initial configuration
commit
d342857b19
|
@ -0,0 +1,56 @@
|
||||||
|
= XMPP file-upload not working.
|
||||||
|
|
||||||
|
== Problem
|
||||||
|
|
||||||
|
When I want to upload a photo to a group-chat using Gajim, I can see on the server that a directory is created to receive the image, but the image never gets there.
|
||||||
|
Thus, Gajim reports an empty file (actually a 404 error, according to Nginx).
|
||||||
|
|
||||||
|
== Configuration
|
||||||
|
|
||||||
|
My PC (XMPP client) runs Gajim on Archlinux.
|
||||||
|
The PC has IP 192.168.1.99.
|
||||||
|
|
||||||
|
The server runs Archlinux too.
|
||||||
|
Here is the network setup:
|
||||||
|
|
||||||
|
[ditaa]
|
||||||
|
-------
|
||||||
|
+-----------------------------------------------------------------+
|
||||||
|
| Server |
|
||||||
|
| +-----------+ +----------------+ +-------------------------+ |
|
||||||
|
+----+ | | nftables | | haproxy (tcp) | | nginx : /…/https+.pp | |
|
||||||
|
| PC +->+->+ :443 dnat +->+ :444 tls_plus +->+ ↓ | |
|
||||||
|
+--+-+ | | → :444 OK | | → /…/https+.pp | | /---------------------\ | |
|
||||||
|
| | +-----------+ +----------------+ | | ssowat | | |
|
||||||
|
| | | | "/x…": pass-through | | |
|
||||||
|
| | +---------------+ | \---------------------/ | |
|
||||||
|
| | | prosody | | ↓ | |
|
||||||
|
\--->+->+ :5222 :5280 +<-----------------+ location /xmpp- { … } | |
|
||||||
|
| +---------------+ +-------------------------+ |
|
||||||
|
| |
|
||||||
|
+-----------------------------------------------------------------+
|
||||||
|
-------
|
||||||
|
|
||||||
|
== Versions
|
||||||
|
|
||||||
|
PC::
|
||||||
|
* Archlinux kernel 4.15.11
|
||||||
|
* Gajim 1.0.0
|
||||||
|
* Gajim plugin httpupload 0.4.6
|
||||||
|
|
||||||
|
Server::
|
||||||
|
* Archlinux kernel 4.15.11
|
||||||
|
* nftables 0.8.3
|
||||||
|
* haproxy 1.8.4
|
||||||
|
* nginx 1.13.10
|
||||||
|
* ssowat-git (my fork)
|
||||||
|
* prosody 0.10.0
|
||||||
|
* prosody-mod-auth-external-hg r2944.37ec4c2f319a
|
||||||
|
* prosody-mod-auto-accept-subscriptions-hg r2944.37ec4c2f319a
|
||||||
|
* prosody-mod-csi-hg r2944.37ec4c2f319a
|
||||||
|
* prosody-mod-filter-chatstates-hg r2944.37ec4c2f319a
|
||||||
|
* prosody-mod-http-upload r2944.37ec4c2f319a
|
||||||
|
* prosody-mod-mam-adhoc 0.10.0
|
||||||
|
* prosody-mod-offline-email-hg r2944.37ec4c2f319a
|
||||||
|
* prosody-mod-smacks 2017.08.27
|
||||||
|
* prosody-mod-throttle_presence r2944.37ec4c2f319a
|
|
@ -0,0 +1,36 @@
|
||||||
|
global
|
||||||
|
tune.ssl.default-dh-param 2048
|
||||||
|
ssl-default-bind-ciphers …
|
||||||
|
ssl-default-bind-options …
|
||||||
|
ssl-default-server-ciphers …
|
||||||
|
ssl-default-server-options …
|
||||||
|
log /dev/log local0 info
|
||||||
|
pidfile /run/haproxy.pid
|
||||||
|
daemon
|
||||||
|
|
||||||
|
defaults
|
||||||
|
mode tcp
|
||||||
|
timeout connect 5s
|
||||||
|
timeout client 5m
|
||||||
|
timeout server 5m
|
||||||
|
timeout tunnel 1h
|
||||||
|
timeout client-fin 5s
|
||||||
|
timeout server-fin 5s
|
||||||
|
log global
|
||||||
|
option logasap
|
||||||
|
option log-separate-errors
|
||||||
|
log-format "%ci:%cp [%t] %ft %b[%bi:%bp]/%s %Tw/%Tc/%Tt %B %ts %ac/%fc/%bc/%sc/%rc %sq/%bq"
|
||||||
|
|
||||||
|
frontend tls
|
||||||
|
bind :443 ssl crt /etc/haproxy/tls.pem
|
||||||
|
default_backend https
|
||||||
|
|
||||||
|
backend https
|
||||||
|
server nginx unix@/run/shared_sockets/https.pp send-proxy
|
||||||
|
|
||||||
|
frontend tls_plus
|
||||||
|
bind :444 ssl crt /etc/haproxy/tls.pem
|
||||||
|
default_backend https_plus
|
||||||
|
|
||||||
|
backend https_plus
|
||||||
|
server nginx unix@/run/shared_sockets/https+.pp send-proxy
|
|
@ -0,0 +1,165 @@
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: c2s15782d0: Handled 63 incoming stanzas
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: c2s15782d0: Received[c2s]: <iq id='baadadc6-daa3-4b68-b885-094a1118293a' type='get' to='yalis.fr' from='yves@yalis.fr/Gajim'>
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: c2s15782d0: Given upload slot "O-_77OOdwpLXIh5P/IMG_20180127_094908.jpg"
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: c2s15782d0: #queue = 1
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: c2s15782d0: Queuing <r> (in a moment)
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: c2s15782d0: Received[c2s]: <r xmlns='urn:xmpp:sm:3'>
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: yalis.fr:smacks: Received ack request, acking for 63
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: c2s15782d0: Sending <r> (inside timer, before send)
