ejabberd 连接到管理员 "missing server"
ejabberd connecting to admin "missing server"
我正在尝试配置 ejabberd 服务,该服务在面向 public 的服务器后面工作。
后者通过nginx reverse-proxy.
向前者发送https请求
访问 https://xmpp.example.cyou:5443/admin/ 时,我输入了用户 admin 的凭据,但无法登录。
日志显示:
2021-07-27 12:12:12.548 [info] <0.396.0>@ejabberd_listener:accept:273 (<0.23212.0>) Accepted connection 44.44.55.55:57850 -> 192.168.7.5:5443
2021-07-27 12:12:12.592 [warning] <0.23212.0>@ejabberd_web_admin:process2:215 Access of <<"admin">> from <<"44.44.55.55">> failed with error: <<"missing-server">>
ejabberd.yml配置为:
hosts:
- "example.cyou"
captcha_cmd: "/usr/local/bin/captcha.sh"
captcha_url: "http://@HOST@:5280/captcha"
captcha_limit: 5
loglevel: 4
certfiles:
- "/usr/local/etc/ejabberd/certs/example.pem"
- "/usr/local/etc/ejabberd/certs/example.cyou.key"
listen:
-
port: 5222
ip: "192.168.7.5"
module: ejabberd_c2s
max_stanza_size: 262144
shaper: c2s_shaper
access: c2s
tls: true
starttls: true
starttls_required: true
protocol_options:
- "no_sslv2"
- "no_sslv3"
- "no_tlsv1"
- "no_tlsv1_1"
- "no_tlsv1_3"
ciphers: "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
dhfile:
"/usr/local/etc/ejabberd/certs/c2s_dh2048.pem"
-
port: 5269
ip: "192.168.7.5"
module: ejabberd_s2s_in
max_stanza_size: 524288
dhfile:
"/usr/local/etc/ejabberd/certs/s2s_dh2048.pem"
-
port: 5443
ip: "192.168.7.5"
module: ejabberd_http
tls: true
request_handlers:
/admin: ejabberd_web_admin
/api: mod_http_api
/bosh: mod_bosh
/captcha: ejabberd_captcha
/upload: mod_http_upload
/ws: ejabberd_http_ws
-
port: 5280
ip: "192.168.7.5"
module: ejabberd_http
request_handlers:
/admin: ejabberd_web_admin
-
port: 3478
ip: "192.168.7.5"
transport: udp
module: ejabberd_stun
use_turn: true
turn_min_port: 49152
turn_max_port: 65535
turn_ipv4_address: 22.33.44.55
-
port: 1883
ip: "192.168.7.5"
module: mod_mqtt
backlog: 1000
-
port: 5349
transport: tcp
module: ejabberd_stun
use_turn: true
tls: true
turn_min_port: 49152
turn_max_port: 65535
ip: 192.168.7.5
turn_ipv4_address: 22.33.44.55
s2s_use_starttls: optional
acl:
local:
user_regexp: ""
loopback:
ip:
- 127.0.0.0/8
admin:
user:
- "admin@example.cyou"
access_rules:
local:
allow: local
c2s:
deny: blocked
allow: all
announce:
allow: admin
configure:
allow: admin
muc_create:
allow: local
pubsub_createnode:
allow: local
trusted_network:
allow: loopback
api_permissions:
"console commands":
from:
- ejabberd_ctl
who: all
what: "*"
"admin access":
who:
access:
allow:
- acl: loopback
- acl: admin
oauth:
scope: "ejabberd:admin"
access:
allow:
- acl: loopback
- acl: admin
what:
- "*"
- "!stop"
- "!start"
"public commands":
who:
ip: 127.0.0.1/8
what:
- status
- connected_users_number
shaper:
normal:
rate: 3000
burst_size: 20000
fast: 100000
shaper_rules:
max_user_sessions: 10
max_user_offline_messages:
5000: admin
100: all
c2s_shaper:
none: admin
normal: all
s2s_shaper: fast
modules:
mod_adhoc: {}
mod_admin_extra: {}
mod_announce:
access: announce
mod_avatar: {}
mod_blocking: {}
mod_bosh: {}
mod_caps: {}
mod_carboncopy: {}
mod_client_state: {}
mod_configure: {}
mod_disco: {}
mod_fail2ban: {}
mod_http_api: {}
mod_http_upload:
docroot: "/var/spool/ejabberd/upload"
put_url: "https://upload.@HOST@:5443"
max_size: 10000000 #10MB
