commit af6fdb290f8967f248670fbcfab2bb2553bbcb3e Author: Daniel Berteaud Date: Wed Mar 14 22:30:54 2012 +0100 initial import diff --git a/createlinks b/createlinks new file mode 100755 index 0000000..e4709c8 --- /dev/null +++ b/createlinks @@ -0,0 +1,45 @@ +#!/usr/bin/perl -w + +use esmith::Build::CreateLinks qw(:all); + + +templates2events("/etc/ejabberd/ejabberd.cfg", qw( + bootstrap-console-save + ejabberd-update + )); + +templates2events("/etc/pam.d/ejabberd", qw(ejabberd-update bootstrap-console-save)); +templates2events("/etc/logrotate.d/ejabberd", qw(ejabberd-update bootstrap-console-save)); +templates2events("/etc/httpd/conf/httpd.conf", "ejabberd-update"); +templates2events("/etc/jappix/main.xml", "ejabberd-update"); +templates2events("/etc/rc.d/init.d/masq", "ejabberd-update"); +templates2events("/etc/e-smith/sql/init/80ejabberd", "bootstrap-console-save"); + +#-------------------------------------------------- +# ejabberd-update actions +#-------------------------------------------------- + +event_link("ejabberd-init-domain", 'ejabberd-update', "10"); +event_link("ejabberd-init-domain", 'ipasserelle-update', "60"); +event_link("ejabberd-init-domain", 'webapps-update', "60"); + +safe_symlink("restart", "root/etc/e-smith/events/ejabberd-update/services2adjust/ejabberd"); +safe_symlink("adjust", "root/etc/e-smith/events/ejabberd-update/services2adjust/masq"); +safe_symlink("sigusr1", "root/etc/e-smith/events/ejabberd-update/services2adjust/httpd-e-smith"); + +#-------------------------------------------------- +# startup and stop symlink +#-------------------------------------------------- +service_link_enhanced("ejabberd", "S90", "7"); +service_link_enhanced("ejabberd", "K25", "6"); +service_link_enhanced("ejabberd", "K25", "1"); +service_link_enhanced("ejabberd", "K25", "0"); + +# Daemontools links. +safe_symlink("../daemontools", "root/etc/rc.d/init.d/supervise/ejabberd"); +safe_symlink("../var/service/ejabberd", "root/service/ejabberd"); + +# Symlink for the cgi. +panel_link("ejabberd", "manager"); + +exit; diff --git a/ipasserelle-im.spec b/ipasserelle-im.spec new file mode 100644 index 0000000..5464fd8 --- /dev/null +++ b/ipasserelle-im.spec @@ -0,0 +1,92 @@ +%define version 0.2.0 +%define release 1 +%define name ipasserelle-im + + +Summary: Meta-Package to add Instant Messaging capabilities to your iPasserelle +Name: %{name} +Version: %{version} +Release: %{release}%{?dist} +License: GPL +Group: Networking/Daemons +Source: %{name}-%{version}.tar.gz + +BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot +BuildArchitectures: noarch +BuildRequires: e-smith-devtools + +Obsoletes: smeserver-ejabberd +Provides: smeserver-ejabberd + +Requires: ipasserelle-base +Requires: ejabberd +Requires: ejabberd-modules +Requires: smeserver-spectrum +Requires: smeserver-webapps-common +Requires: smeserver-jappix >= 0.1-3 +Requires: smeserver-pam_cas + +%description +Meta package to configure Instant Messaging features +on your iPasserelle. + +%changelog +* Wed Mar 14 2012 Daniel Berteaud 0.2.0-1 +- Migrate to git + +* Tue Dec 20 2011 Daniel Berteaud 0.1-5 +- Turn on CAS auth for Jappix +- Cleanup + +* Thu Oct 20 2011 Daniel Berteaud 0.1-4 +- Enable http-bind + +* Mon Jul 11 2011 Daniel Berteaud 0.1-3 +- Enable pubsub +- Add jappix web frontend support +- Add additional vcard fields mapping +- Configure shared roster based on LDAP + +* Wed Jun 22 2011 Daniel Berteaud 0.1-2 +- Fix some typo in fr locale of the panel + +* Thu Jan 20 2011 Daniel Berteaud 0.1-1 +- initial release + + +%prep +%setup -q -n %{name}-%{version} + +%build +perl createlinks +%{__mkdir_p} root/var/service/ejabberd/ssl + +%install +/bin/rm -rf $RPM_BUILD_ROOT +(cd root ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT) +/bin/rm -f %{name}-%{version}-filelist +/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ + --dir '/var/service/ejabberd' 'attr(1755,root,root)' \ + --file '/var/service/ejabberd/down' 'attr(0644,root,root)' \ + --file '/var/service/ejabberd/run' 'attr(0755,root,root)' \ + --dir '/var/service/ejabberd/supervise' 'attr(0700,root,root)' \ + --file '/var/service/ejabberd/control/1' 'attr(0755,root,root)' \ + --file '/var/service/ejabberd/control/2' 'attr(0755,root,root)' \ + --dir '/var/service/ejabberd/log' 'attr(1755,root,root)' \ + --file '/var/service/ejabberd/log/run' 'attr(0755,root,root)' \ + --dir '/var/service/ejabberd/log/supervise' 'attr(0700,root,root)' \ + --dir '/var/log/ejabberd' 'attr(0750,ejabberd,ejabberd)' \ + --dir '/var/log/ejabberd.run' 'attr(0750,smelog,root)' \ + --dir '/var/service/ejabberd/ssl' 'attr(0750,root,ejabberd)' \ + > %{name}-%{version}-filelist + +%files -f %{name}-%{version}-filelist +%defattr(-,root,root) + +%clean +rm -rf $RPM_BUILD_ROOT + +%post + +%preun + diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/Archives b/root/etc/e-smith/db/configuration/defaults/ejabberd/Archives new file mode 100644 index 0000000..7a68b11 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ejabberd/Archives @@ -0,0 +1 @@ +disabled diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/DbName b/root/etc/e-smith/db/configuration/defaults/ejabberd/DbName new file mode 100644 index 0000000..49f24af --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ejabberd/DbName @@ -0,0 +1 @@ +ejabberd diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/DbUser b/root/etc/e-smith/db/configuration/defaults/ejabberd/DbUser new file mode 100644 index 0000000..49f24af --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ejabberd/DbUser @@ -0,0 +1 @@ +ejabberd diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/HTTPBind b/root/etc/e-smith/db/configuration/defaults/ejabberd/HTTPBind new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ejabberd/HTTPBind @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/LogChat b/root/etc/e-smith/db/configuration/defaults/ejabberd/LogChat new file mode 100644 index 0000000..7a68b11 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ejabberd/LogChat @@ -0,0 +1 @@ +disabled diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/TCPPorts b/root/etc/e-smith/db/configuration/defaults/ejabberd/TCPPorts new file mode 100644 index 0000000..e7edef8 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ejabberd/TCPPorts @@ -0,0 +1 @@ +5222,5223,5269 diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/WebAdmin b/root/etc/e-smith/db/configuration/defaults/ejabberd/WebAdmin new file mode 100644 index 0000000..87e7bda --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ejabberd/WebAdmin @@ -0,0 +1 @@ +disabled \ No newline at end of file diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/WelcomeSubject b/root/etc/e-smith/db/configuration/defaults/ejabberd/WelcomeSubject new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/WelcomeText