|My new JID, or how to run DJabberd on Debian
||[May. 14th, 2006|11:48 am]
Now that s2s is secure and memory leaks are fixed, I'm now running djabberd on my personal server/domain.
My new canonical instant messaging JID is now email@example.com . Chat me up. (if you're using something which uses Jabber for IM interop, which includes Google Talk and I think Gizmo too....)
If you want to run this yourself on Debian, here's a short guide:
$ wget http://danga.com/debs/libdanga-socket-perl_1.51-1_all.deb
$ wget http://danga.com/debs/libsys-syscall-perl_0.1-1_all.deb
$ sudo dpkg -i libsys*.deb libdanga*.deb
$ sudo apt-get install openssl libdbd-sqlite3-perl \
libnet-ssleay-perl libnet-dns-perl libdigest-sha1-perl \
libxml-sax-perl libxml-libxml-perl liblog-log4perl-perl
$ svn co http://code.sixapart.com/svn/djabberd/trunk/ djabberd
$ cd djabberd
$ openssl req -x509 -newkey rsa:1024 -keyout server-key.pem \
-out server-cert.pem -days 365 -nodes
$ htdigest -c djabberd.users djabberd [your-username-without-at-sign](enter password twice)
Make a conf file. mine is:
$ cat fitzpat.conf
</VHost>Then run it:
$ ./djabberd --conf=fitzpat.conf
Or daemonize it with --daemon|-d.
2006-05-14 08:05 pm (UTC)
Zoiks. Can't wait until tonight to play with this.
2006-05-14 08:21 pm (UTC)
Aside from setting up SSL and HTDigest I'd already done all this, but it does seem to be working now. When I get a moment I think I'll have to write a tool to import my roster from jabberd 1.4 so I don't have to add everyone again…
Super easy! Used htdigest from apache 2.2.0, rest is just debian sarge.
Will play with it more later today, but I'm going to sit around online.
Oh, guess I should add that it took just over two minutes to start it up and get connected via gaim :) Including adjusting my firewall rules.
Yay! It's easy to set up, however, it doesn't really work in daemon mode (r274). It gives a Policy Violation when I try to log in. Any ideas? (I'll look into it soon myself and see if I can come up with something.)
2006-05-14 09:11 pm (UTC)
You have it set to require SSL (that's our only policy violation we return), and when it daemonizes it can't find the *.pem files you made, since it only looks in the current directory, which is now "/". There's an item in the TODO about this, to make SSL configurable and make paths be relative to something and more sane.
Did you ever see my email about the regex for jids?
I'm sure you'll figure it out for yourself once someone with a '.' in their name sends you a message and djabbered borks :-)
2006-05-15 01:05 am (UTC)
Replied. Sorry, hadn't updated my mail rules.
I wrote a HTBasicProxy auth module that lets you authenticate against a web server.., think anyone would find it useful?
2006-05-15 04:17 pm (UTC)
We plan to have an Auth::Simple option available, which gives us about 40 different auth options, including against a webserver, so we can just wait and get it then, or if you feel motivated and need it now, you could build it.
2006-05-15 03:41 pm (UTC)
s/rs:1024/rsa:1024/ in the key generation thingy above.
2006-05-15 09:58 pm (UTC)
It only took a few minutes to get it all setup. That was sweet. Damn that is cool.
2006-05-21 06:50 am (UTC)
Works great for me!
I read zero docs and just followed the little recipe here. I'll read docs in the morning (maybe ;)). Anyhow, I set up a quick server install of Ubuntu Dapper.
It works perfectly. The only trouble I had was dialback authentication with Google Talk, and that ended once I set my virtual server in my router's DMZ.
Thanks for all the work you put into the server. I wish I programmed and could help out, but as a puny end-user I hope some positive feedback will do. :)
2009-06-04 05:10 pm (UTC)
Since LJ can't seem to keep their Jabber server up any more, I was trying to install this. CPAN has 0.84 but doesn't know about DJabberd::Authen::HTDigest. What am I missing?