Skip to content

Instantly share code, notes, and snippets.

@opi

opi/znc_ynh.md

Created December 5, 2015 13:36
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save opi/ea1a49d6469a578c04be to your computer and use it in GitHub Desktop.
Save opi/ea1a49d6469a578c04be to your computer and use it in GitHub Desktop.
Download ZIP
Raw
znc_ynh.md

Todo

Utiliser un autre path de conf au lancement du daemon : --datadir Set a different ZNC repository (default is ~/.znc)

./znc-1.4/configure --help By default, make install' will install all the files in /usr/local/bin', /usr/local/lib' etc. You can specify an installation prefix other than /usr/local' using --prefix', for instance --prefix=$HOME'.

/opt/yunohost/znc

Et aussi, comment gerer proprement la conf de SASL

Sources / Doc

http://markcunninghamblog.blogspot.fr/2013/01/znc-auth-with-pamldap.html

http://wiki.znc.in/Installation#Build_From_Source

http://wiki.znc.in/Cyrusauth

pré requis

apt-get install libsasl2-dev

donwload and build from source

wget http://znc.in/releases/znc-latest.tar.gz
tar -xzvf znc*.*gz
cd znc*
./configure --enable-cyrus

SASL2

apt-get install sasl2-bin

## Edit /etc/default/saslauthd START=no => START=yes MECHANISMS="pam" => MECHANISMS="ldap"

## Edit /etc/saslauthd.conf ldap_servers: ldap://127.0.0.1 ldap_search_base: ou=users,dc=yunohost,dc=org ldap_filter: (&(uid=%u)(objectClass=posixAccount))

/etc/init.d/saslauthd restart

## Test: /usr/sbin/testsaslauthd -u USER -p PASSWORD

Create zncuser

adduser zncuser
su zncuser

( adduser avec --disabled-password --disabled-login ..., ou useradd )

Now add your znc user to the sasl group so they may access the saslauthd socket.

usermod -a -G sasl zncuser

Configure znc & modules

From znc --makeconf

cat .znc/configs/znc.conf

Version = 1.4
AnonIPLimit = 10
ConnectDelay = 5
LoadModule = webadmin
LoadModule = cyrusauth saslauthd
MaxBufferSize = 500
ProtectWebSessions = false
SSLCertFile = /home/zncuser/.znc/znc.pem
ServerThrottle = 30
Skin = _default_
StatusPrefix = *
LoadModule = webadmin
LoadModule = cyrusauth saslauthd

<Listener listener0>
    AllowIRC = true
    AllowWeb = true

    Port = 6697
    IPv4 = true
    IPv6 = true
    SSL = true
</Listener>

<User opi>
    Admin      = true
    Pass       = sha256#790bb5cf9e71c29637d15c6ba9ab1f89da6ee2c7be2a13d3f0986f289ce46e51#7XQAWr90h.(Rd3QzXFI3#
    Nick       = opi
    AltNick    = opi_
    Ident      = opi
    RealName   = opi
    ChanModes  = +stn

    Buffer     = 500
    AutoClearChanBuffer = false
    PrependTimestamp = true

    LoadModule = chansaver
    LoadModule = controlpanel
    LoadModule = perform
    LoadModule = webadmin
</User>

cat moddata/cyrusauth/.registry
CreateUser yes

Change certificate

cd /home/zncuser/.znc
rm znc.pem
ln -s /etc/yunohost/certs/owyd.net/crt.pem znc.pem

Firewall

Open 6697 port (IPv4 & IPv6)

yunohost firewall ...

Run znc

znc

( znc --debug )

Pidgin

Use user/network:password as password !! see http://wiki.znc.in/ZNC

Nginx

cat /etc/nginx/conf.d/owyd.net.d/znc.conf

location /znc/ {

    rewrite ^znc$ /;
    proxy_pass https://localhost:6697/;

    proxy_set_header       Host $host;
    proxy_redirect off;
    proxy_buffering off;
    proxy_set_header X-Real-IP        $remote_addr;
    proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;

    access_log off;

    # Allow webmin to live in a subfolder
    subs_filter 'href="/' 'href="/znc/';

    # Include SSOWAT user panel.
    include conf.d/yunohost_panel.conf.inc;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment