Advanced: Roll your own XMPP Server with your own stuff at home.

[TahquitzII]

This is a summary of my last 5-6 hours of my existence figuring this out.  I typed this "stream of consciousness" style late at night, so I apologize if I left any details out.

Resources:

• A computer not used for gaming (a server, actual or implied) -- Full disclosure: I'm using Windows Server on my stuff so these are going to be instructions for Windows-based systems,
• a domain ($35 annually or less if you don't have one),
• a Static IP Address (may cost more to your ISP: this means getting disconnected or missing your bill doesn't assign your home router a new IP address from your ISP),
• and a Router that you are able to configure. (If a professional installed it for you and you don't know how to log in to your router through a web browser, you really shouldn't proceed; a mistake may disable your whole network.)

  All that, and a installer for your desired XMPP Server.  OpenFire at http://www.igniterealtime.org/projects/openfire/ and Ejabberd at https://www.process-one.net/en/ejabberd/ are two examples of such.  Unless you're springing for an enterprise-class tier for some odd reason, go for the free ones.

Skills:

• Access to your DNS Zone File from the domain (or a web-based front end you can more or less fake it with).  If your web host does not provide this, you'll have problems.
• Whatever computer you are relying upon to serve XMPP chat needs to be something you don't mind configuring or remaking from bare metal should something go wrong. Don't worry, as with any other server program (or Windows Server "Role") you can "down" the XMPP server when you don't want to run it anymore without shutting the system off.
• You will need to be able to assign a fixed IP to a device in your network.  This means using a custom TCP/IP Address.  If you don't know what this means, you should probably seek help before continuing.  (Network Geek Test: Using your Mac and finding your MAC are not referring to the same thing.  If that went over your head, I'm talking about you.)  And don't seek networking advice primarily from here. (We're gamers, not tech support... we don't mind pointers or advice, but ultimately the initiative concerning the execution of a solution to your problems has to come from you. Take the plunge.)  Go ask a StackExchange site, or read the forums on a tech news site like Tom's Hardware or Ars Technica.  At the very least, you shouldn't be afraid of your Networking area in the Control Panel.
• No fear of your home broadband router configuration panel in your web browser.  You will need to forward a port.  (If you don't know what that means, no problem: you're telling the firewall to allow traffic from the outside world to reach your server at a specific numbered port.  If this sounds like a security risk, that's because it is.)
• Additionally, no fear of your server's firewall configuration panel (if you're using Windows Server or Windows 7.)

Zeroth Step.
Reflect.
Ask yourself -- should you do this? 

• What is your purpose of having a private XMPP server?  (If you want to talk in Paragon Chat privately away from other players, Tells work just as much as making a custom channel and having your friends join that channel instead.  Why do you need more than that?)  I have my answer as to why I'm doing this, and you should know what yours is.


• Are you comfortable with tinkering with your computers to the point that a possible security vulnerability will be persistent while the XMPP server is running?


• If you mess up, are you ready to wipe your router's configuration and set it up from scratch (including resetting your wireless network SSID and password)?  How about starting over from scratch on your server computer?

If your uncertain about any of the above, you shouldn't do this.  I'm not trying to be a unicorn here, we're all geniuses in our own right at something.  My thing happens to be technical problem solving (I can fix things in hardware and software, but I'm not "soldering iron, 35 cents, and a subway ticket" good... we're not all MacGyver here), yours might be musical theatre composition, or physics... or the custodial arts.  That doesn't make me any less or more intelligent than you are.  Personally, I suck at math, so I have someone else do my taxes.  It's also why I'm not a programmer, either.

Babbling on, sorry.  If you are still interested, let's get to work.

At best, if you want to improvise with these instructions, you need a good grasp on TCP/IP, how it works, and what your home network subnet layout is.  DNS knowledge helps, but it isn't absolutely essential as you just have the one step to do.

You probably won't lose data from your computers in a mishap concerning these steps (emphasis on probably, I have no idea what you're about to do), but again, as with all online instructions, CAVEAT EMPTOR.  Proceed at your own risk.  If your server computer gets hacked because you didn't keep up with updates, your password is 'password', or other silliness, nobody is responsible except the server's owner (hopefully that is you.)  Same as if your HP ProLiant Home Media Server becomes a lifeless brick because of you following these instructions (or it became a lifeless brick not following them). 

First Step. 
Find your Static IP Address. (Can you use a Dynamic DNS service to cover this?  Yes, but most people with servers will use Static IP Service instead, so I'll go this route.)  You can do this by visiting a search engine and asking "What is my IP?"

