XMPP and a little bird

22 Mar 2016


What is XMPP?

The Extensible Messaging and Presence Protocol (XMPP) is a communications protocol for near-real-time internet messaging. For all intents and purposes, it's instant messaging, and it's wonderful. XMPP was once called Jabber, and you've probably heard of it – it used to be the backbone of Facebook Messenger and Google Talk (now called Hangouts).

Unlike current day Facebook Messenger and Google Hangouts however, XMPP/Jabber is defined in an open standard, such that anyone may implement an XMPP service, use and develop for it without restrictions. I gravitated towards it when looking for a secure, open, group messaging platform and was pleasantly surprised by how easy it was to get it up and working. XMPP has been around since 1999, and it's become quite the elegant system since then. I got a server up and running in about 10 minutes.

Let's set up XMPP with ejabberd!

You'll need two things:

  1. A GNU/Linux or BSD webserver with root access
  2. A domain name of some sort (i.e. example.com) that points to your webserver

Before starting with this guide, you may want to configure a subdomain for your xmpp server in the DNS settings for your domain registrar/webhost. You'll probably want something like xmpp.example.com. You won't have a webpage set up on this subdomain however, so have anyone attempting to visit that address in a browser redirected elsewhere.

If you want to make chat rooms work on your server as well, you'll need to add a conference.xmpp.example.com "subsubdomain" as well.

The server I'm working with runs on Ubuntu 14.04 LTS, but getting XMPP up should be very similar on other systems. To start with, I'm using the ejabberd XMPP server – it's the backend that the original Jabber.org uses, and I have no complaints.

  1. Let's get started!
  2. Log into your server via SSH and update your software stack:

    % sudo apt-get update && sudo apt-get -y upgrade
  3. Install ejabberd
  4. % sudo apt-get -y install ejabberd
  5. Configure ejabberd
  6. Once installed, you'll need to edit the ejabberd configuration file using your favourite text editor. By default, this file is located at /etc/ejabberd/ejabberd.cfg, though this directory is protected so you'll need to be root.

    % sudo -i
    # vim /etc/ejabberd/ejabberd.cfg

    To create your admin user, change line 58 from

    {acl, admin, {user, "", "localhost"}}.

    to

    {acl, admin, {user, "desired_username", "xmpp.example.com"}}.

    Configure your hostname by changing line 61 from

    {hosts, ["localhost"]}.

    to

    {hosts, ["localhost","xmpp.example.com"]}.

    Optional step: If you want to allow other internet users to register on your server without going through you personally, you can allow open registration by changing line 496 from

    {access, register, [{deny, all}]}.

    to

    {access, register, [{allow, all}]}.

    This will allow users to register from any XMPP client.

  7. Register your admin user
  8. Restart the ejabberd daemon and register your admin user via the command line:

    % sudo service ejabberd restart
    % sudo ejabberdctl register desired_username xmpp.example.com password

Communicating with other XMPP servers

Your firewall isn't configured to let the connections through! Make sure you allow connections through ports 5222 (the standard XMPP port), 5280 (for the admin web interface), and 5269 (for inter-server connections).

% sudo ufw allow 5222
% sudo ufw allow 5280
% sudo ufw allow 5269

The admin web interface can be accessed by navigating to http://xmpp.example.com:5280/admin from your favourite web browser. Enter your admin's username and password when prompted.

Interfacing with your server

Now that you've successfully set up and configured your XMPP server it's time to reap the rewards! There are lots of XMPP clients out there, and many popular instant messaging programmes support the protocol. If you're security/encryption conscious, you should look for a client with active Off-The-Record Messaging (OTR) support.

Good clients include ChatSecure for Android and iOS, Pidgin for GNU/Linux and Windows, and Adium for Mac OS X.

Note: On Ubuntu and other Linuxes, Empathy, the default IM client for GNOME 3 and Unity does not support OTR. You should look for an alternative such as Pidgin (with the pidgin-otr plug-in) or Jitsi.