Tigase

From Smop.co.uk

Jump to: navigation, search

Tigase is an XMPP (aka Jabber) server - an instant messaging protocol like MSN. Jabber is the old name for XMPP.

I looked at the leading three XMPP servers:

  • tigase - good reputation, new, scalable, java, bad documentation
  • openfire - swish interface, not highly scalable (but fine for me), java
  • ejabberd - traditional one everyone uses, scalable, erlang

I followed the quick start but I did have some problems. Namely I tried to use pidgin as my client. Once I used Psi things worked much better. You need to connect as admin user you specified in init.properties (normally "admin@example.com") and set "create account".

Notes as correct for 4.3.1-b1858 on Debian Lenny.

Contents

Installation

  • install Java 6:
    • apt-get --no-install-recommends install openjdk-6-jdk (don't need the fonts)
  • download and extract tigase*tar.gz
  • chmod +x scripts/*sh
  • edit etc/tigase.conf
    • DRV=com.mysql.jdbc.Driver (unless you use postgres or derby)
    • JAVA_HOME=/usr/lib/jvm/java-6-openjdk/

DNS 

xmpp               IN   A       192.168.1.1
_xmpp-client._tcp  IN   SRV     100 1 5222 xmpp
_xmpp-server._tcp  IN   SRV     100 1 5269 xmpp

MySQL

  • edit etc/init.properties: 
config-type=--gen-config-def
--admins=yourname@example.com
--virt-hosts = example.com
--debug=server
--user-db=mysql
--user-db-uri=jdbc:mysql://localhost/tigase?user=tigase&password=.....
    • MySQL v5.0 _may_ need: &useUnicode=true&characterEncoding=UTF-8 appending to user-db-uri
  • create database in MySQL:
    • create database tigase DEFAULT CHARACTER SET utf8;
    • GRANT ALL ON tigase.* TO tigase@'localhost' IDENTIFIED BY '...';
    • GRANT SELECT on mysql.proc TO tigase@'localhost'; (needed to avoid errors aboutnoAccessToProcedureBodies)
    • use tigase;
    • source database/mysql-schema-4.sql
  • TODO update the broken guide at: http://www.tigase.org/mysql-db-init

Derby DB

  • edit etc/init.properties: 
config-type=--gen-config-def
--admins=yourname@example.com
--virt-hosts = example.com
--debug=server
--user-db=derby
--user-db-uri=jdbc:derby:/var/lib/tigase/derby
  • ./database/derby-create-db.sh /var/lib/tigase/derby

SSL

  • rm certs/*
  • cd certs
  • keytool -import -trustcacerts -alias ca.example.com -file /etc/ssl/certs/ca.example.com.crt -keystore truststore
  • keytool -import -trustcacerts -alias ca.example.com -file /etc/ssl/certs/ca.example.com.crt -keystore rsa-keystore
  • keytool -genkeypair -alias xmpp.example.com -keystore rsa-keystore -keyalg RSA -sigalg SHA1withRSA
    • key password must match keystore password (so just press enter when prompted)
  • keytool -certreq -alias xmpp.example.com -keystore rsa-keystore -file xmpp.example.com.csr
  • now sign the CSR with your favourite tool (easy-rsa for me)
  • keytool -import -alias xmpp.example.com -keystore rsa-keystore -file /tmp/xmpp.example.com.crt
    • you may find you need to trim everything above "BEGIN CERTIFICATE" to allow the import
  • edit etc/tigase.xml and set keys-store-password and trusts-store-password appropriately (x3)
    • you will need to start tigase once to generate tigase.xml

Running

  • ./scripts/tigase.sh start etc/tigase.conf
  • Now start PSI (not pidgin!)
  • create a new account, tick "Register a new account"
  • type in your domain name for the server
  • type in an admin account for the username (e.g. "adrian" above)
  • now right click your account, select "Service discovery" and see all the goodness

Scripts

  • Due to this buglet you need to pull all these files down into scripts/admin/ (if that directory is missing)
  • Download the deb (or zip) of groovy, dump the embeddable groovy jar into libs/ and restart, otherwise you'll see: 
java.lang.NullPointerException
tigase.server.xmppsession.AdminScript.runCommand(AdminScript.java:85)
tigase.server.xmppsession.SessionManager.processCommand(SessionManager.java:861)
tigase.server.xmppsession.SessionManager.processPacket(SessionManager.java:370)
tigase.server.AbstractMessageReceiver$QueueListener.run(AbstractMessageReceiver.java:752)

Turn off registration

Ideally we'd like to moderate new users, but there isn't a way to do that, you could just externally the authentication to a DB. In the meantime we disable registration:

  • edit etc/tigase.xml
    • comment out <item value="jabber%3Aiq%3Aregister"/>

Turn off stats

Tigase dumps stats into stats-dumps and this can use up a lot of disk space:

  • edit etc/tigase.xml
    • set stats.active to false


Monitoring

Mostly from monitoring.

  • download jdmkrt to libs/
  • add "--monitoring=jmx:9050,http:9080,snmp:9060" to etc/init.properties
  • TODO: download tigase-extras to libs (non-existant!)

TODO

Retrieved from "http://www.smop.co.uk/mediawiki/index.php/Tigase"
Personal tools