diff --git a/Gruntfile.js b/Gruntfile.js index 886586e40..5a38bf649 100644 --- a/Gruntfile.js +++ b/Gruntfile.js @@ -1,7 +1,7 @@ module.exports = function(grunt) { var css_files = new Array('client/css/fullcalendar.css', 'client/css/bootstrap-datetimepicker.min.css', 'client/css/jquery.fancybox.css', 'client/css/bootstrap.css', 'client/css/jquery.dockmodal.css', 'client/css/select2-bootstrap.css', 'client/css/flag.css', 'client/css/highlight-github.css', 'client/css/jquery-ui.css'); var js_files = new Array('client/js/libs/jquery-1.8.3.js', 'client/js/libs/jquery.placeholder.js', 'client/js/libs/emojify.min.js', 'client/js/libs/jquery-ui-1.8.23.js', 'client/js/libs/jquery.drawDoughnutChart.js', 'client/js/libs/underscore.js', 'client/js/libs/backbone.js', 'client/js/libs/backbone.stickit.js', 'client/js/libs/backbone.dualstorage.js', 'client/js/libs/affix.js', 'client/js/libs/bootstrap-twipsy.js', 'client/js/libs/bootstrap-tooltip.js', 'client/js/libs/bootstrap-popover.js', 'client/js/libs/bootstrap-dropdown.js', 'client/js/libs/bootstrap-datetimepicker.min.js', 'client/js/libs/bootstrap-collapse.js', 'client/js/libs/bootstrap-alert.js', 'client/js/libs/bootstrap-transition.js', 'client/js/libs/bootstrap-tab.js', 'client/js/libs/bootstrap-modal.js', 'client/js/libs/md5.js', 'client/js/libs/select2.js', 'client/js/libs/ImageSelect.jquery.js', 'client/js/libs/date.format.js', 'client/js/libs/jquery.fancybox.js', 'client/js/libs/jquery.gritter.min.js', 'client/js/libs/jquery.scrollTo-min.js', 'client/js/libs/jquery.dockmodal.js', 'client/js/libs/Markdown.Converter.js', 'client/js/libs/tag-it.js', 'client/js/libs/jquery.iframe-transport.js', 'client/js/libs/highlight.js', 'client/js/libs/showdown.js', 'client/js/libs/xss.min.js', 'client/js/libs/showdown-target-blank.min.js', 'client/js/libs/showdown-xss-filter.js', 'client/js/libs/fullcalendar.min.js', 'client/js/libs/load-image.min.js', 'client/js/libs/tmpl.min.js', 'client/js/libs/jquery.ui.widget.js', 'client/js/libs/jquery.cookie.js', 'client/js/libs/jquery.fileupload.js', 'client/js/libs/jquery.fileupload-process.js', 'client/js/libs/jquery.fileupload-image.js', 'client/js/libs/jquery.fileupload-validate.js', 'client/js/libs/jquery.bootstrap-growl.js', 'client/js/libs/backbone.defered-view-loader.js', 'client/js/libs/backbone.upload-manager.js', 'client/js/libs/backbone-batch-operations.js', 'client/js/libs/jquery-bootstrap-pagination.js', 'client/js/libs/jquery.fn.gantt.js', 'client/js/libs/jquery.sparkline.js', 'client/js/libs/localforage.js', 'client/js/libs/xss.js', 'client/js/libs/locale.js', 'client/js/libs/splitter.js', 'client/js/libs/musical.js', 'client/js/libs/favico-0.3.8.min.js', 'client/js/libs/i18next.min.js', 'client/js/libs/i18nextXHRBackend.min.js', 'client/js/libs/i18nextSprintfPostProcessor.min.js', 'client/js/libs/jquery.hotkeys.js', 'client/js/libs/backbone-hotkeys.js', 'client/js/libs/backbone-forms.js', 'client/js/libs/jquery.printPage.js', 'client/js/libs/jquery.ui.touch-punch.js', 'client/js/libs/moment.js', 'client/js/libs/moment-timezone.js', 'client/js/libs/moment-timezone-with-data.js', 'client/js/models/oauth.js', 'client/js/models/user.js', 'client/js/models/board.js', 'client/js/models/boards_subscriber.js', 'client/js/models/list.js', 'client/js/models/flickr.js', 'client/js/models/organization.js', 'client/js/models/list_subscriber.js', 'client/js/models/card.js', 'client/js/models/organizations_user.js', 'client/js/models/boards_user.js', 'client/js/models/activity.js', 'client/js/models/card_voter.js', 'client/js/models/card_label.js', 'client/js/models/card_subscriber.js', 'client/js/models/card_attachment.js', 'client/js/models/label.js', 'client/js/models/checklist.js', 'client/js/models/checklist_item.js', 'client/js/models/card_user.js', 'client/js/models/elasticsearch.js', 'client/js/models/workflow_template.js', 'client/js/models/acl.js', 'client/js/models/role.js', 'client/js/models/role_setting.js', 'client/js/models/setting_category.js', 'client/js/models/boards_star.js', 'client/js/models/instant_card_add.js', 'client/js/models/email_template.js', 'client/js/models/app.js', 'client/js/models/oauth_client.js', 'client/js/models/oauth_application.js', 'client/js/models/acl_board_links.js', 'client/js/models/board_user_roles.js', 'client/js/models/acl_organization_links.js', 'client/js/models/organization_user_roles.js', 'client/js/models/chat_history.js', 'client/js/models/intro_view_model.js', 'client/js/collections/user_collection.js', 'client/js/collections/attachment_collection.js', 'client/js/collections/list_collection.js', 'client/js/collections/flickr_collection.js', 'client/js/collections/organization_collection.js', 'client/js/collections/organizations_user_collection.js', 'client/js/collections/boards_user_collection.js', 'client/js/collections/activity_collection.js', 'client/js/collections/board_subscriber_collection.js', 'client/js/collections/card_collection.js', 'client/js/collections/board_collection.js', 'client/js/collections/card_attachment_collection.js', 'client/js/collections/card_label_collection.js', 'client/js/collections/card_position_collection.js', 'client/js/collections/card_checklist_collection.js', 'client/js/collections/checklist_item_collection.js', 'client/js/collections/card_voter_collection.js', 'client/js/collections/elasticsearch_collection.js', 'client/js/collections/workflow_template_collection.js', 'client/js/collections/list_subscriber_collection.js', 