(A sidenote of conjecture: can XMPP work with Dynamic IP?  I'm sure it could, just as much as one can set it up ad-hoc with different networks every time it starts, or in a local only DNS zone, but those both have drawbacks.  Besides, my instructions are long enough as they are. Setting up Dynamic IP XMPP servers are not included here, that's extra credit for someone else to earn.)

Second Step.
Name your service.

You will either need to do one of the following:

• Buy a domain name.  If you don't have an existing one, it's really your only choice.
• Use an existing one, but add a DNS A Name record to the Zone File.  An example:
  
        chat.cohfanz.org. 14400 IN A XX.XX.XX.XX
  
  

In English (what that line of text above means):

Name of the A Record: chat.cohfanz.org (or whatever your domain is named... if you want to use a subdomain, write it before the first period.  DON'T USE THE ONE I TYPED HERE-- IT DOESN'T EXIST.)  The extra dot at the end of the address means that the address is a Fully Qualified Domain Name (FQDN) which is a semantic difference in DNS for some reason.  If you see the period appear at the end of the address you typed in, don't freak out.  Everything's still jake.

TTL: 14400 (Time to Live... unless you plan on changing addresses rapidly, this isn't a big deal.)

Class: IN (No idea what this does... I'm new to DNS myself.)

Address: XX.XX.XX.XX <-- This is the static IP Address of your house.  This is required for any of this to work.  Of, course, this is fake.  IP addresses should be numeric, and each octet (or number next to a period for non-binary types) should be 0-255. An example that won't work is 172.16.0.235.  It follows the rules, but it's in a group of addresses known as PRIVATE IP BLOCKS which will never connect on a wide area network.  With a few exceptions, if the address you are looking at starts with 10.XX.XX.XX, 172.16.XX.XX, or 192.168.XX.XX, this is not your public IP Address but the one inside of your house/building.
      
I can't give instructions on how to specifically do this at your registrar as there's plenty of registrars out there, each with their own interface.  Follow their help files/instructions to find the DNS or Domain Control Panel.
      
Bear in mind, setting the DNS entry will take time to propagate.  It could be as quick as 5 minutes, or as long as 48 hours.  If you did this and it didn't work, try waiting.  After 2 days, if you open a Command Prompt and "ping chat.cohfanz.org" doesn't show your Internet Static IP, you'll need to try it again.
   
Third Step. 
Setup your server.

I will offer instructions provided for Windows 7/Windows Server (2008/2012, possible 2016.)  If you use Linux, good luck, I'm not well versed in BASH or the Unix file system enough to provide specific steps (let alone Apache or nginx).  Same applies with Mac (No, not that MAC, a Mac.)

SERVER:You'll need to know your servers internal IP Address in your household network.  If you use DHCP to assign addresses (as most home routers should do by default) you should assign your server to a fixed address in your house.  For example: 192.168.0.1 as your router with 255.255.255.0 as a subnet, just place the server IP Address to 192.168.0.2 or something close to it.  If your router allows you to customize DHCP assignments, you can set a range within the subnet that prevents your router from giving that address away (such as 192.168.0.6-192.168.0.254) so the addresses not in that range (192.168.0.1-192.168.0.5) are yours to give away.  You will enter the internal IP address you chose into TCP/IP properties in your Network Adapter's Properties panel.  (Find it in your Control Panel.)

ROUTER: This address is needed for your router.  Since there are 100's of router models in circulation (rumors speculate 1,000's, but I'm not into superstition and fairy tales... XD), I can't provide specific instructions.  What I can say is you'll need the following settings:

• Port Range: 5222-5222 (Set this for External and Internal).  Really brave souls can enter a custom port, but that will complicate these instructions further, and this is complicated enough as it is.  Brownie points are up for grabs if you can figure it out.
• Method: TCP (or TCP/UDP if it doesn't give you a singular choice for TCP alone).
• Internal IP Address: set this to your server computer (192.168.0.2 if you're following my above example.)
• If it asks you to name the Port Forwarding entry, go for it.  This is for your own sake so you can remember what you entered in months from now, so I'd stick to XMPP or Paragon Chat.

ROUTER: You will need to exclude your server from DHCP.  Again 100's of models of router out there, so I can't help with the particulars.  All you need to set is the DHCP Range (Starting IP Address and Ending IP Address).  Make the DHCP range smaller so that your server is outside of the range.

