initial import

createlinks

@@ -0,0 +1,45 @@
+#!/usr/bin/perl -w
+
+use esmith::Build::CreateLinks  qw(:all);
+
+
+templates2events("/etc/ejabberd/ejabberd.cfg",  qw(
+	bootstrap-console-save
+	ejabberd-update
+	));
+
+templates2events("/etc/pam.d/ejabberd", qw(ejabberd-update bootstrap-console-save));
+templates2events("/etc/logrotate.d/ejabberd", qw(ejabberd-update bootstrap-console-save));
+templates2events("/etc/httpd/conf/httpd.conf", "ejabberd-update");
+templates2events("/etc/jappix/main.xml", "ejabberd-update");
+templates2events("/etc/rc.d/init.d/masq", "ejabberd-update");
+templates2events("/etc/e-smith/sql/init/80ejabberd", "bootstrap-console-save");
+
+#--------------------------------------------------
+# ejabberd-update actions
+#--------------------------------------------------
+
+event_link("ejabberd-init-domain", 'ejabberd-update', "10");
+event_link("ejabberd-init-domain", 'ipasserelle-update', "60");
+event_link("ejabberd-init-domain", 'webapps-update', "60");
+
+safe_symlink("restart", "root/etc/e-smith/events/ejabberd-update/services2adjust/ejabberd");
+safe_symlink("adjust", "root/etc/e-smith/events/ejabberd-update/services2adjust/masq");
+safe_symlink("sigusr1", "root/etc/e-smith/events/ejabberd-update/services2adjust/httpd-e-smith");
+
+#--------------------------------------------------
+# startup and stop symlink
+#--------------------------------------------------
+service_link_enhanced("ejabberd", "S90", "7");
+service_link_enhanced("ejabberd", "K25", "6");
+service_link_enhanced("ejabberd", "K25", "1");
+service_link_enhanced("ejabberd", "K25", "0");
+
+# Daemontools links.
+safe_symlink("../daemontools", "root/etc/rc.d/init.d/supervise/ejabberd");
+safe_symlink("../var/service/ejabberd", "root/service/ejabberd");
+
+# Symlink for the cgi.
+panel_link("ejabberd", "manager");
+
+exit;

ipasserelle-im.spec

@@ -0,0 +1,92 @@
+%define version 0.2.0
+%define release 1
+%define name ipasserelle-im
+
+
+Summary: Meta-Package to add Instant Messaging capabilities to your iPasserelle
+Name: %{name}
+Version: %{version}
+Release: %{release}%{?dist}
+License: GPL
+Group: Networking/Daemons
+Source: %{name}-%{version}.tar.gz
+
+BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
+BuildArchitectures: noarch
+BuildRequires: e-smith-devtools
+
+Obsoletes: smeserver-ejabberd
+Provides: smeserver-ejabberd
+
+Requires: ipasserelle-base
+Requires: ejabberd
+Requires: ejabberd-modules
+Requires: smeserver-spectrum
+Requires: smeserver-webapps-common
+Requires: smeserver-jappix >= 0.1-3
+Requires: smeserver-pam_cas
+
+%description
+Meta package to configure Instant Messaging features
+on your iPasserelle.
+
+%changelog
+* Wed Mar 14 2012 Daniel Berteaud <daniel@firewall-services.com> 0.2.0-1
+- Migrate to git
+
+* Tue Dec 20 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-5
+- Turn on CAS auth for Jappix
+- Cleanup
+
+* Thu Oct 20 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-4
+- Enable http-bind
+
+* Mon Jul 11 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-3
+- Enable pubsub
+- Add jappix web frontend support
+- Add additional vcard fields mapping
+- Configure shared roster based on LDAP
+
+* Wed Jun 22 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-2
+- Fix some typo in fr locale of the panel
+
+* Thu Jan 20 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-1
+- initial release
+
+
+%prep
+%setup -q -n %{name}-%{version}
+
+%build
+perl createlinks
+%{__mkdir_p} root/var/service/ejabberd/ssl
+
+%install
+/bin/rm -rf $RPM_BUILD_ROOT
+(cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
+/bin/rm -f %{name}-%{version}-filelist
+/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
+    --dir '/var/service/ejabberd' 'attr(1755,root,root)' \
+    --file '/var/service/ejabberd/down' 'attr(0644,root,root)' \
+    --file '/var/service/ejabberd/run' 'attr(0755,root,root)' \
+    --dir '/var/service/ejabberd/supervise' 'attr(0700,root,root)' \
+    --file '/var/service/ejabberd/control/1' 'attr(0755,root,root)' \
+    --file '/var/service/ejabberd/control/2' 'attr(0755,root,root)' \
+    --dir '/var/service/ejabberd/log' 'attr(1755,root,root)' \
+    --file '/var/service/ejabberd/log/run' 'attr(0755,root,root)' \
+    --dir '/var/service/ejabberd/log/supervise' 'attr(0700,root,root)' \
+    --dir '/var/log/ejabberd' 'attr(0750,ejabberd,ejabberd)' \
+    --dir '/var/log/ejabberd.run' 'attr(0750,smelog,root)' \
+    --dir '/var/service/ejabberd/ssl' 'attr(0750,root,ejabberd)' \
+  > %{name}-%{version}-filelist
+
+%files -f %{name}-%{version}-filelist
+%defattr(-,root,root)
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post
+
+%preun
+

root/etc/e-smith/db/configuration/defaults/ejabberd/Archives

@@ -0,0 +1 @@
+disabled

root/etc/e-smith/db/configuration/defaults/ejabberd/DbName

@@ -0,0 +1 @@
+ejabberd

root/etc/e-smith/db/configuration/defaults/ejabberd/DbUser

@@ -0,0 +1 @@
+ejabberd

root/etc/e-smith/db/configuration/defaults/ejabberd/HTTPBind

@@ -0,0 +1 @@
+enabled

root/etc/e-smith/db/configuration/defaults/ejabberd/LogChat

@@ -0,0 +1 @@
+disabled

root/etc/e-smith/db/configuration/defaults/ejabberd/TCPPorts

@@ -0,0 +1 @@
+5222,5223,5269

root/etc/e-smith/db/configuration/defaults/ejabberd/WebAdmin

@@ -0,0 +1 @@
+disabled

root/etc/e-smith/db/configuration/defaults/ejabberd/access

@@ -0,0 +1 @@
+public

root/etc/e-smith/db/configuration/defaults/ejabberd/status

@@ -0,0 +1 @@
+disabled

root/etc/e-smith/db/configuration/defaults/ejabberd/type

@@ -0,0 +1 @@
+service

root/etc/e-smith/db/configuration/defaults/jappix/AliasOnPrimary

@@ -0,0 +1 @@
+disabled

root/etc/e-smith/db/configuration/defaults/jappix/Title

@@ -0,0 +1 @@
+iPasserelle

root/etc/e-smith/db/configuration/defaults/jappix/WelcomMessage

@@ -0,0 +1 @@
+Plateforme Sociale

root/etc/e-smith/db/configuration/migrate/ejabberd.domain

@@ -0,0 +1,5 @@
+{
+    my $ejabberdrec = $DB->get('ejabberd');
+    $ejabberdrec = $DB->new_record('ejabberd', {type => 'service'}) unless $ejabberdrec;
+    $ejabberdrec->set_prop('Domain', $DB->get('DomainName')->value) unless $ejabberdrec->prop('Domain');
+}

root/etc/e-smith/db/configuration/migrate/ejabberd.mysql

@@ -0,0 +1,30 @@
+{
+
+# Set MySQL password
+my $rec = $DB->get('ejabberd') || $DB->new_record('ejabberd', { type => 'service' });
+my $pw = $rec->prop('DbPassword');
+
+if (not $pw){
+    $pw = `/usr/bin/openssl rand -base64 60 | tr -c -d '[:graph:]'`;
+    chomp($pw);
+    $rec->set_prop('DbPassword', $pw);
+}
+
+# Make sure mysql is enabled, InnoDB is also needed
+# and LocalNetworkingOnly need to be set to no
+my $my = $DB->get('mysqld') || $DB->new_record("mysqld", { type => "service", status => "enabled" });
+
+if ( ($my->prop('status') || 'disabled') ne 'enable'){
+    $DB->set_prop('mysqld', 'status', 'enabled');
+}
+
+if ( ($my->prop('InnoDB') || 'disabled') ne 'enable'){
+    $DB->set_prop('mysqld', 'InnoDB', 'enabled');
+}
+
+if ( ($my->prop('LocalNetworkingOnly') || 'yes') ne 'no'){
+    $DB->set_prop('mysqld', 'LocalNetworkingOnly', 'no');
+}
+
+}
+