b/root/etc/e-smith/db/configuration/defaults/ejabberd/WelcomeText new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/access b/root/etc/e-smith/db/configuration/defaults/ejabberd/access new file mode 100644 index 0000000..d70ebaa --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ejabberd/access @@ -0,0 +1 @@ +public \ No newline at end of file diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/status b/root/etc/e-smith/db/configuration/defaults/ejabberd/status new file mode 100644 index 0000000..87e7bda --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ejabberd/status @@ -0,0 +1 @@ +disabled \ No newline at end of file diff --git a/root/etc/e-smith/db/configuration/defaults/ejabberd/type b/root/etc/e-smith/db/configuration/defaults/ejabberd/type new file mode 100644 index 0000000..ce93fac --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/ejabberd/type @@ -0,0 +1 @@ +service \ No newline at end of file diff --git a/root/etc/e-smith/db/configuration/defaults/jappix/AliasOnPrimary b/root/etc/e-smith/db/configuration/defaults/jappix/AliasOnPrimary new file mode 100644 index 0000000..7a68b11 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/jappix/AliasOnPrimary @@ -0,0 +1 @@ +disabled diff --git a/root/etc/e-smith/db/configuration/defaults/jappix/Title b/root/etc/e-smith/db/configuration/defaults/jappix/Title new file mode 100644 index 0000000..e2db8f6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/jappix/Title @@ -0,0 +1 @@ +iPasserelle diff --git a/root/etc/e-smith/db/configuration/defaults/jappix/WelcomMessage b/root/etc/e-smith/db/configuration/defaults/jappix/WelcomMessage new file mode 100644 index 0000000..1c33a92 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/jappix/WelcomMessage @@ -0,0 +1 @@ +Plateforme Sociale diff --git a/root/etc/e-smith/db/configuration/migrate/ejabberd.domain b/root/etc/e-smith/db/configuration/migrate/ejabberd.domain new file mode 100644 index 0000000..c01462d --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/ejabberd.domain @@ -0,0 +1,5 @@ +{ + my $ejabberdrec = $DB->get('ejabberd'); + $ejabberdrec = $DB->new_record('ejabberd', {type => 'service'}) unless $ejabberdrec; + $ejabberdrec->set_prop('Domain', $DB->get('DomainName')->value) unless $ejabberdrec->prop('Domain'); +} diff --git a/root/etc/e-smith/db/configuration/migrate/ejabberd.mysql b/root/etc/e-smith/db/configuration/migrate/ejabberd.mysql new file mode 100644 index 0000000..fa6e731 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/ejabberd.mysql @@ -0,0 +1,30 @@ +{ + +# Set MySQL password +my $rec = $DB->get('ejabberd') || $DB->new_record('ejabberd', { type => 'service' }); +my $pw = $rec->prop('DbPassword'); + +if (not $pw){ + $pw = `/usr/bin/openssl rand -base64 60 | tr -c -d '[:graph:]'`; + chomp($pw); + $rec->set_prop('DbPassword', $pw); +} + +# Make sure mysql is enabled, InnoDB is also needed +# and LocalNetworkingOnly need to be set to no +my $my = $DB->get('mysqld') || $DB->new_record("mysqld", { type => "service", status => "enabled" }); + +if ( ($my->prop('status') || 'disabled') ne 'enable'){ + $DB->set_prop('mysqld', 'status', 'enabled'); +} + +if ( ($my->prop('InnoDB') || 'disabled') ne 'enable'){ + $DB->set_prop('mysqld', 'InnoDB', 'enabled'); +} + +if ( ($my->prop('LocalNetworkingOnly') || 'yes') ne 'no'){ + $DB->set_prop('mysqld', 'LocalNetworkingOnly', 'no'); +} + +} + diff --git a/root/etc/e-smith/db/configuration/migrate/jappix.server b/root/etc/e-smith/db/configuration/migrate/jappix.server new file mode 100644 index 0000000..46b0615 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/jappix.server @@ -0,0 +1,13 @@ +{ + +my $rec = $DB->get("jappix") || + $DB->new_record("jappix", { type => "webapp" }); + +my $domain = $DB->get('DomainName')->value; + +my $server = $rec->prop('Server') || ''; + +$rec->set_prop('Server', "im.$domain") if ($server eq ''); + + +} diff --git a/root/etc/e-smith/events/actions/ejabberd-delete-dumped-tables b/root/etc/e-smith/events/actions/ejabberd-delete-dumped-tables new file mode 100644 index 0000000..7a89218 --- /dev/null +++ b/root/etc/e-smith/events/actions/ejabberd-delete-dumped-tables @@ -0,0 +1,3 @@ +#!/bin/sh + +exec /bin/rm -f /home/e-smith/db/ejabberd/*.backup diff --git a/root/etc/e-smith/events/actions/ejabberd-dump-tables b/root/etc/e-smith/events/actions/ejabberd-dump-tables new file mode 100644 index 0000000..66714cb --- /dev/null +++ b/root/etc/e-smith/events/actions/ejabberd-dump-tables @@ -0,0 +1,11 @@ +#!/bin/sh + +status=$(/sbin/e-smith/config getprop ejabberd status) +if [ "$status" = "disabled" ] +then + echo "ejabberd is disabled - no tables dumped" >&2 + exit 0 +fi +mkdir -p /home/e-smith/db/ejabberd +chown ejabberd.root /home/e-smith/db/ejabberd +/sbin/e-smith/ejabberdctl backup /home/e-smith/db/ejabberd/ejabberd.backup \ No newline at end of file diff --git a/root/etc/e-smith/events/actions/ejabberd-init-domain b/root/etc/e-smith/events/actions/ejabberd-init-domain new file mode 100644 index 0000000..6e1f3d1 --- /dev/null +++ b/root/etc/e-smith/events/actions/ejabberd-init-domain @@ -0,0 +1,68 @@ +#!/usr/bin/perl -w +#---------------------------------------------------------------------- +# copyright (C) 2010-2011 Firewall-Services +# daniel@firewall-services.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +use strict; +use warnings; +use esmith::DomainsDB; +use esmith::ConfigDB; + +my $d = esmith::DomainsDB->open or die "Couldn't open DomainsDB\n"; +my $c = esmith::ConfigDB->open_ro() or die "Couldn't open ConfigDB\n"; + +my $domain = $c->get('DomainName')->value; +my $vhost; + +$vhost = $d->get("im.$domain"); + +if (!$vhost){ + $d->new_record("im.$domain",{ + type => 'domain', + Content => 'Primary', + Description => "Instant Messaging", + Nameservers => 'internet', + TemplatePath => 'Ejabberd', + Removable => 'yes', + }); + + unless ( system("/sbin/e-smith/signal-event", "domain-create", "im.$domain") == 0 ){ + die "Failed to create domain im.$domain\n"; + } +} + +$vhost = $d->get("jabber.$domain"); + +if (!$vhost){ + $d->new_record("jabber.$domain",{ + type => 'domain', + Content => 'Primary', + Description => "Client XMPP Jappix", + Nameservers => 'internet', + TemplatePath => 'WebAppVirtualHost', + DocumentRoot => '/usr/share/jappix', + LemonLDAP => 'enabled' + }); + + unless ( system("/sbin/e-smith/signal-event", "domain-create", "jabber.$domain") == 0 ){ + die "Failed to create domain jabber.$domain\n"; + } +} diff --git a/root/etc/e-smith/events/actions/ejabberd-load-tables b/root/etc/e-smith/events/actions/ejabberd-load-tables new file mode 100644 index 0000000..6607dc0 --- /dev/null +++ b/root/etc/e-smith/events/actions/ejabberd-load-tables @@ -0,0 +1,18 @@ +#!