added es translation and styling changes

raw/configuring_an_xmpp_server_prosody_0.10.md

@@ -4,15 +4,10 @@ Category: xmpp
 Tags: xmpp, chat, guide, instant messaging, prosody
 Slug: configuring-a-modern-xmpp-server
 Description: Hands-on step-by-step guide that shows how to configure Prosody 0.10 for security, mobile messaging and ease of use.
-status: draft
+status: Published
 
 [TOC]
 
-<!-- Attention
----
-This article describes how to set up Prosody 0.10 and kept online only for archival reasons! You are probably looking for the following article <https://homebrewserver.club/configuring-a-modern-xmpp-server.html>
- -->
-
 
 This is a guide to set up a modern XMPP server focused on security and mobile messaging. The whole guide assumes Debian stable running on the server, the fact that you will end up hosting a few of your friends and that you have some basic skills working on a linux command line.
 
@@ -170,8 +165,7 @@ The homebrewserver.club prosody config:
 	                -- However we leave it commented out as it is another example of vertically integrated cloud platforms at odds with federation, with all the meta-data-based surveillance consequences that that might have. 
 	                "omemo_all_access"; -- Allow for OMEMO E2E between contacts that haven't added each other
 	                "pep_vcard_avatar"; -- use XEP-0153: vCard-Based Avatars to see the avatars of clients that use XEP-0084: User Avatar and vice versa.
-
-	};
+                };
 
     allow_registration = false; -- Enable to allow people to register accounts on your server from their clients, for more information see http://prosody.im/doc/creating_accounts
 
@@ -247,4 +241,5 @@ This guide is a companion to our article [Have You Considered The Alternative?](
 
 **edit 9th of january 2018**
 updated config for new debian stable and prosody 0.10
+
 Previous articles descibed how to set up [Prosody 0.9](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server-0.9.html)

raw/configuring_an_xmpp_server_prosody_0.11.md

@@ -8,15 +8,22 @@ Status: draft
 
 [TOC]
 
+Introduction
+---
+
 This is a guide to set up a modern XMPP server focused on security and mobile messaging. The whole guide assumes Debian stable running on the server, the fact that you will end up hosting a few of your friends and that you have some basic skills working on a linux command line.
 
+Please note that if you've followed this guide in the past you might need to have a look at [the update considerations](#attention-upgrading-from-previous-versions)
+
+Set up firewall and DNS
+----
+
 To make your server communicate make sure following ports are open in your firewall:
 
     :::console
     5000 (for proxying large file transfers between clients)
     5222 (for client to server)
     5269 (server to server)
-    5280 (default http port for prosody)
     5281 (default https port for prosody)
 
 Additionally make sure you have set up a domain name and have A-records for the following subdomains:
@@ -28,7 +35,6 @@ Additionally make sure you have set up a domain name and have A-records for the
 
 This guide uses the ones above but feel free to come up with more creative subdomains :)
 
-
 Enabling HTTPS
 ---
 
@@ -52,14 +58,6 @@ Should you succeed, you will be able to read something like:
      renew"
 
 
-Take note of the path where the certificate is stored as we will use it later.
-
-TODO: Upgrading MySQL
----
-
-Previous versions of this guide included instructions how to set up a MySQL database backend. This was done because some message archived features had that as a dependency in older versions of prosody. It is however overkill for small etc etc 
-
-
 Installing and configuring Prosody, the XMPP server
 ---
    
@@ -87,7 +85,8 @@ Make a backup of the default prosody configuration and install [the one by the h
     cp prosody.cfg.lua prosody.cfg.lua.original
     wget https://homebrewserver.club/downloads/prosody.0.11.cfg.lua -O prosody.cfg.lua
 
-The homebrewserver.club prosody config:
+The homebrewserver.club prosody config
+---
 
     :::console
     -- a custom prosody config focused on high security and ease of use across (mobile) clients
@@ -102,7 +101,6 @@ The homebrewserver.club prosody config:
 	                "tls"; -- Add support for secure TLS on c2s/s2s connections
 	                "dialback"; -- s2s dialback support
 	                "disco"; -- Service discovery
-	                "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
 	                "private"; -- Private XML storage (for room bookmarks, etc.)
 	                "vcard4"; -- User Profiles (stored in PEP)
 	                "vcard_legacy" -- Conversion between legacy vCard and PEP Avatar, vcard
@@ -116,33 +114,30 @@ The homebrewserver.club prosody config:
 	                "smacks"; -- XEP-0198: Stream Management, keep chatting even when the network drops for a few seconds
 	                "mam"; -- XEP-0313: Message Archive Management, allows to retrieve chat history from server
 	                "csi_simple"; -- XEP-0352: Client State Indication
-	                "http"; -- mod_http needed for XEP-363
 	                "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
 	                "blocklist"; -- XEP-0191  blocking of users
-                    "proxy"; --XEP-065 Allows the server to negotiate a bytestream between clients for large file transfers
                     "bookmarks"; -- Synchronize currently joined groupchat between different clients.
 	                --"cloud_notify"; -- Support for XEP-0357 Push Notifications for compatibility with ChatSecure/iOS. 
 	                -- iOS typically end the connection when an app runs in the background and requires use of Apple's Push servers to wake up and receive a message. Enabling this module allows your server to do that for your contacts on iOS.
 	                -- However we leave it commented out as it is another example of vertically integrated cloud platforms at odds with federation, with all the meta-data-based surveillance consequences that that might have.
                     "server_contact_info"; --add contact info in the case of issues with the server
-
-	};
-
+                	};
+     
     allow_registration = false; -- Enable to allow people to register accounts on your server from their clients, for more information see http://prosody.im/doc/creating_accounts
-
+     
     certificates = "/etc/prosody/certs"
     https_certificate = "certs/myserver.org"
-
+     
     c2s_require_encryption = true -- Force clients to use encrypted connections
-
+     
     -- Force certificate authentication for server-to-server connections?
     -- This provides ideal security, but requires servers you communicate
     -- with to support encryption AND present valid, trusted certificates.
     -- NOTE: Your version of LuaSec must support certificate verification!
     -- For more information see http://prosody.im/doc/s2s#security
-
+     
     s2s_secure_auth = true
-
+     
     pidfile = "/var/run/prosody/prosody.pid"
 
     authentication = "internal_hashed"
@@ -159,27 +154,27 @@ The homebrewserver.club prosody config:
         info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging
         error = "/var/log/prosody/prosody.err";
         "*syslog";
-   }
+    }
 
     VirtualHost "myserver.org"
     
     -- Enable http_upload to allow image sharing across multiple devices and clients
     Component "dump.myserver.org" "http_upload"
 
-    -- Set up a MUC (multi-user chat) room server on conference.example.com:
+    -- Enable groupchats on your server
     Component "muc.myserver.org" "muc"
-    modules_enabled = { "muc_mam", "vcard_muc" }
+    modules_enabled = { "muc_mam", "vcard_muc" } --enable archives and avatars for groupchats
 
     -- Set up a file transfer proxy to facilitate clients sending larger files to each other
     Component "proxy.myserver.org" "proxy65"
 
 
-Replace all instances of the placeholder domain name and passwords in the config file with your own:
+Replace all instances of the placeholder domain name with `yourdomain` in the config file with your own:
 
     :::console
-    sed -i 's/myserver.org/yourdomain.net/g' prosody.cfg.lua
+    sed -i 's/myserver.org/yourdomain/g' prosody.cfg.lua
 
-Alternatively you can change them by hand. They are on line 62, 70, 73, 76 of prosody.cfg.lua
+Alternatively you can change them by hand. They are on lines 39, 75, 81, 85 of prosody.cfg.lua
 
 Make Prosody import the LetsEncrypt certificates:
 
@@ -188,6 +183,7 @@ Make Prosody import the LetsEncrypt certificates:
 
 You might get the following output:
 
+    :::console
     No certificate for host muc.myserver.org found :(
     No certificate for host dump.myserver.org found :(
     No certificate for host proxy.myserver.org found :(
@@ -205,8 +201,8 @@ Add an entry to cron to automatically renew LetsEncrypt certificates
 
 And add:
 
-     :::console
-     0 4 * * *  /usr/bin/certbot renew && prosodyctl --root cert import /etc/letsencrypt/live
+    :::console
+    0 4 * * *  /usr/bin/certbot renew && prosodyctl --root cert import /etc/letsencrypt/live
 
 This will check and renew the certificates every day at 04:00.
 