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: c2s15782d0: Sending <r> (inside timer, after send)
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: c2s15782d0: Received[c2s]: <a xmlns='urn:xmpp:sm:3' h='83'>
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: c2s15782d0: #queue = 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: epoll: fd:8 ev:0001 d:00007FDEB23F31F0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: accept on unix:/run/shared_sockets/https+.pp, ready: 0
|
||||||
|
mars 25 16:59:13 seuil3 haproxy[78]: 192.168.1.99:58576 [25/Mar/2018:16:59:13.458] tls_plus~ https_plus[unix:0]/nginx 61/1/+61 +0 -- 8/3/3/3/0 0/0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: posix_memalign: 0000559D717FB940:512 @16
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 accept: unix: fd:23
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 event timer add: 23: 60000:102301826
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 reusable connection: 1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 epoll add event: fd:23 op:1 ev:80002001
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: timer delta: 205
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: worker cycle
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: epoll timer: 23235
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: epoll: fd:23 ev:0001 d:00007FDEB23F35B0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 posix_memalign: 0000559D71A67000:4096 @16
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http process request header line
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: shmtx lock
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: shmtx unlock
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 post access phase: 13
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 generic phase: 14
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 generic phase: 15
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http request body content length filter
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 malloc: 0000559D71809030:8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http read client request body
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http request count:2 blk:0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 temp fd:25
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [warn] 1898#1898: *34 a client request body is buffered to a temporary file /var/lib/nginx/client-body/0000000001, client: 192.168.1.99, server: , request: "PUT /xmpp-upload/O-_77OOdwpLXIh5P/IMG_20180127_094908.jpg HTTP/1.1", host: "yalis.fr"
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 write: 25, 0000559D71809030, 8192, 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http client request body recv 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http write client request body, bufs 0000559D719FAD28
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 write: 25, 0000559D71809030, 8192, 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http client request body recv 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 write: 25, 0000559D71809030, 8192, 24576
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http write client request body, bufs 0000559D719FAD28
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 write: 25, 0000559D71809030, 8192, 57344
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http write client request body, bufs 0000559D719FAD28
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 write: 25, 0000559D71809030, 8192, 147456
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http client request body recv 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http client request body recv 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http write client request body, bufs 0000559D719FAD28
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 write: 25, 0000559D71809030, 8192, 548864
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http client request body recv 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http write client request body, bufs 0000559D719FAD28
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 write: 25, 0000559D71809030, 8192, 557056
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http client request body recv 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http client request body recv 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http write client request body, bufs 0000559D719FAD28
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 write: 25, 0000559D71809030, 8192, 614400
