Difference between revisions of "Openfire"

From SME Server
Jump to navigationJump to search
(→‎Visit admin web page to complete Openfire configuration: Add LDAP authentication configuration)
 
(38 intermediate revisions by 6 users not shown)
Line 1: Line 1:
{{Incomplete}}
+
===Description===
 +
Openfire (formerly Wildfire) is a real time collaboration (RTC) server dual-licensed under the Open Source GPL and commercially. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is easy to setup and administer, but offers rock-solid security and performance.
  
 +
== Prerequisite for SME 9.x ==
 +
The Java Runtime Environment included in the Openfire RPM requires that an additional library be installed 64-bit versions of SME 9.0.  To install it, run
 +
# yum install glibc.i686
  
== Openfire 3.3.3 Howto ==
+
== Download and install Openfire ==
  
Openfire (formerly Wildfire) is a real time collaboration (RTC) server dual-licensed under the Open Source GPL and commercially. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is incredibly easy to setup and administer, but offers rock-solid security and performance.
+
You can find the latest version of Openfire at http://www.igniterealtime.org/downloads/index.jsp. Download the RPM to your SME server, then run
  
 +
# yum install openfire-*.rpm
  
Download jre-6u3-linux-i586-rpm.bin & Openfire 3.3.3
+
== Create the Database ==
  
Go to http://www.java.com/en/download/linux_manual.jsp and download  the Linux RPM (self-extracting file)
+
To create the Openfire Database, you'll need to perform each of the following steps:  
 
 
copy or move jre-6u1-linux-i586-rpm.bin into /tmp
 
 
 
cd /tmp
 
  
  chmod a+x jre-6u1-linux-i586-rpm.bin
+
  # mysqladmin create openfiredb
 +
# mysql -e "grant all privileges on openfiredb.* to openfireuser@localhost identified by 'yourpassword'"
 +
# mysql -e "flush privileges"
  
sh jre-6u1-linux-i586-rpm.bin
+
{{Warning box|You may wish to alter the "openfireuser" and "yourpassword" information in the grant privileges line above. Be sure to remember to remember what you used as the web manager will ask you for it!}}
  
== Download Openfire ==
+
Edit the database schema (this change does not seem to be necessary with SME 9.0 and Openfire 3.9.3):
  
Go to http://www.igniterealtime.org/downloads/index.jsp and click on linux & download openfire_3_3_3.tar.gz
+
# cd /opt/openfire/resources/database
 +
# nano openfire_mysql.sql
  
'''NOTE: DO NOT DOWNLOAD THE RPM'''
+
At line 57 starts:
  
copy or move openfire_3_3_3.tar.gz into /tmp
+
CREATE TABLE ofRoster (
 +
  rosterID              BIGINT          NOT NULL,
 +
  username              VARCHAR(64)    NOT NULL,
 +
  jid                  VARCHAR(1024)  NOT NULL,
  
tar xvzf openfire_3_3_3.tar.gz
+
Change the jid line from 1024 to 255 as shown:
  
mv /tmp/openfire /opt
+
  jid                  VARCHAR(255)    NOT NULL,
  
chown -R www.www /opt/openfire
+
Import the revised database schema:
  
  chmod 750 /opt/openfire
+
  # mysql openfiredb < openfire_mysql.sql
 
 
== Create the Database ==
 
 
 
To create the Openfire Database, you'll need to perform each of the following steps:
 
 
 
mysqladmin create openfiredb
 
 
 
mysql -e "grant all privileges on openfiredb.* to openfireuser@localhost identified by 'yourpassword'"
 
 
 
mysql -e "flush privileges"
 
 
 
cd /opt/openfire/resources/database
 
 
 
mysql openfiredb < openfire_mysql.sql
 
 
 
IMPORTANT:  You may wish to alter the "openfireuser" and "yourpassword" information in the grant privileges line above.  BE SURE TO REMEMBER WHAT YOU USED AS THE WEB MANAGER WILL ASK YOU FOR IT!
 
  
 
== Access MySQL from the local network ==
 
== Access MySQL from the local network ==
Line 55: Line 46:
 
To use the MySQL database you will need to run a script to make port 3306 available to  
 
To use the MySQL database you will need to run a script to make port 3306 available to  
 
the Openfire Instant Messaging Server.   
 
the Openfire Instant Messaging Server.   
 