@@ -221,7 +217,7 @@ Users can be added from the command line, you will also be prompted for a passwo
     :::console
     prosodyctl adduser me@myserver.org
  
-Alternatively you can change "allow_registration = false;" to "allow_registration = true;" in the config (line 35) to allow users to register accounts on your server via their clients.
+Alternatively you can change `allow_registration = false;` to `allow_registration = true;` in the config (line 35) to allow users to register accounts on your server via their clients.
 
 Now you can try connecting to your own server by using a client like Gajim or Conversations. Login with the above configured username and password.
 
@@ -229,4 +225,15 @@ If you have questions about Prosody, the project's [documentation](http://prosod
 
 This guide is a companion to our article [Have You Considered The Alternative?](http://homebrewserver.club/have-you-considered-the-alternative.html) on instant messaging. Also check out our guide on [XMPP clients](http://homebrewserver.club/picking-modern-xmpp-clients.html).  
 
-Previous articles descibed how to set up [Prosody 0.9](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server-0.9.html) and [Prosody 0.10](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server-0.10.html)
+Attention: Upgrading From Previous Versions 
+---
+
+Previous versions of this guide[^1] included instructions how to set up a MySQL database back-end. That is because earlier versions of prosody had SQL as a dependency for message archiving. This is no longer the case. The new guide is lighter and leaves out MySQL in favor of the inbuilt file-based storage. This should be sufficient for hundreds of users. 
+
+When upgrading to prosody 0.11 on a server using sql make sure to run database upgrades with:
+
+    :::console
+    prosodyctl mod_storage_sql upgrade 
+
+
+[^1]: Previous articles descibed how to set up [Prosody 0.9](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server-0.9.html) and [Prosody 0.10](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server-0.10.html)

raw/configuring_an_xmpp_server_prosody_0.9.md

@@ -10,6 +10,8 @@ Attention!
 ---
 This article describes how to set up Prosody 0.9 and kept online only for archival reasons! You are probably looking for the following article <https://homebrewserver.club/configuring-a-modern-xmpp-server.html>
 
+Attention!
+---
 
 This is a guide to set up a modern XMPP server focused on security and mobile messaging. The whole guide assumes Debian stable running on the server, the fact that you will end up hosting a few of your friends and that you have some basic skills working on a linux command line.
 

raw/downloads/prosody.0.11.cfg.lua

@@ -1,6 +1,7 @@
 -- a custom prosody 0.11 config focused on high security and ease of use across (mobile) clients
 -- provided to you by the homebrewserver.club
 -- the original config file (prosody.cfg.lua.original) will have more information 
+-- https://homebrewserver.club/configuring-a-modern-xmpp-server.html
 
 plugin_paths = { "/usr/src/prosody-modules" } -- non-standard plugin path so we can keep them up to date with mercurial
 
@@ -10,7 +11,6 @@ modules_enabled = {
                 "tls"; -- Add support for secure TLS on c2s/s2s connections
                 "dialback"; -- s2s dialback support
                 "disco"; -- Service discovery
-                "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
                 "private"; -- Private XML storage (for room bookmarks, etc.)
                 "vcard4"; -- User Profiles (stored in PEP)
                 "vcard_legacy"; -- Conversion between legacy vCard and PEP Avatar, vcard
@@ -24,10 +24,8 @@ modules_enabled = {
                 "smacks"; -- XEP-0198: Stream Management, keep chatting even when the network drops for a few seconds
                 "mam"; -- XEP-0313: Message Archive Management, allows to retrieve chat history from server
                 "csi_simple"; -- XEP-0352: Client State Indication
-                "http"; -- mod_http needed for XEP-363
                 "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
                 "blocklist"; -- XEP-0191  blocking of users
-                "proxy"; ---XEP-065 Allows the server to negotiate a bytestream between clients for large file transfers
                 "bookmarks"; -- Synchronize currently joined groupchat between different clients.
                 "server_contact_info"; --add contact info in the case of issues with the server
                 --"cloud_notify"; -- Support for XEP-0357 Push Notifications for compatibility with ChatSecure/iOS.
@@ -80,9 +78,9 @@ VirtualHost "myserver.org"
 -- Enable http_upload to allow image sharing across multiple devices and clients
 Component "dump.myserver.org" "http_upload"
 
