Skip to content

Configure ejabberd

Jump to bottom Edit New page
Jaussoin Timothée edited this page Apr 30, 2023 · 23 revisions

HTTP Upload

Movim requires a few CORS headers to be included by the HTTP Upload service. ejabberd 17.04 and newer can be configured to do this, like in the following example:

# For ejabberd >= 17.12
certfiles:
  - "/etc/ejabberd/*.pem"

listen:
  # [...]
  -
    module: ejabberd_http
    port: 8443
    tls: true
    # For ejabberd < 17.12 only
    # certfile: "/etc/ejabberd/certificate.pem"
    # dhfile: "/etc/ejabberd/dh-parameters.pem"
    # ciphers: "ECDH:DH:!MEDIUM:!3DES:!aNULL:!eNULL@STRENGTH"
    # protocol_options:
    #  - "no_sslv3"
    #  - "cipher_server_preference"
    #  - "no_compression"
    request_handlers:
      "upload": mod_http_upload
    custom_headers:
      "Access-Control-Allow-Origin": "*"
      "Access-Control-Allow-Methods": "OPTIONS, HEAD, GET, PUT"
      "Access-Control-Allow-Headers": "Authorization"
      "Access-Control-Allow-Credentials": "true"

modules:
  # [...]
  mod_http_upload:
    name: "HTTP File Upload"
    access: local
    max_size: 104857600 # 100 MiB.
    file_mode: "0640"
    dir_mode: "2750"
    docroot: "/var/www/upload/@HOST@"
    put_url: "https://@HOST@:8443/upload"
    thumbnail: false

STURN/TURN servers

Configure you server to listen on the STUN and TURN ports

  -
    port: 3478
    transport: udp
    use_turn: true
    turn_ip: <your server ipv4>
    module: ejabberd_stun

Then add the XEP-0215: External Service Discovery module support

modules:
  mod_stun_disco: {}

Contact Addresses

You can also define contact addresses for your XMPP server, they will then be displayed in the Movim UI.

modules:
  # [...]
  mod_disco:
    server_info:
      -
        modules: all
        name: "admin-addresses"
        urls:
          - "xmpp:admin@server.tld"
          - "xmpp:admin2@server.tld"
      -
        modules: all
        name: "security-addresses"
        urls:
          - "xmpp:security@server.tld"
      -
        modules: all
        name: "abuse-addresses"
        urls:
          - "xmpp:abuse@server.tld"
      -
        modules: all
        name: "feedback-addresses"
        urls:
          - "xmpp:muc@conference.server.tld?join"
      -
        modules: all
        name: "support-addresses"
        urls:
          - "mailto:support@server.tld"
          - "http://server.tld/support.html"

PubSub

You should use ejabberd 14.12 or newer, as the PEP support in older versions is buggy.

Then, ejabberd's PubSub configuration should be tweaked a bit in order to make it work well with Movim. For example, Movim uses PEP nodes for microblogging, and by default, ejabberd stores only the most recent posting. ejabberd allows Movim to increase the number of stored items per PubSub node, but only to up to a maximum of 10 items by default. A PubSub setup such as the following takes care of these and other issues:

modules:
  # [...]
  mod_caps: {}
  mod_pubsub:
    access_createnode: local
    ignore_pep_from_offline: false
    last_item_cache: false
    max_items_node: 1000
    default_node_config:
      max_items: 1000
    plugins:
      - "flat"
      - "pep" # Requires mod_caps.

How to configure multiple PubSub services on one domain

ejabberd 17.08 and newer

Use hosts option of pubsub module, e.g.:

modules:
  mod_pubsub:
    hosts:
      - "news.@HOST@"
      - "comics.@HOST@"
      - "nsfw.@HOST@"

Older ejabberd versions

In older ejabberd versions, each virtual domain can only have a single PubSub service. If you want to have multiple group services (such as news.mydomain.org and comics.mydomain.org), you should use the following trick.

Configure your current PubSub service name:

    modules:
      mod_pubsub:
        host: "news.@HOST@"

Create a new dummy virtual domain on your server like this:

    hosts:
      - "dummy.domain"
      - "mydomain.org"

Change the service node to match your domain:

    host_config:
      "dummy.domain":
        modules:
          mod_pubsub:
            host: "comics.mydomain.org"

As a bonus, you can add the new PubSub service to the Service Discovery configuration of your real host:

    modules:
      mod_disco:
        extra_domains:
          - "comics.mydomain.org"

Remember to create your DNS entries for the PubSub services and have the TLS certificate updated, and you are ready to enjoy your multi-group PubSub service.

Enforce Pubsub configuration

To ensure that none of the clients will change some of the required configuration in the Pubsub and PEP nodes Movim needs, you can enforce some of them on the server side.

append_host_config:
  "dummy.domain":
    modules:
      mod_pubsub:
        force_node_config:
          "eu.siacs.conversations.axolotl.*":
            access_model: open
          "urn:xmpp:bookmarks:0":
            access_model: whitelist
            send_last_published_item: never
            persist_items: true
            max_items: infinity
          "urn:xmpp:bookmarks:1":
            access_model: whitelist
            send_last_published_item: never
            persist_items: true
            max_items: infinity
          "urn:xmpp:pubsub:movim-public-subscription":
            access_model: whitelist
            persist_items: true
            max_items: infinity
          "storage:bookmarks":
            access_model: whitelist
          "urn:xmpp:microblog:0":
            max_items: infinity
            notify_retract: true
            persist_items: true
          "urn:xmpp:microblog:0:comments*":
            max_items: infinity
            access_model: open
            notify_retract: true
            persist_items: true
Add a custom footer
Add a custom sidebar
Clone this wiki locally