rroemhild / docker-ejabberd Goto Github PK

View Code? Open in Web Editor NEW

266.0 17.0 162.0 374 KB

Dockerfile for Ejabberd server

License: MIT License

Smarty 42.98% Shell 46.65% Dockerfile 10.37%

xmpp xmpp-servers ejabberd docker-image docker

docker-ejabberd's Introduction

rroemhild/ejabberd

Introduction
- Version
Quick Start
Usage
Runtime Configuration
- Served Hostnames
- Authentication
- Admins
- Users
- SSL
- Erlang
- Modules
- Logging
- Mount Configurations
- MySQL Everything
Maintenance
Debug
Exposed Ports

Introduction

Dockerfile to build an ejabberd container image.

Since version 16.12, ejabberd has it's own docker container based on the work of this container included in the source tree. See more in this blogpost. We can expect more work on this in the future.

Version

Current Version: 21.01

Docker Tag Names are based on ejabberd versions in git branches and tags. The image tag :latest is based on the master branch.

Quick Start

You can start of with the following container:

docker run -d \
    --name "ejabberd" \
    -p 5222:5222 \
    -p 5269:5269 \
    -p 5280:5280 \
    -h 'xmpp.example.de' \
    -e "XMPP_DOMAIN=example.de" \
    -e "[email protected] [email protected]" \
    -e "[email protected]:password1234 [email protected]" \
    -e "TZ=Europe/Berlin" \
    rroemhild/ejabberd

or with the docker-compose example

wget https://raw.githubusercontent.com/rroemhild/docker-ejabberd/master/examples/docker-compose/docker-compose.yml
docker-compose up

Usage

Persistence

For storage of the application data, you can mount volumes at

/opt/ejabberd/ssl
/opt/ejabberd/backup
/opt/ejabberd/upload
/opt/ejabberd/database

or use a data container

docker create --name ejabberd-data rroemhild/ejabberd-data
docker run -d --name ejabberd --volumes-from ejabberd-data rroemhild/ejabberd

SSL Certificates

TLS is enabled by default and the run script will auto-generate two snake-oil certificates during boot if you don't provide your SSL certificates.

To use your own certificates, there are two options.

Mount the volume /opt/ejabberd/ssl to a local directory with the .pem files:
- /tmp/ssl/host.pem (SERVER_HOSTNAME)
- /tmp/ssl/xmpp_domain.pem (XMPP_DOMAIN)
Make sure that the certificate and private key are in one .pem file. If one file is missing it will be auto-generated. I.e. you can provide your certificate for your XMMP_DOMAIN and use a snake-oil certificate for the SERVER_HOSTNAME.
Specify the certificates via environment variables: EJABBERD_SSLCERT_HOST and EJABBERD_SSLCERT_EXAMPLE_COM. For the domain certificates, make sure you match the domain names given in XMPP_DOMAIN and replace dots and dashes with underscore.

Base Image

Build your own ejabberd container image and add your config templates, certificates or extend it for your needs.

FROM rroemhild/ejabberd
ADD ./ejabberd.yml.tpl /opt/ejabberd/conf/ejabberd.yml.tpl
ADD ./ejabberdctl.cfg.tpl /opt/ejabberd/conf/ejabberdctl.cfg.tpl
ADD ./example.com.pem /opt/ejabberd/ssl/example.com.pem

If you need root privileges switch to USER root and go back to USER ejabberd when you're done.

Run as root

By default ejabberd runs as user ejabberd(999). To run ejabberd as root add the -u root argument to docker run.

docker run -d -u root -P rroemhild/ejabberd

Cluster Example

The docker-compose-cluster example demonstrates how to extend this container image to setup a multi-master cluster.

Runtime Configuration

You can additionally provide extra runtime configuration in a downstream image by replacing the config template ejabberd.yml.tpl with one based on this image's template and include extra interpolation of environment variables. The template is parsed by Jinja2 with the runtime environment (equivalent to Python's os.environ available as env).

Served Hostnames

By default the container will serve the XMPP domain localhost. In order to serve a different domain at runtime, provide the XMPP_DOMAIN variable with a domain name. You can add more domains separated with whitespace.

XMPP_DOMAIN=example.ninja xyz.io test.com

Authentication

Authentication methods can be set with the EJABBERD_AUTH_METHOD environment variable. The default authentication mode is internal.

Supported authentication methods:

anonymous
internal
external
ldap

Internal and anonymous authentication example:

EJABBERD_AUTH_METHOD=internal anonymous

External authentication example:

EJABBERD_AUTH_METHOD=external
EJABBERD_EXTAUTH_PROGRAM="/opt/ejabberd/scripts/authenticate-user.sh"
EJABBERD_EXTAUTH_INSTANCES=3
EJABBERD_EXTAUTH_CACHE=600

EJABBERD_EXTAUTH_INSTANCES must be an integer with a minimum value of 1. EJABBERD_EXTAUTH_CACHE can be set to "false" or an integer value representing cache time in seconds. Note that caching should not be enabled if internal auth is also enabled.

Password format

The variable EJABBERD_AUTH_PASSWORD_FORMAT controls in which format user passwords are stored. Possible values are plain and scram. The default is to store SCRAMbled passwords, meaning that it is impossible to obtain the original plain password from the stored information.

NOTE: SCRAM does not work with SIP/TURN foreign authentication methods. In this case, you may have to disable the option. More details can be found here: https://docs.ejabberd.im/admin/configuration/#internal

If using SCRAM with an SQL database that has plaintext passwords stored, use the command

ejabberdctl convert_to_scram example.org

to convert all your existing plaintext passwords to scrambled format.

MySQL Authentication

Set EJABBERD_AUTH_METHOD=external and EJABBERD_EXTAUTH_PROGRAM=/opt/ejabberd/scripts/lib/auth_mysql.py to enable MySQL authentication. Use the following environment variables to configure the database connection and the layout of the database. Password changing, registration, and unregistration are optional features and are enabled only if the respective queries are provided.

AUTH_MYSQL_HOST: The MySQL host
AUTH_MYSQL_USER: Username to connect to the MySQL host
AUTH_MYSQL_PASSWORD: Password to connect to the MySQL host
AUTH_MYSQL_DATABASE: Database name where to find the user information
AUTH_MYSQL_HASHALG: Format of the password in the database. Default is cleartext. Options are crypt, md5, sha1, sha224, sha256, sha384, sha512. crypt is recommended, as it is salted. When setting the password, crypt uses SHA-512 (prefix $6$ ).
AUTH_MYSQL_QUERY_GETPASS: Get the password for a user. Use the placeholders %(user)s, %(host)s. Example: SELECT password FROM users WHERE username = CONCAT(%(user)s, '@', %(host)s)
AUTH_MYSQL_QUERY_SETPASS: Update the password for a user. Leave empty to disable. Placeholder %(password)s contains the hashed password. Example: UPDATE users SET password = %(password)s WHERE username = CONCAT(%(user)s, '@', %(host)s)
AUTH_MYSQL_QUERY_REGISTER: Register a new user. Leave empty to disable. Example: INSERT INTO users ( username, password ) VALUES ( CONCAT(%(user)s, '@', %(host)s), %(password)s )
AUTH_MYSQL_QUERY_UNREGISTER: Removes a user. Leave empty to disable. Example: DELETE FROM users WHERE username = CONCAT(%(user)s, '@', %(host)s)

Note that the MySQL authentication script writes a debug log into the file /var/log/ejabberd/extauth.log. To get its content, execute the following command:

docker exec -ti ejabberd tail -n50 -f /var/log/ejabberd/extauth.log

To find out more about the mysql authentication script, check out the ejabberd-auth-mysql repository.

LDAP Auth

Full documentation http://docs.ejabberd.im/admin/guide/configuration/#ldap.

Connection

EJABBERD_LDAP_SERVERS: List of IP addresses or DNS names of your LDAP servers. This option is required.
EJABBERD_LDAP_ENCRYPT: The value tls enables encryption by using LDAP over SSL. The default value is: none.
EJABBERD_LDAP_TLS_VERIFY: false|soft|hard This option specifies whether to verify LDAP server certificate or not when TLS is enabled. The default is false which means no checks are performed.
EJABBERD_LDAP_TLS_CACERTFILE: Path to file containing PEM encoded CA certificates.
EJABBERD_LDAP_TLS_DEPTH: Specifies the maximum verification depth when TLS verification is enabled. The default value is 1.
EJABBERD_LDAP_PORT: The default port is 389 if encryption is disabled; and 636 if encryption is enabled.
EJABBERD_LDAP_ROOTDN: Bind DN. The default value is "" which means ‘anonymous connection’.
EJABBERD_LDAP_PASSWORD: Bind password. The default value is "".
EJABBERD_LDAP_DEREF_ALIASES: never|always|finding|searching Whether or not to dereference aliases. The default is never.

Authentication

EJABBERD_LDAP_BASE: LDAP base directory which stores users accounts. This option is required.
EJABBERD_LDAP_UIDS: ldap_uidattr:ldap_uidattr_format The default attributes are uid:%u.
EJABBERD_LDAP_FILTER: RFC 4515 LDAP filter. The default Filter value is undefined.
EJABBERD_LDAP_DN_FILTER: { Filter: FilterAttrs } This filter is applied on the results returned by the main filter. By default ldap_dn_filter is undefined.

Admins

Set one or more admin user (seperated by whitespace) with the EJABBERD_ADMINS environment variable. You can register admin users with the EJABBERD_USERS environment variable during container startup, use you favorite XMPP client or the ejabberdctl command line utility.

[email protected]

Users

Automatically register users during container startup. Uses random password if you don't provide a password for the user. Format is JID:PASSWORD. Register more users separated with whitespace.