'client/js/collections/card_subscriber_collection.js', 'client/js/collections/card_user_collection.js', 'client/js/collections/acl_collection.js', 'client/js/collections/role_collection.js', 'client/js/collections/setting_category_collection.js', 'client/js/collections/board_star_collection.js', 'client/js/collections/email_template_collection.js', 'client/js/collections/role_settings_collection.js', 'client/js/collections/app_collection.js', 'client/js/collections/oauth_client_collection.js', 'client/js/collections/oauth_application_collection.js', 'client/js/collections/acl_board_links_collection.js', 'client/js/collections/organization_user_roles_collection.js', 'client/js/collections/acl_organization_links_collection.js', 'client/js/collections/board_user_roles_collection.js', 'client/js/collections/chat_history_collection.js', 'client/js/collections/intro_videoCollection.js', 'client/js/templates/templates.js', 'client/js/views/application_view.js', 'client/js/views/admin_user_add_view.js', 'client/js/views/register_view.js', 'client/js/views/login_view.js', 'client/js/views/authenticate_view.js', 'client/js/views/list_view.js', 'client/js/views/activity_view.js', 'client/js/views/board_view.js', 'client/js/views/header_view.js', 'client/js/views/footer_view.js', 'client/js/views/boards_index_view.js', 'client/js/views/users_forgot_password_view.js', 'client/js/views/users_activation_view.js', 'client/js/views/users_change_password_view.js', 'client/js/views/organization_view.js', 'client/js/views/organizations_user_view.js', 'client/js/views/boards_user_view.js', 'client/js/views/chat_view.js', 'client/js/views/intro_video_view.js', 'client/js/views/card_view.js', 'client/js/views/modal_card_view.js', 'client/js/views/modal_list_view.js', 'client/js/views/modal_board_view.js', 'client/js/views/attachment_view.js', 'client/js/views/card_attachment_view.js', 'client/js/views/card_label_view.js', 'client/js/views/card_checklist_view.js', 'client/js/views/card_checklist_item_view.js', 'client/js/views/user_view.js', 'client/js/views/user_index_view.js', 'client/js/views/board_simple_view.js', 'client/js/views/instant_card_add_view.js', 'client/js/views/role_index_view.js', 'client/js/views/role_settings_view.js', 'client/js/views/user_cards_view.js', 'client/js/views/user_activity_menu_view.js', 'client/js/views/user_boards_listing_menu_view.js', 'client/js/views/user_search_result_view.js', 'client/js/views/organization_visibility_form_view.js', 'client/js/views/organization_member_permission_form_view.js', 'client/js/views/organization_member_remove_form_view.js', 'client/js/views/organization_member_confirm_remove_form_view.js', 'client/js/views/attachment_delete_confirm_form_view.js', 'client/js/views/attachment_delete_confirm_form_view.js', 'client/js/views/board_organization_form_view.js', 'client/js/views/board_custom_background_view.js', 'client/js/views/board_sidebar_view.js', 'client/js/views/archived_items_view.js', 'client/js/views/board_background_view.js', 'client/js/views/board_filter_view.js', 'client/js/views/board_user_activity_view.js', 'client/js/views/board_user_remove_confirm_view.js', 'client/js/views/card_copy_view.js', 'client/js/views/list_archive_confirm_view.js', 'client/js/views/list_cards_archive_confirm_view.js', 'client/js/views/move_cards_from_list_view.js', 'client/js/views/move_list_view.js', 'client/js/views/copy_list_view.js', 'client/js/views/list_delete_confirm_view.js', 'client/js/views/list_actions_view.js', 'client/js/views/card_labels_form_view.js', 'client/js/views/card_positions_form_view.js', 'client/js/views/card_member_form_view.js', 'client/js/views/card_actions_view.js', 'client/js/views/activity_user_add_search_result_view.js', 'client/js/views/card_voters_list_view.js', 'client/js/views/activity_delete_confirm_view.js', 'client/js/views/edit_activity_form_view.js', 'client/js/views/activity_reply_form_view.js', 'client/js/views/activity_add_form_view.js', 'client/js/views/card_duedate_from_view.js', 'client/js/views/card_label_form_view.js', 'client/js/views/emoji_list_view.js', 'client/js/views/checklist_item_emoji_list_view.js', 'client/js/views/admin_user_index_view.js', 'client/js/views/admin_boards_list_view.js', 'client/js/views/oauth_applications_view.js', 'client/js/views/oauth_client_view.js', 'client/js/views/oauth_client_add_view.js', 'client/js/views/oauth_client_edit_view.js', 'client/js/views/oauth_applications_view.js', 'client/js/views/app_view.js', 'client/js/views/app_setting_view.js', 'client/js/views/card_search_result_view.js', 'client/js/views/copy_from_existing_card_view.js', 'client/js/views/move_card_view.js', 'client/js/views/copy_card_view.js', 'client/js/views/activity_card_search_view.js', 'client/js/views/checklist_add_form_view.js', 'client/js/views/modal_card_member_form_view.js', 'client/js/views/card_search_users_result_view.js', 'client/js/views/notification_menu_view.js', 'client/js/views/organization_add_view.js', 'client/js/views/board_add_view.js', 'client/js/views/organizations_board_form_view.js', 'client/js/views/user_cards_view.js', 'client/js/views/checklist_item_add_form_view.js', 'client/js/views/checklist_delete_confirm_form_view.js', 'client/js/views/checklist_actions_view.js', 'client/js/views/checklist_item_actions_view.js', 'client/js/views/checklist_item_delete_confirm_form_view.js', 'client/js/views/checklist_item_edit_form_view.js', 'client/js/views/checklist_item_add_link_view.js', 