  
 
  /sbin/e-smith/config setprop mysqld LocalNetworkingOnly no
 
  /sbin/e-smith/config setprop mysqld LocalNetworkingOnly no
 
 
  /sbin/e-smith/expand-template /etc/my.cnf
 
  /sbin/e-smith/expand-template /etc/my.cnf
 
 
  /etc/rc.d/rc7.d/S50mysqld restart
 
  /etc/rc.d/rc7.d/S50mysqld restart
 
Use the netstat -ant command to check status
 
 
netstat -ant
 
 
---------------------------------------------------------------------------------
 
 
Look for the following line in your `netstat -ant` result:
 
 
tcp        0      0 0.0.0.0:3306            0.0.0.0:*              LISTEN
 
 
While you're looking, you should see the ports that wildfire will be using:
 
 
tcp        0      0 0.0.0.0:9090            0.0.0.0:*              LISTEN
 
tcp        0      0 0.0.0.0:9091            0.0.0.0:*              LISTEN
 
tcp        0      0 0.0.0.0:5222            0.0.0.0:*              LISTEN
 
tcp        0      0 0.0.0.0:5223            0.0.0.0:*              LISTEN
 
tcp        0      0 0.0.0.0:5269            0.0.0.0:*              LISTEN
 
  
 
== Start the Openfire Messaging Server ==
 
== Start the Openfire Messaging Server ==
  
  cd /opt/openfire/bin
+
  /etc/rc.d/init.d/openfire start
 
 
./openfire start
 
  
 +
== Visit admin web page to complete Openfire configuration ==
  
 
Go to http://yourserver:9090 (insecure) or https://yourserver:9091 (secure)and follow through the setup via the browser. The only area that may be confusing is the database setup area. See example configuration below.  
 
Go to http://yourserver:9090 (insecure) or https://yourserver:9091 (secure)and follow through the setup via the browser. The only area that may be confusing is the database setup area. See example configuration below.  
Line 112: Line 81:
 
[[Image:Openfire 4.jpg]]
 
[[Image:Openfire 4.jpg]]
  
== Openfire daemon ==
+
== LDAP Authentication ==
 +
Openfire can be configured to authenticate users through your SME Server's OpenLDAP server.  This will allow you to use a single user and password source, rather than needing to maintain two or more separate databases.  This is recommended unless you have a particular reason to want a separate user list for your Openfire installation.  To begin, on the Profile Settings screen, select '''Directory Server (LDAP)''':
  
 +
[[Image:Openfire_ldap_1.png]]
  
Need to create a openfire daemon that will load at start upS et Up Initialization So Openfire Starts On A Server Reboot
+
Fill in the Connection Settings screen as shown below, replacing '''yourdomain''' and '''tld''' with your primary domain name and top-level domain, as appropriate.  For example, if your domain were example.com, you'd enter '''dc=example,dc=com'''.  For the password field, enter your admin user's password.
  
cd /opt/openfire/bin/extra
+
[[Image:Openfire_ldap_2.png]]
  
  chmod 700 redhat-postinstall.sh
+
Click '''Test Settings''' to make sure you're able to connect. Then click '''Save & Continue'''.
  
./redhat-postinstall.sh
+
On the User Mapping page, just scroll to the bottom and click '''Save & Continue'''.
  
cd /opt/openfire/bin
+
[[Image:Openfire_ldap_3.png]]
  
chmod 755 openfire
+
Similarly, on the Group Mapping page, click '''Save & Continue'''.
  
Create symbolic link to the script at runlevel 7 (/etc/rc7.d)
+
[[Image:Openfire_ldap_4.png]]
  
cd /etc/rc7.d
+
On the Administrator Account screen, enter '''admin''' and click '''Add'''.
  
ln -s  /opt/openfire/bin/openfire S90openfire
+
[[Image:Openfire_ldap_5.png]]
  
Reboot your server to make sure the openfire daemon initializes on startup...
+
On the next page, your admin account will be listed.  Click the Test button to confirm that it will authenticate this account.
  
shutdown -r now
+
[[Image:Openfire_ldap_6.png]]
  
 +
You should see the Success page below.  If you do, you can close it.  You can optionally add other administrator users on this page.
  
