https://wiki.diasporafoundation.org/api.php?action=feedcontributions&user=Pravs&feedformat=atomdiaspora* project wiki - User contributions [en]2024-03-28T17:25:43ZUser contributionsMediaWiki 1.39.3https://wiki.diasporafoundation.org/wiki/index.php?title=Integration/XMPP/Prosody&diff=4852Integration/XMPP/Prosody2016-06-16T06:00:58Z<p>Pravs: /* Other recommendations */ server to server encryption</p>
<hr />
<div>{{Languages}}<br />
<br />
= Integrating Prosody with Diaspora =<br />
<br />
Here you will find all you need to install and set up a Prosody XMPP server integrated with your Diaspora user database.<br />
This guide was tested using Debian 7 and Archlinux, but it will probably work well for all GNU distributions. <br />
There are several steps and configurations you will need to perform, so read the instructions carefully.<br />
<br />
'''See debian specific instructions at https://wiki.debian.org/Diaspora/XMPP'''<br />
<br />
= Understanding =<br />
<br />
The main goal is to set up Prosody to be capable of comparing the password received by the XMPP client with the hashed password stored on your pod's Diaspora database.<br />
Diasporas password hash is done using <tt>bcrypt</tt>, so we need to extend Prosody to do the same with the received password. To do so, we need to install a modified version of the [https://code.google.com/p/prosody-modules/wiki/mod_auth_sql - <tt>mod_auth_sql</tt>] module, available below.<br />
<br />
Since authentication methods can be set per host, you can use an existing Prosody instance with access to Diasporas database.<br />
<br />
You can also pull in Diaspora contacts into the roster. They will only be updated on signing into the XMPP account and all modifications to them from the XMPP side will be lost.<br />
<br />
= Prosody =<br />
<br />
If you haven't yet, install Prosody. This setup was tested against 0.9.8 and is known to be incompatible with the 0.8 series.<br />
Follow the instructions described on their [http://prosody.im/download/start official site].<br />
<br />
Once Prosody is installed, you can proceed.<br />
<br />
== Install bcrypt Lua library ==<br />
<br />
Lua or Prosody don't ship with the bcrypt library. If it isn't in your repositories, you can install it with the following command:<br />
<br />
<syntaxhighlight lang="bash"><br />
luarocks install bcrypt<br />
</syntaxhighlight><br />
<br />
Prosody still depends on Lua 5.1, if your distribution is already on Lua 5.2 you may need to change the command to <tt>luarocks-5.1</tt> or something similar.<br />
<br />
== Changes in <tt>prosody.cfg.lua</tt> ==<br />
<br />
There are a couple of required changes to your <tt>prosody.cfg.lua</tt>.<br />
<br />
=== Plugin path ===<br />
<br />
Since we're going to install a new module, you should pick a location where you want to store it, for example <tt>/etc/prosody/modules</tt>.<br />
Then tell Prosody to look for modules there: <br />
<br />
<syntaxhighlight lang="lua"><br />
plugin_paths = { "/etc/prosody/modules" }<br />
</syntaxhighlight><br />
<br />
Don't worry, Prosody will continue looking for modules in the standard location.<br />
<br />
Now download the module to your machine:<br />
<br />
<syntaxhighlight lang="bash"><br />
curl https://gist.githubusercontent.com/jhass/948e8e8d87b9143f97ad/raw/mod_auth_diaspora.lua > /etc/prosody/modules/mod_auth_diaspora.lua<br />
curl https://gist.githubusercontent.com/jhass/948e8e8d87b9143f97ad/raw/mod_diaspora_contacts.lua > /etc/prosody/modules/mod_diaspora_contacts.lua<br />
</syntaxhighlight><br />
<br />
=== Add a virtual host for your pod ===<br />
<br />
<syntaxhighlight lang="lua"><br />
VirtualHost "yourpod.example.org"<br />
authentication = "diaspora"<br />
-- Uncomment and adjust username and password for MySQL/MariaDB<br />
--auth_diaspora = { driver = "MySQL", database = "diaspora_production", username = "diaspora", password = "pass", host = "localhost" }<br />
