Hi, thank you for adding the XMPP function to ISPConfig. I would love to use it, but i do not manage to get it working. Perhaps you can give me a hint where to look for the error. It seems as the client (ihave tried gajim, pidgin, conversations and empaty) try to get a list of auth mechanisms and metronome is not willing to send it? In /etc/metronome/metronome.dbg get: c2sebfcd0 debug Received[c2s_unauthed]: <iq id='7' type='get'> mod_router debug Stanza of type iq from c2s_unauthed has xmlns: jabber:iq:auth mod_router debug Unhandled c2s_unauthed stanza: iq; xmlns=jabber:iq:auth When i log the jabber conversation from the client side i get: SENDING: <iq type='get' id='purpledb857591'><query xmlns='jabber:iq:auth'><username>XY</username></query></iq> RECEIVED: (137): <iq id='purpledb857591' type='error'><error type='cancel'><service-unavailable xmlns='urn:ietfarams:xml:ns:xmpp-stanzas'/></error></iq> The metronome external auth command /usr/lib/metronome/isp-modules/mod_auth_external/authenticate_isp.sh is never called by metronome. Best regards, Gerd
Hi Guys, I just updated my ISPConfig to Version: 3.1.2 on my ubuntu 16.04, and now lost my Metronome/Turn server, I removed and added new domain and users, I get an error message from my client says "Server not compatible" then I went back and updated all the files per this thread now i'm getting user not authorized I'm 100% sure the xmpp user password of the client match the server xmpp user password !!! Code: Feb 05 11:42:59 socket debug accepted incoming client connection from: xxx.xxx.183.53 54267 to 5222 Feb 05 11:42:59 c2s1917f40 info Client connected Feb 05 11:42:59 c2s1917f40 debug Client sent opening <stream:stream> to xxxx.com Feb 05 11:42:59 c2s1917f40 debug Sent reply <stream:stream> to client Feb 05 11:42:59 c2s1917f40 debug Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'> Feb 05 11:42:59 socket debug try to start ssl at client id: 1917f40 Feb 05 11:42:59 socket debug ssl session delayed until writebuffer is empty... Feb 05 11:42:59 c2s1917f40 debug TLS negotiation started for c2s_unauthed... Feb 05 11:42:59 socket debug starting ssl handshake after writing Feb 05 11:42:59 socket debug starting handshake... Feb 05 11:42:59 socket debug ssl handshake of client with id:table: 0x1917f40, attempt:1 Feb 05 11:42:59 socket debug ssl handshake of client with id:table: 0x1917f40, attempt:2 Feb 05 11:42:59 socket debug ssl handshake of client with id:table: 0x1917f40, attempt:3 Feb 05 11:42:59 socket debug ssl handshake done Feb 05 11:42:59 c2s1917f40 debug Client sent opening <stream:stream> to xxxxx.com Feb 05 11:42:59 c2s1917f40 debug Sent reply <stream:stream> to client Feb 05 11:42:59 c2s1917f40 debug Received[c2s_unauthed]: <auth mechanism='PLAIN' xmlns='urn:ietf:params:xml:ns:xmpp-sasl'> Feb 05 11:42:59 xxxxx.com:auth_external debug test_password check: admin xxxxxxxxxxx Feb 05 11:42:59 xxxxx.com:auth_external debug Opening process /usr/lib/metronome/isp-modules/mod_auth_external/authenticate_isp.sh Feb 05 11:42:59 xxxxx.com:auth_external debug send_query check: auth:admin:xxxxx.com:xxxxxxxxxx Feb 05 11:42:59 xxxx.com:saslauth debug sasl reply: <failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/><text>Unable to authorize you with the authentication credentials you've sent</text></failure>
Hello Friends, Could you show one working example of Metronome on ISPConfig 3.1.2? I still don't know how to configure it. Thank you in advance.