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http client request body recv 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http write client request body, bufs 0000559D719FAD28
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 write: 25, 0000559D71809030, 8192, 622592
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 write: 25, 0000559D71809030, 8192, 671744
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 8192 of 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http client request body recv 8192
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 8192 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http write client request body, bufs 0000559D719FAD28
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 write: 25, 0000559D71809030, 8192, 679936
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:0, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 7284 of 7284
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http client request body recv 7284
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http body new buf t:1 f:0 0000559D71809030, pos 0000559D71809030, size: 7284 file: 0, size: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 epoll add connection: fd:26 ev:80002005
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 connect to 127.0.0.1:5280, fd:26 #35
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http upstream connect: -2
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 posix_memalign: 0000559D719D07E0:128 @16
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 event timer add: 26: 60000:102301829
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 sendfile: 695412 of 695412 @0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 chain writer out: 0000000000000000
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 event timer del: 26: 102301829
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 event timer add: 26: 60000:102301877
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: timer delta: 48
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: worker cycle
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: socket: accepted incoming client connection from: 127.0.0.1 45972 to 5280
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: http.server: Firing event: PUT yalis.fr/xmpp-upload/O-_77OOdwpLXIh5P/IMG_20180127_094908.jpg
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: socket: try to close client connection with id: 1111f80
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: socket: closing delayed until writebuffer is empty
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: socket: closing client after writing
|
||||||
|
mars 25 16:59:13 seuil3 prosody[68]: socket: closing client with id: 1111f80 client to close
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: epoll: fd:26 ev:2005 d:00007FDEB23F3880
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http upstream request: "/xmpp-upload/O-_77OOdwpLXIh5P/IMG_20180127_094908.jpg?"
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http upstream process header
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 malloc: 0000559D719F3C40:4096
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:1, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:26 470 of 4096
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http proxy status 404 "404 Not Found"
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http proxy header: "Connection: close"
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http proxy header: "Content-Length: 367"
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http proxy header: "Date: Sun, 25 Mar 2018 14:59:13 GMT"
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http proxy header done
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 add cleanup: 0000559D71A15288
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: [310B blob data]
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http write filter: l:0 f:0 s:271
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http proxy filter init s:404 h:0 c:0 l:367
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http upstream process non buffered downstream
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http output filter "/xmpp-upload/O-_77OOdwpLXIh5P/IMG_20180127_094908.jpg?"
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http copy filter: "/xmpp-upload/O-_77OOdwpLXIh5P/IMG_20180127_094908.jpg?"
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http write filter: l:0 f:1 s:638
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http output filter "/xmpp-upload/O-_77OOdwpLXIh5P/IMG_20180127_094908.jpg?"
