Помогите разобраться с ХМРР сервером "PROSODY"!

Discussion in 'Безопасность и Анонимность' started by amanat777, 19 Apr 2020.

  1. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0
    Доброго времени суток, коллеги!
    Установил debian - server на virtualbox, и установил туда ХМРР сервер Prosody, для конфиденциального общения. В качестве прокси использую Socks5 i2pd, трафик кручу через i2p, используя виртуальный сервис i2pd.
    Вот мануал, по которому произвожу настройку:
    https://tgraph.io/CHerno-treugolnie-04-14
    Много раз разворачивал этот проект на Kali, Whonix и Windows, все прекрасно работало, но в этот раз никак не мог достучаться Пиджином до сервера, посмотрев логи, я понял что нелады на самом сервере Prosody.
    Вот конфиг сервера /etc/prosody/prosody.cfg.lua

    -- Prosody Example Configuration File
    --
    -- Information on configuring Prosody can be found on our
    -- website at https://prosody.im/doc/configure
    --
    -- Tip: You can check that the syntax of this file is correct
    -- when you have finished by running this command:
    -- prosodyctl check config
    -- If there are any errors, it will let you know what and where
    -- they are, otherwise it will keep quiet.
    --
    -- The only thing left to do is rename this file to remove the .dist ending, and fill in the
    -- blanks. Good luck, and happy Jabbering!


    ---------- Server-wide settings ----------
    -- Settings in this section apply to the whole server and are the default settings
    -- for any virtual hosts

    -- This is a (by default, empty) list of accounts that are admins
    -- for the server. Note that you must create the accounts separately
    -- (see https://prosody.im/doc/creating_accounts for info)
    -- Example: admins = { "user1@example.com", "user2@example.net" }
    admins = {"admin@krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p" }

    -- Enable use of libevent for better performance under high load
    -- For more information see: https://prosody.im/doc/libevent
    --use_libevent = true

    -- Prosody will always look in its source directory for modules, but
    -- this option allows you to specify additional locations where Prosody
    -- will look for modules first. For community modules, see https://modules.prosody.im/
    -- For a local administrator it's common to place local modifications
    -- under /usr/local/ hierarchy:
    plugin_paths = { "/usr/local/lib/prosody/modules" }

    -- This is the list of modules Prosody will load on startup.
    -- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
    -- Documentation for bundled modules can be found at: https://prosody.im/doc/modules
    modules_enabled = {
    "roster"; "saslauth"; "tls"; "dialback"; "disco"; "posix"; "private"; "vcard"; "ping"; "register"; "admin_adhoc"; "darknet";
    };

    -- These modules are auto-loaded, but should you want
    -- to disable them then uncomment them here:
    modules_disabled = {};

    -- Disable account creation by default, for security
    -- For more information see https://prosody.im/doc/creating_accounts
    allow_registration = false

    -- Debian:
    -- Do not send the server to background, either systemd or start-stop-daemon take care of that.
    --
    daemonize = false;

    -- Debian:
    -- Please, don't change this option since /run/prosody/
    -- is one of the few directories Prosody is allowed to write to
    --
    pidfile = "/run/prosody/prosody.pid";

    -- Force clients to use encrypted connections? This option will
    -- prevent clients from authenticating unless they are using encryption.

    c2s_require_encryption = true

    -- Force servers to use encrypted connections? This option will
    -- prevent servers from authenticating unless they are using encryption.

    s2s_require_encryption = true

    -- Force certificate authentication for server-to-server connections?

    s2s_secure_auth = false

    -- Some servers have invalid or self-signed certificates. You can list
    -- remote domains here that will not be required to authenticate using
    -- certificates. They will be authenticated using DNS instead, even
    -- when s2s_secure_auth is enabled.

    --s2s_insecure_domains = { "insecure.example" }

    -- Even if you disable s2s_secure_auth, you can still require valid
    -- certificates for some domains by specifying a list here.

    --s2s_secure_domains = { "jabber.org" }

    -- Select the authentication backend to use. The 'internal' providers
    -- use Prosody's configured data storage to store the authentication data.

    authentication = "internal_hashed"

    -- Select the storage backend to use. By default Prosody uses flat files
    -- in its configured data directory, but it also supports more backends
    -- through modules. An "sql" backend is included by default, but requires
    -- additional dependencies. See https://prosody.im/doc/storage for more info.