----Set up a MUC (multi-user chat) room server on conference.example.com:
+---Allow setting up groupchats on this subdomain:
 Component "muc.myserver.org" "muc"
-modules_enabled = { "muc_mam", "vcard_muc" }
+modules_enabled = { "muc_mam", "vcard_muc" } -- enable archives and avatars for group chats
 
 -- Set up a file transfer proxy to facilitate clients sending larger files to each other
 Component "proxy.myserver.org" "proxy65"

raw/es_configuring_an_xmpp_server_prosody_0.11.md

@@ -0,0 +1,217 @@
+Title: Configuring an XMPP server for secure, mobile instant messaging
+Date: 2018-11-17
+Category: xmpp
+Tags: xmpp, chat, guide, instant messaging, prosody
+Slug: configuring-a-modern-xmpp-server-0.11
+Description: Hands-on step-by-step guide that shows how to configure Prosody 0.11 aimed at security, mobile messaging, rich features and ease of use.
+Lang: es
+Status: draft
+
+[TOC]
+
+Introducción
+---
+
+Esta es una guía para configurar un servidor de mensajería instantánea basado en XMPP moderno, enfocado a la seguridad, mensajería móvil y fácil de usar. La guía asume que usas 'Debian Stable' en el servidor, que quieres alojar y administrar la mensajería instantánea para tu grupo de amigos y que tienes conocimiento básico de usar la línea de comandos en Linux.
+
+Firewall y DNS
+---
+Abre los siguientes puertos en tu firewall para poder comunicarte con el servidor:
+
+    :::console
+    5000 (hacer de proxy para intercambiar archivos grandes entre clientes)
+    5222 (para comunicación entre cliente y servidor, C2S)
+    5269 (para comunicación entre servidores, S2S)
+    5281 (el puerto https por defecto de prosody)
+
+También asegúrate de que tienes un dominio con DNS A-records para los siguientes subdominios
+    
+    :::console
+    myserver.org (el dominio principal)
+    muc.myserver.org (para sala de grupos)
+    dump.myserver.org (para componente HTTP-Upload)
+    proxy.myserver.org (para el proxy de transferencia de archivos)
+
+Esta guía usa los dominios escritos arriba, pero puedes ser más creativo :)
+
+Habilitar HTTPS
+---
+
+Primero, conseguimos un certificado HTTPS firmado por [Let's Encrypt](https://letsencrypt.org/): 
+
+Se necesita para XMPP moderno, certificados auto-firmados no funcionaran.
+
+Instala Certbot y consigue los certificados para tu dominio (reemplaza `myserver.org` por el tuyo):
+
+    :::console
+    sudo apt-get update && sudo apt-get install certbot
+    certbot certonly -d myserver.org -d muc.myserver.org -d dump.myserver.org -d proxy.myserver.org
+
+Si funciona, deberías poder ver algo así:
+
+    :::console 
+    - Congratulations! Your certificate and chain have been saved at
+     /etc/letsencrypt/live/myserver.org/fullchain.pem. Your
+     cert will expire on 2019-02-15. To obtain a new or tweaked version
+     of this certificate in the future, simply run certbot again. To
+     non-interactively renew *all* of your certificates, run "certbot
+     renew"
+
+Instalar y configurar Prosody, el servidor XMPP
+---
+   
+Instala la version Prosody 0.11 y sus dependencias desde el repositorio oficial de Prosody:
+
+    :::console
+    echo deb http://packages.prosody.im/debian $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list
+
+    wget https://prosody.im/files/prosody-debian-packages.key -O- | sudo apt-key add -
+
+    sudo apt-get update && sudo apt-get install prosody-0.11
+
+Instala los plugins más recientes de Prosody:
+
+    :::console
+    apt-get install mercurial
+    cd /usr/src
+    hg clone https://hg.prosody.im/prosody-modules/ prosody-modules
+
+
+Haz una copia de seguridad de la configuración de Prosody por defecto e instala [la de homebrewserver.club](https://homebrewserver.club/downloads/prosody.0.11.cfg.lua)
