Hi!
Here is a cut of configuration, I tried to start:
{listen,
[
{8080, ejabberd_c2s, [
{certfile, "/usr/home/jabber/etc/ejabberd/ssl/pem1.pem"}, starttls, starttls_required,
{access, c2s},
{shaper, c2s_shaper},
{max_stanza_size, 65536},
{ip, {192,168,100,250}}
]}
,
{8080, ejabberd_c2s, [
{certfile, "/usr/home/jabber/etc/ejabberd/ssl/pem2.pem"}, starttls, starttls_required,
{access, c2s},
{shaper, c2s_shaper},
{max_stanza_size, 65536},
{ip, {192,168,0,250}}
]}
]}.Starts only the first `8080' section.
The sense is to run 2 virtual hosts simultaneuosly on different interfaces(not all! which could be achieved by skipping `ip' option).
Tag {listen} seems not working inside {host_config}.
The configuration like
{listen,
[
{8080, ejabberd_c2s, [
{certfile, "/usr/home/jabber/etc/ejabberd/ssl/pem.pem"}, starttls, starttls_required,
{access, c2s},
{shaper, c2s_shaper},
{max_stanza_size, 65536},
{ip, {192,168,100,250}},
{ip, {192,168,0,250}}
]}
]}.starts with last `ip'.
The one like
{listen,
[
{8080, ejabberd_c2s, [
{certfile, "/usr/home/jabber/etc/ejabberd/ssl/pem.pem"}, starttls, starttls_required,
{access, c2s},
{shaper, c2s_shaper},
{max_stanza_size, 65536},
{ip, [{192,168,100,250}, {192,168,0,250}] }
]}
]}.just never starts listening socket.
Or, taking a point, that server listens at *.8080(not very appropriate, when running web-server along with), we got 2 virtual hosts.
That's ok. Till the moment, when we see, that virtual hosts exist only for existing! See: no user separation, no ip separation, no port separation. Maybe, we have opportunity for little tricks with different modules running, but I can't get the sense at all :-)) Maybe some smart standards say, that this is the way and it should be that, but it's like religious talkings, but not appropriate for simple people using :-)))
I've found, that user separation can be achieved with host_config and different databases per virtual host(when using odbc, but what about internal authentication?)[http://www.ejabberd.im/node/3242] or using mod_filter[http://www.ejabberd.im/node/2722] to _force_ users not to see colleagues from neighbour virtual host(but I've not researched these methods yet)
Doesn't it seem a little strange? This is alike to run 2 independent ejabberd services at one time :-))(not sure, that epmd will be able to manage such an perversion)
Please, show me the way. I feel to get lost between 3 pines! :-))
Do not let this problem warp "my fragile little mind"(c)Eric Cartman
Nope! Virtual hosts is only a simulation. What for?
I've tried the variant with separated Databases:
hosts: vhost1, vhost2
users: user01, user02(names duplicated at both servers)
So, as a result(example) user01@vhost1 list:
user01@vhost2
user02@vhost1
user02@vhost2
Everybody can freely contact each other. The only difference is that offline messages are stored at recepient's side(database). That's pretty logical.
But I'd like vhosts work like servers(using s2s_* rules). Or that's not so logical?
`mod_filter' is not applicable for this aim without appropriate revision, because now it can process only lacedone(last) chain of rules, named
mod_filter, so even if we can deny vhost1-to-vhost2 traffic, we can't deny backwards.The single "normal"(superfluous, but working) method, I could discover, is :
________________________
*) This one must contain
ERLANG_NODE=s@localhostwith node name from p.4. WARNING! Extraspecify host in every parameter to make Erlang engine work correctly, while usingejabberdctl-utility.At the and to simplify use, I propose simple scripts, which can be modified for definite purposes
ctl.sh:#!/bin/shC="$1"
R="$2"
Rs=""
if [ -n "$R" ]
then
Rs="_$R"
else
R="ejabberd"
fi
pw=`pwd`
cm="$pw/ejabberdctl
--config /usr/home/jabber/etc/ejabberd/ejabberd${Rs}.cfg
--ctl-config /usr/home/jabber/etc/ejabberd/ejabberdctl${Rs}.cfg
--node ${R}@localhost
--spool /usr/home/jabber/var/lib/ejabberd/${R}
${C}"
echo "$cm"
$cm
and one of super-script
start.sh:#!/bin/shpw=`pwd`
cm="$pw/ctl.sh start $1"
$cm
Usage:
ctl.sh <action> [node]start.sh [node]nodeis an optional parameter(when skipped, `ejabberd' is default), which means --node [node]@localhost parameter and(!) usage of specified configuration files and directories:--config ejabberd_[node].cfg--configctl ejabberdctl_[node].cfg--spool ejabberd/[node].cfgScripts should be put into the same directory with standard
ejabberdctl-script. All directories should be changed to appropriate values, of course.So, this method also decides Single_port-to-Multiple_IPs mapping, because
{listen}-tag is specified independently.Thanks. Good Luck.
Quote:Single port + multiple
Single port + multiple IPs
Not possible yet: . You can configure ejabberd to listen in a port for all IPs, or for a certain IP.
It isn't possible to restrict users of a vhost to a certain port.
If you are ready to use so many different ports numbers and IP addresses, you can install ejabberd several times in different directories, and configure each one to use different ports (and to have different erlang node names). They will act independently.