From 23216f743cd36bd72087565fe87332d910424bb2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20F=C3=BCrmann?= Date: Sun, 4 Mar 2018 21:58:08 +0100 Subject: [PATCH] Setup routine for prosody --- .../mod_auth_external/authenticate_isp.sh | 0 .../mod_auth_external/db_auth.php | 0 .../mod_auth_external/db_conf.inc.php | 0 .../mod_auth_external/db_isuser.php | 0 .../mod_auth_external/mod_auth_external.lua | 0 .../mod_discoitems.lua | 0 .../mod_webpresence/icons/status_away.png | Bin .../mod_webpresence/icons/status_chat.png | Bin .../mod_webpresence/icons/status_dnd.png | Bin .../mod_webpresence/icons/status_offline.png | Bin .../mod_webpresence/icons/status_online.png | Bin .../mod_webpresence/icons/status_xa.png | Bin .../mod_webpresence/mod_webpresence.lua | 0 install/dist/conf/debian60.conf.php | 13 +- install/dist/conf/debian90.conf.php | 13 +- install/dist/conf/debiantesting.conf.php | 13 +- install/dist/conf/ubuntu1604.conf.php | 13 +- install/dist/conf/ubuntu1710.conf.php | 13 +- install/install.php | 22 ++- install/lib/installer_base.lib.php | 134 ++++++++++++++++-- install/lib/update.lib.php | 2 + install/tpl/server.ini.master | 3 +- ...ster => xmpp_metronome_conf_global.master} | 0 ...master => xmpp_metronome_conf_main.master} | 0 ....master => xmpp_metronome_conf_ssl.master} | 0 install/tpl/xmpp_prosody_conf_global.master | 92 ++++++++++++ install/tpl/xmpp_prosody_conf_main.master | 4 + install/tpl/xmpp_prosody_conf_ssl.master | 48 +++++++ install/tpl/xmpp_prosody_conf_storage.master | 9 ++ install/update.php | 12 +- .../web/admin/form/server_config.tform.php | 6 + .../web/admin/lib/lang/de_server_config.lng | 1 + .../web/admin/lib/lang/en_server_config.lng | 1 + .../templates/server_config_xmpp_edit.htm | 7 +- server/plugins-available/xmpp_plugin.inc.php | 8 +- 35 files changed, 380 insertions(+), 34 deletions(-) rename install/apps/{metronome_libs => xmpp_libs}/mod_auth_external/authenticate_isp.sh (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_auth_external/db_auth.php (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_auth_external/db_conf.inc.php (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_auth_external/db_isuser.php (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_auth_external/mod_auth_external.lua (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_discoitems.lua (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_webpresence/icons/status_away.png (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_webpresence/icons/status_chat.png (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_webpresence/icons/status_dnd.png (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_webpresence/icons/status_offline.png (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_webpresence/icons/status_online.png (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_webpresence/icons/status_xa.png (100%) rename install/apps/{metronome_libs => xmpp_libs}/mod_webpresence/mod_webpresence.lua (100%) rename install/tpl/{metronome_conf_global.master => xmpp_metronome_conf_global.master} (100%) rename install/tpl/{metronome_conf_main.master => xmpp_metronome_conf_main.master} (100%) rename install/tpl/{metronome_conf_ssl.master => xmpp_metronome_conf_ssl.master} (100%) create mode 100644 install/tpl/xmpp_prosody_conf_global.master create mode 100644 install/tpl/xmpp_prosody_conf_main.master create mode 100644 install/tpl/xmpp_prosody_conf_ssl.master create mode 100644 install/tpl/xmpp_prosody_conf_storage.master diff --git a/install/apps/metronome_libs/mod_auth_external/authenticate_isp.sh b/install/apps/xmpp_libs/mod_auth_external/authenticate_isp.sh similarity index 100% rename from install/apps/metronome_libs/mod_auth_external/authenticate_isp.sh rename to install/apps/xmpp_libs/mod_auth_external/authenticate_isp.sh diff --git a/install/apps/metronome_libs/mod_auth_external/db_auth.php b/install/apps/xmpp_libs/mod_auth_external/db_auth.php similarity index 100% rename from install/apps/metronome_libs/mod_auth_external/db_auth.php rename to install/apps/xmpp_libs/mod_auth_external/db_auth.php diff --git a/install/apps/metronome_libs/mod_auth_external/db_conf.inc.php b/install/apps/xmpp_libs/mod_auth_external/db_conf.inc.php similarity index 100% rename from install/apps/metronome_libs/mod_auth_external/db_conf.inc.php rename to install/apps/xmpp_libs/mod_auth_external/db_conf.inc.php diff --git a/install/apps/metronome_libs/mod_auth_external/db_isuser.php b/install/apps/xmpp_libs/mod_auth_external/db_isuser.php similarity index 100% rename from install/apps/metronome_libs/mod_auth_external/db_isuser.php rename to install/apps/xmpp_libs/mod_auth_external/db_isuser.php diff --git a/install/apps/metronome_libs/mod_auth_external/mod_auth_external.lua