Difference between revisions of "Install an IRC server"

From Organic Design wiki
m (Channels)
(DNS=no)
Line 5: Line 5:
  
 
== Server ==
 
== Server ==
An IRC server can be set up on the local LAN so that chat is available independently of the Internet connection. Traditionally the problem with setting up an IRC client has been configurational complexity, but the "Next Generation IRC client" ([http://ngircd.barton.de/ ngIRCd]) can literally be set up in minutes. On Ubuntu or Debian systems it can be installed with '''apt-get install ngircd'''. {{h|Note that if you plan to use SSL, then it's best to compile the latest version because the pre-packaged SSL is GNU, but OpenSSL is preferable for Debian/Ubuntu systems.}}
+
An IRC server can be set up on the local LAN so that chat is available independently of the Internet connection. Traditionally the problem with setting up an IRC client has been configurational complexity, but the "Next Generation IRC client" ([http://ngircd.barton.de/ ngIRCd]) can literally be set up in minutes. On Ubuntu or Debian systems it can be installed with '''apt-get install ngircd'''.
  
=== Configuration ===
+
=== Installation ===
Only a few adjustments need to be made to the configuration in ''/etc/ngircd/ngircd.conf'' to get a functional server up and running; set the Name value of the server to an IP or domain name it can be reachable by within the LAN or Internet. You can set a global password which simplifies the set up of users (any username will work with the global password) by setting the Password value. We also add the '''PredefChannelsOnly = yes'''. You may wish to refine the configuration further by setting up specific users and channels.
+
The Debian package is installed with ''gnu-tls'' for SSL support but we use ''openssl'' and due to this clients cannot make SSL connections with the package when ''ngircd'' is installed via ''apt-get'' as an error such as the following will be encountered (and logged into ''syslog'').
*Another useful directive is '''MaxNickLength''' (all servers in the group must have the same value if this is used)
+
{{code|<pre>ngircd[2639]: gnutls_handshake: Could not negotiate a supported cipher suite.</pre>}}
 
 
=== Connecting servers ===
 
To have IRC servers connect together to form larger channels, fill in ''[Server]'' sections in the configuration. For each server to connect to, specify the ''Name'', ''Port'' (leave empty to allow only incoming connections from the remote server), and ensure that ''MyPassword'' and ''PeerPassword'' settings compliment each other in both directions.
 
*'''Note:''' when one ngircd connects to another using SSL, then only local SSL clients will be connected to the remote server. To allow non-SSL clients to join a second [Server] section will need to be created which does not use SSL.
 
 
 
=== Debugging and testing ===
 
To get debugging output in the case of problems, stop the server from ''init.d'' and then run from shell with the ''-n'' switch to have output logged to STDOUT as follows:
 
{{code|<pre>
 
/etc/init.d/ngircd stop
 
ngircd -n
 
</pre>}}
 
 
 
== Clients ==
 
We use the default instant messaging client that comes with Ubuntu which is Pidgin. First set up an account on your server from the "Buddies" menu. This is where you enter your name and the global password along with the address/Name of the server. In the '''advanced''' tab, there are options for connecting with ''SSL'' and for disabling the annoying '''Away''' message!
 
 
 
When the chat opens in the channel, select "Save" from the "Conversation" menu to save the channel in the "Buddies" list and allow it to connect on start up etc. You may want to right-click on it in the Buddie list and set it to "auto join" and "persistent" if you want to always be present in that channel while Pidgin is running.
 
 
 
If running ''Pidgin'' you can [[File:Od-pidgin-theme.zip|download our OD emoticon theme]] which is currently just all the Skype ones (we've all been using mainly skype until now and would like to keep the same emoticons). It's a zipped up folder called "OD" which should be unpacked into ''~/.purple/smileys''. Next open the main Pidgin "Buddy list" window, then go into ''Preferences'' from the ''Tools'' menu, go to the ''Themes'' tab and select "OD" for the "Smiley theme". See [http://developer.pidgin.im/wiki/Using%20Pidgin#Whereismy.purpledirectory this link] for details about finding the Smileys folder on Windows.
 
 
 
'''Note:''' The theme icons currently work only for IRC and XMPP, to make them also work for other protocols paste an additional section into the "theme" text file.
 
 
 
== Channels ==
 
 
 
'''#mediawiki'''<br>
 
The MediaWiki IRC channel is on freenode, see [http://freenode.net/faq.shtml freenode FAQ] for details about registering a nickname etc
 
 
 
'''#organicdesign'''<br>
 
We have our ''#organicdesign'' channel running from ''irc.organicdesign.co.nz'', it uses a password to connect (ask your systems administrator for that) and connects over SSL on port 16667.
 
