git.m455.casa

m455.casa

clone url: git://git.m455.casa/m455.casa

html/posts/setting-up-an-irc-server-with-oragono.html

1 <!DOCTYPE html>
2 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
3 <head>
4 <meta charset="utf-8" />
5 <meta name="generator" content="pandoc" />
6 <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes" />
7 <title>Setting up an IRC server with Oragono</title>
8 <style>
9 code{white-space: pre-wrap;}
10 span.smallcaps{font-variant: small-caps;}
11 span.underline{text-decoration: underline;}
12 div.column{display: inline-block; vertical-align: top; width: 50%;}
13 div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;}
14 ul.task-list{list-style: none;}
15 </style>
16 <link rel="stylesheet" href="/assets/archive.css">
17 </head>
18 <body>
19 <main>
20 <h2 id="setting-up-an-irc-server-with-oragono">Setting up an IRC server with Oragono</h2>
21 <p>2020-12-25 00:00</p>
22 <p>This page will guide you through setting up an IRC server using <a href="https://oragono.io/">Oragono</a>.</p>
23 <h3 id="page-overview">Page overview</h3>
24 <!-- vim-markdown-toc GFM -->
25 <ul>
26 <li><a href="#page-conventions">Page conventions</a></li>
27 <li><a href="#assumptions">Assumptions</a></li>
28 <li><a href="#requirements">Requirements</a></li>
29 <li><a href="#preparing-your-system">Preparing your system</a>
30 <ul>
31 <li><a href="#creating-an-oragono-user">Creating an oragono user</a>
32 <ul>
33 <li><a href="#to-create-an-oragono-user">To create an oragono user</a></li>
34 </ul></li>
35 <li><a href="#allowing-connections-on-port-6697">Allowing connections on port 6697</a>
36 <ul>
37 <li><a href="#to-allow-connections-on-port-6697">To allow connections on port 6697</a></li>
38 </ul></li>
39 </ul></li>
40 <li><a href="#setting-up-oragono">Setting up Oragono</a>
41 <ul>
42 <li><a href="#downloading-oragono">Downloading Oragono</a>
43 <ul>
44 <li><a href="#to-download-oragono">To download Oragono</a></li>
45 </ul></li>
46 <li><a href="#extracting-the-downloaded-files">Extracting the downloaded files</a>
47 <ul>
48 <li><a href="#to-extract-the-downloaded-files">To extract the downloaded files</a></li>
49 </ul></li>
50 <li><a href="#configuring-oragono">Configuring Oragono</a>
51 <ul>
52 <li><a href="#to-configure-oragono">To configure Oragono</a></li>
53 </ul></li>
54 <li><a href="#creating-a-irc-server-administrator-password">Creating a IRC server administrator password</a>
55 <ul>
56 <li><a href="#to-create-a-irc-server-administrator-password">To create a IRC server administrator password</a></li>
57 </ul></li>
58 </ul></li>
59 <li><a href="#productionizing-oragono">Productionizing Oragono</a>
60 <ul>
61 <li><a href="#autostarting-oragono">Autostarting Oragono</a>
62 <ul>
63 <li><a href="#to-autostart-oragono">To autostart Oragono</a></li>
64 </ul></li>
65 <li><a href="#auto-renewing-oragonos-ssl-and-tls-certificates">Auto-renewing Oragono’s SSL and TLS certificates</a>
66 <ul>
67 <li><a href="#to-auto-renew-oragonos-ssl-and-tls-certificates">To Auto-renew Oragono’s SSL and TLS certificates</a></li>
68 </ul></li>
69 </ul></li>
70 </ul>
71 <!-- vim-markdown-toc -->
72 <h3 id="page-conventions">Page conventions</h3>
73 <ul>
74 <li><strong>Note</strong>: Signifies additional information</li>
75 <li><strong>Tip</strong>: Signifies an alternative procedure for completing a step</li>
76 <li><strong>Warning</strong>: Signifies that damage, such as data loss, may occur</li>
77 <li><strong>Example</strong>: Shows how a procedure would be performed in a real scenario</li>
78 <li><code>Inline code and code blocks</code>: Signify package names, filenames, file contents, or commands</li>
79 </ul>
80 <h3 id="assumptions">Assumptions</h3>
81 <p>This guide assumes:</p>
82 <ul>
83 <li>You are using a Ubuntu server on a DigialOcean droplet</li>
84 <li>You are using nginx to serve your web content</li>
85 <li>You manage your SSL/TLS certificates with certbot</li>
86 <li>You have your domain name setup with DigitalOcean’s name servers</li>
