CentOS repos (both official and EPEL) does not provide an up to date version of Ejabberd, installing from source is the only way if one want or need a version from this century. Problem is that doing things manually is a never ever a good idea, luckily Ansible and a bit of Python love come to rescue. Supposing Ejabberd is already installed and configured (I wrote a post on the subject a couple of years ago: https://uwot.eu/ejabberd-xmpp-server-configuration-guide//) the following Ansible script will take care of all the steps needed to upgrade to a newer version of Ejabberd …

After some time qcow2 images tend -especially after taking snapshots- to grow bigger and bigger, even bigger than the maximum size specified at creation time. QEMU provides a tool called virt-sparsify (install libguestfs-tools package in CentOS 7) that can effectively make a virtual machine disk thin provisioned (space is not preallocated, only the actual space needed is used). virt-sparsify has a nice number of options, the most interesting one is --in-place, it tells QEMU to shrink the volume in place without requiring any addition space. …

DNSCrypt installation process is pretty simple since it is present in the repository, pdnsd on the other hand is missing, luckily compiling from source is not that hard. For the sake of completeness I will also cover the procedure to install DNSCrypt from source, alternatively yum install dnscrypt-proxy. Install the required dependencies and get the source code: [root@CentOS ~]# yum install gcc libsodium-devel libtool-ltdl-dev git wget [root@CentOS ~]# git clone https://github.com/jedisct1/dnscrypt-proxy.git [root@CentOS ~]# wget http://members.home.nl/p.a.rombouts/pdnsd/releases/pdnsd-1.2.9a-par.tar.gz pdnsd Compile and install: …

The whole web is full of pseudo guides on how to properly - that is the key word here - configure Nginx to perform caching alongside with PHP-FPM, but every single one of them fails to mention some minor steps resulting in a borked half functioning implementation. For example, not a single one mention the necessity to edit /etc/php.ini and set session.use_cookies to 0. Too bad that without doing so caching with WordPress in combination with certain plugins or themes (for example MainWP or Enfold theme) is completely not working; the following headers get added to every HTTP response: …

Postfix configuration Install the required software: $ yum install postfix postgrey dovecot fail2ban spamassassin spamass-milter-postfix opendkim Create TLS certificate, key and CA authority (replace mail.domain.tld with a valid domain name): $ mkdir /etc/postfix/ssl $ cd /etc/postfix/ssl $ openssl genrsa -aes256 -out mail.domain.tld.key 4096 $ chmod 600 mail.domain.tld.key $ openssl req -sha256 -new -key mail.domain.tld.key -out mail.domain.tld.csr $ openssl x509 -sha256 -req -days 1825 -in mail.domain.tld.csr -signkey mail.domain.tld.key -out mail.domain.tld.crt $ openssl rsa -in mail.domain.tld.key -out mail.domain.tld.key.nopass $ mv mail.domain.tld.key.nopass mail.domain.tld.key $ openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650 -sha256 $ chmod 600 mail.domain.tld.key $ chmod 600 cakey.pem $ openssl dhparam -out dhparams.pem 4096 $ chmod 600 dhparams.pem Edit main.cf file accordingly (the other lines should be ok by default). No SQL database is used, for user authentication postfix relies on Linux users, email data are stored in ~/Maildir. …

I will be keeping this post up to date to keep track on how to configure and mantain an ejabberd server working efficiently and secure. I strongly advise any reader to read carefully what is written here and not just copy-and-paste the configuration file. My blog also contains a bunch of other posts regarding ejabberd that are worth giving a look at, use the search form. Server CentOS 7.5.1804 x86_64 Erlang/OTP 21.1.1-1 x86_64 ejabberd 18.09 Client LineageOS 15.1 (Android Nougat) Conversations 2.3.5+fcr .:. Installation and initial configuration Download and install erlang (release numbers here may not be up to date): …