root/etc/e-smith/db/configuration/migrate/jappix.server

@@ -0,0 +1,13 @@
+{
+
+my $rec = $DB->get("jappix") ||
+        $DB->new_record("jappix", { type => "webapp" });
+
+my $domain = $DB->get('DomainName')->value;
+
+my $server = $rec->prop('Server') || '';
+
+$rec->set_prop('Server', "im.$domain") if ($server eq '');
+
+
+}

root/etc/e-smith/events/actions/ejabberd-delete-dumped-tables

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+exec /bin/rm -f /home/e-smith/db/ejabberd/*.backup

root/etc/e-smith/events/actions/ejabberd-dump-tables

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+status=$(/sbin/e-smith/config getprop ejabberd status)
+if [ "$status" = "disabled" ]
+then
+    echo "ejabberd is disabled - no tables dumped" >&2
+    exit 0
+fi
+mkdir -p /home/e-smith/db/ejabberd
+chown ejabberd.root /home/e-smith/db/ejabberd
+/sbin/e-smith/ejabberdctl backup /home/e-smith/db/ejabberd/ejabberd.backup

root/etc/e-smith/events/actions/ejabberd-init-domain

@@ -0,0 +1,68 @@
+#!/usr/bin/perl -w
+#----------------------------------------------------------------------
+# copyright (C) 2010-2011 Firewall-Services
+# daniel@firewall-services.com
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+# Technical support for this program is available from Mitel Networks 
+# Please visit our web site www.mitel.com/sme/ for details.
+#----------------------------------------------------------------------
+
+use strict;
+use warnings;
+use esmith::DomainsDB;
+use esmith::ConfigDB;
+
+my $d = esmith::DomainsDB->open or die "Couldn't open DomainsDB\n";
+my $c = esmith::ConfigDB->open_ro() or die "Couldn't open ConfigDB\n";
+
+my $domain = $c->get('DomainName')->value;
+my $vhost;
+
+$vhost = $d->get("im.$domain");
+
+if (!$vhost){
+    $d->new_record("im.$domain",{
+        type         => 'domain',
+        Content      => 'Primary',
+        Description  => "Instant Messaging",
+        Nameservers  => 'internet',
+        TemplatePath => 'Ejabberd',
+        Removable    => 'yes',
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "domain-create", "im.$domain") == 0 ){
+        die "Failed to create domain im.$domain\n";
+    }
+}
+
+$vhost = $d->get("jabber.$domain");
+
+if (!$vhost){
+    $d->new_record("jabber.$domain",{
+        type         => 'domain',
+        Content      => 'Primary',
+        Description  => "Client XMPP Jappix",
+        Nameservers  => 'internet',
+        TemplatePath => 'WebAppVirtualHost',
+        DocumentRoot => '/usr/share/jappix',
+        LemonLDAP    => 'enabled'
+    });
+
+    unless ( system("/sbin/e-smith/signal-event", "domain-create", "jabber.$domain") == 0 ){
+        die "Failed to create domain jabber.$domain\n";
+    }
+}

root/etc/e-smith/events/actions/ejabberd-load-tables

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+if [ -f /home/e-smith/db/ejabberd/ejabberd.backup ]
+then
+    if [ ! -f /sbin/e-smith/ejabberdctl ]
+    then
+	echo "ejabberd is not installed - no tables restored" >&2
+	exit 0
+    else
+	status=$(/sbin/e-smith/config getprop ejabberd status)
+	if [ "$status" = "disabled" ]
+	then
+	    echo "ejabberd is disabled - no tables restored" >&2
+	    exit 0
+	fi
+	/sbin/e-smith/ejabberdctl restore /home/e-smith/db/ejabberd/ejabberd.backup
+    fi
+fi

root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/ejabberd

@@ -0,0 +1,82 @@
+<lexicon lang="fr">
+    <entry>
+        <base>FORM_TITLE</base>
+        <trans>Instant messaging configuration</trans>
+    </entry>	
+    <entry>
+        <base>DESCRIPTION</base>
+        <trans>This panel lets you configure your instant messaging service.</trans>
+    </entry>
+    <entry>
+        <base>Configuration</base>
+        <trans>Configuration</trans>
+    </entry>
+    <entry>
+        <base>INSTANT_MESSAGING</base>
+        <trans>Instant Messaging</trans>
+    </entry>
+    <entry>
+        <base>NO_ACCESS</base>
+        <trans>No access</trans>
+    </entry>
+    <entry>
+        <base>PRIVATE</base>
+        <trans>Allow access only from local networks</trans>
+    </entry>
+    <entry>
+        <base>PUBLIC</base>
+        <trans>Allow public access (entire Internet)</trans>
+    </entry>
+    <entry>
+        <base>DESC_ACCESS</base>
+        <trans>You can control access to your instant messaging service.</trans>
+    </entry>
+    <entry>
+        <base>LABEL_ACCESS</base>
+        <trans>Instant messaging services access</trans>
+    </entry>
+    <entry>
+        <base>DESC_GATEWAYS</base>
+        <trans>You can enable gateways for other instant messaging services. Once registered on a gateway, users will be able to communicate with their contact of this network.</trans>
+    </entry>
+    <entry>
+        <base>LABEL_GATEWAYS</base>
+        <trans>Gateways</trans>
+    </entry>
+    <entry>
+        <base>PROTOCOL</base>
+        <trans>Protocol</trans>
+    </entry>
+    <entry>
+        <base>STATUS</base>
+        <trans>Status</trans>
+    </entry>
+    <entry>
+        <base>DESC_FILTER_MODE</base>
+        <trans>The default is to let users comunicate with external contacts. You can filter outside communications. If you choose "Black list", all communication with the outside will be allowed, except for contacts of the exception list. If you choose "White list", only the communications with contacts in the exception list will be allowed.</trans>
+    </entry>
+    <entry>
+        <base>LABEL_FILTER_MODE</base>
+        <trans>Filter mode</trans>
+    </entry>
+    <entry>
+        <base>WHITE_LIST</base>
+        <trans>White list</trans>
+    </entry>
+    <entry>
+        <base>BLACK_LIST</base>
+        <trans>Black list</trans>
+    </entry>
+    <entry>
+        <base>DESC_EXCEPTION_LIST</base>
+        <trans>Enter here a exception list (which will be used either as a white list, or a black list). Enter one contact per line.</trans>
+    </entry>
+    <entry>
+        <base>LABEL_EXCEPTION_LIST</base>
+        <trans>Exception list</trans>
+    </entry>
+    <entry>
+        <base>SAVE</base>
+        <trans>Enregistrer</trans>
+    </entry>
+</lexicon>

