README.md 1.95 KB
Newer Older
Bernhard Geier's avatar
Doku  
Bernhard Geier committed
1
2
# Ansible: Install a XMPP server on openSUSE Leap

Citronalco's avatar
Citronalco committed
3
This playbook installs a complete XMPP server for one to many domains.\
4
As of September 2022 you will get 100% compliance in Conversations.im compliance test and an "A" score on xmpp.net.
Citronalco's avatar
Citronalco committed
5

Bernhard Geier's avatar
Bernhard Geier committed
6
Tested on openSUSE Leap 15.2, 15.3 and 15.4
Bernhard Geier's avatar
Bernhard Geier committed
7

Bernhard Geier's avatar
Doku  
Bernhard Geier committed
8
9
Included are:
* Prosody
Citronalco's avatar
Citronalco committed
10
* Biboumi IRC transport
Bernhard Geier's avatar
Doku  
Bernhard Geier committed
11
12
13
14
15
* PostgreSQL
* Coturn
* Apache2
* Converse.js with OMEMO support
* LetsEncrypt certificates
16
* Borgmatic to backup uploaded files, configuration and database to a remote Borg server
Bernhard Geier's avatar
Doku  
Bernhard Geier committed
17

Citronalco's avatar
Citronalco committed
18
Supports multiple domains, internal user authentication and authentication against an IMAP server.
Bernhard Geier's avatar
Bernhard Geier committed
19

Citronalco's avatar
Citronalco committed
20
21
### Documentation:
See the example configuration in `host_vars/xmpp.example.com` \
Bernhard Geier's avatar
Bernhard Geier committed
22
23
24
25
The configuration for `host_vars/xmpp.bytewerk.org` is used for a productive server.


### Requirements:
26
* Server running openSUSE Leap 15.2, 15.3, 15.4 with a fixed IPv4 address (though having additionally a fixed IPv6 address is recommended)
Bernhard Geier's avatar
Bernhard Geier committed
27
28
* A domain name, and you are able to edit its nameserver entries

Citronalco's avatar
Citronalco committed
29

Citronalco's avatar
Citronalco committed
30
### Usage:
Citronalco's avatar
Citronalco committed
31
32
1. Install Ansible on your machine (e.g. on Suse: `zypper install ansible`, on Debian/Ubuntu/Mint: `apt-get install ansible`)\
Ansible >= 2.10 is required.
Citronalco's avatar
Citronalco committed
33
34
1. Make sure you can log in on the server as root, without having to type in a password. (Use SSH Public Key authentication.)
1. Rename the file `hosts.example` to `hosts`, edit it and set your server's hostname and IP address
35
1. In directory `host_vars` rename the file `xmpp.example.com` to your server's hostname, set your preferences in that file and create the required DNS entries as shown in that file.
Citronalco's avatar
Citronalco committed
36
1. Execute `ansible-playbook -i hosts xmpp.yml` to start the installation.\
Citronalco's avatar
Citronalco committed
37
You can use the option  `--diff` to see in detail what Ansible does on your server, and/or `--check` for a dry-run.
38
39
40

#### Final step:
Copy the TLS certificate and keys for each XMPP domain(s) into /etc/prosody/certs/<domainname/ (cert file: "fullchain.pem", key file: "privkey.pem") and restart Prosody with `systemctl restart prosody`