When using the OFTC IRC network to interact with other Debian project members, developers, contributors and users, it is often useful to be able to keep a permanent connection to the network.

ZNC is an advanced IRC bouncer that can establish such a permanent connection to several IRC networks and channels so your IRC client (or multiple clients) can disconnect/reconnect without losing the chat session, while appearing as a single user to other users.

Once installed ZNC can be configured via its web interface or via IRC commands.

The default install includes SSL setup for secure web access, using a self-signed certificate.

Installing ZNC in Debian

ZNC is packaged for Debian so installation can be achieved by installing the znc package:

 sudo apt install znc

Once installed, you will need to add a new znc-admin user, add administrative right to it, and use it to generate an initial configuration:

 # adduser znc-admin
 # adduser znc-admin sudo
 # su znc-admin
 # znc --makeconf

The resulting configuration will be saved in /home/znc-admin/.znc/.

This will ask several questions, here are a few suggested answers:

Once you've finished initial configuration, access the web interface and explore the available modules. There are global and per-network modules that can be enabled.

Global and per-network configuration

Here are a few useful modules when using the OFTC network

A few more post-install recommended steps:

SSL configuration with Let's Encrypt

This is a detailed example of the official Let's Encrypt client setup from ZNC documentation.

In Debian you can use the certbot package to request Let's Encrypt SSL certificates.

Install CertBot:

# apt-get install certbot

Request a Let's Encrypt SSL certificate:

# certbot certonly

Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
-------------------------------------------------------------------------------
1: Place files in webroot directory (webroot)
2: Spin up a temporary webserver (standalone)
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Please enter in your domain name(s) (comma and/or space separated)  (Enter 'c'
to cancel): domainname.com
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for domainname.com
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0000_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0000_csr-certbot.pem

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at
   /etc/letsencrypt/live/domainname.com/fullchain.pem. Your cert
   will expire on 2017-XX-XX. To obtain a new or tweaked version of
   this certificate in the future, simply run certbot again. To
   non-interactively renew *all* of your certificates, run "certbot
   renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Backup your current self-signed certificate:

# mv /home/znc-admin/.znc/znc.pem  /home/znc-admin/.znc/znc-backup.pem 

Create and install a ZNC certificate from the newly obtained Let's Encrypt certificate:

# cd /etc/letsencrypt/live/domainname.com/
# cat {privkey,cert,chain}.pem > /home/znc-admin/.znc/znc.pem

Reboot and visit https://domainname.com:6697 with your web browser to verify the certificate is valid.