b/install/apps/xmpp_libs/mod_auth_external/mod_auth_external.lua similarity index 100% rename from install/apps/metronome_libs/mod_auth_external/mod_auth_external.lua rename to install/apps/xmpp_libs/mod_auth_external/mod_auth_external.lua diff --git a/install/apps/metronome_libs/mod_discoitems.lua b/install/apps/xmpp_libs/mod_discoitems.lua similarity index 100% rename from install/apps/metronome_libs/mod_discoitems.lua rename to install/apps/xmpp_libs/mod_discoitems.lua diff --git a/install/apps/metronome_libs/mod_webpresence/icons/status_away.png b/install/apps/xmpp_libs/mod_webpresence/icons/status_away.png similarity index 100% rename from install/apps/metronome_libs/mod_webpresence/icons/status_away.png rename to install/apps/xmpp_libs/mod_webpresence/icons/status_away.png diff --git a/install/apps/metronome_libs/mod_webpresence/icons/status_chat.png b/install/apps/xmpp_libs/mod_webpresence/icons/status_chat.png similarity index 100% rename from install/apps/metronome_libs/mod_webpresence/icons/status_chat.png rename to install/apps/xmpp_libs/mod_webpresence/icons/status_chat.png diff --git a/install/apps/metronome_libs/mod_webpresence/icons/status_dnd.png b/install/apps/xmpp_libs/mod_webpresence/icons/status_dnd.png similarity index 100% rename from install/apps/metronome_libs/mod_webpresence/icons/status_dnd.png rename to install/apps/xmpp_libs/mod_webpresence/icons/status_dnd.png diff --git a/install/apps/metronome_libs/mod_webpresence/icons/status_offline.png b/install/apps/xmpp_libs/mod_webpresence/icons/status_offline.png similarity index 100% rename from install/apps/metronome_libs/mod_webpresence/icons/status_offline.png rename to install/apps/xmpp_libs/mod_webpresence/icons/status_offline.png diff --git a/install/apps/metronome_libs/mod_webpresence/icons/status_online.png b/install/apps/xmpp_libs/mod_webpresence/icons/status_online.png similarity index 100% rename from install/apps/metronome_libs/mod_webpresence/icons/status_online.png rename to install/apps/xmpp_libs/mod_webpresence/icons/status_online.png diff --git a/install/apps/metronome_libs/mod_webpresence/icons/status_xa.png b/install/apps/xmpp_libs/mod_webpresence/icons/status_xa.png similarity index 100% rename from install/apps/metronome_libs/mod_webpresence/icons/status_xa.png rename to install/apps/xmpp_libs/mod_webpresence/icons/status_xa.png diff --git a/install/apps/metronome_libs/mod_webpresence/mod_webpresence.lua b/install/apps/xmpp_libs/mod_webpresence/mod_webpresence.lua similarity index 100% rename from install/apps/metronome_libs/mod_webpresence/mod_webpresence.lua rename to install/apps/xmpp_libs/mod_webpresence/mod_webpresence.lua diff --git a/install/dist/conf/debian60.conf.php b/install/dist/conf/debian60.conf.php index a7ea136456..c5fe9fa7f4 100644 --- a/install/dist/conf/debian60.conf.php +++ b/install/dist/conf/debian60.conf.php @@ -227,8 +227,17 @@ $conf['cron']['crontab_dir'] = '/etc/cron.d'; $conf['cron']['wget'] = '/usr/bin/wget'; //* Metronome XMPP -$conf['xmpp']['installed'] = false; -$conf['xmpp']['init_script'] = 'metronome'; +$conf['metronome']['installed'] = false; +$conf['metronome']['init_script'] = 'metronome'; +$conf['metronome']['initial_modules'] = 'saslauth, tls, dialback, disco, discoitems, version, uptime, time, ping, admin_adhoc, admin_telnet, bosh, posix, announce, offline, webpresence, mam, stream_management, message_carbons'; + +//* Prosody XMPP +$conf['prosody']['installed'] = false; +$conf['prosody']['init_script'] = 'prosody'; +$conf['prosody']['storage_database'] = 'prosody'; +$conf['prosody']['storage_user'] = 'prosody'; +$conf['prosody']['storage_password'] = md5(uniqid(rand())); +$conf['prosody']['initial_modules'] = 'roster, saslauth, tls, dialback, disco, carbons, pep, private, blocklist, vcard, version, uptime, time, ping, admin_adhoc, mam, bosh, websocket, http_files, announce, proxy65, offline, posix, webpresence'; ?> diff --git a/install/dist/conf/debian90.conf.php b/install/dist/conf/debian90.conf.php index 7b3c2e365c..4591ab5e3e 100644 --- a/install/dist/conf/debian90.conf.php +++ b/install/dist/conf/debian90.conf.php @@ -227,7 +227,16 @@ $conf['cron']['crontab_dir'] = '/etc/cron.d'; $conf['cron']['wget'] = '/usr/bin/wget'; //* Metronome XMPP -$conf['xmpp']['installed'] = false; -$conf['xmpp']['init_script'] = 'metronome'; +$conf['metronome']['installed'] = false; +$conf['metronome']['init_script'] = 'metronome'; +$conf['metronome']['initial_modules'] = 'saslauth, tls, dialback, disco, discoitems, version, uptime, time, ping, admin_adhoc, admin_telnet, bosh, posix, announce, offline, webpresence, mam, stream_management, message_carbons'; + +//* Prosody XMPP +$conf['prosody']['installed'] = false; +$conf['prosody']['init_script'] = 'prosody'; +$conf['prosody']['storage_database'] = 'prosody'; +$conf['prosody']['storage_user'] = 'prosody'; +$conf['prosody']['storage_password'] = md5(uniqid(rand())); +$conf['prosody']['initial_modules'] = 'roster, saslauth, tls, dialback, disco, carbons, pep, private, blocklist, vcard, version, uptime, time, ping, admin_adhoc, mam, bosh, websocket, http_files, announce, proxy65, offline, posix, webpresence'; ?> diff --git a/install/dist/conf/debiantesting.conf.php b/install/dist/conf/debiantesting.conf.php index fdf8310918..44bc26445a 100644 --- a/install/dist/conf/debiantesting.conf.php +++ b/install/dist/conf/debiantesting.conf.php @@ -227,8 +227,17 @@ $conf['cron']['crontab_dir'] = '/etc/cron.d'; $conf['cron']['wget'] = '/usr/bin/wget'; //* Metronome XMPP -$conf['xmpp']['installed'] = false; -$conf['xmpp']['init_script'] = 'metronome'; +$conf['metronome']['installed'] = false; +$conf['metronome']['init_script'] = 'metronome'; +$conf['metronome']['initial_modules'] = 'saslauth, tls, dialback, disco, discoitems, version, uptime, time, ping, admin_adhoc, admin_telnet, bosh, posix, announce, offline, webpresence, mam, stream_management, message_carbons'; + +//* Prosody XMPP +$conf['prosody']['installed'] = false; +$conf['prosody']['init_script'] = 'prosody'; +$conf['prosody']['storage_database'] = 'prosody'; +$conf['prosody']['storage_user'] = 'prosody'; +$conf['prosody']['storage_password'] = md5(uniqid(rand())); +$conf['prosody']['initial_modules'] = 'roster, saslauth, tls, dialback, disco, carbons, pep, private, blocklist, vcard, version, uptime, time, ping, admin_adhoc, mam, bosh, websocket, http_files, announce, proxy65, offline, posix, webpresence'; ?> diff --git a/install/dist/conf/ubuntu1604.conf.php b/install/dist/conf/ubuntu1604.conf.php index a903bacfc3..0c0588a06f 100644 --- a/install/dist/conf/ubuntu1604.conf.php +++ b/install/dist/conf/ubuntu1604.conf.php @@ -227,8 +227,17 @@ $conf['cron']['crontab_dir'] = '/etc/cron.d'; $conf['cron']['wget'] = '/usr/bin/wget'; //* Metronome XMPP -$conf['xmpp']['installed'] = false; -$conf['xmpp']['init_script'] = 'metronome'; +$conf['metronome']['installed'] = false; +$conf['metronome']['init_script'] = 'metronome'; +$conf['metronome']['initial_modules'] = 'saslauth, tls, dialback, disco, discoitems, version, uptime, time, ping, admin_adhoc, admin_telnet, bosh, posix, announce, offline, webpresence, mam, stream_management, message_carbons'; + +//* Prosody XMPP +$conf['prosody']['installed'] = false; +$conf['prosody']['init_script'] = 'prosody'; +$conf['prosody']['storage_database'] = 'prosody'; +$conf['prosody']['storage_user'] = 'prosody'; +$conf['prosody']['storage_password'] = md5(uniqid(rand())); +$conf['prosody']['initial_modules'] = 'roster, saslauth, tls, dialback, disco, carbons, pep, private, blocklist, vcard, version, uptime, time, ping, admin_adhoc, mam, bosh, websocket, http_files, announce, proxy65, offline, posix, webpresence'; ?> diff --git a/install/dist/conf/ubuntu1710.conf.php b/install/dist/conf/ubuntu1710.conf.php index 0c87005910..af74dc551c 100644 --- a/install/dist/conf/ubuntu1710.conf.php +++ b/install/dist/conf/ubuntu1710.conf.php @@ -223,8 +223,17 @@ $conf['cron']['crontab_dir'] = '/etc/cron.d'; $conf['cron']['wget'] = '/usr/bin/wget'; //* Metronome XMPP -$conf['xmpp']['installed'] = false; -$conf['xmpp']['init_script'] = 'metronome'; +$conf['metronome']['installed'] = false; +$conf['metronome']['init_script'] = 'metronome'; +$conf['metronome']['initial_modules'] = 'saslauth, tls, dialback, disco, discoitems, version, uptime, time, ping, admin_adhoc, admin_telnet, bosh, posix, announce, offline, webpresence, mam, stream_management, message_carbons'; + +//* Prosody XMPP +$conf['prosody']['installed'] = false; +$conf['prosody']['init_script'] = 'prosody'; +$conf['prosody']['storage_database'] = 'prosody'; +$conf['prosody']['storage_user'] = 'prosody'; +$conf['prosody']['storage_password'] = md5(uniqid(rand())); +$conf['prosody']['initial_modules'] = 'roster, saslauth, tls, dialback, disco, carbons, pep, private, blocklist, vcard, version, uptime, time, ping, admin_adhoc, mam, bosh, websocket, http_files, announce, proxy65, offline, posix, webpresence'; ?