git.m455.casa

m455.casa

clone url: git://git.m455.casa/m455.casa

html/archive/2020/setting-up-an-irc-server-with-oragono.html

1	`<!DOCTYPE html>`
2	`<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">`
3	`<head>`
4	`<meta charset="utf-8" />`
5	`<meta name="generator" content="pandoc" />`
6	`<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes" />`
7	`<title>Setting up an IRC server with Oragono</title>`
8	`<style>`
9	`code{white-space: pre-wrap;}`
10	`span.smallcaps{font-variant: small-caps;}`
11	`span.underline{text-decoration: underline;}`
12	`div.column{display: inline-block; vertical-align: top; width: 50%;}`
13	`div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;}`
14	`ul.task-list{list-style: none;}`
15	`</style>`
16	`<style>`
17	`body {`
18	`line-height: 1.5;`
19	`font-family: sans-serif;`
20	`font-size: 18px;`
21	`margin: 20px auto;`
22	`max-width: 630px;`
23	`}`
24
25	`a {`
26	`color: blue;`
27	`}`
28
29	`code, pre {`
30	`background-color: #fddee3;`
31	`font-size: 14px;`
32	`}`
33
34	`pre {`
35	`padding: 25px 25px;`
36	`overflow: auto;`
37	`}`
38
39	`pre code {`
40	`white-space: pre;`
41	`}`
42
43	`img {`
44	`max-width: 100%;`
45	`}`
46
47	`table {`
48	`border-collapse: collapse;`
49	`}`
50
51	`table caption {`
52	`font-weight: bold;`
53	`margin: 10px 0px;`
54	`text-align: left;`
55	`}`
56
57	`th, td {`
58	`border: 1px solid #000;`
59	`padding: 4px;`
60	`}`
61
62	`blockquote {`
63	`border-left: 3px solid #000;`
64	`padding-left: 10px;`
65	`}`
66
67	`.border {`
68	`border: 1px solid #000;`
69	`margin: 25px 0px;`
70	`padding: 5px 25px;`
71	`}`
72
73	`@media only screen and (max-width: 700px) {`
74	`body {`
75	`margin: 10px;`
76	`}`
77	`}`
78
79	`@media (prefers-color-scheme: dark) {`
80	`body {`
81	`background-color: #111;`
82	`color: #eee;`
83	`}`
84	`a {`
85	`color: #009fff;`
86	`}`
87	`code, pre {`
88	`background-color: #111;`
89	`color: #fd6363;`
90	`}`
91	`pre {`
92	`padding: 15px 25px;`
93	`}`
94	`blockquote {`
95	`border-left: 3px solid #666;`
96	`}`
97	`.border, th, td {`
98	`border: 1px solid #666;`
99	`}`
100	`}`
101	`</style>`
102	`</head>`
103	`<body>`
104	`<main>`
105	`<h2 id="setting-up-an-irc-server-with-oragono">Setting up an IRC server with Oragono</h2>`
106	`<p>2020-12-25 00:00</p>`
107	`<p>This page will guide you through setting up an IRC server using <a href="https://oragono.io/">Oragono</a>.</p>`
108	`<h3 id="page-overview">Page overview</h3>`
109	`<!-- vim-markdown-toc GFM -->`
110	`<ul>`
111	`<li><a href="#page-conventions">Page conventions</a></li>`
112	`<li><a href="#assumptions">Assumptions</a></li>`
113	`<li><a href="#requirements">Requirements</a></li>`
114	`<li><a href="#preparing-your-system">Preparing your system</a>`
115	`<ul>`
116	`<li><a href="#creating-an-oragono-user">Creating an oragono user</a>`
117	`<ul>`
118	`<li><a href="#to-create-an-oragono-user">To create an oragono user</a></li>`
119	`</ul></li>`
120	`<li><a href="#allowing-connections-on-port-6697">Allowing connections on port 6697</a>`
121	`<ul>`
122	`<li><a href="#to-allow-connections-on-port-6697">To allow connections on port 6697</a></li>`
123	`</ul></li>`
124	`</ul></li>`
125	`<li><a href="#setting-up-oragono">Setting up Oragono</a>`
126	`<ul>`
127	`<li><a href="#downloading-oragono">Downloading Oragono</a>`
128	`<ul>`
129	`<li><a href="#to-download-oragono">To download Oragono</a></li>`
130	`</ul></li>`