'client/js/views/checklist_edit_form_view.js', 'client/js/views/attachment_delete_confirm_view.js', 'client/js/views/setting_view.js', 'client/js/views/instant_card_add_labels_form_view.js', 'client/js/views/instant_card_add_members_form_view.js', 'client/js/views/switch_to_list_form_view.js', 'client/js/views/user_activity_menu_view.js', 'client/js/views/user_board_list_view.js', 'client/js/views/archived_lists_view.js', 'client/js/views/archived_list_view.js', 'client/js/views/archived_cards_view.js', 'client/js/views/archived_card_view.js', 'client/js/views/edit_board_member_permission_to_normal_view.js', 'client/js/views/copy_board_visibility_view.js', 'client/js/views/show_all_visibility_view.js', 'client/js/views/show_board_member_permission_form_view.js', 'client/js/views/show_board_visibility_view.js', 'client/js/views/show_search_message_view.js', 'client/js/views/search_result_view.js', 'client/js/views/show_search_boards_view.js', 'client/js/views/search_board_subscribe_view.js', 'client/js/views/show_boards_list_view.js', 'client/js/views/my_boards_listing_view.js', 'client/js/views/started_boards_listing_view.js', 'client/js/views/closed_boards_listing_view.js', 'client/js/views/board_additional_setting_view.js', 'client/js/views/select_board_visibility_view.js', 'client/js/views/board_visibility_view.js', 'client/js/views/board_add_organization_form_view.js', 'client/js/views/board_member_add_search_result_view.js', 'client/js/views/checklist_item_mention_member_view.js', 'client/js/views/checklist_item_mention_member_search_form_view.js', 'client/js/views/organization_board_view.js', 'client/js/views/user_boards_listing_menu_view.js', 'client/js/views/board_user_actions_view.js', 'client/js/views/modal_user_activities_list_view.js', 'client/js/views/organizations_lists_view.js', 'client/js/views/organizations_list_view.js', 'client/js/views/email_template_view.js', 'client/js/views/user_activity_view.js', 'client/js/views/user_index_container_view.js', 'client/js/views/selected_board_visibility_view.js', 'client/js/views/modal_activity_view.js', 'client/js/views/modal_flickr_photo_view.js', 'client/js/views/modal_music_view.js', 'client/js/views/flickr_view.js', 'client/js/views/board_404_view.js', 'client/js/views/organization_header_view.js', 'client/js/views/user_view_header_view.js', 'client/js/views/organizations_lists_header_view.js', 'client/js/views/board_header_view.js', 'client/js/views/starred_boards_index_view.js', 'client/js/views/organization_delete_form_view.js', 'client/js/views/error_404_view.js', 'client/js/views/board_index_header_view.js', 'client/js/views/about_us_view.js', 'client/js/views/closed_boards_index_view.js', 'client/js/views/activity_index_view.js', 'client/js/views/admin_activity_index_view.js', 'client/js/views/show_sync_google_calendar_view.js', 'client/js/views/show_copy_board_view.js', 'client/js/views/invite_user_view.js', 'client/js/views/music_repeat_view.js', 'client/js/views/admin_board_view.js', 'client/js/views/admin_boards_index_view.js', 'client/js/views/email_to_board_setting_view.js', 'client/js/views/qr_code_view.js', 'client/js/views/user_dashboard_view.js', 'client/js/views/search_page_result_view.js', 'client/js/views/board_labels_view.js', 'client/js/views/board_labels_edit_view.js', 'client/js/views/label_delete_confirm_view.js', 'client/js/views/subscribe_board_confirm_view.js', 'client/js/views/unsubscribe_board_confirm_view.js', 'client/js/views/archive_card_delete_confirm_view.js', 'client/js/views/archived_card_delete_confirm_view.js', 'client/js/views/archive_list_delete_confirm_view.js', 'client/js/views/modal_shortcut_view.js', 'client/js/views/modal_chat_history_view.js', 'client/js/views/chat_history_view.js', 'client/js/common.js', 'client/js/application.js'); - var source_js_files = new Array('Gruntfile.js', 'client/js/collections/**/*.js', 'client/js/models/**/*.js', 'client/js/views/**/*.js', 'client/js/application.js', 'client/js/common.js', 'client/apps/**/js/*.js'); + var source_js_files = new Array('Gruntfile.js', 'client/js/collections/**/*.js', 'client/js/models/**/*.js', 'client/js/views/**/*.js', 'client/js/application.js', 'client/js/common.js', 'client/apps/**/js/*.js', '!client/apps/**/js/default.cache.js', '!client/apps/**/css/default.cache.css', '!client/apps/r_gantt_view/js/app.js'); var backbone_source_js_files = new Array('client/js/collections/**/*.js', 'client/js/models/**/*.js', 'client/js/views/**/*.js'); var authorize_js_files = new Array('client/js/libs/jquery-1.8.3.js', 'client/js/libs/bootstrap-alert.js', 'client/js/libs/jquery.bootstrap-growl.js'); grunt.initConfig({ @@ -198,26 +198,6 @@ module.exports = function(grunt) { search: '', replace: '', flags: 'g' - }, { - name: 'DB Host', - search: '\'CHAT_DB_HOST\', \'localhost\'', - replace: '\'CHAT_DB_HOST\', \'<%= config.chat_db_host %>\'', - flags: 'g' - }, { - name: 'DB User', - search: '\'ejabb\'', - replace: '\'<%= config.chat_db_user %>\'', - flags: 'g' - }, { - name: 'DB Password', - search: 'ftfnVgYl2', - replace: '<%= config.chat_db_password %>', - flags: 'g' - }, { - name: 'DB Name', - search: '\'ejabberd\'', - replace: '\'<%= config.chat_db_name %>\'', - flags: 'g' }] } }, diff --git a/chat.sh b/chat.sh index e1b936a10..12da6785d 100644 --- a/chat.sh +++ b/chat.sh @@ -12,116 +12,73 @@ echo "This script must be run as root" exit 1 fi + set -x whoami echo $(cat /etc/issue) OS_REQUIREMENT=$(lsb_release -i -s) OS_VERSION=$(lsb_release -rs | cut -f1 -d.) - if ([ "$OS_REQUIREMENT" = "Ubuntu" ] || [ "$OS_REQUIREMENT" = "Debian" ] || [ "$OS_REQUIREMENT" = "Raspbian" ]) - then - set +x - echo "Enter your document root (where your Restyaboard path already installed. e.g., /usr/share/nginx/html/restyaboard):" - read -r dir - while [[ -z "$dir" ]] - do - read -r -p "Enter your document root (where your Restyaboard path already installed. e.g., /usr/share/nginx/html/restyaboard):" dir - done - - EJABBERD_DBHOST=localhost - EJABBERD_DBNAME=ejabberd - EJABBERD_DBUSER=ejabb - EJABBERD_DBPASS=ftfnVgYl2 - EJABBERD_DBPORT=5432 - echo "Changing ejabberd database name, user and password..." - sed -i "s/^.