drafted the XMPP onion tutorial
@ -215,7 +215,7 @@
|
||||
<li><a href="torwebsite/index.html">✅ Hidden Service with custom .onion Vanity V3 address</a></li>
|
||||
<li><a href="anon.html">❌ Basic Webserver setup (NGINX / PHP / MYSQL)</a></li>
|
||||
<li><a href="anon.html">❌ Minimalistic MoneroSSO .onion setup</a></li>
|
||||
<li><a href="anon.html">❌ XMPP prosody .onion setup (chat service)</a></li>
|
||||
<li><a href="xmpp2024/index.html">🟠 XMPP prosody .onion setup (chat service)</a></li>
|
||||
<li><a href="anon.html">❌ Gitea .onion setup (Code repositories)</a></li>
|
||||
<li><a href="anon.html">❌ Nextcloud .onion setup (cloud storage)</a></li>
|
||||
<li><a href="anon.html">❌ Mastodon .onion setup (Microblogging)</a></li>
|
||||
|
BIN
servers/xmpp2024/1.png
Normal file
After Width: | Height: | Size: 88 KiB |
BIN
servers/xmpp2024/10.png
Normal file
After Width: | Height: | Size: 27 KiB |
BIN
servers/xmpp2024/11.png
Normal file
After Width: | Height: | Size: 51 KiB |
BIN
servers/xmpp2024/2.png
Normal file
After Width: | Height: | Size: 21 KiB |
BIN
servers/xmpp2024/3.png
Normal file
After Width: | Height: | Size: 75 KiB |
BIN
servers/xmpp2024/4.png
Normal file
After Width: | Height: | Size: 26 KiB |
BIN
servers/xmpp2024/5.png
Normal file
After Width: | Height: | Size: 25 KiB |
BIN
servers/xmpp2024/6.png
Normal file
After Width: | Height: | Size: 18 KiB |
BIN
servers/xmpp2024/7.png
Normal file
After Width: | Height: | Size: 51 KiB |
BIN
servers/xmpp2024/8.png
Normal file
After Width: | Height: | Size: 69 KiB |
BIN
servers/xmpp2024/9.png
Normal file
After Width: | Height: | Size: 24 KiB |
374
servers/xmpp2024/index.html
Normal file
@ -0,0 +1,374 @@
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<meta name="description" content="">
|
||||
<meta name="author" content="">
|
||||
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
|
||||
|
||||
<title>XMPP Server Setup Setup</title>
|
||||
|
||||
<!-- Bootstrap core CSS -->
|
||||
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
|
||||
<link href="../../assets/css/xt256.css" rel="stylesheet">
|
||||
|
||||
|
||||
|
||||
<!-- Custom styles for this template -->
|
||||
<link href="../../assets/css/main.css" rel="stylesheet">
|
||||
|
||||
|
||||
|
||||
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
|
||||
<!--[if lt IE 9]>
|
||||
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
|
||||
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
|
||||
<![endif]-->
|
||||
</head>
|
||||
|
||||
<body>
|
||||
|
||||
<!-- Static navbar -->
|
||||
<div class="navbar navbar-inverse-anon navbar-static-top">
|
||||
<div class="container">
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<a class="navbar-brand-anon" href="\index.html">nihilist`s Blog</a>
|
||||
</div>
|
||||
<div class="navbar-collapse collapse">
|
||||
<ul class="nav navbar-nav navbar-right">
|
||||
|
||||
<li><a href="/about.html">About</a></li>
|
||||
<li><a href="/blog.html">Categories</a></li>
|
||||
<li><a href="https://blog.nihilism.network/donate.html">Donate</a></li>
|
||||
<li><a href="/contact.html">Contact</a></li>
|
||||
</ul>
|
||||
</div><!--/.nav-collapse -->
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- +++++ Posts Lists +++++ -->
|
||||
<!-- +++++ First Post +++++ -->
|
||||
<div id="anon2">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-lg-8 col-lg-offset-2">
|
||||
<a href="../anon.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-08-05</ba></p>
|
||||
<h1>XMPP Server Setup Setup </h1>
|
||||
|
||||
<p>In this tutorial, we're going to check out how to setup a XMPP chat server, that is accessible over Tor, as a hidden service, using Prosody and Pidgin.</p>
|
||||
</div>
|
||||
</div><!-- /row -->
|
||||
</div> <!-- /container -->
|
||||
</div><!-- /grey -->
|
||||
|
||||
<!-- +++++ Second Post +++++ -->
|
||||
<div id="anon3">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-lg-8 col-lg-offset-2">
|
||||
<h2><b>XMPP Server Setup </b></h2>
|
||||
<p>Before starting, check out <a href="../">this</a> tutorial on how to create your first hidden service.</p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:~# apt install prosody prosody-modules -y
|
||||
|
||||
root@ANON-home:~# prosodyctl about
|
||||
/var/lib/prosody/custom_plugins - not a directory!