root/etc/e-smith/locale/fr/etc/e-smith/web/functions/ejabberd

@@ -0,0 +1,106 @@
+<lexicon lang="fr">
+    <entry>
+        <base>FORM_TITLE</base>
+        <trans>Paramètres de la messagerie instantanée</trans>
+    </entry>	
+    <entry>
+        <base>PAGE_DESCRIPTION</base>
+        <trans>Cette page vous permet de configurer le service de messagerie instantanée de votre serveur.</trans>
+    </entry>
+    <entry>
+        <base>Configuration</base>
+        <trans>Configuration</trans>
+    </entry>
+    <entry>
+        <base>INSTANT_MESSAGING</base>
+        <trans>Messagerie Instantanée</trans>
+    </entry>
+    <entry>
+        <base>NO_ACCESS</base>
+        <trans>Aucun accès</trans>
+    </entry>
+    <entry>
+        <base>PRIVATE</base>
+        <trans>Autoriser l'accès uniquement depuis les réseaux locaux.</trans>
+    </entry>
+    <entry>
+        <base>PUBLIC</base>
+        <trans>Autoriser l'accès publique (tout Internet)</trans>
+    </entry>
+    <entry>
+        <base>DESC_ACCESS</base>
+        <trans>Vous pouvez contrôler l'accès à vos services de messagerie.</trans>
+    </entry>
+    <entry>
+        <base>LABEL_ACCESS</base>
+        <trans>Accès aux services de messagerie instantanée</trans>
+    </entry>
+    <entry>
+        <base>DESC_ALLOWED_GROUPS</base>
+        <trans>Vous pouvez restreindre l'accès aux services de messagerie instantanée à une liste de groupes. Si au moins un groupe est coché, seuls les membres du/des groupe(s) sélectionnés pourront utiliser la messagerie instantanée. Si aucun groupe n'est coché, alors tous les utilisateurs pourront l'utiliser.</trans>
+    </entry>
+    <entry>
+        <base>ALLOWED_GROUPS</base>
+        <trans>Groupes autorisés</trans>
+    </entry>
+    <entry>
+        <base>DESCRIPTION</base>
+        <trans>Description</trans>
+    </entry>
+    <entry>
+        <base>ALLOWED_OR_NOT</base>
+        <trans>Autorisé ?</trans>
+    </entry>
+    <entry>
+        <base>LABEL_SHARED_ROSTER</base>
+        <trans>Contacts automatiques</trans>
+    </entry>
+    <entry>
+        <base>DESC_SHARED_ROSTER</base>
+        <trans>Si cette fonction est activée, les utilisateurs du système seront automatiquement ajoutés en tant que contact</trans>
+    </entry>
+    <entry>
+        <base>DESC_GATEWAYS</base>
+        <trans>Vous pouvez activer des passerelles vers d'autres systèmes de messagerie instantanée. Après s'être enregistré auprès d'une passerelle, les utilisateurs pourront communiquer avec leur contacts des ces réseaux.</trans>
+    </entry>
+    <entry>
+        <base>LABEL_GATEWAYS</base>
+        <trans>Passerelles</trans>
+    </entry>
+    <entry>
+        <base>PROTOCOL</base>
+        <trans>Protocole</trans>
+    </entry>
+    <entry>
+        <base>STATUS</base>
+        <trans>Statut</trans>
+    </entry>
+    <entry>
+        <base>DESC_FILTER_MODE</base>
+        <trans>Par défaut, les utilisateurs peuvent communiquer librement avec leurs contacts extérieurs. Vous pouvez filtrer les communications vers l'extérieur. En choisissant "Liste noire", toutes les communications vers l'extérieur seront autorisées, sauf pour les contacts dans la liste d'exception. Si au contraire vous choisissez "Liste blanche", seules les communications extérieures avec ces contacts seront autorisées.</trans>
+    </entry>
+    <entry>
+        <base>LABEL_FILTER_MODE</base>
+        <trans>Mode de filtrage</trans>
+    </entry>
+    <entry>
+        <base>WHITE_LIST</base>
+        <trans>Liste blanche</trans>
+    </entry>
+    <entry>
+        <base>BLACK_LIST</base>
+        <trans>Liste noire</trans>
+    </entry>
+    <entry>
+        <base>DESC_EXCEPTION_LIST</base>
+        <trans>Entrez ici une liste d'exception (qui sera utilisée soit en liste blanche, soit en liste noire). Vous devez entrez une adresse par ligne.</trans>
+    </entry>
+    <entry>
+        <base>LABEL_EXCEPTION_LIST</base>
+        <trans>Liste d'exceptions</trans>
+    </entry>
+    <entry>
+        <base>SAVE</base>
+        <trans>Enregistrer</trans>
+    </entry>
+</lexicon>

root/etc/e-smith/templates.metadata/etc/e-smith/mnesia/init/00_restore_dumped_dbs

@@ -0,0 +1 @@
+PERMS=0540

root/etc/e-smith/templates.metadata/etc/e-smith/sql/init/80ejabberd

@@ -0,0 +1,4 @@
+UID="root"
+GID="root"
+PERMS=0755
+

root/etc/e-smith/templates.metadata/etc/ejabberd/ejabberd.cfg

@@ -0,0 +1,3 @@
+PERMS=0640
+UID="ejabberd"
+GID="ejabberd"

root/etc/e-smith/templates/etc/e-smith/mnesia/init/00_restore_dumped_dbs

@@ -0,0 +1,28 @@
+#! /bin/sh
+
+
+for i in $(seq 1 20);
+do
+    sv check /service/ejabberd | grep -q 'ok: run:'
+    if [ $? -eq 0 ]
+    then
+	for j in $(seq 1 30);
+	do
+	    if [ -f /var/lib/ejabberd/spool/passwd.DCD ]
+	    then
+	    ls -lt -c /var/lib/ejabberd/spool > /tmp/spoolls-$i$j-last
+		sleep 5
+		/etc/e-smith/events/actions/ejabberd-load-tables
+		exit 0
+	    fi
+	    sleep 2
+	done
+	echo seems service ejabberd started with errors
+	exit 1
+    fi
+    echo waiting for service ejabberd to start
+    sleep 1
+done
+echo ejabberd failed to start
+exit 1
+

root/etc/e-smith/templates/etc/e-smith/sql/init/80ejabberd

@@ -0,0 +1,49 @@
+{
+my $db = ${'ejabberd'}{'DbName'} || 'ejabberd';
+my $user = ${'ejabberd'}{'DbUser'} || 'ejabberd';
+my $pass = ${'ejabberd'}{'DbPassword'} || 'secret';
+
+$OUT .= <<"END";
+#! /bin/sh
+if [ \! -d /var/lib/mysql/$db ]; then
+    /usr/bin/mysqladmin create $db
+    for SQL in \$(rpm -qd ejabberd-modules | grep mysql.sql); do
+        /usr/bin/mysql $db < \$SQL
+    done
+fi
+
+/usr/bin/mysql <<EOF
+USE mysql;
+
+REPLACE INTO user (  
+                     host,
+                     user,
+                     password)
+            VALUES ( 
+                     'localhost',
+                     '$user',
+                     PASSWORD ('$pass'));
+
+
+REPLACE INTO db (  
+                   host,
+                   db,
+                   user,
+                   select_priv, insert_priv, update_priv, delete_priv,
+                   create_priv, alter_priv, index_priv, drop_priv, create_tmp_table_priv,
+                   grant_priv, lock_tables_priv, references_priv)
+          VALUES ( 
+                   'localhost',
+                   '$db',
+                   '$user',
+                   'Y', 'Y', 'Y', 'Y',
+                   'Y', 'Y', 'Y', 'Y', 'Y',
+                   'N', 'Y', 'Y');
+
+FLUSH PRIVILEGES;
+
+EOF
+END
+
+}
+

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/05database

@@ -0,0 +1,4 @@
+
+% mysql database access
+\{odbc_server, \{mysql, "localhost", "{"$ejabberd{DbName}"}", "{"$ejabberd{DbUser}"}", "{"$ejabberd{DbPassword}"}"\}\}.
+

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/10AdminUsers

@@ -0,0 +1,12 @@
+{
+    $OUT =<<'HERE';
+% Users that have admin access.
+{acl, admin, {user, "admin"}}.
+HERE
+
+foreach my $user (split(/[;,]/, ($ejabberd{'AdminUsers'} || ''))){
+    $OUT .= "{acl, admin, {user, '$user'}}.\n";
+}
+
+}
+

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/18LocalUsers

@@ -0,0 +1,7 @@
+{
+    $OUT =<<'HERE';
+% Local users:
+{acl, local, {user_regexp, ""}}.
+
+HERE
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/20PubSubNodes

@@ -0,0 +1,7 @@
+{
+    $OUT =<<'HERE';
+% Only smeusers can create pubsub nodes
+{access, pubsub_createnode, [{allow, smeusers}]}.
+HERE
+}
+

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/25ConfigurationAccess

@@ -0,0 +1,6 @@
+{
+    $OUT =<<'HERE';
+% Only admins can use configuration interface:
+{access, configure, [{allow, admin}]}.
+HERE
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/42Announcement

@@ -0,0 +1,6 @@
+{
+    $OUT =<<'HERE';
+% Only admins can send announcement messages :
+{access, announce, [{allow, admin}]}.
+HERE
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/45c2sS2SConf

