added es translation and styling changes

2018-11-18 17:12:49 +01:00 · 2018-11-18 17:12:49 +01:00 · 6e22788f15
commit 6e22788f15
parent 7ca2814b60
5 changed files with 264 additions and 45 deletions
--- a/raw/configuring_an_xmpp_server_prosody_0.10.md
+++ b/raw/configuring_an_xmpp_server_prosody_0.10.md
@ -4,15 +4,10 @@ Category: xmpp
 Tags: xmpp, chat, guide, instant messaging, prosody
 Slug: configuring-a-modern-xmpp-server
 Description: Hands-on step-by-step guide that shows how to configure Prosody 0.10 for security, mobile messaging and ease of use.
-status: draft
+status: Published
 [TOC]
 <!-- Attention
 ---
 This article describes how to set up Prosody 0.10 and kept online only for archival reasons! You are probably looking for the following article <https://homebrewserver.club/configuring-a-modern-xmpp-server.html>
 -->
 This is a guide to set up a modern XMPP server focused on security and mobile messaging. The whole guide assumes Debian stable running on the server, the fact that you will end up hosting a few of your friends and that you have some basic skills working on a linux command line.
@ -170,8 +165,7 @@ The homebrewserver.club prosody config:
 	                -- However we leave it commented out as it is another example of vertically integrated cloud platforms at odds with federation, with all the meta-data-based surveillance consequences that that might have. 
 	                "omemo_all_access"; -- Allow for OMEMO E2E between contacts that haven't added each other
 	                "pep_vcard_avatar"; -- use XEP-0153: vCard-Based Avatars to see the avatars of clients that use XEP-0084: User Avatar and vice versa.
-
+                };
 	};
    allow_registration = false; -- Enable to allow people to register accounts on your server from their clients, for more information see http://prosody.im/doc/creating_accounts
@ -247,4 +241,5 @@ This guide is a companion to our article [Have You Considered The Alternative?](
 **edit 9th of january 2018**
 updated config for new debian stable and prosody 0.10
 Previous articles descibed how to set up [Prosody 0.9](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server-0.9.html)
--- a/raw/configuring_an_xmpp_server_prosody_0.11.md
+++ b/raw/configuring_an_xmpp_server_prosody_0.11.md
@ -8,15 +8,22 @@ Status: draft
 [TOC]
 Introduction
 ---
 This is a guide to set up a modern XMPP server focused on security and mobile messaging. The whole guide assumes Debian stable running on the server, the fact that you will end up hosting a few of your friends and that you have some basic skills working on a linux command line.
 Please note that if you've followed this guide in the past you might need to have a look at [the update considerations](#attention-upgrading-from-previous-versions)
 Set up firewall and DNS
 ----
 To make your server communicate make sure following ports are open in your firewall:
    :::console
    5000 (for proxying large file transfers between clients)
    5222 (for client to server)
    5269 (server to server)
    5280 (default http port for prosody)
    5281 (default https port for prosody)
 Additionally make sure you have set up a domain name and have A-records for the following subdomains:
@ -28,7 +35,6 @@ Additionally make sure you have set up a domain name and have A-records for the
 This guide uses the ones above but feel free to come up with more creative subdomains :)
 Enabling HTTPS
 ---
@ -52,14 +58,6 @@ Should you succeed, you will be able to read something like:
     renew"
 Take note of the path where the certificate is stored as we will use it later.
 TODO: Upgrading MySQL
 ---
 Previous versions of this guide included instructions how to set up a MySQL database backend. This was done because some message archived features had that as a dependency in older versions of prosody. It is however overkill for small etc etc 
 Installing and configuring Prosody, the XMPP server
 ---
@ -87,7 +85,8 @@ Make a backup of the default prosody configuration and install [the one by the h
    cp prosody.cfg.lua prosody.cfg.lua.original
    wget https://homebrewserver.club/downloads/prosody.0.11.cfg.lua -O prosody.cfg.lua
-The homebrewserver.club prosody config:
+The homebrewserver.club prosody config
 ---
    :::console
    -- a custom prosody config focused on high security and ease of use across (mobile) clients
@ -102,7 +101,6 @@ The homebrewserver.club prosody config:
 	                "tls"; -- Add support for secure TLS on c2s/s2s connections
 	                "dialback"; -- s2s dialback support
 	                "disco"; -- Service discovery
 	                "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
 	                "private"; -- Private XML storage (for room bookmarks, etc.)
