libreplanet-br
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [LibrePlanet-BR] Grupo XMPP+OMEMO do LibrePlanet-BR

From: Ricardo Panaggio
Subject: Re: [LibrePlanet-BR] Grupo XMPP+OMEMO do LibrePlanet-BR
Date: Thu, 19 Oct 2017 10:17:40 -0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 
Instalei e configurei o Prosody[8] pra rodar XMPP+OMEMO[1]. Segue o que
eu fiz até agora, que está funcionando, pelo menos com o
conversations[2] e não sei quais mais clientes, não perguntei que
clientes Krisman e adrianorg estavam usando.

O documento não está completo. Ele acaba onde estou parado no momento.
Está em inglês (mas inglês simples) porque estou rascunhando pra postar
em blog ou coisa assim.

---

Add prosody debian repo (for prosody 0.10)[9].

Install prosody:

    # apt-get install prosody

Generate keys as you wish[10]. I'm going for let's encrypt way[11].

Don't forget to import the certificate:

    # prosodyctl --root cert import panaggio.net /etc/letsencrypt/live

Edit prosody basic config. Copied mine from here[12], as it didn't exist
in my case.

    # wget -P /etc/prosody
https://hg.prosody.im/0.10/raw-file/tip/prosody.cfg.lua.dist
    # cp /etc/prosody/prosody.cfg.lua{.dist,}
    # vi /etc/prosody/prosody.cfg.lua

Add pidfile config, necessary for debian, absent on the version I copied
from hg repo.

Create a VirtualHost, both in prosody.cfg.lua and conf.avail

    # cp /etc/prosody/conf.avail/{example.com,panaggio.net}.cfg.lua

Edit new VirtualHost:

    # vi /etc/prosody/prosody.cfg.lua

Enable VirtualHost

    # ln -s /etc/prosody/{conf.avail,conf.d}/panaggio.net.cfg.lua

Test. At this point, OMEMO should just be working fine. Not on its full
potential, but you should be able to exchange messages using it.

Add modules[13] to enable OMEMO fully.

I'm still testing OMEMO-related modules, so some extra details may show
up in the next version of the document.

Don't forget to add A records for the modules that require it.

## Sidenotes

Guarantee that on let's encrypt certificate renew, certificates are
reimported.

For 0.20 (and maybe earlier) this should work, by current prosody
documentation[14]:

    # certbot renew --deploy-hook "prosodyctl --root cert import
panaggio.net /etc/letsencrypt/live"

I'm running 0.10, `--deploy-hook` doesn't exist, so this is my poor
man's solution:

    # certbot renew --renew-hook "prosodyctl --root import panaggio.net
/etc/letsencrypt/live"

Be sure to add this hook to your certbot renewal cron job.

---

Se encontrarem problemas seguindo algum passo, ou se tiver algo errado
no meio do caminho, me avisem, por favor. Mantenho todos informados dos
testes que for fazendo. Espero estar com todos os módulos necessários
para OMEMO funcionar em sua totalidade até amanhã, se conseguir gente
pra testar, para poder ajudar melhor na configuração disso no fds no
nosso servidor.

[1]: https://omemo.top/
[2]: https://conversations.im/
[8]: https://prosody.im/
[9]: https://prosody.im/download/package_repository
[10]: https://prosody.im/doc/certificates
[11]: https://prosody.im/doc/letsencrypt
[12]: https://hg.prosody.im/0.10/file/tip/prosody.cfg.lua.dist
[13]:
https://serverfault.com/questions/835635/what-prosody-modules-do-i-need-to-support-conversations
[14]: https://prosody.im/doc/letsencrypt#certbot

-- 
Ricardo Panaggio

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]