[HCoop-Help] Jabber using own domain

Michal michal at hcoop.net
Sun Apr 5 15:37:08 EDT 2009


I have now managed to get SSL working, and run it as a background daemon.

- SSL setup was all standard. I got my certificate from
http://xmpp.org/ca/ , so I don't get any warnings: I think their root
CA certificate is a standard one. (I wonder if the same certificate
could be used for https??)

- For the background daemon, I realised that the server actually uses
4 daemons. I'm not sure if this is pointless, but I ended up calling
run-in-pagsh for each one:

run-in-pagsh sm "/afs/hcoop.net/user/m/mi/michal/bin/sm -c
/afs/hcoop.net/user/m/mi/michal/etc/sm.xml" &
run-in-pagsh router "/afs/hcoop.net/user/m/mi/michal/bin/router -c
/afs/hcoop.net/user/m/mi/michal/etc/router.xml" &
run-in-pagsh s2s "/afs/hcoop.net/user/m/mi/michal/bin/s2s -c
/afs/hcoop.net/user/m/mi/michal/etc/s2s.xml" &
run-in-pagsh c2s "/afs/hcoop.net/user/m/mi/michal/bin/c2s -c
/afs/hcoop.net/user/m/mi/michal/etc/c2s.xml" &

Again, I'm not sure if this is pointless as there is a script that
comes with jabberd2 that starts the daemons, but according to
http://wiki.hcoop.net/RunningUnattendedCommandsWithoutRunInPagsh (even
though I am using run-in-pagsh) it appears that the actual daemon
process should be passed, and not a script that starts the daemon.

(Note that I also had to ensure the bin/lib/etc/log/ssl directories
that the daemons have to access all are set to allow michal.daemon to
read them).

On Fri, Apr 3, 2009 at 3:08 PM, Michal <michal at hcoop.net> wrote:
> Thanks for everyone's help! I have managed to get it working,
> including s2s connections, using non standard ports via the SRV
> record. Although I've not yet even tried to make it an unattended
> daemon, I just run it logging in via ssh. I also have not even tried
> anything SSL yet.
>
> For the record, (in case it will be helpful to others, or if I am
> doing something wrong) what I did:
>
> - In the domtool file for my domain, yetagain.net, I set the arbitrary
> ports 4321 for C2S and 4323 for S2S (NB: I'm not sure what TTL should
> be??)
>
> dom "yetagain.net" with
>  dns (dnsSRV (srv_literal "_xmpp-client._tcp") 0 0 4321
> "mire.hcoop.net") where TTL=600 end;
>  dns (dnsSRV (srv_literal "_xmpp-server._tcp") 0 0 4323
> "mire.hcoop.net") where TTL=600 end;
>  dns (dnsSRV (srv_literal "_jabber._tcp") 0 0 4323  "mire.hcoop.net")
> where TTL=600 end;
> end;
>
> - Compile/install the jabberd2 server in my home directory (I didn't
> know which server to choose, it was an arbitrary choice). To do this I
> also needed to compile udns, gsasl, and the latest openssl (I think
> the one installed on mire cause compilation errors).
>
> - Create a database using dbtool and the instructions at
> http://wiki.hcoop.net/MemberManual/Databases: I called it "jabber" (so
> in fact its full name is michal_jabber)
>
> - Follow the standard jabberd installation instructions, with a few amendments:
>
>  - Modify the sql script that creates the required tables. Comment
> out the line
>   CREATE DATABASE jabberd2;
>
>   And change the database name below:
>   USE michal_jabber;
>
>  - In the jabber config files c2s.xml, s2s.xml, sm.xml installed in
> my local etc directory, ensure that the sql server (mysql), sql user
> (michal in my case) sql password, and database name (michal_jabber in
> my case) are all set correctly. Also change the port settings for c2s
> and s2s to the same ones in the SRV record for the domain.
>
> That's it for the time being... now to try to get SSL to work and to
> make it a proper daemon...
>
> (I am very grateful by the way for all the work people must have put
> into all of the server-setup. Most servers don't even allow ssh
> access, let alone running own daemons)
>
> Michal.
>
> On Thu, Apr 2, 2009 at 9:25 PM, Adam Chlipala <adamc at hcoop.net> wrote:
>> Adam Chlipala wrote:
>>> In this file, you can see some examples of custom SRV records.
>>>     /afs/hcoop.net/user/m/me/megacz/.domtool
>>
>> Oops; add /megacz.com to the end of that.
>>
>> _______________________________________________
>> HCoop-Help mailing list
>> HCoop-Help at lists.hcoop.net
>> https://lists.hcoop.net/listinfo/hcoop-help
>>
>



More information about the HCoop-Help mailing list