87 <li>You have your SSH keys setup with your server</li>
88 <li>You have root access to your server</li>
89 </ul>
90 <h3 id="requirements">Requirements</h3>
91 <ul>
92 <li>ufw</li>
93 </ul>
94 <h3 id="preparing-your-system">Preparing your system</h3>
95 <p>This section will guide you through preparing your system for running an IRC server using Oragono.</p>
96 <p>This section consists of the following topics:</p>
97 <ul>
98 <li><a href="#creating-an-oragono-user">Creating an oragono user</a></li>
99 <li><a href="#allowing-connections-on-port-6697">Allowing connections on port 6697</a></li>
100 </ul>
101 <h4 id="creating-an-oragono-user">Creating an oragono user</h4>
102 <p>An <code>oragono</code> user allows your server to run Oragono as a less-privileged user than root. This provides you with a more secure IRC server setup.</p>
103 <h5 id="to-create-an-oragono-user">To create an oragono user</h5>
104 <ol type="1">
105 <li><p>Run the following command:</p>
106 <pre><code> sudo adduser \
107 --system \
108 --shell /bin/bash \
109 --group \
110 --disabled-password \
111 --home /home/oragono \
112 oragono</code></pre></li>
113 </ol>
114 <h4 id="allowing-connections-on-port-6697">Allowing connections on port 6697</h4>
115 <p>You will need to allow connections on port 6697, which is the port people will use to connect to your IRC server.</p>
116 <h5 id="to-allow-connections-on-port-6697">To allow connections on port 6697</h5>
117 <ol type="1">
118 <li>Run <code>sudo ufw allow 6697</code></li>
119 </ol>
120 <h3 id="setting-up-oragono">Setting up Oragono</h3>
121 <p>This section will guide you through downloading, extracting, and configuring Oragono’s files.</p>
122 <p>This section consists of the following topics:</p>
123 <ul>
124 <li><a href="#downloading-oragono">Downloading Oragono</a></li>
125 <li><a href="#extracting-the-downloaded-files">Extracting the downloaded files</a></li>
126 <li><a href="#configuring-oragono">Configuring Oragono</a></li>
127 </ul>
128 <h4 id="downloading-oragono">Downloading Oragono</h4>
129 <p>Downloading the Oragono files will allow you to access the files required to run the IRC server.</p>
130 <h5 id="to-download-oragono">To download Oragono</h5>
131 <ol type="1">
132 <li>Run <code>sudo su oragono</code></li>
133 <li>Run <code>cd</code></li>
134 <li>Run <code>wget https://github.com/oragono/oragono/releases/download/v2.4.0/oragono-2.4.0-linux-x86_64.tar.gz</code></li>
135 </ol>
136 <aside class="border">
137 <p>
138 <strong>Note</strong> In this guide, I am using Oragono version 2.4.0. For the latest release number, see Oragono’s <a href="https://github.com/oragono/oragono/releases/">releases page</a>.
139 </p>
140 </aside>
141 <h4 id="extracting-the-downloaded-files">Extracting the downloaded files</h4>
142 <p>Extracting the downloaded files allows you to access, use, and modify the contents that were compressed inside the <code>.tar.gz</code> directory.</p>
143 <h5 id="to-extract-the-downloaded-files">To extract the downloaded files</h5>
144 <ol type="1">
145 <li>Run <code>tar -xf oragono-2.4.0-linux-x86_64.tar.gz</code></li>
146 <li>Run <code>mv oragono-2.4.0-linux-x86_64 oragono1</code></li>
147 <li>Run <code>mv oragono1/* /home/oragono/</code></li>
148 <li>Run <code>rm -rf oragono1</code></li>
149 </ol>
150 <h4 id="configuring-oragono">Configuring Oragono</h4>
151 <p>You will need to switch to the <code>oragono</code> user to properly configure Oragono.</p>
152 <h5 id="to-configure-oragono">To configure Oragono</h5>
153 <ol type="1">
154 <li>Run <code>cp default.yaml ircd.yaml</code></li>
155 <li>Edit <code>ircd.yaml</code> and <code>oragono.motd</code> to your liking.</li>
156 </ol>
157 <aside class="border">
158 <p>
159 <strong>Note</strong>: For more information on editing <code>ircd.yaml</code>, see the <a href="https://github.com/oragono/oragono/blob/stable/docs/MANUAL.md#accountnick-modes">Account/Nick Modes</a> section on the <a href="https://github.com/oragono/oragono/blob/stable/docs/MANUAL.md">Oragono manual</a>.