With these steps done, hopefully you notice a progression start to take shape:

• Internet -- DNS: Chat.cohfanz.org to XX.XX.XX.XX (Whatever your static IP is)
• Your Home -- XX.XX.XX.XX (which is the address to your router from the Internet outside) to 192.168.0.2 via port forwarding (port 5222 only - the address to your XMPP server.)

Now what is needed?  Your server's firewall needs to allow the port from the Public to work.

Fourth Step.
Prep your server firewall to play nice with an XMPP Server, then install it.
SERVER: Go to Control Panel, Administrative Tools, Windows Firewall with Advanced Security.  You will make an Inbound and Outbound rule allowing Public (or honestly, ALL) traffic for Port 5222 through UDP.  Name this rule accordingly.  This should be terribly similar to port forwarding on your Router, so if you got this far, adding a Firewall Rule is just as easy.

So now, we have a pathway from the Internet, to your Router, to your Server.  Last Step?  Install the server.  I went with Ejabberd instead of OpenFire. 
   
Why? 
   
I work in IT and I hate Java.  Not because of any inferiority complex with programming language preferences, or peccadillos about Java's sluggishness for cross-compatibility, nor do I think Java is particularly bad or evil... I hate any software that has frequent zero-day patching that is needed.  It is especially unnerving to a IT Helpdesk Laborer at a school district because Educational Software is blatantly stuck in the mid-2000's as far as add-ons and plug in dependencies are concerned.  (Why rewrite a program when you can collect the same amount of money or more for keeping it alive without changes?  In fact, those jerks at Pe-- you know what, I'm getting off track.  Sorry, I didn't mean to dump on you.) 

Java is one of those apps that are such a large attack vector that I don't even want to bother with it if I can help it at all.  And I don't have to.
   
Run the download of Ejabberd server on your server computer.  During setup, pay attention to the following:

• HOST: This should be the same address as the DNS A record you made above (the plain text one from your domain, not the Static IP address).  This entry will be the second half of a user name after the @ sign, so make sure you enter it right.
• Admin Username: Admin is fine, or change it.  Your call.  This user will not work to log into the chat server, this is just to log into the admin panel on your localhost version of the server (the address should be localhost:5280 unless you changed it.)

Once installed, you can enter configuration settings.  For Paragon Chat, Ejabberd is ret-to-go for the most part save for one little setting: you need to activate the Multicast module.  Here's how:

• Go to File Explorer (or Explorer for Windows 7 users: the folder icon in your taskbar or start menu.)
• In the address bar, delete the contents and enter this without quotes: "%APPDATA%" This is a shortcut to take you to your computers current APPDATA folder for your login.  (This also saves boatloads of time explaining nuances between Windows 7, 8, 10 and Windows Server's AppData locations, let alone local vs. roaming profiles.)
• Enter the Ejabberd folder, and open the CONF folder.
• Edit the file that says "ejabberd.yml" with Notepad.  Look for the section titled MODULES and remove the comment marks (##) in front of "mod_multicast {}".
• Save the file. Close all the things!

   
Finalth Step
Start the service, make an account, and test the connection. 
Go to your server's Start menu, open all programs, look for ProcessOne (the maker of Ejabberd) and click "Start ejabberd."  This will start your XMPP server.

Now you should be able to go on your server computer and visit localhost:5280.  Enter admin@chat.cohfanz.org (replace the fake address with the real one) and enter the admin password you set. 

Create your first user account.  In the Admin webpage, Go to "Virtual Hosts", click on your server name, and click "Users".  Enter a username you want to use in Paragon Chat and set a password, then click "Add User". 

Guess what credentials you will need to enter into Paragon Chat?  The ones you just made.  Go on, launch Paragon Chat and try logging in, I'll wait...

SET AT STARTUP/DISABLING XMPP
If you expect the computer to turn off and on frequently (through a fault or on purpose), you may want to set ejabberd as a startup item or a Task Scheduler job for when the computer starts.  Google how to do this, I'm not going to give away everything... consider this extra credit.

So, it's been a few weeks, and you're bored and want to shut down the server for a while.  How?  Go to Start Menu, all Programs, select ProcessOne and "Stop ejabberd".  This stops the service.  In addition you can Disable the rules you set in Windows Firewall with Advanced Security, or turn off the Port Forwarding entry in your router.  Any of these three steps stops the server, but I'd use at least two of them to ensure better security.  Don't just shut the computer off!  The next fool who turns it on will re-enable the server if you share the computer with other people.

===========

Thanks for your patience with my nonsense.  Hopefully this gives a better idea of what considerations you need to make to set something like this up (at the least) or gives a pointer that makes your attempt a little easier on you. 

