Setting up XMPP server on Mageia
As with VPN, It had been my intention for quite some time to setup a chat server on a Linux box. I first encountered chat using talk and ytalk way back on UNIX systems. Anyone remember those? It seemed to me a wonderful invention. Once SIP came along, the modern chat systems on the Internet became far more capable. I thought Google Wave was a terrific invention but it went nowhere. I especially loved the federated model proposed by it. So for a while now, I had been toying with the idea of setting up a XMPP chat server. Mostly this would be for Intranet use (for transferring files between computers in a local college and for A/V chats without going over expensive Internet). The thought of installing and configuring ejabberd or other heavyweight solutions made me pause and plus there was no urgent need of the college community for this software. So I never got around to it.
After the NSA's PRISM revelations, it has became apparent how vulnerable data is when it is not hosted by you. This did not deter me from using traditional services like Skype but it did re-invoke my interest in hosting my own federated chat setup. Coincidentally, on the 13th July 2013 episode of the Linux Action Show , the hosts discussed an easy to install XMPP server Prosody . So I decided to spend a couple of hours and see if this worked. Turned out, it works great!
Three separate actions need to be performed.
- Install prosody software and configure it.
- Configure firewall to accept packets on XMPP ports.
- Add new DNS SRV records to redirect XMPP traffic to the appropriate Linux box.
Installing and configuring prosody
The installation process on Mageia 2.0 is painless. Three commands and you are done.
su - urpmi prosody urpmi lua-filesystemIf you want to use the XMPP server only on the local LAN for a few folks, you can skip most of the following.
For those who want to set this up for a domain, continue reading. Create a backup and then edit /etc/prosody/prosody.cfg.lua. There is already a section for an imaginary domain called example.com. Change that to reflect your domain (I will use mageiafan.com here). Enable XMPP server for this domain.
Host "mageiafan.com"
key = "/etc/prosody/certs/mageiafan.com.key";
certificate = "/etc/prosody/certs/mageiafan.com.crt"
enabled = "true"
Component "conference.mageiafan.com" "muc"
admins = { "admin@mageiafan.com" }
Next you need to create the key and the certificate for this
server.
cd /etc/prosody/certs/ cp openssl.cnf mageiafan.com.cnf vi mageiafan.com.cnfNow this file needs to be edited to reflect your domain. So, %s/example.com/mageiafan.com/g in vim will change all occurrences of example.com to your domain. Additionally, you need to change commonName, countryName, localityName, organizationName, organizationalUnitName and emailAddress. Now run the makefile to generate the self-signed key and the certificate.
make mageiafan.com.cnf make mageiafan.com.key make mageiafan.com.certIf you choose to generate the .csr file, you can then get it signed by a CA..
Finally, we add a user and then start the server.
prosodyctl adduser adam@mageiafan.com service prosody start
One Prosody instance can run more than one domain's XMPP server. Check the documentation.
Configuring the firewalls for XMPP
This is fairly straightforward. From the command line, run
Configuring the DNS entries
In order to enable XMPP users from different domains (e.g. gmail.com) to talk to your XMPP server, new SRV records need to be added to the DNS zone. Three records need to be added as follows:
# service protocol host priority weight port target ttl _xmpp-server tcp @ 0 0 5269 chatserver.mageiafan.com 14400 _xmpp-client tcp @ 0 0 5222 chatserver.mageiafan.com 14400 _jabber tcp @ 0 0 5269 chatserver.mageiafan.com 14400And you are done! Go and install Jitsi (Win/Mac/Linux) or Xabber (Android) or ChatSecure (iOS). Have fun chatting!