> diff --git a/install/install.php b/install/install.php index 7e0bf50519..dfbd40d757 100644 --- a/install/install.php +++ b/install/install.php @@ -517,12 +517,20 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Configure Fire } } -//* Configure XMPP -$force = @($conf['xmpp']['installed']) ? true : $inst->force_configure_app('Metronome XMPP Server', ($install_mode == 'expert')); -if($force) { - swriteln('Configuring Metronome XMPP Server'); - $inst->configure_xmpp(); - $conf['services']['xmpp'] = true; +if($install_mode == 'standard' || strtolower($inst->simple_query('Configure XMPP Server', array('y', 'n') , 'y','configure_xmpp') ) == 'y') { +//* Configure XMPP Metronome + if ($conf['metronome']['installed']) { + swriteln('Configuring Metronome XMPP Server'); + $inst->configure_metronome(); + $conf['services']['xmpp'] = true; + } + +//* Configure XMPP Prosody + if ($conf['prosody']['installed']) { + swriteln('Configuring Prosody XMPP Server'); + $inst->configure_prosody(); + $conf['services']['xmpp'] = true; + } } //* Configure Fail2ban @@ -630,7 +638,7 @@ if($conf['bind']['installed'] == true && $conf['bind']['init_script'] != '') sys //if($conf['squid']['installed'] == true && $conf['squid']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['squid']['init_script'])) system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null'); if($conf['nginx']['installed'] == true && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'restart').' &> /dev/null'); if($conf['ufw']['installed'] == true && $conf['ufw']['init_script'] != '') system($inst->getinitcommand($conf['ufw']['init_script'], 'restart').' &> /dev/null'); -if($conf['xmpp']['installed'] == true && $conf['xmpp']['init_script'] != '') system($inst->getinitcommand($conf['xmpp']['init_script'], 'restart').' &> /dev/null'); +if($conf['metronome']['installed'] == true && $conf['metronome']['init_script'] != '') system($inst->getinitcommand($conf['metronome']['init_script'], 'restart').' &> /dev/null'); //* test tRNG if($conf['tRNG']) tRNG(); diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php index 6136044fd2..c4df65007b 100644 --- a/install/lib/installer_base.lib.php +++ b/install/lib/installer_base.lib.php @@ -179,7 +179,8 @@ class installer_base { } if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true; if(is_installed('vzctl')) $conf['openvz']['installed'] = true; - if(is_installed('metronome') && is_installed('metronomectl')) $conf['xmpp']['installed'] = true; + if(is_installed('metronome') && is_installed('metronomectl')) $conf['metronome']['installed'] = true; + if(is_installed('prosody') && is_installed('prosodyctl')) $conf['prosody']['installed'] = true; if(is_installed('spamassassin')) $conf['spamassassin']['installed'] = true; // if(is_installed('vlogger')) $conf['vlogger']['installed'] = true; // ISPConfig ships with vlogger, so it is always installed. @@ -333,6 +334,9 @@ class installer_base { $tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port']; $tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir']; + $tpl_ini_array['xmpp']['xmpp_daemon'] = ($conf['metronome']['installed'] == true)?'metronome':'prosody'; + $tpl_ini_array['xmpp']['xmpp_modules_enabled'] = $conf[$tpl_ini_array['xmpp']['xmpp_daemon']]['initial_modules']; + if ($conf['nginx']['installed'] == true) { $tpl_ini_array['web']['server_type'] = 'nginx'; $tpl_ini_array['global']['webserver'] = 'nginx'; @@ -1712,10 +1716,10 @@ class installer_base { } - public function configure_xmpp($options = '') { + public function configure_metronome($options = '') { global $conf; - if($conf['xmpp']['installed'] == false) return; + if($conf['metronome']['installed'] == false) return; //* Create the logging directory for xmpp server if(!@is_dir('/var/log/metronome')) mkdir('/var/log/metronome', 0755, true); chown('/var/log/metronome', 'metronome'); @@ -1730,18 +1734,18 @@ class installer_base { $row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ?", $conf["server_id"]); $server_name = $row["server_name"]; - $tpl = new tpl('metronome_conf_main.master'); + $tpl = new tpl('xmpp_metronome_conf_main.master'); wf('/etc/metronome/metronome.cfg.lua', $tpl->grab()); unset($tpl); - $tpl = new tpl('metronome_conf_global.master'); + $tpl = new tpl('xmpp_metronome_conf_global.master'); $tpl->setVar('xmpp_admins',''); wf('/etc/metronome/global.cfg.lua', $tpl->grab()); unset($tpl); // Copy isp libs if(!@is_dir('/usr/lib/metronome/isp-modules')) mkdir('/usr/lib/metronome/isp-modules', 0755, true); - caselog('cp -rf apps/metronome_libs/* /usr/lib/metronome/isp-modules/', __FILE__, __LINE__); + caselog('cp -rf apps/xmpp_libs/* /usr/lib/metronome/isp-modules/', __FILE__, __LINE__); caselog('chmod 755 /usr/lib/metronome/isp-modules/mod_auth_external/authenticate_isp.sh', __FILE__, __LINE__); // Process db config $full_file_name = '/usr/lib/metronome/isp-modules/mod_auth_external/db_conf.inc.php'; @@ -1764,7 +1768,7 @@ class installer_base { $ssl_domain = $this->free_query('Common Name (e.g. server FQDN or YOUR name)', $conf['hostname'],'ssl_cert_common_name'); $ssl_email = $this->free_query('Email Address', 'hostmaster@'.