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http lingering close handler
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: epoll: fd:23 ev:2015 d:00007FDEB23F35B0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: epoll_wait() error on fd:23 ev:2015
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http lingering close handler
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: eof:1, avail:1
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 recv: fd:23 0 of 4096
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 lingering read: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http request count:1 blk:0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http close request
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 http log handler
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 run cleanup: 0000559D71A15288
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 run cleanup: 0000559D71A67F90
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 free: 0000559D719F3C40
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 free: 0000559D71A67000, unused: 0
|
||||||
|
mars 25 16:59:13 seuil3 nginx[1898]: 2018/03/25 16:59:13 [debug] 1898#1898: *34 free: 0000559D717FB940, unused: 16
|
||||||
|
mars 25 16:59:14 seuil3 nginx[1898]: 2018/03/25 16:59:14 [debug] 1898#1898: epoll: fd:22 ev:0005 d:00007FDEB23F36A1
|
|
@ -0,0 +1,64 @@
|
||||||
|
#!/usr/bin/env nft -f
|
||||||
|
flush ruleset
|
||||||
|
|
||||||
|
table ip Inet4 {
|
||||||
|
chain NAT_in {
|
||||||
|
type nat hook prerouting priority -100
|
||||||
|
|
||||||
|
# Trusted hosts
|
||||||
|
tcp dport 443 ip saddr 192.168.1.96/29 redirect to 444
|
||||||
|
}
|
||||||
|
chain NAT_out {
|
||||||
|
type nat hook postrouting priority 100
|
||||||
|
ct status dnat masquerade
|
||||||
|
}
|
||||||
|
|
||||||
|
chain FilterIn {
|
||||||
|
type filter hook input priority 0
|
||||||
|
policy drop
|
||||||
|
|
||||||
|
# allow established/related connections
|
||||||
|
ct state {established, related} accept
|
||||||
|
|
||||||
|
# early drop of invalid connections
|
||||||
|
ct state invalid drop
|
||||||
|
|
||||||
|
# allow from loopback
|
||||||
|
meta iif lo accept
|
||||||
|
|
||||||
|
# allow icmp
|
||||||
|
ip protocol icmp accept
|
||||||
|
|
||||||
|
# trusted https
|
||||||
|
ct status dnat accept
|
||||||
|
|
||||||
|
# https
|
||||||
|
tcp dport 443 accept
|
||||||
|
|
||||||
|
# xmpp client
|
||||||
|
tcp dport 5222 accept
|
||||||
|
|
||||||
|
# xmpp server
|
||||||
|
tcp dport 5269 accept
|
||||||
|
|
||||||
|
# xmpp components
|
||||||
|
tcp dport 5347 accept
|
||||||
|
}
|
||||||
|
|
||||||
|
chain FilterOut {
|
||||||
|
type filter hook output priority 0
|
||||||
|
policy drop
|
||||||
|
|
||||||
|
ct state {established, related} accept
|
||||||
|
meta oif lo accept
|
||||||
|
|
||||||
|
# DNS
|
||||||
|
ip daddr 80.67.169.12 accept
|
||||||
|
ip daddr 80.67.169.40 accept
|
||||||
|
ip daddr 87.98.175.85 accept
|
||||||
|
ip daddr 5.135.183.146 accept
|
||||||
|
ip daddr 8.8.8.8 accept
|
||||||
|
|
||||||
|
meta skuid prosody accept
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,71 @@
|
||||||
|