*'CHAT_DB_NAME'.*$/define('CHAT_DB_NAME', '${EJABBERD_DBNAME}');/g" "$dir/server/php/config.inc.php" - sed -i "s/^.*'CHAT_DB_USER'.*$/define('CHAT_DB_USER', '${EJABBERD_DBUSER}');/g" "$dir/server/php/config.inc.php" - sed -i "s/^.*'CHAT_DB_PASSWORD'.*$/define('CHAT_DB_PASSWORD', '${EJABBERD_DBPASS}');/g" "$dir/server/php/config.inc.php" - sed -i "s/^.*'CHAT_DB_HOST'.*$/define('CHAT_DB_HOST', '${EJABBERD_DBHOST}');/g" "$dir/server/php/config.inc.php" - sed -i "s/^.*'CHAT_DB_PORT'.*$/define('CHAT_DB_PORT', '${EJABBERD_DBPORT}');/g" "$dir/server/php/config.inc.php" - - cd /opt - wget http://liquidtelecom.dl.sourceforge.net/project/expat/expat/2.1.1/expat-2.1.1.tar.bz2 - tar -jvxf expat-2.1.1.tar.bz2 - cd expat-2.1.1/ - ./configure - make - make install - - cd /opt - wget https://www.process-one.net/downloads/ejabberd/15.07/ejabberd-15.07.tgz - tar -zvxf ejabberd-15.07.tgz - cd ejabberd-15.07 - apt install automake libc6-dev gcc libssl-dev erlang - ./autogen.sh - ./configure --enable-pgsql - make - make install - cd /etc/ejabberd - echo "Creating ejabberd user and database..." - psql -U postgres -c "CREATE USER ${EJABBERD_DBUSER} WITH ENCRYPTED PASSWORD '${EJABBERD_DBPASS}'" + EJABBERD_DBHOST=localhost + EJABBERD_DBNAME=ejabberd + EJABBERD_DBUSER=ejabb + EJABBERD_DBPASS=ftfnVgYl2 + EJABBERD_DBPORT=5432 - cd /etc/ejabberd - psql -U postgres -c "CREATE DATABASE ${EJABBERD_DBNAME}" + set +x + echo "Enter your document root (where your Restyaboard path already installed. e.g., /usr/share/nginx/html/restyaboard):" + read -r dir + while [[ -z "$dir" ]] + do + read -r -p "Enter your document root (where your Restyaboard path already installed. e.g., /usr/share/nginx/html/restyaboard):" dir + done - psql -d ${EJABBERD_DBNAME} -f "/opt/ejabberd-15.07/sql/pg.sql" -U postgres - mv $dir/ejabberd.yml /etc/ejabberd/ejabberd.yml - chmod -R go+w "/etc/ejabberd/ejabberd.yml" - sed -i 's/odbc_username: "postgres"/odbc_username: "'${EJABBERD_DBUSER}'"/g' /etc/ejabberd/ejabberd.yml - sed -i 's/odbc_password: ""/odbc_password: "'${EJABBERD_DBPASS}'"/g' /etc/ejabberd/ejabberd.yml + set +x + echo "To configure ejabberd, enter your restyaboard domain name (e.g., www.example.com, 192.xxx.xxx.xxx, etc.,):" + read -r webdir + while [[ -z "$webdir" ]] + do + read -r -p "To configure ejabberd, enter your restyaboard domain name (e.g., www.example.com, 192.xxx.xxx.xxx, etc.,):" webdir + done - echo "Setting up cron for chat server..." - echo "*/5 * * * * $dir/server/php/plugins/Chat/shell/chat_activities.sh" >> /var/spool/cron/crontabs/root - echo "0 * * * * $dir/server/php/plugins/Chat/shell/periodic_chat_email_notification.sh" >> /var/spool/cron/crontabs/root - - ejabberdctl start - sleep 15 - ejabberdctl change_password admin localhost restya - ejabberdctl stop - sleep 15 - ejabberdctl start - echo "Installation successfully completed" - else - set +x - echo "Enter your document root (where your Restyaboard path already installed. e.g., /usr/share/nginx/html/restyaboard):" - read -r dir - while [[ -z "$dir" ]] - do - read -r -p "Enter your document root (where your Restyaboard path already installed. e.g., /usr/share/nginx/html/restyaboard):" dir - done - - wget https://www.process-one.net/downloads/ejabberd/15.07/ejabberd-15.07.tgz + if ([ "$OS_REQUIREMENT" = "Ubuntu" ] || [ "$OS_REQUIREMENT" = "Debian" ] || [ "$OS_REQUIREMENT" = "Raspbian" ]) + then + apt install -y libz-dev + CRON_DIR=/var/spool/cron/crontabs/root + else + CRON_DIR=/var/spool/cron/root + fi - yum install -y libyaml* - tar -zvxf ejabberd-15.07.tgz - cd ejabberd-15.07 - ./autogen.sh - ./configure --enable-pgsql - make - make install + cd /opt + wget -O ejab.tgz https://www.process-one.net/downloads/downloads-action.php?file=/ejabberd/18.04/ejabberd-18.04.tgz + tar -xvzf ejab.tgz + cd ejabberd-18.04/ + ./configure --enable-pgsql + make + make install - echo "Creating ejabberd user and database..." - psql -U postgres -c "CREATE USER ${EJABBERD_DBUSER} WITH ENCRYPTED PASSWORD '${EJABBERD_DBPASS}'" + echo "Creating ejabberd user and database..." + psql -U postgres -c "CREATE USER ${EJABBERD_DBUSER} WITH ENCRYPTED PASSWORD '${EJABBERD_DBPASS}'" + psql -U postgres -c "CREATE DATABASE ${EJABBERD_DBNAME}" + psql -d ${EJABBERD_DBNAME} -f "/opt/ejabberd-15.07/sql/pg.sql" -U postgres - cd /etc/ejabberd - psql -U postgres -c "CREATE DATABASE ${EJABBERD_DBNAME}" - - psql -d ${EJABBERD_DBNAME} -f "/opt/ejabberd-15.07/sql/pg.sql" -U postgres - mv $dir/ejabberd.yml /etc/ejabberd/ejabberd.yml - chmod -R go+w "/etc/ejabberd/ejabberd.yml" - sed -i 's/ejabberd15/'${EJABBERD_DBNAME}'/g' /etc/ejabberd/ejabberd.yml + mv $dir/ejabberd.yml /usr/local/etc/ejabberd/ejabberd.yml + chmod -R go+w "/usr/local/etc/ejabberd/ejabberd.yml" + sed -i "s/restya.com/$webdir/g" /usr/local/etc/ejabberd/ejabberd.yml + sed -i 's/sql_database: "ejabberd"/sql_database: "'${EJABBERD_DBNAME}'"/g' /usr/local/etc/ejabberd/ejabberd.yml + sed -i 's/sql_username: "postgres"/sql_username: "'${EJABBERD_DBUSER}'"/g' /usr/local/etc/ejabberd/ejabberd.yml + sed -i 's/sql_password: ""/sql_password: "'${EJABBERD_DBPASS}'"/g' /usr/local/etc/ejabberd/ejabberd.yml - echo "Setting up cron for chat server..." - echo "*/5 * * * * $dir/server/php/plugins/Chat/shell/chat_activities.sh" >> /var/spool/cron/root - echo "0 * * * * $dir/server/php/plugins/Chat/shell/periodic_chat_email_notification.sh" >> /var/spool/cron/root + ejabberdctl start + sleep 15 + ejabberdctl register admin localhost restya + ejabberdctl stop + sleep 15 + ejabberdctl start - ejabberdctl start - sleep 15 - ejabberdctl change_password admin localhost restya - ejabberdctl stop - sleep 15 - ejabberdctl start + echo "Setting up cron for chat server..." + echo "*/5 * * * * $dir/server/php/plugins/Chat/shell/chat_activities.sh" >> CRON_DIR + echo "0 * * * * $dir/server/php/plugins/Chat/shell/periodic_chat_email_notification.sh" >> CRON_DIR - echo "Installation successfully completed" - fi + echo "Installation successfully completed" } \ No newline at end of file diff --git a/ejabberd.yml b/ejabberd.yml index 850f7347d..0f0bfb151 100644 --- a/ejabberd.yml +++ b/ejabberd.yml @@ -36,7 +36,7 @@ ## 4: Info ## 5: Debug ## -loglevel: 5 +loglevel: 4 ## ## rotation: Describe how to rotate logs. Either size and/or date can trigger @@ -88,7 +88,7 @@ log_rate_limit: 100 ## ## hosts: Domains served by ejabberd. ## You can define one or several, for example: -## hosts: +## hosts: ## - "example.net" ## - "example.com" ## - "example.org" @@ -103,6 +103,42 @@ hosts: ## ## route_subdomains: s2s +###. ============ +###' Certificates + +## List all available PEM files containing certificates for your domains, +## chains of certificates or certificate keys. Full chains will be built +## automatically by ejabberd. +## +## certfiles: +## - "/etc/letsencrypt/live/example.org/*.pem" +## - "/etc/letsencrypt/live/example.com/*.pem" +## +## If your system provides only a single CA file (CentOS/FreeBSD): +## ca_file: "/etc/ssl/certs/ca-bundle.pem" + +###. ================= +###' TLS configuration + +## Note that the following configuration is the default +## configuration of the TLS driver, so you don't need to +## uncomment it. +## +## define_macro: +## 'TLS_CIPHERS': "HIGH:!aNULL:!eNULL:!3DES:@STRENGTH" +## 'TLS_OPTIONS': +## - "no_sslv3" +## - "cipher_server_preference" +## - "no_compression" +## 'DH_FILE': "/path/to/dhparams.pem" # generated with: openssl dhparam -out dhparams.pem 2048 +## +## c2s_dhfile: 'DH_FILE' +## s2s_dhfile: 'DH_FILE' +## c2s_ciphers: 'TLS_CIPHERS' +## s2s_ciphers: 'TLS_CIPHERS' +## c2s_protocol_options: 'TLS_OPTIONS' +## s2s_protocol_options: 'TLS_OPTIONS' + ###. =============== ###' LISTENING PORTS @@ -110,16 +146,15 @@ hosts: ## listen: The ports ejabberd will listen on, which service each is handled ## by and what options to start it with. ## -listen: - - +listen: + - port: 5222 + ip: "::" module: ejabberd_c2s ## ## If TLS is compiled in and you installed a SSL - ## certificate, specify the full path to the - ## file and uncomment these lines: + ## certificate, uncomment this line: ## - ## certfile: "/path/to/ssl.pem" ## starttls: true ## ## To enforce TLS encryption for client connections, @@ -127,26 +162,63 @@ listen: ## ## starttls_required: true ## - ## Custom OpenSSL options + ## Stream compression + ## + ## zlib: true ## - ## protocol_options: - ## - "no_sslv3" - ## - "no_tlsv1" max_stanza_size: 65536 shaper: c2s_shaper access: c2s - - + ## + ## Direct-TLS for C2S (XEP-0368). A good practice is to forward + ## traffic from port 443 to this port, possibly multiplexing it + ## with HTTP using e.g. sslh [https://wiki.xmpp.org/web/Tech_pages/XEP-0368], + ## so modern clients can bypass restrictive firewalls (in airports, hotels, etc.). + ## + ## - + ## port: 5223 + ## ip: "::" + ## module: ejabberd_c2s + ## tls: true + ## max_stanza_size: 65536 + ## shaper: c2s_shaper + ## access: c2s + - port: 5269 + ip: "::" module: ejabberd_s2s_in + - + port: 5280 + ip: "::" + module: ejabberd_http + request_handlers: + "/ws": ejabberd_http_ws + "/bosh": mod_bosh + "/api": mod_http_api + ## "/pub/archive": mod_http_fileserver + web_admin: true + ## register: true + captcha: true + ## ## ejabberd_service: Interact with external components (transports, ...) ## - ## - + ## - ## port: 8888 + ## ip: "::" ## module: ejabberd_service ## access: all ## shaper_rule: fast ## ip: "127.0.0.1" + ## privilege_access: + ## roster: "both" + ## message: "outgoing" + ## presence: "roster" + ## delegations: + ## "urn:xmpp:mam:1": + ## filtering: ["node"] + ## "http://jabber.org/protocol/pubsub": + ## filtering: [] ## hosts: ## "icq.example.org": ## password: "secret" @@ -156,7 +228,7 @@ listen: ## ## ejabberd_stun: Handles STUN Binding requests ## - ## - + ## - ## port: 3478 ## transport: udp ## module: ejabberd_stun @@ -164,50 +236,45 @@ listen: ## ## To handle XML-RPC requests that provide admin credentials: ## - ## - + ## - ## port: 4560 + ## ip: "::" ## module: ejabberd_xmlrpc - - - port: 5280 - module: ejabberd_http - request_handlers: - "/websocket": ejabberd_http_ws - ## "/pub/archive": mod_http_fileserver - web_admin: true - http_bind: true - ## register: true - captcha: true + ## maxsessions: 10 + ## timeout: 5000 + ## access_commands: + ## admin: + ## commands: all + ## options: [] + + ## + ## To enable secure http upload + ## + ## - + ## port: 5444 + ## ip: "::" + ## module: ejabberd_http + ## request_handlers: + ## "": mod_http_upload + ## tls: true + ## protocol_options: 'TLS_OPTIONS' + ## dhfile: 'DH_FILE' + ## ciphers: 'TLS_CIPHERS' + +## Disabling digest-md5 SASL authentication. digest-md5 requires plain-text +## password storage (see auth_password_format option). +## disable_sasl_mechanisms: "digest-md5" ###. ================== ###' S2S GLOBAL OPTIONS ## -## s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections. -## Allowed values are: false optional required required_trusted -## You must specify a certificate file. +## s2s_use_starttls: Enable STARTTLS for S2S connections. +## Allowed values are: false, optional or required +## You must specify 'certfiles' option ## ## s2s_use_starttls: optional -## -## s2s_certfile: Specify a certificate file. -## -## s2s_certfile: "/path/to/ssl.pem" - -## Custom OpenSSL options -## -## s2s_protocol_options: -## - "no_sslv3" -## - "no_tlsv1" - -## -## domain_certfile: Specify a different certificate for each served hostname. -## -## host_config: -## "example.org": -## domain_certfile: "/path/to/example_org.pem" -## "example.com": -## domain_certfile: "/path/to/example_com.pem" - ## ## S2S whitelist or blacklist ## @@ -219,12 +286,12 @@ listen: ## Outgoing S2S options ## ## Preferred address families (which to try first) and connect timeout -## in milliseconds. +## in seconds. ## ## outgoing_s2s_families: ## - ipv4 ## - ipv6 -## outgoing_s2s_timeout: 10000 +## outgoing_s2s_timeout: 190 ###. ============== ###' AUTHENTICATION @@ -235,7 +302,7 @@ listen: ## If you want to use a different method, ## comment this line and enable the correct ones. ## -auth_method: odbc +auth_method: sql ## ## Store the plain passwords or hashed for SCRAM: @@ -253,10 +320,10 @@ auth_method: odbc ## extauth_program: "/path/to/authentication/script" ## -## Authentication using ODBC +## Authentication using SQL ## Remember to setup a database in the next section. ## -## auth_method: odbc +## auth_method: sql ## ## Authentication using PAM @@ -329,26 +396,26 @@ auth_method: odbc ## ## MySQL server: ## -## odbc_type: mysql -## odbc_server: "server" -## odbc_database: "database" -## odbc_username: "username" -## odbc_password: "password" +## sql_type: mysql +## sql_server: "server" +## sql_database: "database" +## sql_username: "username" +## sql_password: "password" ## ## If you want to specify the port: -## odbc_port: 1234 +## sql_port: 1234 ## ## PostgreSQL server: ## -odbc_type: pgsql -odbc_server: "localhost" -odbc_database: "ejabberd15" -odbc_username: "postgres" -odbc_password: "" +sql_type: pgsql +sql_server: "localhost" +sql_database: "ejabberd" +sql_username: "postgres" +sql_password: "" ## ## If you want to specify the port: -## odbc_port: 1234 +## sql_port: 1234 ## ## If you use PostgreSQL, have a large database, and need a ## faster but inexact replacement for "select count(*) from users" @@ -358,25 +425,30 @@ odbc_password: "" ## ## SQLite: ## -## odbc_type: sqlite -## odbc_database: "/path/to/database.db" +## sql_type: sqlite +## sql_database: "/path/to/database.db" ## ## ODBC compatible or MSSQL server: ## -## odbc_type: odbc -## odbc_server: "DSN=ejabberd;UID=ejabberd;PWD=ejabberd" +## sql_type: odbc +## sql_server: "DSN=ejabberd;UID=ejabberd;PWD=ejabberd" ## ## Number of connections to open to the database for each virtual host ## -## odbc_pool_size: 10 +## sql_pool_size: 10 ## ## Interval to make a dummy SQL request to keep the connections to the ## database alive. Specify in seconds: for example 28800 means 8 hours ## -## odbc_keepalive_interval: undefined +## sql_keepalive_interval: undefined + +## +## Use the new SQL schema +## +## new_sql_schema: true ###. =============== ###' TRAFFIC SHAPERS @@ -396,7 +468,7 @@ shaper: ## This option specifies the maximum number of elements in the queue ## of the FSM. Refer to the documentation for details. ## -max_fsm_queue: 1000 +max_fsm_queue: 10000 ###. ==================== ###' ACCESS CONTROL LISTS @@ -407,19 +479,22 @@ acl: ## ## admin: ## user: - ## - "aleksey": "localhost" - ## - "ermine": "example.org" + ## - "aleksey@localhost" + ## - "ermine@example.org" ## ## Blocked users ## ## blocked: ## user: - ## - "baduser": "example.org" + ## - "baduser@example.org" ## - "test" + admin: + user: + - "admin@restya.com" ## Local users: don't modify this. ## - local: + local: user_regexp: "" ## @@ -430,7 +505,7 @@ acl: ## - "jabber.org" ## aleksey: ## user: - ## - "aleksey": "jabber.ru" + ## - "aleksey@jabber.ru" ## test: ## user_regexp: "^test" ## user_glob: "test*" @@ -441,6 +516,8 @@ acl: loopback: ip: - "127.0.0.0/8" + - "::1/128" + - "::FFFF:127.0.0.1/128" ## ## Bad XMPP servers @@ -458,66 +535,114 @@ acl: ## acl: ## admin: ## user: -## - "bob-local": "localhost" +## - "bob-local@localhost" ###. ============ -###' ACCESS RULES -access: +###' SHAPER RULES + +shaper_rules: ## Maximum number of simultaneous sessions allowed for a single user: - max_user_sessions: - all: 10 + max_user_sessions: 10 ## Maximum number of offline messages that users can have: - max_user_offline_messages: - admin: 5000 - all: 100 - ## This rule allows access only for local users: - local: - local: allow - ## Only non-blocked users can use c2s connections: - c2s: - blocked: deny - all: allow + max_user_offline_messages: + - 5000: admin + - 100 ## For C2S connections, all users except admins use the "normal" shaper - c2s_shaper: - admin: none - all: normal + c2s_shaper: + - none: admin + - normal ## All S2S connections use the "fast" shaper - s2s_shaper: - all: fast + s2s_shaper: fast + +###. ============ +###' ACCESS RULES +access_rules: + ## This rule allows access only for local users: + local: + - allow: local + ## Only non-blocked users can use c2s connections: + c2s: + - deny: blocked + - allow ## Only admins can send announcement messages: - announce: - admin: allow + announce: + - allow: admin ## Only admins can use the configuration interface: - configure: - admin: allow - ## Admins of this server are also admins of the MUC service: - muc_admin: - admin: allow + configure: + - allow: admin ## Only accounts of the local ejabberd server can create rooms: - muc_create: - local: allow - ## All users are allowed to use the MUC service: - muc: - all: allow + muc_create: + - allow: local ## Only accounts on the local ejabberd server can create Pubsub nodes: - pubsub_createnode: - local: allow + pubsub_createnode: + - allow: local ## In-band registration allows registration of any possible username. ## To disable in-band registration, replace 'allow' with 'deny'. - register: - all: allow + register: + - allow ## Only allow to register from localhost - trusted_network: - loopback: allow - all: allow + trusted_network: + - allow: loopback + - allow: all ## Do not establish S2S connections with bad servers - ## s2s: - ## bad_servers: deny - ## all: allow + ## If you enable this you also have to uncomment "s2s_access: s2s" + ## s2s: + ## - deny: + ## - ip: "XXX.XXX.XXX.XXX/32" + ## - deny: + ## - ip: "XXX.XXX.XXX.XXX/32" + ## - allow + +## =============== +## API PERMISSIONS +## =============== +## +## This section allows you to define who and using what method +## can execute commands offered by ejabberd. +## +## By default "console commands" section allow executing all commands +## issued using ejabberdctl command, and "admin access" section allows +## users in admin acl that connect from 127.0.0.1 to execute all +## commands except start and stop with any available access method +## (ejabberdctl, http-api, xmlrpc depending what is enabled on server). +## +## If you remove "console commands" there will be one added by +## default allowing executing all commands, but if you just change +## permissions in it, version from config file will be used instead +## of default one. +## +api_permissions: + "console commands": + from: + - ejabberd_ctl + who: all + what: "*" + "admin access": + who: + - access: + - allow: + - acl: loopback + - acl: admin + - oauth: + - scope: "ejabberd:admin" + - access: + - allow: + - acl: loopback + - acl: admin + what: + - "*" + - "!stop" + - "!start" + "public commands": + who: + - ip: "127.0.0.1/8" + what: + - "status" + - "connected_users_number" ## By default the frequency of account registrations from the same IP ## is limited to 1 account every 10 minutes. To disable, specify: infinity -registration_timeout: infinity +## registration_timeout: 600 ## ## Define specific Access Rules in a virtual host. @@ -526,10 +651,10 @@ registration_timeout: infinity ## "localhost": ## access: ## c2s: -## admin: allow -## all: deny +## - allow: admin +## - deny ## register: -## all: deny +## - deny ###. ================ ###' DEFAULT LANGUAGE @@ -564,13 +689,43 @@ language: "en" ## ## captcha_limit: 5 +###. ==== +###' ACME +## +## In order to use the acme certificate acquiring through "Let's Encrypt" +## an http listener has to be configured to listen to port 80 so that +## the authorization challenges posed by "Let's Encrypt" can be solved. +## +## A simple way of doing this would be to add the following in the listening +## section and to configure port forwarding from 80 to 5280 either via NAT +## (for ipv4 only) or using frontends such as haproxy/nginx/sslh/etc. +## - +## port: 5280 +## ip: "::" +## module: ejabberd_http + +acme: + + ## A contact mail that the ACME Certificate Authority can contact in case of + ## an authorization issue, such as a server-initiated certificate revocation. + ## It is not mandatory to provide an email address but it is highly suggested. + contact: "mailto:example-admin@example.com" + + + ## The ACME Certificate Authority URL. + ## This could either be: + ## - https://acme-v01.api.letsencrypt.org - (Default) for the production CA + ## - https://acme-staging.api.letsencrypt.org - for the staging CA + ## - http://localhost:4000 - for a local version of the CA + ca_url: "https://acme-v01.api.letsencrypt.org" + ###. ======= ###' MODULES ## ## Modules enabled in all ejabberd virtual hosts. ## -modules: +modules: mod_adhoc: {} mod_admin_extra: {} mod_announce: # recommends mod_adhoc @@ -578,47 +733,63 @@ modules: mod_blocking: {} # requires mod_privacy mod_caps: {} mod_carboncopy: {} - mod_client_state: - drop_chat_states: true - queue_presence: false + mod_client_state: {} mod_configure: {} # requires mod_adhoc + ## mod_delegation: {} # for xep0356 mod_disco: {} - ## mod_echo: {} + mod_echo: {} mod_irc: {} - mod_http_bind: {} + mod_bosh: {} ## mod_http_fileserver: ## docroot: "/var/www" ## accesslog: "/var/log/ejabberd/access.log" + ## mod_http_upload: + ## # docroot: "@HOME@/upload" + ## put_url: "https://@HOST@:5444" + ## thumbnail: false # otherwise needs ejabberd to be compiled with libgd support + ## mod_http_upload_quota: + ## max_days: 30 mod_last: {} - mod_muc: - db_type: odbc + ## XEP-0313: Message Archive Management + ## You might want to setup