-- Uncomment and adjust username and password for PostgreSQL<br />
--auth_diaspora = { driver = "PostgreSQL", database = "diaspora_production", username = "diaspora", password = "pass", host = "localhost" }<br />
<br />
modules_enabled = {<br />
"diaspora_contacts";<br />
};<br />
</syntaxhighlight><br />
<br />
Replace <tt>yourpod.example.org</tt> with your pod's domain and adjust the username and password for the database connection. This is very important!<br />
<br />
Read in [http://prosody.im/doc/dns Prosodys official documentation] on how to correctly update your nameserver records afterwards.<br />
Also read about setting up the right [http://prosody.im/doc/certificates certificates] for your host.<br />
<br />
=== Other recommendations ===<br />
<br />
* Since we have to transmit the password in plaintext to the server, we strongly recommend to require encryption:<br />
:<syntaxhighlight lang="lua"><br />
c2s_require_encryption = true<br />
</syntaxhighlight><br />
<br />
* You may also require server to server connections to be encrypted and validate server certificates (diaspora does this already), but your pod won't be able to talk to some xmpp servers which use self signed certificates.<br />
<br />
:<syntaxhighlight lang="lua"><br />
s2s_require_encryption = true<br />
s2s_secure_auth = true<br />
</syntaxhighlight><br />
<br />
* Adding a reverse proxy to Prosody's BOSH endpoint under your pods domain on the path <tt>/http-bind</tt> is a good idea too (check the [https://wiki.diasporafoundation.org/Vines#Browser_blocks_mixed-content examples on Vines page]). If you have done so, set the <tt>proxy</tt> setting in <tt>diaspora.yml</tt> to <tt>true</tt> and add <tt>consider_bosh_secure = true</tt> to your Prosody configuration.<br />
<br />
* If you want to improve the experience of your users when connecting from mobile devices, install [https://wiki.debian.org/InstallingProsody#Useful_Modules_.28Mobile_support.29 modules listed on Debian's Prosody Installation guide].<br />
<br />
* If you want to allow users to connect via HTTPS port (443) to bypass restrictive firewalls, follow [https://wiki.debian.org/InstallingProsody#XMPP_over_HTTPS steps documented at Debian's Prosody Installation guide].<br />
<br />
== Restart Prosody ==<br />
<br />
To complete the setup, just restart Prosody.<br />
<br />
= Testing =<br />
<br />
Just use your favorite XMPP client to connect to your pod using your regular Diaspora account and password.<br />
<br />
[[Category:Podmin]]</div>Pravshttps://wiki.diasporafoundation.org/wiki/index.php?title=Integration/XMPP/Prosody&diff=4851Integration/XMPP/Prosody2016-06-16T05:49:25Z<p>Pravs: /* Other recommendations */ link to debian's guide for full list of mobile support xeps and xmpp over https</p>
<hr />
<div>{{Languages}}<br />
<br />
= Integrating Prosody with Diaspora =<br />
<br />
Here you will find all you need to install and set up a Prosody XMPP server integrated with your Diaspora user database.<br />
This guide was tested using Debian 7 and Archlinux, but it will probably work well for all GNU distributions. <br />
There are several steps and configurations you will need to perform, so read the instructions carefully.<br />
<br />
'''See debian specific instructions at https://wiki.debian.org/Diaspora/XMPP'''<br />
<br />
= Understanding =<br />
<br />
The main goal is to set up Prosody to be capable of comparing the password received by the XMPP client with the hashed password stored on your pod's Diaspora database.<br />
Diasporas password hash is done using <tt>bcrypt</tt>, so we need to extend Prosody to do the same with the received password. To do so, we need to install a modified version of the [https://code.google.com/p/prosody-modules/wiki/mod_auth_sql - <tt>mod_auth_sql</tt>] module, available below.<br />
<br />