    --storage = "sql" -- Default is "internal" (Debian: "sql" requires one of the
    -- lua-dbi-sqlite3, lua-dbi-mysql or lua-dbi-postgresql packages to work)

    -- For the "sql" backend, you can uncomment *one* of the below to configure:
    --sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename.
    --sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
    --sql = { driver = "PostgreSQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }


    -- Archiving configuration
    -- If mod_mam is enabled, Prosody will store a copy of every message. This
    -- is used to synchronize conversations between multiple clients, even if
    -- they are offline. This setting controls how long Prosody will keep
    -- messages in the archive before removing them.

    archive_expires_after = "1w" -- Remove archived messages after 1 week

    -- You can also configure messages to be stored in-memory only. For more
    -- archiving options, see https://prosody.im/doc/modules/mod_mam

    -- Logging configuration
    -- For advanced logging see https://prosody.im/doc/logging
    --
    -- Debian:
    -- Logs info and higher to /var/log
    -- Logs errors to syslog also
    log = {
    -- Log files (change 'info' to 'debug' for debug logs):
    info = "/var/log/prosody/prosody.log";
    error = "/var/log/prosody/prosody.err";
    -- Syslog:
    { levels = { "error" }; to = "syslog"; };
    }

    -- Uncomment to enable statistics
    -- For more info see https://prosody.im/doc/statistics
    -- statistics = "internal"

    -- Certificates
    -- Every virtual host and component needs a certificate so that clients and
    -- servers can securely verify its identity. Prosody will automatically load
    -- certificates/keys from the directory specified here.
    -- For more information, including how to use 'prosodyctl' to auto-import certificates
    -- (from e.g. Let's Encrypt) see https://prosody.im/doc/certificates

    -- Location of directory to find certificates in (relative to main config file):
    certificates = "certs"

    -- HTTPS currently only supports a single certificate, specify it here:
    --https_certificate = "/etc/prosody/certs/localhost.crt"

    ----------- Virtual hosts -----------
    -- You need to add a VirtualHost entry for each domain you wish Prosody to serve.
    -- Settings under each VirtualHost entry apply *only* to that host.
    -- It's customary to maintain VirtualHost entries in separate config files
    -- under /etc/prosody/conf.d/ directory. Examples of such config files can
    -- be found in /etc/prosody/conf.avail/ directory.

    ------ Additional config files ------
    -- For organizational purposes you may prefer to add VirtualHost and
    -- Component definitions in their own config files. This line includes
    -- all config files in /etc/prosody/conf.d/

    VirtualHost "krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p"
    enabled = true
    ssl = {
    key = "/etc/prosody/certs/krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p.key";
    certificate = "/etc/prosody/certs/krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p.crt";
    }
    --VirtualHost "example.com"
    -- certificate = "/path/to/example.crt"

    ------ Components ------
    -- You can specify components to add hosts that provide special services,
    -- like multi-user conferences, and transports.
    -- For more information on components, see https://prosody.im/doc/components

    ---Set up a MUC (multi-user chat) room server on conference.example.com:
    --Component "conference.example.com" "muc"
    --- Store MUC messages in an archive and allow users to access it
    --modules_enabled = { "muc_mam" }

    ---Set up an external component (default component port is 5347)
    --
    -- External components allow adding various services, such as gateways/
    -- transports to other networks like ICQ, MSN and Yahoo. For more info
    -- see: https://prosody.im/doc/components#adding_an_external_component
    --
    --Component "gateway.example.com"
    -- component_secret = "password"
    Include "conf.d/*.cfg.lua"