@@ -0,0 +1,22 @@
+{
+    $OUT =<<'HERE';
+% Users can use c2s connections:
+{access, c2s, [{allow, all}]}.
+
+% Set shaper with name "normal" to limit traffic speed to 3000B/s
+{shaper, normal, {maxrate, 3000}}.
+
+% Set shaper with name "fast" to limit traffic speed to 100000B/s
+{shaper, fast, {maxrate, 100000}}.
+
+% For all users except admins used "normal" shaper
+{access, c2s_shaper, [{none, admin},
+		      {normal, all}]}.
+
+% For all S2S connections used "fast" shaper
+{access, s2s_shaper, [{fast, all}]}.
+
+% Admins of this server are also admins of MUC service:
+{access, muc_admin, [{allow, admin}]}.
+HERE
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/50MUCAccess

@@ -0,0 +1,8 @@
+{
+    $OUT =<<'HERE';
+% All users are allowed to use MUC service:
+{access, muc, [{allow, all}]}.
+{access, muc_log, [{allow, admin}, {deny, all}]}.
+HERE
+}
+

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/52AllowAccess

@@ -0,0 +1,6 @@
+{
+    $OUT =<<'HERE';
+% Allow access only for local users:
+{access, local, [{allow, local}]}.
+HERE
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/53ModFilter

@@ -0,0 +1,78 @@
+{
+
+use esmith::ConfigDB;
+
+my $default = $ejabberd{'FilterDefault'} || 'allow';
+my $rule = ($default eq 'allow' ) ? 'deny' : 'allow';
+my $ejdb = esmith::ConfigDB->open('im') ||
+           esmith::ConfigDB->create('im');
+my $except = $ejdb->get('exception') || 
+             $ejdb->new_record ('exception', { type => 'list' });
+my %rules = $except->props;
+my @admins = split (/[,;]/, ($ejabberd{'AdminUsers'} || ''));
+my $domain = $ejabberd{'Domain'} || "$DomainName";
+my $acl = '';
+
+while (($parameter,$value) = each(%rules)) {
+    next if ($parameter eq "type");
+
+    if ($value eq "User") {
+        my ($user,$server) = split (/\@/,$parameter);
+        # Spectrum expects \\40 instead of %
+        $user =~ s/%/\\\\40/;
+        $acl .= "{acl, except, {user, \"$user\", \"$server\"}}.\n";
+    }
+}
+
+# Admins are not restricted
+$acl .= "{acl, valid_users, {user, \"admin\", \"$domain\"}}.\n";
+foreach my $admin (@admins){
+    $acl .= "{acl, valid_users, {user, \"$admin\", \"$domain\"}}.\n";
+}
+# Allow gateways and other components
+$acl .= "{acl, valid_users, {user, \"\", \"$domain\"}}.\n";
+$acl .= "{acl, valid_users, {user, \"\", \"msn.$domain\"}}.\n";
+$acl .= "{acl, valid_users, {user, \"\", \"irc.$domain\"}}.\n";
+$acl .= "{acl, valid_users, {user, \"\", \"conference.$domain\"}}.\n";
+$acl .= "{acl, valid_users, {user, \"\", \"vjud.$domain\"}}.\n";
+$acl .= "{acl, valid_users, {user, \"\", \"pubsub.$domain\"}}.\n";
+$acl .= "{acl, valid_users, {user, \"\", \"echo.$domain\"}}.\n";
+
+$OUT .=<<"EOF";
+
+$acl
+
+{access, mod_filter, [
+  {allow, valid_users},
+  {$rule, except},
+  {filter, all}
+]}.
+
+{access, mod_filter_presence, [
+  {allow, valid_users},
+  {$rule, except},
+  {filter, all}
+]}.
+
+{access, mod_filter_message, [
+  {allow, valid_users},
+  {$rule, except},
+  {filter, all}
+]}.
+
+{access, mod_filter_iq, [
+  {allow, valid_users},
+  {$rule, except},
+  {filter, all}
+]}.
+
+{access, filter, [
+  {allow, valid_users},
+  {$rule, except},
+  {$default, all}
+]}.
+
+
+
+EOF
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/55AuthConf

@@ -0,0 +1,32 @@
+{
+
+use esmith::util;
+our $base = esmith::util::ldapBase ($DomainName);
+
+    $OUT =<<"HERE";
+
+% Use pam for authentication (to get pam_cas support)
+% LDAP for everything else
+{auth_method, pam}.
+{ldap_servers, ["localhost"]}.
+{ldap_base, "ou=Users,$base"}.
+HERE
+
+# If AllowedGroups prop is set, build a LDAP filter
+# based on the posixMemberOf attribute
+# (Only available on iPasserelle)
+
+our @groups = split(/[;,]/, ($ejabberd{'AllowedGroups'} || ''));
+my $filter = '';
+if (scalar(@groups) == 1){
+    $filter = "(posixMemberOf=$groups[0])";
+}
+elsif (scalar(@groups) gt 1){
+    $filter = '(|';
+    $filter .= "(posixMemberOf=$_)" foreach (@groups);
+    $filter .= ')';
+}
+
+$OUT .= ($filter eq '') ? '' : '{ldap_filter, "' . $filter . '"}.';
+
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/60HostName

@@ -0,0 +1,9 @@
+{
+    $OUT =<<'HERE';
+% Host name:
+HERE
+    $OUT .= '{hosts, ["';
+    $OUT .= ${ejabberd}{Domain};
+    $OUT .= '"]}.';
+    $OUT .= "\n\n";
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/65MaxUserSessions

@@ -0,0 +1,6 @@
+{
+    $OUT =<<'HERE';
+%% Define the maximum number of time a single user is allowed to connect:
+{max_user_sessions, 10}.
+HERE
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/75DefaultLanguage

@@ -0,0 +1,9 @@
+{
+    $OUT =<<'HERE';
+% Default language for server messages
+HERE
+    $OUT .= '{language, "';
+    $OUT .= substr(${sysconfig}{Language}, 0, 2);
+    $OUT .= '"}.';
+    $OUT .= "\n\n";
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports00Start

@@ -0,0 +1,4 @@
+{
+    $OUT .= "% Listened ports:\n";
+    $OUT .= "\{listen, [";
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports10c2s

@@ -0,0 +1,6 @@
+{
+$OUT .=<<"HERE";
+       {5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper}, starttls_required, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]}
+      ,{5223, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper}, tls, {certfile, "/var/service/ejabberd/ssl/cert.pem"}]}
+HERE
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports20s2S

@@ -0,0 +1,9 @@
+{
+
+if (($ejabberd{'S2s'} || 'enabled') eq 'enabled'){
+    $OUT .= "\n";
+    $OUT .= '      ,{5269, ejabberd_s2s_in,  [{shaper, s2s_shaper}, {max_stanza_size, 131072}]}';
+    $OUT .= "\n";
+}
+
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports30http

@@ -0,0 +1,17 @@
+
+{
+$OUT .= '       % http_bind interface, restrict it to 127.0.0.1, external access is handled by'."\n".
+        '       % ProxyPass directives in apache'."\n";
+ 
+$OUT .= '       ';
+$OUT .= '%' unless (((${'ejabberd'}{'HTTPBind'} || 'disabled') || 
+                    (${'ejabberd'}{'HTTPPoll'} || 'disabled')) ||
+                    (${'ejabberd'}{'WebAdmin'} || 'disabled')
+                   eq 'enabled');
+$OUT .= ',{5280, ejabberd_http,    [ ';
+$OUT .= 'http_bind, ' if ((${'ejabberd'}{'HTTPBind'} || 'disabled') eq 'enabled');
+$OUT .= 'http_poll, ' if ((${'ejabberd'}{'HTTPPoll'} || 'disabled') eq 'enabled');
+$OUT .= 'web_admin, ' if ((${'ejabberd'}{'WebAdmin'} || 'disabled') eq 'enabled');
+$OUT .= '{ip, {127, 0, 0, 1}} ]}'."\n";
+}
+

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/80Ports99End

@@ -0,0 +1,4 @@
+{
+    $OUT .= "         ]\}.";
+    $OUT .= "\n\n";
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/83PortsOut

@@ -0,0 +1,9 @@
+% If SRV lookup fails, then port 5269 is used to communicate with remote server
+{
+
+if (($ejabberd{'S2s'} || 'enabled') eq 'enabled'){
+    $OUT .= '{outgoing_s2s_port, 5269}.';
+}
+
+}
+