  
== Enabling SSL ==
 
First check if your installed package contains SSL by doing '''ngircd --version''', you may find that your package already has SSL and therefore you can miss out the initial compilation stage of the following instructions. For example this ''--version'' result shows that SSL is already in the package:
 
{{code|<pre>ngircd 15-SYSLOG+ZLIB+SSL+IRCPLUS+IPv6-x86_64/pc/linux-gnu</pre>}}
 
{{h|'''Note:''' I've found that version 15 that ships with Debian 6 as of April 2013 has SSL issues. I've used the procedure below to compile version 19 which works properly.}}
 
  
By default the Debian package for ''ngircd'' doesn't support SSL connections so it must be downloaded from [http://ngircd.berlios.de/download.php.en here] and compiled from source with the ''openssl'' configure option enabled, and ''prefix'' set to '''/usr''' so that the executable and configuration are in the same place as the package keeps them. The '''libssl-dev''' package must be installed for the SSL option to be able to compile.
+
So we need to compile from source and configure it ''-with-openssl'' instead. First ensure you have the latest ''libssl-dev'' package installed and then download, unpack and configure. I prefer to keep its files in ''/etc/ngircd''.
 
{{code|<pre>
 
{{code|<pre>
 
apt-get install libssl-dev
 
apt-get install libssl-dev
wget ftp://ftp.berlios.de/pub/ngircd/ngircd-19.tar.gz
+
mkdir /etc/ngircd
tar -zxf ngircd-19.tar.gz
+
cd /etc/ngircd
cd ngircd-19
+
wget ftp://ftp.berlios.de/pub/ngircd/ngircd-20.2.tar.gz
 +
tar -zxf ngircd-20.2.tar.gz
 +
cd ngircd-20.2
 
./configure --prefix=/usr --with-openssl
 
./configure --prefix=/usr --with-openssl
 
</pre>}}
 
</pre>}}
Line 56: Line 26:
 
If it has successfully compiled you'll get something like the following message:
 
If it has successfully compiled you'll get something like the following message:
 
{{code|<pre>
 
{{code|<pre>
ngIRCd 14.1 has been configured with the following options:
+
ngIRCd 20.2 has been configured with the following options:
  
            Target: x86_64-unknown-linux-gnu
+
              Host: x86_64-unknown-linux-gnu
           Compiler: gcc
+
           Compiler: gcc -std=gnu99
 
     Compiler flags: -g -O2 -pipe -W -Wall -Wpointer-arith -Wstrict-prototypes -fstack-protector -DSYSCONFDIR='"$(sysconfdir)"'
 
     Compiler flags: -g -O2 -pipe -W -Wall -Wpointer-arith -Wstrict-prototypes -fstack-protector -DSYSCONFDIR='"$(sysconfdir)"'
           Libraries: -lssl -lcrypto -lz -lnsl
+
           Libraries: -lssl -lcrypto -lz  
  
 
     'ngircd' binary: /usr/sbin
 
     'ngircd' binary: /usr/sbin
 
  Configuration file: /usr/etc
 
  Configuration file: /usr/etc
       Manual pages: /usr/man
+
       Manual pages: /usr/share/man
 
       Documentation: /usr/share/doc/ngircd
 
       Documentation: /usr/share/doc/ngircd
  
Line 71: Line 41:
 
   zlib compression: yes          IRC sniffer: no
 
   zlib compression: yes          IRC sniffer: no
 
   Use TCP Wrappers: no        Strict RFC mode: no
 
   Use TCP Wrappers: no        Strict RFC mode: no
  Zeroconf support: no          IRC+ protocol: yes
+
      IDENT support: no          IRC+ protocol: yes
       IDENT support: no            I/O backend: "epoll(), select()"
+
       IPv6 protocol: no            I/O backend: "epoll(), select()"
      IPv6 protocol: no            SSL support: openssl
+
        PAM support: no            SSL support: openssl
 +
  libiconv support: no
 
</pre>}}
 
</pre>}}
  
Line 106: Line 77:
 
