Difference between revisions of "Openfire"

From SME Server
Jump to navigationJump to search
(→‎Visit admin web page to complete Openfire configuration: Add LDAP authentication configuration)
 
(24 intermediate revisions by 6 users not shown)
Line 1: Line 1:
{{Incomplete}}
 
 
===Description===
 
===Description===
Openfire (formerly Wildfire) is a real time collaboration (RTC) server dual-licensed under the Open Source GPL and commercially. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is incredibly easy to setup and administer, but offers rock-solid security and performance.
+
Openfire (formerly Wildfire) is a real time collaboration (RTC) server dual-licensed under the Open Source GPL and commercially. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is easy to setup and administer, but offers rock-solid security and performance.
  
 +
== Prerequisite for SME 9.x ==
 +
The Java Runtime Environment included in the Openfire RPM requires that an additional library be installed 64-bit versions of SME 9.0.  To install it, run
 +
# yum install glibc.i686
  
Download jre-6u3-linux-i586-rpm.bin & Openfire 3.4.1
+
== Download and install Openfire ==
 +
 
 +
You can find the latest version of Openfire at http://www.igniterealtime.org/downloads/index.jsp. Download the RPM to your SME server, then run
 +
 
 +
# yum install openfire-*.rpm
  
Go to http://www.java.com/en/download/linux_manual.jsp and download  the Linux RPM (self-extracting file)
+
== Create the Database ==
  
copy or move jre-6u1-linux-i586-rpm.bin into /tmp
+
To create the Openfire Database, you'll need to perform each of the following steps:
  
  cd /tmp
+
  # mysqladmin create openfiredb
 +
# mysql -e "grant all privileges on openfiredb.* to openfireuser@localhost identified by 'yourpassword'"
 +
# mysql -e "flush privileges"
  
chmod a+x jre-6u1-linux-i586-rpm.bin
+
{{Warning box|You may wish to alter the "openfireuser" and "yourpassword" information in the grant privileges line above. Be sure to remember to remember what you used as the web manager will ask you for it!}}
  
sh jre-6u1-linux-i586-rpm.bin
+
Edit the database schema (this change does not seem to be necessary with SME 9.0 and Openfire 3.9.3):
  
== Download and install Openfire ==
+
# cd /opt/openfire/resources/database
 +
# nano openfire_mysql.sql
  
Go to http://www.igniterealtime.org/downloads/index.jsp and click on linux, download the latest openfire rpm and install:
+
At line 57 starts:
  
  # yum localinstall openfire-3.4.1-1.i386.rpm
+
  CREATE TABLE ofRoster (
 +
  rosterID              BIGINT          NOT NULL,
 +
  username              VARCHAR(64)    NOT NULL,
 +
  jid                  VARCHAR(1024)  NOT NULL,
  
== Create the Database ==
+
Change the jid line from 1024 to 255 as shown:
  
To create the Openfire Database, you'll need to perform each of the following steps:
+
  jid                  VARCHAR(255)    NOT NULL,
  
mysqladmin create openfiredb
+
Import the revised database schema:
mysql -e "grant all privileges on openfiredb.* to openfireuser@localhost identified by 'yourpassword'"
 
mysql -e "flush privileges"
 
cd /opt/openfire/resources/database
 
mysql openfiredb < openfire_mysql.sql
 
  
{{Warning box|You may wish to alter the "openfireuser" and "yourpassword" information in the grant privileges line above. Be sure to remember to remember what you used as the web manager will ask you for it!}}
+
# mysql openfiredb < openfire_mysql.sql
  
 
== Access MySQL from the local network ==
 
== Access MySQL from the local network ==
Line 45: Line 53:
 
== Start the Openfire Messaging Server ==
 
== Start the Openfire Messaging Server ==
  
  /etc/rc.d/init.d openfire start
+
  /etc/rc.d/init.d/openfire start
 +
 
 +
== Visit admin web page to complete Openfire configuration ==
  
 
Go to http://yourserver:9090 (insecure) or https://yourserver:9091 (secure)and follow through the setup via the browser. The only area that may be confusing is the database setup area. See example configuration below.  
 