131	`<li><a href="#extracting-the-downloaded-files">Extracting the downloaded files</a>`
132	`<ul>`
133	`<li><a href="#to-extract-the-downloaded-files">To extract the downloaded files</a></li>`
134	`</ul></li>`
135	`<li><a href="#configuring-oragono">Configuring Oragono</a>`
136	`<ul>`
137	`<li><a href="#to-configure-oragono">To configure Oragono</a></li>`
138	`</ul></li>`
139	`<li><a href="#creating-a-irc-server-administrator-password">Creating a IRC server administrator password</a>`
140	`<ul>`
141	`<li><a href="#to-create-a-irc-server-administrator-password">To create a IRC server administrator password</a></li>`
142	`</ul></li>`
143	`</ul></li>`
144	`<li><a href="#productionizing-oragono">Productionizing Oragono</a>`
145	`<ul>`
146	`<li><a href="#autostarting-oragono">Autostarting Oragono</a>`
147	`<ul>`
148	`<li><a href="#to-autostart-oragono">To autostart Oragono</a></li>`
149	`</ul></li>`
150	`<li><a href="#auto-renewing-oragonos-ssl-and-tls-certificates">Auto-renewing Oragono’s SSL and TLS certificates</a>`
151	`<ul>`
152	`<li><a href="#to-auto-renew-oragonos-ssl-and-tls-certificates">To Auto-renew Oragono’s SSL and TLS certificates</a></li>`
153	`</ul></li>`
154	`</ul></li>`
155	`</ul>`
156	`<!-- vim-markdown-toc -->`
157	`<h3 id="page-conventions">Page conventions</h3>`
158	`<ul>`
159	`<li><strong>Note</strong>: Signifies additional information</li>`
160	`<li><strong>Tip</strong>: Signifies an alternative procedure for completing a step</li>`
161	`<li><strong>Warning</strong>: Signifies that damage, such as data loss, may occur</li>`
162	`<li><strong>Example</strong>: Shows how a procedure would be performed in a real scenario</li>`
163	`<li><code>Inline code and code blocks</code>: Signify package names, filenames, file contents, or commands</li>`
164	`</ul>`
165	`<h3 id="assumptions">Assumptions</h3>`
166	`<p>This guide assumes:</p>`
167	`<ul>`
168	`<li>You are using a Ubuntu server on a DigialOcean droplet</li>`
169	`<li>You are using nginx to serve your web content</li>`
170	`<li>You manage your SSL/TLS certificates with certbot</li>`
171	`<li>You have your domain name setup with DigitalOcean’s name servers</li>`
172	`<li>You have your SSH keys setup with your server</li>`
173	`<li>You have root access to your server</li>`
174	`</ul>`
175	`<h3 id="requirements">Requirements</h3>`
176	`<ul>`
177	`<li>ufw</li>`
178	`</ul>`
179	`<h3 id="preparing-your-system">Preparing your system</h3>`
180	`<p>This section will guide you through preparing your system for running an IRC server using Oragono.</p>`
181	`<p>This section consists of the following topics:</p>`
182	`<ul>`
183	`<li><a href="#creating-an-oragono-user">Creating an oragono user</a></li>`
184	`<li><a href="#allowing-connections-on-port-6697">Allowing connections on port 6697</a></li>`
185	`</ul>`
186	`<h4 id="creating-an-oragono-user">Creating an oragono user</h4>`
187	`<p>An <code>oragono</code> user allows your server to run Oragono as a less-privileged user than root. This provides you with a more secure IRC server setup.</p>`
188	`<h5 id="to-create-an-oragono-user">To create an oragono user</h5>`
189	`<ol type="1">`
190	`<li><p>Run the following command:</p>`
191	`<pre><code> sudo adduser \`
192	`--system \`
193	`--shell /bin/bash \`
194	`--group \`
195	`--disabled-password \`
196	`--home /home/oragono \`
197	`oragono</code></pre></li>`
198	`</ol>`