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/85Modules

@@ -0,0 +1,39 @@
+
+% Used modules:
+\{modules,
+ [
+
+{
+    $OUT =<<'HERE';
+  {mod_roster_odbc,     []}
+  ,{mod_privacy_odbc,    []}
+  ,{mod_adhoc,      []}
+  ,{mod_configure,  []} % Depends on mod_adhoc
+  ,{mod_configure2, []}
+  ,{mod_disco,      []}
+  ,{mod_stats,      []}
+  ,{mod_caps,      []}
+  ,{mod_offline_odbc,    []}
+  ,{mod_announce,   [{access, announce}]} % Depends on mod_adhoc
+  ,{mod_private_odbc,    []}
+  ,{mod_irc,        []}
+  ,{mod_muc,        [{access, muc}, {access_create, muc}, {access_admin, muc_admin}]}
+  ,{mod_muc_log,    []}
+  ,{mod_shared_roster, []}
+  ,{mod_pubsub_odbc,     [{access_createnode, pubsub_createnode},
+                         {plugins, ["flat_odbc", "hometree_odbc", "pep_odbc"]}]}
+  ,{mod_time,       []}
+  ,{mod_last_odbc,       []}
+  ,{mod_version,    []}
+  ,{mod_http_bind,    []}
+HERE
+    if (-e '/usr/lib/ejabberd/ebin/mod_admin_extra.beam' || -e '/usr/lib64/ejabberd/ebin/mod_admin_extra.beam')
+        { $OUT .= '  ,{mod_admin_extra,    []}'; }
+    else
+        { $OUT .= '  ,{mod_ctlextra,    []}'; }
+    $OUT .= "\n";
+    $OUT .= '  ,{mod_echo,       [{host, "echo.';
+    $OUT .= ${DomainName};
+    $OUT .= '"}]}';
+}
+

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleArchiveODBC

@@ -0,0 +1,17 @@
+{
+
+if (($ejabberd{'Archives'} || 'disabled') eq 'enabled'){
+$OUT .=<<"HERE";
+  ,{mod_archive_odbc, [{database_type, "mysql"},
+                      {default_auto_save, true},
+                      {enforce_default_auto_save, false},
+                      {default_expire, infinity},
+                      {enforce_min_expire, 0},
+                      {enforce_max_expire, infinity},
+                      {replication_expire, 31536000},
+                      {session_duration, 1800},
+                      {wipeout_interval, 86400}]}
+HERE
+}
+}
+

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleFilter

@@ -0,0 +1 @@
+  ,\{mod_filter, []\}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleLogChat

@@ -0,0 +1,10 @@
+{
+
+if (($ejabberd{'LogChat'} || 'disabled') eq 'enabled'){
+    my $format = $ejabberd{'LogChatFormat'} || 'text';
+    $OUT .=<<"HERE";
+  ,{mod_log_chat,  [{path, "/var/log/ejabberd/chat"}, {format, $format}]}
+HERE
+}
+
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleSharedRosterLDAP

@@ -0,0 +1,31 @@
+{
+
+if (($ejabberd{'SharedRoster'} || 'disabled') eq 'enabled'){
+
+    my $filter = '';
+    if (scalar(@groups) == 1){
+        $filter = "(cn=$groups[0])";
+    }
+    elsif (scalar(@groups) gt 1){
+        $filter = '(|';
+        $filter .= "(cn=$_)" foreach (@groups);
+        $filter .= ')';
+    }
+
+    $OUT .=<<"HERE";
+  ,{mod_shared_roster_ldap, [
+    {ldap_base, "$base"},
+    {ldap_rfilter, "(objectClass=mailboxRelatedObject)"},
+    {ldap_filter, "$filter"},
+    {ldap_gfilter, "(&(objectClass=mailboxRelatedObject)(cn=%g))"},
+    {ldap_ufilter, "(&(objectClass=inetOrgPerson)(uid=%u))"},
+    {ldap_groupattr, "cn"},
+    {ldap_groupdesc, "description"},
+    {ldap_memberattr, "memberUid"},
+    {ldap_useruid, "uid"},
+    {ldap_userdesc, "cn"}
+  ]}
+HERE
+
+}
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/86ModuleVcardLDAP

@@ -0,0 +1,39 @@
+{
+
+$OUT .=<<"HERE";
+  ,{mod_vcard_ldap, [
+    {ldap_base, "ou=Users,$base"},
+    {ldap_filter, "(objectClass=inetOrgPerson)"},
+    {ldap_vcard_map,
+    %% vcard patterns
+     [{"NICKNAME", "%u", []}, % just use user's part of JID as his nickname
+      {"GIVEN", "%s", ["givenName"]},
+      {"FAMILY", "%s", ["sn"]},
+      {"FN", "%s, %s", ["sn", "givenName"]},
+      {"MIDDLE", "%s", ["initials"]},
+      {"EMAIL", "%s", ["mail"]},
+      {"BDAY", "%s", ["birthDay"]},
+      {"ORGNAME", "%s", ["o"]},
+      {"ORGUNIT", "%s", ["ou"]},
+      {"LOCALITY", "%s", ["l"]},
+      {"STREET", "%s", ["Street"]},
+      {"PCODE", "%s", ["postalCode"]},
+      {"TEL", "%s", ["telephoneNumber"]},
+      {"ROLE", "%s", ["title"]},
+      {"PHOTO", "%s", ["jpegPhoto"]}
+     ]},
+    %% Search form
+    {ldap_search_fields,
+     [{"User", "%u"},
+      {"Name", "givenName"},
+      {"Family Name", "sn"},
+      {"Email", "mail"}]},
+    %% vCard fields to be reported
+    %% Note that JID is always returned with search results
+    {ldap_search_reported,
+     [{"Full Name", "FN"},
+      {"Nickname", "NICKNAME"}]}
+  ]}
+HERE
+
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/90ModulesEnd

@@ -0,0 +1,3 @@
+ ]\}.
+
+

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/template-begin

@@ -0,0 +1,8 @@
+{
+    $OUT =<<'HERE';
+
+override_acls.
+override_global.
+override_local.
+HERE
+}

root/etc/e-smith/templates/etc/ejabberd/ejabberd.cfg/template-end

@@ -0,0 +1,7 @@
+{
+    $OUT =<<'HERE';
+% Local Variables:
+% mode: erlang
+% End:
+HERE
+}

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/00Setup

@@ -0,0 +1,10 @@
+{
+    use esmith::DomainsDB;
+    # Convert the passed hash for the domain object back into an object.
+    $domain = bless \%domain, 'esmith::DB::db::Record';
+
+    # Make scalars from some of the properties of the domain
+    $virtualHost = $domain->key;
+    $OUT = "";
+}
+

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/10ServerName

@@ -0,0 +1 @@
+    ServerName {$virtualHost}

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/80Ejabberd

@@ -0,0 +1,57 @@
+{
+
+my $admin = $ejabberd{'WebAdmin'} || 'disabled';
+my $bind = $ejabberd{'HTTPBind'} || 'disabled';
+my $poll = $ejabberd{'HTTPPoll'} || 'disabled';
+
+my $allowAdmin = ($admin eq 'enabled') ? "allow from $localAccess $externalSSLAccess" : '';
+my $allowBind = ($bind eq 'enabled') ? "allow from all" : '';
+my $allowPoll = ($poll eq 'enabled') ? "allow from all" : '';
+
+if ( $port ne ($modSSL{'TCPPort'} || '443')){
+    $OUT .=<<"EOF";
+
+    #====================================================================
+    # HTTPS redirection for Ejabberd
+    #====================================================================
+
+    RewriteEngine on
+    RewriteRule ^/(.*|\$) https://%{HTTP_HOST}/\$1 \[L,R\]
+
+EOF
+    }
+    else{
+        $OUT .=<<"HERE";
+
+    SSLEngine on
+
+    ProxyPass / http://localhost:5280/
+    ProxyPassReverse / http://localhost:5280/
+
+    <Location />
+        order deny,allow
+        deny from all
+    </Location>
+
+    <Location /admin>
+        order deny,allow
+        deny from all
+        $allowAdmin
+    </Location>
+
+    <Location /http-bind>
+        order deny,allow
+        deny from all
+        $allowBind
+    </Location>
+
+    <Location /http-poll>
+        order deny,allow
+        deny from all
+        $allowPoll
+    </Location>
+
+HERE
+    }
+}
+