load_module /usr/lib/nginx/modules/ndk_http_module.so;
|
||||||
|
load_module /usr/lib/nginx/modules/ngx_http_lua_module.so;
|
||||||
|
|
||||||
|
worker_processes auto;
|
||||||
|
error_log syslog:server=unix:/dev/log,nohostname debug;
|
||||||
|
|
||||||
|
events {
|
||||||
|
worker_connections 1024;
|
||||||
|
}
|
||||||
|
|
||||||
|
http {
|
||||||
|
include mime.types;
|
||||||
|
default_type application/octet-stream;
|
||||||
|
sendfile on;
|
||||||
|
keepalive_timeout 65;
|
||||||
|
|
||||||
|
# SSO
|
||||||
|
lua_shared_dict cache 10m;
|
||||||
|
init_by_lua_file /etc/ssowat/init.lua;
|
||||||
|
|
||||||
|
# Global configuration
|
||||||
|
client_max_body_size 10000M;
|
||||||
|
gzip on;
|
||||||
|
gzip_comp_level 6;
|
||||||
|
gzip_proxied any;
|
||||||
|
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/javascript text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy text/xml;
|
||||||
|
index index.php index.html;
|
||||||
|
log_format proxy_log '…';
|
||||||
|
reset_timedout_connection on;
|
||||||
|
server_tokens off;
|
||||||
|
root /srv/http;
|
||||||
|
|
||||||
|
# server for regular HTTPS contents
|
||||||
|
server {
|
||||||
|
listen unix:/run/shared_sockets/https.pp proxy_protocol;
|
||||||
|
…
|
||||||
|
}
|
||||||
|
|
||||||
|
# server for privileged HTTPS contents
|
||||||
|
server {
|
||||||
|
listen unix:/run/shared_sockets/https+.pp proxy_protocol;
|
||||||
|
access_log /var/log/nginx/https_access.log proxy_log;
|
||||||
|
set_real_ip_from unix:;
|
||||||
|
real_ip_header proxy_protocol;
|
||||||
|
|
||||||
|
access_by_lua_file /etc/ssowat/access.lua;
|
||||||
|
header_filter_by_lua_file /etc/ssowat/headers.lua;
|
||||||
|
|
||||||
|
…
|
||||||
|
|
||||||
|
location /xmpp- {
|
||||||
|
proxy_pass http://localhost:5280;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_buffering off;
|
||||||
|
tcp_nodelay on;
|
||||||
|
}
|
||||||
|
location /xmpp-websocket {
|
||||||
|
proxy_pass http://localhost:5280;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection "upgrade";
|
||||||
|
proxy_read_timeout 30m;
|
||||||
|
proxy_buffering off;
|
||||||
|
tcp_nodelay on;
|
||||||
|
}
|
||||||
|
|
||||||
|
…
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,121 @@
|
||||||
|
daemonize = true
|
||||||
|
pidfile = "/run/prosody/prosody.pid"
|
||||||
|
admins = { … }
|
||||||
|
use_libevent = true;
|
||||||
|
|
||||||
|
modules_enabled = {
|
||||||
|
|
||||||
|
-- Additional modules
|
||||||
|
"auto_accept_subscriptions"; -- friends automatically accepted
|
||||||
|
"csi"; -- filter activity depending on mobile state
|
||||||
|
"filter_chatstates"; -- csi: filter chat states when inactive
|
||||||
|
"http_upload"; -- share files in MUCs
|
||||||
|
"lastactivity"; -- query users’ idle time
|
||||||
|
"mam_adhoc"; -- manage mam from the client
|
||||||
|
"offline_email"; -- get missed messages by email
|
||||||
|
"pubsub"; -- publish-suscribe / lien social
|
||||||
|
"smacks"; -- ignore temporary disconnects
|
||||||
|
"throttle_presence"; -- csi: limit presence updates when inactive
|
||||||
|
|
||||||
|
-- Generally required
|
||||||
|
"roster";
|
||||||
|
"saslauth";
|
||||||
|
"tls";
|
||||||
|
"dialback";
|
||||||