a SQL backend for MAM because the mnesia database is + ## limited to 2GB which might be exceeded on large servers + ## mod_mam: {} # for xep0313, mnesia is limited to 2GB, better use an SQL backend + mod_mam: + db_type: sql + default: always + mod_muc: + db_type: sql host: "conference.restya.com" - access: muc + access: + - allow + access_admin: + - allow: admin access_create: muc_create access_persistent: muc_create - access_admin: muc_admin default_room_options: - anonymous: true - allow_change_subj: false - allow_private_messages: false - allow_private_messages_from_visitors: nobody - allow_query_users: true - allow_user_invites: false - allow_visitor_nickchange: false - allow_visitor_status: false - captcha_protected: false - logging: false - max_users: 30 - members_by_default: true - members_only: false - moderated: true - password_protected: false - persistent: true - public: false - public_list: false - ##mod_muc_log: {} + anonymous: true + allow_change_subj: false + allow_private_messages: false + allow_private_messages_from_visitors: nobody + allow_query_users: true + allow_user_invites: false + allow_visitor_nickchange: false + allow_visitor_status: false + captcha_protected: false + logging: false + max_users: 50 + members_by_default: true + members_only: false + moderated: true + password_protected: false + persistent: true + public: false + public_list: false + mam: true + mod_muc_admin: {} + ## mod_muc_log: {} ## mod_multicast: {} - mod_offline: + mod_offline: access_max_user_messages: max_user_offline_messages mod_ping: {} ## mod_pres_counter: @@ -627,66 +798,82 @@ modules: mod_privacy: {} mod_private: {} ## mod_proxy65: {} - mod_pubsub: + mod_pubsub: access_createnode: pubsub_createnode ## reduces resource comsumption, but XEP incompliant ignore_pep_from_offline: true ## XEP compliant, but increases resource comsumption ## ignore_pep_from_offline: false last_item_cache: false - plugins: + plugins: - "flat" - "hometree" - "pep" # pep requires mod_caps - mod_register: + force_node_config: + ## Avoid using OMEMO by default because it + ## introduces a lot of hard-to-track problems + "eu.siacs.conversations.axolotl.*": + access_model: whitelist + ## Avoid buggy clients to make their bookmarks public + "storage:bookmarks": + access_model: whitelist + mod_push: {} + mod_push_keepalive: {} + mod_register: ## ## Protect In-Band account registrations with CAPTCHA. ## - ## captcha_protected: true - + ## captcha_protected: true ## ## Set the minimum informational entropy for passwords. ## - ## password_strength: 32 - + ## password_strength: 32 ## ## After successful registration, the user receives ## a message with this subject and body. ## - welcome_message: - subject: "Welcome!" - body: |- - Hi. - Welcome to this XMPP server. - + ## welcome_message: + ## subject: "Welcome!" + ## body: |- + ## Hi. + ## Welcome to this XMPP server. ## ## When a user registers, send a notification to ## these XMPP accounts. ## - ## registration_watchers: - ## - "admin1@example.org" - + ## registration_watchers: + ## - "admin1@example.org" ## ## Only clients in the server machine can register accounts ## ip_access: trusted_network - ## ## Local c2s or remote s2s users cannot register accounts ## - ## access_from: deny - + ## access_from: deny access: register mod_roster: {} mod_shared_roster: {} mod_stats: {} mod_time: {} - mod_vcard: {} + mod_vcard: + search: false + mod_vcard_xupdate: {} + mod_avatar: {} mod_version: {} - mod_mam: - db_type: odbc - default: always - mod_muc_admin: {} + mod_stream_mgmt: {} + ## Non-SASL Authentication (XEP-0078) is now disabled by default + ## because it's obsoleted and is used mostly by abandoned + ## client software + ## mod_legacy_auth: {} + ## The module for S2S dialback (XEP-0220). Please note that you cannot + ## rely solely on dialback if you want to federate with other servers, + ## because a lot of servers have dialback disabled and instead rely on + ## PKIX authentication. Make sure you have proper certificates installed + ## and check your accessibility at https://check.messaging.one/ + mod_s2s_dialback: {} + mod_http_api: {} + mod_fail2ban: {} ## ## Enable modules with custom options in a specific virtual host @@ -711,10 +898,3 @@ allow_contrib_modules: true ### mode: yaml ### End: ### vim: set filetype=yaml tabstop=8 foldmarker=###',###. foldmethod=marker: -acl: - admin: - user: - - "admin": "restya.com" -access: - configure: - admin: allow diff --git a/restyaboard.sh b/restyaboard.sh index db928fbc5..3386ab06d 100644 --- a/restyaboard.sh +++ b/restyaboard.sh @@ -566,24 +566,6 @@ get_geoip_data - apt-get install -y autotools-dev - - apt-get install -y automake - - apt-get install -y erlang - - apt-get install -y libyaml-dev - - apt-get install -y rebar - - cd /opt - wget http://liquidtelecom.dl.sourceforge.net/project/expat/expat/2.1.1/expat-2.1.1.tar.bz2 - tar -jvxf expat-2.1.1.tar.bz2 - cd expat-2.1.1/ - ./configure - make - make install - echo "Downloading Restyaboard script..." apt-get install -y curl mkdir ${DOWNLOAD_DIR} @@ -1031,19 +1013,6 @@ fi fi - yum install -y git - git clone git://github.com/rebar/rebar.git - cd rebar - ./bootstrap - - yum install -y gcc glibc-devel make ncurses-devel openssl-devel autoconf expat-devel - - cd /opt - wget http://erlang.org/download/otp_src_R15B01.tar.gz - tar zxvf otp_src_R15B01.tar.gz - cd otp_src_R15B01 - ./configure && make && make install - yum install -y php-xml echo "Downloading Restyaboard script..."