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/template-begin

@@ -0,0 +1,2 @@
+
+<VirtualHost {$ipAddress}:{$port}>

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/template-end

@@ -0,0 +1,2 @@
+</VirtualHost>
+

root/etc/e-smith/templates/etc/jappix/main.xml/20Cas

@@ -0,0 +1,4 @@
+        <auth_cas>on</auth_cas>
+        <cas_server>auth.{$DomainName}</cas_server>
+        <cas_uri>/cas</cas_uri>
+        <cas_cacert>/etc/pki/tls/certs/cacert.pem</cas_cacert>

root/etc/e-smith/templates/etc/logrotate.d/ejabberd/var.log.ejabberd

@@ -0,0 +1,13 @@
+
+/var/log/ejabberd/ejabberd.log /var/log/ejabberd/sasl.log \{
+    missingok
+    compress
+    notifempty
+    rotate 5
+    weekly
+    create 0644 ejabberd ejabberd
+    sharedscripts
+    postrotate
+        sudo -u ejabberd -H /sbin/e-smith/ejabberdctl  reopen-log >/dev/null 2>/dev/null || true
+    endscript
+\}

root/etc/e-smith/templates/etc/pam.d/ejabberd/05cas

@@ -0,0 +1 @@
+auth    sufficient      pam_cas.so -sxmpp://{$DomainName} -f/etc/pam_cas.conf

root/etc/e-smith/templates/etc/pam.d/ejabberd/10systemAuth

@@ -0,0 +1,2 @@
+auth       include      system-auth
+account    include      system-auth

root/etc/e-smith/templates/etc/pam.d/ejabberd/template-begin

@@ -0,0 +1,9 @@
+{
+    $OUT = <<HERE;
+#%PAM-1.0
+HERE
+
+    $OUT .=
+    Text::Template::_load_text("/etc/e-smith/templates-default/template-begin");
+}
+

root/etc/e-smith/templates/home/e-smith/ssl.pem/80ejabberd.pem

@@ -0,0 +1,19 @@
+{
+    my $domain = $DomainName || "localdomain";
+    my $hostname = $SystemName || "localhost";
+    my $ppid = $$;
+    $pid = fork();
+    if( $pid == 0 ){
+        # wait for SME cert to be expanded
+	waitpid($ppid,0);
+	use esmith::templates;
+        esmith::templates::processTemplate({
+	    TEMPLATE_PATH => "/home/e-smith/ssl.pem/$hostname.$domain.pem" ,
+	    TEMPLATE_EXPAND_QUEUE => [ "/" ] ,
+	    OUTPUT_FILENAME => "/var/service/ejabberd/ssl/cert.pem" ,
+	    UID => "ejabberd" ,
+	    PERMS => 0640 ,
+	    });
+	exec 'sv', '2', '/service/ejabberd';
+    }
+}

root/etc/e-smith/templates/var/lib/lemonldap-ng/conf/lmConf/050jappix

@@ -0,0 +1,28 @@
+{
+
+$conf->{'exportedHeaders'}->{"jabber.$domain"} = {
+    'Auth-User' => '$uid',
+} unless ($conf->{'exportedHeaders'}->{"jabber.$domain"});
+
+$conf->{'locationRules'}->{"jabber.$domain"} = {
+    'default' => '$groups =~ /\\bequipe|admins\\b/',
+    '(?#10pgt)^/(index\\.php)?\\?pgtIou=PGTIOU\\-[\\d\\w]+\\&pgtId=PGT\\-[\\d\\w]+$' => 'unprotect'
+} unless ($conf->{'locationRules'}->{"jabber.$domain"});
+
+$conf->{'applicationList'}->{'010apps'}->{'jappix'} = {
+    'options' => {
+        'logo' => 'bell.png',
+                  'name' => 'Jappix',
+                  'description' => 'Messagerie instantanée',
+                  'uri' => "https://jabber.$domain/",
+                  'display' => 'auto'
+        },
+        'type' => 'application'
+} unless $conf->{'applicationList'}->{'010apps'}->{'jappix'};
+
+$conf->{'issuerDBCASActivation'} = '1';
+
+$OUT .= '';
+
+}
+

root/etc/e-smith/web/functions/ejabberd

@@ -0,0 +1,121 @@
+#!/usr/bin/perl -wT
+
+#----------------------------------------------------------------------
+# heading     : Configuration 
+# description : INSTANT_MESSAGING
+# navigation  : 6000 6950
+#----------------------------------------------------------------------
+#----------------------------------------------------------------------
+# copyright (C) 2007 Free-EOS 
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+# 		
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 		
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+#----------------------------------------------------------------------
+
+
+
+use strict;
+use esmith::FormMagick::Panel::ejabberd;
+my $f = esmith::FormMagick::Panel::ejabberd->new();
+$f->display();
+
+
+
+
+=head1 TESTING
+
+
+=begin testing
+
+use esmith::FormMagick::Tester;
+use esmith::TestUtils;
+use esmith::ConfigDB;
+
+my $panel = 'hwinfo';
+my $panel_path = "/etc/e-smith/web/functions/".$panel;
+my $ua = esmith::FormMagick::Tester->new();
+
+
+is  (mode($panel_path), '4750',              "Check permissions on script");
+my @stat = stat($panel_path);
+is  (getpwuid($stat[4]), 'root', "File is owned by root");
+is  (getgrgid($stat[5]), 'admin', "File is owned by group admin");
+ok  ($ua->get_panel($panel),            "ABOUT TO RUN L10N TESTS");
+is  ($ua->{status}, 200,                "200 OK");
+like($ua->{content}, qr/FORM_TITLE/,    "Saw untranslated form title");
+ok  ($ua->set_language("en"),           "Set language to English");
+ok  ($ua->get_panel($panel),            "Get panel");
+is  ($ua->{status}, 200,                "200 OK");
+
+=end testing
+
+=cut
+
+__DATA__
+<form title="FORM_TITLE" header="/etc/e-smith/web/common/head.tmpl" footer="/etc/e-smith/web/common/foot.tmpl">
+    <page name="First"   pre-event="print_status_message()" post-event="change_settings()">
+    <description>PAGE_DESCRIPTION</description>
+
+        <field type="select" 
+            id="access" 
+            options=" 'off' => 'NO_ACCESS', 'private' => 'PRIVATE', 'public' => 'PUBLIC'"
+            value="get_ejabberd_access()">
+            <description>DESC_ACCESS</description>
+            <label>LABEL_ACCESS</label>
+        </field>
+
+        <field type="literal"
+            id="groups_desc"
+            value="">
+            <description>DESC_ALLOWED_GROUPS</description>
+        </field>
+
+        <subroutine src="print_allowed_groups()"/>
+
+        <field type="select" 
+            id="shared_roster" 
+            options=" 'enabled' => 'ENABLED', 'disabled' => 'DISABLED'"
+            value="get_prop('ejabberd', 'SharedRoster')">
+            <label>LABEL_SHARED_ROSTER</label>
+            <description>DESC_SHARED_ROSTER</description>
+        </field>
+
+        <field type="literal"
+            id="first_desc"
+            value="">
+            <description>DESC_GATEWAYS</description>
+        </field>
+
+        <subroutine src="print_gateways()"/>
+
+        <field type="select" 
+            id="default_filter" 
+            options=" 'allow' => 'BLACK_LIST', 'deny' => 'WHITE_LIST'"
+            value="get_prop('ejabberd', 'FilterDefault')">
+            <label>LABEL_FILTER_MODE</label>
+            <description>DESC_FILTER_MODE</description>
+        </field>
+
+        <field type="textarea" id="exception_list" cols="40" rows="15"
+            value="get_exception_list()">
+            <description>DESC_EXCEPTION_LIST</description>
+            <label>LABEL_EXCEPTION_LIST</label>
+        </field>
+
+	<subroutine src="print_button('SAVE')" />
+
+  </page>
+
+</form>