    Вот лог сервера cat /var/log/prosody/prosody.log

    Apr 19 11:01:47 startup info Hello and welcome to Prosody version 0.11.2
    Apr 19 11:01:47 startup info Prosody is using the select backend for connection handling
    Apr 19 11:01:47 portmanager info Activated service 's2s' on [::]:5269, [*]:5269
    Apr 19 11:01:47 portmanager info Activated service 'c2s' on [::]:5222, [*]:5222
    Apr 19 11:01:47 portmanager info Activated service 'legacy_ssl' on no ports
    Apr 19 11:04:03 mod_posix warn Received SIGTERM
    Apr 19 11:04:03 startup info Shutting down: Received SIGTERM
    Apr 19 11:04:03 general info Shutting down...
    Apr 19 11:04:03 general info Shutdown status: Cleaning up
    Apr 19 11:04:03 general info Shutdown complete
    Apr 19 11:04:03 startup info Hello and welcome to Prosody version 0.11.2
    Apr 19 11:04:03 startup info Prosody is using the select backend for connection handling
    Apr 19 11:04:03 modulemanager error Unable to load module 'darknet': /usr/lib/prosody/modules/mod_darknet.lua: No such file or directory
    Apr 19 11:04:03 certmanager error SSL/TLS: Failed to load '/etc/prosody/certs/krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p.key': Check that the path is correct, and the file exists. (for krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p)
    Apr 19 11:04:03 krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p:tls error Error creating context for c2s: error loading private key (No such file or directory)
    Apr 19 11:04:03 certmanager error SSL/TLS: Failed to load '/etc/prosody/certs/krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p.key': Previous error (see logs), or other system error. (for krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p)
    Apr 19 11:04:03 krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p:tls error Error creating contexts for s2sout: error loading private key (system lib)
    Apr 19 11:04:03 certmanager error SSL/TLS: Failed to load '/etc/prosody/certs/krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p.key': Previous error (see logs), or other system error. (for krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p)
    Apr 19 11:04:03 krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p:tls error Error creating contexts for s2sin: error loading private key (system lib)
    Apr 19 11:04:03 portmanager info Activated service 's2s' on [*]:5269, [::]:5269
    Apr 19 11:04:03 portmanager info Activated service 'c2s' on [*]:5222, [::]:5222
    Apr 19 11:04:03 portmanager info Activated service 'legacy_ssl' on no ports
    Apr 19 11:04:03 modulemanager error Unable to load module 'darknet': /usr/lib/prosody/modules/mod_darknet.lua: No such file or directory
    Apr 19 11:08:22 mod_posix warn Received SIGTERM
    Apr 19 11:08:22 startup info Shutting down: Received SIGTERM
    Apr 19 11:08:22 general info Shutting down...
    Apr 19 11:08:22 general info Shutdown status: Cleaning up
    Apr 19 11:08:22 general info Shutdown complete
    Apr 19 11:08:22 startup info Hello and welcome to Prosody version 0.11.2
    Apr 19 11:08:22 startup info Prosody is using the select backend for connection handling
    Apr 19 11:08:22 portmanager info Activated service 'c2s' on [*]:5222, [::]:5222
    Apr 19 11:08:22 portmanager info Activated service 'legacy_ssl' on no ports
    Apr 19 11:08:22 portmanager info Activated service 's2s' on [*]:5269, [::]:5269
    Apr 19 11:10:20 mod_posix warn Received SIGTERM
    Apr 19 11:10:20 startup info Shutting down: Received SIGTERM
    Apr 19 11:10:20 general info Shutting down...
    Apr 19 11:10:20 general info Shutdown status: Cleaning up
    Apr 19 11:10:20 general info Shutdown complete
    Apr 19 11:10:20 startup info Hello and welcome to Prosody version 0.11.2
    Apr 19 11:10:20 startup info Prosody is using the select backend for connection handling
    Apr 19 11:10:20 portmanager info Activated service 'c2s' on [::]:5222, [*]:5222
    Apr 19 11:10:20 portmanager info Activated service 'legacy_ssl' on no ports
    Apr 19 11:10:20 portmanager info Activated service 's2s' on [::]:5269, [*]:5269


    Вот лог по ошибкам cat /var/log/prosody/prosody.err

    Apr 19 11:04:03 modulemanager error Unable to load module 'darknet': /usr/lib/prosody/modules/mod_darknet.lua: No such file or directory
    Apr 19 11:04:03 certmanager error SSL/TLS: Failed to load '/etc/prosody/certs/krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p.key': Check that the path is correct, and the file exists. (for krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p)
    Apr 19 11:04:03 krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p:tls error Error creating context for c2s: error loading private key (No such file or directory)
    Apr 19 11:04:03 certmanager error SSL/TLS: Failed to load '/etc/prosody/certs/krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p.key': Previous error (see logs), or other system error. (for krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p)
    Apr 19 11:04:03 krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p:tls error Error creating contexts for s2sout: error loading private key (system lib)
    Apr 19 11:04:03 certmanager error SSL/TLS: Failed to load '/etc/prosody/certs/krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p.key': Previous error (see logs), or other system error. (for krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p)
    Apr 19 11:04:03 krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p:tls error Error creating contexts for s2sin: error loading private key (system lib)
    Apr 19 11:04:03 modulemanager error Unable to load module 'darknet': /usr/lib/prosody/modules/mod_darknet.lua: No such file or directory

    ПОЖАЛУЙСТА ПОМОГИТЕ ПОНЯТЬ, В ЧЕМ ИМЕННО ДЕЛО! Спасибо заранее!
     
  2. fandor9

    fandor9 Well-Known Member

    Joined:
    16 Nov 2018
    Messages:
    406
    Likes Received:
    604
    Reputations:
    19
    поставьте модуль
    У вас либо в этой папке нет этого ключа, либо он имеет другое название файла или же у вас нет прав на чтение этого файла (под каким пользователем запускается сервис?), так что
    Code:
    ls -lh /etc/prosody/certs/
     
    quite gray and amanat777 like this.
  3. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0

    Здравствуйте! Спасибо за ответ!
    Все переустановил, все ровно не работает! Постоянно ошибки ловлю, не пойму в чем дело, раньше все работало!
    Вот лог по ошибкам:
    cat /var/log/prosody/prosody.err