Go to http://yourserver:9090 (insecure) or https://yourserver:9091 (secure)and follow through the setup via the browser. The only area that may be confusing is the database setup area. See example configuration below.  
Line 70: Line 80:
  
 
[[Image:Openfire 4.jpg]]
 
[[Image:Openfire 4.jpg]]
 +
 +
== LDAP Authentication ==
 +
Openfire can be configured to authenticate users through your SME Server's OpenLDAP server.  This will allow you to use a single user and password source, rather than needing to maintain two or more separate databases.  This is recommended unless you have a particular reason to want a separate user list for your Openfire installation.  To begin, on the Profile Settings screen, select '''Directory Server (LDAP)''':
 +
 +
[[Image:Openfire_ldap_1.png]]
 +
 +
Fill in the Connection Settings screen as shown below, replacing '''yourdomain''' and '''tld''' with your primary domain name and top-level domain, as appropriate.  For example, if your domain were example.com, you'd enter '''dc=example,dc=com'''.  For the password field, enter your admin user's password.
 +
 +
[[Image:Openfire_ldap_2.png]]
 +
 +
Click '''Test Settings''' to make sure you're able to connect.  Then click '''Save & Continue'''.
 +
 +
On the User Mapping page, just scroll to the bottom and click '''Save & Continue'''.
 +
 +
[[Image:Openfire_ldap_3.png]]
 +
 +
Similarly, on the Group Mapping page, click '''Save & Continue'''.
 +
 +
[[Image:Openfire_ldap_4.png]]
 +
 +
On the Administrator Account screen, enter '''admin''' and click '''Add'''.
 +
 +
[[Image:Openfire_ldap_5.png]]
 +
 +
On the next page, your admin account will be listed.  Click the Test button to confirm that it will authenticate this account.
 +
 +
[[Image:Openfire_ldap_6.png]]
 +
 +
You should see the Success page below.  If you do, you can close it.  You can optionally add other administrator users on this page.
 +
 +
[[Image:Openfire_ldap_7.png]]
  
 
== SME Server specific configuration ==
 
== SME Server specific configuration ==
  
  # config set openfire service TCPPorts '5222,5223,7777' access public status enabled
+
  config set openfire service TCPPorts '5222,5223,7777' access public status enabled
  # signal-event remoteaccess-update
+
  signal-event remoteaccess-update
  
 
Add startup link:
 
Add startup link:
  
  # ln -s /etc/rc.d/init.d/e-smith-service S99openfire
+
  ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99openfire
  
 
== Optional ==
 
== Optional ==
Line 91: Line 132:
 
Create and edit a file called "99openfire"
 
Create and edit a file called "99openfire"
  
  pico -w 99openfire
+
  nano -w 99openfire
  
 
(add the code shown below to the template)
 
(add the code shown below to the template)
Line 98: Line 139:
 
  # Openfire instant messaging server
 
  # Openfire instant messaging server
 
   
 
   
  Alias /openfire /opt/openfire
+
  Alias /openfiredocs /opt/openfire/documentation/docs
 
   
 
   
  <Directory /opt/openfire>
+
  <Directory /opt/openfire/documentation/docs>
 
       AddType application/x-httpd-php .php .php3 .phtml
 
       AddType application/x-httpd-php .php .php3 .phtml
 
       Options Indexes +Includes FollowSymLinks
 
       Options Indexes +Includes FollowSymLinks
Line 120: Line 161:
 
access your documentation at:
 
access your documentation at:
  
  http://yourservername-or-IP/openfire/documentation/
+
  http://yourservername-or-IP/openfiredocs/
  
 
To reiterate, this is NOT an essential step in the installation process and only provides local access to the documentation.
 
To reiterate, this is NOT an essential step in the installation process and only provides local access to the documentation.
Line 128: Line 169:
 
Commands to remove openfire
 
Commands to remove openfire
  
# yum remove openfire  
+
/etc/rc.d/init.d/openfire stop
# mysqladmin drop openfiredb
+
yum remove openfire
 
+
rm -Rf /opt/openfire
 
+
mysqladmin drop openfiredb
[mailto:russell@fixitcomputers.com.au?subject=Openfire Russell Taihn]
+
config delete openfire
 
+
signal-event remoteaccess-update
  
 +
----
 
[[Category:Howto]]
 
[[Category:Howto]]
 +
[[Category: Social Media Apps]]

Latest revision as of 17:13, 30 March 2016

Description

Openfire (formerly Wildfire) is a real time collaboration (RTC) server dual-licensed under the Open Source GPL and commercially. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is easy to setup and administer, but offers rock-solid security and performance.

