[HCoop-Help] Jabber using own domain

Michal michal at hcoop.net
Thu Apr 9 08:40:29 EDT 2009 

As recommended in another thread, I now don't use the run-in-pagsh
script. Just for reference: I also now have made a small script to
load the daemons:

#!/bin/bash
KEY="/etc/keytabs/user.daemon/michal"
BIN_DIR="/afs/hcoop.net/user/m/mi/michal/bin"
CFG_DIR="/afs/hcoop.net/user/m/mi/michal/etc"
COMMAND="k5start -bqtUf"

function load {
  $COMMAND $KEY -- nice $BIN_DIR/$1 -c $CFG_DIR/$2
}

load "sm" "sm.xml"
load "router" "router.xml"
load "s2s" "s2s.xml"
load "c2s" "c2s.xml"

On Sun, Apr 5, 2009 at 8:37 PM, Michal <michal at hcoop.net> wrote:
> I have now managed to get SSL working, and run it as a background daemon.
>
> - SSL setup was all standard. I got my certificate from
> http://xmpp.org/ca/ , so I don't get any warnings: I think their root
> CA certificate is a standard one. (I wonder if the same certificate
> could be used for https??)
>
> - For the background daemon, I realised that the server actually uses
> 4 daemons. I'm not sure if this is pointless, but I ended up calling
> run-in-pagsh for each one:
>
> run-in-pagsh sm "/afs/hcoop.net/user/m/mi/michal/bin/sm -c
> /afs/hcoop.net/user/m/mi/michal/etc/sm.xml" &
> run-in-pagsh router "/afs/hcoop.net/user/m/mi/michal/bin/router -c
> /afs/hcoop.net/user/m/mi/michal/etc/router.xml" &
> run-in-pagsh s2s "/afs/hcoop.net/user/m/mi/michal/bin/s2s -c
> /afs/hcoop.net/user/m/mi/michal/etc/s2s.xml" &
> run-in-pagsh c2s "/afs/hcoop.net/user/m/mi/michal/bin/c2s -c
> /afs/hcoop.net/user/m/mi/michal/etc/c2s.xml" &
>
> Again, I'm not sure if this is pointless as there is a script that
> comes with jabberd2 that starts the daemons, but according to
> http://wiki.hcoop.net/RunningUnattendedCommandsWithoutRunInPagsh (even
> though I am using run-in-pagsh) it appears that the actual daemon
> process should be passed, and not a script that starts the daemon.
>
> (Note that I also had to ensure the bin/lib/etc/log/ssl directories
> that the daemons have to access all are set to allow michal.daemon to
> read them).
>
> On Fri, Apr 3, 2009 at 3:08 PM, Michal <michal at hcoop.net> wrote:
>> Thanks for everyone's help! I have managed to get it working,
>> including s2s connections, using non standard ports via the SRV
>> record. Although I've not yet even tried to make it an unattended
>> daemon, I just run it logging in via ssh. I also have not even tried
>> anything SSL yet.
>>
>> For the record, (in case it will be helpful to others, or if I am
>> doing something wrong) what I did:
>>
>> - In the domtool file for my domain, yetagain.net, I set the arbitrary
>> ports 4321 for C2S and 4323 for S2S (NB: I'm not sure what TTL should
>> be??)
>>
>> dom "yetagain.net" with
>>  dns (dnsSRV (srv_literal "_xmpp-client._tcp") 0 0 4321
>> "mire.hcoop.net") where TTL=600 end;
>>  dns (dnsSRV (srv_literal "_xmpp-server._tcp") 0 0 4323
>> "mire.hcoop.net") where TTL=600 end;
>>  dns (dnsSRV (srv_literal "_jabber._tcp") 0 0 4323  "mire.hcoop.net")
>> where TTL=600 end;
>> end;
>>
>> - Compile/install the jabberd2 server in my home directory (I didn't
>> know which server to choose, it was an arbitrary choice). To do this I
>> also needed to compile udns, gsasl, and the latest openssl (I think
>> the one installed on mire cause compilation errors).
>>
>> - Create a database using dbtool and the instructions at
>> http://wiki.hcoop.net/MemberManual/Databases: I called it "jabber" (so
>> in fact its full name is michal_jabber)
>>
>> - Follow the standard jabberd installation instructions, with a few amendments:
>>
>>  - Modify the sql script that creates the required tables. Comment
>> out the line
>>   CREATE DATABASE jabberd2;
>>
>>   And change the database name below:
>>   USE michal_jabber;
>>
>>  - In the jabber config files c2s.xml, s2s.xml, sm.xml installed in
>> my local etc directory, ensure that the sql server (mysql), sql user
>> (michal in my case) sql password, and database name (michal_jabber in
>> my case) are all set correctly. Also change the port settings for c2s
>> and s2s to the same ones in the SRV record for the domain.
>>
>> That's it for the time being... now to try to get SSL to work and to
>> make it a proper daemon...
>>
>> (I am very grateful by the way for all the work people must have put
>> into all of the server-setup. Most servers don't even allow ssh
>> access, let alone running own daemons)
>>
>> Michal.
>>
>> On Thu, Apr 2, 2009 at 9:25 PM, Adam Chlipala <adamc at hcoop.net> wrote:
>>> Adam Chlipala wrote:
>>>> In this file, you can see some examples of custom SRV records.
>>>>     /afs/hcoop.net/user/m/me/megacz/.domtool
>>>
>>> Oops; add /megacz.com to the end of that.
>>>
>>> _______________________________________________
>>> HCoop-Help mailing list
>>> HCoop-Help at lists.hcoop.net
>>> https://lists.hcoop.net/listinfo/hcoop-help
>>>
>>
>

More information about the HCoop-Help mailing list