file_mode: "0644"
dir_mode: "0744"
thumbnail: false
access: local
mod_last: {}
mod_mam:
assume_mam_usage: true
default: always
mod_mqtt: {}
mod_muc:
access:
- allow
access_admin:
- allow: admin
access_create: muc_create
access_persistent: muc_create
access_mam:
- allow
default_room_options:
mam: true
mod_muc_admin: {}
mod_offline:
access_max_user_messages: max_user_offline_messages
mod_ping: {}
mod_privacy: {}
mod_private: {}
mod_proxy65:
access: local
max_connections: 5
mod_pubsub:
access_createnode: pubsub_createnode
plugins:
- flat
- pep
force_node_config:
storage:bookmarks:
access_model: whitelist
mod_push: {}
mod_push_keepalive: {}
mod_register:
ip_access: all
captcha_protected: true
mod_roster:
versioning: true
mod_s2s_dialback: {}
mod_shared_roster: {}
mod_stream_mgmt:
resend_on_timeout: if_offline
mod_stun_disco:
credentials_lifetime: 12h
services:
-
host: 192.168.7.5
port: 3478
type: stun
transport: udp
restricted: false
-
host: 192.168.7.5
port: 3478
type: turn
transport: udp
restricted: true
-
host: example.cyou
port: 5349
type: stuns
transport: tcp
restricted: false
-
host: example.cyou
port: 5349
type: turns
transport: tcp
restricted: true
mod_vcard: {}
mod_vcard_xupdate: {}
mod_version:
show_os: false
怎么了?缺少什么?
I place the credentials for user admin, but cannot log in.
Access of <<"admin">> from <<"44.44.55.55">> failed with error: <<"missing-server">>
您只提供了“admin”作为帐户,这是错误的。
如https://docs.ejabberd.im/admin/guide/managing/#web-admin
所述
You will be asked to enter the username (the full Jabber ID)
and password of an ejabberd user with administrator rights.
因此,您必须提供的登录凭据是:admin@example.cyou 和密码。
我正在尝试配置 ejabberd 服务,该服务在面向 public 的服务器后面工作。 后者通过nginx reverse-proxy.
向前者发送https请求访问 https://xmpp.example.cyou:5443/admin/ 时,我输入了用户 admin 的凭据,但无法登录。
日志显示:
2021-07-27 12:12:12.548 [info] <0.396.0>@ejabberd_listener:accept:273 (<0.23212.0>) Accepted connection 44.44.55.55:57850 -> 192.168.7.5:5443
2021-07-27 12:12:12.592 [warning] <0.23212.0>@ejabberd_web_admin:process2:215 Access of <<"admin">> from <<"44.44.55.55">> failed with error: <<"missing-server">>
ejabberd.yml配置为:
hosts:
- "example.cyou"
captcha_cmd: "/usr/local/bin/captcha.sh"
captcha_url: "http://@HOST@:5280/captcha"
captcha_limit: 5
loglevel: 4
certfiles:
- "/usr/local/etc/ejabberd/certs/example.pem"
- "/usr/local/etc/ejabberd/certs/example.cyou.key"
listen:
-
port: 5222
ip: "192.168.7.5"
module: ejabberd_c2s
max_stanza_size: 262144
shaper: c2s_shaper
access: c2s
tls: true
starttls: true
starttls_required: true
protocol_options:
- "no_sslv2"
- "no_sslv3"
- "no_tlsv1"
- "no_tlsv1_1"
- "no_tlsv1_3"
ciphers: "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
dhfile:
"/usr/local/etc/ejabberd/certs/c2s_dh2048.pem"
-
port: 5269
ip: "192.168.7.5"
module: ejabberd_s2s_in
max_stanza_size: 524288
dhfile:
"/usr/local/etc/ejabberd/certs/s2s_dh2048.pem"
-
port: 5443
ip: "192.168.7.5"
module: ejabberd_http
tls: true
request_handlers:
/admin: ejabberd_web_admin
/api: mod_http_api
/bosh: mod_bosh
/captcha: ejabberd_captcha
/upload: mod_http_upload
/ws: ejabberd_http_ws
-
port: 5280
ip: "192.168.7.5"
module: ejabberd_http
request_handlers:
/admin: ejabberd_web_admin
-
port: 3478