[email protected]:password1234

Or without a random password printed to stdout (check container logs):

[email protected]

[email protected]:password1234 [email protected] [email protected]

Shared Roster Groups

Automatically create roster groups and register users during container startup. To create shared roster groups, separate with whitespace:

[email protected] [email protected]

To add users to shared roster groups, separate with whitespace:

[email protected]:[email protected] [email protected]:[email protected]

To add all registered users on a virtual host to a shared roster group:

EJABBERD_GROUP_MEMBERS=@all@@example.ninja:[email protected]

Please take a note of the format: @all@@example.ninja. You need to specify not only the special directive @all@ but also a virtual host separated by @.

SSL

EJABBERD_SKIP_MAKE_SSLCERT: Skip generating ssl certificates. Default: false
EJABBERD_SSLCERT_HOST: SSL Certificate for the hostname.
EJABBERD_SSLCERT_EXAMPLE_COM: SSL Certificates for XMPP domains.
EJABBERD_STARTTLS: Set to false to disable StartTLS for client to server connections. Defaults to true.
EJABBERD_S2S_SSL: Set to false to disable SSL in server 2 server connections. Defaults to true.
EJABBERD_HTTPS: If your proxy terminates SSL you may want to disable HTTPS on port 5280 and 5443. Defaults to true.
EJABBERD_PROTOCOL_OPTIONS_TLSV1: Allow TLSv1 protocol. Defaults to false.
EJABBERD_PROTOCOL_OPTIONS_TLSV1_1: Allow TLSv1.1 protocol. Defaults to true.
EJABBERD_CIPHERS: Cipher suite. Defaults to HIGH:!aNULL:!3DES.
EJABBERD_DHPARAM: Set to true to use or generate custom DH parameters. Defaults to false.
EJABBERD_SKIP_MAKE_DHPARAM: Skip generating DH params. Default: false

STUN / TURN

EJABBERD_STUN: Do you want to enable the STUN service on port 3478 (tcp and udp) and port 5439 (TLS enabled). Default: false
EJABBERD_TURN_IP: Which IP to use for the TURN service on port 3478 (tcp and udp) and port 5439 (TLS enabled). Default: no default

Erlang

ERLANG_NODE: Allows to explicitly specify erlang node for ejabberd. Set to ejabberd lets erlang add the hostname. Defaults to ejabberd@localhost.
ERLANG_COOKIE: Set erlang cookie. Defaults to auto-generated cookie.
ERLANG_OPTIONS: Overwrite additional options passed to erlang while starting ejabberd.

Modules

EJABBERD_SKIP_MODULES_UPDATE: If you do not need to update ejabberd modules specs, skip the update task and speedup start. Defaults to false.
EJABBERD_MOD_MUC_ADMIN: Activate the mod_muc_admin module. Defaults to false.
EJABBERD_MUC_CREATE_ADMIN_ONLY: Only allow admins to create rooms. Defaults to false.
EJABBERD_MOD_ADMIN_EXTRA: Activate the mod_admin_extra module. Defaults to true.
EJABBERD_REGISTER_ADMIN_ONLY: Only allow admins to register users. Defaults to false.
EJABBERD_REGISTER_TRUSTED_NETWORK_ONLY: Only allow user registration from the trusted_network access rule. Defaults to true.
EJABBERD_MOD_VERSION: Activate the mod_version module. Defaults to true.
EJABBERD_SOURCE_MODULES: List of modules, which will be installed from sources localized in ${EJABBERD_HOME}/module_source.
EJABBERD_CONTRIB_MODULES: List of modules, which will be installed from contrib repository.
EJABBERD_RESTART_AFTER_MODULE_INSTALL: If any modules were installed, restart the server, if the option is enabled.
EJABBERD_CUSTOM_AUTH_MODULE_OVERRIDE: If a custom module was defined for handling auth, we need to override the pre-defined auth methods in the config.

Logging

Use the EJABBERD_LOGLEVEL environment variable to set verbosity. Defaults to 4 (Info).

loglevel: Verbosity of log files generated by ejabberd.
0: No ejabberd log at all (not recommended)
1: Critical
2: Error
3: Warning
4: Info
5: Debug

Mount Configurations

If you prefer to use your own configuration files and avoid passing docker environment variables (-e), you can do so by mounting a host directory. Pass in an additional -v to the docker run command, like so:

docker run -d \
    --name "ejabberd" \
    -p 5222:5222 \
    -p 5269:5269 \
    -p 5280:5280 \
    -h 'xmpp.example.de' \
    -v /<host_path>/conf:/opt/ejabberd/conf \
    rroemhild/ejabberd

Your /<host_path>/conf folder should look like so:

/<host_path>/conf/
├── ejabberdctl.cfg
├── ejabberd.yml
└── inetrc

Example configuration files can be downloaded from the ejabberd github page.

When these files exist in /opt/ejabberd/conf, the run script will ignore the configuration templates.

MySQL Everything

You may use MySQL as a default database for all module that supports MySQL.

EJABBERD_CONFIGURE_ODBC: Set this to true to enable ODBC plugin
EJABBERD_ODBC_TYPE: Set this to mysql
EJABBERD_ODBC_SERVER: domain or ip to MySQL Server
EJABBERD_ODBC_DATABASE: MySQL database name
EJABBERD_ODBC_USERNAME: MySQL username
EJABBERD_ODBC_PASSWORD: MySQL password
EJABBERD_AUTH_METHOD: Set to sql to enable storing authentication using MySQL Auth internal implementation.

Maintenance

The ejabberdctl command is in the search path and can be run by:

docker exec CONTAINER ejabberdctl help

Register Users

docker exec CONTAINER ejabberdctl register user XMPP_DOMAIN PASSWORD

Creating Backups

Create a backupfile with ejabberdctl and copy the file from the container to localhost

docker exec CONTAINER ejabberdctl backup /opt/ejabberd/backup/ejabberd.backup
docker cp CONTAINER:/opt/ejabberd/backup/ejabberd.backup /tmp/ejabberd.backup

Restoring Backups

Copy the backupfile from localhost to the running container and restore with ejabberdctl

docker cp /tmp/ejabberd.backup CONTAINER:/opt/ejabberd/backup/ejabberd.backup
docker exec CONTAINER ejabberdctl restore /opt/ejabberd/backup/ejabberd.backup

Debug

Erlang Shell

Set -i and -t option and append live to get an interactive erlang shell:

docker run -i -t -P rroemhild/ejabberd live

You can terminate the erlang shell with q()..

System Shell

docker run -i -t rroemhild/ejabberd shell

System Commands

docker run -i -t rroemhild/ejabberd env

Exposed Ports

4560 (XMLRPC)
5222 (Client 2 Server)
5269 (Server 2 Server)
5280 (HTTP admin/websocket/http-bind)
5443 (HTTP Upload)

docker-ejabberd's People

Stargazers

Watchers

Forkers

srijak exister olragon swvit-dl benlangfeld nessamurmur gotomypc blurryroots gitter-badger andrius asqar slmingol flecno inotnako linearregression vleushin anagromataf chaitanya-bhagavan ypid tommyziegler dirkmoors rhalukongor athom hbouvier tari picorb stettberger kuryaki miracle2k kevineverywhere andrewrothstein martinespinach shaan7 agp8x swcho stevenpreston easyarmdocker guillemsola digidesk-io digideskio may215 pierreprodel fischerman solidnerd azhao1981 goern who sulphur sudohippie z0r1k etataurov joshuacox rcoup janekolszak kirillzh cega huoxin8226 marktran michaeljohneduave icewind1991 oscar-garcia ibasaran paramah dvf sho2010 kazuki-k-ito hawliczek pdorofiejczyk pipo02mix nagua maxwellbo nilportugues liverbool nurse-curtis rviau42 satish-olx sigmundv umutcetinkaya heropd mazdermind invokit russlan-kravec jameshulse jonathanperret execgit tiagoor zhijie cujamin melvinkcx mwlczk i78 vrsource jacksgt moberghammer svenuthe javacspring jasonrivers vbauchart sahibzadafahad99 alexcustos

docker-ejabberd's Issues

SSL/TLS handshake error

Hi, I'm using your repo for testing purposes on my Mac. When establishing a connection from a client, this error is thrown:

21:09:14.469 [error] TLS error = SSL_do_handshake failed: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol

Per command line argument I forwarded these ports:

5222:5222
5269:5269
5280:5280
5223:5223

As I am not so experienced with Docker yet, this can also be a configuration fault…

Certificate recognition fails with dashed domain

My container keeps generating snakeoil certificates for my XMPP domain, even though I have supplied the correct environment variable.

The reason might be that in the 01_write_certifiates_from_env.sh script, it is checked if the variable is set, however it fails due to bash not recognizing variables with dashes in their names. Maybe dashes could simply be replaced with nothing or another character.

docker-compose-cluster example doesn't appear to work

Repro:

Step 1: Get a fresh copy of the code and set up a cluster

[email protected]:~$ cd `mktemp -d /tmp/tmp.XXXXXXXXXX`
[email protected]:/tmp/tmp.SCu672Diq2$ git clone https://github.com/rroemhild/docker-ejabberd.git -q
[email protected]:/tmp/tmp.SCu672Diq2$ cd docker-ejabberd/examples/docker-compose-cluster;
[email protected]:/tmp/tmp.SCu672Diq2/docker-ejabberd/examples/docker-compose-cluster$ docker-compose build --no-cache
Building ejabberd...
Step 0 : FROM rroemhild/ejabberd
 ---> d2f183b2ce58
Step 1 : ENV EJABBERD_HOME /opt/ejabberd
 ---> Running in c5071006ba67
 ---> 7ce07ba1b59d
Removing intermediate container c5071006ba67
Step 2 : COPY ./scripts $EJABBERD_HOME/scripts
 ---> b5e35ba08990
Removing intermediate container 8a95107d9ae5
Successfully built b5e35ba08990
dnsdock uses an image, skipping
[email protected]:/tmp/tmp.SCu672Diq2/docker-ejabberd/examples/docker-compose-cluster$ docker-compose up -d
Creating dockercomposecluster_ejabberd_1...
Creating dockercomposecluster_dnsdock_1...
[email protected]:/tmp/tmp.SCu672Diq2/docker-ejabberd/examples/docker-compose-cluster$ docker-compose scale ejabberd=4
Creating and starting 2... done
Creating and starting 3... done
Creating and starting 4... done

Step 2: Attempt to connect, and attempt to see if any ports are active
Note 1: I have the example.com domain configured to hit localhost in my /etc/hosts.
Note 2: I am using an npm package called xmpp-ping to test connectivity.

