Prosody XMPP 服务器 (开放消息协议)

用Lua写的 Prosody

opkg update
opkg install prosody

更快的方法是允许自动注册到 @localhost.

sed -i -e 's/\(allow_registration = \)false;/\1true;/' /etc/prosody/prosody.cfg.lua
/etc/init.d/prosody restart

使用XMPP客户端向192.168.1.1服务器添加帐户:

批量添加具有相同密码的用户:

for f in almursi jow maddes nilfred orca thelexi
do prosodyctl register $f localhost 123
done

默认情况下,所有用户都会看到所有其他注册用户.

# A roster for everyone
mkdir -p -m 775 /tmp/roster
cd /tmp/roster
# Make a list
echo "acoul
almursi
glp
hauke
jow
juhosg
maddes
nbd
nilfred
orca
thelexi" > lista.txt
for f in $(awk '{print $1}' lista.txt)
# 注册
do prosodyctl register $f localhost 123
# Add to group "Familiares" all others, but not self.
sed -e "/$f/ d" lista.txt | awk 'BEGIN {print "return {\n\t[false] = {\n\t\t[\"version\"] = 5;\n\t};\n\t[\"pending\"] = {};"} {print "\t[\"" $1 "@localhost\"] = {\n\t\t[\"groups\"] = {\n\t\t\t[\"Familiares\"] = true;\n\t\t};\n\t\t[\"subscription\"] = \"both\";\n\t\t[\"name\"] = \"" toupper(substr($1, 1, 1)) substr($1, 2) "\";\n\t};"} END {print "}"}' > $f.dat
done
chmod 666 *.dat
# Move to flash at once
mkdir -p -m 775 /etc/prosody/data/localhost/roster
chown prosody:prosody *.dat . /etc/prosody/data/localhost/roster
mv *.dat /etc/prosody/data/localhost/roster/

The sausage do:

  • 从列表中删除自己的名字
  • 打印头部
  • 打印一个段落
    • name@localhost
    • groups: Familiares
    • Nickname 首字母大写
  • 将尾部打印到文件

如果没有安装SSL,则不需要.例如: 4 MiB installation.

相同的旧key用于简洁,一些RTFM完整性所需.

cd /tmp
scp root@routerlogin.net:/etc/prosody/certs/localhost.[ck]e* .
openssl req -new -x509 -days 365 -nodes -out "localhost.cert" -key "localhost.key"
scp localhost.[ck]e* root@routerlogin.net:/etc/prosody/certs/

将看到为批使用添加 -subg 参数.

此代码不打算在路由器本身中运行,仍然需要一些测试.

上面写着 C=AR 意味着你的国家2个字母ISO ISO. CN= 必须匹配您的域名或prosody可能会问另一个问题.

# 自签名SSL证书创建 (new key)
cd /tmp
openssl req -new -x509 -days 365 -nodes -out "example.no-ip.biz.crt" -keyout "example.no-ip.biz.key" -subj /C=AR/ST=YourState/L=YourCity/O=YourOrganization/OU=YourOrganizationUnit/CN=example.no-ip.biz/emailAddress=your@mail.address
scp example.no-ip.biz.[ck][re][ty] root@192.168.1.1:/etc/prosody/certs/
mkdir -p ~/build/files/ar71xx/etc/prosody/certs
mv example.no-ip.biz.[ck][re][ty] ~/build/files/ar71xx/etc/prosody/certs

下一年你必须这么做:

# 自签名SSL证书续订 (same old key)
cd ~/build/files/ar71xx/etc/prosody/certs
openssl req -new -x509 -days 365 -nodes -out "example.no-ip.biz.crt" -key "example.no-ip.biz.key" -subj /C=AR/ST=YourState/L=YourCity/O=YourOrganization/OU=YourOrganizationUnit/CN=example.no-ip.biz/emailAddress=your@mail.address
scp example.no-ip.biz.[ck][re][ty] root@192.168.1.1:/etc/prosody/certs/

这是因为密钥永远不会过期,只有证书过期. Prosody 可能会问.

升级固件时, 您可能会丢失证书而客户端(prosody) 可能会要求提供证书. 最好出示相同的未过期证书,以避免询问.

# 上载之前已创建的相同证书
cd ~/build/files/ar71xx/etc/prosody/certs
scp example.no-ip.biz.[ck][re][ty] root@192.168.1.1:/etc/prosody/certs/://

此示例要求您获取 example.no-ip.biz 域名并安装 luci-app-ddns. 则与@localhost完全相同:

# 允许注册?
sed -i -e 's/\(allow_registration = \)false;/\1true;/' /etc/prosody/prosody.cfg.lua
chmod +r /etc/prosody/prosody.cfg.lua
# Start once to create the prosody:prosody account
/etc/init.d/prosody start
/etc/init.d/prosody stop
chown -R prosody:prosody /etc/prosody/data
sed -i -e 's/example.com/example.no-ip.biz/;/enabled = false/ d' /etc/prosody/prosody.cfg.lua
# A roster for everyone
mkdir -p -m 775 /tmp/roster
cd /tmp/roster
# Make a list
echo "acoul
almursi
glp
hauke
jow
juhosg
maddes
nbd
nilfred
orca
thelexi" > lista.txt
mkdir -p -m 775 /etc/prosody/data/example.no-ip.biz/roster
chown -R prosody:prosody /etc/prosody/data
for f in $(awk '{print $1}' lista.txt)
do prosodyctl register $f example.no-ip.biz 123
sed -e "/$f/ d" lista.txt | awk 'BEGIN {print "return {\n\t[false] = {\n\t\t[\"version\"] = 1;\n\t};\n\t[\"pending\"] = {};"} {print "\t[\"" $1 "@example.no-ip.biz\"] = {\n\t\t[\"groups\"] = {\n\t\t\t[\"Familiares\"] = true;\n\t\t};\n\t\t[\"subscription\"] = \"both\";\n\t\t[\"name\"] = \"" toupper(substr($1, 1, 1)) substr($1, 2) "\";\n\t};"} END {print "}"}' > $f.dat
done
chmod 666 *.dat
chown prosody:prosody *.dat .
mv *.dat /etc/prosody/data/example.no-ip.biz/roster/
/etc/init.d/prosody start
# All OK?
cat /var/log/prosody/prosody.err
cat /var/log/prosody/prosody.log

在阅读了如何设置DDNS 客户端之后, 您应该以如下工作配置结束:

uci batch <<'EOF'
set ddns.myddns.domain=example.no-ip.biz
set ddns.myddns.enabled=0
set ddns.myddns.force_interval=22
set ddns.myddns.ip_interface=pppoe-wan
set ddns.myddns.ip_source=interface
delete ddns.myddns.ip_url
set ddns.myddns.password=password
set ddns.myddns.service_name=no-ip.com
set ddns.myddns.username=username
commit ddns
EOF

如果您的路由器对LAN客户端有相同的名称,那么它将是明智的,因此必须不出去和重定向回来.

uci batch <<'EOF'
add dhcp domain
set dhcp.@domain[-1].ip=192.168.1.1
set dhcp.@domain[-1].name=tplinklogin.net
add dhcp domain
set dhcp.@domain[-1].ip=192.168.1.1
set dhcp.@domain[-1].name=routerlogin.net
add dhcp domain
set dhcp.@domain[-1].ip=192.168.1.1
set dhcp.@domain[-1].name=example.no-ip.biz
commit dhcp
EOF

现在这些命令在您的局域网中具有相同的效果:

ssh root@192.168.1.1
ssh root@routerlogin.net
ssh root@tplinklogin.net
ssh root@example.no-ip.biz

你的路由器现在有了名字!

很好!所以,对于你自己的域名可能需要设置SRV记录,如果xmpp服务器运行在另一子域名像这样:

_xmpp-client._tcp.example.com. 18000 IN SRV 0 5 5222 xmpp.example.com.
_xmpp-server._tcp.example.com. 18000 IN SRV 0 5 5269 xmpp.example.com. 

转换成uci的结果如下所示:

uci batch <<'EOF'
add dhcp srvhost
set dhcp.@srvhost[-1].srv=_xmpp-client._tcp.example.com
set dhcp.@srvhost[-1].target=xmpp.example.com
set dhcp.@srvhost[-1].port=5222
set dhcp.@srvhost[-1].class=0
set dhcp.@srvhost[-1].weight=5
add dhcp srvhost
set dhcp.@srvhost[-1].srv=_xmpp-server._tcp.example.com
set dhcp.@srvhost[-1].target=xmpp.example.com
set dhcp.@srvhost[-1].port=5269
set dhcp.@srvhost[-1].class=0
set dhcp.@srvhost[-1].weight=5
commit dhcp
EOF

这个DNS技巧是为了使someone@xmpp.example.com看起来像someone@example.com,但也用于像下图这样的花哨名称:

# A record
your-server.EXAMPLE.COM                     IN A            1.2.3.4        # this *must* be an A record and not a CNAME
 
# CNAME records
anon.EXAMPLE.COM                          IN CNAME        your-server.EXAMPLE.COM. # this is what the anonymous binding (non-logged in web users) will connect to
topics.EXAMPLE.COM                        IN CNAME        your-server.EXAMPLE.COM. # to enable channels like food@topics.EXAMPLE.COM
 
# SRV records
_xmpp-client._tcp.EXAMPLE.COM.            IN SRV 5 0 5222 your-server.EXAMPLE.COM.
_xmpp-server._tcp.EXAMPLE.COM.            IN SRV 5 0 5269 your-server.EXAMPLE.COM.
_xmpp-server._tcp.anon.EXAMPLE.COM        IN SRV 5 0 5269 your-server.EXAMPLE.COM.
_xmpp-server._tcp.topics.EXAMPLE.COM      IN SRV 5 0 5269 your-server.EXAMPLE.COM. 
This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
  • Last modified: 2024/11/29 09:10
  • by stokito