/bin/sh + +if [ -f /home/e-smith/db/ejabberd/ejabberd.backup ] +then + if [ ! -f /sbin/e-smith/ejabberdctl ] + then + echo "ejabberd is not installed - no tables restored" >&2 + exit 0 + else + status=$(/sbin/e-smith/config getprop ejabberd status) + if [ "$status" = "disabled" ] + then + echo "ejabberd is disabled - no tables restored" >&2 + exit 0 + fi + /sbin/e-smith/ejabberdctl restore /home/e-smith/db/ejabberd/ejabberd.backup + fi +fi \ No newline at end of file diff --git a/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/ejabberd b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/ejabberd new file mode 100644 index 0000000..31ce509 --- /dev/null +++ b/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/ejabberd @@ -0,0 +1,82 @@ + + + FORM_TITLE + Instant messaging configuration + + + DESCRIPTION + This panel lets you configure your instant messaging service. + + + Configuration + Configuration + + + INSTANT_MESSAGING + Instant Messaging + + + NO_ACCESS + No access + + + PRIVATE + Allow access only from local networks + + + PUBLIC + Allow public access (entire Internet) + + + DESC_ACCESS + You can control access to your instant messaging service. + + + LABEL_ACCESS + Instant messaging services access + + + DESC_GATEWAYS + You can enable gateways for other instant messaging services. Once registered on a gateway, users will be able to communicate with their contact of this network. + + + LABEL_GATEWAYS + Gateways + + + PROTOCOL + Protocol + + + STATUS + Status + + + DESC_FILTER_MODE + The default is to let users comunicate with external contacts. You can filter outside communications. If you choose "Black list", all communication with the outside will be allowed, except for contacts of the exception list. If you choose "White list", only the communications with contacts in the exception list will be allowed. + + + LABEL_FILTER_MODE + Filter mode + + + WHITE_LIST + White list + + + BLACK_LIST + Black list + + + DESC_EXCEPTION_LIST + Enter here a exception list (which will be used either as a white list, or a black list). Enter one contact per line. + + + LABEL_EXCEPTION_LIST + Exception list + + + SAVE + Enregistrer + + diff --git a/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/ejabberd b/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/ejabberd new file mode 100644 index 0000000..6faa02c --- /dev/null +++ b/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/ejabberd @@ -0,0 +1,106 @@ + + + FORM_TITLE + Paramètres de la messagerie instantanée + + + PAGE_DESCRIPTION + Cette page vous permet de configurer le service de messagerie instantanée de votre serveur. + + + Configuration + Configuration + + + INSTANT_MESSAGING + Messagerie Instantanée + + + NO_ACCESS + Aucun accès + + + PRIVATE + Autoriser l'accès uniquement depuis les réseaux locaux. + + + PUBLIC + Autoriser l'accès publique (tout Internet) + + + DESC_ACCESS + Vous pouvez contrôler l'accès à vos services de messagerie. + + + LABEL_ACCESS + Accès aux services de messagerie instantanée + + + DESC_ALLOWED_GROUPS + Vous pouvez restreindre l'accès aux services de messagerie instantanée à une liste de groupes. Si au moins un groupe est coché, seuls les membres du/des groupe(s) sélectionnés pourront utiliser la messagerie instantanée. Si aucun groupe n'est coché, alors tous les utilisateurs pourront l'utiliser. + + + ALLOWED_GROUPS + Groupes autorisés + + + DESCRIPTION + Description + + + ALLOWED_OR_NOT + Autorisé ? + + + LABEL_SHARED_ROSTER + Contacts automatiques + + + DESC_SHARED_ROSTER + Si cette fonction est activée, les utilisateurs du système seront automatiquement ajoutés en tant que contact + + + DESC_GATEWAYS + Vous pouvez activer des passerelles vers d'autres systèmes de messagerie instantanée. Après s'être enregistré auprès d'une passerelle, les utilisateurs pourront communiquer avec leur contacts des ces réseaux. + + + LABEL_GATEWAYS + Passerelles + + + PROTOCOL + Protocole + + + STATUS + Statut + + + DESC_FILTER_MODE + Par défaut, les utilisateurs peuvent communiquer librement avec leurs contacts extérieurs. Vous pouvez filtrer les communications vers l'extérieur. En choisissant "Liste noire", toutes les communications vers l'extérieur seront autorisées, sauf pour les contacts dans la liste d'exception. Si au contraire vous choisissez "Liste blanche", seules les communications extérieures avec ces contacts seront autorisées. + + + LABEL_FILTER_MODE + Mode de filtrage + + + WHITE_LIST + Liste blanche + + + BLACK_LIST + Liste noire + + + DESC_EXCEPTION_LIST + Entrez ici une liste d'exception (qui sera utilisée soit en liste blanche, soit en liste noire). Vous devez entrez une adresse par ligne. + + + LABEL_EXCEPTION_LIST + Liste d'exceptions + + + SAVE + Enregistrer + + diff --git a/root/etc/e-smith/templates.metadata/etc/e-smith/mnesia/init/00_restore_dumped_dbs b/root/etc/e-smith/templates.metadata/etc/e-smith/mnesia/init/00_restore_dumped_dbs new file mode 100644 index 0000000..6a29f37 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/e-smith/mnesia/init/00_restore_dumped_dbs @@ -0,0 +1 @@ +PERMS=0540 diff --git a/root/etc/e-smith/templates.metadata/etc/e-smith/sql/init/80ejabberd b/root/etc/e-smith/templates.metadata/etc/e-smith/sql/init/80ejabberd new file mode 100644 index 0000000..695536b --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/e-smith/sql/init/80ejabberd @@ -0,0 +1,4 @@ +UID="root" +GID="root" +PERMS=0755 + diff --git a/root/etc/e-smith/templates.metadata/etc/ejabberd/ejabberd.cfg b/root/etc/e-smith/templates.metadata/etc/ejabberd/ejabberd.cfg new file mode 100644 index 0000000..e477374 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/ejabberd/ejabberd.cfg @@ -0,0 +1,3 @@ +PERMS=0640 +UID="ejabberd" +GID="ejabberd" diff --git a/root/etc/e-smith/templates/etc/e-smith/mnesia/init/00_restore_dumped_dbs b/root/etc/e-smith/templates/etc/e-smith/mnesia/init/00_restore_dumped_dbs new file mode 100644 index 0000000..5669a8d --- /dev/null +++ b/root/etc/e-smith/templates/etc/e-smith/mnesia/init/00_restore_dumped_dbs @@ -0,0 +1,28 @@ +#! /bin/sh + + +for i in $(seq 1 20); +do + sv check /service/ejabberd | grep -q 'ok: run:' + if [ $? -eq 0 ] + then + for j in $(seq 1 30); + do + if [ -f /var/lib/ejabberd/spool/passwd.DCD ] + then + ls -lt -c /var/lib/ejabberd/spool > /tmp/spoolls-$i$j-last + sleep 5 + /etc/e-smith/events/actions/ejabberd-load-tables + exit 0 + fi + sleep 2 + done + echo seems service ejabberd started with errors + exit 1 + fi + echo waiting for service ejabberd to start + sleep 1 +done +echo ejabberd failed to start +exit 1 + diff --git a/root/etc/e-smith/templates/etc/e-smith/sql/init/80ejabberd b/root/etc/e-smith/templates/etc/e-smith/sql/init/80ejabberd new file mode 100644 index 0000000..8c718f4 --- /dev/null +++ b/root/etc/e-smith/templates/etc/e-smith/sql/init/80ejabberd @@ -0,0 +1,49 @@ +{ +my $db = ${'ejabberd'}{'DbName'} || 'ejabberd'; +my $user = ${'ejabberd'}{'DbUser'} || 'ejabberd'; +my $pass = ${'ejabberd'}{'DbPassword'} || 'secret'; + +$OUT .