[email protected]:~$ xmpp-ping -d example.com -j [email protected] -p test321
{ [Error: connect ECONNREFUSED]
  code: 'ECONNREFUSED',
  errno: 'ECONNREFUSED',
  syscall: 'connect' }
Exiting process
[email protected]:~$ sudo lsof -i :5222
[email protected]:~$ sudo lsof -i :5269
[email protected]:~$ sudo lsof -i :5280

The docker-compose example does work, however:

[email protected]:~$ cd `mktemp -d /tmp/tmp.XXXXXXXXXX
[email protected]:/tmp/tmp.xW93SesIhc$ git clone https://github.com/rroemhild/docker-ejabberd.git -q
[email protected]:/tmp/tmp.xW93SesIhc$ cd docker-ejabberd/examples/docker-compose
[email protected]:/tmp/tmp.xW93SesIhc/docker-ejabberd/examples/docker-compose$ docker-compose build --no-cache
ejabberd uses an image, skipping
[email protected]:/tmp/tmp.xW93SesIhc/docker-ejabberd/examples/docker-compose$ docker-compose up -d
Creating dockercompose_ejabberd_1...
[email protected]:/tmp/tmp.xW93SesIhc/docker-ejabberd/examples/docker-compose$ xmpp-ping -d example.com -j [email protected] -p password4321
Connection successfull. Will now begin pinging at a rate of 1 ping per 1000ms
Sending ping stanza:
<iq from="[email protected]" to="example.com" type="get" id="0cb98a7b-9c3a-4248-b812-a1f7084808fa"><ping xmlns="urn:xmpp:ping"/></iq>
Received stanza:
<iq from="example.com" to="[email protected]/2245026981443832090542227" id="0cb98a7b-9c3a-4248-b812-a1f7084808fa" type="result" xmlns:stream="http://etherx.jabber.org/streams"/>
Sending ping stanza:
<iq from="[email protected]" to="example.com" type="get" id="8fbb59a1-0c1e-4799-85b7-6c498a3df43a"><ping xmlns="urn:xmpp:ping"/></iq>
Received stanza:
<iq from="example.com" to="[email protected]/2245026981443832090542227" id="8fbb59a1-0c1e-4799-85b7-6c498a3df43a" type="result" xmlns:stream="http://etherx.jabber.org/streams"/>
Sending ping stanza:
<iq from="[email protected]" to="example.com" type="get" id="9a1bef48-5d56-4b67-b077-5db9baaf8545"><ping xmlns="urn:xmpp:ping"/></iq>
Received stanza:
<iq from="example.com" to="[email protected]/2245026981443832090542227" id="9a1bef48-5d56-4b67-b077-5db9baaf8545" type="result" xmlns:stream="http://etherx.jabber.org/streams"/>
^C
[email protected]:~$ sudo lsof -i :5222
COMMAND   PID USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME
docker  18728 root    5u  IPv6 54484171      0t0  TCP *:xmpp-client (LISTEN)
[email protected]:~$ sudo lsof -i :5269
COMMAND   PID USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME
docker  18721 root    5u  IPv6 54482419      0t0  TCP *:xmpp-server (LISTEN)
[email protected]:~$ sudo lsof -i :5280
COMMAND   PID USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME
docker  18709 root    5u  IPv6 54484161      0t0  TCP *:5280 (LISTEN)

Cannot start creating config file

Hi,

Tried with a couple of versions. Image starts but it suddenly fails. I can see this in the logs

writing ssl cert and private key to '/opt/ejabberd/ssl/host.pem'...
Missing ssl cert for your xmpp domain. Generating snakeoil ssl cert for example.cat...
Generating a 2048 bit RSA private key
....+++
..............................+++
writing new private key to '/tmp/selfsigned.key'
-----
Writing ssl cert and private key to '/opt/ejabberd/ssl/example.cat.pem'...
Generating ejabberd config file...
Traceback (most recent call last):
  File "<string>", line 7, in <module>
  File "/usr/lib/python2.7/dist-packages/jinja2/environment.py", line 969, in render
    return self.environment.handle_exception(exc_info, True)
  File "/usr/lib/python2.7/dist-packages/jinja2/environment.py", line 742, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "<template>", line 133, in top-level template code
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc2 in position 11: ordinal not in range(128)

Best way to run command after setup.

Hello @rroemhild. I'm very happy with this docker image. Thank you. What is killing me however is running an automated command after every startup. I've tried CMD with sleep timers. I've tried adding to the start up scripts. I cannot seem to get it to work. What would your suggestion be?

Thank you very much.

"This account is currently not available." after update from lxc-docker 1.6.2 to 1.7.0

Trying to run

docker exec ejabberd ejabberdctl

Kept getting "This account is currently not available."

If I use

docker exec ejabberd chsh /bin/bash/ejabberd

to change the ejabberd shell from nologin to bash then I can docker exec ejabberdctl without issue.

Happened after updating docker from 1.6.2 to 1.7 (debian wheezy images from docker's repo). Not found anything yet on whether this is intentional in 1.7 - but - I thought I'd mention that it seems to break exec with nologin and therefore ejabberdctl for me.

Can't seem to access web/websocket port

So I ran the image using the example command, but I cannot seem to get a response on localhost:5280 while the other two ports seem to respond with xml which seems to be stream initiation requests.

Is there something specific I have to do to get websocket stuff to work, or even be able to see the admin interface?

Bending ejabberd to behave like a 12factor app

12factor specifies a couple of important behaviours of compliant applications which make running heterogenous collections of apps easier. I'd like to figure out here, if we can, how to make ejabberd conform to these.

Logging to stdout

ejabberd has several log files (crash.log, ejabberd.log, error.log). Additionally, if one uses an extauth script as I do, its logging has to be written to disk separately as stdout is used for communicating with ejabberd.

It seems like the only way to deal with this is to watch those files in a wrapper script (set as Docker's ENTRYPOINT) and print to stdout, though I'd love to hear any other ideas

Graceful shutdown on SIGTERM

Unfortunately ejabberd in live mode as is currently used does not do this and instead requires two SIGTERMs to shut down, waiting on console input at the first SIGTERM like so:

^C
BREAK: (a)bort (c)ontinue (p)roc info (i)nfo (l)oaded
       (v)ersion (k)ill (D)b-tables (d)istribution

I think the only way around this without modifying ejabberd is to run using ejabberdctl start, monitoring the process and and invoking ejabberdctl to shutdown on SIGTERM.

Is this crazy?

Config in the runtime environment

I've addressed this at #4.

Getting error "name seems to be in use by another erlang node"

Hi,
I was trying to create a cluster of two ejabberd node running the same domain using ejabberd docker container:

docker run -d \

--name "ejabberd1" -v /etc/hosts:/etc/hosts \

-h 'node1.example.de' \

-e "XMPP_DOMAIN=example.de" \

-e "[email protected]" \

-e "TZ=Europe/Berlin" \

rroemhild/ejabberd

docker run -d \

--name "ejabberd2" -v /etc/hosts:/etc/hosts \

-h 'node2.example.de' \

-e "XMPP_DOMAIN=example.de" \

-e "[email protected]" \

-e "TZ=Europe/Berlin" \

rroemhild/ejabberd

but it is giving me the following error, while joining the node2 node from node1:

ejabberdctl join_cluster '[email protected]'

{error_logger,{{2015,8,3},{9,34,15}},"Protocol: ~tp: the name [email protected] seems to be in use by another Erlang node",["inet_tcp"]}

{error_logger,{{2015,8,3},{9,34,15}},crash_report,[[{initial_call,{net_kernel,init,['Argument__1']}},{pid,<0.20.0>},{registered_name,[]},{error_info,{exit,{error,badarg},[{gen_server,init_it,6,[{file,"gen_server.erl"},{line,322}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,237}]}]}},{ancestors,[net_sup,kernel_sup,<0.10.0>]},{messages,[]},{links,[#Port<0.99>,<0.17.0>]},{dictionary,[{longnames,true}]},{trap_exit,true},{status,running},{heap_size,610},{stack_size,27},{reductions,750}],[]]}

{error_logger,{{2015,8,3},{9,34,15}},supervisor_report,[{supervisor,{local,net_sup}},{errorContext,start_error},{reason,{'EXIT',nodistribution}},{offender,[{pid,undefined},{name,net_kernel},{mfargs,{net_kernel,start_link,[['[email protected]',longnames]]}},{restart_type,permanent},{shutdown,2000},{child_type,worker}]}]}

{error_logger,{{2015,8,3},{9,34,15}},supervisor_report,[{supervisor,{local,kernel_sup}},{errorContext,start_error},{reason,{shutdown,{failed_to_start_child,net_kernel,{'EXIT',nodistribution}}}},{offender,[{pid,undefined},{name,net_sup},{mfargs,{erl_distribution,start_link,[]}},{restart_type,permanent},{shutdown,infinity},{child_type,supervisor}]}]}

{error_logger,{{2015,8,3},{9,34,15}},crash_report,[[{initial_call,{application_master,init,['Argument__1','Argument__2','Argument__3','Argument__4']}},{pid,<0.9.0>},{registered_name,[]},{error_info,{exit,{{shutdown,{failed_to_start_child,net_sup,{shutdown,{failed_to_start_child,net_kernel,{'EXIT',nodistribution}}}}},{kernel,start,[normal,[]]}},[{application_master,init,4,[{file,"application_master.erl"},{line,133}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,237}]}]}},{ancestors,[<0.8.0>]},{messages,[{'EXIT',<0.10.0>,normal}]},{links,[<0.8.0>,<0.7.0>]},{dictionary,[]},{trap_exit,true},{status,running},{heap_size,376},{stack_size,27},{reductions,117}],[]]}

{error_logger,{{2015,8,3},{9,34,15}},std_info,[{application,kernel},{exited,{{shutdown,{failed_to_start_child,net_sup,{shutdown,{failed_to_start_child,net_kernel,{'EXIT',nodistribution}}}}},{kernel,start,[normal,[]]}}},{type,permanent}]}

{"Kernel pid terminated",application_controller,"{application_start_failure,kernel,{{shutdown,{failed_to_start_child,net_sup,{shutdown,{failed_to_start_child,net_kernel,{'EXIT',nodistribution}}}}},{kernel,start,[normal,[]]}}}"}

Crash dump was written to: //var/log/ejabberd/erl_crash_20150803-093414.dump

Kernel pid terminated (application_controller) ({application_start_failure,kernel,{{shutdown,{failed_to_start_child,net_sup,{shutdown,{failed_to_start_child,net_kernel,{'EXIT',nodistribution}}}}},{k

root@node2:~~# root@boot2docker:~~# Connection to localhost closed by remote host.

error in run: exit status 255

Would be thankful if any help can be provided to resolve it.

Wha's the preferred way of installing modules ?

Using this images, what's the preferred way of installing modules into the ejabberd sources folder?

Currently, I am doing this:

docker run ... rroemhild/ejabberd
wait for ejabberd to start ...
docker cp ./mod_my_custom_module ejabberd:/opt/ejabberd/.ejabberd-modules/sources/.
docker exec -it ejabberd ejabberdctl module_install mod_my_custom_module
docker exec -it ejabberd ejabberdctl restart

Can you think of a good way to install these modules before ejabberd starts initially?

How can I use it with mysql?

Hi! Man, how can i use it with mysql database?

Clean ejabberd.yml.tpl file

The sample config file is hard to read with all the comments and unused options. I consider to shrink the config template to the settings this images uses.

Ignore config generation if conf folder contains them

Hi @rroemhild, thanks for this image. Greatly appreciate it.

As an improvement, in addition to passing in env variables in the run command it would be great if the container could read the config files from the host machine directly (via mount). By doing something like

docker run -v /opt/volumes/ejabberd/conf:/opt/ejabberd/conf ...

Where /opt/volumes/ejabberd/conf on my host machine would look like:

/opt/volumes/ejabberd/conf/
├── ejabberdctl.cfg
├── ejabberd.yml
└── inetrc

This would enable easy manipulation of configurations with out touching the templates and addition of new variables.

The fix seems simple and I can submit a PR if you are willing to take it.

Docker registry: add release: 15.04

Related to: #63

Could you create an automated build on a branch '15.04' (and merge that branch with #60, so it is up to date in terms of functionality, with master)

Ejabberd doesn't advertise stream features

Hi,
I started the container for localhost development with docker-compose and XMPP clients can't connect.

The problem seems to be that there's no in the features stream.

Features:

<stream:features xmlns:stream='http://etherx.jabber.org/streams'>
    <c xmlns='http://jabber.org/protocol/caps' hash='sha-1' node='http://www.process-one.net/en/ejabberd/' ver='1h0AkH4ZFdRE+5QKmkJjNRZy5yQ='/>
    <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'><required/></starttls>
</stream:features>

docker-compose.yml:

ejabberd:
  image: rroemhild/ejabberd
  ports:
    - 5222:5222
    - 5269:5269
    - 5280:5280
  environment:
    - ERLANG_NODE=ejabberd
    - XMPP_DOMAIN=localhost
    - EJABBERD_ADMINS=admin@localhost
    - EJABBERD_USERS=admin@localhost:password4321
    - EJABBERD_AUTH_METHOD=internal

Thanks!

Error executing the ejabberd installer

Hi,
when i'm trying to build the image from the Dockerfile, in the installation step. If use directly the image from the registry all works well, do you know where could be the problem? I need to build the image cause i need to add something to the config file.
Thank you in advance,
Regards

Cannot enter ejabberd debug

While experimenting with a your docker image as a base image, I noticed that It was impossible for me to go into ejabberdctl debug mode?

My use case for this is the configuration of a multi-master fault tolerant cluster (based on http://chad.ill.ac/post/55193155663/easy-ejabberd-clustering-multi-master-fault), which I want to automate as much as possible.

If i run 'docker exec -ti jabber ejabberdctl debug', the command 'freezes' until I press CTRL-C.

If I would be possible to define a cluster during docker build time, or via the 'run' script, it would be awesome because I would't need the debug shell then...

admin interface fails to connect

after starting with this command

docker run -d --name ejabberd -P     -e "XMPP_DOMAIN=foo.com"     -e "[email protected] [email protected]"     -e "EJABBERD_AUTO_RANDPWD=true"     rroemhildjabberd

and connecting to 5280, I can see the TLS ports starting but I get no data to the browser:

02:18:05.737 [info] (#Port<0.7340>) Accepted connection 10.1.2.34:51337 -> 172.17.0.79:5280
02:18:05.738 [info] started: {p1_tls,{tlssock,#Port<0.7340>,#Port<0.7341>}}

When installing modules, they should be copied to ejabberdctl module folder

@who i'm just trying to understand the mechanism that loads modules from the "outside", and i see that you did the original pull request, so here goes;

https://github.com/rroemhild/docker-ejabberd/blob/master/scripts/post/11_ejabberd_install_modules.sh#L14

Shouldn't the script that installs "sideloaded" modules copy them to ejabberdctl's $CONTRIB_MODULES_PATH, rather than

${EJABBERD_HOME}/.ejabberd-modules/sources/${module_name}

Furthermore, i'm not sure ${module_name} should be a part of the path.
When i do

docker run -v ./ejabberd/module_source/:/opt/ejabberd/module_source/ ...

where the source contains a module, mod_offline_push, the structure will end up as

${EJABBERD_HOME}/.ejabberd-modules/sources/mod_offline_push/mod_offline_push

and the installation will fail miserably;

ejabberd_1  | Error: [{missing,"mod_offline_push.spec"},
ejabberd_1  |         {missing,"COPYING"},
ejabberd_1  |         {missing,"README.txt"},
ejabberd_1  |         {missing,"src (Erlang) or lib (Elixir) sources directory"},
ejabberd_1  |         {invalid_spec,"no such file or directory"}]

LDAP Support

Add environment variables to configure LDAP Authentication. See: https://www.process-one.net/docs/ejabberd/guide_en.html#ldapcommonexample

Might be able to help with implementation/testing.

Build fail with docker 1.4.1

On Ubuntu 12.04.05 with docker:

Client version: 1.4.1
Client API version: 1.16
Go version (client): go1.3.3
Git commit (client): 5bc2ff8
OS/Arch (client): linux/amd64
Server version: 1.4.1
Server API version: 1.16
Go version (server): go1.3.3
Git commit (server): 5bc2ff8