Since authentication methods can be set per host, you can use an existing Prosody instance with access to Diasporas database.<br />
<br />
You can also pull in Diaspora contacts into the roster. They will only be updated on signing into the XMPP account and all modifications to them from the XMPP side will be lost.<br />
<br />
= Prosody =<br />
<br />
If you haven't yet, install Prosody. This setup was tested against 0.9.8 and is known to be incompatible with the 0.8 series.<br />
Follow the instructions described on their [http://prosody.im/download/start official site].<br />
<br />
Once Prosody is installed, you can proceed.<br />
<br />
== Install bcrypt Lua library ==<br />
<br />
Lua or Prosody don't ship with the bcrypt library. If it isn't in your repositories, you can install it with the following command:<br />
<br />
<syntaxhighlight lang="bash"><br />
luarocks install bcrypt<br />
</syntaxhighlight><br />
<br />
Prosody still depends on Lua 5.1, if your distribution is already on Lua 5.2 you may need to change the command to <tt>luarocks-5.1</tt> or something similar.<br />
<br />
== Changes in <tt>prosody.cfg.lua</tt> ==<br />
<br />
There are a couple of required changes to your <tt>prosody.cfg.lua</tt>.<br />
<br />
=== Plugin path ===<br />
<br />
Since we're going to install a new module, you should pick a location where you want to store it, for example <tt>/etc/prosody/modules</tt>.<br />
Then tell Prosody to look for modules there: <br />
<br />
<syntaxhighlight lang="lua"><br />
plugin_paths = { "/etc/prosody/modules" }<br />
</syntaxhighlight><br />
<br />
Don't worry, Prosody will continue looking for modules in the standard location.<br />
<br />
Now download the module to your machine:<br />
<br />
<syntaxhighlight lang="bash"><br />
curl https://gist.githubusercontent.com/jhass/948e8e8d87b9143f97ad/raw/mod_auth_diaspora.lua > /etc/prosody/modules/mod_auth_diaspora.lua<br />
curl https://gist.githubusercontent.com/jhass/948e8e8d87b9143f97ad/raw/mod_diaspora_contacts.lua > /etc/prosody/modules/mod_diaspora_contacts.lua<br />
</syntaxhighlight><br />
<br />
=== Add a virtual host for your pod ===<br />
<br />
<syntaxhighlight lang="lua"><br />
VirtualHost "yourpod.example.org"<br />
authentication = "diaspora"<br />
-- Uncomment and adjust username and password for MySQL/MariaDB<br />
--auth_diaspora = { driver = "MySQL", database = "diaspora_production", username = "diaspora", password = "pass", host = "localhost" }<br />
-- Uncomment and adjust username and password for PostgreSQL<br />
--auth_diaspora = { driver = "PostgreSQL", database = "diaspora_production", username = "diaspora", password = "pass", host = "localhost" }<br />
<br />
modules_enabled = {<br />
"diaspora_contacts";<br />
};<br />
</syntaxhighlight><br />
<br />
Replace <tt>yourpod.example.org</tt> with your pod's domain and adjust the username and password for the database connection. This is very important!<br />
<br />
Read in [http://prosody.im/doc/dns Prosodys official documentation] on how to correctly update your nameserver records afterwards.<br />
Also read about setting up the right [http://prosody.im/doc/certificates certificates] for your host.<br />
<br />
=== Other recommendations ===<br />
<br />
* Since we have to transmit the password in plaintext to the server, we strongly recommend to require encryption:<br />
:<syntaxhighlight lang="lua"><br />
c2s_require_encryption = true<br />
</syntaxhighlight><br />
<br />
* Adding a reverse proxy to Prosody's BOSH endpoint under your pods domain on the path <tt>/http-bind</tt> is a good idea too (check the [https://wiki.diasporafoundation.org/Vines#Browser_blocks_mixed-content examples on Vines page]). If you have done so, set the <tt>proxy</tt> setting in <tt>diaspora.yml</tt> to <tt>true</tt> and add <tt>consider_bosh_secure = true</tt> to your Prosody configuration.<br />
<br />