    Apr 20 12:24:12 mod_posix error Failed to daemonize: already-daemonize

    А вот syslog:

    root@debian:~# cat /var/log/syslog | grep prosody
    Apr 20 12:24:11 debian systemd[1]: prosody.service: Succeeded.
    Apr 20 12:24:12 debian prosody[1422]: mod_posix: Prosody is about to detach from the console, disabling further console output
    Apr 20 12:24:12 debian prosody[1422]: mod_posix: Failed to daemonize: already-daemonized

    Вот по сертификатам:
    ls -lh /etc/prosody/certs/
    итого 8,0K
    lrwxrwxrwx 1 root root 37 янв 9 2019 localhost.crt -> ../../ssl/certs/ssl-cert-snakeoil.pem
    lrwxrwxrwx 1 root root 39 янв 9 2019 localhost.key -> ../../ssl/private/ssl-cert-snakeoil.key
    -rw-r----- 1 root prosody 1,4K апр 20 12:23 xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt
    -rw-r----- 1 root prosody 1,7K апр 20 12:21 xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.key

    Я неопытный, может подскажете куда копать... СПАСИБО ВАМ!
     
  4. fandor9

    fandor9 Well-Known Member

    Joined:
    16 Nov 2018
    Messages:
    406
    Likes Received:
    604
    Reputations:
    19
    Как вы запускаете prosody? Как сервис
    Code:
    service prosody start
    или из-под консоли? Может у вас он уже запущен (
    Code:
    pgrep prosody
    )?
    В конфиге у вас стоит совершенно другой файл krswzn3gt32blf54uam5l3otiilmu3te46333i7vy5hqwtkl4hvq.b32.i2p.key
     
    quite gray and amanat777 like this.
  5. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0

    Так точно, запускаю как сервис. Делаю как в документации.
    А сервер на Debian дгугой, я все переустановил по новой. Все ровно он не работает!

    Что-то не так с сертификатами, и модулем posix. просто не понимаю, что ему не нравится.

    Вот свежие логи:


    cat /var/log/syslog | grep prosody
    Apr 20 12:24:11 debian systemd[1]: prosody.service: Succeeded.
    Apr 20 12:24:12 debian prosody[1422]: mod_posix: Prosody is about to detach from the console, disabling further console output
    Apr 20 12:24:12 debian prosody[1422]: mod_posix: Failed to daemonize: already-daemonized
    Apr 20 13:15:07 debian prosody[433]: mod_posix: Prosody is about to detach from the console, disabling further console output
    Apr 20 13:15:07 debian prosody[433]: mod_posix: Failed to daemonize: already-daemonized
    Apr 20 13:15:07 debian prosody[433]: portmanager: No active service for c2s, activating...
    Apr 20 13:15:07 debian prosody[433]: socket: server.lua: new server listener on '[127.0.0.1]:5222'
    Apr 20 13:15:07 debian prosody[433]: portmanager: Added listening service c2s to [127.0.0.1]:5222
    Apr 20 13:15:07 debian prosody[433]: portmanager: Activated service 'c2s' on [127.0.0.1]:5222
    Apr 20 13:15:07 debian prosody[433]: portmanager: No active service for legacy_ssl, activating...
    Apr 20 13:15:07 debian prosody[433]: portmanager: Activated service 'legacy_ssl' on no ports
    Apr 20 13:15:07 debian prosody[433]: certmanager: Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p...
    Apr 20 13:15:07 debian prosody[433]: certmanager: Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt with key /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.key for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    Apr 20 13:15:07 debian prosody[433]: certmanager: Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p...
    Apr 20 13:15:07 debian prosody[433]: certmanager: Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt with key /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.key for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    Apr 20 13:15:07 debian prosody[433]: certmanager: Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p...
    Apr 20 13:15:07 debian prosody[433]: certmanager: Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt with key /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.key for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
     
  6. fandor9

    fandor9 Well-Known Member

    Joined:
    16 Nov 2018
    Messages:
    406
    Likes Received:
    604
    Reputations:
    19
    У вас с ключом/сертификатом всё нормально.
    А с сервисом попробуйте
    Code:
    daemonize = false;
    в конфигурации.
     
    quite gray and amanat777 like this.
  7. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0

    Да так и прописал! Пишет, какого-то сертификата не хватает! Я уже их повыпиливал и сгенерировал новые через
    prosodyctl cert generate ... Танцы с бубном, снова сделал через openssl как было. Не работает, не могу понять.(((
    Теперь лог таков

    cat /var/log/prosody/prosody.err
    Apr 20 12:24:12 mod_posix error Failed to daemonize: already-daemonized
    Apr 20 13:15:07 mod_posix error Failed to daemonize: already-daemonized
    Apr 20 13:47:23 mod_posix error Failed to daemonize: already-daemonized
    Apr 20 14:13:44 mod_posix error Failed to daemonize: already-daemonized
    Apr 20 14:26:31 mod_posix error Failed to daemonize: already-daemonized
    Apr 20 14:36:05 mod_posix error Failed to daemonize: already-daemonized
    Apr 20 14:40:49 mod_posix error Failed to daemonize: already-daemonized
    Apr 20 14:41:25 mod_posix error Failed to daemonize: already-daemonized
    Apr 20 14:43:55 mod_posix error Failed to daemonize: already-daemonized
    Apr 20 16:04:41 xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p:tls error Error creating context for c2s: No certificate present in SSL/TLS configuration for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    Apr 20 16:04:41 xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p:tls error Error creating contexts for s2sin: No certificate present in SSL/TLS configuration for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    root@debian:~#