= <<"END"; +#! /bin/sh +if [ \! -d /var/lib/mysql/$db ]; then + /usr/bin/mysqladmin create $db + for SQL in \$(rpm -qd ejabberd-modules | grep mysql.sql); do + /usr/bin/mysql $db < \$SQL + done +fi + +/usr/bin/mysql <open('im') || + esmith::ConfigDB->create('im'); +my $except = $ejdb->get('exception') || + $ejdb->new_record ('exception', { type => 'list' }); +my %rules = $except->props; +my @admins = split (/[,;]/, ($ejabberd{'AdminUsers'} || '')); +my $domain = $ejabberd{'Domain'} || "$DomainName"; +my $acl = ''; + +while (($parameter,$value) = each(%rules)) { + next if ($parameter eq "type"); + + if ($value eq "User") { + my ($user,$server) = split (/\@/,$parameter); + # Spectrum expects \\40 instead of % + $user =~ s/%/\\\\40/; + $acl .= "{acl, except, {user, \"$user\", \"$server\"}}.\n"; + } +} + +# Admins are not restricted +$acl .= "{acl, valid_users, {user, \"admin\", \"$domain\"}}.\n"; +foreach my $admin (@admins){ + $acl .= "{acl, valid_users, {user, \"$admin\", \"$domain\"}}.\n"; +} +# Allow gateways and other components +$acl .= "{acl, valid_users, {user, \"\", \"$domain\"}}.\n"; +$acl .= "{acl, valid_users, {user, \"\", \"msn.$domain\"}}.\n"; +$acl .= "{acl, valid_users, {user, \"\", \"irc.$domain\"}}.\n"; +$acl .= "{acl, valid_users, {user, \"\", \"conference.$domain\"}}.\n"; +$acl .= "{acl, valid_users, {user, \"\", \"vjud.$domain\"}}.\n"; +$acl .= "{acl, valid_users, {user, \"\", \"pubsub.$domain\"}}.\n"; +$acl .= "{acl, valid_users, {user, \"\", \"echo.$domain\"}}.\n"; + +$OUT .=<<"EOF"; + +$acl + +{access, mod_filter, [ + {allow, valid_users}, + {$rule, except}, + {filter, all} +]}. + +{access, mod_filter_presence, [ + {allow, valid_users}, + {$rule, except}, + {filter, all} +]}. + +{access, mod_filter_message, [ + {allow, valid_users}, + {$rule, except}, + {filter, all} +]}. + +{access, mod_filter_iq, [ + {allow, valid_users}, + {$rule, except}, + {filter, all} +]}. + +{access, filter, [ + {allow, valid_users}, + {$rule, except}, + {$default, all} +]}. + + + +EOF +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/55AuthConf b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/55AuthConf new file mode 100644 index 0000000..0fff76b --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/55AuthConf @@ -0,0 +1,32 @@ +{ + +use esmith::util; +our $base = esmith::util::ldapBase ($DomainName); + + $OUT =<<"HERE"; + +% Use pam for authentication (to get pam_cas support) +% LDAP for everything else +{auth_method, pam}. +{ldap_servers, ["localhost"]}. +{ldap_base, "ou=Users,$base"}. +HERE + +# If AllowedGroups prop is set, build a LDAP filter +# based on the posixMemberOf attribute +# (Only available on iPasserelle) + +our @groups = split(/[;,]/, ($ejabberd{'AllowedGroups'} || '')); +my $filter = ''; +if (scalar(@groups) == 1){ + $filter = "(posixMemberOf=$groups[0])"; +} +elsif (scalar(@groups) gt 1){ + $filter = '(|'; + $filter .= "(posixMemberOf=$_)" foreach (@groups); + $filter .= ')'; +} + +$OUT .= ($filter eq '') ? '' : '{ldap_filter, "' . $filter . '"}.'; + +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/60HostName b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/60HostName new file mode 100644 index 0000000..9cf2473 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/60HostName @@ -0,0 +1,9 @@ +{ + $OUT =<<'HERE'; +% Host name: +HERE + $OUT .= '{hosts, ["'; + $OUT .= ${ejabberd}{Domain}; + $OUT .= '"]}.'; + $OUT .= "\n\n"; +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/65MaxUserSessions b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/65MaxUserSessions new file mode 100644 index 0000000..7ce3bdb --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/65MaxUserSessions @@ -0,0 +1,6 @@ +{ + $OUT =<<'HERE'; +%% Define the maximum number of time a single user is allowed to connect: +{max_user_sessions, 10}. +HERE +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/75DefaultLanguage b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/75DefaultLanguage new file mode 100644 index 0000000..602b4d9 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/75DefaultLanguage @@ -0,0 +1,9 @@ +{ + $OUT =<<'HERE'; +% Default language for server messages +HERE + $OUT .= '{language, "'; + $OUT .= substr(${sysconfig}{Language}, 0, 2); + $OUT .= '"}.'; + $OUT .= "\n\n"; +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports00Start b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports00Start new file mode 100644 index 0000000..fb75bc8 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports00Start @@ -0,0 +1,4 @@ +{ + $OUT .= "% Listened ports:\n"; + $OUT .= "\{listen, ["; +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s new file mode 100644 index 0000000..8b7c669 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s @@ -0,0 +1,6 @@ +{ +$OUT .=<<"HERE"; + {5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}, starttls_required, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]} + ,{5223, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]} +HERE +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports20s2S b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports20s2S new file mode 100644 index 0000000..82164b7 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports20s2S @@ -0,0 +1,9 @@ +{ + +if (($ejabberd{'S2s'} || 'enabled') eq 'enabled'){ + $OUT .= "\n"; + $OUT .= ' ,{5269, ejabberd_s2s_in, [{shaper, s2s_shaper}, {max_stanza_size, 131072}]}'; + $OUT .= "\n"; +} + +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http new file mode 100644 index 0000000..79660bf --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http @@ -0,0 +1,17 @@ + +{ +$OUT .= ' % http_bind interface, restrict it to 127.0.0.1, external access is handled by'."\n". + ' % ProxyPass directives in apache'."\n"; + +$OUT .= ' '; +$OUT .= '%' unless (((${'ejabberd'}{'HTTPBind'} || 'disabled') || + (${'ejabberd'}{'HTTPPoll'} || 'disabled')) || + (${'ejabberd'}{'WebAdmin'} || 'disabled') + eq 'enabled'); +$OUT .= ',{5280, ejabberd_http, [ '; +$OUT .= 'http_bind, ' if ((${'ejabberd'}{'HTTPBind'} || 'disabled') eq 'enabled'); +$OUT .= 'http_poll, ' if ((${'ejabberd'}{'HTTPPoll'} || 'disabled') eq 'enabled'); +$OUT .= 'web_admin, ' if ((${'ejabberd'}{'WebAdmin'} || 'disabled') eq 'enabled'); +$OUT .= '{ip, {127, 0, 0, 1}} ]}'."\n"; +} + diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports99End b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports99End new file mode 100644 index 0000000..24a75d6 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports99End @@ -0,0 +1,4 @@ +{ + $OUT .= " ]\}."; + $OUT .