Wednesday, November 27, 2013

Ejabberd13.10

Prepair the Ejabberd-Base Image

  • If you have already a Base-Image with security hardening and so on you can use this one to create the ejabberd-base
baseimageid=`aws --region us-west-2 ec2 describe-images  --owners self | grep -A 2 -i base-ami | grep -i imageid | cut -d '"' -f 4`
instance_size="t1.micro"
sshkeyname="myamazonkey"
securitygroup=`aws --region us-west-2 ec2 describe-security-groups | grep -A 3 -i ssh | grep -i groupid | cut -d '"' -f 4`
subnet=`aws --region us-west-2 ec2 describe-subnets | grep -i subnetid | head -n 1 | cut -d '"' -f 4`

aws ec2 --region us-west-2 run-instances --image-id $baseimageid --count 1 \
--key-name $sshkeyname --security-group-ids $securitygroup \
--instance-type $instance_size --subnet-id $subnet
  • when the instance is created you will get a instance-id, note it
instanceid="<insyance-id>"
name="<your-instance-name>"
allocid="<>"   #you can find free one with "aws --region us-west-2 ec2 describe-addresses" or create new one "aws --region us-west-2 ec2 allocate-address"

aws ec2 --region us-west-2 create-tags --resources $instanceid --tags Key=Name,Value=$name
aws ec2 --region us-west-2 associate-address --instance-id $instanceid --allocation-id $allocid
  • now we can ssh on it an start the base installation/configuration
  • First we need Erlang (you might want to look for the newest version http://www.erlang.org)
sudo apt-get update && sudo apt-get -y dist-upgrade && sudo reboot now
sudo apt-get install -y subversion gcc make libexpat1-dev zlib1g-dev libssl-dev libncurses5-dev fop openjdk-6-jdk unixodbc-dev g++ libwxbase2.8 libwxgtk2.8-dev libqt4-opengl-dev libgtk2.0-dev xsltproc git libyaml-dev libaio1
sudo su -
mkdir /usr/local/src/ejabberd && mkdir /usr/local/src/erlang
wget http://www.erlang.org/download/otp_src_R16B02.tar.gz -O - > /usr/local/src/erlang/otp_src_R16B02.tar.gz
cd /usr/local/src/erlang && gunzip -c otp_src_R16B02.tar.gz | tar xf -
cd otp_src_R16B02 && touch lib/wx/SKIP && ./configure && make && make install
  • Now everything is set to install Ejabberd-13.10
cd /usr/local/src/ejabberd/ && git clone git://github.com/rebar/rebar.git && cd rebar/
./bootstrap 
mv rebar /usr/local/bin/ && cp rebar.config /usr/local/bin/ && chmod +x /usr/local/bin/rebar && rebar -V
mv /home/peter/ejabberd-13.10.tgz /usr/local/src/ejabberd/ && cd /usr/local/src/ejabberd/
gunzip ejabberd-13.10.tgz && tar xf ejabberd-13.10.tar
groupadd -r ejabberd
useradd -g ejabberd -r ejabberd
cd ejabberd-13.10 && ./configure --enable-user=ejabberd --enable-odbc && make && make install
sed -i "s/home\/ejabberd/var\/lib\/ejabberd/g" /etc/passwd
cp /usr/local/src/ejabberd/ejabberd-13.10/ejabberd.init /etc/init.d/ejabberd && chmod +x /etc/init.d/ejabberd && update-rc.d ejabberd defaults
chmod 755 /sbin/ejabberdctl && chown -R ejabberd:root /var/lib/ejabberd && chmod 755 /var/lib/ejabberd
chown -R ejabberd:root /lib/ejabberd && chmod 755 /lib/ejabberd
chown ejabberd:ejabberd /var/lib/ejabberd/.erlang.cookie && chmod 400 /var/lib/ejabberd/.erlang.cookie
cd /usr/local/src/ejabberd && git clone https://github.com/processone/mysql && cd mysql
rebar compile && cp ebin/p1_mysql* /lib/ejabberd/ebin/
  • Here is what i used for the base configuration, you might want to change it and add additional tables to use mysql
sed -i '277 c\
odbc_type: mysql' /etc/ejabberd/ejabberd.yml && sed -i '278 c\
odbc_server: "localhost"' /etc/ejabberd/ejabberd.yml && sed -i '279 c\
odbc_database: "ejabberd"' /etc/ejabberd/ejabberd.yml && sed -i '280 c\
odbc_username: "ejabberd"' /etc/ejabberd/ejabberd.yml && sed -i '281 c\
odbc_password: "ejabberd"' /etc/ejabberd/ejabberd.yml && sed -i '204 c\
auth_method: odbc' /etc/ejabberd/ejabberd.yml && sed -i '183 c\
## auth_method: internal' /etc/ejabberd/ejabberd.yml && sed -i '62 c\
  - "chaatz.com"' /etc/ejabberd/ejabberd.yml && sed -i '525,534 c\
  mod_last:\
    db_type: odbc\
  mod_muc:\
    ## host: "conference.@HOST@"\
    access: muc\
    access_create: muc_create\
    access_persistent: muc_create\
    access_admin: muc_admin\
    max_users_admin_threshold: 100000\
    max_user_conferences: 100000\
    db_type: odbc\
  ## mod_muc_log: {}\
  mod_offline:\
    access_max_user_messages: max_user_offline_messages\
    db_type: odbc' /etc/ejabberd/ejabberd.yml && sed -i '512 c\
  mod_admin_extra: {}\
  mod_adhoc: {}' /etc/ejabberd/ejabberd.yml && sed -i '411 c\
    all: 3000 ' /etc/ejabberd/ejabberd.yml && sed -i '347,349 c\
  admin:\
    user:\
      - "admin": "domain.com"' /etc/ejabberd/ejabberd.yml && sed -i '338 c\
max_fsm_queue: 2000' /etc/ejabberd/ejabberd.yml && sed -i '332 c\
  fast: 100000' /etc/ejabberd/ejabberd.yml && sed -i '327 c\
  normal: 10000' /etc/ejabberd/ejabberd.yml
  • Lets create the new Base-Image for Ejabberd
aws --region us-west-2 ec2 create-image --instance-id $instanceid --name EJABBERD-BASE --no-reboot

