Installing XMPP server

Sebastian Sabogal edited this page Aug 22, 2015 · 25 revisions

IPOP allows you to connect to existing XMPP/STUN/TURN services. It is also possible to deploy your own private Online Social Network and NAT traversal services using the ejabberd open-source software and an open-source TURN service.

The ejabberd software also runs a STUN server as part of its implementation. Therefore ejabberd serves as both XMPP server and STUN server.

With this setup, you can create your own users and user relationships directly on the ejabberd server. This is especially useful when running GroupVPN - it allows you to define your own groups and endpoint IDs.

These instructions have only been tested on Ubuntu 12.04

Install and configure ejabberd

  1. Install ejabberd on Ubuntu

    sudo apt-get update
    sudo apt-get install ejabberd
  2. Determine the version of ejabberd

    sudo ejabberdctl status
  3. Update the ejabberd configuration file

    This sets up the ejabberd admin user "ipopuser" and host "ejabberd". You can configure these parameters with different values, but keep in mind that other tutorials in our documentation assume the XMPP server has been configured with ipopuser and ejabberd.

    For ejabberd earlier than ejabberd 14.07:

    sudo vi /etc/ejabberd/ejabberd.cfg
    #update lines with ipopuser and ejabberd host
    %% Admin user
    {acl, admin, {user, "ipopuser", "ejabberd"}}.
    %% Hostname
    {hosts, ["localhost", "ejabberd"]}.

    For ejabberd 14.07 and later:

    sudo vi /etc/ejabberd/ejabberd.yml
    #update lines with ipopuser and ejabberd host
    #in the served hostnames section
      - "localhost"
      - "ejabberd"
    #in the access control lists section
            - "": "localhost"
            - "ipopuser": "ejabberd
  4. Add the following to the configuration file to enable STUN on UDP port 3478

    For ejabberd earlier than ejabberd 14.07:

    sudo vi /etc/ejabberd/ejabberd.cfg
      {5222, ejabberd_c2s, [
                            {access, c2s},
                            {shaper, c2s_shaper},
                            {max_stanza_size, 65536},
                            starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}
      %% this is the new line to enable stun
      {{3478, udp}, ejabberd_stun, []},

    For ejabberd 14.07 and later:

    sudo vi /etc/ejabberd/ejabberd.yml
    #in the listening ports section
        port: 3478
        transport: udp
        module: ejabberd_stun
  5. (For ejabberd 14.07 and later only) Enable mod_admin_extra for extra ejabberd commands

    sudo vi /etc/ejabberd/ejabberd.yml
    #in the modules section
      mod_admin_extra: {}
  6. (Optional) Create a new self-signed certificate. If you change the hostname from ejabberd to something else, you need to create a new self-signed certificate and set CN (common name) to the new hostname that you have chosen and place it under /ect/ejabberd

    openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -keyout ejabberd.pem -out ejabberd.pem
  7. Restart ejabberd service

    sudo service ejabberd restart
  8. Create your admin user

    sudo ejabberdctl register ipopuser ejabberd password
  9. Useful ejabberd commands: create additional users and relationships, check who is online

    You can add more users to the XMPP server with the ejabberdctl command as shown below:

    sudo ejabberdctl register alice ejabberd password
    sudo ejabberdctl register bob ejabberd password

    You can create social links between users in the XMPP server with the ejabberd command as shown below. Note that for each friendship you wish to create, you need to run the command twice (to add Alice to Bob's roster, and to add Bob to Alice's roster):

    sudo ejabberdctl add-rosteritem alice ejabberd bob ejabberd bob svpn both
    sudo ejabberdctl add-rosteritem bob ejabberd alice ejabberd alice svpn both

    For ejabberd 14.07 and later, you can also create a shared roster group to establish social links among all users in a group.

    sudo ejabberdctl srg_create ipop_vpn ejabberd ipop_vpn ipop_vpn ipop_vpn
    sudo ejabberdctl srg_user_add @all@ ejabberd ipop_vpn ejabberd

    To check which users are online:

    sudo ejabberdctl connected-users

Configure SocialVPN/GroupVPN

Once the XMPP server is configured and users are created, you need to configure your SocialVPN/GroupVPN nodes to use it:

  1. Update config.json file to point to new STUN server, we recommend that you use the public IP address (not DNS) of the STUN server, especially if server is running on a public cloud (i.e. Amazon EC2)

        "ip4": "",
        "xmpp_username": "ipopuser@ejabberd",
        "xmpp_password": "password",
        "xmpp_host": "public-ip-of-ejabberd-vm",
        "stun": ["public-ip-of-ejabberd-vm:3478"]

Additional ejabberd configurations

  • You can add more users by going to http://ip-address-of-vm:5280/admin (click on Virtual Hosts ==> ejabberd ==> Users)

    username = ipopuser@ejabberd
    password = password

  • If you are running this on the cloud, make sure to open ports (port 3478 is necessary because ejabberd runs a STUN server as well)

    TCP - 5222, 5269, 5280
    UDP - 3478

You can also setup a TURN server in cases where your network firewall does not allow direct connections.

Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.