$ docker build --no-cache -t ejabberd:test .
Sending build context to Docker daemon 31.74 kB
Sending build context to Docker daemon 
Step 0 : FROM ubuntu:14.04
 ---> b39b81afc8ca
Step 1 : MAINTAINER Rafael Römhild <[email protected]>
 ---> Running in 74ecc2ead799
 ---> e35e425ff66f
Removing intermediate container 74ecc2ead799
Step 2 : ENV EJABBERD_VERSION 14.12
 ---> Running in c3d18ac75073
 ---> 2099f0119fb9
Removing intermediate container c3d18ac75073
Step 3 : ENV EJABBERD_USER ejabberd
 ---> Running in d81a1cf69909
 ---> 3e071a3584b8
Removing intermediate container d81a1cf69909
Step 4 : ENV EJABBERD_ROOT /opt/ejabberd
 ---> Running in 00e204c95e37
 ---> f02daa84ef69
Removing intermediate container 00e204c95e37
Step 5 : ENV HOME $EJABBERD_ROOT
 ---> Running in ff1d81455e3a
 ---> d4a3335aa878
Removing intermediate container ff1d81455e3a
Step 6 : ENV PATH $EJABBERD_ROOT/bin:/usr/sbin:/usr/bin:/sbin:/bin
 ---> Running in beabd31fe9a9
 ---> 431ec2e445c7
Removing intermediate container beabd31fe9a9
Step 7 : ENV DEBIAN_FRONTEND noninteractive
 ---> Running in d8024d1a3ba5
 ---> 5bb9bc0b2e6c
Removing intermediate container d8024d1a3ba5
Step 8 : RUN groupadd -r $EJABBERD_USER     && useradd -r -m        -g $EJABBERD_USER        -d $EJABBERD_ROOT        -s /usr/sbin/nologin        $EJABBERD_USER
 ---> Running in 5c561ef06cfb
 ---> 9c74581e7bfb
Removing intermediate container 5c561ef06cfb
Step 9 : RUN apt-get update && apt-get -y install         wget         libyaml-0-2         python-jinja2     && rm -rf /var/lib/apt/lists/*
 ---> Running in d9c31abc75b2
Ign http://archive.ubuntu.com trusty InRelease
Ign http://archive.ubuntu.com trusty-updates InRelease
Ign http://archive.ubuntu.com trusty-security InRelease
Hit http://archive.ubuntu.com trusty Release.gpg
Get:1 http://archive.ubuntu.com trusty-updates Release.gpg [933 B]
Get:2 http://archive.ubuntu.com trusty-security Release.gpg [933 B]
Hit http://archive.ubuntu.com trusty Release
Get:3 http://archive.ubuntu.com trusty-updates Release [62.0 kB]
Get:4 http://archive.ubuntu.com trusty-security Release [62.0 kB]
Get:5 http://archive.ubuntu.com trusty/main Sources [1335 kB]
Get:6 http://archive.ubuntu.com trusty/restricted Sources [5335 B]
Get:7 http://archive.ubuntu.com trusty/universe Sources [7926 kB]
Get:8 http://archive.ubuntu.com trusty/main amd64 Packages [1743 kB]
Get:9 http://archive.ubuntu.com trusty/restricted amd64 Packages [16.0 kB]
Get:10 http://archive.ubuntu.com trusty/universe amd64 Packages [7589 kB]
Get:11 http://archive.ubuntu.com trusty-updates/main Sources [203 kB]
Get:12 http://archive.ubuntu.com trusty-updates/restricted Sources [1874 B]
Get:13 http://archive.ubuntu.com trusty-updates/universe Sources [121 kB]
Get:14 http://archive.ubuntu.com trusty-updates/main amd64 Packages [518 kB]
Get:15 http://archive.ubuntu.com trusty-updates/restricted amd64 Packages [14.8 kB]
Get:16 http://archive.ubuntu.com trusty-updates/universe amd64 Packages [313 kB]
Get:17 http://archive.ubuntu.com trusty-security/main Sources [79.3 kB]
Get:18 http://archive.ubuntu.com trusty-security/restricted Sources [1874 B]
Get:19 http://archive.ubuntu.com trusty-security/universe Sources [19.1 kB]
Get:20 http://archive.ubuntu.com trusty-security/main amd64 Packages [251 kB]
Get:21 http://archive.ubuntu.com trusty-security/restricted amd64 Packages [14.8 kB]
Get:22 http://archive.ubuntu.com trusty-security/universe amd64 Packages [109 kB]
Fetched 20.4 MB in 15s (1297 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
The following extra packages will be installed:
  ca-certificates libidn11 libpython-stdlib libpython2.7-minimal
  libpython2.7-stdlib openssl python python-markupsafe python-minimal
  python-pkg-resources python2.7 python2.7-minimal
Suggested packages:
  python-doc python-tk python-jinja2-doc python-distribute
  python-distribute-doc python2.7-doc binutils binfmt-support
The following NEW packages will be installed:
  ca-certificates libidn11 libpython-stdlib libpython2.7-minimal
  libpython2.7-stdlib libyaml-0-2 openssl python python-jinja2
  python-markupsafe python-minimal python-pkg-resources python2.7
  python2.7-minimal wget
0 upgraded, 15 newly installed, 0 to remove and 0 not upgraded.
Need to get 5044 kB of archives.
After this operation, 19.8 MB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main libidn11 amd64 1.28-1ubuntu2 [93.0 kB]
Get:2 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libyaml-0-2 amd64 0.1.4-3ubuntu3.1 [48.1 kB]
Get:3 http://archive.ubuntu.com/ubuntu/ trusty/main libpython2.7-minimal amd64 2.7.6-8 [307 kB]
Get:4 http://archive.ubuntu.com/ubuntu/ trusty/main python2.7-minimal amd64 2.7.6-8 [1190 kB]
Get:5 http://archive.ubuntu.com/ubuntu/ trusty-updates/main openssl amd64 1.0.1f-1ubuntu2.8 [489 kB]
Get:6 http://archive.ubuntu.com/ubuntu/ trusty/main ca-certificates all 20130906ubuntu2 [175 kB]
Get:7 http://archive.ubuntu.com/ubuntu/ trusty-updates/main wget amd64 1.15-1ubuntu1.14.04.1 [269 kB]
Get:8 http://archive.ubuntu.com/ubuntu/ trusty/main libpython2.7-stdlib amd64 2.7.6-8 [1872 kB]
Get:9 http://archive.ubuntu.com/ubuntu/ trusty/main libpython-stdlib amd64 2.7.5-5ubuntu3 [7012 B]
Get:10 http://archive.ubuntu.com/ubuntu/ trusty/main python2.7 amd64 2.7.6-8 [197 kB]
Get:11 http://archive.ubuntu.com/ubuntu/ trusty/main python-minimal amd64 2.7.5-5ubuntu3 [27.5 kB]
Get:12 http://archive.ubuntu.com/ubuntu/ trusty/main python amd64 2.7.5-5ubuntu3 [134 kB]
Get:13 http://archive.ubuntu.com/ubuntu/ trusty/main python-markupsafe amd64 0.18-1build2 [14.3 kB]
Get:14 http://archive.ubuntu.com/ubuntu/ trusty/main python-jinja2 all 2.7.2-2 [161 kB]
Get:15 http://archive.ubuntu.com/ubuntu/ trusty/main python-pkg-resources all 3.3-1ubuntu1 [61.9 kB]
Preconfiguring packages ...
Fetched 5044 kB in 6s (793 kB/s)
Selecting previously unselected package libidn11:amd64.
(Reading database ... 11527 files and directories currently installed.)
Preparing to unpack .../libidn11_1.28-1ubuntu2_amd64.deb ...
Unpacking libidn11:amd64 (1.28-1ubuntu2) ...
Selecting previously unselected package libyaml-0-2:amd64.
Preparing to unpack .../libyaml-0-2_0.1.4-3ubuntu3.1_amd64.deb ...
Unpacking libyaml-0-2:amd64 (0.1.4-3ubuntu3.1) ...
Selecting previously unselected package libpython2.7-minimal:amd64.
Preparing to unpack .../libpython2.7-minimal_2.7.6-8_amd64.deb ...
Unpacking libpython2.7-minimal:amd64 (2.7.6-8) ...
Selecting previously unselected package python2.7-minimal.
Preparing to unpack .../python2.7-minimal_2.7.6-8_amd64.deb ...
Unpacking python2.7-minimal (2.7.6-8) ...
Selecting previously unselected package openssl.
Preparing to unpack .../openssl_1.0.1f-1ubuntu2.8_amd64.deb ...
Unpacking openssl (1.0.1f-1ubuntu2.8) ...
Selecting previously unselected package ca-certificates.
Preparing to unpack .../ca-certificates_20130906ubuntu2_all.deb ...
Unpacking ca-certificates (20130906ubuntu2) ...
Selecting previously unselected package wget.
Preparing to unpack .../wget_1.15-1ubuntu1.14.04.1_amd64.deb ...
Unpacking wget (1.15-1ubuntu1.14.04.1) ...
Selecting previously unselected package libpython2.7-stdlib:amd64.
Preparing to unpack .../libpython2.7-stdlib_2.7.6-8_amd64.deb ...
Unpacking libpython2.7-stdlib:amd64 (2.7.6-8) ...
Selecting previously unselected package libpython-stdlib:amd64.
Preparing to unpack .../libpython-stdlib_2.7.5-5ubuntu3_amd64.deb ...
Unpacking libpython-stdlib:amd64 (2.7.5-5ubuntu3) ...
Selecting previously unselected package python2.7.
Preparing to unpack .../python2.7_2.7.6-8_amd64.deb ...
Unpacking python2.7 (2.7.6-8) ...
Selecting previously unselected package python-minimal.
Preparing to unpack .../python-minimal_2.7.5-5ubuntu3_amd64.deb ...
Unpacking python-minimal (2.7.5-5ubuntu3) ...
Selecting previously unselected package python.
Preparing to unpack .../python_2.7.5-5ubuntu3_amd64.deb ...
Unpacking python (2.7.5-5ubuntu3) ...
Selecting previously unselected package python-markupsafe.
Preparing to unpack .../python-markupsafe_0.18-1build2_amd64.deb ...
Unpacking python-markupsafe (0.18-1build2) ...
Selecting previously unselected package python-jinja2.
Preparing to unpack .../python-jinja2_2.7.2-2_all.deb ...
Unpacking python-jinja2 (2.7.2-2) ...
Selecting previously unselected package python-pkg-resources.
Preparing to unpack .../python-pkg-resources_3.3-1ubuntu1_all.deb ...
Unpacking python-pkg-resources (3.3-1ubuntu1) ...
Processing triggers for mime-support (3.54ubuntu1.1) ...
Setting up libidn11:amd64 (1.28-1ubuntu2) ...
Setting up libyaml-0-2:amd64 (0.1.4-3ubuntu3.1) ...
Setting up libpython2.7-minimal:amd64 (2.7.6-8) ...
Setting up python2.7-minimal (2.7.6-8) ...
Setting up openssl (1.0.1f-1ubuntu2.8) ...
Setting up ca-certificates (20130906ubuntu2) ...
Setting up wget (1.15-1ubuntu1.14.04.1) ...
Setting up libpython2.7-stdlib:amd64 (2.7.6-8) ...
Setting up libpython-stdlib:amd64 (2.7.5-5ubuntu3) ...
Setting up python2.7 (2.7.6-8) ...
Setting up python-minimal (2.7.5-5ubuntu3) ...
Setting up python (2.7.5-5ubuntu3) ...
Setting up python-markupsafe (0.18-1build2) ...
Setting up python-jinja2 (2.7.2-2) ...
Setting up python-pkg-resources (3.3-1ubuntu1) ...
Processing triggers for libc-bin (2.19-0ubuntu6.5) ...
Processing triggers for ca-certificates (20130906ubuntu2) ...
Updating certificates in /etc/ssl/certs... 164 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....done.
 ---> 5e4d98afb4a9
Removing intermediate container d9c31abc75b2
Step 10 : USER $EJABBERD_USER
 ---> Running in 05254d92f1a6
 ---> 75f59cbf07ae
Removing intermediate container 05254d92f1a6
Step 11 : RUN wget -q -O /tmp/ejabberd-installer.run "http://www.process-one.net/downloads/downloads-action.php?file=/ejabberd/$EJABBERD_VERSION/ejabberd-$EJABBERD_VERSION-linux-x86_64-installer.run"     && chmod +x /tmp/ejabberd-installer.run     && /tmp/ejabberd-installer.run             --mode unattended             --prefix $EJABBERD_ROOT             --adminpw ejabberd     && rm -rf /tmp/*     && mkdir $EJABBERD_ROOT/ssl     && rm -rf $EJABBERD_ROOT/database/ejabberd@localhost
 ---> Running in 25c36819a433
INFO[0092] The command [/bin/sh -c wget -q -O /tmp/ejabberd-installer.run "http://www.process-one.net/downloads/downloads-action.php?file=/ejabberd/$EJABBERD_VERSION/ejabberd-$EJABBERD_VERSION-linux-x86_64-installer.run"     && chmod +x /tmp/ejabberd-installer.run     && /tmp/ejabberd-installer.run             --mode unattended             --prefix $EJABBERD_ROOT             --adminpw ejabberd     && rm -rf /tmp/*     && mkdir $EJABBERD_ROOT/ssl     && rm -rf $EJABBERD_ROOT/database/ejabberd@localhost] returned a non-zero code: 1

Build the image works on CentOS 7.0.1406 with docker:

Client version: 1.3.2
Client API version: 1.15
Go version (client): go1.3.3
Git commit (client): 39fa2fa/1.3.2
OS/Arch (client): linux/amd64
Server version: 1.3.2
Server API version: 1.15
Go version (server): go1.3.3
Git commit (server): 39fa2fa/1.3.2

4369 not open to clusterize ejabberd

Hello,

Im using you latest image but when i try to talk to other ejabberd nodes, the port 4369 seems not open, even with telnet. Have you an idea about that? thank you

Disable anonymous auth?