</pre>}}
 
</pre>}}
  
If there's trouble, check the ''syslog'' for information, it may me looking for the configuration file in ''/usr/etc/ngircd'' in which case you can symlink to ''/etc/ngircd''.
+
=== Configuration ===
 +
Only a few adjustments need to be made to the configuration in ''/etc/ngircd/ngircd.conf'' to get a functional server up and running; set the Name value of the server to an IP or domain name it can be reachable by within the LAN or Internet. You can set a global password which simplifies the set up of users (any username will work with the global password) by setting the Password value. We also add the '''PredefChannelsOnly = yes'''. You may wish to refine the configuration further by setting up specific users and channels.
 +
*You may beed to disable DNS lookups with '''DNS = no''' if connections are being refused due to IP addresses not matching their reverse lookup.
 +
*Another useful directive is '''MaxNickLength''' (all servers in the group must have the same value if this is used)
 +
 
 +
=== Connecting servers ===
 +
To have IRC servers connect together to form larger channels, fill in ''[Server]'' sections in the configuration. For each server to connect to, specify the ''Name'', ''Port'' (leave empty to allow only incoming connections from the remote server), and ensure that ''MyPassword'' and ''PeerPassword'' settings compliment each other in both directions.
 +
*'''Note:''' when one ngircd connects to another using SSL, then only local SSL clients will be connected to the remote server. To allow non-SSL clients to join a second [Server] section will need to be created which does not use SSL.
 +
 
 +
=== Debugging and testing ===
 +
To get debugging output in the case of problems, stop the server from ''init.d'' and then run from shell with the ''-n'' switch to have output logged to STDOUT as follows:
 +
{{code|<pre>
 +
/etc/init.d/ngircd stop
 +
ngircd -n
 +
</pre>}}
 +
 
 +
== Clients ==
 +
We use the default instant messaging client that comes with Ubuntu which is Pidgin. First set up an account on your server from the "Buddies" menu. This is where you enter your name and the global password along with the address/Name of the server. In the '''advanced''' tab, there are options for connecting with ''SSL'' and for disabling the annoying '''Away''' message!
 +
 
 +
When the chat opens in the channel, select "Save" from the "Conversation" menu to save the channel in the "Buddies" list and allow it to connect on start up etc. You may want to right-click on it in the Buddie list and set it to "auto join" and "persistent" if you want to always be present in that channel while Pidgin is running.
 +
 
 +
If running ''Pidgin'' you can [[File:Od-pidgin-theme.zip|download our OD emoticon theme]] which is currently just all the Skype ones (we've all been using mainly skype until now and would like to keep the same emoticons). It's a zipped up folder called "OD" which should be unpacked into ''~/.purple/smileys''. Next open the main Pidgin "Buddy list" window, then go into ''Preferences'' from the ''Tools'' menu, go to the ''Themes'' tab and select "OD" for the "Smiley theme". See [http://developer.pidgin.im/wiki/Using%20Pidgin#Whereismy.purpledirectory this link] for details about finding the Smileys folder on Windows.
 +
 
 +
'''Note:''' The theme icons currently work only for IRC and XMPP, to make them also work for other protocols paste an additional section into the "theme" text file.
 +
 
 +
== Channels ==
 +
 
 +
'''#mediawiki'''<br>
 +
The MediaWiki IRC channel is on freenode, see [http://freenode.net/faq.shtml freenode FAQ] for details about registering a nickname etc
 +
 
 +
'''#organicdesign'''<br>
 +
We have our ''#organicdesign'' channel running from ''irc.organicdesign.co.nz'', it uses a password to connect (ask your systems administrator for that) and connects over SSL on port 16667.
  
 
== See also ==
 
== See also ==

Revision as of 16:17, 27 June 2013

Procedure.svg Install an IRC server
Organic Design procedure

Server

An IRC server can be set up on the local LAN so that chat is available independently of the Internet connection. Traditionally the problem with setting up an IRC client has been configurational complexity, but the "Next Generation IRC client" (ngIRCd) can literally be set up in minutes. On Ubuntu or Debian systems it can be installed with apt-get install ngircd.

Installation

The Debian package is installed with gnu-tls for SSL support but we use openssl and due to this clients cannot make SSL connections with the package when ngircd is installed via apt-get as an error such as the following will be encountered (and logged into syslog). 

ngircd[2639]: gnutls_handshake: Could not negotiate a supported cipher suite.