|
||||
/usr/local/lib/prosody/modules - not a directory!
|
||||
/var/lib/prosody/custom_plugins/share/lua/5.4/?.lua
|
||||
/var/lib/prosody/custom_plugins/share/lua/5.4/?/init.lua
|
||||
|
||||
|
||||
root@ANON-home:~# mkdir /var/lib/prosody/custom_plugins
|
||||
root@ANON-home:~# mkdir /usr/local/lib/prosody/modules -p
|
||||
|
||||
</code></pre>
|
||||
|
||||
<p>Then, we make sure that the tor hidden service includes the XMPP ports:</p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:# vim /etc/tor/torrc
|
||||
root@ANON-home:# cat /etc/tor/torrc
|
||||
HiddenServiceDir /var/lib/tor/onions/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion/
|
||||
|
||||
[...]
|
||||
|
||||
HiddenServicePort 5222 127.0.0.1:5222
|
||||
HiddenServicePort 5269 127.0.0.1:5269
|
||||
HiddenServicePort 5280 127.0.0.1:5280
|
||||
HiddenServicePort 5281 127.0.0.1:5281
|
||||
|
||||
root@ANON-home:# systemctl restart tor@default
|
||||
|
||||
</code></pre>
|
||||
|
||||
<p>Here, my hidden service is aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion, let's check that the mod_onions module is installed and configure the prosody.cfg.lua file:</p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:~# ls /usr/lib/prosody/modules/mod_onions
|
||||
mod_onions.lua
|
||||
|
||||
root@ANON-home:~# vim /etc/prosody/prosody.cfg.lua
|
||||
root@ANON-home:~# cat /etc/prosody/prosody.cfg.lua
|
||||
|
||||
[...]
|
||||
|
||||
VirtualHost "localhost"
|
||||
-- Prosody requires at least one enabled VirtualHost to function. You can
|
||||
-- safely remove or disable 'localhost' once you have added another.
|
||||
|
||||
VirtualHost "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion"
|
||||
modules_enabled = {"onions"};
|
||||
onions_only = true;
|
||||
disco_items = {
|
||||
{"conference.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion","Public Chatroom"},
|
||||
{"upload.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion","Public Chatroom"}
|
||||
}
|
||||
|
||||
Component "conference.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion" "muc"
|
||||
modules_enabled = { "onions" };
|
||||
onions_only = true;
|
||||
|
||||
Component "upload.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion" "http_file_share"
|
||||
modules_enabled = { "onions" };
|
||||
onions_only = true;
|
||||
|
||||
[...]
|
||||
|
||||
</code></pre>
|
||||
<p></p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:~# prosodyctl cert generate aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion
|
||||
Choose key size (2048):
|
||||
<b>Key written to /var/lib/prosody/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion.key</b>
|
||||
Please provide details to include in the certificate config file.
|
||||
Leave the field empty to use the default value or '.' to exclude the field.
|
||||
countryName (GB):
|
||||
localityName (The Internet):
|
||||
organizationName (Your Organisation):
|
||||
organizationalUnitName (XMPP Department):
|
||||
commonName (aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion):
|
||||
emailAddress (xmpp@aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion):
|
||||
|
||||
<b>Config written to /var/lib/prosody/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion.cnf
|
||||
Certificate written to /var/lib/prosody/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion.crt</b>
|
||||
|
||||
root@ANON-home:~# prosodyctl check
|
||||
|
||||
[...]
|
||||
|
||||
Checking certificates...
|
||||
Checking certificate for conference.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion
|
||||
certmanager info No certificate present in SSL/TLS configuration for conference.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion. SNI will be required.
|
||||
No 'certificate' found for conference.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion
|
||||
Checking certificate for localhost
|
||||
certmanager info No certificate present in SSL/TLS configuration for localhost. SNI will be required.