* If you want to improve the experience of your users when connecting from mobile devices, install [https://wiki.debian.org/InstallingProsody#Useful_Modules_.28Mobile_support.29 modules listed on Debian's Prosody Installation guide].<br />
<br />
* If you want to allow users to connect via HTTPS port (443) to bypass restrictive firewalls, follow [https://wiki.debian.org/InstallingProsody#XMPP_over_HTTPS steps documented at Debian's Prosody Installation guide].<br />
<br />
== Restart Prosody ==<br />
<br />
To complete the setup, just restart Prosody.<br />
<br />
= Testing =<br />
<br />
Just use your favorite XMPP client to connect to your pod using your regular Diaspora account and password.<br />
<br />
[[Category:Podmin]]</div>Pravshttps://wiki.diasporafoundation.org/wiki/index.php?title=Integration/XMPP/Prosody&diff=4110Integration/XMPP/Prosody2015-05-28T13:20:36Z<p>Pravs: add link to debian specific instructions on debian wiki</p>
<hr />
<div>= Integrating Prosody with Diaspora =<br />
<br />
Here you will find all you need to install and set up a Prosody XMPP server integrated with your Diaspora user database.<br />
This guide was tested using Debian 7 and Archlinux, but it will probably work well for all GNU distributions. <br />
There are several steps and configurations you will need to perform, so read the instructions carefully.<br />
<br />
'''See debian specific instructions at https://wiki.debian.org/Diaspora/XMPP'''<br />
<br />
= Understanding =<br />
<br />
The main goal is to set up Prosody to be capable of comparing the password received by the XMPP client with the hashed password stored on your pod's Diaspora database.<br />
Diasporas password hash is done using <tt>bcrypt</tt>, so we need to extend Prosody to do the same with the received password. To do so, we need to install a modified version of the [https://code.google.com/p/prosody-modules/wiki/mod_auth_sql - <tt>mod_auth_sql</tt>] module, available below.<br />
<br />
Since authentication methods can be set per host, you can use an existing Prosody instance with access to Diasporas database.<br />
<br />
You can also pull in Diaspora contacts into the roster. They will only be updated on signing into the XMPP account and all modifications to them from the XMPP side will be lost.<br />
<br />
= Prosody =<br />
<br />
If you haven't yet, install Prosody. This setup was tested against 0.9.4 and is known to be incompatible with the 0.8 series.<br />
Follow the instructions described on their [http://prosody.im/download/start official site].<br />
<br />
Once Prosody is installed, you can proceed.<br />
<br />
== Install bcrypt Lua library ==<br />
<br />
Lua or Prosody don't ship with the bcrypt library. If it isn't in your repositories, you can install it with the following command:<br />
<br />
<syntaxhighlight lang="bash"><br />
luarocks install bcrypt<br />
</syntaxhighlight><br />
<br />
Prosody still depends on Lua 5.1, if your distribution is already on Lua 5.2 you may need to change the command to <tt>luarocks-5.1</tt> or something similar.<br />
<br />
== Changes in <tt>prosody.cfg.lua</tt> ==<br />
<br />
There are a couple of required changes to your <tt>prosody.cfg.lua</tt>.<br />
<br />
=== Plugin path ===<br />
<br />
Since we're going to install a new module, you should pick a location where you want to store it, for example <tt>/etc/prosody/modules</tt>.<br />
Then tell Prosody to look for modules there: <br />
<br />
<syntaxhighlight lang="lua"><br />
plugin_paths = { "/etc/prosody/modules" }<br />
</syntaxhighlight><br />
<br />
Don't worry, Prosody will continue looking for modules in the standard location.<br />
<br />
Now download the module to your machine:<br />
<br />
<syntaxhighlight lang="bash"><br />
curl https://gist.githubusercontent.com/jhass/948e8e8d87b9143f97ad/raw/mod_auth_diaspora.lua > /etc/prosody/modules/mod_auth_diaspora.lua<br />
