Ejabberd#
The Ejabberd module installs the ejabberd Community Server Docker Image (standard protocol Jabber/XMPP) and supports TLS on standard ports (5222 or 5223).
Only one instance of Ejabberd can run on a node to prevent TCP port conflicts.
Note
Ejabberd does not expose anymore the BOSH protocol (NethCTI and other browser-based applications might not work)
The Ejabberd module installs ejabberd Community Server Docker Image.
Ejabberd is an Open Source chat server directly integrated to Webtop and for networks client. Check out the official documentation for further details.
Configuration#
Ejabberd needs a dedicated virtual host name, a FQDN like nethserver.org
, This domain will be used for authentication of users (foo@nethserver.org
). A self-signed TLS certificate could be used but a trusted Let’s Encrypt certificate is recommended.
Before proceeding with the configuration, make sure to create the corresponding name record inside your DNS server.
If you want to use the Ejabberd instance as Webtop chat engine, ensure you enter the same domain name used by Webtop in
the Mail domain
field on its Settings page.
Note
Let’s Encrypt certificate is a mandatory for file sharing clients. Such clients refuse to connect to the server if the certificate is self-signed
How to configure:
Access the application configuration page and enter a valid FQDN inside
Ejabberd FQDN
fieldEnable
Let's Encrypt
option accordingly to your needsSelect the LDAP user Domain to identify users
Click the Save button
Connect a XMMP client with a valid user on the domain to the entered host name, e.g.:
https://ejabberd.nethserver.org
.
Note
Ejabberd authentication is integrated with LDAP user domain that you can configure at User domains.
The Ejabberd administrators are allowed to use the web admin page on port 5280. The ejabberd Web Admin allows to administer some parts of ejabberd using a web browser: accounts, Shared Roster Groups, manage the Mnesia database, create and restore backups, view server statistics, …
The administration page is available at https://IP_OR_FQDN:5280/admin.
Under the Advanced options section, the administrator can also configure:
enable built-in web administration interface
S2S federation
message archive management
file upload to exchange data among clients using URL
file transfer speed
Server to server (S2S)#
The XMPP system is federated by nature. If S2S is enabled, users with accounts on one server can communicate with users on remote servers. S2S allows for servers communicating seamlessly with each other, forming a global ‘federated’ IM network.
For this purpose, the SRV DNS record must be configured for your domain (https://wiki.xmpp.org/web/SRV_Records#XMPP_SRV_records) and the server must have a valid SSL/TLS certificate.
Message Archive Management#
Message Archive Management (mod_mam) implements Message Archive Management as described in XEP-0313. When enabled, all messages will be stored inside the server and compatible XMPP clients can use it to store their chat history on the server.
The database can store a maximum of 2GB of messages, archived messages can be purged automatically. To configure message retention policy, set Clean messages older than X days option.
Note
If enabled, this module will store every message sent between users. This behavior will affect the privacy of your users.
Administrators#
All users listed in the text area are considered administrators of the chat server.
Administrators can:
Send broadcast messages
Check the status of connected users
Clients#
Jabber clients are available for all desktop and mobile platforms.
Some widespread clients:
Pidgin is available for Windows and Linux
Adium for Mac OS X
BeejibelIM for Android and iOS, Xabber only for Android
When you configure the client, make sure TLS (or SSL) is enabled. Enter the user name and the domain of the machine.
With TLS capabilities, strictly configured servers or clients could reject connections with your Ejabberd server
if the SSL/TLS certificate doesn’t match the domain name.
Also, the certificate should contain two sub-domains pubsub.*
and conference.*
.
This certificate can be obtained for free with Let’s Encrypt.