root/sbin/e-smith/ejabberdctl

@@ -0,0 +1,86 @@
+#!/bin/bash
+
+# ejabberdctl for SME Server
+# Author : Jean-Paul Leclere <jean-paul@leclere.org>
+# Copyright GNU GPL 2008 
+
+# define default configuration
+POLL=true
+SMP=auto
+ERL_MAX_PORTS=32000
+ERL_PROCESSES=250000
+ERL_MAX_ETS_TABLES=1400
+HOME=/var/lib/ejabberd
+
+# define default environment variables 
+NODE=ejabberd
+HOST=`hostname | cut -d. -f1`
+ERLANG_NODE=$NODE@$HOST
+
+    LD_LIBRARY_PATH="/lib/:/usr/lib/"
+    DYLD_LIBRARY_PATH=$LD_LIBRARY_PATH
+    export LD_LIBRARY_PATH
+    export DYLD_LIBRARY_PATH
+    
+# export global variables
+export HOME
+
+# common control function
+ctl()
+{
+    erl -pa /usr/lib/ejabberd/ebin -sname ejabberdctl \
+      -noinput \
+      -s ejabberd_ctl -extra $ERLANG_NODE $@
+    result=$?
+    case $result in
+    0) :;;
+    *)
+        echo ""
+        echo "Run ejabberdctl without parameters to get help"
+        echo "";;
+    esac
+    return $result
+}
+
+# allow sync calls
+wait_for_status()
+{
+    # args: status try delay
+    # return: 0 OK, 1 KO
+    timeout=$2
+    status=4
+    while [ $status -ne $1 ]; do 
+        sleep $3
+        let timeout=timeout-1
+        [ $timeout -eq 0 ] && { 
+            status=$1
+        } || {
+            ctl status > /dev/null
+            status=$?
+        }
+    done
+    [ $timeout -eq 0 ] && {
+        status=1
+	echo "ejabberd is not started"
+    } || {
+        status=0
+	echo "ejabberd is started"
+    }
+    return $status
+}
+
+# display ctl usage
+usage()
+{
+    ctl
+    exit
+}
+
+[ $# -lt 1 ] && usage
+
+case $1 in
+    start) echo "Start ejabberd through Server-Manager" ;;
+    started) wait_for_status 0 30 2;; # wait 30x2s before timeout
+    stopped) wait_for_status 3 15 2;; # wait 15x2s before timeout
+    *) ctl $@;;
+esac

root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/ejabberd.pm

@@ -0,0 +1,349 @@
+#!/usr/bin/perl -w 
+
+package esmith::FormMagick::Panel::ejabberd;
+
+use strict;
+
+use esmith::FormMagick;
+use esmith::ConfigDB;
+use esmith::AccountsDB;
+use esmith::cgi;
+use File::Basename;
+use Exporter;
+use Carp;
+
+our @ISA = qw(esmith::FormMagick Exporter);
+
+our @EXPORT = qw(
+
+  show_initial
+  get_ejabberd_access
+  get_exception_list
+  get_cgi_param
+  print_gateways
+);
+
+our $db = esmith::ConfigDB->open() || die "Couldn't open config db";
+our $ejdb = esmith::ConfigDB->open('im') ||
+            esmith::ConfigDB->create('im');
+our $adb = esmith::AccountsDB->open_ro() || die "Couldn't open AccountsDB";
+
+our @transports = qw/Msn/;
+
+our $VERSION = sprintf '%d.%03d', q$Revision: 2.00 $ =~ /: (\d+).(\d+)/;
+
+
+=pod 
+
+=head1 NAME
+
+esmith::FormMagick::Panels::ejabberd - useful panel functions
+
+=head1 SYNOPSIS
+
+    use esmith::FormMagick::Panels::ejabberd;
+
+    my $panel = esmith::FormMagick::Panel::ejabberd->new();
+    $panel->display();
+
+=head1 DESCRIPTION
+
+=cut
+
+
+=head2 new();
+
+Exactly as for esmith::FormMagick
+
+=begin testing
+
+$ENV{ESMITH_DOMAINS_DB} = "10e-smith-base/domains.conf";
+$ENV{ESMITH_CONFIG_DB} = "10e-smith-base/configuration.conf";
+
+use_ok('esmith::FormMagick::Panel::ejabberd');
+use vars qw($panel);
+ok($panel = esmith::FormMagick::Panel::ejabberd->new(), "Create panel object");
+isa_ok($panel, 'esmith::FormMagick::Panel::ejabberd');
+
+=end testing
+
+=cut
+
+sub new {
+    shift;
+    my $self = esmith::FormMagick->new();
+    $self->{calling_package} = (caller)[0];
+    bless $self;
+    return $self;
+}
+
+
+=head1 ACCESSORS
+
+=head2 get_cgi_param FM FIELD
+
+Returns the named CGI parameter as a string
+
+=cut
+
+sub get_cgi_param {
+    my $fm    = shift;
+    my $param = shift;
+
+    return ( $fm->{'cgi'}->param($param) );
+}
+
+
+=head2 get_prop ITEM PROP
+
+A simple accessor for esmith::ConfigDB::Record::prop
+
+=cut
+
+sub get_prop {
+  my ($self, $item, $prop) = @_;
+  warn "You must specify a record key"    unless $item;
+  warn "You must specify a property name" unless $prop;
+  my $record = $db->get($item) or warn "Couldn't get record for $item";
+  return $record ? $record->prop($prop) : undef;
+}
+
+=head2 get_value ITEM
+
+A simple accessor for esmith::ConfigDB::Record::value
+
+=cut
+
+sub get_value {
+  my $self = shift;
+  my $item = shift;
+  return ($db->get($item)->value());
+}
+
+=head2 get_ejabberd_access
+
+Returns "public", "private" or "off" depending on the 'access' and 'status' properties
+of the "ejabberd" config file variable
+
+=cut
+
+sub get_ejabberd_access {
+
+  my ($self) = @_;
+  my $status = get_prop($self,'ejabberd','status');
+  if ( (defined $status) && ($status eq 'enabled')) {
+    my $access = get_prop($self,'ejabberd','access');
+    return $access ? $access : 'off';
+  }
+  else {
+    return('off');
+  }
+}
+
+=head2 get_exception_list
+
+return the list of already defined exceptions
+
+=cut
+
+sub get_exception_list
+{   
+    my ($self) = @_;
+    my $q = $self->{cgi};
+
+    my $rec = $ejdb->get('exception') ||
+              $ejdb->new_record('exception', {type=>'list'});
+    my %rules = $rec->props;
+    my @exceptions = ();
+    while (my ($parameter,$value) = each(%rules)) {
+        next if ($parameter eq "type");
+
+        if ($value eq "User") {
+            $parameter =~ s/\\\\40/%/;
+            push (@exceptions,$parameter);
+        }
+    }
+    return join("\n", @exceptions);
+}
+
+=head1 ACTION
+
+
+=head2 change_settings
+
+If everything has been validated, properly, go ahead and set the new settings
+
+=cut
+
+
+sub change_settings {
+    my ($self) = @_;
+
+    my %conf;
+
+    my $q = $self->{'cgi'};
+
+    # Don't process the form unless we clicked the Save button. The event is
+    # called even if we chose the Remove link or the Add link.
+    return unless($q->param('Next') eq $self->localise('SAVE'));
+
+    my $access = $q->param ('access') || 'off';
+    my $webadmin = $q->param('webadmin') || 'disabled';
+    my @gateways = $q->param('transports') || ();
+    my $roster = $q->param('shared_roster') || 'disabled';
+    my $filter = $q->param('default_filter') || 'allow';
+    my $log = $q->param('log') || 'none';
+    my $exceptions = ($q->param('exception_list') || '');
+    my @exceptions = split(/[\n\r]/, $exceptions);
+
+    #------------------------------------------------------------
+    # Looks good; go ahead and change the access.
+    #------------------------------------------------------------
+
+    my $rec = $db->get('ejabberd');
+    if($rec)
+    {
+    	if ($access eq "off")
+    	{
+	    $rec->set_prop('status','disabled');
+    	}
+    	else
+      	{
+	    $rec->set_prop('status','enabled');
+	    $rec->set_prop('access', $access);
+      	}
+    }
+
+    $rec->set_prop('FilterDefault', $filter);
+    $rec->set_prop('AllowedGroups', join(',',$q->param('allowedGroups')));
+    $rec->set_prop('SharedRoster', $roster);
+
+    $rec = $db->get('spectrum');
+
+    foreach my $proto (@transports){
+        if (grep ($proto, @gateways)){
+            $rec->set_prop("$proto",'enabled');
+        }
+        else{
+            $rec->set_prop("$proto",'disabled');
+        }
+    }
+
+    $rec = $ejdb->get('exception');
+
+    my %list = $rec->props;
+    while (my ($parameter,$value) = each(%list)) {
+        if ($parameter eq "type") {next;}
+
+        if ($value eq "User") {
+            $ejdb->get_prop_and_delete('exception', "$parameter");
+        }
+    }
+
+    foreach (@exceptions){
+        $rec->set_prop($_, 'User');
+    }
+
+    $self->cgi->param(-name=>'wherenext', -value=>'First');
+
+    unless ( system( "/sbin/e-smith/signal-event", "ejabberd-update" ) == 0 )
+    {
+        $self->error('ERROR_UPDATING');
+        return undef;
+    }
+
+    $self->success('SUCCESS');
+}
+
+=head2 print_gateways
+
+This method print status of the available gateways
+
+=cut
+
+sub print_gateways
+{
+    my ($self) = @_;
+    my $q = $self->{cgi};
+
+    print "<tr><td class=\"sme-noborders-label\">",
+        $self->localise('LABEL_GATEWAYS'),
+        "</td><td>\n";
+
+    print $q->start_table({-class => "sme-border"}),"\n";
+    print $q->Tr(
+            esmith::cgi::genSmallCell($q, $self->localise('PROTOCOL'),"header"),
+            esmith::cgi::genSmallCell($q, $self->localise('STATUS'),"header"),
+        );
+    my $spectrum = $db->get('spectrum');
+
+    foreach my $proto (@transports){
+        my $status = $spectrum->prop($proto) || 'disabled';
+        my $checked = ($status eq 'enabled') ? 'checked' : '';
+        print $q->Tr(
+                esmith::cgi::genSmallCell($q, $proto,"normal"),
+                $q->td(
+                    "<input type=\"checkbox\""
+                    . " name=\"transports\""
+                    . " $checked value=\"$self->localise($proto)\">"
+                )
+            );
+    }
+    print "</table></td></tr>\n";
+
+    return undef;
+}
+
+=head2 print_allowed_groups
+
+This method print a matrix of allowed groups
+
+=cut
+sub print_allowed_groups(){
+    my ($self) = @_;
+    my $q = $self->{cgi};
+
+    my @allowedGroups = split(/[,;]/, (get_prop($self, 'ejabberd', 'AllowedGroups')));
+
+    if (my @groups = $adb->groups()) {
+
+        print "<tr><td class=\"sme-noborders-label\">",
+        $self->localise('ALLOWED_GROUPS'),
+        "</td><td>\n";
+
+        print $q->start_table({-class => "sme-border"}),"\n";
+        print $q->Tr(
+            esmith::cgi::genSmallCell($q, $self->localise('ALLOWED_OR_NOT'),"header"),
+            esmith::cgi::genSmallCell($q, $self->localise('GROUP'),"header"),
+            esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header")
+        );
+
+        foreach my $g (@groups) {
+            my $groupname = $g->key();
+            my $checked;
+            if (grep { $groupname eq $_ } @allowedGroups) {
+                $checked = 'checked';
+            } else {
+                $checked = '';
+            }
+
+            print $q->Tr(
+                $q->td(
+                    "<input type=\"checkbox\""
+                    . " name=\"allowedGroups\""
+                    . " $checked value=\"$groupname\">"
+                ),
+                esmith::cgi::genSmallCell($q, $groupname,"normal"),
+                esmith::cgi::genSmallCell( $q, $adb->get($groupname)->prop("Description"),"normal")
+            );
+        }
+
+        print "</table></td></tr>\n";
+
+    }
+
+    return undef;
+
+}
+
+1;

