Running XMPP (Metronome) on a domain name different than the main one

Support apps
,
1

My YunoHost server

Hardware: Old laptop or computer
YunoHost version: 11.2.9.1 (stable)
I have access to my server : Through SSH | through the webadmin | direct access via keyboard / screen | … [all of it]
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

I wanted to use a separate domain for XMPP than the main one, but while YunoHost does not report any other issues, I cannot connect to it.

What I did:

  1. turn off XMPP on monolith.wheremymonkeyis.at (I did test before that it did actually work, so yay!)
  2. add campfire.wheremymonkeyis.at domain and enable XMPP there (nothing else is bound to that)
  3. make sure DNS and ports are OK
  4. try to connect to XMPP (fail)

Results from trying to log in:

  • if I try to log in as {user}@campfire.wheremymonkeyis.at and its YunoHost password ↦ Wrong username of password (Dino); Unauthorised (Conversations)
  • if I try to log in as {user}@monolith.wheremymonkeyis.at ↦ Could not connect to monolith.wheremymonkeyis.at (expected, it did work when I was running XMPP on that domain, of course)

Metronome YunoHost logs after trying to log in a few times:

https://paste.yunohost.org/ramederuha

How do I fix this?

2

Some investigations :

  • Is /etc/metronome/conf.d/campfire.wheremymonkeyis.at present and well configured?
  • Could you set the logging level from info to debug in /etc/metronome/metronome.cfg.lua
  • Eventually,
    • try to connect localy and verbosely with xmppc -vvv
    • try to keep both monolith and campfire running in parallel
1 Like
3

There is a /etc/metronome/conf.d/campfire.wheremymonkeyis.at.cfg.lua and at a quick glance it seems to be set up OK. (I have never set up an XMPP server before though)

Will do.

If I run xmppc -vvv on the server itself, I get the following error:

Error loading key file: No such file or directory

Doing so now.

I can log into monolith, but not into campfire.

This are the most recent log files:
https://paste.yunohost.org/ozuxuhuvec

And even later still, this is how it the metronome.log looks like when I try to log into campfire.:

Jan 03 19:57:10 socket  debug   accepted incoming client connection from: 89.142.188.11 44166 to 5222 
Jan 03 19:57:10 c2s5601360348a0 info    Client connected
Jan 03 19:57:10 c2s5601360348a0 debug   Client sent opening <stream:stream> to campfire.wheremymonkeyis.at
Jan 03 19:57:10 c2s5601360348a0 debug   Sent reply <stream:stream> to client
Jan 03 19:57:10 c2s5601360348a0 debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jan 03 19:57:10 socket  debug   try to start ssl at client id: 5601360348a0 
Jan 03 19:57:10 socket  debug   ssl session delayed until writebuffer is empty... 
Jan 03 19:57:10 c2s5601360348a0 debug   TLS negotiation started for c2s_unauthed...
Jan 03 19:57:10 socket  debug   starting ssl handshake after writing 
Jan 03 19:57:10 socket  debug   starting handshake... 
Jan 03 19:57:10 socket  debug   ssl handshake of client with id:table: 0x5601360348a0, attempt:1 
Jan 03 19:57:10 socket  debug   ssl handshake of client with id:table: 0x5601360348a0, attempt:2 
Jan 03 19:57:10 socket  debug   ssl handshake of client with id:table: 0x5601360348a0, attempt:3 
Jan 03 19:57:10 socket  debug   ssl handshake of client with id:table: 0x5601360348a0, attempt:4 
Jan 03 19:57:10 socket  debug   ssl handshake of client with id:table: 0x5601360348a0, attempt:5 
Jan 03 19:57:10 socket  debug   ssl handshake of client with id:table: 0x5601360348a0, attempt:6 
Jan 03 19:57:10 socket  debug   ssl handshake done 
Jan 03 19:57:10 c2s5601360348a0 debug   Client sent opening <stream:stream> to campfire.wheremymonkeyis.at
Jan 03 19:57:10 c2s5601360348a0 debug   Sent reply <stream:stream> to client
Jan 03 19:57:10 c2s5601360348a0 debug   Received </stream:stream>
Jan 03 19:57:10 c2s5601360348a0 info    c2s stream for <89.142.188.11> closed: session closed
Jan 03 19:57:10 c2s5601360348a0 debug   Destroying session for (unknown) ((unknown)@campfire.wheremymonkeyis.at)
Jan 03 19:57:10 socket  debug   try to close client connection with id: 5601360348a0 
Jan 03 19:57:10 socket  debug   closing delayed until writebuffer is empty 
Jan 03 19:57:10 socket  debug   closing client after writing 
Jan 03 19:57:10 socket  debug   closing client with id: 5601360348a0 client to close 
Jan 03 19:57:10 c2s5601360348a0 info    Client disconnected: connection closed
Jan 03 19:57:21 socket  debug   accepted incoming client connection from: 89.142.188.11 32860 to 5222 
Jan 03 19:57:21 c2s560136295fc0 info    Client connected
Jan 03 19:57:21 c2s560136295fc0 debug   Client sent opening <stream:stream> to campfire.wheremymonkeyis.at
Jan 03 19:57:21 c2s560136295fc0 debug   Sent reply <stream:stream> to client
Jan 03 19:57:22 c2s560136295fc0 debug   Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jan 03 19:57:22 socket  debug   try to start ssl at client id: 560136295fc0 
Jan 03 19:57:22 socket  debug   ssl session delayed until writebuffer is empty... 
Jan 03 19:57:22 c2s560136295fc0 debug   TLS negotiation started for c2s_unauthed...
Jan 03 19:57:22 socket  debug   starting ssl handshake after writing 
Jan 03 19:57:22 socket  debug   starting handshake... 
Jan 03 19:57:22 socket  debug   ssl handshake of client with id:table: 0x560136295fc0, attempt:1 
Jan 03 19:57:22 socket  debug   ssl handshake of client with id:table: 0x560136295fc0, attempt:2 
Jan 03 19:57:22 socket  debug   ssl handshake of client with id:table: 0x560136295fc0, attempt:3 
Jan 03 19:57:22 socket  debug   ssl handshake of client with id:table: 0x560136295fc0, attempt:4 
Jan 03 19:57:22 socket  debug   ssl handshake of client with id:table: 0x560136295fc0, attempt:5 
Jan 03 19:57:22 socket  debug   ssl handshake of client with id:table: 0x560136295fc0, attempt:6 
Jan 03 19:57:22 socket  debug   ssl handshake done 
Jan 03 19:57:22 c2s560136295fc0 debug   Client sent opening <stream:stream> to campfire.wheremymonkeyis.at
Jan 03 19:57:22 c2s560136295fc0 debug   Sent reply <stream:stream> to client
Jan 03 19:57:22 c2s560136295fc0 debug   Received[c2s_unauthed]: <auth mechanism='PLAIN' xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
Jan 03 19:57:22 campfire.wheremymonkeyis.at:auth_ldap2  debug   _M.bind - no DN found for username = hook
Jan 03 19:57:22 campfire.wheremymonkeyis.at:saslauth    debug   sasl reply: <failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/><text>Unable to authorize you with the authentication credentials you&apos;ve sent</text></failure>
Jan 03 19:57:22 c2s560136295fc0 debug   Received </stream:stream>
Jan 03 19:57:22 c2s560136295fc0 info    c2s stream for <89.142.188.11> closed: session closed
Jan 03 19:57:22 c2s560136295fc0 debug   Destroying session for (unknown) ((unknown)@campfire.wheremymonkeyis.at)
Jan 03 19:57:22 socket  debug   try to close client connection with id: 560136295fc0 
Jan 03 19:57:22 socket  debug   closing delayed until writebuffer is empty 
Jan 03 19:57:22 socket  debug   closing client after writing 
Jan 03 19:57:22 socket  debug   closing client with id: 560136295fc0 client to close 
Jan 03 19:57:22 c2s560136295fc0 info    Client disconnected: connection closed
Jan 03 19:57:51 c2s56013622d220 debug   Handled incoming stanzas: 580
Jan 03 19:57:51 c2s56013622d220 debug   Received[c2s]: <iq id='101d4260-b545-4ed6-8fcb-fae89244fdfd' type='get' to='monolith.wheremymonkeyis.at'>
Jan 03 19:57:51 c2s56013622d220 debug   Received[c2s]: <r xmlns='urn:xmpp:sm:3'>
Jan 03 19:57:51 c2s56013622d220 debug   Received ack request for 580
4

Error loading key file: No such file or directory

You probably forgot to configure ~/.config/xmppc.conf?

This are the most recent log files:
hastebin

it seems there was an issue with the DNS as your client try to the IP instead of your domain name. But this seems solved according to your last edit.

On your last edit, it seems /etc/metronome/conf.d/campfire.wheremymonkeyis.at is not properly configured (not consistent with the one of monolith

5

Absolutely!

Fixed that now, and I get the following output with the exit code 255:

Unbekannter mode
Connecting hook@campfire.wheremymonkeyis.at ...

The same happens for @monolith too.

YunoHost Diagnosis says DNS is fine. Is there anything specific I should be looking for?

One thing that I am doing though is to workaround hairpin NAT by using the router’s DNS to point back any of the domains on the YunoHost server to the local IP of the server. It may be I have not added campfire. to the router’s DNS yet. But that should only be an issue from within the LAN, right?

I did not touch either.

Running a diff /etc/metronome/conf.d/*.wheremymonkeyis.at the two look identical apart from /s/monolith/campfire/

6

I fixed that too. Same results so far.

