diff --git a/.gitignore b/.gitignore index 82a9adb9ad9..46f688972dd 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ # XMPP certificates, keys and user data -config/vines/*.crt -config/vines/*.key +config/certs/*.crt +config/certs/*.key +config/prosody.cfg.lua # Trademark sillyness app/views/home/_show.* diff --git a/Changelog.md b/Changelog.md index 4cef442d339..a61a0f77aea 100644 --- a/Changelog.md +++ b/Changelog.md @@ -51,6 +51,14 @@ We will also most likely still change the authorization scopes we offer and star Most work still required is on documentation as well as designing and implementing the data API for all of Diaspora's functionality. Contributions are very welcome, the hard work is done! +## Vines got replaced by Prosody + +Due to many issues with Vines, we decided to remove Vines and offer a Prosody +example configuration instead. [Check the +wiki](https://wiki.diasporafoundation.org/Integration/Chat#Vines_to_Prosody) +for more information on how to migrate to Prosody if you've been using Vines +before. + ## Refactor * Improve bookmarklet [#5904](https://github.com/diaspora/diaspora/pull/5904) * Update listen configuration to listen on unix sockets by default [#5974](https://github.com/diaspora/diaspora/pull/5974) diff --git a/Gemfile b/Gemfile index 3472389b0ce..5d3da9ec3fa 100644 --- a/Gemfile +++ b/Gemfile @@ -155,7 +155,7 @@ gem "openid_connect", "0.10.0" gem "active_model_serializers", "0.9.4" # XMPP chat dependencies -gem "diaspora-vines", "~> 0.2.0.develop" +gem "diaspora-prosody-config", "~> 0.0.4" gem "rails-assets-diaspora_jsxc", "~> 0.1.5.develop", source: "https://rails-assets.org" # Tags diff --git a/Gemfile.lock b/Gemfile.lock index f30b592d6ab..5c16af4c41a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -173,13 +173,7 @@ GEM devise_lastseenable (0.0.6) devise rails (>= 3.0.4) - diaspora-vines (0.2.0.develop.4) - activerecord (~> 4.1) - bcrypt (~> 3.1) - em-hiredis (~> 0.3.0) - eventmachine (~> 1.0.8) - http_parser.rb (~> 0.6) - nokogiri (~> 1.6) + diaspora-prosody-config (0.0.4) diaspora_federation (0.0.13) faraday (~> 0.9.0) faraday_middleware (~> 0.10.0) @@ -202,16 +196,12 @@ GEM execjs eco-source (1.1.0.rc.1) ejs (1.1.1) - em-hiredis (0.3.1) - eventmachine (~> 1.0) - hiredis (~> 0.6.0) entypo-rails (3.0.0.pre.rc2) railties (>= 4.1, <= 5) equalizer (0.0.10) erubis (2.7.0) ethon (0.8.1) ffi (>= 1.3.0) - eventmachine (1.0.9.1) excon (0.45.4) execjs (2.6.0) eye (0.8) @@ -406,7 +396,6 @@ GEM hashdiff (0.2.3) hashie (3.4.3) hike (1.2.3) - hiredis (0.6.1) hitimes (1.2.3) http (1.0.2) addressable (~> 2.3) @@ -915,7 +904,7 @@ DEPENDENCIES devise (= 3.5.6) devise-token_authenticatable (~> 0.4.0) devise_lastseenable (= 0.0.6) - diaspora-vines (~> 0.2.0.develop) + diaspora-prosody-config (~> 0.0.4) diaspora_federation-rails (= 0.0.13) diaspora_federation-test (= 0.0.13) entypo-rails (= 3.0.0.pre.rc2) diff --git a/config/certs/README b/config/certs/README new file mode 100644 index 00000000000..2e857357494 --- /dev/null +++ b/config/certs/README @@ -0,0 +1,7 @@ +If you want to encrypt your chat streams with prosody. +Add to `config/certs` your server certificate and key. + +The domain name should be included in the file name e.g.: + +* example.com.crt +* example.com.key diff --git a/config/defaults.yml b/config/defaults.yml index f5ba510d549..bb9da9c1b98 100644 --- a/config/defaults.yml +++ b/config/defaults.yml @@ -51,30 +51,16 @@ defaults: enabled: false server: enabled: true - certs: 'config/vines' - accept_self_signed: false - cross_domain_messages: true - max_offline_msgs: 150 - c2s: - address: '0.0.0.0' - port: 5222 - max_stanza_size: 65536 - max_resources_per_account: 5 - s2s: - address: '0.0.0.0' - port: 5269 - max_stanza_size: 131072 - blacklist: [] + certs: "config/certs" bosh: proxy: false address: '0.0.0.0' port: 5280 bind: '/http-bind' - max_stanza_size: 65536 - max_resources_per_account: 5 log: - file: 'log/vines.log' - level: 'info' + info: 'log/prosody.log' + error: 'log/prosody.err' + debug: false map: mapbox: enabled: false diff --git a/config/diaspora.yml.example b/config/diaspora.yml.example index 109e89ee173..25813ff152b 100644 --- a/config/diaspora.yml.example +++ b/config/diaspora.yml.example @@ -194,102 +194,37 @@ configuration: ## Section ## increase environment.sidekiq.concurrency instead! #sidekiq_workers: 1 - ## Diaspora has an internal XMPP server. If you want to enable the chat + ## Diaspora has an internal XMPP web-client. If you want to enable the chat ## functionality or want to use a custom XMPP server, then you should edit ## the following configuration. - ## - ## The internal XMPP server does not support https - ## and even if we implement it, we would ran into certificate issues. - ## The problem with mixed-content is described here: - ## https://wiki.diasporafoundation.org/Vines#Browser_blocks_mixed-content - ## - ## The easiest way of avoiding certificate and mixed-content issues - ## is to use a proxy, e.g.: - ## - ## Apache: https://wiki.diasporafoundation.org/Vines#Apache2 - ## Nginx: https://wiki.diasporafoundation.org/Vines#Nginx - ## - ## If you configured your proxy correctly, you should adjust - ## the configuration in the BOSH section. chat: ## Section ## Enable the chat service and all its components. + ## + ## Please make sure that you followed the Installation-Instructions first: + ## https://wiki.diasporafoundation.org/Integration/Chat#Installation.2FUpdate #enabled: true ## Custom XMPP server configuration goes here. server: ## Section - ## Start built-in XMPP server (default=true). - ## In case you want to run your own server, you should disable it. + ## Use the configuration bridge to prosody (default=true). + ## In case you want to run your own server or want to configure + ## prosody on your own, you should disable it. #enabled: false ## Set the directory in which to look for virtual hosts TLS certificates. - ## Check documentation on how to generate or configure your existing - ## certficates correctly: - ## - ## https://wiki.diasporafoundation.org/Vines#Certificates - #certs: 'config/vines' - - ## The server accepts by default only valid certificates. - ## Any connection which uses self-signed ones will be closed. - ## If you'd like to accept self-signed certificates - ## on your server, set the next option to true. - #accept_self_signed: true - - ## Only edit the next option if you'd like to deny - ## your users to exchange messages between other XMPP servers. - #cross_domain_messages: false - - ## Set the maximum of offline messages stored per user (default=150). - ## If it exceeds, it will start deleting old messages. You can disable - ## offline message support completely by setting the option to zero. - #max_offline_msgs: 150 - - ## Client to server - c2s: ## Section - - ## Configure the address that vines should listen on. - #address: '0.0.0.0' - - ## Configure the client-to-server port. - ## If your server is behind a router or firewall - ## check documentation on how to forward ports: - ## - ## https://wiki.diasporafoundation.org/Vines#Firewall_Ports - #port: 5222 - - ## The maximum we'd like to allow for stanza size. - #max_stanza_size: 65536 - - ## The max_resources_per_account attribute, limits how many - ## concurrent connections one user can have to the server. - #max_resources_per_account: 5 - - ## Server to server - s2s: ## Section - - ## Configure the address that vines should listen on. - #address: '0.0.0.0' - - ## Configure the server-to-server port. - ## If your server is behind a router or firewall - ## check documentation on how to forward ports: - ## - ## https://wiki.diasporafoundation.org/Vines#Firewall_Ports - #port: 5269 - - ## The max_stanza_size attribute should be - ## much larger than the setting for client-to-server. - #max_stanza_size: 131072 - - ## By default every XMPP server with a valid certificate - ## is able to communicate with your server. In case of a - ## malicious server (e.g. spam reason), you can black-list them. - #blacklist: - # - 'example.com' - # - 'malicous.net' + #certs: 'config/certs' ## XEP-0124 BOSH requests + ## The easiest way of avoiding certificate and mixed-content issues + ## is to use a proxy, e.g.: + ## + ## Apache: https://wiki.diasporafoundation.org/Integration/Chat#Apache2 + ## Nginx: https://wiki.diasporafoundation.org/Integration/Chat#Nginx + ## + ## If you configured your proxy correctly, + ## you should set the proxy option to 'true' bosh: ## Section ## If you'd like to use a proxy, you should set the proxy @@ -306,22 +241,17 @@ configuration: ## Section ## Configure the bind endpoint. #bind: '/http-bind' - ## The maximum we'd like to allow for stanza size. - #max_stanza_size: 65536 - - ## The max_resources_per_account attribute, limits how many - ## concurrent connections one user can have to the server. - #max_resources_per_account: 5 - ## Specify log behaviour here. log: ## Section ## Log file location. - #file: 'log/vines.log' + #info: 'log/prosody.log' + + ## Error log file location. + #error: 'log/prosody.err' - ## Set the logging level to debug, info, warn, error, or fatal. ## The debug level logs all XML sent and received by the server. - #level: 'info' + #debug: false ## Displays the location of a post in a map. Per default we are using the map ## tiles of the Heidelberg University (http://giscience.uni-hd.de). diff --git a/config/eye.rb b/config/eye.rb index 2dc55f38b28..fdfbed198cf 100644 --- a/config/eye.rb +++ b/config/eye.rb @@ -40,7 +40,7 @@ with_condition(AppConfig.chat.enabled? && AppConfig.chat.server.enabled?) do process :xmpp do - start_command "bin/bundle exec vines start" + start_command "bin/bundle exec rails runner Prosody.start" daemonize true pid_file "tmp/pids/xmpp.pid" stop_signals [:TERM, 10.seconds, :KILL] diff --git a/config/initializers/prosody.rb b/config/initializers/prosody.rb new file mode 100644 index 00000000000..093dd492491 --- /dev/null +++ b/config/initializers/prosody.rb @@ -0,0 +1,22 @@ +if AppConfig.chat.enabled? && AppConfig.chat.server.enabled? + db = Rails.application.config + .database_configuration[Rails.env] + + Prosody.update_configuration( + bosh_port: AppConfig.chat.server.bosh.port, bosh_path: AppConfig.chat.server.bosh.bind, + bosh_interface: AppConfig.chat.server.bosh.address, + + log_debug: (AppConfig.chat.server.log.debug? ? "debug" : "info"), + log_info: "#{Dir.pwd}/#{AppConfig.chat.server.log.info}", + log_error: "#{Dir.pwd}/#{AppConfig.chat.server.log.error}", + + certs: "#{Dir.pwd}/#{AppConfig.chat.server.certs}", + hostname: AppConfig.environment.url, + + virtualhost_driver: db["adapter"], + virtualhost_database: db["database"], + virtualhost_username: db["username"], + virtualhost_password: db["password"], + virtualhost_host: db["host"] + ) +end diff --git a/config/vines/README b/config/vines/README deleted file mode 100644 index 819906dc718..00000000000 --- a/config/vines/README +++ /dev/null @@ -1,7 +0,0 @@ -If you want to encrypt your chat streams with vines. -Add to `config/vines` your server certificate and key. - -The domain name should be included in the file name e.g.: - -* example.com.crt -* example.com.key