curl https://gist.githubusercontent.com/jhass/948e8e8d87b9143f97ad/raw/mod_diaspora_contacts.lua > /etc/prosody/modules/mod_diaspora_contacts.lua<br />
</syntaxhighlight><br />
<br />
=== Add a virtual host for your pod ===<br />
<br />
<syntaxhighlight lang="lua"><br />
VirtualHost "yourpod.example.org"<br />
authentication = "diaspora"<br />
-- Uncomment and adjust username and password for MySQL/MariaDB<br />
--auth_diaspora = { driver = "MySQL", database = "diaspora_production", username = "diaspora", password = "pass", host = "localhost" }<br />
-- Uncomment and adjust username and password for PostgreSQL<br />
--auth_diaspora = { driver = "PostgreSQL", database = "diaspora_production", username = "diaspora", password = "pass", host = "localhost" }<br />
<br />
modules_enabled = {<br />
"diaspora_contacts";<br />
};<br />
</syntaxhighlight><br />
<br />
Replace <tt>yourpod.example.org</tt> with your pod's domain and adjust the username and password for the database connection. This is very important!<br />
<br />
Read in [http://prosody.im/doc/dns Prosodys official documentation] on how to correctly update your nameserver records afterwards.<br />
Also read about setting up the right [http://prosody.im/doc/certificates certificates] for your host.<br />
<br />
=== Other recommendations ===<br />
<br />
Since we have to transmit the password in plaintext to the server, we strongly recommend to require encryption:<br />
<br />
<syntaxhighlight lang="lua"><br />
c2s_require_encryption = true<br />
</syntaxhighlight><br />
<br />
== Restart Prosody ==<br />
<br />
To complete the setup, just restart Prosody.<br />
<br />
= Testing =<br />
<br />
Just use your favorite XMPP client to connect to your pod using your regular Diaspora account and password.<br />
<br />
[[Category:Podmin]]</div>Pravshttps://wiki.diasporafoundation.org/wiki/index.php?title=Installation/Debian/Buster&diff=4079Installation/Debian/Buster2015-05-06T10:16:25Z<p>Pravs: </p>
<hr />
<div>{{Note<br />
|You may also [https://wiki.debian.org/Diaspora#Jessie use diaspora-installer package], which is easier, but this method is not recommended yet.}}<br />
<br />
{{Installation/Head}}<br />
<br />
=== Install Packages ===<br />
<br />
As root run:<br />
<br />
{{#tag:syntaxhighlight|<br />
apt-get install build-essential libssl-dev libcurl4-openssl-dev libxml2-dev libxslt-dev imagemagick ghostscript git curl {{#switch: {{#var:DB}}|mysql=libmysqlclient-dev|postgres=libpq-dev|mariadb=libmariadbclient-dev}} libmagickwand-dev redis-server nodejs<br />
|lang=bash}}<br />
<br />
{{Installation/Debian/Common}}</div>Pravshttps://wiki.diasporafoundation.org/wiki/index.php?title=Installation/Debian/Buster&diff=4078Installation/Debian/Buster2015-05-06T10:07:51Z<p>Pravs: add a note about diaspora-installer</p>
<hr />
<div>{{Note<br />
|You may also [https://wiki.debian.org/Diaspora#Jessie use diaspora-installer package], which is easy, but this method is not recommended yet. See [https://www.loomio.org/d/gfBvObnT/promote-diaspora-installer-packages-on-wiki?proposal=zuGSx3bT discussion] for more details.}}<br />
<br />
{{Installation/Head}}<br />
<br />
=== Install Packages ===<br />
<br />
As root run:<br />
<br />
{{#tag:syntaxhighlight|<br />
apt-get install build-essential libssl-dev libcurl4-openssl-dev libxml2-dev libxslt-dev imagemagick ghostscript git curl {{#switch: {{#var:DB}}|mysql=libmysqlclient-dev|postgres=libpq-dev|mariadb=libmariadbclient-dev}} libmagickwand-dev redis-server nodejs<br />
|lang=bash}}<br />
<br />
{{Installation/Debian/Common}}</div>Pravshttps://wiki.diasporafoundation.org/wiki/index.php?title=Installation/Debian/Buster&diff=4062Installation/Debian/Buster2015-05-04T09:10:31Z<p>Pravs: add link to debian wiki</p>
<hr />
<div><br />
You can use diaspora-installer package for automated installation see [https://wiki.debian.org/Diaspora#Jessie steps on debian wiki]<br />
