Loading...
 

History: How to install Openfire Meetings on ClearOS

Preview of version: 107

How to install Openfire Meetings on ClearOS


Openfire 4.x and ClearOS 7.1

Todo

  • Secure by default. Remove all http and force https

Background

ClearOS is an operating system for your Server, Network, and Gateway systems. It is designed for homes, small to medium businesses, and distributed environments. ClearOS is commonly known as the Next Generation Small Business Server, while including indispensable Gateway and Networking functionality. It delivers a powerful IT solution with an elegant user interface that is completely web-based. Simply put.. ClearOS is the new way of delivering IT. Source: https://www.clearos.com/

Openfire is a real time collaboration (RTC) server licensed under the Open Source Apache License. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is incredibly easy to setup and administer, but offers rock-solid security and performance. Source: http://www.igniterealtime.org/projects/openfire/index.jsp

Openfire Meetings is an Openfire plugin that uses WebRTC and the Jitsi Videobridge to provide high quality, scalable video conferences for your Openfire users.You will also need the Openfire Meetings Chrome extension for screen sharing, co-browsing and application sharing. Source: https://www.igniterealtime.org/projects/openfire/plugins/ofmeet/readme.html

The Openfire Fastpath Plugin adds support for managed queued chat requests, such as a support team might use. For example, a web based "Live Support" interface can point a potential customer at a workgroup representing the Sales team. Members of that workgroup will receive notification that a someone is waiting and when someone from that workgroup accepts, the customer and the team member will be connected to communicate with each other.

Assumptions

  • This guide assumes your ClearOS server will be the main server for your domain. Thus, your website (powered by Tiki) will be on the same server. E-mails could also be handled (with Roundcube on ClearOS) but are also easily handled by your domain name provider.

Information

To Install Openfire on ClearOS within the WikiSuite environment follow the next steps.

1.- Install a fresh ClearOS Server, be sure to run the latest Software updates to the core system

2.- Make sure the clearos-epel repository is enabled

3- Include in the installation of:

a. The Web Server
b. and the Directory Server(Open LDAP)

A

Configure domain name

In ClearOS, your domain name is set at https://example.org:81/app/network

You may need to add an A record of your *. FQDN or your *.domain in your DNS; this depends on your topology. DNS is typically offered with your domain name registrar. (Optional)

See ClearOS docs:

Please note that Openfire is not multi-tenant. So it is designed to handle just one domain name. Ref: OF-162


Configure Firewall

ClearOS's Firewall should configured to block all ports, and open the following:

  • 22 : SSH
  • 25: SMTP: For emails for Openfire Meeting Planner
  • 80 : HTTP
  • 81 : Webconfig
  • 143 IMAP: For emails for Openfire Meeting Planner
  • 443 : HTTPS
  • 587 SMTP: For emails for Openfire Meeting Planner if you use Gmail
  • 993 IMAPS: For emails for Openfire Meeting Planner
  • 7070 : Used by Openfire http
  • 7443 : Used by Openfire https
  • 7777 : Used by Openfire
  • 5222 : Used by Openfire
  • 5223 : Used by Openfire (SSL)
  • 5229 : Used by Openfire
  • 5349 : Used by Openfire
  • 8843 : Woot realtime collaborative editing
  • 9091 : Openfire administration https
  • 9090 : Openfire administration http


@Dele & Guus: Others? What about Media Configuration 5000-6000?

For server to server communication

  • 5269 : Used by Openfire

Configure OpenLDAP


1.-Initialize your OpenLDAP service through the Webconfig-Open LDAP Directory Server Module (https://yourserver.wikisuite.org:81/app/openldap_directory).

File not found.


2.-On the Directory Server Settings page set the server mode and Base Domain (https://yourserver.wikisuite.org:81/app/openldap_directory/settings/edit)

File not found.


3.-On the Directory Server Policies page set the Publish Policy and Accounts access according to your requirements (https://yourserver.wikisuite.org:81/app/openldap_directory/policies/edit)

File not found.