If you have a more terse (or sexier) way of stating what I mentioned above, go for it, or if you figure out the stuff I intentionally glazed over, feel free to add on to this below.  I'm not a communications major or English teacher, and I know I'm a bit longwinded.  (So spare the "TL;DR" replies. I already know.)

Good luck!

[FloatingFatMan]

Although it's fun to roll your own.... Honestly, I don't think our community is large enough that we want to split it further...

[Tahquitz]

Part of what I was trying to share: for laypeople, using chat.cohtitan.com is easier.  This isn't exactly something you'd want to do just to be able to chat in a "private room".

Which explains my Zeroth Step: I didn't create an XMPP server just for Paragon Chat.  One of my family members distrusts Social Media, including Facebook, Hangouts, Twitter, etc. and this is a way for me to keep in touch with them without involving the whole Internet. (In the OP, I didn't mention in this how to set up TLS Certificates for encryption.  On my server, I certainly did.) 

I enabled the modules I did to get Paragon Chat to work, but I didn't have to do it for my solution to function.  In fact, I find it amusing map-diving into the places I've never seen in the game (I didn't play CoV a whole lot, my biggest regret with the game) while chatting with them unaware (and stuck with Xabber with no idea what I'm doing on my end.) 

Splitting away from Titan Network would presume that chat.cohtitan.com has no value to me.  As the Grand Central Station to Paragon Chat, it most certainly does: I am still able to sign into there even after doing this, I retain all of my costumes and characters between multiple XMPP signins, and I'm still meeting new people as they land in Atlas Park going "Whoa!" after logging in for the first time. :D (Plus I can switch off: put my sibling on Miranda NG, while in Paragon Chat under chat.cohtitan.com.)

As for the private server: yeah, it's a lot of work to make a sibling happy, but so far it's doing pretty well, and it cost me about 5 hours (the same time I'd have spent on a hand made Christmas Gift that they'd marginally appreciate and let collect dust in an attic).

[Tahquitz]

Regarding TLS Certificates, Lee Hutchinson from Ars Technica made a video on his setup of Prosody IM Server on Ubuntu, and offers an overview of the process.  http://arstechnica.com/information-technology/2014/03/how-to-set-up-your-own-private-instant-messaging-server/

[Acanous]

This'd be great info to have in the case where (knock on wood) Paragon Chat ever got into trouble. You've done the final step and made PC unkillable. Good job.

[Leandro]

There's no need for anyone to set up a new XMPP server in that case; any standards-compliant XMPP server will work, and there are tons on the Internet.

Even servers that aren't exactly compliant will work in a pinch. If you want to try something hilarious, use your Google account to log into Paragon Chat: your Google contacts will show up on your Global friends and you will be able to send and receive tells as private messages. Unfortunately, the Google XMPP server does not support public chatrooms, so zone chat and coordinates transfer doesn't work.

[Tahquitz]

This'd be great info to have in the case where (knock on wood) Paragon Chat ever got into trouble. You've done the final step and made PC unkillable. Good job.

Flattered, but the real heroes are those who made PChat.  People like me tinker with stuff until it does what they want it to do, but I'm most certainly not a developer in any regard.  SCoRE did the real work.  I'm a hack.

I'm just writing instructions on something I presumed that they don't have the time to document (but could obviously do anyway, otherwise we wouldn't be using PChat.)  Some of them might be peeved I did write this like FloatingFatMan suggested since doing this has the potential to make private servers for cliques when the user count on Paragon Chat's main server is fairly low most days.  Which is probably why it wasn't posted on here.

The tinkering I'm trying to figure out now (the hard way) is to get Jingle Nodes working on ejabberd.  Not for Paragon Chat, as CoH had no voice chat faculties in the first place: this is to support voice calling in XMPP clients elsewhere (plenty of clients support voice chat, I'm using AstraChat on Android primarily).  If I can get this to work, I can stop using a private Ventrilo server and host voice chat myself as well. 

This is documented in OpenFire, but in ejabberd there is virtually no info on the use of Jingle Nodes past the RFC Specification.  But I like a challenge. :D

[Codewalker]

Some of them might be peeved I did write this like FloatingFatMan suggested since doing this has the potential to make private servers for cliques when the user count on Paragon Chat's main server is fairly low most days.  Which is probably why it wasn't posted on here.

No, I can't think of why anyone would be peeved. The FAQ even mentions it in the "Can I run my own server?" "Yes!" section. Explicit instructions are not given, as running an XMPP server is something you should only do if you know what you're doing (or are willing to learn as you set it up). That and there are a number of different software packages that could be used.