199	`<h4 id="allowing-connections-on-port-6697">Allowing connections on port 6697</h4>`
200	`<p>You will need to allow connections on port 6697, which is the port people will use to connect to your IRC server.</p>`
201	`<h5 id="to-allow-connections-on-port-6697">To allow connections on port 6697</h5>`
202	`<ol type="1">`
203	`<li>Run <code>sudo ufw allow 6697</code></li>`
204	`</ol>`
205	`<h3 id="setting-up-oragono">Setting up Oragono</h3>`
206	`<p>This section will guide you through downloading, extracting, and configuring Oragono’s files.</p>`
207	`<p>This section consists of the following topics:</p>`
208	`<ul>`
209	`<li><a href="#downloading-oragono">Downloading Oragono</a></li>`
210	`<li><a href="#extracting-the-downloaded-files">Extracting the downloaded files</a></li>`
211	`<li><a href="#configuring-oragono">Configuring Oragono</a></li>`
212	`</ul>`
213	`<h4 id="downloading-oragono">Downloading Oragono</h4>`
214	`<p>Downloading the Oragono files will allow you to access the files required to run the IRC server.</p>`
215	`<h5 id="to-download-oragono">To download Oragono</h5>`
216	`<ol type="1">`
217	`<li>Run <code>sudo su oragono</code></li>`
218	`<li>Run <code>cd</code></li>`
219	`<li>Run <code>wget https://github.com/oragono/oragono/releases/download/v2.4.0/oragono-2.4.0-linux-x86_64.tar.gz</code></li>`
220	`</ol>`
221	`<aside class="border">`
222	`<p>`
223	`<strong>Note</strong> In this guide, I am using Oragono version 2.4.0. For the latest release number, see Oragono’s <a href="https://github.com/oragono/oragono/releases/">releases page</a>.`
224	`</p>`
225	`</aside>`
226	`<h4 id="extracting-the-downloaded-files">Extracting the downloaded files</h4>`
227	`<p>Extracting the downloaded files allows you to access, use, and modify the contents that were compressed inside the <code>.tar.gz</code> directory.</p>`
228	`<h5 id="to-extract-the-downloaded-files">To extract the downloaded files</h5>`
229	`<ol type="1">`
230	`<li>Run <code>tar -xf oragono-2.4.0-linux-x86_64.tar.gz</code></li>`
231	`<li>Run <code>mv oragono-2.4.0-linux-x86_64 oragono1</code></li>`
232	`<li>Run <code>mv oragono1/* /home/oragono/</code></li>`
233	`<li>Run <code>rm -rf oragono1</code></li>`
234	`</ol>`
235	`<h4 id="configuring-oragono">Configuring Oragono</h4>`
236	`<p>You will need to switch to the <code>oragono</code> user to properly configure Oragono.</p>`
237	`<h5 id="to-configure-oragono">To configure Oragono</h5>`
238	`<ol type="1">`
239	`<li>Run <code>cp default.yaml ircd.yaml</code></li>`
240	`<li>Edit <code>ircd.yaml</code> and <code>oragono.motd</code> to your liking.</li>`
241	`</ol>`
242	`<aside class="border">`
243	`<p>`
244	`<strong>Note</strong>: For more information on editing <code>ircd.yaml</code>, see the <a href="https://github.com/oragono/oragono/blob/stable/docs/MANUAL.md#accountnick-modes">Account/Nick Modes</a> section on the <a href="https://github.com/oragono/oragono/blob/stable/docs/MANUAL.md">Oragono manual</a>.`
245	`</p>`
246	`</aside>`
247	`<h4 id="creating-a-irc-server-administrator-password">Creating a IRC server administrator password</h4>`
248	`<p>A server administrator account allows you to supersede other users and settings when needed.</p>`
249	`<h5 id="to-create-a-irc-server-administrator-password">To create a IRC server administrator password</h5>`
250	`<ol type="1">`
251	`<li>Run <code>./oragono genpasswd</code></li>`
252	`<li>Copy the generated password hash</li>`