Interestingly enough, when I try to check in Gajim Accounts ↦ Discover Services for both servers, they both seem to work.

monolith. shows Metronome as running, with muc., vjud., pubsub. and xmpp-upload. services running; and jabber. as “None”
monolith. shows Metronome as running, with muc., vjud., pubsub. and xmpp-upload. services running; and jabber. as “None”630×736 71.5 KB

campfire. shows Metronome as running, with biboumi., muc., vjud., pubsub. and xmpp-upload. services running; and jabber. as “None”
campfire. shows Metronome as running, with biboumi., muc., vjud., pubsub. and xmpp-upload. services running; and jabber. as “None”630×736 82.9 KB

… could it be that YunoHost simply did not create the accounts for Metronome on campfire.?

This is what happens now when I try to log into campfire. using Gajim:

Jan 06 16:36:05 socket	debug	accepted incoming client connection from: 192.168.88.82 56554 to 5222 
Jan 06 16:36:05 c2s55b8b7fb5540	info	Client connected
Jan 06 16:36:05 c2s55b8b7fb5540	debug	Client sent opening <stream:stream> to campfire.wheremymonkeyis.at
Jan 06 16:36:05 c2s55b8b7fb5540	debug	Sent reply <stream:stream> to client
Jan 06 16:36:05 c2s55b8b7fb5540	debug	Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>
Jan 06 16:36:05 socket	debug	try to start ssl at client id: 55b8b7fb5540 
Jan 06 16:36:05 socket	debug	ssl session delayed until writebuffer is empty... 
Jan 06 16:36:05 c2s55b8b7fb5540	debug	TLS negotiation started for c2s_unauthed...
Jan 06 16:36:05 socket	debug	starting ssl handshake after writing 
Jan 06 16:36:05 socket	debug	starting handshake... 
Jan 06 16:36:05 socket	debug	ssl handshake of client with id:table: 0x55b8b7fb5540, attempt:1 
Jan 06 16:36:05 socket	debug	ssl handshake of client with id:table: 0x55b8b7fb5540, attempt:2 
Jan 06 16:36:05 socket	debug	ssl handshake of client with id:table: 0x55b8b7fb5540, attempt:3 
Jan 06 16:36:05 socket	debug	ssl handshake of client with id:table: 0x55b8b7fb5540, attempt:4 
Jan 06 16:36:05 socket	debug	ssl handshake of client with id:table: 0x55b8b7fb5540, attempt:5 
Jan 06 16:36:05 socket	debug	ssl handshake done 
Jan 06 16:36:05 c2s55b8b7fb5540	debug	Client sent opening <stream:stream> to campfire.wheremymonkeyis.at
Jan 06 16:36:05 c2s55b8b7fb5540	debug	Sent reply <stream:stream> to client
Jan 06 16:36:05 c2s55b8b7fb5540	debug	Received[c2s_unauthed]: <auth mechanism='PLAIN' xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
Jan 06 16:36:05 campfire.wheremymonkeyis.at:auth_ldap2	debug	_M.bind - no DN found for username = hook
Jan 06 16:36:05 campfire.wheremymonkeyis.at:saslauth	debug	sasl reply: <failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/><text>Unable to authorize you with the authentication credentials you&apos;ve sent</text></failure>
Jan 06 16:36:05 c2s55b8b7fb5540	debug	Received[c2s_unauthed]: <abort xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
Jan 06 16:36:05 c2s55b8b7fb5540	debug	Received </stream:stream>
Jan 06 16:36:05 c2s55b8b7fb5540	info	c2s stream for <192.168.88.82> closed: session closed
Jan 06 16:36:05 c2s55b8b7fb5540	debug	Destroying session for (unknown) ((unknown)@campfire.wheremymonkeyis.at)
Jan 06 16:36:05 socket	debug	try to close client connection with id: 55b8b7fb5540 
Jan 06 16:36:05 socket	debug	closing delayed until writebuffer is empty 
Jan 06 16:36:05 socket	debug	closing client after writing 
Jan 06 16:36:05 socket	debug	closing client with id: 55b8b7fb5540 client to close 
Jan 06 16:36:05 c2s55b8b7fb5540	info	Client disconnected: connection closed

I may be wrong, but this part strikes me:

Jan 06 16:36:05 campfire.wheremymonkeyis.at:auth_ldap2	debug	_M.bind - no DN found for username = hook

Could it be related to this?

7

It was! (thanks to Aleks via XMPP for confirming this)

So the solution was in YunoHost WebUI to go to Users ↦ {my_user} ↦ Edit {my_user}’s account and there add an e-mail alias to which JID you actually want to use – in my case this was hook @ campfire.wheremymonkeyis.at

This would need to be done for every user that would want to use that domain as their JID though.

(Honestly, sounds counter-intuitive to me. But at least this is a fix/work-around)

1 Like
8

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.