…
|
||
---|---|---|
.. | ||
DESCR | ||
ejabberd.rc | ||
PLIST | ||
README |
$OpenBSD: README,v 1.8 2015/01/24 10:27:46 zhuk Exp $ +----------------------------------------------------------------------- | Running ${FULLPKGNAME} on OpenBSD +----------------------------------------------------------------------- * Migration When moving database between machines, or upgrading from 1.1.x to 2.x.x version you will need to follow the instructions available at http://www.ejabberd.im/migrate-host Node name is by default set to ejabberd@`hostname -s` * Configuration * DNS SRV records for your server can make your life easier. Example records: _jabber._tcp.example.org. SRV 5 0 5269 host.example.org. _xmpp-server._tcp.example.org. SRV 5 0 5269 host.example.org. _xmpp-client._tcp.example.org. SRV 5 0 5222 host.example.org. * Configuration file Set up the hostnames served by the server: {hosts, ["example.net", "example.com", "example.org"]}. Add administrative user {acl, admin, {user, "ermine", "example.org"}}. If you want to disallow in-band registration of users: {access, register, [{deny, all}]}. Users to get notifications about created new accounts: {registration_watchers, ["admin1@example.org"]}, * Administration Control is done using ${TRUEPREFIX}/sbin/ejabberdctl. Run it without arguments for list of possible commands and flags. It needs to be executed as either root or _ejabberd user. Another possibility, giving you more options, is the web interface, available at http://your.server:5280/admin/. First, you need to create a user in the "admin" ACL group. Then you can use his full JID and account password to log in. * Using SSL The sample configuration enables SSL by default. You just need to generate the keys. Note that you should enter your domain name as the Common Name for your certificate. # openssl req -new -nodes -x509 -newkey rsa:4096 -days 365 \ -keyout ${SYSCONFDIR}/ejabberd/myserver.pem \ -out ${SYSCONFDIR}/ejabberd/myserver.pem # chown root:_ejabberd ${SYSCONFDIR}/ejabberd/myserver.pem # chmod 640 ${SYSCONFDIR}/ejabberd/myserver.pem To disable SSL comment out (prepend with %%) lines containing 'certfile' and the whole block pertaining to port 5223 * Hostname resolving As Erlang is rather picky when it comes to resolving the hostname of the Jabber server. It requires the machine's shortname to be resolveable to the local address. A line such as the following for /etc/hosts suffices (make sure my_hostname matches the output of `hostname -s`): 127.0.0.1 my_hostname * Epmd Epmd is a small name server used by Erlang programs when establishing distributed Erlang communications. ejabberd needs epmd to use ejabberdctl and also when clustering ejabberd nodes. If ejabberd is stopped, and there aren't any other Erlang programs running in the system, you can safely stop epmd if you want, using this command: epmd -kill It is strongly recommended to block the port 4369 in the firewall for external connections. epmd listens in this port, and usually epmd is not needed from outside the machine.