Does anybody use or need the anonymous auth? I think about to disable this login method by default and provide an environment variable to enable anonauth.

Add license

Please specify a license. MIT would be awesome.

ENV replacement for USER

Using Docker version 1.0.1, build 990021a (the current version given by Ubuntu's apt-get docker.io).
The environment variable replacement for the USER instruction does not appear to expand.

Error is
finalize namespace setup user get supplementary groups Unable to find user $EJABBERD_USER

Changing the USER value to ejabberd allows the image to build. This looks to be an issue with Docker's variable expansion, because their doc says that USER is a supported instruction.

A FYI, I suppose.

Release

This docker image looks awesome, but on which git commit depends :latest pushed docker image? I ran in the same host/domain snakeoil typo, which is fixed on master. Can you release this docker images with tags, please?

Can your explain me the meaning of --adminpw? Is this password the login of admin@{{xmpp_host_name}}?

Erlang shell crashes with missing //etc/ejabberd/ejabberd.yml file

I run, as described in your README:

docker run -i -t -P rroemhild/ejabberd live

and then I get this and it crashes:

Starting ejabberd in 'live' mode...
sed: can't read //etc/ejabberd/ejabberd.yml: No such file or directory
sed: can't read //etc/ejabberd/ejabberd.yml: No such file or directory
sed: can't read //etc/ejabberd/ejabberd.yml: No such file or directory
sed: can't read //etc/ejabberd/ejabberd.yml: No such file or directory

IMPORTANT: ejabberd is going to start in LIVE (interactive) mode.
All log messages will be shown in the command shell.
You can interact with the ejabberd node if you know how to use it.
Please be extremely cautious with your actions,
and exit immediately if you are not completely sure.

To exit this LIVE mode and stop ejabberd, press:
q(). and press the Enter key

To bypass permanently this warning, add to ejabberdctl.cfg the line:
EJABBERD_BYPASS_WARNINGS=true
Press return to continue

Erlang/OTP 17 [erts-6.2] [source] [64-bit] [async-threads:10] [kernel-poll:true]

Eshell V6.2 (abort with ^G)
(ejabberd@localhost)1> 15:20:31.167 [info] Application lager started on node ejabberd@localhost
15:20:31.177 [info] Application crypto started on node ejabberd@localhost
15:20:31.193 [info] Application sasl started on node ejabberd@localhost
15:20:31.219 [info] Application asn1 started on node ejabberd@localhost
15:20:31.225 [info] Application public_key started on node ejabberd@localhost
15:20:31.254 [info] Application ssl started on node ejabberd@localhost
15:20:31.261 [info] Application p1_yaml started on node ejabberd@localhost
15:20:31.283 [info] Application p1_tls started on node ejabberd@localhost
15:20:31.294 [info] Application p1_xml started on node ejabberd@localhost
15:20:31.308 [info] Application p1_stringprep started on node ejabberd@localhost
15:20:31.314 [info] Application p1_zlib started on node ejabberd@localhost
15:20:31.333 [info] Application cache_tab started on node ejabberd@localhost
15:20:31.524 [info] Application mnesia started on node ejabberd@localhost
15:20:32.269 [info] Application inets started on node ejabberd@localhost
15:20:32.287 [error] Cannot load //etc/ejabberd/ejabberd.yml: no such file or directory

Crash dump was written to: //var/log/ejabberd/erl_crash_20160301-152022.dump
Cannot load //etc/ejabberd/ejabberd.yml: no such file or directory

Keyserver issue

Hi,

While rebuilding the docker image, I'm running into the following issue:

hkps.pool.sks-keyservers.net: Host not found

Do we have an alternative keyserver?

Is there a reason why ERL_OPTIONS: "-noshell" is not the default?

I've run into this because the orchestrator I am using doesn't pass -i either.

I think the container could simply set this by default. In case it is needed for interactive use, it should probably be possible to test if a terminal is attached, and then do the right thing.

Riak Support

Is Riak supported out of the box with this or so i need to make some changes (other than the riak config settings in ejabberd.yml) ?

I can't get it working as discussed at http://stackoverflow.com/questions/35200202/ejabberd-with-riak

Multiple XMPP domains

Possibility to set multiple XPMM Domains with XMPP_DOMAIN environment variable as mentioned by @slmingol in #11 (comment).

Switch to debian base image

I consider to switch to debian:7 base image. This will make the ejabberd docker image ~80MB smaller. The Ejabberd installer has Erlang binaries so we don't depend on the Erlang version from the apt repos.

Template lacks quotes for ldap_filter

The ldap_filter (conf/ejabberd.yml.tpl line 173) in the ejabberd config template should be enclosed in quotes, same as the ldap_base in line 163. This can be circumvented by adding the quotes into the environment variable, but this is inconsistent with the handling of the other variables.

container exits if user/admin already exists

ejabberd_1  | 12:52:40.238 [debug] Executing command ejabberd_admin:register with Args=[<<"xmlrpc">>,<<"example.com">>,<<"compapassword">>]
ejabberd_1  | User [email protected] already registered at node ejabberd@localhost
deployment_ejabberd_1 exited with code 1

20_ejabberd_register_users.sh calls ejabberdctl register and checks exit code,
but it sources base_config.sh, which sets set -e.
So the script just exits along with container

Automate cluster joining

It would be an awesome feature to be able to automatically join a cluster of ejabberd nodes.

Some basic but important info can be found here http://docs.ejabberd.im/admin/guide/clustering/

1. Providing nodes via ENV or extra config file?

It seems doable and fairly easy?

I could image a scenario where I would make a private docker image based on 'docker-ejabberd', where I would provide a file 'extra-hosts', which looks like /etc/hosts, e.g.:

192.168.1.10 service1 service1-alias
192.168.1.11 service2 service2-alias
192.168.1.12 service3 service3-alias

During docker build-time, this file would simply be copied inside the docker image to a file, e.g. /etc/extra-hosts (maybe configurable via an environment variable like $EXTRA_HOSTS_FILE?).

At run time, a shell script would check for the existence of $EXTRA_HOSTS_FILE, and if it exists, copy all lines to /etc/hosts, and if needed, reload the local DNS resolving.

This would allow for manually joining a cluster, because all nodes are now able to connect to the other nodes, based on their hostnames:

# At the node 'ejabberd@service1', I would call the following:
$ ejabberdctl join_cluster 'ejabberd@service2'
$ ejabberdctl join_cluster 'ejabberd@service3'

# At the node 'ejabberd@service2', I would call the following:
$ ejabberdctl join_cluster 'ejabberd@service1'
$ ejabberdctl join_cluster 'ejabberd@service3'

# At the node 'ejabberd@service3', I would call the following:
$ ejabberdctl join_cluster 'ejabberd@service1'
$ ejabberdctl join_cluster 'ejabberd@service2'

2. Automatically joining the cluster, based on ENV or extra config file?

Given the fact the we're able to connect to the other nodes, based on their hostnames (see previous topic), it should be doable to automatically join a cluster, based on supplied ENV variables or an extra config file

Imagine the following config file: ./conf/cluster, containing a node definition on each line:

ejabberd@service1
ejabberd@service2
ejabberd@service3

A post run script could then iterate over these node definitions, and if it discovers it is a remote node, call the 'ejabberdctl join_cluster node' command.

I believe this would be a straightforward way to automate the last step of the previous topic.

Remarks:

'race condition' danger
- Nodes could be still booting when the automatic joining is being performed, making the joining fail. This could be overcome by retrying to join after a failed attempt?
Discovering other nodes dynamically?
- Out of scope, and probably not that easy...

Automatically provisioning administrator(s)

I would like to automatically provision administrator(s) while deploying or starting the docker image.
I would not mind adding username and password for the administrator(s) in the docker file or in the environment variables of the docker hosts.

I'm running into a 'chicken or the egg' problem here;
If I add exec 'ejabberdctl register admin domain passwd' before the ejabberd is running, It fails. If I want to run it afterwards, I can't run it because the ejabberd server is blocking...

Could you point out how I can facilitate such use case with this docker image/run script?

Docker registry: add release: 15.07

Related to: #63

Could you merge an tag #59, and create an automated build on a branch '15.07' for this version?

cannot register users

There is an error in v16.08 that causes registers to not be able to register on some systems

More info here
http://stackoverflow.com/questions/38810951/ejabberd-user-registration-command-fails-with-error-access-rules-unauthorized

Docker registry: add multiple releases

I'm currently working on a Python library (https://github.com/dirkmoors/pyejabberd) that implements the Ejabberd XMLRPC api. I would like to perform integration tests against multiple versions of Ejabberd. Could you please add more releases to your Docker registry? I'm testing against the branches currently, and now that is only 15.06 and latest.

Thanks in advance!

Exited -127

Hi there,

I started using last week, running it as a daemon, but after a few days (3~4 days) the container exited with (-127) and had to restart it manually.

Can you help?

Thanks

How to import an ejabberd dump?

Hi,

Is it possible to load my dump created from my previous installation with ejabberdctl dump?
Also, is it possible to store the whole configuration in my host, for better portability?

Thank you.