So we need to compile from source and configure it -with-openssl instead. First ensure you have the latest libssl-dev package installed and then download, unpack and configure. I prefer to keep its files in /etc/ngircd. 

apt-get install libssl-dev
mkdir /etc/ngircd
cd /etc/ngircd
wget ftp://ftp.berlios.de/pub/ngircd/ngircd-20.2.tar.gz
tar -zxf ngircd-20.2.tar.gz
cd ngircd-20.2
./configure --prefix=/usr --with-openssl


If it has successfully compiled you'll get something like the following message: 

ngIRCd 20.2 has been configured with the following options:

               Host: x86_64-unknown-linux-gnu
           Compiler: gcc -std=gnu99
     Compiler flags: -g -O2 -pipe -W -Wall -Wpointer-arith -Wstrict-prototypes -fstack-protector -DSYSCONFDIR='"$(sysconfdir)"'
          Libraries: -lssl -lcrypto -lz 

    'ngircd' binary: /usr/sbin
 Configuration file: /usr/etc
       Manual pages: /usr/share/man
      Documentation: /usr/share/doc/ngircd

     Syslog support: yes     Enable debug code: no
   zlib compression: yes           IRC sniffer: no
   Use TCP Wrappers: no        Strict RFC mode: no
      IDENT support: no          IRC+ protocol: yes
      IPv6 protocol: no            I/O backend: "epoll(), select()"
        PAM support: no            SSL support: openssl
   libiconv support: no


You can then make and install in the usual fashion: 

make
make install


Now a self-signed certificate needs to be generated, make sure to remember the password ("secret" in the following example) it asks for a the start of the procedure, and use your server's IRC domain address for the common name entry. 

cd /etc/ngircd
openssl req -newkey rsa:2048 -x509 -keyout server-key.pem -out server-cert.pem -days 1461


The configuration file in /etc/ngircd/ngircd.conf need to be updated to refer to the certificate files. 

[SSL]
    Ports = 6667
    KeyFile = /etc/ngircd/server-key.pem
    CertFile = /etc/ngircd/server-cert.pem
    KeyFilePassword = secret


If you're server connects to other server and you wish those connections to also be encrypted, you must add the following directive to their respective [Server] sections: 

SSLConnect = yes

Configuration

Only a few adjustments need to be made to the configuration in /etc/ngircd/ngircd.conf to get a functional server up and running; set the Name value of the server to an IP or domain name it can be reachable by within the LAN or Internet. You can set a global password which simplifies the set up of users (any username will work with the global password) by setting the Password value. We also add the PredefChannelsOnly = yes. You may wish to refine the configuration further by setting up specific users and channels.

  • You may beed to disable DNS lookups with DNS = no if connections are being refused due to IP addresses not matching their reverse lookup.
  • Another useful directive is MaxNickLength (all servers in the group must have the same value if this is used)

Connecting servers

To have IRC servers connect together to form larger channels, fill in [Server] sections in the configuration. For each server to connect to, specify the Name, Port (leave empty to allow only incoming connections from the remote server), and ensure that MyPassword and PeerPassword settings compliment each other in both directions.

  • Note: when one ngircd connects to another using SSL, then only local SSL clients will be connected to the remote server. To allow non-SSL clients to join a second [Server] section will need to be created which does not use SSL.

Debugging and testing

To get debugging output in the case of problems, stop the server from init.d and then run from shell with the -n switch to have output logged to STDOUT as follows: 

/etc/init.d/ngircd stop
ngircd -n

Clients

We use the default instant messaging client that comes with Ubuntu which is Pidgin. First set up an account on your server from the "Buddies" menu. This is where you enter your name and the global password along with the address/Name of the server. In the advanced tab, there are options for connecting with SSL and for disabling the annoying Away message!

When the chat opens in the channel, select "Save" from the "Conversation" menu to save the channel in the "Buddies" list and allow it to connect on start up etc. You may want to right-click on it in the Buddie list and set it to "auto join" and "persistent" if you want to always be present in that channel while Pidgin is running.

If running Pidgin you can File:Od-pidgin-theme.zip which is currently just all the Skype ones (we've all been using mainly skype until now and would like to keep the same emoticons). It's a zipped up folder called "OD" which should be unpacked into ~/.purple/smileys. Next open the main Pidgin "Buddy list" window, then go into Preferences from the Tools menu, go to the Themes tab and select "OD" for the "Smiley theme". See this link for details about finding the Smileys folder on Windows.

Note: The theme icons currently work only for IRC and XMPP, to make them also work for other protocols paste an additional section into the "theme" text file.

Channels

#mediawiki
The MediaWiki IRC channel is on freenode, see freenode FAQ for details about registering a nickname etc

#organicdesign
We have our #organicdesign channel running from irc.organicdesign.co.nz, it uses a password to connect (ask your systems administrator for that) and connects over SSL on port 16667.

See also

Retrieved from "https://organicdesign.nz/wiki/index.php?title=Install_an_IRC_server&oldid=114826"