    Пишет, нет сертификата.. Как нет, когда вот они все!
    ls -lh /etc/prosody/certs/
    итого 8,0K
    -rw-r----- 1 root prosody 1,3K апр 20 16:13 xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt
    -rw-r----- 1 root prosody 1,7K апр 20 16:12 xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.key
    root@debian:~#

    Вот его статус:

    systemctl status prosody
    ● prosody.service - Prosody XMPP Server
    Loaded: loaded (/lib/systemd/system/prosody.service; enabled; vendor preset: enabled)
    Active: active (running) since Mon 2020-04-20 16:34:58 MSK; 13s ago
    Docs: https://prosody.im/doc
    Main PID: 435 (lua5.2)
    Tasks: 1 (limit: 1971)
    Memory: 6.1M
    CGroup: /system.slice/prosody.service
    └─435 lua5.2 /usr/bin/prosody

    апр 20 16:34:58 debian systemd[1]: Started Prosody XMPP Server.
    апр 20 16:35:01 debian prosody[435]: storagemanager: map storage driver unavailable, using shim on top of keyval store.
     
    #7 amanat777, 20 Apr 2020
    Last edited by a moderator: 28 Apr 2020
  8. fandor9

    fandor9 Well-Known Member

    Joined:
    16 Nov 2018
    Messages:
    406
    Likes Received:
    604
    Reputations:
    19
    ну так он у вас вроде работает)
    А с сертификатами можете попробовать прописать глобальную переменную.
     
    quite gray and amanat777 like this.
  9. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0

    Да все без ошибок вроде, только Пиджином не достучаться туда все ровно, соединение разоравано! Просто беда! :(

    Вот суслог:

    cat /var/log/syslog | grep prosody
    Apr 21 12:55:19 debian prosody[438]: certmanager: Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p...
    Apr 21 12:55:19 debian prosody[438]: certmanager: Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt with key /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.key for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    Apr 21 12:55:19 debian prosody[438]: certmanager: Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p...
    Apr 21 12:55:19 debian prosody[438]: certmanager: Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt with key /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.key for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    Apr 21 12:55:19 debian prosody[438]: certmanager: Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p...
    Apr 21 12:55:19 debian prosody[438]: certmanager: Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt with key /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.key for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p

    По ошибкам ничего...

    i2pd тоже работает нормально.
     
  10. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0

    Вот статус Прасоди после ребута:

    systemctl status prosody
    ● prosody.service - Prosody XMPP Server
    Loaded: loaded (/lib/systemd/system/prosody.service; enabled; vendor preset: enabled)
    Active: active (running) since Tue 2020-04-21 11:46:48 MSK; 33s ago
    Docs: https://prosody.im/doc
    Main PID: 438 (lua5.2)
    Tasks: 1 (limit: 1971)
    Memory: 6.1M
    CGroup: /system.slice/prosody.service
    └─438 lua5.2 /usr/bin/prosody

    апр 21 11:46:48 debian systemd[1]: Started Prosody XMPP Server.
    апр 21 11:46:51 debian prosody[438]: xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p:darknet: mod_darknet ready and loaded
    апр 21 11:46:51 debian prosody[438]: storagemanager: map storage driver unavailable, using shim on top of keyval store.

    Какой-то драйвер недоступен почему-то. Читаю вот, пытаюсь разобраться.

    Гуглил, гуглин, ничего по этой ошибке нет! БЕДА!!!!!!!!!!
     
    #10 amanat777, 21 Apr 2020
    Last edited by a moderator: 28 Apr 2020
  11. fandor9

    fandor9 Well-Known Member

    Joined:
    16 Nov 2018
    Messages:
    406
    Likes Received:
    604
    Reputations:
    19
    Эта не ошибка, фактически создаётся поверху база данных.
     
    quite gray likes this.
  12. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0

    Что нужно делать? Не может быть чтоб не было решения!
     
