- SSL only
- valid Let's Encrypt cert.
- unbound for upstream dns queries
- simplified admin config for small team
# install ircd
sudo apt-get install inspircd unbound
# copy lets encrypt to inspircd config dir
sudo cp /etc/letsencrypt/live/$domain/fullchain.pem /etc/inspircd/cert.pem
sudo chown irc:irc /etc/inspircd/cert.pem
sudo cp /etc/letsencrypt/live/$domain/privkey.pem /etc/inspircd/key.pem
sudo chown irc:irc /etc/inspircd/key.pem
# generate cert for linking
openssl req -x509 -nodes -newkey rsa:1024 -keyout key-link.pem -out cert-link.pem
- cron for cert renewal