Trying to setup an XMPP server - sorry but a bit techy
- Vous devez vous identifier ou créer un compte pour écrire des commentaires
After hearing how easy it is to setup an XMPP server a "I wonder if" idea has grown into a bit of a monster...
A mate is hosting a jabchat.co.uk for my home connection resolving my public IP ok.
I have reserved my private IP against the MAC on the server ok
I have put forwarding rules form WAN ports 5269, 5222 and 5280 on my router to the LAN server IP ok
Followed this guide https://github.com/PuddletownDesign/Linux-Setups/blob/master/09-installing-xmpp-chat-prosody-server-and-using-profanity.md
Ive edited the config file as recommended in the guide
I've added myself and account
But the connection is either being rejected or failing some other way when trying to add the account on the XMPP client from the LAN or 3G phone > jabchat.co.uk so I was wondering if there is a firewall issue on the server.
ufw status shows the ports appear to be open
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
5222 ALLOW Anywhere
5269 ALLOW Anywhere
443 ALLOW Anywhere
443/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
5222 (v6) ALLOW Anywhere (v6)
5269 (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
I'm assuming all that's needed is packets are directed via the DNS to my public IP, through the rules I setup on the router these packets should be sent to the server.
Years ago I had a similar setup on a BSD box a domain registered with dyndns - when it was free and was hosting ftp and web with no problems.
Should be sever be declared in the DNS?
> the connection is either being rejected or failing some other way when trying to add the account on the XMPP client from the LAN or 3G phone> jabchat.co.uk so I was wondering if there is a firewall issue on the server.
You could check your prosody logs and maybe your XMPP client can have debugging messages that will allow to see whether something goes through or not.
I only notice that you have forwarded port 5280 but not mentioned it in the firewall status.
I am running ejabberd from Freedombox, so I don't have to look at any configuration file (but unfortunately file upload is not enabled).
Thanks for the feedback.. I'm mentally stewed and frustrated as apparent a child of 3 can set one up - ok exaggeration but I'm mentally frazzled... I've shut things off for the day - been at it for about 9 hours solid. I know the port forwarding is working as the test SSH works so has to be something on the service
Ahh you may have a point, never though of checking the firewall vs router ports.
I did try ejabberd but ran into errors from the get go on a fresh built. Do you have a guide?
> I did try ejabberd but ran into errors from the get go on a fresh built. Do you have a guide?
No, I am using plinth, which is the web interface put in place by the freedombox package. That package is in Trisquel's repository, so you could try installing it (but it will install a lot of packages, use "apt -s install freedombox" to see what it would install without actually installing).
Personally, I did not do that, I purchased the box shown at https://www.freedombox.org/buy/ for which there are Debian images with all what is needed installed already. That SBC is the one most actively supported and runs without any non-free software/firmware. It comes without a hard disk but for all I did, this is enough.
As I mentioned before, the flexibility with freedombox is limited, but this makes your life much easier.
Oh freedombox, what a great gift for our society!
I agree.
I also noticed Yunohost. The intention is good but it is relying on containers provided specifically by this project (while freedombox just uses Debian packages). There is a lot more choice, it is perhaps even easier to use but I feel unable to understand what I would be running exactly if I would be using that, hence I have so far preferred to stay away from it.
That's smart! I intended to get the Pi out and use that as a XMPP server, I'm use the Thinkpad X60 as a lab to make sure I understand. Just so infuriating when you feel your running round in circles.
I've tried a multitude of installs with various distros of Linux using various guides but always failing at the same point - certificate generation and adding accounts - all inbound comms related.
Sadly my friend who setup the dns is now busy doing other projects.
I'm convinced the DNS needs looking at - tables are double-duch to me. As I have zero experience of setting up DNS can someone set one up for me?
Running ping resolves the right IP
I am running ddns on the server so can auto update.
Think I may have got somewhere... Tethered my laptop to my mobile so its outside the LAN and can add the account to Gajim fine - breakthrough!
I remembered both laptop and server are on the same private IP and if I remember right as I don't have a local DNS it wont resolve the IP. 192.168.x.x will work fine but fred.co.uk is non resolvable. Annoyingly the config files for prosody are host name related not IP. Need to think on this.
- Vous devez vous identifier ou créer un compte pour écrire des commentaires