160 </p>
161 </aside>
162 <h4 id="creating-a-irc-server-administrator-password">Creating a IRC server administrator password</h4>
163 <p>A server administrator account allows you to supersede other users and settings when needed.</p>
164 <h5 id="to-create-a-irc-server-administrator-password">To create a IRC server administrator password</h5>
165 <ol type="1">
166 <li>Run <code>./oragono genpasswd</code></li>
167 <li>Copy the generated password hash</li>
168 <li>Paste the password has in the <code>ircd.yaml</code> file in the <code>opers</code> section</li>
169 </ol>
170 <h3 id="productionizing-oragono">Productionizing Oragono</h3>
171 <p>This section will guide you through enabling autostarting Oragono every time you restart your server, and creating a post-renew hook for <code>certbot</code> when renewing SSL and TLS certificates.</p>
172 <p>This section consists of the following sections:</p>
173 <ul>
174 <li><a href="#autostarting-oragono">Autostarting Oragono</a></li>
175 <li><a href="#auto-renewing-oragonos-ssl-and-tls-certificates">Auto-renewing Oragono’s SSL and TLS certificates</a></li>
176 </ul>
177 <h4 id="autostarting-oragono">Autostarting Oragono</h4>
178 <p>Autostarting Oragono removes the need to manually start Oragono on system restarts.</p>
179 <h5 id="to-autostart-oragono">To autostart Oragono</h5>
180 <ol type="1">
181 <li><p>Run <code>sudo su</code></p></li>
182 <li><p>Add the following to <code>/etc/systemd/system/oragono.service</code>:</p>
183 <pre><code> [Unit]
184 Description=oragono
185 After=network.target
186 # If you are using MySQL for history storage, comment out the above line
187 # and uncomment these two instead (you must independently install and configure
188 # MySQL for your system):
189 # Wants=mysql.service
190 # After=network.target mysql.service
191
192 [Service]
193 Type=simple
194 User=oragono
195 WorkingDirectory=/home/oragono
196 ExecStart=/home/oragono/oragono run --conf /home/oragono/ircd.yaml
197 ExecReload=/bin/kill -HUP $MAINPID
198 Restart=on-failure
199 LimitNOFILE=1048576
200
201 [Install]
202 WantedBy=multi-user.target</code></pre></li>
203 <li><p>Run <code>systemctl daemon-reload</code></p></li>
204 <li><p>Run <code>systemctl enable oragono</code></p></li>
205 <li><p>Run <code>systemctl start oragono</code></p></li>
206 </ol>
207 <h4 id="auto-renewing-oragonos-ssl-and-tls-certificates">Auto-renewing Oragono’s SSL and TLS certificates</h4>
208 <p>Auto-renewing Oragono’s SSL and TLS certificates removes the need to manually copy your website domain’s certificates to the <code>/home/oragono/</code> directory.</p>
209 <h5 id="to-auto-renew-oragonos-ssl-and-tls-certificates">To Auto-renew Oragono’s SSL and TLS certificates</h5>
210 <ol type="1">
211 <li><p>Add the following in <code>/etc/letsencrypt/renewal-hooks/post/install-oragono-certificates</code>:</p>
212 <pre><code> #!/bin/bash
213
214 set -eu
215
216 umask 077
217 cp /etc/letsencrypt/live/m455.casa/fullchain.pem /home/oragono/
218 cp /etc/letsencrypt/live/m455.casa/privkey.pem /home/oragono/
219 chown oragono:oragono /home/oragono/*.pem
220 # rehash oragono, which will reload the certificates:
221 systemctl reload oragono.service</code></pre></li>
222 <li><p>Run <code>chmod 755 /etc/letsencrypt/renewal-hooks/post/install-oragono-certificates</code></p></li>
223 <li><p>Run <code>certbot renew</code></p></li>
224 </ol>
225 <aside class="border">
226 <p>
227 <strong>Note</strong>: Sometimes <code>certbot</code> has issues with post-renew scripts, so if the script doesn’t run automatically after you’ve renewed your certificates, try running the <code>install-oragono-certificates</code> script manually as root.
228 </p>
229 </aside>
230 </main>
231 </body>
232 </html>