[edit]Complete configuration after launching a Base-Image

echo "hostname.domain.com" > /etc/hostname && hostname -F /etc/hostname
echo "
# Ejabberd Localhost
"<you-ip>  <hostname.domainname.com>   <hostname>"
"127.0.1.1  <hostname.domainname.com>   <hostname>"
" >> /etc/hosts
echo "
# Ejabberd Node Config
INET_DIST_INTERFACE="<you-ip>"
" >> /etc/ejabberd/ejabberdctl.cfg

  • If you find how to DONT store passwords in plaintext in the database with 13.10 please tell me :)
Posted by at No comments:

Sunday, September 22, 2013

Ubuntu12.04: Ejabberd with mySql backend

Hi,

The easiest way is to use the binary installer, since the mysql modules are already come with it.
If you decide to install it from source or packet-manager you will have to compile them "yourself"

Sorry for my bad text format :(

From Source:

// lets define the hostname
$ sudo sh -c 'echo "node1.domain.com" > /etc/hostname'
$ sudo hostname -F /etc/hostname
$ sudo sh -c 'ifconfig | grep Bcast | cut -d ":" -f 2 | sed s/Bcast/node1.domain.com/g >> /etc/hosts'
// lets install some dependencies
$ sudo apt-get update && sudo apt-get -y dist-upgrade && sudo reboot now
$ sudo apt-get install erlang subversion gcc make libexpat1-dev mysql-client-core-5.5 zlib1g-dev libssl-dev
$ wget http://www.process-one.net/downloads/ejabberd/2.1.13/ejabberd-2.1.13.tgz
$ wget https://raw.github.com/peterromfeldhk/ejabberd/master/ejabberd.init
$ sudo mv ejabberd.init /etc/init.d/ejabberd
$ sudo chmod +x !$
// create db, im using aws rds
// you may want to restrict the grants more, i am new to ejabberd and dont know what the mods all need
$ mysql -uroot -h yourhost.db.com -p
> create database ejabberd;
> CREATE USER 'ejabberd'@'10.0.0.0/255.0.0.0' IDENTIFIED BY 'pwgen32';
> GRANT SELECT,INSERT,UPDATE,CREATE,INDEX,ALTER ON ejabberd.* TO 'ejabberd'@'10.0.0.0/255.0.0.0';
$ wget https://gist.github.com/jrbl/5783688/raw/d01641a1da0fee91c459909371241e0ec25155d8/ejabberd_setup.sql
$ mysql -uroot -h yourserver.db.com -ppwgen32 ejabberd < ejabberd_setup.sql
// create system-user for ejabberd
$ sudo groupadd -r ejabberd
$ sudo useradd -g ejabberd -r ejabberd
$ tar -xf ejabberd-2.1.13.tgz
$ cd ejabberd-2.1.13/src/
// configure with mysql, you can type --help for additional infos
# ./configure --enable-user=ejabberd --enable-odbc
# make
# make install
// we want ejabberd to start at boot
$ sudo vim /etc/passwd
:%s/home\/ejabberd/var\/lib\/ejabberd/g
$ sudo chgrp -R ejabberd /var/lib/ejabberd
$ sudo chgrp -R ejabberd /lib/ejabberd
