS

Ejabberd est un serveur xmpp (jabber) robuste, écrit en erlang. Ce how-to décrit l'installation sur une CentOS

Suivre ce how-to pour l'installation de base

Suivre ce how-to pour configurer les dépôts tiers

Le dépôt EPEL propose un paquet pour Ejabberd

yum --enablerepo=epel install ejabberd

On peut aussi installer le serveur mysql pour le stockage des données

yum install mysql-server

Ainsi que les modules supplémentaires pour Ejabberd (intégrant entre autre le driver mysql natif)

yum --enablerepo=fws-testing install ejabberd-modules

Le fichier de configuration principal d'Ejabberd est /etc/ejabberd/ejabberd.cfg La syntaxe est en erlang

Voici un exemple:

% Users that have admin access.  Add line like one of the following after you
% will be successfully registered on server to get admin access:
{acl, admin, {user, "admin"}}.
% {acl, admin, {user, "user1"}}.
 
% Everybody can create pubsub nodes
{access, pubsub_createnode, [{allow, all}]}.
 
 
% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.
 
% Every username can be registered via in-band registration:
% You could replace {allow, all} with {deny, all} to prevent user from using
% in-band registration
{access, register, [{deny,all}]}.
 
 
% Only admins can send announcement messages :
{access, announce, [{allow, admin}]}.
% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
               {allow, all}]}.
 
% Set shaper with name "normal" to limit traffic speed to 1000B/s
{shaper, normal, {maxrate, 1000}}.
 
% Set shaper with name "fast" to limit traffic speed to 50000B/s
{shaper, fast, {maxrate, 50000}}.
 
% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
                      {normal, all}]}.
 
% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.
 
% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.
 
% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.
{access, muc_log, [{allow, admin}, {deny, all}]}.
 
 
% Allow access only for local users:
{access, local, [{allow, local}]}.
 
% Auth MySQL
{auth_method, odbc}.
 
% mysql database access, with native mysql driver
{odbc_server, {mysql, "localhost", "ejabberd", "ejabberd", "secret"}}.
 
% Host name:
{hosts, ["domain.tld"]}.
 
 
%% Define the maximum number of time a single user is allowed to connect:
{max_user_sessions, 10}.
 
% Default language for server messages
{language, "fr"}.
 
% Listened ports:
{listen, [
       % Standard port 5222 with TLS support (and required)
       {5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper}, starttls_required, {certfile, "/etc/ejabberd/ejabberd.pem"}]},
       % Deprecated SSL port on 5223
       {5223, ejabberd_c2s,     [{access, c2s}, tls, {certfile, "/etc/ejabberd/ejabberd.pem"}]}
 
       % Uncomment this line to allow s2s connections:
       % ,{5269, ejabberd_s2s_in,  [{shaper, s2s_shaper}, {max_stanza_size, 131072}]}
 
       % Example of transport configuration
       % ,{5347, ejabberd_service, [{host, "msn.domain.tld",
       %         [{password, "secret"}]}]}
]}.
 
% If SRV lookup fails, then port 5269 is used to communicate with remote server
% Uncomment this line to allow s2s connections
% {outgoing_s2s_port, 5269}.
 
% Modules
{modules,
 [  
%  {mod_register,   [{access, register}]},
  {mod_roster_odbc,     []},
  {mod_privacy_odbc,    []},
  {mod_adhoc,      []},
  {mod_configure,  []}, % Depends on mod_adhoc
  {mod_configure2, []},
  {mod_disco,      []},
  {mod_stats,      []},
  {mod_vcard_ldap,
   [
    {ldap_base, "ou=Users,$base"},
    {ldap_filter, "(objectClass=inetOrgPerson)"},
    {ldap_vcard_map,
    %% vcard patterns
     [{"NICKNAME", "%u", []}, % just use user's part of JID as his nickname
      {"GIVEN", "%s", ["givenName"]},
      {"FAMILY", "%s", ["sn"]},
      {"FN", "%s, %s", ["sn", "givenName"]}, % example: "Smith, John"
      {"EMAIL", "%s", ["mail"]},
      {"BDAY", "%s", ["birthDay"]},
      {"ORGNAME", "%s", ["o"]},
      {"ORGUNIT", "%s", ["ou"]},
      {"LOCALITY", "%s", ["l"]},
      {"STREET", "%s", ["Street"]},
      {"TEL", "%s", ["Phone"]}
     ]},
    %% Search form
    {ldap_search_fields,
     [{"User", "%u"},
      {"Name", "givenName"},
      {"Family Name", "sn"},
      {"Email", "mail"}]},
    %% vCard fields to be reported
    %% Note that JID is always returned with search results
    {ldap_search_reported,
     [{"Full Name", "FN"},
      {"Nickname", "NICKNAME"}]}
  ]},
%  {mod_vcard_odbc, []},
  {mod_caps,       []},
  {mod_offline_odbc,    []},
  {mod_announce,   [{access, announce}]}, % Depends on mod_adhoc
  {mod_private_odbc,    []},
  {mod_irc,        []},
% Default options for mod_muc:
%   host: "conference." ++ ?MYNAME
%   access: all
%   access_create: all
%   access_admin: none (only room creator has owner privileges)
  {mod_muc,        [{access, muc}, {access_create, muc}, {access_admin, muc_admin}]},
  {mod_muc_log,    []},
  {mod_shared_roster, []},
  {mod_pubsub,     [
    {access_createnode, pubsub_createnode},
    {plugins, ["flat", "hometree", "pep"]}
  ]},
  {mod_time,       []},
  {mod_last_odbc,       []},
%  {mod_xmlrpc,[{port, 4560},{timeout, 5000}]},
  {mod_version,    []},
  {mod_admin_extra,    []},
  {mod_echo,       [{host, "echo.lapiole.org"}]}
 ]}.
 
%%% Local Variables:
%%% mode: erlang
%%% End: