clone url: git://git.m455.casa/m455.casa
html/archive/2020/setting-up-an-irc-server-with-oragono.html
1 | <!DOCTYPE html> |
2 | <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> |
3 | <head> |
4 | <meta charset="utf-8" /> |
5 | <meta name="generator" content="pandoc" /> |
6 | <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes" /> |
7 | <title>Setting up an IRC server with Oragono</title> |
8 | <style> |
9 | code{white-space: pre-wrap;} |
10 | span.smallcaps{font-variant: small-caps;} |
11 | span.underline{text-decoration: underline;} |
12 | div.column{display: inline-block; vertical-align: top; width: 50%;} |
13 | div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;} |
14 | ul.task-list{list-style: none;} |
15 | </style> |
16 | <style> |
17 | body { |
18 | line-height: 1.5; |
19 | font-family: sans-serif; |
20 | font-size: 18px; |
21 | margin: 20px auto; |
22 | max-width: 630px; |
23 | } |
24 |
|
25 | a { |
26 | color: blue; |
27 | } |
28 |
|
29 | code, pre { |
30 | background-color: #fddee3; |
31 | font-size: 14px; |
32 | } |
33 |
|
34 | pre { |
35 | padding: 25px 25px; |
36 | overflow: auto; |
37 | } |
38 |
|
39 | pre code { |
40 | white-space: pre; |
41 | } |
42 |
|
43 | img { |
44 | max-width: 100%; |
45 | } |
46 |
|
47 | table { |
48 | border-collapse: collapse; |
49 | } |
50 |
|
51 | table caption { |
52 | font-weight: bold; |
53 | margin: 10px 0px; |
54 | text-align: left; |
55 | } |
56 |
|
57 | th, td { |
58 | border: 1px solid #000; |
59 | padding: 4px; |
60 | } |
61 |
|
62 | blockquote { |
63 | border-left: 3px solid #000; |
64 | padding-left: 10px; |
65 | } |
66 |
|
67 | .border { |
68 | border: 1px solid #000; |
69 | margin: 25px 0px; |
70 | padding: 5px 25px; |
71 | } |
72 |
|
73 | @media only screen and (max-width: 700px) { |
74 | body { |
75 | margin: 10px; |
76 | } |
77 | } |
78 |
|
79 | @media (prefers-color-scheme: dark) { |
80 | body { |
81 | background-color: #111; |
82 | color: #eee; |
83 | } |
84 | a { |
85 | color: #009fff; |
86 | } |
87 | code, pre { |
88 | background-color: #111; |
89 | color: #fd6363; |
90 | } |
91 | pre { |
92 | padding: 15px 25px; |
93 | } |
94 | blockquote { |
95 | border-left: 3px solid #666; |
96 | } |
97 | .border, th, td { |
98 | border: 1px solid #666; |
99 | } |
100 | } |
101 | </style> |
102 | </head> |
103 | <body> |
104 | <main> |
105 | <h2 id="setting-up-an-irc-server-with-oragono">Setting up an IRC server with Oragono</h2> |
106 | <p>2020-12-25 00:00</p> |
107 | <p>This page will guide you through setting up an IRC server using <a href="https://oragono.io/">Oragono</a>.</p> |
108 | <h3 id="page-overview">Page overview</h3> |
109 | <!-- vim-markdown-toc GFM --> |
110 | <ul> |
111 | <li><a href="#page-conventions">Page conventions</a></li> |
112 | <li><a href="#assumptions">Assumptions</a></li> |
113 | <li><a href="#requirements">Requirements</a></li> |
114 | <li><a href="#preparing-your-system">Preparing your system</a> |
115 | <ul> |
116 | <li><a href="#creating-an-oragono-user">Creating an oragono user</a> |
117 | <ul> |
118 | <li><a href="#to-create-an-oragono-user">To create an oragono user</a></li> |
119 | </ul></li> |
120 | <li><a href="#allowing-connections-on-port-6697">Allowing connections on port 6697</a> |
121 | <ul> |
122 | <li><a href="#to-allow-connections-on-port-6697">To allow connections on port 6697</a></li> |
123 | </ul></li> |
124 | </ul></li> |
125 | <li><a href="#setting-up-oragono">Setting up Oragono</a> |
126 | <ul> |
127 | <li><a href="#downloading-oragono">Downloading Oragono</a> |
128 | <ul> |
129 | <li><a href="#to-download-oragono">To download Oragono</a></li> |
130 | </ul></li> |
131 | <li><a href="#extracting-the-downloaded-files">Extracting the downloaded files</a> |
132 | <ul> |
133 | <li><a href="#to-extract-the-downloaded-files">To extract the downloaded files</a></li> |
134 | </ul></li> |
135 | <li><a href="#configuring-oragono">Configuring Oragono</a> |
136 | <ul> |
137 | <li><a href="#to-configure-oragono">To configure Oragono</a></li> |
138 | </ul></li> |
139 | <li><a href="#creating-a-irc-server-administrator-password">Creating a IRC server administrator password</a> |
140 | <ul> |
141 | <li><a href="#to-create-a-irc-server-administrator-password">To create a IRC server administrator password</a></li> |
142 | </ul></li> |
143 | </ul></li> |
144 | <li><a href="#productionizing-oragono">Productionizing Oragono</a> |
145 | <ul> |
146 | <li><a href="#autostarting-oragono">Autostarting Oragono</a> |
147 | <ul> |
148 | <li><a href="#to-autostart-oragono">To autostart Oragono</a></li> |
149 | </ul></li> |
150 | <li><a href="#auto-renewing-oragonos-ssl-and-tls-certificates">Auto-renewing Oragono’s SSL and TLS certificates</a> |
151 | <ul> |
152 | <li><a href="#to-auto-renew-oragonos-ssl-and-tls-certificates">To Auto-renew Oragono’s SSL and TLS certificates</a></li> |
153 | </ul></li> |
154 | </ul></li> |
155 | </ul> |
156 | <!-- vim-markdown-toc --> |
157 | <h3 id="page-conventions">Page conventions</h3> |
158 | <ul> |
159 | <li><strong>Note</strong>: Signifies additional information</li> |
160 | <li><strong>Tip</strong>: Signifies an alternative procedure for completing a step</li> |
161 | <li><strong>Warning</strong>: Signifies that damage, such as data loss, may occur</li> |
162 | <li><strong>Example</strong>: Shows how a procedure would be performed in a real scenario</li> |
163 | <li><code>Inline code and code blocks</code>: Signify package names, filenames, file contents, or commands</li> |
164 | </ul> |
165 | <h3 id="assumptions">Assumptions</h3> |
166 | <p>This guide assumes:</p> |
167 | <ul> |
168 | <li>You are using a Ubuntu server on a DigialOcean droplet</li> |
169 | <li>You are using nginx to serve your web content</li> |
170 | <li>You manage your SSL/TLS certificates with certbot</li> |
171 | <li>You have your domain name setup with DigitalOcean’s name servers</li> |
172 | <li>You have your SSH keys setup with your server</li> |
173 | <li>You have root access to your server</li> |
174 | </ul> |
175 | <h3 id="requirements">Requirements</h3> |
176 | <ul> |
177 | <li>ufw</li> |
178 | </ul> |
179 | <h3 id="preparing-your-system">Preparing your system</h3> |
180 | <p>This section will guide you through preparing your system for running an IRC server using Oragono.</p> |
181 | <p>This section consists of the following topics:</p> |
182 | <ul> |
183 | <li><a href="#creating-an-oragono-user">Creating an oragono user</a></li> |
184 | <li><a href="#allowing-connections-on-port-6697">Allowing connections on port 6697</a></li> |
185 | </ul> |
186 | <h4 id="creating-an-oragono-user">Creating an oragono user</h4> |
187 | <p>An <code>oragono</code> user allows your server to run Oragono as a less-privileged user than root. This provides you with a more secure IRC server setup.</p> |
188 | <h5 id="to-create-an-oragono-user">To create an oragono user</h5> |
189 | <ol type="1"> |
190 | <li><p>Run the following command:</p> |
191 | <pre><code> sudo adduser \ |
192 | --system \ |
193 | --shell /bin/bash \ |
194 | --group \ |
195 | --disabled-password \ |
196 | --home /home/oragono \ |