+
+    :::console
+    cd /etc/prosody
+    cp prosody.cfg.lua prosody.cfg.lua.original
+    wget https://homebrewserver.club/downloads/prosody.0.11.cfg.lua -O prosody.cfg.lua
+
+La configuración de homebrewserver.club
+---
+
+    :::console
+    -- una configuración de prosody enfocado a la seguridad, mensajería móvil y fácil de usar.
+    -- proporcionada por homebrewserver.club
+    -- el archivo de la configuración original(prosody.cfg.lua.original) tendrá mas información 
+    
+    plugin_paths = { "/usr/src/prosody-modules" } -- el directorio de los plugin no estándar para mantenerlos al dia con mercurial 
+    
+	modules_enabled = {
+	                "roster"; -- Permite a los usuarios tener una lista de contactos.  Recomendado ;)
+	                "saslauth"; -- Autenticación entre clientes y servidores. Recomendado si quieres iniciar sesión.
+	                "tls"; -- Permite conexiones c2s/s2s seguras con TLS
+	                "dialback"; -- Permite s2s dialback
+	                "disco"; -- Descubrir servicios entre servidores y clientes
+	                "private"; -- Almacenamiento XML privado (para guardar las salas a las que te has unido)
+	                "vcard4"; -- Perfiles de usuarios (guardado en PEP)
+	                "vcard_legacy" -- Convierte entre legacy vCard y PEP Avatar, vcard
+                    "version"; -- Contesta a las peticiones de la versión del servidor
+	                "uptime"; -- Informa sobre cuánto tiempo ha estado funcionando el servidor
+	                "time"; -- Permite conocer la hora en el servidor 
+	                "ping"; -- Contesta XMPP pings con pongs
+	                "register"; --Permite registrar una cuenta en tu servidor desde un cliente
+	                "pep"; -- Entre otras cosas, permite a usuarios publicar sus claves OMEMO publicas
+	                "carbons"; -- XEP-0280: Message Carbons, sincroniza mensajes entre dispositivos
+	                "smacks"; -- XEP-0198: Stream Management, mantiene conversaciones incluso cuando la red se cae
+	                "mam"; -- XEP-0313: Message Archive Management, permite descargar el historial de conversasiones del servidor
+	                "csi_simple"; -- XEP-0352: Client State Indication
+	                "admin_adhoc"; -- Permite la administración del servidor desde un cliente XMPP (que soporte comandos ad-hoc)
+	                "blocklist"; -- XEP-0191 bloquear usuarios
+                    "bookmarks"; -- Sincroniza entre clientes diferentes las salas a las que te has unido
+	                --"cloud_notify"; -- Soporta XEP-0357 Push Notifications para tener compatibilidad con ChatSecure/iOS. 
+	                -- iOS normalmente aborta la conexión cuando una aplicación funciona en segundo plano y requiere el uso de los servidores de Push de Apple para levantar la conexión y recibir un mensaje. Habilitar este módulo permite a tu servidor comunicarse con los servidores Push de Apple para ayudar a tus usuarios de iOS.
+	                -- Sin embargo, lo dejamos comentado porque es un otro ejemplo de una plataforma cloud integrada verticalmente que choca con las ideas de federación y las redes libres. Descomentarlo tiene riesgo de vigilancia de los meta dados de tus usuarios por Apple.
+                    "server_contact_info"; -- Añade información de contacto en caso de incidencias con el servidor
+                	};
+     
+    allow_registration = false; -- Permite registrar una cuenta en tu servidor desde un cliente, para más información visita http://prosody.im/doc/creating_accounts
+     