= "\n\n"; +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/83PortsOut b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/83PortsOut new file mode 100644 index 0000000..07404ca --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/83PortsOut @@ -0,0 +1,9 @@ +% If SRV lookup fails, then port 5269 is used to communicate with remote server +{ + +if (($ejabberd{'S2s'} || 'enabled') eq 'enabled'){ + $OUT .= '{outgoing_s2s_port, 5269}.'; +} + +} + diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/85Modules b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/85Modules new file mode 100644 index 0000000..3c5b6f7 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/85Modules @@ -0,0 +1,39 @@ + +% Used modules: +\{modules, + [ + +{ + $OUT =<<'HERE'; + {mod_roster_odbc, []} + ,{mod_privacy_odbc, []} + ,{mod_adhoc, []} + ,{mod_configure, []} % Depends on mod_adhoc + ,{mod_configure2, []} + ,{mod_disco, []} + ,{mod_stats, []} + ,{mod_caps, []} + ,{mod_offline_odbc, []} + ,{mod_announce, [{access, announce}]} % Depends on mod_adhoc + ,{mod_private_odbc, []} + ,{mod_irc, []} + ,{mod_muc, [{access, muc}, {access_create, muc}, {access_admin, muc_admin}]} + ,{mod_muc_log, []} + ,{mod_shared_roster, []} + ,{mod_pubsub_odbc, [{access_createnode, pubsub_createnode}, + {plugins, ["flat_odbc", "hometree_odbc", "pep_odbc"]}]} + ,{mod_time, []} + ,{mod_last_odbc, []} + ,{mod_version, []} + ,{mod_http_bind, []} +HERE + if (-e '/usr/lib/ejabberd/ebin/mod_admin_extra.beam' || -e '/usr/lib64/ejabberd/ebin/mod_admin_extra.beam') + { $OUT .= ' ,{mod_admin_extra, []}'; } + else + { $OUT .= ' ,{mod_ctlextra, []}'; } + $OUT .= "\n"; + $OUT .= ' ,{mod_echo, [{host, "echo.'; + $OUT .= ${DomainName}; + $OUT .= '"}]}'; +} + diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleArchiveODBC b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleArchiveODBC new file mode 100644 index 0000000..a2d086f --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleArchiveODBC @@ -0,0 +1,17 @@ +{ + +if (($ejabberd{'Archives'} || 'disabled') eq 'enabled'){ +$OUT .=<<"HERE"; + ,{mod_archive_odbc, [{database_type, "mysql"}, + {default_auto_save, true}, + {enforce_default_auto_save, false}, + {default_expire, infinity}, + {enforce_min_expire, 0}, + {enforce_max_expire, infinity}, + {replication_expire, 31536000}, + {session_duration, 1800}, + {wipeout_interval, 86400}]} +HERE +} +} + diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleFilter b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleFilter new file mode 100644 index 0000000..dc6d174 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleFilter @@ -0,0 +1 @@ + ,\{mod_filter, []\} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleLogChat b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleLogChat new file mode 100644 index 0000000..e85a40c --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleLogChat @@ -0,0 +1,10 @@ +{ + +if (($ejabberd{'LogChat'} || 'disabled') eq 'enabled'){ + my $format = $ejabberd{'LogChatFormat'} || 'text'; + $OUT .=<<"HERE"; + ,{mod_log_chat, [{path, "/var/log/ejabberd/chat"}, {format, $format}]} +HERE +} + +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleSharedRosterLDAP b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleSharedRosterLDAP new file mode 100644 index 0000000..b788517 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleSharedRosterLDAP @@ -0,0 +1,31 @@ +{ + +if (($ejabberd{'SharedRoster'} || 'disabled') eq 'enabled'){ + + my $filter = ''; + if (scalar(@groups) == 1){ + $filter = "(cn=$groups[0])"; + } + elsif (scalar(@groups) gt 1){ + $filter = '(|'; + $filter .= "(cn=$_)" foreach (@groups); + $filter .= ')'; + } + + $OUT .=<<"HERE"; + ,{mod_shared_roster_ldap, [ + {ldap_base, "$base"}, + {ldap_rfilter, "(objectClass=mailboxRelatedObject)"}, + {ldap_filter, "$filter"}, + {ldap_gfilter, "(&(objectClass=mailboxRelatedObject)(cn=%g))"}, + {ldap_ufilter, "(&(objectClass=inetOrgPerson)(uid=%u))"}, + {ldap_groupattr, "cn"}, + {ldap_groupdesc, "description"}, + {ldap_memberattr, "memberUid"}, + {ldap_useruid, "uid"}, + {ldap_userdesc, "cn"} + ]} +HERE + +} +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleVcardLDAP b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleVcardLDAP new file mode 100644 index 0000000..5b272c9 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleVcardLDAP @@ -0,0 +1,39 @@ +{ + +$OUT .=<<"HERE"; + ,{mod_vcard_ldap, [ + {ldap_base, "ou=Users,$base"}, + {ldap_filter, "(objectClass=inetOrgPerson)"}, + {ldap_vcard_map, + %% vcard patterns + [{"NICKNAME", "%u", []}, % just use user's part of JID as his nickname + {"GIVEN", "%s", ["givenName"]}, + {"FAMILY", "%s", ["sn"]}, + {"FN", "%s, %s", ["sn", "givenName"]}, + {"MIDDLE", "%s", ["initials"]}, + {"EMAIL", "%s", ["mail"]}, + {"BDAY", "%s", ["birthDay"]}, + {"ORGNAME", "%s", ["o"]}, + {"ORGUNIT", "%s", ["ou"]}, + {"LOCALITY", "%s", ["l"]}, + {"STREET", "%s", ["Street"]}, + {"PCODE", "%s", ["postalCode"]}, + {"TEL", "%s", ["telephoneNumber"]}, + {"ROLE", "%s", ["title"]}, + {"PHOTO", "%s", ["jpegPhoto"]} + ]}, + %% Search form + {ldap_search_fields, + [{"User", "%u"}, + {"Name", "givenName"}, + {"Family Name", "sn"}, + {"Email", "mail"}]}, + %% vCard fields to be reported + %% Note that JID is always returned with search results + {ldap_search_reported, + [{"Full Name", "FN"}, + {"Nickname", "NICKNAME"}]} + ]} +HERE + +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/90ModulesEnd b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/90ModulesEnd new file mode 100644 index 0000000..739f643 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/90ModulesEnd @@ -0,0 +1,3 @@ + ]\}. + + diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/template-begin b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/template-begin new file mode 100644 index 0000000..11d3726 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/template-begin @@ -0,0 +1,8 @@ +{ + $OUT =<<'HERE'; + +override_acls. +override_global. +override_local. +HERE +} diff --git a/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/template-end b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/template-end new file mode 100644 index 0000000..45bfe29 --- /dev/null +++ b/root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/template-end @@ -0,0 +1,7 @@ +{ + $OUT =<<'HERE'; +% Local Variables: +% mode: erlang +% End: +HERE +} diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/00Setup b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/00Setup new file mode 100644 index 0000000..e00a95b --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/00Setup @@ -0,0 +1,10 @@ +{ + use esmith::DomainsDB; + # Convert the passed hash for the domain object back into an object. + $domain = bless \%domain, 'esmith::DB::db::Record'; + + # Make scalars from some of the properties of the domain + $virtualHost = $domain->key; + $OUT = ""; +} + diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/10ServerName b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/10ServerName new file mode 100644 index 0000000..38f4ddf --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/10ServerName @@ -0,0 +1 @@ + ServerName {$virtualHost} diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/80Ejabberd b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/80Ejabberd new file mode 100644 index 0000000..3911311 --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/80Ejabberd @@ -0,0 +1,57 @@ +{ + +my $admin = $ejabberd{'WebAdmin'} || 'disabled'; +my $bind = $ejabberd{'HTTPBind'} || 'disabled'; +my $poll = $ejabberd{'HTTPPoll'} || 'disabled'; + +my $allowAdmin = ($admin eq 'enabled') ? "allow from $localAccess $externalSSLAccess" : ''; +my $allowBind = ($bind eq 'enabled') ? "allow from all" : ''; +my $allowPoll = ($poll eq 'enabled') ? "allow from all" : ''; + +if ( $port ne ($modSSL{'TCPPort'} || '443')){ + $OUT .