$conf['hostname'],'ssl_cert_email'); - $tpl = new tpl('metronome_conf_ssl.master'); + $tpl = new tpl('xmpp_metronome_conf_ssl.master'); $tpl->setVar('ssl_country',$ssl_country); $tpl->setVar('ssl_locality',$ssl_locality); $tpl->setVar('ssl_organisation',$ssl_organisation); @@ -1801,9 +1805,123 @@ class installer_base { caselog('chmod u+x /etc/init.d/metronome', __FILE__, __LINE__); caselog('update-rc.d metronome defaults', __FILE__, __LINE__); - exec($this->getinitcommand($conf['xmpp']['init_script'], 'restart')); + exec($this->getinitcommand($conf['metronome']['init_script'], 'restart')); } + public function configure_prosody($options = '') { + global $conf; + + if($conf['prosody']['installed'] == false) return; + //* Create the logging directory for xmpp server + if(!@is_dir('/var/log/prosody')) mkdir('/var/log/prosody', 0755, true); + chown('/var/log/prosody', 'prosody'); + if(!@is_dir('/var/run/prosody')) mkdir('/var/run/prosody', 0755, true); + chown('/var/run/prosody', 'prosody'); + if(!@is_dir('/var/lib/prosody')) mkdir('/var/lib/prosody', 0755, true); + chown('/var/lib/prosody', 'prosody'); + if(!@is_dir('/etc/prosody/hosts')) mkdir('/etc/prosody/hosts', 0755, true); + if(!@is_dir('/etc/prosody/status')) mkdir('/etc/prosody/status', 0755, true); + unlink('/etc/prosody/prosody.cfg.lua'); + + $tpl = new tpl('xmpp_prosody_conf_main.master'); + wf('/etc/prosody/prosody.cfg.lua', $tpl->grab()); + unset($tpl); + + $tpl = new tpl('xmpp_prosody_conf_global.master'); + $tpl->setVar('main_host', $conf['hostname']); + $tpl->setVar('xmpp_admins',''); + wf('/etc/prosody/global.cfg.lua', $tpl->grab()); + unset($tpl); + + //** Create the database + if(!$this->db->query('CREATE DATABASE IF NOT EXISTS ?? DEFAULT CHARACTER SET ?', $conf['prosody']['storage_database'], $conf['mysql']['charset'])) { + $this->error('Unable to create MySQL database: '.$conf['prosody']['storage_database'].'.'); + } + if($conf['mysql']['host'] == 'localhost') { + $from_host = 'localhost'; + } else { + $from_host = $conf['hostname']; + } + $this->dbmaster->query("CREATE USER ?@? IDENTIFIED BY ?", $conf['prosody']['storage_user'], $from_host, $conf['prosody']['storage_password']); // ignore the error + $query = 'GRANT ALL PRIVILEGES ON ?? TO ?@? IDENTIFIED BY ?'; + if(!$this->db->query($query, $conf['prosody']['storage_database'] . ".*", $conf['prosody']['storage_user'], $from_host, $conf['prosody']['storage_password'])) { + $this->error('Unable to create database user: '.$conf['prosody']['storage_user'].' Error: '.$this->db->errorMessage); + } + + + + $tpl = new tpl('xmpp_prosody_conf_storage.master'); + $tpl->setVar('db_name', $conf['prosody']['storage_database']); + $tpl->setVar('db_host', $conf['mysql']['host']); + $tpl->setVar('db_port', $conf['mysql']['port']); + $tpl->setVar('db_username', $conf['prosody']['storage_user']); + $tpl->setVar('db_password', $conf['prosody']['storage_password']); + wf('/etc/prosody/storage.cfg.lua', $tpl->grab()); + unset($tpl); + + + // Copy isp libs + if(!@is_dir('/usr/local/lib/prosody/auth')) mkdir('/usr/local/lib/prosody/auth', 0755, true); + caselog('cp -rf apps/xmpp_libs/mod_auth_external/db_* /usr/local/lib/prosody/auth/', __FILE__, __LINE__); + caselog('cp -rf apps/xmpp_libs/mod_auth_external/authenticate_isp.sh /usr/local/lib/prosody/auth/', __FILE__, __LINE__); + caselog('chmod 755 /usr/local/lib/prosody/auth/authenticate_isp.sh', __FILE__, __LINE__); + + // Process db config + $full_file_name = '/usr/local/lib/prosody/auth/db_conf.inc.php'; + $content = rf($full_file_name); + $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); + $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); + $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); + $content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content); + $content = str_replace('{server_id}', $conf['server_id'], $content); + wf($full_file_name, $content); + + if(!stristr($options, 'dont-create-certs')){ + // Create SSL Certificate for localhost + // Ensure no line is left blank + echo "writing new private key to 'localhost.key'\n-----\n"; + $ssl_country = $this->free_query('Country Name (2 letter code)', 'AU','ssl_cert_country'); + $ssl_locality = $this->free_query('Locality Name (eg, city)', 'City Name','ssl_cert_locality'); + $ssl_organisation = $this->free_query('Organization Name (eg, company)', 'Internet Widgits Pty Ltd','ssl_cert_organisation'); + $ssl_organisation_unit = $this->free_query('Organizational Unit Name (eg, section)', 'Infrastructure','ssl_cert_organisation_unit'); + $ssl_domain = $this->free_query('Common Name (e.g. server FQDN or YOUR name)', $conf['hostname'],'ssl_cert_common_name'); + $ssl_email = $this->free_query('Email Address', 'hostmaster@'.