  13. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0
    Сейчас такой статус показывает:

    systemctl status prosody
    ● prosody.service - Prosody XMPP Server
    Loaded: loaded (/lib/systemd/system/prosody.service; enabled; vendor preset: enabled)
    Active: active (running) since Tue 2020-04-21 16:38:30 MSK; 1h 44min left
    Docs: https://prosody.im/doc
    Main PID: 432 (lua5.2)
    Tasks: 1 (limit: 1971)
    Memory: 5.9M
    CGroup: /system.slice/prosody.service
    └─432 lua5.2 /usr/bin/prosody

    апр 21 16:38:30 debian systemd[1]: Started Prosody XMPP Server.
    апр 21 16:38:33 debian prosody[432]: certmanager: Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ika
    апр 21 16:38:33 debian prosody[432]: certmanager: Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpu
    апр 21 16:38:33 debian prosody[432]: certmanager: Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ika
    апр 21 16:38:33 debian prosody[432]: certmanager: Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpu
    апр 21 16:38:33 debian prosody[432]: certmanager: Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ika
    апр 21 16:38:33 debian prosody[432]: certmanager: Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpu
    lines 1-17/17 (END)

    Вроде все работает, но все ровно НЕВОЗМОЖНО установить соединение с pidgin.
     
  14. fandor9

    fandor9 Well-Known Member

    Joined:
    16 Nov 2018
    Messages:
    406
    Likes Received:
    604
    Reputations:
    19
    Статус говорит что у вас всё нормально. Вы хотя-бы посмотрели, открыл ли сервер нужные порты?
    Code:
    ss -tlpn
    Попробуйте увеличить информацию лога ("debug") и проверить соединение хотя-бы локально. Настройки брандмауера проверяли?
     
    quite gray and amanat777 like this.
  15. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0

    ss -tlpn
    State Recv-Q Send-Q Local Address:port Peer Address:port
    LISTEN 0 128 127.0.0.1:5222 0.0.0.0:* users:(("lua5.2",pid=431,fd=4))
    LISTEN 0 128 127.0.0.1:7656 0.0.0.0:* users:(("i2pd",pid=442,fd=47))
    LISTEN 0 128 127.0.0.1:6668 0.0.0.0:* users:(("i2pd",pid=442,fd=40))
    LISTEN 0 128 0.0.0.0:2223 0.0.0.0:* users:(("sshd",pid=441,fd=3))
    LISTEN 0 128 127.0.0.1:5269 0.0.0.0:* users:(("lua5.2",pid=431,fd=6))
    LISTEN 0 128 0.0.0.0:25750 0.0.0.0:* users:(("i2pd",pid=442,fd=14))
    LISTEN 0 128 127.0.0.1:4444 0.0.0.0:* users:(("i2pd",pid=442,fd=35))
    LISTEN 0 128 127.0.0.1:7070 0.0.0.0:* users:(("i2pd",pid=442,fd=31))
    LISTEN 0 128 127.0.0.1:4447 0.0.0.0:* users:(("i2pd",pid=442,fd=36))
    LISTEN 0 128 [::]:2223 [::]:* users:(("sshd",pid=441,fd=4))
    root@debian:~#


    Попробуйте увеличить информацию лога ("debug")

    Это значит добавить
    log = {
    debug = "/var/log/prosody/prosody.log"; -- Send debug and higher here
    error = "*syslog"; -- Send error and higher to the syslog sink
    }
    в конфиг прасоди??

    Простите что туплю, я еще пока не так много знаю.(

    Вот свежий лог:

    Apr 21 16:01:19 startup info Hello and welcome to Prosody version 0.11.2
    Apr 21 16:01:19 stats debug Statistics disabled
    Apr 21 16:01:20 certmanager debug Searching /etc/prosody/certs for a key and certificate for client_https...
    Apr 21 16:01:20 certmanager debug No certificate/key found for client_https
    Apr 21 16:01:20 startup info Prosody is using the select backend for connection handling
    Apr 21 16:01:20 hostmanager debug Activated host: xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    Apr 21 16:01:20 usermanager debug Host 'xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p' now set to use user provider 'internal_plain'
    Apr 21 16:01:20 portmanager debug No active service for s2s, activating...
    Apr 21 16:01:20 socket debug server.lua: new server listener on '[127.0.0.1]:5269'
    Apr 21 16:01:20 portmanager debug Added listening service s2s to [127.0.0.1]:5269
    Apr 21 16:01:20 portmanager info Activated service 's2s' on [127.0.0.1]:5269
    Apr 21 16:01:20 storagemanager debug map storage driver unavailable, using shim on top of keyval store.
    Apr 21 16:01:20 xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p:darknet debug mod_darknet ready and loaded
    Apr 21 16:01:20 certmanager debug Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p...
    Apr 21 16:01:20 certmanager debug Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt with key /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.key for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    Apr 21 16:01:20 certmanager debug Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p...
    Apr 21 16:01:20 certmanager debug Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt with key /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.key for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    Apr 21 16:01:20 certmanager debug Searching /etc/prosody/certs for a key and certificate for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p...
    Apr 21 16:01:20 certmanager debug Selecting certificate /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt with key /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.key for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    Apr 21 16:01:20 portmanager debug No active service for c2s, activating...
    Apr 21 16:01:20 socket debug server.lua: new server listener on '[127.0.0.1]:5222'
    Apr 21 16:01:20 portmanager debug Added listening service c2s to [127.0.0.1]:5222
    Apr 21 16:01:20 portmanager info Activated service 'c2s' on [127.0.0.1]:5222
    Apr 21 16:01:20 portmanager debug No active service for legacy_ssl, activating...
    Apr 21 16:01:20 portmanager info Activated service 'legacy_ssl' on no ports

    prosodyctl check
    Checking config...