=<<"EOF"; + + #==================================================================== + # HTTPS redirection for Ejabberd + #==================================================================== + + RewriteEngine on + RewriteRule ^/(.*|\$) https://%{HTTP_HOST}/\$1 \[L,R\] + +EOF + } + else{ + $OUT .=<<"HERE"; + + SSLEngine on + + ProxyPass / http://localhost:5280/ + ProxyPassReverse / http://localhost:5280/ + + + order deny,allow + deny from all + + + + order deny,allow + deny from all + $allowAdmin + + + + order deny,allow + deny from all + $allowBind + + + + order deny,allow + deny from all + $allowPoll + + +HERE + } +} + diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/template-begin b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/template-begin new file mode 100644 index 0000000..b050035 --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/template-begin @@ -0,0 +1,2 @@ + + diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/template-end b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/template-end new file mode 100644 index 0000000..50d3d92 --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/template-end @@ -0,0 +1,2 @@ + + diff --git a/root/etc/e-smith/templates/etc/jappix/main.xml/20Cas b/root/etc/e-smith/templates/etc/jappix/main.xml/20Cas new file mode 100644 index 0000000..f8b45df --- /dev/null +++ b/root/etc/e-smith/templates/etc/jappix/main.xml/20Cas @@ -0,0 +1,4 @@ + on + auth.{$DomainName} + /cas + /etc/pki/tls/certs/cacert.pem diff --git a/root/etc/e-smith/templates/etc/logrotate.d/ejabberd/var.log.ejabberd b/root/etc/e-smith/templates/etc/logrotate.d/ejabberd/var.log.ejabberd new file mode 100644 index 0000000..9ad7421 --- /dev/null +++ b/root/etc/e-smith/templates/etc/logrotate.d/ejabberd/var.log.ejabberd @@ -0,0 +1,13 @@ + +/var/log/ejabberd/ejabberd.log /var/log/ejabberd/sasl.log \{ + missingok + compress + notifempty + rotate 5 + weekly + create 0644 ejabberd ejabberd + sharedscripts + postrotate + sudo -u ejabberd -H /sbin/e-smith/ejabberdctl reopen-log >/dev/null 2>/dev/null || true + endscript +\} diff --git a/root/etc/e-smith/templates/etc/pam.d/ejabberd/05cas b/root/etc/e-smith/templates/etc/pam.d/ejabberd/05cas new file mode 100644 index 0000000..22016ad --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/ejabberd/05cas @@ -0,0 +1 @@ +auth sufficient pam_cas.so -sxmpp://{$DomainName} -f/etc/pam_cas.conf diff --git a/root/etc/e-smith/templates/etc/pam.d/ejabberd/10systemAuth b/root/etc/e-smith/templates/etc/pam.d/ejabberd/10systemAuth new file mode 100644 index 0000000..7535809 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/ejabberd/10systemAuth @@ -0,0 +1,2 @@ +auth include system-auth +account include system-auth diff --git a/root/etc/e-smith/templates/etc/pam.d/ejabberd/template-begin b/root/etc/e-smith/templates/etc/pam.d/ejabberd/template-begin new file mode 100644 index 0000000..c929712 --- /dev/null +++ b/root/etc/e-smith/templates/etc/pam.d/ejabberd/template-begin @@ -0,0 +1,9 @@ +{ + $OUT = < "/home/e-smith/ssl.pem/$hostname.$domain.pem" , + TEMPLATE_EXPAND_QUEUE => [ "/" ] , + OUTPUT_FILENAME => "/var/service/ejabberd/ssl/cert.pem" , + UID => "ejabberd" , + PERMS => 0640 , + }); + exec 'sv', '2', '/service/ejabberd'; + } +} \ No newline at end of file diff --git a/root/etc/e-smith/templates/var/lib/lemonldap-ng/conf/lmConf/050jappix b/root/etc/e-smith/templates/var/lib/lemonldap-ng/conf/lmConf/050jappix new file mode 100644 index 0000000..5786f52 --- /dev/null +++ b/root/etc/e-smith/templates/var/lib/lemonldap-ng/conf/lmConf/050jappix @@ -0,0 +1,28 @@ +{ + +$conf->{'exportedHeaders'}->{"jabber.$domain"} = { + 'Auth-User' => '$uid', +} unless ($conf->{'exportedHeaders'}->{"jabber.$domain"}); + +$conf->{'locationRules'}->{"jabber.$domain"} = { + 'default' => '$groups =~ /\\bequipe|admins\\b/', + '(?#10pgt)^/(index\\.php)?\\?pgtIou=PGTIOU\\-[\\d\\w]+\\&pgtId=PGT\\-[\\d\\w]+$' => 'unprotect' +} unless ($conf->{'locationRules'}->{"jabber.$domain"}); + +$conf->{'applicationList'}->{'010apps'}->{'jappix'} = { + 'options' => { + 'logo' => 'bell.png', + 'name' => 'Jappix', + 'description' => 'Messagerie instantanée', + 'uri' => "https://jabber.$domain/", + 'display' => 'auto' + }, + 'type' => 'application' +} unless $conf->{'applicationList'}->{'010apps'}->{'jappix'}; + +$conf->{'issuerDBCASActivation'} = '1'; + +$OUT .= ''; + +} + diff --git a/root/etc/e-smith/web/functions/ejabberd b/root/etc/e-smith/web/functions/ejabberd new file mode 100755 index 0000000..7d9a68f --- /dev/null +++ b/root/etc/e-smith/web/functions/ejabberd @@ -0,0 +1,121 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# heading : Configuration +# description : INSTANT_MESSAGING +# navigation : 6000 6950 +#---------------------------------------------------------------------- +#---------------------------------------------------------------------- +# copyright (C) 2007 Free-EOS +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +#---------------------------------------------------------------------- + + + +use strict; +use esmith::FormMagick::Panel::ejabberd; +my $f = esmith::FormMagick::Panel::ejabberd->new(); +$f->display(); + + + + +=head1 TESTING + + +=begin testing + +use esmith::FormMagick::Tester; +use esmith::TestUtils; +use esmith::ConfigDB; + +my $panel = 'hwinfo'; +my $panel_path = "/etc/e-smith/web/functions/".$panel; +my $ua = esmith::FormMagick::Tester->new(); + + +is (mode($panel_path), '4750', "Check permissions on script"); +my @stat = stat($panel_path); +is (getpwuid($stat[4]), 'root', "File is owned by root"); +is (getgrgid($stat[5]), 'admin', "File is owned by group admin"); +ok ($ua->get_panel($panel), "ABOUT TO RUN L10N TESTS"); +is ($ua->{status}, 200, "200 OK"); +like($ua->{content}, qr/FORM_TITLE/, "Saw untranslated form title"); +ok ($ua->set_language("en"), "Set language to English"); +ok ($ua->get_panel($panel), "Get panel"); +is ($ua->{status}, 200, "200 OK"); + +=end testing + +=cut + +__DATA__ +