$conf['hostname'],'ssl_cert_email'); + + $tpl = new tpl('xmpp_prosody_conf_ssl.master'); + $tpl->setVar('ssl_country',$ssl_country); + $tpl->setVar('ssl_locality',$ssl_locality); + $tpl->setVar('ssl_organisation',$ssl_organisation); + $tpl->setVar('ssl_organisation_unit',$ssl_organisation_unit); + $tpl->setVar('domain',$ssl_domain); + $tpl->setVar('ssl_email',$ssl_email); + wf('/etc/prosody/certs/localhost.cnf', $tpl->grab()); + unset($tpl); + // Generate new key, csr and cert + exec("(cd /etc/prosody/certs && make localhost.key)"); + exec("(cd /etc/prosody/certs && make localhost.csr)"); + exec("(cd /etc/prosody/certs && make localhost.crt)"); + exec('chmod 0400 /etc/prosody/certs/localhost.key'); + exec('chown prosody /etc/prosody/certs/localhost.key'); + + echo "IMPORTANT:\n"; + echo "Localhost Key, Csr and a self-signed Cert have been saved to /etc/prosody/certs\n"; + echo "In order to work with all clients, the server must have a trusted certificate, so use the Csr\n"; + echo "to get a trusted certificate from your CA or replace Key and Cert with already signed files for\n"; + echo "your domain. Clients like Pidgin dont allow to use untrusted self-signed certificates.\n"; + echo "\n"; + + }else{ + /* + echo "-----\n"; + echo "Prosody XMPP SSL server certificate is not renewed. Run the following command manual as root to recreate it:\n"; + echo "# (cd /etc/prosody/certs && make localhost.key && make localhost.csr && make localhost.cert && chmod 0400 localhost.key && chown prosody localhost.key)\n"; + echo "-----\n"; + */ + } + + exec($this->getinitcommand($conf['prosody']['init_script'], 'restart')); + } + public function configure_apache() { global $conf; diff --git a/install/lib/update.lib.php b/install/lib/update.lib.php index 4611c7bf32..23a4e76cc3 100644 --- a/install/lib/update.lib.php +++ b/install/lib/update.lib.php @@ -345,6 +345,8 @@ function updateDbAndIni() { $tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port']; $tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir']; + $tpl_ini_array['xmpp']['xmpp_daemon'] = ($conf['metronome']['installed'] == true)?'metronome':'prosody'; + if ($conf['nginx']['installed'] == true) { $tpl_ini_array['web']['server_type'] = 'nginx'; $tpl_ini_array['global']['webserver'] = 'nginx'; diff --git a/install/tpl/server.ini.master b/install/tpl/server.ini.master index b0454cdfd8..163e4c13fd 100644 --- a/install/tpl/server.ini.master +++ b/install/tpl/server.ini.master @@ -154,9 +154,10 @@ do_not_try_rescue_mysql=n do_not_try_rescue_mail=n [xmpp] +xmpp_daemon=prosody xmpp_use_ispv6=n xmpp_bosh_max_inactivity=30 -xmpp_server_admins=admin@service.com, superuser@service.com +xmpp_server_admins= xmpp_modules_enabled=saslauth, tls, dialback, disco, discoitems, version, uptime, time, ping, admin_adhoc, admin_telnet, bosh, posix, announce, offline, webpresence, mam, stream_management, message_carbons xmpp_port_http=5290 xmpp_port_https=5291 diff --git a/install/tpl/metronome_conf_global.master b/install/tpl/xmpp_metronome_conf_global.master similarity index 100% rename from install/tpl/metronome_conf_global.master rename to install/tpl/xmpp_metronome_conf_global.master diff --git a/install/tpl/metronome_conf_main.master b/install/tpl/xmpp_metronome_conf_main.master similarity index 100% rename from install/tpl/metronome_conf_main.master rename to install/tpl/xmpp_metronome_conf_main.master diff --git a/install/tpl/metronome_conf_ssl.master b/install/tpl/xmpp_metronome_conf_ssl.master similarity index 100% rename from install/tpl/metronome_conf_ssl.master rename to install/tpl/xmpp_metronome_conf_ssl.master diff --git a/install/tpl/xmpp_prosody_conf_global.master b/install/tpl/xmpp_prosody_conf_global.master new file mode 100644 index 0000000000..fb2d15c761 --- /dev/null +++ b/install/tpl/xmpp_prosody_conf_global.master @@ -0,0 +1,92 @@ +plugin_paths = { + "/usr/local/lib/prosody/modules", +}; +use_libevent = true; +log = { + -- debug = "/var/log/prosody/prosody.dbg", + info = "/var/log/prosody/prosody.log", + error = "/var/log/prosody/prosody.err", + "syslog", +}; +use_ipv6 = true; +http_ports = { + 5290, +}; +https_ports = { + 5291, +}; +pastebin_ports = { + 5292, +}; +bosh_ports = { + 5280, +}; +admins = { + {tmpl_var xmpp_admins} +}; +modules_enabled = { + "roster", + "saslauth", + "tls", + "dialback", + "disco", + "carbons", + "pep", + "private", + "blocklist", + "vcard", + "version", + "uptime", + "time", + "ping", + "admin_adhoc", + "mam", + "bosh", + "websocket", + "http_files", + "announce", + "proxy65", + "offline", + "posix", + -- community modules + "webpresence", + + + -- ?? + -- "discoitems", + -- "admin_telnet", + -- + -- "stream_management", + -- "message_carbons" +}; +modules_disabled = { +}; + +allow_registration = false; +c2s_require_encryption = false; +s2s_require_encryption = true; +s2s_secure_auth = false; +s2s_insecure_domains = { + "gmail.com", +}; + +pidfile = "/var/run/prosody/prosody.pid"; + +authentication = "external"; + +archive_expires_after = "2w"; + +statistics = "internal"; + +certificates = "certs"; +bosh_max_inactivity = 60; +consider_bosh_secure = true; +cross_domain_bosh = true; + +ssl = { + key = "/etc/prosody/certs/localhost.key", + certificate = "/etc/prosody/certs/localhost.crt", +}; + +VirtualHost "{tmpl_var main_host}" + certificate = "/etc/prosody/certs/localhost.crt" diff --git a/install/tpl/xmpp_prosody_conf_main.master b/install/tpl/xmpp_prosody_conf_main.master new file mode 100644 index 0000000000..6eaf33f88d --- /dev/null +++ b/install/tpl/xmpp_prosody_conf_main.master @@ -0,0 +1,4 @@ +Include "/etc/prosody/storage.cfg.lua" +Include "/etc/prosody/global.cfg.lua" +Include "/etc/prosody/hosts/*.lua" +Include "/etc/prosody/status/*.lua" diff --git a/install/tpl/xmpp_prosody_conf_ssl.master b/install/tpl/xmpp_prosody_conf_ssl.master new file mode 100644 index 0000000000..97b088a6ad --- /dev/null +++ b/install/tpl/xmpp_prosody_conf_ssl.master @@ -0,0 +1,48 @@ +oid_section = new_oids + +[ new_oids ] + +# RFC 3920 section 5.1.1 defines this OID +xmppAddr = 1.3.6.1.5.5.7.8.5 + +# RFC 4985 defines this OID +SRVName = 1.3.6.1.5.5.7.8.7 + +[ req ] + +default_bits = 4096 +default_keyfile = {tmpl_var name='domain'}.key +distinguished_name = distinguished_name +req_extensions = v3_extensions +x509_extensions = v3_extensions + +# ask about the DN? +prompt = no + +[ distinguished_name ] + +commonName = {tmpl_var name='domain'} +countryName = {tmpl_var name='ssl_country'} +localityName = {tmpl_var name='ssl_locality'} +organizationName = {tmpl_var name='ssl_organisation'} +organizationalUnitName = {tmpl_var name='ssl_organisation_unit'} +emailAddress = {tmpl_var name='ssl_email'} + +[ v3_extensions ] + +# for certificate requests (req_extensions) +# and self-signed certificates (x509_extensions) + +basicConstraints = CA:TRUE +keyUsage = digitalSignature,keyEncipherment +extendedKeyUsage = serverAuth,clientAuth +subjectAltName = @subject_alternative_name + +[ subject_alternative_name ] + +# See http://tools.ietf.org/html/draft-ietf-xmpp-3920bis#section-13.7.1.2 for more info. + +DNS.0 = {tmpl_var name='domain'} +otherName.0 = xmppAddr;FORMAT:UTF8,UTF8:{tmpl_var name='domain'} +otherName.1 = SRVName;IA5STRING:_xmpp-client.{tmpl_var name='domain'} +otherName.2 = SRVName;IA5STRING:_xmpp-server.{tmpl_var name='domain'} \ No newline at end of file diff --git a/install/tpl/xmpp_prosody_conf_storage.master b/install/tpl/xmpp_prosody_conf_storage.master new file mode 100644 index 0000000000..217e5163b7 --- /dev/null +++ b/install/tpl/xmpp_prosody_conf_storage.master @@ -0,0 +1,9 @@ +storage = "sql" +sql = { + driver = "MySQL"; + database = "{tmpl_var db_name}"; + host = "{tmpl_var db_host}"; + port = {tmpl_var db_port}; + username = "{tmpl_var db_username}"; + password = "{tmpl_var db_password}"; +} \ No newline at end of file diff --git a/install/update.php b/install/update.php index 54d8003a6a..0a8c2c54e1 100644 --- a/install/update.php +++ b/install/update.php @@ -323,7 +323,7 @@ else $current_svc_config = $inst->db->queryOneRecord("SELECT mail_server,web_ser $conf['services']['mail'] = check_service_config_state('mail_server', $conf['postfix']['installed']); $conf['services']['dns'] = check_service_config_state('dns_server', ($conf['powerdns']['installed'] || $conf['bind']['installed'] || $conf['mydns']['installed'])); $conf['services']['web'] = check_service_config_state('web_server', ($conf['apache']['installed'] || $conf['nginx']['installed'])); -$conf['services']['xmpp'] = check_service_config_state('xmpp_server', $conf['xmpp']['installed']); +$conf['services']['xmpp'] = check_service_config_state('xmpp_server', $conf['metronome']['installed']); $conf['services']['firewall'] = check_service_config_state('firewall_server', ($conf['ufw']['installed'] || $conf['firewall']['installed'])); $conf['services']['vserver'] = check_service_config_state('vserver_server', $conf['services']['vserver']); $conf['services']['db'] = check_service_config_state('db_server', true); /* Will always offer as MySQL is of course installed on this host as it's a requirement for ISPC to work... */ @@ -462,7 +462,13 @@ if($reconfigure_services_answer == 'yes' || $reconfigure_services_answer == 'sel if($conf['services']['xmpp'] && $inst->reconfigure_app('XMPP', $reconfigure_services_answer)) { //** Configure Metronome XMPP - $inst->configure_xmpp('dont-create-certs'); + if($conf['prosody']['installed'] == true) { + swriteln('Configuring Prosody XMPP'); + $inst->configure_prosody('dont-create-certs'); + } elseif ($conf['metronome']['installed'] == true) { + swriteln('Configuring Metronome XMPP'); + $inst->configure_metronome('dont-create-certs'); + } } if($conf['services']['firewall'] && $inst->reconfigure_app('Firewall', $reconfigure_services_answer)) { @@ -560,7 +566,7 @@ if($reconfigure_services_answer == 'yes') { } if($conf['services']['xmpp']) { - if($conf['xmpp']['installed'] == true && $conf['xmpp']['init_script'] != '') system($inst->getinitcommand($conf['xmpp']['init_script'], 'restart').' &> /dev/null'); + if($conf['metronome']['installed'] == true && $conf['metronome']['init_script'] != '') system($inst->getinitcommand($conf['metronome']['init_script'], 'restart').' &> /dev/null'); } if($conf['services']['proxy']) { diff --git a/interface/web/admin/form/server_config.tform.php b/interface/web/admin/form/server_config.tform.php index ade5d978ae..18a55dda08 100644 --- a/interface/web/admin/form/server_config.tform.php +++ b/interface/web/admin/form/server_config.tform.php @@ -1585,6 +1585,12 @@ $form["tabs"]['xmpp'] = array( //################################# // Begin Datatable fields //################################# + 'xmpp_daemon' => array( + 'datatype' => 'VARCHAR', + 'formtype' => 'SELECT', + 'default' => '20', + 'value' => array('prosody' => 'Prosody', 'metronome' => 'Metronome') + ), 'xmpp_use_ipv6' => array( 'datatype' => 'VARCHAR', 'formtype' => 'CHECKBOX', diff --git a/interface/web/admin/lib/lang/de_server_config.lng b/interface/web/admin/lib/lang/de_server_config.lng index 3f349369a7..7de8ee6776 100644 --- a/interface/web/admin/lib/lang/de_server_config.lng +++ b/interface/web/admin/lib/lang/de_server_config.lng @@ -278,6 +278,7 @@ $wb['apps_vhost_enabled_txt'] = 'Apps-vhost enabled'; $wb['disabled_txt'] = 'Disabled'; $wb['web_settings_txt'] = 'Web Server'; $wb['xmpp_server_txt'] = 'XMPP Server'; +$wb['xmpp_daemon_txt'] = 'XMPP Daemon'; $wb['xmpp_use_ipv6_txt'] = 'Use IPv6'; $wb['xmpp_bosh_max_inactivity_txt'] = 'Max. BOSH inactivity time'; $wb['xmpp_bosh_timeout_range_wrong'] = 'Please enter a bosh timeout range between 15 - 360'; diff --git a/interface/web/admin/lib/lang/en_server_config.lng b/interface/web/admin/lib/lang/en_server_config.lng index 30f6f1e8d3..ac8f35f851 100644 --- a/interface/web/admin/lib/lang/en_server_config.lng +++ b/interface/web/admin/lib/lang/en_server_config.lng @@ -277,6 +277,7 @@ $wb['php_ini_check_minutes_info_txt'] = '0 = no check'; $wb['enable_spdy_txt'] = 'Makes SPDY available'; $wb['web_settings_txt'] = 'Web Server'; $wb['xmpp_server_txt'] = 'XMPP Server'; +$wb['xmpp_daemon_txt'] = 'XMPP Daemon'; $wb['xmpp_use_ipv6_txt'] = 'Use IPv6'; $wb['xmpp_bosh_max_inactivity_txt'] = 'Max. BOSH inactivity time'; $wb['xmpp_bosh_timeout_range_wrong'] = 'Please enter a bosh timeout range between 15 - 360'; diff --git a/interface/web/admin/templates/server_config_xmpp_edit.htm b/interface/web/admin/templates/server_config_xmpp_edit.htm index acf019b9ff..737b452c19 100644 --- a/interface/web/admin/templates/server_config_xmpp_edit.htm +++ b/interface/web/admin/templates/server_config_xmpp_edit.htm @@ -4,7 +4,12 @@

- +
+ +
+
diff --git a/server/plugins-available/xmpp_plugin.inc.php b/server/plugins-available/xmpp_plugin.inc.php index 128a88ebb4..850043a0ed 100644 --- a/server/plugins-available/xmpp_plugin.inc.php +++ b/server/plugins-available/xmpp_plugin.inc.php @@ -99,7 +99,7 @@ class xmpp_plugin { // Global server config $tpl = new tpl(); - $tpl->newTemplate('metronome_conf_global.master'); + $tpl->newTemplate('xmpp_metronome_conf_global.master'); $tpl->setVar('ipv6', $xmpp_config['xmpp_use_ipv6']=='y'?'true':'false'); $tpl->setVar('bosh_timeout', intval($xmpp_config['xmpp_bosh_max_inactivity'])); $tpl->setVar('port_http', intval($xmpp_config['xmpp_port_http'])); @@ -144,7 +144,7 @@ class xmpp_plugin { // Create main host file $tpl = new tpl(); - $tpl->newTemplate('metronome_conf_host.master'); + $tpl->newTemplate('xmpp_metronome_conf_host.master'); $tpl->setVar('domain', $data['new']['domain']); $tpl->setVar('active', $data['new']['active'] == 'y' ? 'true' : 'false'); $tpl->setVar('public_registration', $data['new']['public_registration'] == 'y' ? 'true' : 'false'); @@ -213,7 +213,7 @@ class xmpp_plugin { // Create status host file if($data['new']['use_status_host']=='y'){ $tpl = new tpl; - $tpl->newTemplate('metronome_conf_status.master'); + $tpl->newTemplate('xmpp_metronome_conf_status.master'); $tpl->setVar('domain', $data['new']['domain']); $tpl->setVar('status_hosts', "\t\t\"".implode("\",\n\t\t\"",$status_hosts)."\"\n"); $tpl->setVar('status_comps', "\t\t\"".implode("\",\n\t\t\"",$status_comps)."\"\n"); @@ -301,7 +301,7 @@ class xmpp_plugin { // Write new CNF file $tpl = new tpl(); - $tpl->newTemplate('metronome_conf_ssl.master'); + $tpl->newTemplate('xmpp_metronome_conf_ssl.master'); $tpl->setVar('domain', $domain); $tpl->setVar('ssl_country', $data['new']['ssl_country']); $tpl->setVar('ssl_locality', $data['new']['ssl_locality']); -- GitLab