    You have 1 option set under xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p that should be
    in the global section of the config file, above any VirtualHost or Component definitions,
    see https://prosody.im/doc/configure#overview for more information.

    You need to move the following option: legacy_ssl_ssl
    Done.

    Checking DNS for host xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p...
    Host xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p does not seem to resolve to this server (IPv4/IPv6)

    Checking certificates...
    Checking certificate for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    Certificate: /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt
    Not valid for client connections to xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.
    Not valid for server-to-server connections to xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.

    For more information about certificates please see https://prosody.im/doc/certificates

    Problems found, see above.

    Вот это уже интереснее, пишет, на сколько я понял, чтоб комент про ssl надо перенести в глобальный раздел сервера, я так и сделал и вот новый лог:


    root@debian:~# prosodyctl check
    Checking config...
    Done.

    Checking DNS for host Host xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p does not seem to resolve to this server (IPv4/IPv6)...
    Host xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p does not seem to resolve to this server (IPv4/IPv6)

    Checking certificates...
    Checking certificate for xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    Certificate: /etc/prosody/certs/xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.crt
    Not valid for client connections to xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.
    Not valid for server-to-server connections to xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p.

    For more information about certificates please see https://prosody.im/doc/certificates

    Problems found, see above.


    Теперь пишет, что мой хост Host xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p
    не разрешает этот сервер (IPv4 / IPv6)...
    Может дело в настройке iptables?
    Я пока что с iptables не очень дружу.((
     
    #15 amanat777, 21 Apr 2020
    Last edited by a moderator: 28 Apr 2020
  16. fandor9

    fandor9 Well-Known Member

    Joined:
    16 Nov 2018
    Messages:
    406
    Likes Received:
    604
    Reputations:
    19
    ну вот тут видно, что у вас сервис "висит" только на "локальном" сетевом адресе 127.0.0.1, а он должен работать на внешнем сетевом адресе (или же у вас должен быть прокси). На данный момент у нас снаружи открыты 2 порта: 2223 на котором висит SSH и 25750 на котором висит сервис I2P. Насколько я понимаю порт 5222 и 5269 должны быть открыты только внутри I2P-сети. Тоесть у вас где ошибка между сетью i2P и локальным сервером прозоди.

    да
    нет, вам пишет что ваш сервер не известен под именем xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p, но это вполне ожидаемое сообщение, так как прозоди пытаяется узнать IP-адрес по обычному DNS запросу, а так как нет такого домена i2p, то он ничего не находит и выдаёт ошибку.
    может быть, но вряд-ли, скорее в настройке prosody.
     
    quite gray and amanat777 like this.
  17. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0

    СПАСИБО ОГРОМНОЕ, ЧТО ТРАТИТЕ ВРЕМЯ НА МЕНЯ - ДУРАКА! :)

    У меня должен быть только локалхост и прокси i2pd!
    Значит, не выходит подружить i2pd c prosody!

    Вот на всякий вывод iptables

    iptables -L -vv
    Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
    pkts bytes target prot opt in out source destination

    Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
    pkts bytes target prot opt in out source destination

    Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
    pkts bytes target prot opt in out source destination
     
  18. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0
    А может быть в качестве ДНС указать все тот же xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p ???
     
  19. fandor9

    fandor9 Well-Known Member

    Joined:
    16 Nov 2018
    Messages:
    406
    Likes Received:
    604
    Reputations:
    19
    это как ? в качестве DNS сервера? во первых вам надо будет указывать IPv4/IPv6-адрес а не xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p, во вторых надо будет поднять DNS сервер, ну а в третьих даже если поднимете DNS сервер вам это ничего не даст, так как никто другой кроме вас этот адрес знать не будет.
    у вас и так снаружи висит только SSH и прокси i2pd на 25750.
    ну так как везде policy ACCEPT то брандмауер по умолчанию разрешает все соединения, как исходящие так и входящие.
    Мой вам совет, не торопитесь и проверьте
    Code:
    sudo prosodyctl status
    и
    Code:
    telnet 127.0.0.1 5269
    и потом
    Code:
    telnet xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p 5269
     
    quite gray and amanat777 like this.
  20. amanat777

    amanat777 New Member

    Joined:
    19 Mar 2020
    Messages:
    66
    Likes Received:
    2
    Reputations:
    0
    Ну да, чем я туплю.. Не на Дебиане надо его настраивать на прасоди...

    prosodyctl status
    Prosody is running with PID 509
    root@debian:~#
    root@debian:~#
    root@debian:~#
    root@debian:~# telnet 127.0.0.1 5269
    Trying 127.0.0.1...
    Connected to 127.0.0.1.
    Escape character is '^]'.


