Difference between revisions of "Install an IRC server"

From Organic Design wiki
m (Installation & configuration)
(Debugging and testing: highlight)
Line 56: Line 56:
 
<source>
 
<source>
 
│12:30:52 od  -- | irc: connecting to server irc.organicdesign.nz/6667 (SSL)...
 
│12:30:52 od  -- | irc: connecting to server irc.organicdesign.nz/6667 (SSL)...
│12:30:54 od  -- | gnutls: connected using 2048-bit Diffie-Hellman shared secret exchange
+
│12:30:54 od  -- | gnutls: {!connected using 2048-bit Diffie-Hellman shared secret exchange!}
│12:30:54 od  -- | gnutls: receiving 2 certificates
+
│12:30:54 od  -- | gnutls: {!receiving 2 certificates!}
 
│12:30:54 od  -- |  - certificate[1] info:
 
│12:30:54 od  -- |  - certificate[1] info:
│12:30:54 od  -- |    - subject `CN=organicdesign.co.nz', issuer `CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US',
+
│12:30:54 od  -- |    - subject `{!CN=organicdesign.co.nz!}', issuer `CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US',
 
│                |      serial 0x04d0e79bfa0c7708f8b282f32efdc4fd5f86, RSA key 2048 bits, signed using RSA-SHA256, activated
 
│                |      serial 0x04d0e79bfa0c7708f8b282f32efdc4fd5f86, RSA key 2048 bits, signed using RSA-SHA256, activated
 
│                |      `2020-05-07 21:47:43 UTC', expires `2020-08-05 21:47:43 UTC', pin-sha256="M7vVWN4LIlZo1vKtCs3jRB6H5onawfthC2T50ZcNZLI="
 
│                |      `2020-05-07 21:47:43 UTC', expires `2020-08-05 21:47:43 UTC', pin-sha256="M7vVWN4LIlZo1vKtCs3jRB6H5onawfthC2T50ZcNZLI="
 
│12:30:54 od  -- |  - certificate[2] info:
 
│12:30:54 od  -- |  - certificate[2] info:
│12:30:54 od  -- |    - subject `CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US', issuer `CN=DST Root CA X3,O=Digital Signature Trust Co.',
+
│12:30:54 od  -- |    - subject `{!CN=Let's Encrypt Authority X3!},O=Let's Encrypt,C=US', issuer `CN=DST Root CA X3,O=Digital Signature Trust Co.',
 
|                |      serial 0x0a0141420000015385736a0b85eca708, RSA key 2048 bits, signed using RSA-SHA256, activated `2016-03-17 16:40:46 UTC',
 
|                |      serial 0x0a0141420000015385736a0b85eca708, RSA key 2048 bits, signed using RSA-SHA256, activated `2016-03-17 16:40:46 UTC',
 
|                |      expires `2021-03-17 16:40:46 UTC', pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="
 
|                |      expires `2021-03-17 16:40:46 UTC', pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="
│12:30:54 od  -- | gnutls: peer's certificate is trusted
+
│12:30:54 od  -- | gnutls: {!peer's certificate is trusted!}
 
│12:30:54 od  -- | irc: connected to irc.organicdesign.nz/6667 (213.5.71.227)
 
│12:30:54 od  -- | irc: connected to irc.organicdesign.nz/6667 (213.5.71.227)
 
</source>
 
</source>

Revision as of 02:55, 8 May 2020

Procedure.svg Install an IRC server
Organic Design procedure

An IRC server can be set up on the local LAN so that chat is available independently of the Internet connection. Traditionally the problem with setting up an IRC client has been configurational complexity, but the "Next Generation IRC client" (ngIRCd) can literally be set up in minutes. On Ubuntu or Debian systems it can be installed with apt-get install ngircd.

Installation & configuration

Installation is very straight forward using apt. Only a few adjustments need to be made to the configuration in /etc/ngircd/ngircd.conf to get a functional server up and running; set the Name value of the server to an IP or domain name it can be reachable by within the LAN or Internet. You can set a global password which simplifies the set up of users (any username will work with the global password) by setting the Password value. We also add the PredefChannelsOnly = yes. You may wish to refine the configuration further by setting up specific users and channels.