ip: "192.168.7.5"
transport: udp
module: ejabberd_stun
use_turn: true
turn_min_port: 49152
turn_max_port: 65535
turn_ipv4_address: 22.33.44.55
-
port: 1883
ip: "192.168.7.5"
module: mod_mqtt
backlog: 1000
-
port: 5349
transport: tcp
module: ejabberd_stun
use_turn: true
tls: true
turn_min_port: 49152
turn_max_port: 65535
ip: 192.168.7.5
turn_ipv4_address: 22.33.44.55
s2s_use_starttls: optional
acl:
local:
user_regexp: ""
loopback:
ip:
- 127.0.0.0/8
admin:
user:
- "admin@example.cyou"
access_rules:
local:
allow: local
c2s:
deny: blocked
allow: all
announce:
allow: admin
configure:
allow: admin
muc_create:
allow: local
pubsub_createnode:
allow: local
trusted_network:
allow: loopback
api_permissions:
"console commands":
from:
- ejabberd_ctl
who: all
what: "*"
"admin access":
who:
access:
allow:
- acl: loopback
- acl: admin
oauth:
scope: "ejabberd:admin"
access:
allow:
- acl: loopback
- acl: admin
what:
- "*"
- "!stop"
- "!start"
"public commands":
who:
ip: 127.0.0.1/8
what:
- status
- connected_users_number
shaper:
normal:
rate: 3000
burst_size: 20000
fast: 100000
shaper_rules:
max_user_sessions: 10
max_user_offline_messages:
5000: admin
100: all
c2s_shaper:
none: admin
normal: all
s2s_shaper: fast
modules:
mod_adhoc: {}
mod_admin_extra: {}
mod_announce:
access: announce
mod_avatar: {}
mod_blocking: {}
mod_bosh: {}
mod_caps: {}
mod_carboncopy: {}
mod_client_state: {}
mod_configure: {}
mod_disco: {}
mod_fail2ban: {}
mod_http_api: {}
mod_http_upload:
docroot: "/var/spool/ejabberd/upload"
put_url: "https://upload.@HOST@:5443"
max_size: 10000000 #10MB
file_mode: "0644"
dir_mode: "0744"
thumbnail: false
access: local
mod_last: {}
mod_mam:
assume_mam_usage: true
default: always
mod_mqtt: {}
mod_muc:
access:
- allow
access_admin:
- allow: admin
access_create: muc_create
access_persistent: muc_create
access_mam:
- allow
default_room_options:
mam: true
mod_muc_admin: {}
mod_offline:
access_max_user_messages: max_user_offline_messages
mod_ping: {}
mod_privacy: {}
mod_private: {}
mod_proxy65:
access: local
max_connections: 5
mod_pubsub:
access_createnode: pubsub_createnode
plugins:
- flat
- pep
force_node_config:
storage:bookmarks:
access_model: whitelist
mod_push: {}
mod_push_keepalive: {}
mod_register:
ip_access: all
captcha_protected: true
mod_roster:
versioning: true
mod_s2s_dialback: {}
mod_shared_roster: {}
mod_stream_mgmt:
resend_on_timeout: if_offline
mod_stun_disco:
credentials_lifetime: 12h
services:
-
host: 192.168.7.5
port: 3478
type: stun
transport: udp
restricted: false
-
host: 192.168.7.5
port: 3478
type: turn
transport: udp
restricted: true
-
host: example.cyou
port: 5349
type: stuns
transport: tcp
restricted: false
-
host: example.cyou
port: 5349
type: turns
transport: tcp
restricted: true
mod_vcard: {}
mod_vcard_xupdate: {}
mod_version:
show_os: false
怎么了?缺少什么?
I place the credentials for user admin, but cannot log in.
Access of <<"admin">> from <<"44.44.55.55">> failed with error: <<"missing-server">>
您只提供了“admin”作为帐户,这是错误的。
如https://docs.ejabberd.im/admin/guide/managing/#web-admin
所述You will be asked to enter the username (the full Jabber ID)
and password of an ejabberd user with administrator rights.
因此,您必须提供的登录凭据是:admin@example.cyou 和密码。