 	                "vcard4"; -- User Profiles (stored in PEP)
 	                "vcard_legacy" -- Conversion between legacy vCard and PEP Avatar, vcard
@ -116,33 +114,30 @@ The homebrewserver.club prosody config:
 	                "smacks"; -- XEP-0198: Stream Management, keep chatting even when the network drops for a few seconds
 	                "mam"; -- XEP-0313: Message Archive Management, allows to retrieve chat history from server
 	                "csi_simple"; -- XEP-0352: Client State Indication
 	                "http"; -- mod_http needed for XEP-363
 	                "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
 	                "blocklist"; -- XEP-0191  blocking of users
                    "proxy"; --XEP-065 Allows the server to negotiate a bytestream between clients for large file transfers
                    "bookmarks"; -- Synchronize currently joined groupchat between different clients.
 	                --"cloud_notify"; -- Support for XEP-0357 Push Notifications for compatibility with ChatSecure/iOS. 
 	                -- iOS typically end the connection when an app runs in the background and requires use of Apple's Push servers to wake up and receive a message. Enabling this module allows your server to do that for your contacts on iOS.
 	                -- However we leave it commented out as it is another example of vertically integrated cloud platforms at odds with federation, with all the meta-data-based surveillance consequences that that might have.
                    "server_contact_info"; --add contact info in the case of issues with the server
-
+                	};
-	};
+     
    allow_registration = false; -- Enable to allow people to register accounts on your server from their clients, for more information see http://prosody.im/doc/creating_accounts
-
+     
    certificates = "/etc/prosody/certs"
    https_certificate = "certs/myserver.org"
-
+     
    c2s_require_encryption = true -- Force clients to use encrypted connections
-
+     
    -- Force certificate authentication for server-to-server connections?
    -- This provides ideal security, but requires servers you communicate
    -- with to support encryption AND present valid, trusted certificates.
    -- NOTE: Your version of LuaSec must support certificate verification!
    -- For more information see http://prosody.im/doc/s2s#security
-
+     
    s2s_secure_auth = true
-
+     
    pidfile = "/var/run/prosody/prosody.pid"
    authentication = "internal_hashed"
@ -159,27 +154,27 @@ The homebrewserver.club prosody config:
        info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging
        error = "/var/log/prosody/prosody.err";
        "*syslog";
-   }
+    }
    VirtualHost "myserver.org"
    -- Enable http_upload to allow image sharing across multiple devices and clients
    Component "dump.myserver.org" "http_upload"
-    -- Set up a MUC (multi-user chat) room server on conference.example.com:
+    -- Enable groupchats on your server
    Component "muc.myserver.org" "muc"
-    modules_enabled = { "muc_mam", "vcard_muc" }
+    modules_enabled = { "muc_mam", "vcard_muc" } --enable archives and avatars for groupchats
    -- Set up a file transfer proxy to facilitate clients sending larger files to each other
    Component "proxy.myserver.org" "proxy65"
-Replace all instances of the placeholder domain name and passwords in the config file with your own:
+Replace all instances of the placeholder domain name with `yourdomain` in the config file with your own:
    :::console
-    sed -i 's/myserver.org/yourdomain.net/g' prosody.cfg.lua
+    sed -i 's/myserver.org/yourdomain/g' prosody.cfg.lua
-Alternatively you can change them by hand. They are on line 62, 70, 73, 76 of prosody.cfg.lua
+Alternatively you can change them by hand. They are on lines 39, 75, 81, 85 of prosody.cfg.lua
 Make Prosody import the LetsEncrypt certificates:
@ -188,6 +183,7 @@ Make Prosody import the LetsEncrypt certificates:
 You might get the following output:
    :::console
    No certificate for host muc.myserver.org found :(
    No certificate for host dump.myserver.org found :(
    No certificate for host proxy.myserver.org found :(
@ -205,8 +201,8 @@ Add an entry to cron to automatically renew LetsEncrypt certificates
 And add:
-     :::console
+    :::console
-     0 4 * * *  /usr/bin/certbot renew && prosodyctl --root cert import /etc/letsencrypt/live
+    0 4 * * *  /usr/bin/certbot renew && prosodyctl --root cert import /etc/letsencrypt/live
 This will check and renew the certificates every day at 04:00.