  • You may need to disable DNS lookups with DNS = no if connections are being refused due to IP addresses not matching their reverse lookup.
  • Another useful directive is MaxNickLength (all servers in the group must have the same value if this is used)

The SSL settings can just refer to the existing LetsEncrypt files, e.g.

CertFile = /var/www/ssl/le-latest/fullchain.pem
KeyFile  = /var/www/ssl/le-latest/privkey.pem
DHFile   = /var/www/ssl/dhparams4096.pem


Each predefined channel goes in it's own [Channel] section, e.g.

[Channel]
    Name  = #OurPrivateChannel
    Topic = All about our interests
    Modes = tnk
    Key   = ourpassword

[Channel]
    Name  = #OurOpenChannel
    Topic = Public stuff

Connecting servers

To have IRC servers connect together to form larger channels, fill in [Server] sections in the configuration. For each server to connect to, specify the Name, Port (leave empty to allow only incoming connections from the remote server), and ensure that MyPassword and PeerPassword settings compliment each other in both directions.

  • Note: when one ngircd connects to another using SSL, then only local SSL clients will be connected to the remote server. To allow non-SSL clients to join a second [Server] section will need to be created which does not use SSL.

Debugging and testing

To get debugging output in the case of problems, stop the server from init.d and then run from shell with the -n switch to have output logged to STDOUT as follows:

/etc/init.d/ngircd stop
ngircd -n


To test things from the client side, WeeChat is a useful shell-based client that gives a lot of output. After installing and running Weechat, add a new server and connect as follows:

/server add od irc.organicdesign.nz
/set irc.server.od.addresses "chat.freenode.net/9999"
/set irc.server.od.ssl on
/connect od -password=******


You can then see the details of the SSL certificate as it connects:

│12:30:52 od  -- | irc: connecting to server irc.organicdesign.nz/6667 (SSL)...
│12:30:54 od  -- | gnutls: connected using 2048-bit Diffie-Hellman shared secret exchange
│12:30:54 od  -- | gnutls: receiving 2 certificates
│12:30:54 od  -- |  - certificate[1] info:
│12:30:54 od  -- |    - subject `CN=organicdesign.co.nz', issuer `CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US',
│                |      serial 0x04d0e79bfa0c7708f8b282f32efdc4fd5f86, RSA key 2048 bits, signed using RSA-SHA256, activated
│                |      `2020-05-07 21:47:43 UTC', expires `2020-08-05 21:47:43 UTC', pin-sha256="M7vVWN4LIlZo1vKtCs3jRB6H5onawfthC2T50ZcNZLI="
│12:30:54 od  -- |  - certificate[2] info:
│12:30:54 od  -- |    - subject `CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US', issuer `CN=DST Root CA X3,O=Digital Signature Trust Co.',
|                |      serial 0x0a0141420000015385736a0b85eca708, RSA key 2048 bits, signed using RSA-SHA256, activated `2016-03-17 16:40:46 UTC',
|                |      expires `2021-03-17 16:40:46 UTC', pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="
│12:30:54 od  -- | gnutls: peer's certificate is trusted
│12:30:54 od  -- | irc: connected to irc.organicdesign.nz/6667 (213.5.71.227)

Clients

We use the default instant messaging client that comes with Ubuntu which is Pidgin. First set up an account on your server from the "Buddies" menu. This is where you enter your name and the global password along with the address/Name of the server. In the advanced tab, there are options for connecting with SSL and for disabling the annoying Away message!

When the chat opens in the channel, select "Save" from the "Conversation" menu to save the channel in the "Buddies" list and allow it to connect on start up etc. You may want to right-click on it in the Buddie list and set it to "auto join" and "persistent" if you want to always be present in that channel while Pidgin is running.

If running Pidgin you can File:Od-pidgin-theme.zip which is currently just all the Skype ones (we've all been using mainly skype until now and would like to keep the same emoticons). It's a zipped up folder called "OD" which should be unpacked into ~/.purple/smileys. Next open the main Pidgin "Buddy list" window, then go into Preferences from the Tools menu, go to the Themes tab and select "OD" for the "Smiley theme". See this link for details about finding the Smileys folder on Windows.

Note: The theme icons currently work only for IRC and XMPP, to make them also work for other protocols paste an additional section into the "theme" text file.

See also