Hey guys first of all, I apologize for the issues with my modification. The plugin I use for authentication is from prosodys community plugin repository. Influenced by metronome being a fork of prosody, it also worked with metronome by the time I pushed my modification. My reasons for choosing metronome was the much faster implementation of new XEPs used by clients and the flexibility of the multi-file storage compared to prosodys single file storage. Unfortunatly in the 16 month between my merge request and the new ISPConfig release there was a new debian release and some major changes to metronome. I still can't persuade metronome to authenticate using the prosody auth module ... Furthermore the metronome main developer was not really a big help. The last months I had some serious family issues to handle and am working on my bachelor thesis at the moment. Afterwards I will implement the following changes to the XMPP support: Migrage from metronome to prosody Write a guide for migrating already installed metronome servers Write a setup guide for perfect server setup tutorials supporting current debian and ubuntu releases So, expect a working version for prosody this autumn. And again, sorry for the problems coming from choosing metronome. Workaround for the meantime: If you want to provide XMPP now, you can uninstall all metronome-related stuff and follow the default setup instructions from http://prosody.im. Afterwards you can use for example mod_auth_imap (prosody community module) to authenticate users using your mailserver (https://modules.prosody.im/type_auth.html). Unfortunatly you will have to follow the prosody sample config to configure the XMPP hosts yourself. It wont work using the generated metronome config files.
I have done nothing. Just looking at the config files. Could you post your config files here? Does Metronome require a trusted SSL cet to work?
All settings are made via ispconfig. Create a domain in the XMPP section, create a certificate in the same place. You need to replace the contents of the module mod_auth_external from"small update" (https://www.howtoforge.com/community/threads/xmpp-with-ispconfig.68501/page-2#post-351845)!!! After that everything works
The log reported: ========== general error At least one active host is required for Metronome to function. Exiting... general error No enabled VirtualHost entries found in the config file. ========== How do I correct it? In addition, there is no such file under /opt/metronome/plugins/mod_auth_external.lua
I have installed your /usr/lib/metronome/isp-modules/mod_auth_external/mod_auth_external.lua. Then, I tried to create an XMPP instance inside the ispconfig panel but failed! It asked me to fill in the registration URL. I don't have it. How do I correct it?
No matter what I fill in, it will show this. How do I correct it? My system is Ubuntu 16.04, php 7.0, ISPConfig 3.1.2.
Hi guys, I have a question (I'm not familiar with metronome / prosody), What if we use mod auth sql update for ispconfig, This will be more reliable, and my primary concern is, sasl/sha will working (many xmpp client are only sasl compatible)? EDIT: I have adapted a plugin, require only one file (mod_auth_ispconfig.lua / ~130 lines) config could be generate by ispconfig installer in metronome global.conf Code: ispconfig = { serverid = ; database = "dbispconfig"; host = "localhost"; port = 3306; username = "ispconfig"; password = ""; }; Only things i've don't do is support for SCRAM-SHA-1 (that's purpose), DIGEST-MD5 and PLAIN works fine. The last point i don't understand (and that is problematic). Why store passwords in database with php encryption instead of a mysql embedded function? So I can handle that (installer, password database storage, (sha-1?)) and push it into the Ispconfig repository, only if you find it's useful.
It seems that the issue was solved by using prosody instead of metronome. The changes have been merged[1] on master branch from git's repository. Instructions for its installation on Debian GNU/Linux stretch v9.0 were published in the wiki[2]. Thank you all for your help. [1] https://git.ispconfig.org/ispconfig/ispconfig3/merge_requests/759 [2] https://git.ispconfig.org/qroac/ispconfig3/wikis/Prosody-Setup-Instructions-for-Debian-Stretch
Have a look to the exposed features[3] section in the wiki (like bosch server to enable http-bind connections). Congratulations for those nice features. [3] https://git.ispconfig.org/qroac/ispconfig3/wikis/Features-managed-by-XMPP-extension