@ -221,7 +217,7 @@ Users can be added from the command line, you will also be prompted for a passwo
    :::console
    prosodyctl adduser me@myserver.org
-Alternatively you can change "allow_registration = false;" to "allow_registration = true;" in the config (line 35) to allow users to register accounts on your server via their clients.
+Alternatively you can change `allow_registration = false;` to `allow_registration = true;` in the config (line 35) to allow users to register accounts on your server via their clients.
 Now you can try connecting to your own server by using a client like Gajim or Conversations. Login with the above configured username and password.
@ -229,4 +225,15 @@ If you have questions about Prosody, the project's [documentation](http://prosod
 This guide is a companion to our article [Have You Considered The Alternative?](http://homebrewserver.club/have-you-considered-the-alternative.html) on instant messaging. Also check out our guide on [XMPP clients](http://homebrewserver.club/picking-modern-xmpp-clients.html).  
-Previous articles descibed how to set up [Prosody 0.9](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server-0.9.html) and [Prosody 0.10](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server-0.10.html)
+Attention: Upgrading From Previous Versions 
 ---
 Previous versions of this guide[^1] included instructions how to set up a MySQL database back-end. That is because earlier versions of prosody had SQL as a dependency for message archiving. This is no longer the case. The new guide is lighter and leaves out MySQL in favor of the inbuilt file-based storage. This should be sufficient for hundreds of users. 
 When upgrading to prosody 0.11 on a server using sql make sure to run database upgrades with:
    :::console
    prosodyctl mod_storage_sql upgrade 
 [^1]: Previous articles descibed how to set up [Prosody 0.9](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server-0.9.html) and [Prosody 0.10](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server-0.10.html)
--- a/raw/configuring_an_xmpp_server_prosody_0.9.md
+++ b/raw/configuring_an_xmpp_server_prosody_0.9.md
@ -10,6 +10,8 @@ Attention!
 ---
 This article describes how to set up Prosody 0.9 and kept online only for archival reasons! You are probably looking for the following article <https://homebrewserver.club/configuring-a-modern-xmpp-server.html>
 Attention!
 ---
 This is a guide to set up a modern XMPP server focused on security and mobile messaging. The whole guide assumes Debian stable running on the server, the fact that you will end up hosting a few of your friends and that you have some basic skills working on a linux command line.
--- a/raw/downloads/prosody.0.11.cfg.lua
+++ b/raw/downloads/prosody.0.11.cfg.lua
@ -1,6 +1,7 @@
 -- a custom prosody 0.11 config focused on high security and ease of use across (mobile) clients
 -- provided to you by the homebrewserver.club
 -- the original config file (prosody.cfg.lua.original) will have more information 
 -- https://homebrewserver.club/configuring-a-modern-xmpp-server.html
 plugin_paths = { "/usr/src/prosody-modules" } -- non-standard plugin path so we can keep them up to date with mercurial
@ -10,7 +11,6 @@ modules_enabled = {
                "tls"; -- Add support for secure TLS on c2s/s2s connections
                "dialback"; -- s2s dialback support
                "disco"; -- Service discovery
                "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
                "private"; -- Private XML storage (for room bookmarks, etc.)