4.-Don't forget to create one or two users as they will be use in the Openfire configuration phase. Use: (https://yourserver.wikisuite.org:81/app/users/add)

F

Install Openfire


1.-Login to your ClearOS via SSH using root

2.-Install the Openfire RPM

Type:

rpm -ivh http://www.igniterealtime.org/downloadServlet?filename=openfire/openfire-4.0.1-1.i386.rpm


G

For Openfire to work on ClearOS 64-bit the 32-bit zlib library is required.
Source: https://community.igniterealtime.org/thread/43673

Type:

yum install zlib.i686


H

And type "y" when requested.

I

3.- Start the Openfire service:

Type:

/etc/init.d/openfire start

And check the status

/etc/init.d/openfire status


J

Configure Openfire


Use a web browser to connect to the admin console. The default port for the web-based Initial setup admin console is 9090. Initial setup and administration can be done from a remote computer using LAN IP address instead or hostname if it is resolvable by the remote computer. i.e. (http://yourserver.wikisuite.org:9090). Source: http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/install-guide.html

1.-The first screen will request you to choose your preferred language and press continue.

K

2.-For the second screen, Type your host domain and press continue. The Default Admin Console Port is 9090 and the Secure Admin Console Port is 9091.

L

3.-Select to use the "Embedded Database" and press continue.

M

4.-Choose "Directory Server (LDAP)" as the user and group system to use with the server and press continue.

N

5.-Configure the connection settings for your LDAP directory and press "Test Settings". (Connections settings such as password can be obtained from OpenLDAP Directory Setup (https://yourserver.wikisuite.org:81/app/openldap_directory)

O

6.-Once the test has been successful press "Save and Continue"

P

7.-Configure how the server finds and loads users from your LDAP directory and press "Test Settings"

Q1

8.-Once the test has been successful press "Save and Continue"

Q

9.-Configure how the server finds and loads groups from your LDAP directory and press "Test Settings". Don't forget to check Store avatar in database if not provided by LDAP

R1
Store Avatar In Database

11.-Once the test has been successful press "Save and Continue"

R2

12.-Choose one or more users from your LDAP directory to be administrators by entering their usernames. Press "Save and Continue"

S1

13.- You Can test the user settings by clicking on the "Test" icon.

S2

14.- Once the test has been successful press "Continue"

S3

15.-Setup is complete! Click on "Login to Admin Console"

T1

16.-Log in to the Admin Console.

T2

T3

17.- You should restart openfire throug your secure shell console.

Type:

service openfire restart


V

18.- Now you can login to your Admin Console through the Secure port at (https://yourserver.wikisuite.org:9091)

V1

Install Openfire Meetings Plugin


1.- Login to your Openfire Admin Console with a administrator user.

2.- Click on the Plugins Tab to manage Plugins

W

3.- Click on the available plugins link and scroll down to find the Openfire Meetings plugin

X

4.- Click on then ¨+¨ to add the plugin to the Openfire server

X1

Source: http://www.igniterealtime.org/projects/openfire/plugins/ofmeet/readme.html

Install Openfire Fastpath plugin


1.- Go to the Openfire plugins administration console (https://yourserver.wikisuite.org:9091/plugin-admin.jsp)

Aa1

2.- Click on the "Available plugins" tab and look for the Fastpath plugin. Click on the "+" sign to install.

Aa2

3.- Once the plugin has been successfully installed, you can proceed to configure in its own console.

Aa3

4.- Refresh the Openfire console and the Fastpath tab should be available, click on it to configure Workgroups (https://yourserver.wikisuite.org:9091/plugins/fastpath/workgroup-summary.jsp)

Aa4

Notes:

  • You can find a Quick start guide here:https://community.igniterealtime.org/docs/DOC-1513

  • The snippet is provided on the Openfire Admin Console (Fastpath -> Workgroup Manager -> Workgroup Settings -> Text)


Configure email

Going to https://yourserver.demo.wikisuite.org/webmail to access to Roundcube, then login with your username and password.
Login To Roundcube

In ClearOS

You can to set the options about to sending the emails

https://example.org:81/app/smtp
ClearOS   SMTP

You can to set the options about to getting the emails

https://example.org:81/app/imap
ClearOS   IMAP

In Openfire

Edit the email setting in a server manager tab like on an image:
https://example.org:9091/system-email.jsp
Openfire Email Settings
Edit the email listener in a Meeting tab like on an image:
https://example.org:9091/plugins/ofmeet/ofmeet-email-listener.jsp
Openfire Email Listener Setup