+    certificates = "/etc/prosody/certs" -- Ruta donde Prosody busca los certificados: https://prosody.im/doc/letsencrypt
+    https_certificate = "certs/myserver.org" 
+     
+    c2s_require_encryption = true -- Fuerza a los clientes a usar conexiones cifradas
+      
+    s2s_secure_auth = true -- Fuerza la autenticación de certificados para conexiones entre servidores
+     
+    pidfile = "/var/run/prosody/prosody.pid"
+
+    authentication = "internal_hashed"
+
+    -- Historial de conversaciones 
+    -- Si mod_mam esta activo, Prosody guardara una copia de cada mensaje. 
+    -- Se usa para sincronizar conversaciones entre múltiples clientes, incluso
+    -- si están desconectados. Esta configuración controla cuanto tiempo Prosody
+    -- guarda los mensajes en el historial antes de eliminarlos.
+
+    archive_expires_after = "1w" -- Eliminar el historial de mensajes en una semana
+
+    log = { -- descomenta para mayor privacidad
+        info = "/var/log/prosody/prosody.log"; -- Cambia 'info' por 'debug' para un registro más detallado
+        error = "/var/log/prosody/prosody.err";
+        "*syslog";
+    }
+
+    VirtualHost "myserver.org"
+    
+    -- Habilita http_upload para permitir compartir imágenes entre diferentes dispositivos y diferentes clientes
+    Component "dump.myserver.org" "http_upload"
+
+    -- Permite crear salas 
+    Component "muc.myserver.org" "muc"
+    modules_enabled = { "muc_mam", "vcard_muc" }
+
+    -- Inicia un proxy para intercambiar archivos grandes entre clientes
+    Component "proxy.myserver.org" "proxy65"
+
+
+Reemplaza el dominio de ejemplo con `tu dominio` en el archivo de configuración:
+
+    :::console
+    sed -i 's/myserver.org/tu dominio/g' prosody.cfg.lua
+
+De forma alternativa puedes reemplazarlos a mano. Estan en las lineas 39, 75, 81, 85 de prosody.cfg.lua
+
+Importa los certificados de LetsEncrypt con Prosody:
+
+    :::console
+    prosodyctl --root cert import /etc/letsencrypt/live
+
+Es posible que recibas un resultado similar:
+
+    No certificate for host muc.myserver.org found :(
+    No certificate for host dump.myserver.org found :(
+    No certificate for host proxy.myserver.org found :(
+    Imported certificate and key for hosts myserver.org
+
+Pero no te preocupes, el ultimo certificado contiene información de todos los subdominios.
+
+Para acabar
+---
+
+Configura `cron` para renovar los certificados LetsEncrypt automáticamente
+    
+    :::console
+    sudo crontab -e
+
+Añade al final:
+
+     :::console
+     0 4 * * *  /usr/bin/certbot renew && prosodyctl --root cert import /etc/letsencrypt/live
+
+Esta configuración comprueba y renueva los certificados cada día a las 04:00.
+
+Cuando hayas hecho todo esto es hora de arrancar el servidor:
+
+    :::console
+    /etc/init.d/prosody restart
+
+Se pueden añadir usuarios desde la línea de comandos. Te pedirá una contraseña:
+
+    :::console
+    prosodyctl adduser me@myserver.org
+ 
+De otra forma puedes cambiar `allow_registration = false;` a `allow_registration = true;` en la configuración (linea 35) para permitir a los usuarios registrarse en tu servidor desde sus propios clientes.
+
+Ahora puedes intentar conectarte a tu servidor usando un cliente como Gajim o Conversations. Inicia sesión con tu nombre y contraseña.
+
+Si tienes preguntas sobre Prosody, la [documentación](http://prosody.im/doc) del proyecto es bastante buena (pero en Ingles). Si eso no es suficiente, pregunta los mismos desarrolladores en [la sala XMPP de Prosody](xmpp://prosody.conference.prosody.im?join)
+
+Esta guía es una traducción de la guía del [homebrewserver.club](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server.html).)