|
||||
No 'certificate' found for localhost
|
||||
Checking certificate for upload.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion
|
||||
certmanager info No certificate present in SSL/TLS configuration for upload.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion. SNI will be required.
|
||||
No 'certificate' found for upload.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion
|
||||
Checking certificate for aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion
|
||||
certmanager info No certificate present in SSL/TLS configuration for aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion. SNI will be required.
|
||||
No 'certificate' found for aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion
|
||||
|
||||
For more information about certificates please see https://prosody.im/doc/certificates
|
||||
|
||||
Problems found, see above.
|
||||
|
||||
|
||||
root@ANON-home:# mv /var/lib/prosody/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion.* /etc/prosody/certs/
|
||||
|
||||
</code></pre>
|
||||
<p></p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:/etc/prosody/certs# prosodyctl adduser nihilist@aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion
|
||||
Enter new password:
|
||||
Retype new password:
|
||||
|
||||
root@ANON-home:/etc/prosody/certs# systemctl restart prosody
|
||||
root@ANON-home:/etc/prosody/certs# systemctl status prosody
|
||||
● prosody.service - Prosody XMPP Server
|
||||
Loaded: loaded (/lib/systemd/system/prosody.service; enabled; preset: enabled)
|
||||
Active: active (running) since Mon 2024-08-05 22:02:47 CEST; 4s ago
|
||||
Docs: https://prosody.im/doc
|
||||
Main PID: 3419 (lua5.4)
|
||||
Tasks: 1 (limit: 4653)
|
||||
Memory: 7.8M
|
||||
CPU: 139ms
|
||||
CGroup: /system.slice/prosody.service
|
||||
└─3419 lua5.4 /usr/bin/prosody -F
|
||||
|
||||
Aug 05 22:02:47 ANON-home systemd[1]: Started prosody.service - Prosody XMPP Server.
|
||||
|
||||
|
||||
</code></pre>
|
||||
<p>all good now, now let's connect to it using pidgin:</p>
|
||||
<pre><code class="nim">
|
||||
[ mainpc ] [ /dev/pts/9 ] [~/Nextcloud/blog]
|
||||
→ apt install pidgin -y
|
||||
|
||||
[ mainpc ] [ /dev/pts/9 ] [~/Nextcloud/blog]
|
||||
→ pidgin
|
||||
|
||||
</code></pre>
|
||||
<p>Then, create your account on the XMPP server:</p>
|
||||
<img src="1.png" class="imgRz">
|
||||
<img src="2.png" class="imgRz">
|
||||
<img src="3.png" class="imgRz">
|
||||
<img src="4.png" class="imgRz">
|
||||
<img src="6.png" class="imgRz">
|
||||
<img src="5.png" class="imgRz">
|
||||
<p>Next, we can start chatting with Alice, who is another user on that XMPP server like so:</p>
|
||||
<img src="7.png" class="imgRz">
|
||||
<p>Then from Alice's XMPP client, we accept nihilist's buddy request:</p>
|
||||
<img src="8.png" class="imgRz">
|
||||
<img src="9.png" class="imgRz">
|
||||
<img src="10.png" class="imgRz">
|
||||
<img src="11.png" class="imgRz">
|
||||
<p></p>
|
||||
</div>
|
||||
</div><!-- /row -->
|
||||
</div> <!-- /container -->
|
||||
</div><!-- /white -->
|
||||
|
||||
<div id="anon2">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-lg-8 col-lg-offset-2">
|
||||
<h2><b>Optional XMPP server options:</b></h2> </br> </br>
|
||||
<p>if you want to enable message archiving, enable the "mam" module by uncommenting it:</p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:~# vim /etc/prosody/prosody.cfg.lua
|
||||
root@ANON-home:~# cat /etc/prosody/prosody.cfg.lua
|
||||
|
||||
[...]
|
||||
|
||||
modules_enabled = {
|
||||
"mam"; -- Store recent messages to allow multi-device synchronization
|
||||
}
|
||||
|
||||
[...]
