Setup Openfire XMPP Server on Ubuntu

setup_openfire.md

Setup Openfire XMPP Server

Install Java Runtime

$ sudo apt-get update
$ sudo apt install default-jre

Check Java installation

$ java --version
openjdk 11.0.13 2021-10-19
OpenJDK Runtime Environment (build 11.0.13+8-Ubuntu-0ubuntu1.18.04)
OpenJDK 64-Bit Server VM (build 11.0.13+8-Ubuntu-0ubuntu1.18.04, mixed mode, sharing)

Install Openfire

$ wget https://download.igniterealtime.org/openfire/openfire_4_6_7.tar.gz
$ tar -xvzf openfire_4_6_7.tar.gz

Move Openfire to /opt/

$ sudo mv openfire/ /opt/

Prepare Openfire with systemd

$ sudo vi /etc/systemd/system/openfire.service

Add this service definition (openfire.service)

[Unit]
Description=Openfire service
After=network.target

[Service]
Type=forking
User=vagrant
ExecStart=/bin/sh -c "/opt/openfire/bin/openfire start"
StandardOutput=file:/var/log/openfire.log
StandardError=file:/var/log/openfire-error.log
Restart=on-failure

[Install]
WantedBy=multi-user.target

Reload systemd and enable Openfire

$ sudo systemctl daemon-reload
$ sudo systemctl enable openfire.service

Start Openfire

$ sudo systemctl start openfire.service

Install Postgresql

$ sudo apt-get install postgresql postgresql-contrib

When the installation is complete, the PostgreSQL server is running, and a Linux user account called postgres has been created.

Log in to the postgres account.

$ sudo --login --user postgres

Start the PostgreSQL interactive terminal.

$ psql

Create the database openfire

$ postgres=# CREATE DATABASE openfire;

Create the openfire user openfire.

$ postgres=# CREATE USER openfire WITH PASSWORD 'fire12345';

Grant the user access to the openfire database.

$ postgres=# GRANT ALL PRIVILEGES ON DATABASE openfire to openfire;

Exit the PostgreSQL interactive terminal

$ postgres=# \q

Log out of the postgres account.

$ exit

Configuration

If you use a different server for your database and the openfire server, you may allow PostgreSQL to listen on all assigned IP Addresses. To do so, open /etc/postgresql/10/main/postgresql.conf as root in a text editor. As a best practice, ensure that only the openfire server is able to connect to the PostgreSQL port using a firewall.

Open postgresql.conf

$ sudo vi /etc/postgresql/10/main/postgresql.conf

Find the following line:

#listen_addresses = 'localhost'

Uncomment the line and change localhost to * :

listen_addresses = '*'

Restart PostgreSQL for the change to take effect:

$ sudo systemctl restart postgresql

Modify the file pg_hba.conf to allow the openfire server to communicate with the database.

• If the openfire server and the database are on the same machine:

  • Open /etc/postgresql/10/main/pg_hba.conf as root in a text editor.
  • Find the following line

  local   all             all                        peer
  

  • Change peer to trust

  local   all             all                        trust
  

• If the openfire server and the database are on different machines:

  • Open /etc/postgresql/10/main/pg_hba.conf as root in a text editor.
  • Add the following line to the end of the file, where {openfire-server-IP} is the IP address of the machine that contains the openfire server

  host all all {openfire-server-IP}/32 md5
  

Reload PostgreSQL:

$ sudo systemctl reload postgresql

Verify that you can connect with the user openfire.

• If the openfire server and the database are on the same machine, use the following command:

$ psql --dbname=openfire --username=openfire --password

• If the openfire server is on a different machine, log into that machine and use the following command:

$ psql --host={postgres-server-IP} --dbname=openfire --username=openfire --password

Admin console

Visit Openfire Admin Console: http://localhost:9090

setup_vagrant

Download Ubuntu bionic box `box ubuntu/bionic64` to your machine.
```shell
$ vagrant box add ubuntu/bionic64
```
Create new folder and initialize `Vagrant` environment with `ubuntu/bionic64`.
```shell
$ mkdir openfire-vag
$ cd openfire-vag
$ vagrant init ubuntu/bionic64
```
Adjust your `Vagrantfile` with `Vagrantfile` bellow

Run your Virtual Machine.
```shell
$ vagrant up
```

Masuk kedalam Virtual Machine anda.
```shell
$ vagrant ssh
```

Vagrantfile

# -*- mode: ruby -*-
# vi: set ft=ruby :

# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
  # The most common configuration options are documented and commented below.
  # For a complete reference, please see the online documentation at
  # https://docs.vagrantup.com.

  # Every Vagrant development environment requires a box. You can search for
  # boxes at https://vagrantcloud.com/search.
  config.vm.box = "ubuntu/bionic64"

  # Disable automatic box update checking. If you disable this, then
  # boxes will only be checked for updates when the user runs
  # `vagrant box outdated`. This is not recommended.
  # config.vm.box_check_update = false

  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine. In the example below,
  # accessing "localhost:8080" will access port 80 on the guest machine.
  # NOTE: This will enable public access to the opened port
  # config.vm.network "forwarded_port", guest: 80, host: 8080

  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine and only allow access
  # via 127.0.0.1 to disable public access
  config.vm.network "forwarded_port", guest: 1883, host: 1883, host_ip: "127.0.0.1"
  config.vm.network "forwarded_port", guest: 9090, host: 9090, host_ip: "127.0.0.1"
  config.vm.network "forwarded_port", guest: 5222, host: 5222, host_ip: "127.0.0.1"
  config.vm.network "forwarded_port", guest: 5269, host: 5269, host_ip: "127.0.0.1"
  config.vm.network "forwarded_port", guest: 5223, host: 5223, host_ip: "127.0.0.1"
  config.vm.network "forwarded_port", guest: 7443, host: 7443, host_ip: "127.0.0.1"
  config.vm.network "forwarded_port", guest: 7777, host: 7777, host_ip: "127.0.0.1"
  config.vm.network "forwarded_port", guest: 7070, host: 7070, host_ip: "127.0.0.1"
  config.vm.network "forwarded_port", guest: 5229, host: 5229, host_ip: "127.0.0.1"
  config.vm.network "forwarded_port", guest: 5275, host: 5275, host_ip: "127.0.0.1"

  # Create a private network, which allows host-only access to the machine
  # using a specific IP.
  config.vm.network "private_network", ip: "192.168.33.14"

  # Create a public network, which generally matched to bridged network.
  # Bridged networks make the machine appear as another physical device on
  # your network.
  # config.vm.network "public_network"

  # Share an additional folder to the guest VM. The first argument is
  # the path on the host to the actual folder. The second argument is
  # the path on the guest to mount the folder. And the optional third
  # argument is a set of non-required options.
  config.vm.synced_folder "./output", "/home/vagrant/fuck/out"

  # Provider-specific configuration so you can fine-tune various
  # backing providers for Vagrant. These expose provider-specific options.
  # Example for VirtualBox:
  #
  config.vm.provider "virtualbox" do |vb|
    # Display the VirtualBox GUI when booting the machine
    # vb.gui = true
  
    # Customize the amount of memory on the VM:
    vb.memory = "4090"
  end
  #
  # View the documentation for the provider you are using for more
  # information on available options.

  # Enable provisioning with a shell script. Additional provisioners such as
  # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
  # documentation for more information about their specific syntax and use.
  # config.vm.provision "shell", inline: <<-SHELL
  #   apt-get update
  #   apt-get install -y apache2
  # SHELL
end