root/var/service/ejabberd/control/1

@@ -0,0 +1,41 @@
+#!/usr/bin/perl -w
+
+#----------------------------------------------------------------------
+# copyright (C) 2010-2011 Firewall-Services
+# daniel@firewall-services.com
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#               
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#               
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+# Technical support for this program is available from Mitel Networks 
+# Please visit our web site www.mitel.com/sme/ for details.
+#----------------------------------------------------------------------
+
+use esmith::util;
+use esmith::ConfigDB;
+use File::Copy;
+
+my $c = esmith::ConfigDB->open_ro;
+my $s = $c->get('SystemName')->value;
+my $d = $c->get('DomainName')->value;
+
+my $pem = "./ssl/cert.pem";
+# Now copy system pem file into jail used by ldap
+copy("/home/e-smith/ssl.pem/$s.$d.pem", "$pem.$$")
+  or die "failed to copy SSL PEM: $!";
+chmod 0640, "$pem.$$";
+esmith::util::chownFile("root", "ejabberd", "$pem.$$");
+rename("$pem.$$", "$pem")
+  or die "failed to rename $pem.$$ to $pem: $!";
+

root/var/service/ejabberd/control/2

@@ -0,0 +1,5 @@
+#! /bin/sh
+
+test /var/service/ejabberd/ssl/cert.pem -nt ./supervise/pid || exit 0
+sv t .
+

root/var/service/ejabberd/log/run

@@ -0,0 +1,24 @@
+#!/bin/sh
+ 
+ #----------------------------------------------------------------------
+ # copyright (C) 2007 Free-EOS
+ #
+ # This program is free software; you can redistribute it and/or modify
+ # it under the terms of the GNU General Public License as published by
+ # the Free Software Foundation; either version 2 of the License, or
+ # (at your option) any later version.
+ #
+ # This program is distributed in the hope that it will be useful,
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ # GNU General Public License for more details.
+ #
+ # You should have received a copy of the GNU General Public License
+ # along with this program; if not, write to the Free Software
+ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+ #
+ #----------------------------------------------------------------------
+ exec                                    \
+     /usr/local/bin/setuidgid smelog     \
+     /usr/local/bin/multilog t s5000000  \
+     /var/log/ejabberd.run

root/var/service/ejabberd/run

@@ -0,0 +1,52 @@
+#!/bin/sh -x
+#---------------------------------------
+# copyright (C) 2008 Jean-Paul Leclere
+#---------------------------------------
+
+exec 2>&1
+
+./control/1
+
+NODE=ejabberd
+HOST=`hostname | cut -d. -f1`
+
+EMU=beam
+export EMU
+
+LD_LIBRARY_PATH=/usr/lib/:/lib
+export LD_LIBRARY_PATH
+DYLD_LIBRARY_PATH=$LD_LIBRARY_PATH
+export DYLD_LIBRARY_PATH
+
+# Define ejabberd environment
+ERL_MAX_PORTS=32000
+export ERL_MAX_PORTS
+ERL_INETRC_PATH=/etc/ejabberd/inetrc
+export ERL_INETRC_PATH
+SASL_LOG_PATH=/var/log/ejabberd/sasl.log
+export SASL_LOG_PATH
+EJABBERD_LOG_PATH=/var/log/ejabberd/ejabberd.log
+export EJABBERD_LOG_PATH
+EJABBERD_SO_PATH=/usr/lib/ejabberd/priv/lib
+export EJABBERD_SO_PATH
+EJABBERD_CONFIG_PATH=/etc/ejabberd/ejabberd.cfg
+export EJABBERD_CONFIG_PATH
+EJABBERD_MSGS_PATH=/usr/lib/ejabberd/priv/msgs
+export EJABBERD_MSGS_PATH
+EJABBERD_DB=/var/lib/ejabberd/spool
+export EJABBERD_DB
+HOME=/var/lib/ejabberd
+export HOME
+
+exec /usr/local/bin/setuidgid ejabberd \
+    erl -pa /usr/lib/ejabberd/ebin \
+      -noinput \
+      -smp auto +K false +P 250000 \
+      -sname ejabberd \
+      -mnesia dir \"$EJABBERD_DB\" \
+      -kernel inetrc \"/$ERL_INETRC_PATH\" \
+      -s ejabberd \
+      -ejabberd config \"$EJABBERD_CONFIG_PATH\" \
+                log_path \"$EJABBERD_LOG_PATH\" \
+      -sasl sasl_error_logger \{file,\"$SASL_LOG_PATH\"\} 
+