Steps

  1. ejabber install ( try to find an centos 7 and 8 RPM for eJabber) and
    install it
  2. instructions and steps to add a domain name in eJabber server
  3. instructions to add new users/chat account into eJabber for specific
    domain
  4. Firewall settings, i.e port

requirements

  • apache
  • mysql
  • wget

ejabber install: (for centos
8 or 7)

  • Update our system
    sudo yum -y update
  • Download and install ejabberd rpm
    First you will need to check the latest version of ejabberd before doing
    the actual download. (version 21.07 is latest version of ejabberd)
    EJ_VERSION=23.10
    wget https://static.process-one.net/ejabberd/downloads/${EJ_VERSION}/ejabberd-${EJ_VERSION}-0.x86_64.rpm
  • Install Downloaded RPM package by running the command:
    sudo yum localinstall ejabberd-${EJ_VERSION}-0.x86_64.rpm
    Press y for installation.
    This will place ejabberd init script under /etc/init.d/ejabberd.
    Ejabberd application directory is /opt/ejabberd. This is a home for the
    ejabberd user.
  • Now that we have done the installation, we need to start the
    service and enable it to start automatically when the server is
    rebooted.
    sudo yum -y install mlocate
    sudo updatedb
    sudo cp $(locate ejabberd.service) /etc/systemd/system
    Then reload systemd:
    sudo systemctl daemon-reload
    Once the new ejabberd service is detected, start it:
    sudo systemctl enable --now ejabberd
    You can confirm that the service is in running state.
    systemctl status ejabberd
    command for start ejabberd service is:
    systemctl start ejabberd
    commadn for restart ejabberd service is:
    systemctl restart ejabberd

Create ejabberd XMPP admin
account.

You need an admin XMPP account for accessing the Web Admin
dashboard.
Store our ejabberd xmpp server version to a veriable.
$VER=21.07
Change your working directory to
cd /opt/ejabberd-${VER}/bin

  • Add admin account:
    Save username nad password to variables:
    username="myadmin"
    password="myadmin_12345"
  • Create admin user.
    sudo ./ejabberdctl register ${username} localhost ${password}
    You may need to replace localhost with your actual server
    hostname.
    Edit the ejabberd configuration file to give administration rights to
    the XMPP admin account you created
    vi /opt/ejabberd/conf/ejabberd.yml
     admin:  
       user:  
         - "admin@localhost"  
         - "myadmin@localhost"  

    After chnages restart ejabberd
    systemctl restart ejabberd
    For satisfaction check its status, it is active
    systemctl status ejabberd

Configure Firewall

Allow Ejabberd UI port on the firewall.
sudo firewall-cmd --add-port=5280/tcp --permanent
sudo firewall-cmd --reload

The Web Admin should be accessible on
http://ip-address:5280/admin/.

Allow firewall for video and voice calling
Port: 3478 or 5349. Protocol: udp, tcp

SRV Record for xmpp
Port: 5222, 5269, 5223, 5270. Protocol: tcp

enable bosh

enable bosh, api, upload in ejabberd_http module

    port: 5443
      ip: "::"
      module: ejabberd_http
      tls: true
      request_handlers:
        admin: ejabberd_web_admin
        api: mod_http_api
        bosh: mod_bosh
        captcha: ejabberd_captcha
        upload: mod_http_upload
        /ws: ejabberd_http_ws

firewall

stop the firewall systemctl stop firewalld

certificates

install ssl on ejabberd sevrer and key files (fullchain.pem and
privkey.pem) have ejabberd ownership. and update ejabberd configuration
certfiles: – /opt/ejabberd/conf/server.pem –
/etc/letsencrypt/live/DOMAIN_NAME/fullchain.pem –
/etc/letsencrypt/live/DOMAIN_NAME/privkey.pem

in it DOMAIN_NAME will we your server doamin name like
punjnad.com.

now use can access/login ejabberd user in converse.js library.

NOTE: If folder (letsencrypt/live/DOMAIN_NAME) don’t
have ejabberd ownership then Copy certificates to a location accessible
by ejabberd and set ownership.

mkdir /etc/ejabberd/certs
cp /etc/letsencrypt/live/panjnad.com/* /etc/ejabberd/certs/
chown -R ejabberd:ejabberd /etc/ejabberd/certs
chmod 640 /etc/ejabberd/certs/*

ejabberd http

after instaling ssl in server then allow tls (tls: true) on port
5240.

  port: 5280
    ip: "::"
    module: ejabberd_http
    tls: true
    request_handlers:
      /admin: ejabberd_web_admin
      /.well-known/acme-challenge: ejabberd_acme

ejabberd bosh

First
make sure bosh is enables in ejabberd_http module (ejabberd
configuration).

bosh: mod_bosh

Apache configuration

vi /etc/httpd/conf/httpd.conf

    <VirtualHost *:80>
      DocumentRoot "/var/www/html"
      ServerName panjnad.com
      RewriteEngine on
      RewriteCond %{SERVER_NAME} =panjnad.com
      RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

      ProxyPass "/http-bind" "https://panjnad.com:5443/http-bind/"
      ProxyPassReverse "/http-bind" "https://panjnad.com:5443/http-bind/"

      ProxyPass "/bosh" "https://panjnad.com:5443/bosh/"
      ProxyPassReverse "/bosh" "https://panjnad.com:5443/bosh/"

    </VirtualHost>

    <VirtualHost *:80>
      DocumentRoot "/var/www/html"
      ServerName ravi.com
      RewriteEngine on
      RewriteCond %{SERVER_NAME} = ravi.com
      RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

      ProxyPass "/http-bind" "https://ravi.com:5443/http-bind/"
      ProxyPassReverse "/http-bind" "https://ravi.com:5443/http-bind/"

      ProxyPass "/bosh" "https://ravi.com:5443/bosh/"
      ProxyPassReverse "/bosh" "https://ravi.com:5443/bosh/"

    </VirtualHost>

restart apacher service
systemctl restart httpd

now access bosh url https://panjnad.com:5443/bosh/

instructions
to add new users / chat account into eJabber for specific domain:

Login Web admin dashboard
* Click on Virtual Hosts. * Select Host from
table. * Click on Users. * Enter username (without host) and password
and click Add User button. User added successfully for
specific domain.

add a domain name in
eJabber server

When managing several XMPP domains in a single instance, Those
domains are truly independent if not global auth_method define. It means
they can even have different configuration parameters. Options can be
defined separately for every virtual host using the host_config
option.

vi /opt/ejabberd/conf/ejabberd.yml

      hosts:
       - domain1.net
       - domain2.com

Example:
* Domain domain1.net is using the internal authentication method while
domain domain2.com is using the LDAP server running on the domain
localhost to perform authentication:

    host_config:
      domain1.net:
        auth_method: internal
      domain2.com:
        auth_method: ldap
        ldap_servers:
         - localhost
        ldap_uids:
         - uid
        ldap_rootdn: "dc=localdomain"
        ldap_password: ""
  • Domain domain1.net is using SQL to perform authentication while
    domain domain2.com is using the LDAP servers running on the domains
    localhost and otherhost:
    host_config:
      domain1.net:
        auth_method: sql
        sql_type: odbc
        sql_server: "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"
      domain2.com:
        auth_method: ldap
        ldap_servers:
          - localhost
          - otherhost
        ldap_uids:
          - uid
        ldap_rootdn: "dc=example,dc=com"
        ldap_password: ""
  • ejabberd xmpp configuration for send mediaYou will need to create the PEM cert using the 2 keys above. Do the
    following on your console terminal.
    replace "your-domain-name" with your server domain name
    cat /etc/letsencrypt/live/your-domain-name/privkey.pem
    /etc/letsencrypt/live/your-domain-name/fullchain.pem >>
    /opt/ejabberd/conf/server.pem
    Once done go to your config file “ejabberd.yml” and set the relevant SSL
    cert at the listening port. Make sure your relevant SSL cert points to
    /opt/ejabberd/conf/server.pem.

    Ejabberd SSL Certificate we follow this link
    “https://www.ejabberd.im/forum/28648/ejabberd-letsencrypt-ssl-certificate/index.html”

    certfiles: …. – “/opt/ejabberd/conf/server.pem” ….

    modules: …. mod_http_upload: docroot: “/opt/ejabberd/upload” put_url:
    “https://@HOST@:5443/upload/” max_size: infinity access:
    local thumbnail: false custom_headers: “Access-Control-Allow-Origin”:
    “*” “Access-Control-Allow-Methods”: “GET, POST, PUT, OPTIONS”
    “Access-Control-Allow-Headers”: “Content-Type” ….

    All media who you are send it is in upload folder
    (/opt/ejabberd/upload). After configuration restart the ejabberd server
    using this command systemctl restart ejabberd

conversejs

we include these two URLs inside the
element of ictbroadcast website via the script and link tags(/usr/ictbroadcast/theme/THEMENAME/view/layout/base.html.twig)**

**

  • Initializing converse for login converse.initialize({
    bosh_service_url: ‘https://conversejs.org/http-bind/’, auto_login: true,
    jid: ‘8314@ejab.ictbroadcast.com’, password: ‘03012345678’, keepalive:
    true, message_carbons: true, play_sounds: true, roster_groups: true,
    show_controlbox_by_default: true, xhr_user_search: false,
    whitelisted_plugins: [‘chatplugin’], authentication: ‘login’, allow_muc:
    false, //allow_chat_pending_contacts: true,
    //allow_non_roster_messaging: true, //message_archiving: ‘always’
    view_mode: ‘fullscreen’ //set it if you want to dispaly in fullscreen
    });
  • ejabberd xmpp configuration for send mediaYou will need to create the PEM cert using the 2 keys above. Do the
    following on your console terminal.
    replace "your-domain-name" with your server domain name
    cat /etc/letsencrypt/live/your-domain-name/privkey.pem
    /etc/letsencrypt/live/your-domain-name/fullchain.pem >>
    /opt/ejabberd/conf/server.pem
    Once done go to your config file “ejabberd.yml” and set the relevant SSL
    cert at the listening port. Make sure your relevant SSL cert points to
    /opt/ejabberd/conf/server.pem.

    Ejabberd SSL Certificate we follow this link
    “https://www.ejabberd.im/forum/28648/ejabberd-letsencrypt-ssl-certificate/index.html”

    certfiles: …. – “/opt/ejabberd/conf/server.pem” ….

    modules: …. mod_http_upload: docroot: “/opt/ejabberd/upload” put_url:
    “https://ejab.ictbroadcast.com:5443/upload/” max_size: infinity access:
    local thumbnail: false custom_headers: “Access-Control-Allow-Origin”:
    “*” “Access-Control-Allow-Methods”: “GET, POST, PUT, OPTIONS”
    “Access-Control-Allow-Headers”: “Content-Type” ….

    All media who you are send it is in upload folder. After
    configuration restart the ejabberd server using this command
    systemctl restart ejabberd

  • If you want to hide converse controlbox then use this in
    script
     var element = document.getElementById("toggle-controlbox");
     element.classList.remove("hidden");
     var element = document.getElementById("controlbox");
     element.classList.add("hidden");
     $('.toggle-controlbox').remove();
  • For ejabberd API access change the configuration with the
    following…
    • in who: allow user
    • in what: what api you want to access
      register api for add user and unregister for remove user
      api_permissions:
        "admin commands":
          who: admin
          what:
            - register
            - unregister