Translation(s): English - Italiano
InspIRCd is a modular IRCd (an IRC daemon) written entirely from scratch in C++.
Installation
Install the package inspircd along with its dependencies
# apt-get install inspircd
Configuration
Edit the default configuration files in /etc/inspircd/ This directory and the files in it are owned by the user irc. So you may edit them as the irc user or you can change the ownership to the irc user after you are done editing.
For a minimal configuration you need <server> and <bind>, maybe <oper> too.
Backup the default configuration files and modify example configuration to use.
Sample configuration files can be obtained from /usr/share/doc/inspircd/examples/ and the available modules are located in /usr/lib/inspircd/modules/
In your inspircd.conf you need to set the full path of the file for any external file. Example:
... <pid file="/var/run/inspircd.pid"> ... <include file="/etc/inspircd/opers.conf"> # you must edit the opers.conf example for security reasons ... <include file="/etc/inspircd/modules.conf"> ... <files motd="/etc/inspircd/inspircd.motd">
If you have used hash="argon2" for storing password you need to load in /etc/inspircd/modules.conf
<module name="argon2">
GnuTLS
Generate certificate:
# inspircd-genssl gnutls # chown irc:irc *.pem
GnuTLS sample configuration for /etc/inspircd/inspircd.conf
<bind address="" port="6697" type="clients" ssl="Clients"> <module name="ssl_gnutls"> <sslprofile name="Clients" provider="gnutls" cafile="" certfile="cert.pem" crlfile="" dhfile="dhparams.pem" hash="sha256" keyfile="key.pem" mindhbits="1024" outrecsize="2048" priority="SECURE192" requestclientcert="yes" strictpriority="no">
If you fail to connect using SSL then try to add priority="SECURE192:-VERS-SSL3.0" in /etc/inspircd/inspircd.conf:
<bind address="" port="6697" type="clients" ssl="Clients"> <module name="ssl_gnutls"> <sslprofile name="Clients" provider="gnutls" cafile="" certfile="cert.pem" crlfile="" dhfile="dhparams.pem" hash="sha256" keyfile="key.pem" mindhbits="1024" outrecsize="2048" priority="SECURE192:-VERS-SSL3.0" requestclientcert="yes" strictpriority="no">
Creating a certificate
Generate the certificate and set ownership to user irc.
Using inspircd-genssl (v3)
# inspircd-genssl <auto|gnutls|openssl>
Using openssl
# openssl req -x509 -nodes -newkey rsa:1024 -keyout key.pem -out cert.pem
or using certtool
# certtool --generate-privkey --outfile key.pem # certtool --generate-self-signed --load-privkey key.pem --outfile cert.pem
Loading modules
Configuration for /etc/inspircd/modules.conf:
<module name="ssl_gnutls"> <module name="spanningtree">
Note: we need to load the ssl_gnutls module before the spanningtree module.
Testing
To test the configuration file, switch to user irc from root.
# su irc
Run the following commands to test it:
$ bash $ cd /etc/inspircd $ mkdir conf // testing search for a conf directory $ mkdir logs $ cp inspircd.conf conf/ $ /usr/sbin/inspircd start //it will start or report any error
If it runs successfully, stop inspircd, copy changes from conf/inspircd.conf to /etc/inspircd.conf and remove conf, logs directories from /etc/inspircd/
After finishing configuration edit /etc/default/inspircd to enable it:
INSPIRCD_ENABLED=1
Start inspircd:
# /etc/init.d/inspircd start
Check the log file in /var/log/inspircd.log.
Check whether inspircd is running:
# netstat -nplt | grep inspircd
Test it with an IRC client.
LDAP
Example inspircd.conf for LDAP.
<module name="ldap"> <database module="ldap" id="ldap-users" bindauth="password" binddn="cn=Manager,dc=inspircd,dc=org" searchscope="subtree" server="ldaps://localhost" timeout="5s"> <module name="ldapauth"> <ldapauth allowpattern="Guest*" attribute="uid" baserdn="ou=People,dc=example,dc=com" dbid="ldap-users" host="$cn.example.com" killreason="Access denied" userfield="no" verbose="yes">
Common Errors
You may need to set an option similar to Accept invalid SSL certificate in your IRC client, if you get the following error:
'* Connection failed. Error: self signed certificate.? (18)'
See also