                "vcard4"; -- User Profiles (stored in PEP)
                "vcard_legacy"; -- Conversion between legacy vCard and PEP Avatar, vcard
@ -24,10 +24,8 @@ modules_enabled = {
                "smacks"; -- XEP-0198: Stream Management, keep chatting even when the network drops for a few seconds
                "mam"; -- XEP-0313: Message Archive Management, allows to retrieve chat history from server
                "csi_simple"; -- XEP-0352: Client State Indication
                "http"; -- mod_http needed for XEP-363
                "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
                "blocklist"; -- XEP-0191  blocking of users
                "proxy"; ---XEP-065 Allows the server to negotiate a bytestream between clients for large file transfers
                "bookmarks"; -- Synchronize currently joined groupchat between different clients.
                "server_contact_info"; --add contact info in the case of issues with the server
                --"cloud_notify"; -- Support for XEP-0357 Push Notifications for compatibility with ChatSecure/iOS.
@ -80,9 +78,9 @@ VirtualHost "myserver.org"
 -- Enable http_upload to allow image sharing across multiple devices and clients
 Component "dump.myserver.org" "http_upload"
---Set up a MUC (multi-user chat) room server on conference.example.com:
+---Allow setting up groupchats on this subdomain:
 Component "muc.myserver.org" "muc"
-modules_enabled = { "muc_mam", "vcard_muc" }
+modules_enabled = { "muc_mam", "vcard_muc" } -- enable archives and avatars for group chats
 -- Set up a file transfer proxy to facilitate clients sending larger files to each other
 Component "proxy.myserver.org" "proxy65"
--- a/raw/es_configuring_an_xmpp_server_prosody_0.11.md
+++ b/raw/es_configuring_an_xmpp_server_prosody_0.11.md
@ -0,0 +1,217 @@
 Title: Configuring an XMPP server for secure, mobile instant messaging
 Date: 2018-11-17
 Category: xmpp
 Tags: xmpp, chat, guide, instant messaging, prosody
 Slug: configuring-a-modern-xmpp-server-0.11
 Description: Hands-on step-by-step guide that shows how to configure Prosody 0.11 aimed at security, mobile messaging, rich features and ease of use.
 Lang: es
 Status: draft
 [TOC]
 Introducción
 ---
 Esta es una guía para configurar un servidor de mensajería instantánea basado en XMPP moderno, enfocado a la seguridad, mensajería móvil y fácil de usar. La guía asume que usas 'Debian Stable' en el servidor, que quieres alojar y administrar la mensajería instantánea para tu grupo de amigos y que tienes conocimiento básico de usar la línea de comandos en Linux.
 Firewall y DNS
 ---
 Abre los siguientes puertos en tu firewall para poder comunicarte con el servidor:
    :::console
    5000 (hacer de proxy para intercambiar archivos grandes entre clientes)
    5222 (para comunicación entre cliente y servidor, C2S)
    5269 (para comunicación entre servidores, S2S)
    5281 (el puerto https por defecto de prosody)
 También asegúrate de que tienes un dominio con DNS A-records para los siguientes subdominios
    :::console
    myserver.org (el dominio principal)
    muc.myserver.org (para sala de grupos)
    dump.myserver.org (para componente HTTP-Upload)
    proxy.myserver.org (para el proxy de transferencia de archivos)
 Esta guía usa los dominios escritos arriba, pero puedes ser más creativo :)
 Habilitar HTTPS
 ---
 Primero, conseguimos un certificado HTTPS firmado por [Let's Encrypt](https://letsencrypt.org/): 
 Se necesita para XMPP moderno, certificados auto-firmados no funcionaran.