Prerequisite for SME 9.x

The Java Runtime Environment included in the Openfire RPM requires that an additional library be installed 64-bit versions of SME 9.0. To install it, run

# yum install glibc.i686

Download and install Openfire

You can find the latest version of Openfire at http://www.igniterealtime.org/downloads/index.jsp. Download the RPM to your SME server, then run

# yum install openfire-*.rpm

Create the Database

To create the Openfire Database, you'll need to perform each of the following steps:

# mysqladmin create openfiredb
# mysql -e "grant all privileges on openfiredb.* to openfireuser@localhost identified by 'yourpassword'"
# mysql -e "flush privileges"


Warning.png Warning:
You may wish to alter the "openfireuser" and "yourpassword" information in the grant privileges line above. Be sure to remember to remember what you used as the web manager will ask you for it!


Edit the database schema (this change does not seem to be necessary with SME 9.0 and Openfire 3.9.3):

# cd /opt/openfire/resources/database
# nano openfire_mysql.sql

At line 57 starts:

CREATE TABLE ofRoster (
  rosterID              BIGINT          NOT NULL,
  username              VARCHAR(64)     NOT NULL,
  jid                   VARCHAR(1024)   NOT NULL,

Change the jid line from 1024 to 255 as shown:

  jid                   VARCHAR(255)    NOT NULL,

Import the revised database schema:

# mysql openfiredb < openfire_mysql.sql

Access MySQL from the local network

To use the MySQL database you will need to run a script to make port 3306 available to the Openfire Instant Messaging Server.

/sbin/e-smith/config setprop mysqld LocalNetworkingOnly no
/sbin/e-smith/expand-template /etc/my.cnf
/etc/rc.d/rc7.d/S50mysqld restart

Start the Openfire Messaging Server

/etc/rc.d/init.d/openfire start

Visit admin web page to complete Openfire configuration

Go to http://yourserver:9090 (insecure) or https://yourserver:9091 (secure)and follow through the setup via the browser. The only area that may be confusing is the database setup area. See example configuration below.

Openfire 1.jpg

Openfire 2.jpg

Openfire 3.jpg



Database Driver Presets: MySql

JDBC Driver Class: com.mysql.jdbc.Driver


Database URL: jdbc:mysql://localhost:3306/openfiredb

Username: openfireuser

Password: yourpassword

Openfire 4.jpg

LDAP Authentication

Openfire can be configured to authenticate users through your SME Server's OpenLDAP server. This will allow you to use a single user and password source, rather than needing to maintain two or more separate databases. This is recommended unless you have a particular reason to want a separate user list for your Openfire installation. To begin, on the Profile Settings screen, select Directory Server (LDAP):

Openfire ldap 1.png

Fill in the Connection Settings screen as shown below, replacing yourdomain and tld with your primary domain name and top-level domain, as appropriate. For example, if your domain were example.com, you'd enter dc=example,dc=com. For the password field, enter your admin user's password.

Openfire ldap 2.png

Click Test Settings to make sure you're able to connect. Then click Save & Continue.

On the User Mapping page, just scroll to the bottom and click Save & Continue.

Openfire ldap 3.png

Similarly, on the Group Mapping page, click Save & Continue.

Openfire ldap 4.png

On the Administrator Account screen, enter admin and click Add.

Openfire ldap 5.png

On the next page, your admin account will be listed. Click the Test button to confirm that it will authenticate this account.

Openfire ldap 6.png

You should see the Success page below. If you do, you can close it. You can optionally add other administrator users on this page.

Openfire ldap 7.png

SME Server specific configuration

config set openfire service TCPPorts '5222,5223,7777' access public status enabled
signal-event remoteaccess-update

Add startup link:

ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S99openfire

Optional

If you would like to have web access to the openfire documentation has been installed on your server, this section will show you how to make an e-smith custom template.

Make the custom-template directory:

mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf

Create and edit a file called "99openfire"

nano -w 99openfire

(add the code shown below to the template) (you can select and copy then paste in PuTTY with right click)

# Openfire instant messaging server

Alias /openfiredocs /opt/openfire/documentation/docs

<Directory /opt/openfire/documentation/docs>
     AddType application/x-httpd-php .php .php3 .phtml
     Options Indexes +Includes FollowSymLinks
     order deny,allow
     deny from all
     allow from all
</Directory>

# end of Openfire fragment

ctrl-x to save, y to agree, and [Enter] to exit the PICO editor

Expand the template

expand-template /etc/httpd/conf/httpd.conf
/etc/rc.d/init.d/httpd-e-smith restart

access your documentation at:

http://yourservername-or-IP/openfiredocs/

To reiterate, this is NOT an essential step in the installation process and only provides local access to the documentation.

Uninstalling Openfire

Commands to remove openfire

/etc/rc.d/init.d/openfire stop
yum remove openfire
rm -Rf /opt/openfire
mysqladmin drop openfiredb
config delete openfire
signal-event remoteaccess-update