197 | oragono</code></pre></li> |
198 | </ol> |
199 | <h4 id="allowing-connections-on-port-6697">Allowing connections on port 6697</h4> |
200 | <p>You will need to allow connections on port 6697, which is the port people will use to connect to your IRC server.</p> |
201 | <h5 id="to-allow-connections-on-port-6697">To allow connections on port 6697</h5> |
202 | <ol type="1"> |
203 | <li>Run <code>sudo ufw allow 6697</code></li> |
204 | </ol> |
205 | <h3 id="setting-up-oragono">Setting up Oragono</h3> |
206 | <p>This section will guide you through downloading, extracting, and configuring Oragono’s files.</p> |
207 | <p>This section consists of the following topics:</p> |
208 | <ul> |
209 | <li><a href="#downloading-oragono">Downloading Oragono</a></li> |
210 | <li><a href="#extracting-the-downloaded-files">Extracting the downloaded files</a></li> |
211 | <li><a href="#configuring-oragono">Configuring Oragono</a></li> |
212 | </ul> |
213 | <h4 id="downloading-oragono">Downloading Oragono</h4> |
214 | <p>Downloading the Oragono files will allow you to access the files required to run the IRC server.</p> |
215 | <h5 id="to-download-oragono">To download Oragono</h5> |
216 | <ol type="1"> |
217 | <li>Run <code>sudo su oragono</code></li> |
218 | <li>Run <code>cd</code></li> |
219 | <li>Run <code>wget https://github.com/oragono/oragono/releases/download/v2.4.0/oragono-2.4.0-linux-x86_64.tar.gz</code></li> |
220 | </ol> |
221 | <aside class="border"> |
222 | <p> |
223 | <strong>Note</strong> In this guide, I am using Oragono version 2.4.0. For the latest release number, see Oragono’s <a href="https://github.com/oragono/oragono/releases/">releases page</a>. |
224 | </p> |
225 | </aside> |
226 | <h4 id="extracting-the-downloaded-files">Extracting the downloaded files</h4> |
227 | <p>Extracting the downloaded files allows you to access, use, and modify the contents that were compressed inside the <code>.tar.gz</code> directory.</p> |
228 | <h5 id="to-extract-the-downloaded-files">To extract the downloaded files</h5> |
229 | <ol type="1"> |
230 | <li>Run <code>tar -xf oragono-2.4.0-linux-x86_64.tar.gz</code></li> |
231 | <li>Run <code>mv oragono-2.4.0-linux-x86_64 oragono1</code></li> |
232 | <li>Run <code>mv oragono1/* /home/oragono/</code></li> |
233 | <li>Run <code>rm -rf oragono1</code></li> |
234 | </ol> |
235 | <h4 id="configuring-oragono">Configuring Oragono</h4> |
236 | <p>You will need to switch to the <code>oragono</code> user to properly configure Oragono.</p> |
237 | <h5 id="to-configure-oragono">To configure Oragono</h5> |
238 | <ol type="1"> |
239 | <li>Run <code>cp default.yaml ircd.yaml</code></li> |
240 | <li>Edit <code>ircd.yaml</code> and <code>oragono.motd</code> to your liking.</li> |
241 | </ol> |
242 | <aside class="border"> |
243 | <p> |
244 | <strong>Note</strong>: For more information on editing <code>ircd.yaml</code>, see the <a href="https://github.com/oragono/oragono/blob/stable/docs/MANUAL.md#accountnick-modes">Account/Nick Modes</a> section on the <a href="https://github.com/oragono/oragono/blob/stable/docs/MANUAL.md">Oragono manual</a>. |
245 | </p> |
246 | </aside> |
247 | <h4 id="creating-a-irc-server-administrator-password">Creating a IRC server administrator password</h4> |
248 | <p>A server administrator account allows you to supersede other users and settings when needed.</p> |
249 | <h5 id="to-create-a-irc-server-administrator-password">To create a IRC server administrator password</h5> |
250 | <ol type="1"> |
251 | <li>Run <code>./oragono genpasswd</code></li> |