 Instala Certbot y consigue los certificados para tu dominio (reemplaza `myserver.org` por el tuyo):
    :::console
    sudo apt-get update && sudo apt-get install certbot
    certbot certonly -d myserver.org -d muc.myserver.org -d dump.myserver.org -d proxy.myserver.org
 Si funciona, deberías poder ver algo así:
    :::console 
    - Congratulations! Your certificate and chain have been saved at
     /etc/letsencrypt/live/myserver.org/fullchain.pem. Your
     cert will expire on 2019-02-15. To obtain a new or tweaked version
     of this certificate in the future, simply run certbot again. To
     non-interactively renew *all* of your certificates, run "certbot
     renew"
 Instalar y configurar Prosody, el servidor XMPP
 ---
 Instala la version Prosody 0.11 y sus dependencias desde el repositorio oficial de Prosody:
    :::console
    echo deb http://packages.prosody.im/debian $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list
    wget https://prosody.im/files/prosody-debian-packages.key -O- | sudo apt-key add -
    sudo apt-get update && sudo apt-get install prosody-0.11
 Instala los plugins más recientes de Prosody:
    :::console
    apt-get install mercurial
    cd /usr/src
    hg clone https://hg.prosody.im/prosody-modules/ prosody-modules
 Haz una copia de seguridad de la configuración de Prosody por defecto e instala [la de homebrewserver.club](https://homebrewserver.club/downloads/prosody.0.11.cfg.lua)
    :::console
    cd /etc/prosody
    cp prosody.cfg.lua prosody.cfg.lua.original
    wget https://homebrewserver.club/downloads/prosody.0.11.cfg.lua -O prosody.cfg.lua
 La configuración de homebrewserver.club
 ---
    :::console
    -- una configuración de prosody enfocado a la seguridad, mensajería móvil y fácil de usar.
    -- proporcionada por homebrewserver.club
    -- el archivo de la configuración original(prosody.cfg.lua.original) tendrá mas información 
    plugin_paths = { "/usr/src/prosody-modules" } -- el directorio de los plugin no estándar para mantenerlos al dia con mercurial 
 	modules_enabled = {
 	                "roster"; -- Permite a los usuarios tener una lista de contactos.  Recomendado ;)
 	                "saslauth"; -- Autenticación entre clientes y servidores. Recomendado si quieres iniciar sesión.
 	                "tls"; -- Permite conexiones c2s/s2s seguras con TLS
 	                "dialback"; -- Permite s2s dialback
 	                "disco"; -- Descubrir servicios entre servidores y clientes
 	                "private"; -- Almacenamiento XML privado (para guardar las salas a las que te has unido)
 	                "vcard4"; -- Perfiles de usuarios (guardado en PEP)
 	                "vcard_legacy" -- Convierte entre legacy vCard y PEP Avatar, vcard
                    "version"; -- Contesta a las peticiones de la versión del servidor
 	                "uptime"; -- Informa sobre cuánto tiempo ha estado funcionando el servidor
 	                "time"; -- Permite conocer la hora en el servidor 
 	                "ping"; -- Contesta XMPP pings con pongs
 	                "register"; --Permite registrar una cuenta en tu servidor desde un cliente
 	                "pep"; -- Entre otras cosas, permite a usuarios publicar sus claves OMEMO publicas
 	                "carbons"; -- XEP-0280: Message Carbons, sincroniza mensajes entre dispositivos
 	                "smacks"; -- XEP-0198: Stream Management, mantiene conversaciones incluso cuando la red se cae
 	                "mam"; -- XEP-0313: Message Archive Management, permite descargar el historial de conversasiones del servidor
 	                "csi_simple"; -- XEP-0352: Client State Indication
 	                "admin_adhoc"; -- Permite la administración del servidor desde un cliente XMPP (que soporte comandos ad-hoc)
 	                "blocklist"; -- XEP-0191 bloquear usuarios
                    "bookmarks"; -- Sincroniza entre clientes diferentes las salas a las que te has unido
 	                --"cloud_notify"; -- Soporta XEP-0357 Push Notifications para tener compatibilidad con ChatSecure/iOS. 
 	                -- iOS normalmente aborta la conexión cuando una aplicación funciona en segundo plano y requiere el uso de los servidores de Push de Apple para levantar la conexión y recibir un mensaje. Habilitar este módulo permite a tu servidor comunicarse con los servidores Push de Apple para ayudar a tus usuarios de iOS.
 	                -- Sin embargo, lo dejamos comentado porque es un otro ejemplo de una plataforma cloud integrada verticalmente que choca con las ideas de federación y las redes libres. Descomentarlo tiene riesgo de vigilancia de los meta dados de tus usuarios por Apple.