== OPTIONAL ==
+
[[Image:Openfire_ldap_7.png]]
 +
 
 +
== SME Server specific configuration ==
 +
 
 +
config set openfire service TCPPorts '5222,5223,7777' access public status enabled
 +
signal-event remoteaccess-update
 +
 
 +
Add startup link:
 +
 
 +
ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99openfire
 +
 
 +
== Optional ==
  
 
If you would like to have web access to the openfire documentation has been installed on your server, this section will show you how to make an e-smith custom template.
 
If you would like to have web access to the openfire documentation has been installed on your server, this section will show you how to make an e-smith custom template.
Line 145: Line 128:
 
   
 
   
 
  mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
 
  mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
 
 
  cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
 
  cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
  
 
Create and edit a file called "99openfire"
 
Create and edit a file called "99openfire"
  
  pico -w 99openfire
+
  nano -w 99openfire
  
 
(add the code shown below to the template)
 
(add the code shown below to the template)
 
(you can select and copy then paste in PuTTY with right click)
 
(you can select and copy then paste in PuTTY with right click)
 
 
   
 
   
 
  # Openfire instant messaging server
 
  # Openfire instant messaging server
 
   
 
   
 +
Alias /openfiredocs /opt/openfire/documentation/docs
 
   
 
   
  Alias /openfire /opt/openfire
+
  <Directory /opt/openfire/documentation/docs>
 
<Directory /opt/openfire>
 
 
       AddType application/x-httpd-php .php .php3 .phtml
 
       AddType application/x-httpd-php .php .php3 .phtml
 
       Options Indexes +Includes FollowSymLinks
 
       Options Indexes +Includes FollowSymLinks
Line 168: Line 148:
 
       allow from all
 
       allow from all
 
  </Directory>
 
  </Directory>
 
 
   
 
   
 
  # end of Openfire fragment
 
  # end of Openfire fragment
 
   
 
   
 
 
 
 
ctrl-x to save, y to agree, and [Enter] to exit the PICO editor
 
ctrl-x to save, y to agree, and [Enter] to exit the PICO editor
  
 
== Expand the template ==
 
== Expand the template ==
 
   
 
   
  /sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
+
  expand-template /etc/httpd/conf/httpd.conf
  
  service httpd restart
+
  /etc/rc.d/init.d/httpd-e-smith restart
  
service httpd-e-smith restart
 
 
 
access your documentation at:
 
access your documentation at:
  
  http://yourservername-or-IP/openfire/documentation/
+
  http://yourservername-or-IP/openfiredocs/
  
 
To reiterate, this is NOT an essential step in the installation process and only provides local access to the documentation.
 
To reiterate, this is NOT an essential step in the installation process and only provides local access to the documentation.
 
  
 
== Uninstalling Openfire ==
 
== Uninstalling Openfire ==
Line 196: Line 169:
 
Commands to remove openfire
 
Commands to remove openfire
  
# yum remove openfire  
+
/etc/rc.d/init.d/openfire stop
# mysqladmin drop openfiredb
+
yum remove openfire
 
+
rm -Rf /opt/openfire
 
+
mysqladmin drop openfiredb
[mailto:russell@fixitcomputers.com.au?subject=Openfire Russell Taihn]
+
config delete openfire
 
+
signal-event remoteaccess-update
  
 +
----
 
[[Category:Howto]]
 
[[Category:Howto]]
 +
[[Category: Social Media Apps]]

Latest revision as of 17:13, 30 March 2016

Description

Openfire (formerly Wildfire) is a real time collaboration (RTC) server dual-licensed under the Open Source GPL and commercially. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is easy to setup and administer, but offers rock-solid security and performance.

Prerequisite for SME 9.x

The Java Runtime Environment included in the Openfire RPM requires that an additional library be installed 64-bit versions of SME 9.0. To install it, run

# yum install glibc.i686

Download and install Openfire

You can find the latest version of Openfire at http://www.igniterealtime.org/downloads/index.jsp. Download the RPM to your SME server, then run

# yum install openfire-*.rpm

Create the Database

To create the Openfire Database, you'll need to perform each of the following steps:

# mysqladmin create openfiredb
# mysql -e "grant all privileges on openfiredb.* to openfireuser@localhost identified by 'yourpassword'"
# mysql -e "flush privileges"


Warning.png Warning:
You may wish to alter the "openfireuser" and "yourpassword" information in the grant privileges line above. Be sure to remember to remember what you used as the web manager will ask you for it!


