ZNC

From Alpine Linux
Revision as of 06:02, 16 November 2019 by Nbm (talk | contribs) (→‎Run ZNC in a subdomain using NGINX: fixed little typo)

ZNC is an advanced IRC bouncer that can establish such a permanent connection to several IRC networks and channels so your IRC client (or multiple clients) can disconnect/reconnect without losing the chat session, while appearing as a single user to other users.

Installation

Install the package that contains ZNC.

apk add znc

Create a ZNC configuration file, this command will automatically create znc.conf in /var/lib/znc/configs/. You will be asked to enter some information.

rc-service znc setup

Note: Make sure the information you enter is as it's shown below.
   Listen on port: 1025
   Listen using SSL: yes
   Listen using both IPv4 and IPv6: no
   Username: your_username
   Enter password: your_password
   Confirm password: your_password
   Nick: nick
   Alternate nick: nick_
   Real name: optional
   Bind host: try to leave empty
   Set up a network? no
   Launch ZNC now? no
Warning: Never edit the configuration file while ZNC is running; always check with htop or rc-status if ZNC is running.


Start ZNC as service.

rc-service znc start

Run ZNC in a subdomain using NGINX

Configure the ZNC webadmin page

Open the ZNC webadmin page https://YOUR_SERVER_IP:1025 in your browser. Accept the insecure certificate and go forward. Log in with your username and password and go to global settings. We want to maintain the webadmin connections separate from the IRC connections. Let's make a listening port for the IRC connections.

In Listen Port(s) add:

   Port: 6697
   BindHost: *
   SSL: on
   IPv4: on
   IPv6: off
   IRC: on
   HTTP: off
   URIPrefix: /

Save the information you entered and stop the service for now.

rc-service znc stop

Edit the configuration file.

vim /var/lib/znc/configs/znc.conf

Note: Listener0 is the webadmin port (it's listening port 1025). Listener1 is the IRC port (it's listening port 6697).

Your configuration file should look like this:

Contents of /lib/znc/configs/znc.conf

<Listener listener0> Allow IRC = false AllowWeb = true IPv4 = true IPv6 = false Port = 1025 SSL = false URIPrefix = / <Listener listener1> AllowIRC = true AllowWeb = false IPv4 = true IPv6 = false Port = 6697 SSL = true URIPrefix = /

Start ZNC as service.

rc-service znc start

Configure NGINX

Install NGINX if you haven't already.

apk add nginx

Create a configuration file in conf.d separated from the main configuration files.

vim /etc/nginx/conf.d/znc.your_domain.com.conf

The file should look something like below.

Contents of /etc/nginx/conf.d/znc.your_domain.com.conf

server { server_name znc.yourdomain.com; location / { proxy_pass http://localhost:1025; } }

Restart the NGINX service.

rc-service nginx restart

Set up SSL certificates

Note: We opt to use SSL certificates made by Let's Encrypt, instead of using the znc.pem certificate that comes with the program.

Install Certbot and its module to work with NGINX.

apk add certbot cerbot-nginx

Run Certbot, this program will create Let's Encrypt SSL certificates for free. You will have to manually or automatically renew them every month.

certbot

Restart NGINX and you're done. Your webadmin page will be automatically running the SSL certificate made by Let's Encrypt.

rc-service nginx restart

Now we will replace the znc.pem certificate with the Let's Encrypt certificates for any person who wants to connect to our IRC bouncer. For this we need to concatenate two important files into znc.pem

cat /etc/letsencrypt/live/your_domain.com/privkey.pem /etc/letsencrypt/live/your_domain.com/fullchain.pem > /var/lib/znc/znc.pem