6.3. Prosody, An XMPP Communication Server¶
This Internet app uses dnsmasq, MariaDB and OpenLDAP.
Prosody is a modern XMPP (the Extensible Messaging and Presence Protocol, a.k.a. Jabber) communication server, which serves the purpose for different types of communication, such as text messaging, audio and video calls, multi-party chatting, etc.
6.3.1. Configure DNS¶
Add an A
record to point the domain to be used by Prosody to the IP address of the server.
6.3.2. Configure the MariaDB Database¶
Follow the instructions in Create a New Database and User in MariaDB to create a new user and a database both named as
prosody
in the MariaDB database.
6.3.3. Configure the OpenLDAP Database¶
Follow the instructions in Common Group Related Tasks in the OpenLDAP Database to create a new group prosody
and add
all users who will be granted to use Prosody to this group.
6.3.4. Set up Prosody¶
Create a directory to store Prosody configuration files:
sudo mkdir -p $DOCKER_SHARE/prosody
cd $DOCKER_SHARE/prosody
sudo mkdir -p certs conf.d
Download the default Prosody configuration file:
docker pull blober/prosody
sudo -s <<< "docker run --rm blober/prosody cat /etc/prosody/prosody.cfg.lua > prosody.cfg.lua"
The Dockerfile from which the image was generated is available.
Run the following commands to modify the default configuration file to adjust it for running inside a Docker container,
after replacing dc=example,dc=com
with the LDAP_SUFFIX
value in Install OpenLDAP, and
PASSWORD
with the password of the user prosody
in MariaDB we have just created:
1 2 3 4 5 6 7 8 9 10 11 | LDAP_SUFFIX='dc=example,dc=com'
sudo sed -ri \
-e 's/(authentication = )\"internal_plain\"/\1\"ldap\"/' \
-e "1s/^/ldap_base = \"ou=people,$LDAP_SUFFIX\"\n/" \
-e '1s/^/ldap_server = \"ldap\"\n/' \
-e "1s/^/ldap_filter = \"(\&(uid=\$user) (memberOf=cn=prosody,ou=groups,$LDAP_SUFFIX))\"\n/" \
-e 's/\-\-(storage = \"sql\")/\1/' \
prosody.cfg.lua
sudo sed -i '/^storage = "sql"/a\
sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "PASSWORD", host = "db" }' \
prosody.cfg.lua
|
Explanation:
- line 3: use the OpenLDAP server we have set up for authentication instead of the internal one;
- line 4: specify the base in the LDAP database;
- line 5: specify the OpenLDAP server;
- line 6: use
uid
attribute as the user name;- line 7: use the SQL backend for data storage;
- line 9-10: specify MariaDB connection parameters.
We can edit the configuration file and enable additional modules as we need, such as carbons
for message
synchronization, mam_sql
for message archiving, etc.
Copy the XMPP server certificate into $DOCKER_SHARE/prosody/certs
. If a dummy key and certificate will be used
instead of a valid certificate, run the following command to generate a pair of dummy keys, similar to the key
generation described in Install Nginx:
sudo mkdir -p $DOCKER_SHARE/prosody/certs
sudo openssl req -x509 -nodes -days 3000 -newkey rsa:4096 \
-keyout $DOCKER_SHARE/prosody/certs/dummy.key \
-out $DOCKER_SHARE/prosody/certs/dummy.crt
Add a virtual host configuration files after replacing example.com
with the domain to be used as the XMPP domain,
which is the domain that will appear in the user names in the form of someone@example.com
. Note that this domain is
not necessarily the same as the domain which the server uses for the DNS query for its IP address. Also, optionally we
can replace dummy.crt
and dummy.key
with a different pair of certification and key:
MY_DOMAIN=example.com
sudo -s <<EOF
cat > conf.d/myhost.cfg.lua <<EEOOFF
VirtualHost "$MY_DOMAIN"
ssl = {
key = "/etc/prosody/certs/dummy.key";
certificate = "/etc/prosody/certs/dummy.crt";
}
EEOOFF
EOF
We can create additional configuration host configurations if more than one domains will be hosted.
To start the container:
docker run -d -t --restart always --dns $HOST_ADDR \
-v $DOCKER_SHARE/prosody/prosody.cfg.lua:/etc/prosody/prosody.cfg.lua:ro \
-v $DOCKER_SHARE/prosody/conf.d:/etc/prosody/conf.d:ro \
-v $DOCKER_SHARE/prosody/certs:/etc/prosody/certs:ro \
--name prosody -p 5222:5222 -p 5223:5223 -p 5269:5269 -p 5298:5298 \
blober/prosody