Edit the database schema (this change does not seem to be necessary with SME 9.0 and Openfire 3.9.3):

# cd /opt/openfire/resources/database
# nano openfire_mysql.sql

At line 57 starts:

CREATE TABLE ofRoster (
  rosterID              BIGINT          NOT NULL,
  username              VARCHAR(64)     NOT NULL,
  jid                   VARCHAR(1024)   NOT NULL,

Change the jid line from 1024 to 255 as shown:

  jid                   VARCHAR(255)    NOT NULL,

Import the revised database schema:

# mysql openfiredb < openfire_mysql.sql

Access MySQL from the local network

To use the MySQL database you will need to run a script to make port 3306 available to the Openfire Instant Messaging Server.

/sbin/e-smith/config setprop mysqld LocalNetworkingOnly no
/sbin/e-smith/expand-template /etc/my.cnf
/etc/rc.d/rc7.d/S50mysqld restart

Start the Openfire Messaging Server

/etc/rc.d/init.d/openfire start

Visit admin web page to complete Openfire configuration

Go to http://yourserver:9090 (insecure) or https://yourserver:9091 (secure)and follow through the setup via the browser. The only area that may be confusing is the database setup area. See example configuration below.

Openfire 1.jpg

Openfire 2.jpg

Openfire 3.jpg



Database Driver Presets: MySql

JDBC Driver Class: com.mysql.jdbc.Driver


Database URL: jdbc:mysql://localhost:3306/openfiredb

Username: openfireuser

Password: yourpassword

Openfire 4.jpg

LDAP Authentication

Openfire can be configured to authenticate users through your SME Server's OpenLDAP server. This will allow you to use a single user and password source, rather than needing to maintain two or more separate databases. This is recommended unless you have a particular reason to want a separate user list for your Openfire installation. To begin, on the Profile Settings screen, select Directory Server (LDAP):

Openfire ldap 1.png

Fill in the Connection Settings screen as shown below, replacing yourdomain and tld with your primary domain name and top-level domain, as appropriate. For example, if your domain were example.com, you'd enter dc=example,dc=com. For the password field, enter your admin user's password.

Openfire ldap 2.png

Click Test Settings to make sure you're able to connect. Then click Save & Continue.

On the User Mapping page, just scroll to the bottom and click Save & Continue.

Openfire ldap 3.png

Similarly, on the Group Mapping page, click Save & Continue.

Openfire ldap 4.png

On the Administrator Account screen, enter admin and click Add.

Openfire ldap 5.png

On the next page, your admin account will be listed. Click the Test button to confirm that it will authenticate this account.

Openfire ldap 6.png

You should see the Success page below. If you do, you can close it. You can optionally add other administrator users on this page.

Openfire ldap 7.png

SME Server specific configuration

config set openfire service TCPPorts '5222,5223,7777' access public status enabled
signal-event remoteaccess-update

Add startup link:

ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99openfire

Optional

If you would like to have web access to the openfire documentation has been installed on your server, this section will show you how to make an e-smith custom template.

Make the custom-template directory:

mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf

Create and edit a file called "99openfire"

nano -w 99openfire

(add the code shown below to the template) (you can select and copy then paste in PuTTY with right click)

# Openfire instant messaging server

Alias /openfiredocs /opt/openfire/documentation/docs

<Directory /opt/openfire/documentation/docs>
     AddType application/x-httpd-php .php .php3 .phtml
     Options Indexes +Includes FollowSymLinks
     order deny,allow
     deny from all
     allow from all
</Directory>

# end of Openfire fragment

ctrl-x to save, y to agree, and [Enter] to exit the PICO editor

Expand the template

expand-template /etc/httpd/conf/httpd.conf
/etc/rc.d/init.d/httpd-e-smith restart

access your documentation at:

http://yourservername-or-IP/openfiredocs/

To reiterate, this is NOT an essential step in the installation process and only provides local access to the documentation.

Uninstalling Openfire

Commands to remove openfire

/etc/rc.d/init.d/openfire stop
yum remove openfire
rm -Rf /opt/openfire
mysqladmin drop openfiredb
config delete openfire
signal-event remoteaccess-update