252 | <li>Copy the generated password hash</li> |
253 | <li>Paste the password has in the <code>ircd.yaml</code> file in the <code>opers</code> section</li> |
254 | </ol> |
255 | <h3 id="productionizing-oragono">Productionizing Oragono</h3> |
256 | <p>This section will guide you through enabling autostarting Oragono every time you restart your server, and creating a post-renew hook for <code>certbot</code> when renewing SSL and TLS certificates.</p> |
257 | <p>This section consists of the following sections:</p> |
258 | <ul> |
259 | <li><a href="#autostarting-oragono">Autostarting Oragono</a></li> |
260 | <li><a href="#auto-renewing-oragonos-ssl-and-tls-certificates">Auto-renewing Oragono’s SSL and TLS certificates</a></li> |
261 | </ul> |
262 | <h4 id="autostarting-oragono">Autostarting Oragono</h4> |
263 | <p>Autostarting Oragono removes the need to manually start Oragono on system restarts.</p> |
264 | <h5 id="to-autostart-oragono">To autostart Oragono</h5> |
265 | <ol type="1"> |
266 | <li><p>Run <code>sudo su</code></p></li> |
267 | <li><p>Add the following to <code>/etc/systemd/system/oragono.service</code>:</p> |
268 | <pre><code> [Unit] |
269 | Description=oragono |
270 | After=network.target |
271 | # If you are using MySQL for history storage, comment out the above line |
272 | # and uncomment these two instead (you must independently install and configure |
273 | # MySQL for your system): |
274 | # Wants=mysql.service |
275 | # After=network.target mysql.service |
276 |
|
277 | [Service] |
278 | Type=simple |
279 | User=oragono |
280 | WorkingDirectory=/home/oragono |
281 | ExecStart=/home/oragono/oragono run --conf /home/oragono/ircd.yaml |
282 | ExecReload=/bin/kill -HUP $MAINPID |
283 | Restart=on-failure |
284 | LimitNOFILE=1048576 |
285 |
|
286 | [Install] |
287 | WantedBy=multi-user.target</code></pre></li> |
288 | <li><p>Run <code>systemctl daemon-reload</code></p></li> |
289 | <li><p>Run <code>systemctl enable oragono</code></p></li> |
290 | <li><p>Run <code>systemctl start oragono</code></p></li> |
291 | </ol> |
292 | <h4 id="auto-renewing-oragonos-ssl-and-tls-certificates">Auto-renewing Oragono’s SSL and TLS certificates</h4> |
293 | <p>Auto-renewing Oragono’s SSL and TLS certificates removes the need to manually copy your website domain’s certificates to the <code>/home/oragono/</code> directory.</p> |
294 | <h5 id="to-auto-renew-oragonos-ssl-and-tls-certificates">To Auto-renew Oragono’s SSL and TLS certificates</h5> |
295 | <ol type="1"> |
296 | <li><p>Add the following in <code>/etc/letsencrypt/renewal-hooks/post/install-oragono-certificates</code>:</p> |
297 | <pre><code> #!/bin/bash |
298 |
|
299 | set -eu |
300 |
|
301 | umask 077 |
302 | cp /etc/letsencrypt/live/m455.casa/fullchain.pem /home/oragono/ |
303 | cp /etc/letsencrypt/live/m455.casa/privkey.pem /home/oragono/ |
304 | chown oragono:oragono /home/oragono/*.pem |
305 | # rehash oragono, which will reload the certificates: |
306 | systemctl reload oragono.service</code></pre></li> |
307 | <li><p>Run <code>chmod 755 /etc/letsencrypt/renewal-hooks/post/install-oragono-certificates</code></p></li> |
308 | <li><p>Run <code>certbot renew</code></p></li> |
309 | </ol> |
310 | <aside class="border"> |
311 | <p> |
312 | <strong>Note</strong>: Sometimes <code>certbot</code> has issues with post-renew scripts, so if the script doesn’t run automatically after you’ve renewed your certificates, try running the <code>install-oragono-certificates</code> script manually as root. |
313 | </p> |
314 | </aside> |
315 | </main> |
316 | </body> |
317 | </html> |