Hello. Recently i purchased one more domain, i want to save XMPP-service for main domain and add it to a new one. I didn't find any examples of ejabberd.yml for two domains on one host. I tried to make one by myself according to instructions - it works, but works wrong.
I tried to make working MUC and http_upload on both domains - but i did not succeed.
Please, help me to fix my configuration or show me correct config for two domains.
Thanks in advance!
There is my current ejabberd.yml:
loglevel: 4
log_rotate_size: 0
log_rotate_date: ""
log_rate_limit: 100
hosts:
- "domain1.com"
- "domain2.com"
listen:
-
port: 5222
ip: "::"
module: ejabberd_c2s
certfile: "/etc/ejabberd/xmpp.pem"
starttls_required: true
protocol_options:
- "no_sslv3"
max_stanza_size: 65536
shaper: c2s_shaper
access: c2s
zlib: true
resend_on_timeout: if_offline
-
port: 5269
ip: "::"
module: ejabberd_s2s_in
-
port: 5280
ip: "::"
module: ejabberd_http
request_handlers:
"/websocket": ejabberd_http_ws
web_admin: true
http_bind: true
captcha: true
tls: true
certfile: "/etc/ejabberd/xmpp.pem"
-
port: 5282
ip: "::"
module: ejabberd_http
request_handlers:
"/websocket": ejabberd_http_ws
web_admin: true
http_bind: true
captcha: true
tls: true
certfile: "/etc/ejabberd/xmpp_domain2.pem"
-
port: 5443
module: ejabberd_http
http_bind: true
tls: true
certfile: "/etc/ejabberd/xmpp.pem"
access: all
request_handlers:
"upload": mod_http_upload
-
port: 5443
module: ejabberd_http
http_bind: true
tls: true
certfile: "/etc/ejabberd/xmpp_domain2.pem"
access: all
request_handlers:
"upload": mod_http_upload
disable_sasl_mechanisms: "digest-md5"
s2s_use_starttls: optional
s2s_certfile: "/etc/ejabberd/xmpp.pem"
s2s_protocol_options:
- "no_sslv3"
host_config:
"domain1.com":
domain_certfile: "/etc/ejabberd/xmpp.pem"
"domain2.com":
domain_certfile: "/etc/ejabberd/xmpp_domain2.pem"
auth_method: internal
auth_password_format: scram
shaper:
normal: 1000
fast: 50000
max_fsm_queue: 1000
acl:
admin:
user:
- "admin@domain1.com"
local:
user_regexp: ""
loopback:
ip:
- "127.0.0.0/8"
shaper_rules:
max_user_sessions: 10
max_user_offline_messages:
- 5000: admin
- 100
c2s_shaper:
- none: admin
- normal
s2s_shaper: fast
access_rules:
local:
- allow: local
c2s:
- deny: blocked
- allow
announce:
- allow: admin
configure:
- allow: admin
muc_create:
- allow: local
pubsub_createnode:
- allow: local
register:
- allow
trusted_network:
- allow: loopback
api_permissions:
"console commands":
from:
- ejabberd_ctl
who: all
what: "*"
"admin access":
who:
- access:
- allow:
- ip: "127.0.0.1/8"
- acl: admin
- oauth:
- scope: "ejabberd:admin"
- access:
- allow:
- ip: "127.0.0.1/8"
- acl: admin
what:
- "*"
- "!stop"
- "!start"
"public commands":
who:
- ip: "127.0.0.1/8"
what:
- "status"
- "connected_users_number"
language: "en"
modules:
mod_adhoc: {}
mod_admin_extra: {}
mod_announce: # recommends mod_adhoc
access: announce
mod_blocking: {} # requires mod_privacy
mod_caps: {}
mod_carboncopy: {}
mod_client_state: {}
mod_configure: {} # requires mod_adhoc
mod_disco: {}
mod_echo: {}
mod_irc:
default_encoding: "utf-8"
mod_http_bind:
max_inactivity: 60
mod_last: {}
mod_muc:
host: "conference.@HOST@"
access:
- allow
access_admin:
- allow: admin
access_create: muc_create
access_persistent: muc_create
history_size: 30
default_room_options:
allow_user_invites: true
anonymous: true
logging: true
persistent: true
public: true
mod_muc_log:
access_log: muc
dirtype: plain
dirname: room_jid
file_format: html
outdir: "/var/log/ejabberd/muclog"
timezone: local
mod_muc_admin: {}
mod_offline:
access_max_user_messages: max_user_offline_messages
mod_ping: {}
mod_pres_counter:
count: 5
interval: 60
mod_privacy: {}
mod_private: {}
mod_pubsub:
access_createnode: pubsub_createnode
ignore_pep_from_offline: true
last_item_cache: false
plugins:
- "flat"
- "hometree"
- "pep" # pep requires mod_caps
mod_register:
access: deny
mod_roster: {}
mod_shared_roster: {}
mod_sic: {}
mod_stats: {}
mod_time: {}
mod_vcard:
search: false
mod_version: {}
mod_http_upload:
thumbnail: false
docroot: "/files/"
put_url: "https://domain2.com:5443/upload"
mod_stream_mgmt: {}
mod_s2s_dialback: {}
mod_http_api: {}
allow_contrib_modules: true
With that configuration,
With that configuration, ejabberd will serve hosts domain1.com and domain2.com. This means you can register accounts like and
Those are different accounts. Each one has its contacts...
Is that true in your tests? What fails exactly?
Regarding MUC, you can create rooms named like , or
Each MUC service is separated, and has its own rooms...
> Is that true in your
> Is that true in your tests?
Yes, main functionality works fine.
> What fails exactly?
MUC and httpupload.
When i try to do XMPP Service discovery, i could access only to domain1.com services. domain2.com discovery shows nothing...
When i try to see rooms on domain2.com, i get error '403: Server connections to local subdomains are forbidden'
Also, i tried two different 'append_host_config:' in mods section - same result, second domain doesn't show any XMPP Services.
Is it possible to find a working and correct example of a full configuration on two domains?
I copied your config, and
I copied your config, and removed all the certfile and tls options (obviously). Anyway, ejabberd failed to start because port 5443 is defined twice. After I fixed that, I also had to disable mod_http_upload, because it can only be started for one vhost.
After all those changes, ejabberd started correctly. I created an account in domain1.com, logged in, and it could Discovery correctly the conference service. Then I created another account in domain2.com, logged in, and it could discover correctly the second conference service.
> Is it possible to find a working and correct example of a full configuration on two domains?
Basically, the default config, just adding another line at the beginning of the file, in that hosts: option.