|
Size: 1339
Comment: dust off a bit, collect details on everything configured outside of puppet here
|
Size: 1714
Comment: note that we're compliant with 2020 recommended XEPs, and that we don't use TURN (and why)
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 8: | Line 8: |
We are compliant with [[https://xmpp.org/extensions/xep-0423.html|XEP-0423: XMPP Compliance Suites 2020]]. We have a STUN server, but are not at this time running a TURN server (we would need to limit it to coop members only, and at that point it's not very useless: IPv6 adoption is also rapidly expanding). If you think we should enable TURN, please contact the admins. |
Contents
1. Daemon
We use ejabberd
We are compliant with XEP-0423: XMPP Compliance Suites 2020. We have a STUN server, but are not at this time running a TURN server (we would need to limit it to coop members only, and at that point it's not very useless: IPv6 adoption is also rapidly expanding). If you think we should enable TURN, please contact the admins.
2. Installation
Installation is handled by Puppet class hcoop::service::xmpp::ejabberd. It will automatically use the HCoop TLS certificate, set up krb5 authentication, and open the needed firewall ports.
3. Additional Config
A few things are not managed by Puppet.
3.1. DNS Records
We need several DNS records for XMPP servers, stored in the hcoop.net domtool configuration.
3.2. Static files in hcoop.net/.well-known
XEP-0156: Discovering Alternative XMPP Connection Methods (HTTP) requires two files to be accessible from https://hcoop.net:
These list BOSH and WebSocket endpoints and may need to be adjusted when adding/removing ejabberd servers.
4. Old content
Might be relevant in the future -- we have a single server setup at the moment, and are not managing the erlang cookie for example.
4.1. Erlang Cookie
All nodes must have the same erlang cookie. When installing a new node replace the default Debian cookie with one copied from ~ejabberd/.erlang_cookie.