<br />
Note: Updates will need to be handled manually right now, automated updates support is planned.</div>Pravshttps://wiki.diasporafoundation.org/wiki/index.php?title=Installation/Debian&diff=4061Installation/Debian2015-05-04T09:07:15Z<p>Pravs: add jessie</p>
<hr />
<div><noinclude><br />
= Pick one =<br />
<br />
</noinclude><br />
* [[Installation/Debian/Jessie|Debian 8 (Jessie)]]<br />
* [[Installation/Debian/Wheezy|Debian 7 (Wheezy)]]<br />
* [[Installation/Debian/Squeeze|Debian 6 (Squeeze)]]<br />
<noinclude>{{Languages}}</noinclude><br />
[[Category:Podmin]]<br />
[[Category:Installation]]</div>Pravshttps://wiki.diasporafoundation.org/wiki/index.php?title=Installation/Linux&diff=3998Installation/Linux2015-03-30T12:08:49Z<p>Pravs: add Hamara Linux as having one step installation option</p>
<hr />
<div><div class="icon">[[File:Tux.png|link=|140px|]]</div><br />
<br />
=== Linux ===<br />
==== One step install (using diaspora-installer package) ====<br />
<br />
{{:Installation/Hamara}} (recommended for easy installation)<br />
<br />
==== Manual Installation ====<br />
{|<br />
! Ubuntu !! Debian !! Fedora !! CentOS !! Gentoo !! Arch !! openSUSE<br />
|-<br />
|<br />
{{:Installation/Ubuntu}}<br />
|<br />
{{:Installation/Debian}}<br />
|<br />
{{:Installation/Fedora}}<br />
|<br />
{{:Installation/CentOS}}<br />
|<br />
* [[Installation/Gentoo|Gentoo 12.1]]<br />
|<br />
* [[Installation/Arch|{{CURRENTYEAR}}.{{CURRENTMONTH}}.01]]<br />
|<br />
* [[Installation/openSUSE/13|OpenSUSE 13]]<br />
|}</div>Pravshttps://wiki.diasporafoundation.org/wiki/index.php?title=Installation/Hamara&diff=3997Installation/Hamara2015-03-30T12:07:28Z<p>Pravs: hamara installation command added</p>
<hr />
<div>Hamara Linux 1.0<br />
<br />
# apt-get install diaspora-installer<br />
<br />
Hamara Linux can be downloaded from http://hamaralinux.org<br />
<br />
[[Category:Podmin]]<br />
[[Category:Installation]]</div>Pravshttps://wiki.diasporafoundation.org/wiki/index.php?title=Alternative_startup_methods&diff=3812Alternative startup methods2015-01-06T07:12:50Z<p>Pravs: /* Init Scripts & Upstart */ debian installer init script added</p>
<hr />
<div>This page is for listing alternative methods for starting up the Diaspora service automatical or in some manner other than calling the ./script/start<br />
<br />
== Init Scripts & Upstart ==<br />
* [http://anonscm.debian.org/cgit/pkg-ruby-extras/diaspora-installer.git/tree/debian/diaspora-installer.init Init script of debian-installer package]<br />
<br />
Sample /etc/diaspora.conf required by the init script is given below<br />
<br />
<code><pre><br />
export SERVERNAME=localhost<br />
export ENVIRONMENT_URL=https://localhost<br />
export RAILS_ENV=production<br />
export DB=postgres</pre></code><br />
<br />
* <del>[https://github.com/netom/diaspora-init diaspora-init on Github by netom]</del> [https://github.com/ur5/diaspora-init fork of dead repo]<br />
* [https://github.com/jhass/old_diaspora_wiki/blob/master/Init-script-for-diaspora.md Init Script on OLD github page for diaspora]<br />
* [http://stackoverflow.com/questions/9122488/how-to-allow-diaspora-to-start-when-server-boot-up Stack Overflow Ubuntu init script]<br />
<br />
== systemd ==<br />
* [https://github.com/jhass/diaspora/blob/old_systemd/diaspora.service Old systemd unit starting script/server]<br />
* [https://github.com/jhass/diaspora/tree/systemd/systemd modular systemd units] (running puma instead of unicorn)<br />
<br />
== daemontools ==<br />
* [https://github.com/jhass/diaspora/tree/daemontools/daemontools Unmaintained scripts to start foreman directly]<br />
<br />
== god ==<br />
* [https://github.com/despora/diaspora/blob/despora/script/diaspora.god Despora god config]<br />
* [https://github.com/diasporg/diaspora/blob/master/script/diaspora.god diasp.org god config]</div>Pravs