I have now managed to get SSL working, and run it as a background daemon. - SSL setup was all standard. I got my certificate from http://xmpp.org/ca/ , so I don't get any warnings: I think their root CA certificate is a standard one. (I wonder if the same certificate could be used for https??)
- For the background daemon, I realised that the server actually uses 4 daemons. I'm not sure if this is pointless, but I ended up calling run-in-pagsh for each one: run-in-pagsh sm "/afs/hcoop.net/user/m/mi/michal/bin/sm -c /afs/hcoop.net/user/m/mi/michal/etc/sm.xml" & run-in-pagsh router "/afs/hcoop.net/user/m/mi/michal/bin/router -c /afs/hcoop.net/user/m/mi/michal/etc/router.xml" & run-in-pagsh s2s "/afs/hcoop.net/user/m/mi/michal/bin/s2s -c /afs/hcoop.net/user/m/mi/michal/etc/s2s.xml" & run-in-pagsh c2s "/afs/hcoop.net/user/m/mi/michal/bin/c2s -c /afs/hcoop.net/user/m/mi/michal/etc/c2s.xml" & Again, I'm not sure if this is pointless as there is a script that comes with jabberd2 that starts the daemons, but according to http://wiki.hcoop.net/RunningUnattendedCommandsWithoutRunInPagsh (even though I am using run-in-pagsh) it appears that the actual daemon process should be passed, and not a script that starts the daemon. (Note that I also had to ensure the bin/lib/etc/log/ssl directories that the daemons have to access all are set to allow michal.daemon to read them). On Fri, Apr 3, 2009 at 3:08 PM, Michal <[email protected]> wrote: > Thanks for everyone's help! I have managed to get it working, > including s2s connections, using non standard ports via the SRV > record. Although I've not yet even tried to make it an unattended > daemon, I just run it logging in via ssh. I also have not even tried > anything SSL yet. > > For the record, (in case it will be helpful to others, or if I am > doing something wrong) what I did: > > - In the domtool file for my domain, yetagain.net, I set the arbitrary > ports 4321 for C2S and 4323 for S2S (NB: I'm not sure what TTL should > be??) > > dom "yetagain.net" with > dns (dnsSRV (srv_literal "_xmpp-client._tcp") 0 0 4321 > "mire.hcoop.net") where TTL=600 end; > dns (dnsSRV (srv_literal "_xmpp-server._tcp") 0 0 4323 > "mire.hcoop.net") where TTL=600 end; > dns (dnsSRV (srv_literal "_jabber._tcp") 0 0 4323 "mire.hcoop.net") > where TTL=600 end; > end; > > - Compile/install the jabberd2 server in my home directory (I didn't > know which server to choose, it was an arbitrary choice). To do this I > also needed to compile udns, gsasl, and the latest openssl (I think > the one installed on mire cause compilation errors). > > - Create a database using dbtool and the instructions at > http://wiki.hcoop.net/MemberManual/Databases: I called it "jabber" (so > in fact its full name is michal_jabber) > > - Follow the standard jabberd installation instructions, with a few > amendments: > > - Modify the sql script that creates the required tables. Comment > out the line > CREATE DATABASE jabberd2; > > And change the database name below: > USE michal_jabber; > > - In the jabber config files c2s.xml, s2s.xml, sm.xml installed in > my local etc directory, ensure that the sql server (mysql), sql user > (michal in my case) sql password, and database name (michal_jabber in > my case) are all set correctly. Also change the port settings for c2s > and s2s to the same ones in the SRV record for the domain. > > That's it for the time being... now to try to get SSL to work and to > make it a proper daemon... > > (I am very grateful by the way for all the work people must have put > into all of the server-setup. Most servers don't even allow ssh > access, let alone running own daemons) > > Michal. > > On Thu, Apr 2, 2009 at 9:25 PM, Adam Chlipala <[email protected]> wrote: >> Adam Chlipala wrote: >>> In this file, you can see some examples of custom SRV records. >>> /afs/hcoop.net/user/m/me/megacz/.domtool >> >> Oops; add /megacz.com to the end of that. >> >> _______________________________________________ >> HCoop-Help mailing list >> [email protected] >> https://lists.hcoop.net/listinfo/hcoop-help >> > _______________________________________________ HCoop-Help mailing list [email protected] https://lists.hcoop.net/listinfo/hcoop-help