SSL/TLS problem

Hi @rroemhild

While testing docker-ejabberd with a certificate, I noticed that I was unable to connect from e.g. https://conversejs.org/.

My certificate is in:

/opt/ejabberd/ssl/my-xmpp-domain.com.pem

Ejabberd picks it up, since it only generates the host.pem.

When I try to connect (e.g. from converse.js), Ejabberd throws the following error:

SSL_do_handshake failed: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol

Having an older ejabberd.yml file lying around, I compared that one with the current template in this repo, and I noticed the following:

The template in this repo:

...
listen:
  -
    port: 5222
    module: ejabberd_c2s
    {%- if env['EJABBERD_STARTTLS'] == "true" %}
    starttls_required: true
    {% endif %}
    protocol_options:
      - "no_sslv3"
      - "no_tlsv1"
    max_stanza_size: 65536
    shaper: c2s_shaper
    access: c2s
...

My old config:

...
listen:
  -
    port: 5222
    module: ejabberd_c2s
    starttls: true
    max_stanza_size: 65536
    shaper: c2s_shaper
    access: c2s
...

Assuming that EJABBERD_STARTTLS == "true", the main difference is the section "protocol_options". The question is; "do we want that as a default"? And if we do, how can we make the image compatible with something like converse.js?

p.s. I've used converse.js as an easy test, but the same failure also occured on an Android and iOS library I'm working on.

Cluster example doesn't work

Hi,
I went through the example/docker-compose-cluster. Had to change docker-compose.yml

Changed domainname to localhost
Changed dns address
EJABBERD_ADMINS, EJABBERD_USERS are on localhost

So it's:

dnsdock:
  image: tonistiigi/dnsdock
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock
  ports:
    - 172.17.0.1:53:53/udp

ejabberd:
  build: .
  ports:
    - 5222
    - 5269
    - 5280
  environment:
    - XMPP_DOMAIN=localhost
    - ERLANG_NODE=ejabberd
    - EJABBERD_ADMINS=admin@localhost
    - EJABBERD_USERS=admin@localhost:test321 user@localhost
    - ERLANG_COOKIE=testCluster
    - SKIP_MODULES_UPDATE=true
    - EJABBERD_CLUSTER=true
    - USE_DNS=true
  dns: 172.17.0.1
  domainname: localhost
  tty: true

When I scale up ejabberd new instances are created but not connected in a cluster.

After I connect to the master's http gui I can't see the other nodes.
What could be the problem?

Thanks!

Not compatible with Fig

See docker/compose#480

I think this is a Fig issue, but I wanted to dump it here also incase anyone has thoughts on the solution, as it appears somewhat specific to ejabberd/erlang in some way.

modules_update_specs does not always succeed

Sometimes (2 out of 3 times may be) post install script fails with error:

Updating module specs... 09:48:22.560 [info] Application p1_iconv started on node ejabberd@localhost
Error: command "modules_update_specs" not known.

Also i noticed that when the p1_iconv started log entry is before the Updating module specs entry the script succeeds. Need some delay may be?

I'm on OS X (boot2docker) BTW; however I also observe the same behaviour on an Ubuntu server.

erlang cookie

Anyone using the "ERLANG_COOKIE" environment VAR? I'm getting a permission denied error:

Set erlang cookie to blhakljdkadfksks...
/opt/ejabberd/scripts/pre/10_erlang_cookie.sh: line 12: /opt/ejabberd/.erlang.cookie: Permission denied

I'm not mounting any volumes at the moment, so the /opt/ejabberd directory is straight from the docker image.

Cannot run docker image.

When trying to start the docker images using

docker run -t -i -p 5222 -p 5269 -p 5280 -e "XMPP_DOMAIN=foo.com" rroemhild/ejabberd

I get the following output and then the container stops. Am I missing something? Thank you very much for your help.

patrick@tesla ...code/musica/ejabber %  docker run -t -i -p 5222 -p 5269 -p 5280 -e "XMPP_DOMAIN=foo.com" rroemhild/ejabberd
Missing ssl cert for your host. Generating snakeoil ssl cert for 291d27d74100...
Generating a 2048 bit RSA private key
...................................................+++
...........+++
writing new private key to '/tmp/selfsigned.key'
-----
Writing ssl cert and private key to '/opt/ejabberd/ssl/host.pem'...
Missing ssl cert for your xmpp domain. Generating snakeoil ssl cert for foo.com...
Generating a 2048 bit RSA private key
...................................................................................+++
.........................................................+++
writing new private key to '/tmp/selfsigned.key'
-----
Writing ssl cert and private key to '/opt/ejabberd/ssl/foo.com.pem'...
Generating ejabberd config file...
Generating ejabberdctl config file...
Starting ejabberd...
tail: cannot open ‘/var/log/ejabberd/crash.log’ for reading: No such file or directory
tail: cannot open ‘/var/log/ejabberd/error.log’ for reading: No such file or directory
tail: cannot open ‘/var/log/ejabberd/erlang.log’ for reading: No such file or directory
tail: ‘/var/log/ejabberd/crash.log’ has appeared;  following end of new file
tail: ‘/var/log/ejabberd/error.log’ has appeared;  following end of new file
14:58:58.749 [info] Application lager started on node ejabberd@291d27d74100
14:58:58.756 [info] Application crypto started on node ejabberd@291d27d74100
14:58:58.771 [info] Application sasl started on node ejabberd@291d27d74100
14:58:58.788 [info] Application asn1 started on node ejabberd@291d27d74100
14:58:58.788 [info] Application public_key started on node ejabberd@291d27d74100
14:58:58.804 [info] Application ssl started on node ejabberd@291d27d74100
14:58:58.810 [info] Application p1_yaml started on node ejabberd@291d27d74100
14:58:58.820 [info] Application p1_tls started on node ejabberd@291d27d74100
14:58:58.826 [info] Application p1_xml started on node ejabberd@291d27d74100
14:58:58.831 [info] Application p1_stringprep started on node ejabberd@291d27d74100
14:58:58.835 [info] Application p1_zlib started on node ejabberd@291d27d74100
14:58:58.839 [info] Application p1_cache_tab started on node ejabberd@291d27d74100
14:58:58.976 [info] Application mnesia started on node ejabberd@291d27d74100
14:58:59.425 [info] Application inets started on node ejabberd@291d27d74100
14:58:59.967 [info] FQDN used to check DIGEST-MD5 SASL authentication: 291d27d74100
14:59:00.011 [info] Application oauth2 started on node ejabberd@291d27d74100
14:59:00.057 [info] Application p1_iconv started on node ejabberd@291d27d74100
14:59:00.278 [info] Reusing listening port for {4560,{0,0,0,0},tcp}
14:59:00.279 [info] Reusing listening port for {5222,{0,0,0,0},tcp}
14:59:00.279 [info] Reusing listening port for {5269,{0,0,0,0},tcp}
14:59:00.279 [info] Reusing listening port for {5280,{0,0,0,0},tcp}
14:59:00.279 [info] Reusing listening port for {5443,{0,0,0,0},tcp}
14:59:00.280 [info] ejabberd 15.10 is started in the node ejabberd@291d27d74100
14:59:00.280 [info] Application ejabberd started on node ejabberd@291d27d74100
Updating module specs... Failed RPC connection to the node ejabberd@291d27d74100: timeout

Commands to start an ejabberd node:
  start    Start an ejabberd node in server mode
  debug    Attach an interactive Erlang shell to a running ejabberd node
  iexdebug Attach an interactive Elixir shell to a running ejabberd node
  live     Start an ejabberd node in live (interactive) mode
  iexlive  Start an ejabberd node in live (interactive) mode, within an Elixir shell

Optional parameters when starting an ejabberd node:
  --config-dir dir   Config ejabberd:    //etc/ejabberd
  --config file      Config ejabberd:    //etc/ejabberd/ejabberd.yml
  --ctl-config file  Config ejabberdctl: //etc/ejabberd/ejabberdctl.cfg
  --logs dir         Directory for logs: //var/log/ejabberd
  --spool dir        Database spool dir: /opt/ejabberd/database/ejabberd@291d27d74100
  --node nodename    ejabberd node name: ejabberd@291d27d74100

Permission problem with volumes

I'm currently facing problems when I try to mount a volume onto /opt/ejabberd/database.
What happens is this:

During the docker build phase, we create a directory $EJABBERD_HOME/database, chown it to user 'ejabberd', and we make a volume for this directory:

VOLUME ["$EJABBERD_HOME/database", "$EJABBERD_HOME/ssl"]

Afterwards, I try to start the container like this:

docker run -ti -p "4560:4560" -p "5280:5280" \
    -e "EJABBERD_REGISTER_TRUSTED_NETWORK_ONLY=true" \
    -e "[email protected]" \
    -e "EJABBERD_ADMIN_PWD=admin" \
    -e "XMPP_DOMAIN=example.com" \
    -e "EJABBERD_MUC_CREATE_ADMIN_ONLY=true" \
    -e "EJABBERD_REGISTER_ADMIN_ONLY=true" \
    -e "EJABBERD_MOD_ADMIN_EXTRA=true" \
    -e "EJABBERD_MOD_MUC_ADMIN=true" \
    -e "EJABBERD_WEB_ADMIN_SSL=false" \
    -e "EJABBERD_S2S_SSL=true" \
    -v /tmp/ejabberd/database:/opt/ejabberd/database
    docker-ejabberd

But the server won't start:

Missing ssl cert for your host. Generating snakeoil ssl cert for localhost...
Generating a 2048 bit RSA private key
.............+++
...+++
writing new private key to '/tmp/selfsigned.key'
-----
Writing ssl cert and private key to '/opt/ejabberd/ssl/host.pem'...
Missing ssl cert for your xmpp domain. Generating snakeoil ssl cert for example.com...
Generating a 2048 bit RSA private key
.....+++
..............................................................+++
writing new private key to '/tmp/selfsigned.key'
-----
Writing ssl cert and private key to '/opt/ejabberd/ssl/example.com.pem'...
Generating ejabberd config file...
Generating ejabberdctl config file...
Starting ejabberd...
tail: cannot open ‘/var/log/ejabberd/crash.log’ for reading: No such file or directory
tail: cannot open ‘/var/log/ejabberd/error.log’ for reading: No such file or directory
tail: cannot open ‘/var/log/ejabberd/erlang.log’ for reading: No such file or directory
mkdir: cannot create directory ‘/opt/ejabberd/database/ejabberd@localhost’: Permission denied
/sbin/ejabberdctl: 154: cd: can't cd to /opt/ejabberd/database/ejabberd@localhost
mkdir: cannot create directory ‘/opt/ejabberd/database/ejabberd@localhost’: Permission denied
/sbin/ejabberdctl: 154: cd: can't cd to /opt/ejabberd/database/ejabberd@localhost
tail: ‘/var/log/ejabberd/crash.log’ has been replaced with a remote file. giving up on this name
tail: ‘/var/log/ejabberd/error.log’ has been replaced with a remote file. giving up on this name
17:41:16.728 [info] Application lager started on node ejabberd@localhost
17:41:16.731 [info] Application crypto started on node ejabberd@localhost
17:41:16.736 [info] Application sasl started on node ejabberd@localhost
17:41:16.740 [info] Application asn1 started on node ejabberd@localhost
17:41:16.740 [info] Application public_key started on node ejabberd@localhost
17:41:16.744 [info] Application ssl started on node ejabberd@localhost
17:41:16.746 [info] Application p1_yaml started on node ejabberd@localhost
17:41:16.751 [info] Application p1_tls started on node ejabberd@localhost
17:41:16.754 [info] Application p1_xml started on node ejabberd@localhost
17:41:16.755 [info] Application p1_stringprep started on node ejabberd@localhost
17:41:16.757 [info] Application p1_zlib started on node ejabberd@localhost
17:41:16.758 [info] Application p1_cache_tab started on node ejabberd@localhost
17:41:16.798 [info] Application mnesia started on node ejabberd@localhost
17:41:17.280 [info] FQDN used to check DIGEST-MD5 SASL authentication: 872a9630aed3
17:41:17.300 [info] Application inets started on node ejabberd@localhost
17:41:17.302 [error] CRASH REPORT Process <0.38.0> with 0 neighbours exited with reason: {aborted,{no_exists,passwd,attributes}} in application_master:init/4 line 133
17:41:17.303 [info] Application ejabberd exited with reason: {aborted,{no_exists,passwd,attributes}}

The error I see happening is:

mkdir: cannot create directory ‘/opt/ejabberd/database/ejabberd@localhost’: Permission denied

How to get modules installed in the dockerfile

My question is, could it be possible to get modules installed during dockerfile phase? if it could, could you provide some tips or example? If there is no way, any other work around?

I was trying to write a dockerfile base on this image, but things are not going well.

Here is the first solution I tried.

FROM rroemhild/ejabberd

RUN ejabberdctl start
RUN sleep 20
RUN ejabberdctl module_install mod_rest
RUN ejabberdctl stop

It can not work as my expectation, here is the output.

Sending build context to Docker daemon 14.85 kB
Sending build context to Docker daemon
Step 0 : FROM ejabberd/base
 ---> dee8ecd9c00c
Step 1 : MAINTAINER Yeer Kunth <[email protected]>
 ---> Using cache
 ---> 1656cf2cf879
Step 2 : RUN ejabberdctl start
 ---> Using cache
 ---> 9ba7592b4dda
Step 3 : RUN sleep 20
 ---> Using cache
 ---> 16e6f66d16dc
Step 4 : RUN ejabberdctl module_install mod_rest
 ---> Running in 45a27c0ff93f
sed: can't read //etc/ejabberd/ejabberd.yml: No such file or directory
sed: can't read //etc/ejabberd/ejabberd.yml: No such file or directory
sed: can't read //etc/ejabberd/ejabberd.yml: No such file or directory
sed: can't read //etc/ejabberd/ejabberd.yml: No such file or directory
Failed RPC connection to the node ejabberd@localhost: nodedown

Commands to start an ejabberd node:
  start    Start an ejabberd node in server mode
  debug    Attach an interactive Erlang shell to a running ejabberd node
  iexdebug Attach an interactive Elixir shell to a running ejabberd node
  live     Start an ejabberd node in live (interactive) mode
  iexlive  Start an ejabberd node in live (interactive) mode, within an Elixir shell

Optional parameters when starting an ejabberd node:
  --config-dir dir   Config ejabberd:    //etc/ejabberd
  --config file      Config ejabberd:    //etc/ejabberd/ejabberd.yml
  --ctl-config file  Config ejabberdctl: //etc/ejabberd/ejabberdctl.cfg
  --logs dir         Directory for logs: //var/log/ejabberd
  --spool dir        Database spool dir: //var/lib/ejabberd
  --node nodename    ejabberd node name: ejabberd@localhost

INFO[0001] The command [/bin/sh -c ejabberdctl module_install mod_rest] returned a non-zero code: 3

And then I try to compile it manually, it seems the mod_rest is copied to the lib path.

FROM rroemhild/ejabberd
RUN git clone https://github.com/processone/ejabberd-contrib.git
RUN cd ejabberd-contrib/mod_rest/src && erlc -DNO_EXT_LIB  -I /lib/ejabberd/include  mod_rest.erl
USER root
RUN mv /opt/ejabberd/ejabberd-contrib/mod_rest/src/mod_rest.beam /lib/ejabberd/ebin
USER ejabberd

But it is still not working, here is the logs when I post something via http to the rest_mode. Looks like the mod_rest is not loaded correctly.

==> /var/log/ejabberd/crash.log <==
2015-04-30 19:32:28 =CRASH REPORT====
  crasher:
    initial call: ejabberd_http:init/2
    pid: <0.653.0>
    registered_name: []
    exception throw: {{module_must_be_started_in_vhost,mod_rest,<<"qor-chat.com">>},[{mod_rest,try_get_option,3,[{file,"mod_rest.erl"},{line,107}]},{mod_rest,check_member_option,3,[{file,"mod_rest.erl"},{line,122}]},{mod_rest,process,2,[{file,"mod_rest.erl"},{line,51}]},{ejabberd_http,process,5,[{file,"src/ejabberd_http.erl"},{line,365}]},{ejabberd_http,process_request,1,[{file,"src/ejabberd_http.erl"},{line,449}]},{ejabberd_http,process_header,2,[{file,"src/ejabberd_http.erl"},{line,287}]},{ejabberd_http,parse_headers,1,[{file,"src/ejabberd_http.erl"},{line,203}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,237}]}]}
    ancestors: [ejabberd_http_sup,ejabberd_sup,<0.39.0>]
    messages: []
    links: [<0.270.0>,#Port<0.7440>]
    dictionary: []
    trap_exit: false
    status: running
    heap_size: 1598
    stack_size: 27
    reductions: 2656
  neighbours:

Problem with ssl

Hi!

I would like to use docker-ejabberd with ssl.

I tried to run something like this:

docker run --restart=always -d \
    --name "ejabberd" \
    --user root \
    -v `pwd`/ssl:/opt/ejabberd/ssl \
    -p 5222:5222 \
    -p 5269:5269 \
    -p 5280:5280 \
    -h ps1.example.com \
    -e "XMPP_DOMAIN=ps1.example.com" \
    -e "ERLANG_NODE=ejabberd" \
    -e "EJABBERD_SSLCERT_HOST=/opt/ejabberd/ssl/ps1_example_com.pem" \
    -e "EJABBERD_SSLCERT_PS1_example_COM=/opt/ejabberd/ssl/ps1_example_com.pem" \
    -e "EJABBERD_CIPHERS=ALL:EECDH+aRSA+AESGCM:EDH+aRSA+AESGCM:EECDH+aRSA+AES:EDH+aRSA+AES" \
    -e "EJABBERD_PROTOCOL_OPTIONS_TLSV1=true" \
    -e "[email protected] [email protected]" \
    -e "[email protected]:password1234 [email protected]:password1234 [email protected]:password1234 [email protected]:password1234" \
    -e "TZ=Europe/Moscow" \
    rroemhild/ejabberd

But when i tried to open ps1.example.com:5280/http-bind, it doesnot open and in logs i see:

> 01:06:21.883 [error] CRASH REPORT Process <0.629.0> with 0 neighbours crashed with reason: no match of right hand value {error,<<"SSL_CTX_use_certificate_file failed: error:0906D06C:PEM routines:PEM_read_bio:no start line">>} in ejabberd_http:init/2 line 120
>

ssl folder contains host.pem with hostname

cat host.pem 
ps1.example.com

and ps1.example.com.pem file
command:
openssl x509 -text -in ps1.example.com.pem works correctly

it looks like i forget setup some important environment variable, but i have no ideas and i need help

rroemhild / docker-ejabberd Goto Github PK

docker-ejabberd's Introduction

rroemhild/ejabberd

Introduction

Version

Quick Start

Usage

Persistence

SSL Certificates

Base Image

Run as root

Cluster Example

Runtime Configuration

Served Hostnames

Authentication

Password format

MySQL Authentication

LDAP Auth

Admins

Users

Shared Roster Groups

SSL

STUN / TURN

Erlang

Modules

Logging

Mount Configurations

MySQL Everything

Maintenance

Register Users

Creating Backups

Restoring Backups

Debug

Erlang Shell

System Shell

System Commands

Exposed Ports

docker-ejabberd's People

Stargazers

Watchers

Forkers

docker-ejabberd's Issues

Logging to stdout

Graceful shutdown on SIGTERM

Config in the runtime environment

To exit this LIVE mode and stop ejabberd, press: q(). and press the Enter key

It would be an awesome feature to be able to automatically join a cluster of ejabberd nodes.

1. Providing nodes via ENV or extra config file?

2. Automatically joining the cluster, based on ENV or extra config file?

Remarks:

Recommend Projects

Recommend Topics

Recommend Org

To exit this LIVE mode and stop ejabberd, press:
q(). and press the Enter key