Objective: Prosody – A Simple XMPP Server for Instant Messaging
XMPP (Extensible Messaging and Presence Protocol) is an open-standard communication protocol based on XML, developed in 1999. Known for its decentralized nature, XMPP allows the creation of interoperable applications, meaning services can communicate with one another regardless of the underlying platform. This open approach to development ensures flexibility and extensibility.
Today, some of the key features of XMPP are:
- Secure instant messaging: All communications are encrypted, ensuring privacy.
- Decentralization: No central server is needed, giving users control over their own data.
Prerequisites
Before we begin, ensure you have the following:
- A (preferably) Debian-based virtual machine or server instance. This tutorial will guide you through the initial setup.
- A few minutes to spare for installation and configuration.
What Will We Do?
In this tutorial, we will:
- Install Prosody
- Install additional modules
- Modify the main Prosody configuration file
- Configure a virtual host section
1. Installing Prosody
Prosody developers maintain their own repository for secure installation and updates. This ensures you always have the latest version of Prosody.
1.1 Add the Repository
Add the Prosody repository to your system's package sources:
echo "deb http://packages.prosody.im/debian $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list
1.2 Add the Prosody Key to Your Keyring
To authenticate packages from the Prosody repository, add the repository’s signing key:
wget https://prosody.im/files/prosody-debian-packages.key -O - | sudo apt-key add -
1.3 Install Prosody and Required Dependencies
Install Prosody, the LuaRocks package manager, and essential Lua storage drivers:
sudo aptitude update && sudo aptitude install prosody-0.10 luarocks lua-zlib lua-dbi-common lua-dbi-sqlite3 -y
1.4 Install Required LuaRocks
For enhanced security, install the following LuaRocks:
luarocks install lua-zlib luaevent luasec luasocket
These additional Lua modules will enable forward secrecy and stream compression for your server.
2. Installing Additional Modules
Prosody supports various modules that can enhance functionality. Here’s how to install them.
2.1 Clone the Prosody Modules Repository
To access additional modules, clone the official repository:
hg clone http://prosody-modules.googlecode.com/hg/ prosody-modules
2.2 Find the Modules Directory
You can identify where Prosody looks for modules by running:
prosodyctl about
This will return various information, including the path for the module directory:
Plugin directories:
/usr/local/lib/prosody/modules/
2.3 Choose and Enable Useful Modules
Here are some useful modules to enable for better functionality:
This module ensures that messages sent to your JID are delivered to all connected devices. It is ideal for users accessing XMPP from multiple clients.
To enable this module, use the following command:
cp prosody-modules/mod_carbons/mod_carbons.lua /usr/local/lib/prosody/modules/
This extension stores conversations on the server, enabling synchronization across devices. It allows clients to display archived messages.
Enable this module:
cp prosody-modules/mod_mam/mod_mam.lua /usr/local/lib/prosody/modules/
2.3.3 mod_csi
This module helps mobile clients indicate inactivity, reducing unnecessary notifications. It is particularly useful for users on mobile networks.
cp prosody-modules/mod_csi/mod_csi.lua /usr/local/lib/prosody/modules/
This module reduces message loss on unreliable internet connections (common with mobile networks).
cp prosody-modules/mod_smacks/mod_smacks.lua /usr/local/lib/prosody/modules/
2.3.5 mod_throttle_presence
This extension helps reduce traffic on mobile connections by limiting presence updates, which often generate significant network traffic.
cp prosody-modules/mod_throttle_presence/mod_throttle_presence.lua /usr/local/lib/prosody/modules/
3. Modifying the Main Prosody Configuration File
The main Prosody configuration file can be found using:
prosodyctl about
In most installations, this file is located at:
/etc/prosody/prosody.cfg.lua
To enable the modules you just installed, locate the modules_enabled section and add the following lines:
"csi";
"throttle_presence";
"smacks";
"mam";
"carbons";
You can also enable additional features like "blocklist" for blocking contacts, "bosh" for chatrooms, and "compression" for stream compression.
Before the virtualhost section, add the following line to configure your SQLite database:
sql2 = { driver = "SQLite3", database = "prosody.sqlite" }
Finally, ensure that password hashing is enabled by modifying the following line:
authentication = "internal_hashed"
This will hash and salt all user passwords for added security.
4. Preparing the VirtualHost Configuration Section
4.1 Create a VirtualHost Entry
The virtual host entry for your server should look like this:
VirtualHost "example.com"
ssl = {
key = "/etc/prosody/certs/localhost.key";
certificate = "/etc/prosody/certs/localhost.crt";
}
storage = {
archive2 = "sql2";
}
default_archive_policy = true
max_archive_query_results = 50;
Component "proxy.example.com" "proxy65"
proxy65_address = "proxy.example.com"
Component "muc.example.com" "muc"
4.1.1 SSL Configuration
Generate your own self-signed SSL certificate if you don't have one, using the following command:
openssl req -new -x509 -days 365 -nodes -out "localhost.crt" -newkey rsa:4096 -keyout "localhost.key"
4.1.2 Storage Configuration for Message Archives
The mod_mam module stores message archives in the specified SQLite database. The max_archive_query_results parameter limits the number of messages returned in a single query.
4.1.3 Proxy65 Component
The proxy65 component facilitates file sharing, particularly when clients are behind NAT.
4.1.4 MUC Component
The muc (Multi-User Chat) component enables the creation of chatrooms.
Conclusion
Once all configurations are in place, set an SRV or A DNS record for your domain pointing to your server. Then, add a user:
prosodyctl adduser [email protected] && prosodyctl start
Your Prosody instance is now up and running! Enjoy chatting securely with your contacts.
Feel free to leave comments or ask questions below!