Adding admins



1.-There is no ClearOS group for the Openfire admins. Instead: Server -> Server Manager -> System Properties -> admin.authorizedJIDs

Edit server properties (https://yourserver.wikisuite.org:9091/server-properties.jsp)

Y1

2.- Find the admin.authorizedJIDs property, edit it and add comma separated full JIDs. In our specific case user at example.org. "Click on Save Property"

Y2

3.- Openfire needs a restart, Login to your ClearOS via SSH using root and type:

service openfire restart

Configure SSL


As of Openfire 3.2 certificate management can be performed from the Admin Console. (And in 4.0, code has been revamped)

Once the setup process is completed Openfire will create self-signed certificates for the assigned Openfire's domain. Most users should either get the created certificates signed by a Certificate Authority or replace the created certificates with your own certificates. Source: http://www.igniterealtime.com/builds/openfire/docs/latest/documentation/ssl-guide.html


Z1

  • Manage the existing certificates in the Openfire Identity Certificate Store


Z2

  • Import Private Key and Certificate


Z3

As ClearOS also manages SSL certificates, they can co-exist independently as their storage files are different and independent. i.e. Openfire generated certificates will only be used within open fire applications.

Avoiding non-standard ports

In some contexts, (corporate environments, captive portals in Internet cafes, etc.), some ports can be blocked. Thus, if you want to get rid of port number, you can put the following apache configuration (Apache 2.4+ so you need ClearOS 7.x):

ProxyPass /ofmeet/ http://localhost:7070/ofmeet/
ProxyPassReverse /ofmeet/ http://localhost:7070/ofmeet/
ProxyPass /ofmeetws/ wss://localhost:7070/ofmeetws/
ProxyPassReverse /ofmeetws/ wss://localhost:7070/ofmeetws/

Team room

@Luis and @Charles: please document how to make a room called "team" for all team members, accessible via XMPP or WebRTC or CandyChat

For create a private room:

Go on "Group Chat" tab.
Openfire Create Groupchat

Then going to "create new room" on left menu.
Openfire Create New Room

Then fill out the appropriate fields (Minimum Room ID, Room Name and Description). Finish with click on save changes button.

For use the private room

  • Web access with CandyChat

Go on https://yourserver.wikisuite.org:7443/ofmeet/candy.html
then login with your account access.

  • WebRTC access

With

  • XMPP client access

with Spark in a login session, click on "Action" tab then a "joint a chatroom" option. In a new pop up, double-click in a list on a right chatroom.
with Jitsi in a login session, click on "File" tab then a "joint a chatroom" option. In a new pop up, select a right account and write a chatroom name.


STUN / TURN server

  • Todo later Marc: discuss with Dele (What / How to install and what ports to open)

Advanced configuration



alias

History

Advanced
Information Version
Marc Laporte 135
View
Marc Laporte re-order 134
View
Marc Laporte Syncthing port has not place on page about Openfire 133
View
luis.lucio 132
View
luis.lucio 131
View
Marc Laporte 130
View
luis.lucio 129
View
Marc Laporte 128
View
Marc Laporte 127
View
Marc Laporte 126
View
Marc Laporte 125
View
Marc Laporte typo 124
View
Marc Laporte 123
View
Marc Laporte 122
View
Marc Laporte 121
View
Marc Laporte 120
View
Marc Laporte 119
View
Marc Laporte Done 118
View
Marc Laporte 117
View
Marc Laporte Seems necessary 116
View
Marc Laporte 115
View
Marc Laporte 114
View
charles.robert 113
View
charles.robert 112
View
charles.robert Image Plugin modified by editor. 111
View
charles.robert 110
View
charles.robert 109
View
charles.robert 108
View
charles.robert 107
View
Marc Laporte 106
View
Marc Laporte 105
View
Marc Laporte 104
View
Marc Laporte The others could be a risk 103
View
Marc Laporte 102
View
Marc Laporte 101
View
Marc Laporte 100
View
Marc Laporte 99
View
Marc Laporte 98
View
charles.robert 97
View
charles.robert 96
View
charles.robert 95
View
charles.robert 94
View
charles.robert 93
View
charles.robert 92
View
charles.robert 91
View
charles.robert 90
View
charles.robert 89
View
charles.robert 88
View
charles.robert 87
View
charles.robert 86
View