Instalar un servidor XMPP – Prosody 0.10.0 sobre GNU/Linux Debian 9

Montar prosody (un servidor xmpp) no es tan complejo como algunas personas creen. Aquí he recopilado un poco la forma de montar prosody 0.10.0 con letsencrypt bajo Debian 9.

# apt update && apt upgrade
# apt-get install lsb-release wget gnupg luarocks nano certbot lua-sec
# echo deb $(lsb_release -sc) main | tee -a /etc/apt/sources.list
# wget -O- | apt-key add -
# apt-get update
# apt-get install prosody
# prosodyctl about

Con eso ya tendríamos prosody 0.10.0 instalado.

# certbot certonly --standalone -m --agree-tos -d


# nano /etc/prosody/prosody.cfg.lua 

Nos cepillamos todo el contenido y metemos esto:

admins = { fanta }

modules_enabled = {
	"roster"; -- Allow users to have a roster. Recommended ;)
	"saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
	"tls"; -- Add support for secure TLS on c2s/s2s connections
	"dialback"; -- s2s dialback support
	"disco"; -- Service discovery
	"carbons"; -- Keep multiple clients in sync
	"pep"; -- Enables users to publish their mood, activity, playing music and more
	"private"; -- Private XML storage (for room bookmarks, etc.)
	"blocklist"; -- Allow users to block communications with other users
	"vcard"; -- Allow users to set vCards
	"version"; -- Replies to server version requests
	"uptime"; -- Report how long server has been running
	"time"; -- Let others know the time here on this server
	"ping"; -- Replies to XMPP pings with pongs
	"register"; -- Allow users to register on this server using a client and change passwords
	--"mam"; -- Store messages in an archive and allow users to access it
	"admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
	--"admin_telnet"; -- Opens telnet console interface on localhost port 5582
	--"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
	--"websocket"; -- XMPP over WebSockets
	--"http_files"; -- Serve static files from a directory over HTTP
	--"limits"; -- Enable bandwidth limiting for XMPP connections
	--"groups"; -- Shared roster support
	--"server_contact_info"; -- Publish contact information for this service
	--"announce"; -- Send announcement to all online users
	--"welcome"; -- Welcome users who register accounts
	--"watchregistrations"; -- Alert admins of registrations
	--"motd"; -- Send a message to users when they log in
	--"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
	--"proxy65"; -- Enables a file transfer proxy service which clients behind NAT can use

modules_disabled = {
	-- "offline"; -- Store offline messages
	--"c2s"; -- Handle client connections
	--"s2s"; -- Handle server-to-server connections
	-- "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.

allow_registration = false
c2s_require_encryption = true
s2s_require_encryption = true
s2s_secure_auth = true
--s2s_insecure_domains = { "insecure.example" }
--s2s_secure_domains = { "" }

pidfile = "/var/run/prosody/"
authentication = "internal_hashed"
archive_expires_after = "1w"

log = {
	info = "/var/log/prosody/prosody.log";
	error = "/var/log/prosody/prosody.err";

certificates = "/etc/prosody/certs"

VirtualHost "localhost"
	ssl = {
		key = "certs/localhost.key";
		certificate = "certs/localhost.crt";

VirtualHost ""
        ssl = {
                key = "/etc/prosody/certs/";
                certificate = "/etc/prosody/certs/";
--Component "" "muc"

Evidentemente alterando por el dominio/subdominio adecuado.
Luego importamos el certificado:

# prosodyctl --root cert import /etc/letsencrypt/live

Creamos un usuario por ejemplo así:

# prosodyctl adduser


# /etc/init.d/prosody restart

7 comentarios

Chiwy 2 enero, 2018 Contestar

Me parece que al comando: certonly –standalone -m –agree-tos -d le falta un certbot al inicio.

Gracias por el tutorial 🙂

mierda 2 enero, 2018 Contestar

Cierto es. Modificado. Creo que me lo comí al copiar y pegar.

Michael Guerrero 2 abril, 2018 Contestar

hola necesito ver un ejemplo para instalar en prosody el modulo register web .

mierda 3 abril, 2018 Contestar

Pues yo nunca lo he activado. Pero es interesante.

jordila 6 abril, 2018 Contestar

A ver si me arranco acá… con ello … y extendemos nuestro Chat Ingobernable,..despegando

estamos usando Websockets, veo…. o lo he soñado ?

Chiwy 16 junio, 2018 Contestar

Gracias Fanta por tu ayuda con mi servidor Xmpp 🙂

Y al final conseguí que funcionara usando los permisos y usuarios que dice este script:


mierda 16 junio, 2018 Contestar

Buena cosa. Me alegro. Es que 777 era un poco bestia.
Buena cosa que lo dejes comentado por si a alguien más le pasa.

Deja un comentario