$ sudo chown ejabberd:ejabberd /var/lib/ejabberd/.erlang.cookie
$ sudo chmod 400 !$
$ sudo chmod 755 /sbin/ejabberdctl
$ sudo update-rc.d ejabberd defaults
// basic ejabberd configuration with mysql
// you can also use sed or just change it manually, i like vim
$ sudo vim /etc/ejabberd/ejabberd.cfg
:%s/{hosts\,\ \[\"localhost\"\]}\./{hosts\,\ \[\"domain.com\"\]}\.
:%s/mod_last/mod_last_odbc/g|%s/mod_offline/mod_offline_odbc/g
:%s/mod_privacy/mod_privacy_odbc/g|%s/mod_private/mod_private_odbc/g
:%s/mod_pubsub/mod_pubsub_odbc/g|%s/mod_roster/mod_roster_odbc/g|%s/mod_vcard/mod_vcard_odbc/g
:%s/%%{auth_method, odbc}./{auth_method, odbc}./g
:%s/{auth_method, internal}./%%{auth_method, internal}./g
:%s/%%{odbc_server,\ {mysql,\ \"server\",\ \"database\",\ \"username\",\ \"password\"}}./{odbc_server,\ {mysql,\ \"yourserver.db.com\",\ \"ejabberd\",\ \"ejabberd\",\ \"pwgen32\"}}.
$ sudo sh -c "i=`ifconfig | grep Bcast | cut -d ":" -f 2 | sed s/Bcast//g | sed 's/\./\,/g'`; sed -i 's/INET_DIST_INTERFACE={127\.0\.0\.1}/INET_DIST_INTERFACE={$i}/g' /etc/ejabberd/ejabberdctl.cfg ; sed -i 's/\ \ }/}/g' /etc/ejabberd/ejabberdctl.cfg
$ sudo sh -c "echo 'ERLANG_NODE=ejabberd@node1.domain.com' >> /etc/ejabberd/ejabberdctl.cfg"
// lets get the erlang-mysql drivers
$ svn co https://svn.process-one.net/ejabberd-modules ejabberd-modules
$ cd ejabberd-modules/mysql/trunk
$ ./build.sh
$ sudo mv ebin/mysql* /lib/ejabberd/ebin/
// now we want no plain password
// download rebar for erlsha2
$ git clone git://github.com/rebar/rebar.git
$ cd rebar/
$ ./bootstrap
$ sudo mv rebar /usr/bin/
$ sudo cp rebar.config /usr/bin/
$ sudo chmod +x /usr/bin/rebar
$ rebar -V
// erlsha2
$ svn co https://github.com/vinoski/erlsha2 erlsha2
$ cd erlsha2/trunk/
$ rebar get-deps compile
$ cp ebin/*.beam /lib/ejabberd/ebin/
$ cp ebin/*.app /lib/ejabberd/ebin/
// get mysql-password-hashing
$ svn co https://github.com/peterromfeldhk/ejabberd passhash
$ cd passhash/mysql-password-hashing/
$ ./build.sh
$ sudo cp ebin/*.beam /lib/ejabberd/ebin/
$ sudo sed -i "s/%%{auth_password_format, scram}./{auth_password_format, scram}./g" /etc/ejabberd/ejabberd.cfg

 // now you can clean up, then reboot and test if everything works
// if you have problems, you should change debug to 5 in ejabberd.cfg and check your logs :)


For clustering you can take a look here:
easy-ejabberd-clustering-guide-mnesia-mysql
he also provides a link at bottom for master-master cluster

Hope it helps someone, enjoy ;) 

Posted by at 6 comments:
Labels: , ,
Subscribe to: Posts (Atom)