|
"disco";
|
||||||
|
|
||||||
|
-- Not essential, but recommended
|
||||||
|
"carbons";
|
||||||
|
"pep";
|
||||||
|
"private";
|
||||||
|
"blocklist";
|
||||||
|
"vcard";
|
||||||
|
|
||||||
|
-- Nice to have
|
||||||
|
"version";
|
||||||
|
"uptime";
|
||||||
|
"time";
|
||||||
|
"ping";
|
||||||
|
"register";
|
||||||
|
"mam";
|
||||||
|
|
||||||
|
-- Admin interfaces
|
||||||
|
"admin_adhoc";
|
||||||
|
|
||||||
|
-- HTTP modules
|
||||||
|
"bosh";
|
||||||
|
"websocket";
|
||||||
|
"http_files";
|
||||||
|
"groups";
|
||||||
|
}
|
||||||
|
|
||||||
|
modules_disabled = {
|
||||||
|
}
|
||||||
|
|
||||||
|
allow_registration = false
|
||||||
|
c2s_require_encryption = true
|
||||||
|
s2s_require_encryption = true
|
||||||
|
s2s_secure_auth = false
|
||||||
|
authentication = "external"
|
||||||
|
storage = "sql"
|
||||||
|
sql = { … }
|
||||||
|
archive_expires_after = "1w" -- Remove archived messages after 1 week
|
||||||
|
|
||||||
|
log = {
|
||||||
|
"*syslog"; -- Uncomment this for logging to syslog
|
||||||
|
}
|
||||||
|
|
||||||
|
certificates = "certs"
|
||||||
|
|
||||||
|
-- configure bash authentication
|
||||||
|
external_auth_command = "/etc/prosody/external_auth.sh"
|
||||||
|
|
||||||
|
-- hide OS type from mod_version output
|
||||||
|
hide_os_type = true
|
||||||
|
|
||||||
|
-- limit registration
|
||||||
|
allow_registration = true
|
||||||
|
whitelist_registration_only = true
|
||||||
|
registration_whitelist = { '127.0.0.1' }
|
||||||
|
|
||||||
|
-- configure HTTP
|
||||||
|
http_files_dir = "/var/lib/prosody/httpd"
|
||||||
|
http_paths = {
|
||||||
|
websocket = "/xmpp-websocket";
|
||||||
|
bosh = "/xmpp-bind";
|
||||||
|
files = "/xmpp-shared";
|
||||||
|
}
|
||||||
|
http_default_host = "yalis.fr"
|
||||||
|
http_external_url = "https://yalis.fr/xmpp-"
|
||||||
|
|
||||||
|
-- configure uploads
|
||||||
|
http_upload_file_size_limit = 5 * 1024 * 1024 -- 5MB in bytes
|
||||||
|
|
||||||
|
-- configure websockets (ws:localhost:5280/websocket)
|
||||||
|
cross_domain_websocket = true
|
||||||
|
consider_websocket_secure = true
|
||||||
|
|
||||||
|
-- configure BOSH (http://localhost:5280/bind)
|
||||||
|
cross_domain_bosh = true
|
||||||
|
consider_bosh_secure = true
|
||||||
|
|
||||||
|
-- configure MAM
|
||||||
|
default_archive_policy = "roster"
|
||||||
|
archive_expires_after = "1m"
|
||||||
|
archive_cleanup_interval = 24 * 60 * 60 -- once a day
|
||||||
|
muc_log_by_default = true
|
||||||
|
max_history_messages = 500
|
||||||
|
|
||||||
|
-- configure email sending
|
||||||
|
smtp_from = "xmpp-offline-do-not-reply@yalis.fr"
|
||||||
|
|
||||||
|
-- setup the virtual host
|
||||||
|
VirtualHost "yalis.fr"
|
||||||
|
|
||||||
|
-- declare publish-suscribe
|
||||||
|
Component "jabps.yalis.fr" "pubsub"
|
||||||
|
|
||||||
|
-- declare Multi-User Chat
|
||||||
|
Component "www.yalis.fr" "muc"
|
||||||
|
|
||||||
|
VirtualHost "localhost"
|
|
@ -0,0 +1,10 @@
|
||||||
|
{
|
||||||
|
"portal_scheme": "https",
|
||||||
|
"portal_domain": "yalis.fr",
|
||||||
|
…
|
||||||
|
"skipped_regex": [
|
||||||
|
"^/x",
|
||||||
|
…
|
||||||
|
],
|
||||||
|
…
|
||||||
|
}
|
Loading…
Reference in New Issue