253	`<li>Paste the password has in the <code>ircd.yaml</code> file in the <code>opers</code> section</li>`
254	`</ol>`
255	`<h3 id="productionizing-oragono">Productionizing Oragono</h3>`
256	`<p>This section will guide you through enabling autostarting Oragono every time you restart your server, and creating a post-renew hook for <code>certbot</code> when renewing SSL and TLS certificates.</p>`
257	`<p>This section consists of the following sections:</p>`
258	`<ul>`
259	`<li><a href="#autostarting-oragono">Autostarting Oragono</a></li>`
260	`<li><a href="#auto-renewing-oragonos-ssl-and-tls-certificates">Auto-renewing Oragono’s SSL and TLS certificates</a></li>`
261	`</ul>`
262	`<h4 id="autostarting-oragono">Autostarting Oragono</h4>`
263	`<p>Autostarting Oragono removes the need to manually start Oragono on system restarts.</p>`
264	`<h5 id="to-autostart-oragono">To autostart Oragono</h5>`
265	`<ol type="1">`
266	`<li><p>Run <code>sudo su</code></p></li>`
267	`<li><p>Add the following to <code>/etc/systemd/system/oragono.service</code>:</p>`
268	`<pre><code> [Unit]`
269	`Description=oragono`
270	`After=network.target`
271	`# If you are using MySQL for history storage, comment out the above line`
272	`# and uncomment these two instead (you must independently install and configure`
273	`# MySQL for your system):`
274	`# Wants=mysql.service`
275	`# After=network.target mysql.service`
276
277	`[Service]`
278	`Type=simple`
279	`User=oragono`
280	`WorkingDirectory=/home/oragono`
281	`ExecStart=/home/oragono/oragono run --conf /home/oragono/ircd.yaml`
282	`ExecReload=/bin/kill -HUP $MAINPID`
283	`Restart=on-failure`
284	`LimitNOFILE=1048576`
285
286	`[Install]`
287	`WantedBy=multi-user.target</code></pre></li>`
288	`<li><p>Run <code>systemctl daemon-reload</code></p></li>`
289	`<li><p>Run <code>systemctl enable oragono</code></p></li>`
290	`<li><p>Run <code>systemctl start oragono</code></p></li>`
291	`</ol>`
292	`<h4 id="auto-renewing-oragonos-ssl-and-tls-certificates">Auto-renewing Oragono’s SSL and TLS certificates</h4>`
293	`<p>Auto-renewing Oragono’s SSL and TLS certificates removes the need to manually copy your website domain’s certificates to the <code>/home/oragono/</code> directory.</p>`
294	`<h5 id="to-auto-renew-oragonos-ssl-and-tls-certificates">To Auto-renew Oragono’s SSL and TLS certificates</h5>`
295	`<ol type="1">`
296	`<li><p>Add the following in <code>/etc/letsencrypt/renewal-hooks/post/install-oragono-certificates</code>:</p>`
297	`<pre><code> #!/bin/bash`
298
299	`set -eu`
300
301	`umask 077`
302	`cp /etc/letsencrypt/live/m455.casa/fullchain.pem /home/oragono/`
303	`cp /etc/letsencrypt/live/m455.casa/privkey.pem /home/oragono/`
304	`chown oragono:oragono /home/oragono/*.pem`
305	`# rehash oragono, which will reload the certificates:`
306	`systemctl reload oragono.service</code></pre></li>`
307	`<li><p>Run <code>chmod 755 /etc/letsencrypt/renewal-hooks/post/install-oragono-certificates</code></p></li>`
308	`<li><p>Run <code>certbot renew</code></p></li>`
309	`</ol>`
310	`<aside class="border">`
311	`<p>`
312	`<strong>Note</strong>: Sometimes <code>certbot</code> has issues with post-renew scripts, so if the script doesn’t run automatically after you’ve renewed your certificates, try running the <code>install-oragono-certificates</code> script manually as root.`
313	`</p>`
314	`</aside>`
315	`</main>`
316	`</body>`
317	`</html>`