And, honestly, there are better ways that developer time can be spent than writing guides. Community members picking up the slack there to figure out and document how to do things is one way to help.

Paragon Chat's ability to connect to other servers is not there by accident.

[FloatingFatMan]

Some of them might be peeved I did write this like FloatingFatMan suggested since doing this has the potential to make private servers for cliques when the user count on Paragon Chat's main server is fairly low most days.

Not sure where you got peeved from. At no point in my post did I say I was peeved, just that the community is already rather small.

[Tahquitz]

FFM: I did not intend to imply that you felt that way at all. My apologies.
CW: My tendency is to float toward the negative in a vacuum, as I'm sure others on here do as well.  Also my apologies, I didn't intend to call SCoRE out as you're all probably busy.

And this is why you won't see me on social networking anywhere or anytime in the near future.  In practice concerning the Internet, I'm better off as a reader than a participant.  As a "reformed troll", my words get me in too much trouble, so I won't reply any further unless I have something more to add to this write up.

[GammaPaladin]

I already run an XMPP server on a VPS anyway, what I was hoping this thread would tell me is how to tell Paragon Chat to connect to my server instead of the default. The rest is (Obviously) stuff I already know.

I mean, I can create a fake DNS translation for the default server's domain if I have to, the hosts file is handy and all, but it seems a bit extreme. A config file for Paragon Chat that had it connect to a different server address would be nice, but none of the config files in %appdata%\Paragon Chat\Config seem to have anything to do with it, so I'm assuming it's hardcoded or something?

[Codewalker]

It just uses whatever you put after the @ sign in the JID on the login screen. If you type someuser@somedomain.net it will:

1. Try to look up an XMPP SRV record for somedomain.net (_xmpp-client._tcp.somedomain.net). If one exists, it will connect to the server specified in the SRV record.

2. Try to connect to 'somedomain.net' directly (by doing an A record lookup) on port 5222.

If the JIDs in use by your server are for a domain that doesn't actually have DNS pointing at the xmpp server, you'll probably have to set up a hosts file entry for somedomain.net. The other option is to use offline mode (run with -offline command-line parameter) and the /xmppsetjid, /xmppsetpassword, /xmppsetserver, and /xmppconnect commands. That's a pretty big pain in the butt so I'd just do the hosts file entry if for some reason you can't set up proper DNS records.

If you're running the server on a nonstandard port, paragon chat does support putting the port number in the login box, in the form of someuser@somedomain.net:12345

[GammaPaladin]

Ah. That makes sense. I was just using my bare username to log in, hadn't thought to try a qualified JID.

[Tahquitz]

A quick update.  I'll need to rewrite this guide.

Ejabberd has a key flaw that is a gamestopper with Paragon Chat.  Since the 1.0 release, one of the updates needs a MUC named paragon.chat.(Insert Server Here).  But Ejabberd has conference.chat.(Insert Server Here) hardcoded into the server.  There's a config option to change it, but if you do, the database loses sync and the server stops all MUC use with 503 Forbidden errors until you flush the database and rename the server back after a reinstall.

For that reason, I can't recommend the use of Ejabberd any longer.  I've bitten the Java bullet and switched to OpenFire.  I'll change the above guide for new installation instructions.

[Codewalker]

You may need to check your server config. Paragon Chat itself uses service discovery to locate the default MUC; it doesn't assume any particular name. I just double checked and there aren't any instances of "paragon.chat" anywhere in the XMPP code -- the only reason it connects to that on Titan's Openfire is that's what the MUC there happens to be named.

The local server I use for testing has the MUC set to the default "conference" name and it works fine. That's Openfire as well though, so it might be a service discovery issue with ejabberd.

[Tahquitz]

It was quicksand for me.  Once the database went corrupt, I ended up erasing everything to start from scratch (Uninstall server, head to %APPDATA%\Roaming\ejabberd and torch all of that, reinstall...) And I kept getting errors in Paragon Chat about malformed headings and each login couldn't see anyone else again.  Every channel I tried to make said "You are already in testchannel!" but I couldn't open it, leave the channel, or get the tells. 

Tried rolling back to old ejabberd that I knew worked.  Same issues.

OpenFire is much easier to use... things that had me stopping and restarting ejabberd constantly could be done in OpenFire in seconds from the web admin page.  Ejabberd expects the admin to use command line or XMPP clients to do admin tasks for the most part so the web interface was mostly read only.  Things that would kill ejabberd and require a reinstall like removing a user account or changing MUC room permissions takes less time overall.