Hits : 1965

prosody


This page is reserved for prosody im


Contents


USER/GROUP


prosody can and must run without root privileges, so create a new user


# groupadd prosody
# useradd prosody -g prosody


Download


Download the below files from the prosody's download area:


wget -c http://prosody.im/downloads/source/prosody-0.9.6.tar.gz
wget -c http://prosody.im/downloads/source/prosody-0.9.6.tar.gz.asc

The two files are the source code of the prosody and the digital signature of the package.

Verify


Why this step is necessary ?


It is necessary cause with this step you can verify the integrity of the source code and that nobody has manipulate the files on the download area:


[~]# gpg -v --verify prosody-0.9.6.tar.gz.asc prosody-0.9.6.tar.gz
Version: GnuPG v1
gpg: armor header: 
gpg: Signature made Wed 15 Oct 2014 12:33:42 PM EEST using RSA key ID 7BDD6BFE
gpg: Can't check signature: No public key


No public key found !


quick searching through pgp.mit.edu we can find the public key of Mathew Wild


https://pgp.mit.edu/pks/lookup?search=0x7BDD6BFE


Download his public key from pgp.mit.edu:


[~]# gpg --recv-keys 0x7BDD6BFE --key-server pgp.mit.edu
gpg: "--key-server" not a key ID: skipping
gpg: "pgp.mit.edu" not a key ID: skipping
gpg: requesting key 7BDD6BFE from hkp server keys.gnupg.net
gpg: key 7BDD6BFE: public key "Matthew Wild <me@matthewwild.co.uk>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)


Now we can verify the source code of prosody:


[~]# gpg -v --verify prosody-0.9.6.tar.gz.asc prosody-0.9.6.tar.gz
Version: GnuPG v1
gpg: armor header: 
gpg: Signature made Wed 15 Oct 2014 12:33:42 PM EEST using RSA key ID 7BDD6BFE
gpg: using PGP trust model
gpg: Good signature from "Matthew Wild <me@matthewwild.co.uk>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 32A9 EDDE 3609 931E B98C  EAC3 1590 7E8E 7BDD 6BFE
gpg: binary signature, digest algorithm SHA1


We need the "Good signature " message to verify the source code


Build


> tar xf prosody-0.9.6.tar.gz
> cd prosody-0.9.6

> ./configure --prefix=/usr --sysconfdir=/home/prosody/etc/prosody/ --datadir=/home/prosody/var/lib/prosody 
> make
> su -
# make install

# chown -R prosody:prosody ~prosody

Conf


The configuration file is based on lua format .
There are two sections:


  1. Global Settings
  2. Site Settings

Everything you need to conf/setup must be before any virtualhost directive.


You should read this file: prosody.cfg.lua.dist


take a look on my conf


admins = { "ADMIN@FOUFOUTOS.GR" }
 
modules_enabled = {
        — Generally required
                "saslauth"; — Authentication for clients and servers. Recommended if you want to log in.
                "tls"; — Add support for secure TLS on c2s/s2s connections
                "dialback"; — s2s dialback support
                "disco"; — Service discovery
        — Not essential, but recommended
                --"compression"; — Stream compression
        — Nice to have
                "version"; — Replies to server version requests
        — Other specific functionality
                "posix"; — POSIX functionality, sends server to background, enables syslog, etc.
};
 
allow_registration = false;
 
— global SSL  
ssl = {
        key = "/www/certs/PRIVATE.key";
        certificate = "/www/certs/PUPLIC_CERT.pem";
}
authentication = "internal_plain"
authentication = "internal_hashed"
 
log = {
        info = "/home/prosody/var/log/prosody.log"; — Change 'info' to 'debug' for verbose logging
        error = "/home/prosody/var/log/prosody.err";
        — "*syslog"; — Uncomment this for logging to syslog
        — "*console"; — Log to the console, useful for debugging with daemonize=false
}
 
— posix module
pidfile = "/home/prosody/var/run/prosody.pid"
— daemonize = false
 
VirtualHost "FOUFOUTOS.GR"

values you should change are in CAPITALS


START/STOP


# su - prosody
> prosodyctl start

ADD/REMOVE JID 


> prosodyctl adduser ADMIN@FOUFOUTOS.GR
Enter new password:
Retype new password:


> prosodyctl deluser ADMIN@FOUFOUTOS.gr


gtalk


if you are using google apps,
you have to login to domain dashboard
and remove your Talk service from your users.

DNS 


on your domain:


xmpp                IN    A    1.2.3.4 

_xmpp-client._tcp       IN SRV 0 5 5222 xmpp.FOUFOUTOS.gr
_xmpp-server._tcp       IN SRV 0 5 5269 xmpp.FOUFOUTOS.gr