+ + PAGE_DESCRIPTION + + + DESC_ACCESS + + + + + DESC_ALLOWED_GROUPS + + + + + + + DESC_SHARED_ROSTER + + + + DESC_GATEWAYS + + + + + + + DESC_FILTER_MODE + + + + DESC_EXCEPTION_LIST + + + + + + + +
diff --git a/root/sbin/e-smith/ejabberdctl b/root/sbin/e-smith/ejabberdctl new file mode 100755 index 0000000..be50224 --- /dev/null +++ b/root/sbin/e-smith/ejabberdctl @@ -0,0 +1,86 @@ +#!/bin/bash + +# ejabberdctl for SME Server +# Author : Jean-Paul Leclere +# Copyright GNU GPL 2008 + +# define default configuration +POLL=true +SMP=auto +ERL_MAX_PORTS=32000 +ERL_PROCESSES=250000 +ERL_MAX_ETS_TABLES=1400 +HOME=/var/lib/ejabberd + +# define default environment variables +NODE=ejabberd +HOST=`hostname | cut -d. -f1` +ERLANG_NODE=$NODE@$HOST + + LD_LIBRARY_PATH="/lib/:/usr/lib/" + DYLD_LIBRARY_PATH=$LD_LIBRARY_PATH + export LD_LIBRARY_PATH + export DYLD_LIBRARY_PATH + +# export global variables +export HOME + +# common control function +ctl() +{ + erl -pa /usr/lib/ejabberd/ebin -sname ejabberdctl \ + -noinput \ + -s ejabberd_ctl -extra $ERLANG_NODE $@ + result=$? + case $result in + 0) :;; + *) + echo "" + echo "Run ejabberdctl without parameters to get help" + echo "";; + esac + return $result +} + +# allow sync calls +wait_for_status() +{ + # args: status try delay + # return: 0 OK, 1 KO + timeout=$2 + status=4 + while [ $status -ne $1 ]; do + sleep $3 + let timeout=timeout-1 + [ $timeout -eq 0 ] && { + status=$1 + } || { + ctl status > /dev/null + status=$? + } + done + [ $timeout -eq 0 ] && { + status=1 + echo "ejabberd is not started" + } || { + status=0 + echo "ejabberd is started" + } + return $status +} + +# display ctl usage +usage() +{ + ctl + exit +} + +[ $# -lt 1 ] && usage + +case $1 in + start) echo "Start ejabberd through Server-Manager" ;; + started) wait_for_status 0 30 2;; # wait 30x2s before timeout + stopped) wait_for_status 3 15 2;; # wait 15x2s before timeout + *) ctl $@;; +esac diff --git a/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/ejabberd.pm b/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/ejabberd.pm new file mode 100644 index 0000000..188ba96 --- /dev/null +++ b/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/ejabberd.pm @@ -0,0 +1,349 @@ +#!/usr/bin/perl -w + +package esmith::FormMagick::Panel::ejabberd; + +use strict; + +use esmith::FormMagick; +use esmith::ConfigDB; +use esmith::AccountsDB; +use esmith::cgi; +use File::Basename; +use Exporter; +use Carp; + +our @ISA = qw(esmith::FormMagick Exporter); + +our @EXPORT = qw( + + show_initial + get_ejabberd_access + get_exception_list + get_cgi_param + print_gateways +); + +our $db = esmith::ConfigDB->open() || die "Couldn't open config db"; +our $ejdb = esmith::ConfigDB->open('im') || + esmith::ConfigDB->create('im'); +our $adb = esmith::AccountsDB->open_ro() || die "Couldn't open AccountsDB"; + +our @transports = qw/Msn/; + +our $VERSION = sprintf '%d.%03d', q$Revision: 2.00 $ =~ /: (\d+).(\d+)/; + + +=pod + +=head1 NAME + +esmith::FormMagick::Panels::ejabberd - useful panel functions + +=head1 SYNOPSIS + + use esmith::FormMagick::Panels::ejabberd; + + my $panel = esmith::FormMagick::Panel::ejabberd->new(); + $panel->display(); + +=head1 DESCRIPTION + +=cut + + +=head2 new(); + +Exactly as for esmith::FormMagick + +=begin testing + +$ENV{ESMITH_DOMAINS_DB} = "10e-smith-base/domains.conf"; +$ENV{ESMITH_CONFIG_DB} = "10e-smith-base/configuration.conf"; + +use_ok('esmith::FormMagick::Panel::ejabberd'); +use vars qw($panel); +ok($panel = esmith::FormMagick::Panel::ejabberd->new(), "Create panel object"); +isa_ok($panel, 'esmith::FormMagick::Panel::ejabberd'); + +=end testing + +=cut + +sub new { + shift; + my $self = esmith::FormMagick->new(); + $self->{calling_package} = (caller)[0]; + bless $self; + return $self; +} + + +=head1 ACCESSORS + +=head2 get_cgi_param FM FIELD + +Returns the named CGI parameter as a string + +=cut + +sub get_cgi_param { + my $fm = shift; + my $param = shift; + + return ( $fm->{'cgi'}->param($param) ); +} + + +=head2 get_prop ITEM PROP + +A simple accessor for esmith::ConfigDB::Record::prop + +=cut + +sub get_prop { + my ($self, $item, $prop) = @_; + warn "You must specify a record key" unless $item; + warn "You must specify a property name" unless $prop; + my $record = $db->get($item) or warn "Couldn't get record for $item"; + return $record ? $record->prop($prop) : undef; +} + +=head2 get_value ITEM + +A simple accessor for esmith::ConfigDB::Record::value + +=cut + +sub get_value { + my $self = shift; + my $item = shift; + return ($db->get($item)->value()); +} + +=head2 get_ejabberd_access + +Returns "public", "private" or "off" depending on the 'access' and 'status' properties +of the "ejabberd" config file variable + +=cut + +sub get_ejabberd_access { + + my ($self) = @_; + my $status = get_prop($self,'ejabberd','status'); + if ( (defined $status) && ($status eq 'enabled')) { + my $access = get_prop($self,'ejabberd','access'); + return $access ? $access : 'off'; + } + else { + return('off'); + } +} + +=head2 get_exception_list + +return the list of already defined exceptions + +=cut + +sub get_exception_list +{ + my ($self) = @_; + my $q = $self->{cgi}; + + my $rec = $ejdb->get('exception') || + $ejdb->new_record('exception', {type=>'list'}); + my %rules = $rec->props; + my @exceptions = (); + while (my ($parameter,$value) = each(%rules)) { + next if ($parameter eq "type"); + + if ($value eq "User") { + $parameter =~ s/\\\\40/%/; + push (@exceptions,$parameter); + } + } + return join("\n", @exceptions); +} + +=head1 ACTION + + +=head2 change_settings + +If everything has been validated, properly, go ahead and set the new settings + +=cut + + +sub change_settings { + my ($self) = @_; + + my %conf; + + my $q = $self->{'cgi'}; + + # Don't process the form unless we clicked the Save button. The event is + # called even if we chose the Remove link or the Add link. + return unless($q->param('Next') eq $self->localise('SAVE')); + + my $access = $q->param ('access') || 'off'; + my $webadmin = $q->param('webadmin') || 'disabled'; + my @gateways = $q->param('transports') || (); + my $roster = $q->param('shared_roster') || 'disabled'; + my $filter = $q->param('default_filter') || 'allow'; + my $log = $q->param('log') || 'none'; + my $exceptions = ($q->param('exception_list') || ''); + my @exceptions = split(/[\n\r]/, $exceptions); + + #------------------------------------------------------------ + # Looks good; go ahead and change the access. + #------------------------------------------------------------ + + my $rec = $db->get('ejabberd'); + if($rec) + { + if ($access eq "off") + { + $rec->set_prop('status','disabled'); + } + else + { + $rec->set_prop('status','enabled'); + $rec->set_prop('access', $access); + } + } + + $rec->set_prop('FilterDefault', $filter); + $rec->set_prop('AllowedGroups', join(',',$q->param('allowedGroups'))); + $rec->set_prop('SharedRoster', $roster); + + $rec = $db->get('spectrum'); + + foreach my $proto (@transports){ + if (grep ($proto, @gateways)){ + $rec->set_prop("$proto",'enabled'); + } + else{ + $rec->set_prop("$proto",'disabled'); + } + } + + $rec = $ejdb->get('exception'); + + my %list = $rec->props; + while (my ($parameter,$value) = each(%list)) { + if ($parameter eq "type") {next;} + + if ($value eq "User") { + $ejdb->get_prop_and_delete('exception', "$parameter"); + } + } + + foreach (@exceptions){ + $rec->set_prop($_, 'User'); + } + + $self->cgi->param(-name=>'wherenext', -value=>'First'); + + unless ( system( "/sbin/e-smith/signal-event", "ejabberd-update" ) == 0 ) + { + $self->error('ERROR_UPDATING'); + return undef; + } + + $self->success('SUCCESS'); +} + +=head2 print_gateways + +This method print status of the available gateways + +=cut + +sub print_gateways +{ + my ($self) = @_; + my $q = $self->{cgi}; + + print "", + $self->localise('LABEL_GATEWAYS'), + "\n"; + + print $q->start_table({-class => "sme-border"}),"\n"; + print $q->Tr( + esmith::cgi::genSmallCell($q, $self->localise('PROTOCOL'),"header"), + esmith::cgi::genSmallCell($q, $self->localise('STATUS'),"header"), + ); + my $spectrum = $db->get('spectrum'); + + foreach my $proto (@transports){ + my $status = $spectrum->prop($proto) || 'disabled'; + my $checked = ($status eq 'enabled') ? 'checked' : ''; + print $q->Tr( + esmith::cgi::genSmallCell($q, $proto,"normal"), + $q->td( + "localise($proto)\">" + ) + ); + } + print "\n"; + + return undef; +} + +=head2 print_allowed_groups + +This method print a matrix of allowed groups + +=cut +sub print_allowed_groups(){ + my ($self) = @_; + my $q = $self->{cgi}; + + my @allowedGroups = split(/[,;]/, (get_prop($self, 'ejabberd', 'AllowedGroups'))); + + if (my @groups = $adb->groups()) { + + print "", + $self->localise('ALLOWED_GROUPS'), + "\n"; + + print $q->start_table({-class => "sme-border"}),"\n"; + print $q->Tr( + esmith::cgi::genSmallCell($q, $self->localise('ALLOWED_OR_NOT'),"header"), + esmith::cgi::genSmallCell($q, $self->localise('GROUP'),"header"), + esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header") + ); + + foreach my $g (@groups) { + my $groupname = $g->key(); + my $checked; + if (grep { $groupname eq $_ } @allowedGroups) { + $checked = 'checked'; + } else { + $checked = ''; + } + + print $q->Tr( + $q->td( + "" + ), + esmith::cgi::genSmallCell($q, $groupname,"normal"), + esmith::cgi::genSmallCell( $q, $adb->get($groupname)->prop("Description"),"normal") + ); + } + + print "\n"; + + } + + return undef; + +} + +1; diff --git a/root/var/service/ejabberd/control/1 b/root/var/service/ejabberd/control/1 new file mode 100644 index 0000000..57597ec --- /dev/null +++ b/root/var/service/ejabberd/control/1 @@ -0,0 +1,41 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# copyright (C) 2010-2011 Firewall-Services +# daniel@firewall-services.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +use esmith::util; +use esmith::ConfigDB; +use File::Copy; + +my $c = esmith::ConfigDB->open_ro; +my $s = $c->get('SystemName')->value; +my $d = $c->get('DomainName')->value; + +my $pem = "./ssl/cert.pem"; +# Now copy system pem file into jail used by ldap +copy("/home/e-smith/ssl.pem/$s.$d.pem", "$pem.$$") + or die "failed to copy SSL PEM: $!"; +chmod 0640, "$pem.$$"; +esmith::util::chownFile("root", "ejabberd", "$pem.$$"); +rename("$pem.$$", "$pem") + or die "failed to rename $pem.$$ to $pem: $!"; + diff --git a/root/var/service/ejabberd/control/2 b/root/var/service/ejabberd/control/2 new file mode 100644 index 0000000..8a143e3 --- /dev/null +++ b/root/var/service/ejabberd/control/2 @@ -0,0 +1,5 @@ +#! /bin/sh + +test /var/service/ejabberd/ssl/cert.pem -nt ./supervise/pid || exit 0 +sv t . + diff --git a/root/var/service/ejabberd/down b/root/var/service/ejabberd/down new file mode 100644 index 0000000..e69de29 diff --git a/root/var/service/ejabberd/log/run b/root/var/service/ejabberd/log/run new file mode 100644 index 0000000..851ef93 --- /dev/null +++ b/root/var/service/ejabberd/log/run @@ -0,0 +1,24 @@ +#!/bin/sh + + #---------------------------------------------------------------------- + # copyright (C) 2007 Free-EOS + # + # This program is free software; you can redistribute it and/or modify + # it under the terms of the GNU General Public License as published by + # the Free Software Foundation; either version 2 of the License, or + # (at your option) any later version. + # + # This program is distributed in the hope that it will be useful, + # but WITHOUT ANY WARRANTY; without even the implied warranty of + # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + # GNU General Public License for more details. + # + # You should have received a copy of the GNU General Public License + # along with this program; if not, write to the Free Software + # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + # + #---------------------------------------------------------------------- + exec \ + /usr/local/bin/setuidgid smelog \ + /usr/local/bin/multilog t s5000000 \ + /var/log/ejabberd.run diff --git a/root/var/service/ejabberd/run b/root/var/service/ejabberd/run new file mode 100755 index 0000000..74d6399 --- /dev/null +++ b/root/var/service/ejabberd/run @@ -0,0 +1,52 @@ +#!/bin/sh -x +#--------------------------------------- +# copyright (C) 2008 Jean-Paul Leclere +#--------------------------------------- + +exec 2>&1 + +./control/1 + +NODE=ejabberd +HOST=`hostname | cut -d. -f1` + +EMU=beam +export EMU + +LD_LIBRARY_PATH=/usr/lib/:/lib +export LD_LIBRARY_PATH +DYLD_LIBRARY_PATH=$LD_LIBRARY_PATH +export DYLD_LIBRARY_PATH + +# Define ejabberd environment +ERL_MAX_PORTS=32000 +export ERL_MAX_PORTS +ERL_INETRC_PATH=/etc/ejabberd/inetrc +export ERL_INETRC_PATH +SASL_LOG_PATH=/var/log/ejabberd/sasl.log +export SASL_LOG_PATH +EJABBERD_LOG_PATH=/var/log/ejabberd/ejabberd.log +export EJABBERD_LOG_PATH +EJABBERD_SO_PATH=/usr/lib/ejabberd/priv/lib +export EJABBERD_SO_PATH +EJABBERD_CONFIG_PATH=/etc/ejabberd/ejabberd.cfg +export EJABBERD_CONFIG_PATH +EJABBERD_MSGS_PATH=/usr/lib/ejabberd/priv/msgs +export EJABBERD_MSGS_PATH +EJABBERD_DB=/var/lib/ejabberd/spool +export EJABBERD_DB +HOME=/var/lib/ejabberd +export HOME + +exec /usr/local/bin/setuidgid ejabberd \ + erl -pa /usr/lib/ejabberd/ebin \ + -noinput \ + -smp auto +K false +P 250000 \ + -sname ejabberd \ + -mnesia dir \"$EJABBERD_DB\" \ + -kernel inetrc \"/$ERL_INETRC_PATH\" \ + -s ejabberd \ + -ejabberd config \"$EJABBERD_CONFIG_PATH\" \ + log_path \"$EJABBERD_LOG_PATH\" \ + -sasl sasl_error_logger \{file,\"$SASL_LOG_PATH\"\} +