                    "server_contact_info"; -- Añade información de contacto en caso de incidencias con el servidor
                	};
    allow_registration = false; -- Permite registrar una cuenta en tu servidor desde un cliente, para más información visita http://prosody.im/doc/creating_accounts
    certificates = "/etc/prosody/certs" -- Ruta donde Prosody busca los certificados: https://prosody.im/doc/letsencrypt
    https_certificate = "certs/myserver.org" 
    c2s_require_encryption = true -- Fuerza a los clientes a usar conexiones cifradas
    s2s_secure_auth = true -- Fuerza la autenticación de certificados para conexiones entre servidores
    pidfile = "/var/run/prosody/prosody.pid"
    authentication = "internal_hashed"
    -- Historial de conversaciones 
    -- Si mod_mam esta activo, Prosody guardara una copia de cada mensaje. 
    -- Se usa para sincronizar conversaciones entre múltiples clientes, incluso
    -- si están desconectados. Esta configuración controla cuanto tiempo Prosody
    -- guarda los mensajes en el historial antes de eliminarlos.
    archive_expires_after = "1w" -- Eliminar el historial de mensajes en una semana
    log = { -- descomenta para mayor privacidad
        info = "/var/log/prosody/prosody.log"; -- Cambia 'info' por 'debug' para un registro más detallado
        error = "/var/log/prosody/prosody.err";
        "*syslog";
    }
    VirtualHost "myserver.org"
    -- Habilita http_upload para permitir compartir imágenes entre diferentes dispositivos y diferentes clientes
    Component "dump.myserver.org" "http_upload"
    -- Permite crear salas 
    Component "muc.myserver.org" "muc"
    modules_enabled = { "muc_mam", "vcard_muc" }
    -- Inicia un proxy para intercambiar archivos grandes entre clientes
    Component "proxy.myserver.org" "proxy65"
 Reemplaza el dominio de ejemplo con `tu dominio` en el archivo de configuración:
    :::console
    sed -i 's/myserver.org/tu dominio/g' prosody.cfg.lua
 De forma alternativa puedes reemplazarlos a mano. Estan en las lineas 39, 75, 81, 85 de prosody.cfg.lua
 Importa los certificados de LetsEncrypt con Prosody:
    :::console
    prosodyctl --root cert import /etc/letsencrypt/live
 Es posible que recibas un resultado similar:
    No certificate for host muc.myserver.org found :(
    No certificate for host dump.myserver.org found :(
    No certificate for host proxy.myserver.org found :(
    Imported certificate and key for hosts myserver.org
 Pero no te preocupes, el ultimo certificado contiene información de todos los subdominios.
 Para acabar
 ---
 Configura `cron` para renovar los certificados LetsEncrypt automáticamente
    :::console
    sudo crontab -e
 Añade al final:
     :::console
     0 4 * * *  /usr/bin/certbot renew && prosodyctl --root cert import /etc/letsencrypt/live
 Esta configuración comprueba y renueva los certificados cada día a las 04:00.
 Cuando hayas hecho todo esto es hora de arrancar el servidor:
    :::console
    /etc/init.d/prosody restart
 Se pueden añadir usuarios desde la línea de comandos. Te pedirá una contraseña:
    :::console
    prosodyctl adduser me@myserver.org
 De otra forma puedes cambiar `allow_registration = false;` a `allow_registration = true;` en la configuración (linea 35) para permitir a los usuarios registrarse en tu servidor desde sus propios clientes.
 Ahora puedes intentar conectarte a tu servidor usando un cliente como Gajim o Conversations. Inicia sesión con tu nombre y contraseña.
 Si tienes preguntas sobre Prosody, la [documentación](http://prosody.im/doc) del proyecto es bastante buena (pero en Ingles). Si eso no es suficiente, pregunta los mismos desarrolladores en [la sala XMPP de Prosody](xmpp://prosody.conference.prosody.im?join)
 Esta guía es una traducción de la guía del [homebrewserver.club](https://homebrewserver.club/drafts/configuring-a-modern-xmpp-server.html).)