|
||||
|
||||
</code></pre>
|
||||
|
||||
<p>and then you can mention the expiration time of messages like so:</p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:~# vim /etc/prosody/prosody.cfg.lua
|
||||
root@ANON-home:~# cat /etc/prosody/prosody.cfg.lua
|
||||
|
||||
archive_expires_after = "1w" -- remove archived messages after 1 week
|
||||
|
||||
</code></pre>
|
||||
<p>you can choose to limit the bandwidth usage of your server too, using the mod_limits module:</p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:~# vim /etc/prosody/prosody.cfg.lua
|
||||
root@ANON-home:~# cat /etc/prosody/prosody.cfg.lua
|
||||
|
||||
limits = {
|
||||
c2s = {
|
||||
rate = "10kb/s";
|
||||
}
|
||||
s2sin = {
|
||||
rate = "30kb/s";
|
||||
}
|
||||
|
||||
}
|
||||
</code></pre>
|
||||
<p>You can also enable archiving on the multi-user chats like so :</p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:~# vim /etc/prosody/prosody.cfg.lua
|
||||
root@ANON-home:~# cat /etc/prosody/prosody.cfg.lua
|
||||
|
||||
Component "conference.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion" "muc"
|
||||
modules_enabled = { "onions", "muc_mam" };
|
||||
onions_only = true;
|
||||
|
||||
</code></pre>
|
||||
<p>And just like in mod_mam, you can set the expiration time of the messages in MUCs:</p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:~# vim /etc/prosody/prosody.cfg.lua
|
||||
root@ANON-home:~# cat /etc/prosody/prosody.cfg.lua
|
||||
|
||||
Component "conference.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion" "muc"
|
||||
modules_enabled = { "onions", "muc_mam" };
|
||||
onions_only = true;
|
||||
muc_log_expires_after = "1w"
|
||||
|
||||
</code></pre>
|
||||
|
||||
<p>Then, you can also enable file archiving using mod_http_file_share:</p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:~# vim /etc/prosody/prosody.cfg.lua
|
||||
root@ANON-home:~# cat /etc/prosody/prosody.cfg.lua
|
||||
|
||||
Component "upload.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion" "http_file_share"
|
||||
modules_enabled = { "onions" };
|
||||
onions_only = true;
|
||||
http_file_share_daily_quota = 100*1024*1024; -- 100 MiB
|
||||
http_file_share_after = 7*86400; -- One week in seconds
|
||||
http_file_share_size_limit = 10*1024*1024 -- 10 Mib
|
||||
|
||||
</code></pre>
|
||||
<p>Then, as you're going to have a multi user chat, you'll most likely need the mod_muc_moderation module:</p>
|
||||
<pre><code class="nim">
|
||||
root@ANON-home:~# vim /etc/prosody/prosody.cfg.lua
|
||||
root@ANON-home:~# cat /etc/prosody/prosody.cfg.lua
|
||||
|
||||
Component "conference.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.onion" "muc"
|
||||
modules_enabled = { "onions", "muc_mam", "muc_moderation" };
|
||||
onions_only = true;
|
||||
muc_log_expires_after = "1w"
|
||||
|
||||
</code></pre>
|
||||
|
||||
<p>TODO: showcase a multi-user chat with 3 users</p>
|
||||
<p>TODO: showcase XMPP onion federation between server A <-> and B</p>
|
||||
</div>
|
||||
</div><!-- /row -->
|
||||
</div> <!-- /container -->
|
||||
</div><!-- /white -->
|
||||
|
||||
<!-- +++++ Footer Section +++++ -->
|
||||
|
||||
<div id="anonb">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-lg-4">
|
||||
<h4>Nihilism</h4>
|
||||
<p>
|
||||
Until there is Nothing left.
|
||||
|
||||
</p>
|
||||
</div><!-- /col-lg-4 -->
|
||||
|
||||
<div class="col-lg-4">
|
||||
<h4>My Links</h4>
|
||||
<p>
|
||||
|
||||
<a target="_blank" rel="noopener noreferrer" href="http://blog.nihilism.network/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://matrix.to/#/#nihilism:m.datura.network">Matrix Chat</a><br/>
|
||||
|
||||
</p>
|
||||
</div><!-- /col-lg-4 -->
|
||||
|
||||
<div class="col-lg-4">
|
||||
<h4>About nihilist</h4>
|
||||
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@nihilism.network (<a href="https://nihilism.network/nihilist.pubkey">PGP</a>)</p>
|
||||
</div><!-- /col-lg-4 -->
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
<!-- Bootstrap core JavaScript
|
||||
================================================== -->
|
||||
<!-- Placed at the end of the document so the pages load faster -->
|
||||
|
||||
</body>
|
||||
</html>
|