The perfect ejabberd setup with ansible

Previously on “XMPP server setup”…

In April last year I setup the kaidan.im XMPP server with ejabberd. As you would expect I did that completely manually, so first running apt get install ejabberd, then editing the config file and so on. I read the ejabberd documentation in detail to enable all useful features and to get the nearly perfect server config. I also imported the database from a friend of mine, who hosted his server (jbb.ddns.net) on a Raspberry Pi before.

Then, in July I got a small job to install an XMPP server for the DBJR (Deutscher Bundesjugendring). It was already clear that we’ll first test the XMPP server on a small (Hetzner) cloud server and later move it to a larger one as the project grows. Besides the internal server chat.dbjr.org we also set up the yochat.eu domain (youth organization chat) to be opened for free registration later. Because we didn’t want to do all the setup multiple times (and researching everything after forgetting everything), I came up with the idea of using ansible to automate everything. The result was nice, but still very server specific. Later I based on the ansible playbook for moving my own server. Recently I also did some real abstraction, so now only some config options would need to be changed to get the chat.dbjr.org-server. On 9th January, I gave a talk about this at the XMPP Meetup.

How to setup your own server

My ansible role is publicly available on my GitLab instance. I’ll show you how to use it in this blog post, but we won’t go into details about ansible. The first step is to create a new ansible playbook for this project (as long as you don’t have one yet). Just create this folder structure (we’ll talk about the speific files later):

$ ls myplaybook/ myplaybook/env/ myplaybook/env/host_vars/
myplaybook/:
env/  roles/  mysetup.yml

myplaybook/env/:
myhosts.inventory  host_vars/

myplaybook/env/host_vars/:
myxmppserver.yml

Then clone the ejabberd and certbot roles into the roles folder:

git clone ssh://git@git.kaidan.im/lnj/ansible-role-ejabberd ejabberd
git clone ssh://git@git.kaidan.im/lnj/ansible-role-certbot certbot

After that you should add the target server to the inventory file:

# this is the group name:
[xmppservers]
# this is the server name (as you would use it when connecting via. ssh); you
# could also write `user@xmpp.server.example`, but it's better to add that info
# to your ~/.ssh/config
myxmppserver

Now copy the default configurations of the roles to your host configuration (remove the three dashes --- from the second file):

cat roles/ejabberd/defaults/main.yml roles/certbot/defaults/main.yml > env/host_vars/myxmppserver.yml

You can edit that file and adjust everything to your needs. The config options should all be self-explaining (contact me if they’re not). If you need some advanced options you can just edit the ejabberd.yml template file in the ejabberd role. So now what’s still missing is an ansible script (i.e. mysetup.yml) that will execute the ejabberd role on your server:

---

- name: Install ejabberd
  hosts: xmppservers # this is the group name, you could also specify a single host
  become: true
  roles:
    - certbot
    - ejabberd

And that’s basically it, you can now execute the playbook on your server using this command:

ansible-playbook -i env/myhosts.inventory mysetup.yml

If you’re using this, it’ll probably be much easier for you to setup the server (and especially when moving it to another machine!).

Comments