    ^CConnection closed by foreign host.
    root@debian:~#
    root@debian:~#
    root@debian:~#
    root@debian:~# telnet xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p 5269
    telnet: could not resolve xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p/5269: Name or service not known
    root@debian:~#
    root@debian:~#
    root@debian:~#
    root@debian:~# telnet xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p 5222
    telnet: could not resolve xbrngfnafl5zvhmg4hxjfk5ikaefbbz3rqlc7fcsmbpuzgew6ftq.b32.i2p/5222: Name or service not known


    Вот что я получаю..




    Здравствуйте!

    Вот, покапался .... Пишет Прасоди следующее:

    prosodyctl check
    Checking config...
    Done.

    Checking DNS for host efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p...
    Host efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p does not seem to resolve to this server (IPv4/IPv6)

    Checking certificates...
    Checking certificate for efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p
    Certificate: /etc/prosody/certs/efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p.crt
    Not valid for client connections to efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p.
    Not valid for server-to-server connections to efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p.

    For more information about certificates please see https://prosody.im/doc/certificates

    Problems found, see above.

    Виртуалхост не разрешает этот сервер!

    Как это понять?? Как победить???

    Проблема похоже одна, НЕ ПОЛУЧАЕТСЯ ПОДРУЖИТЬ ПРАСОДИ С ПРОКСИ! :(

    Переработал конфигурацию сервера, сейчас конфиг таков:

    interfaces = { "127.0.0.1" };
    admins = { "admin@efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p" };
    modules_enabled = {
    "roster"; "saslauth"; "tls"; "dialback"; "disco"; "posix"; "private"; "vcard"; "ping"; "register"; "admin_adhoc"; "darknet";
    };
    modules_disabled = {};
    allow_registration = false;
    darknet_only = true;
    c2s_ports = { "5222" };
    c2s_require_encryption = true;
    s2s_ports = { "5269" };
    s2s_secure_auth = false;
    legacy_ssl_ports = { "6666" };
    authentication = "internal_plain";

    -- On Debian/Ubuntu
    daemonize = false;
    pidfile = "/var/run/prosody/prosody.pid";
    log = {
    error = "/var/log/prosody/prosody.err";
    "*syslog";
    }
    certificates = "certs";
    legacy_ssl_ssl = {
    key = "/etc/prosody/certs/efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p.key";
    certificate = "/etc/prosody/certs/efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p.crt";
    }

    VirtualHost "efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p";


    Иначе ssl не мог настроить.
    Теперь, вроде, ошибка одна! Похоже на Прасоди нужно настроить DNS, вот его статус:

    prosodyctl check
    Checking config...
    Done.

    Checking DNS for host efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p...
    No _xmpp-client SRV record found for efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p, but it looks like you need one.
    No _xmpp-server SRV record found for efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p, but it looks like you need one.
    Host efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p does not seem to resolve to this server (IPv4/IPv6)
    No targets for efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p appear to resolve to this server.


    For more information about DNS configuration please see https://prosody.im/doc/dns

    Checking certificates...
    Checking certificate for efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p
    Certificate: /etc/prosody/certs/efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p.crt
    Not valid for client connections to efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p.
    Not valid for server-to-server connections to efbv5v5kre3c5scojsmizp265u3xn2sntdro5yg2upzo6osykbxa.b32.i2p.

    For more information about certificates please see https://prosody.im/doc/certificates

    Problems found, see above.


    Вот нашел документацию по настройке DNS на Прасоди, НО НЕ МУГУ ПОНЯТЬ КАК ЭТО У СЕБЯ НАСТРОИТЬ!
    Где именно эта запись должна быть и как ее прописать????

    _xmpp-client._tcp. example.com . 18000 IN SRV 0 5 5222 xmpp.example.com .
    _xmpp-server._tcp. example.com . 18000 IN SRV 0 5 5269 xmpp.example.com .

    https://translate.googleusercontent...Mg4orT0aJagMIAbPZDQ#port_and_network_settings


    Разобрался! Помогла смена версии! 11.5 и 10.0 не работали с i2p, сменил версию на 0.9 и все взлетело! :)
     
    #20 amanat777, 21 Apr 2020
    Last edited by a moderator: 28 Apr 2020
Loading...