Skip to content

Link with another ngIRCd server

Before you begin

In this guide, we assume ngircd has been installed and configured to support [SSL. In this guide, we assume ngircd has been installed and configured to support [SSL.

Updating the Configuration

Suppose you have two servers that you want to link together: irc.example.com with IP address 192.0.2.1 and irc.network.org with IP address 198.51.100.1.

NOTE: In your own configuration, you must replace these values with real hostnames and IP addresses.

Edit the [Server] block in /etc/ngircd/ngircd.conf in irc.example.com:

[Server]
    Name = irc.network.org
    Host = irc.network.org
    Bind = 192.0.2.1
    Port = 16697
    MyPassword = IRCEXAMPLECOMPASSWORD
    PeerPassword = IRCNETWORKORGPASSWORD
    Group = 123
    Passive = yes
    SSLConnect = yes
        ;ServiceMask = *Serv,Global

Make sure the [Server] block is not commented.

Notice that for irc.example.com, the other hostname, Host = irc.network.org (the other server) is used. If possible, we recommend using a symbolic hostname for Host rather than an IP address. That way, if the IP address changes in the future, the conf file does not need to be updated. So, we use Host = irc.network.org and not an IP address like 192.0.2.1.

Bind should be set to the public IP address for irc.example.com. If you have a DDoS-filtered IP, you should use it. We recommend using an IPv4 address because IPv6 can be less reliable.

MyPassword for irc.example.com (this server) must match the PeerPassword for irc.network.org (the other server), and PeerPassword for irc.example.com must match MyPassword for irc.network.org.

You must replace IRCEXAMPLECOMPASSWORD and IRCNETWORKORGPASSWORD with strong passwords.

These passwords are stored in cleartext (not hashed) so we recommend you generate a new password.

Port 16697 with SSL is recommended to keep the connection secure and to avoid having traffic on port 6697, which is normally used by users to connect to the IRCd. Set SSLConnect to yes.

ngIRCd allows server groups. Only one direct link will be formed

with servers with the same group ID.

One server should have Passive = yes, and the other should have Passive = no. If using a hub and spoke model, a useful convention is for hubs to have Passive = yes, and leaf nodes Passive = no.

SSL should be used to prevent sensitive information being sent in plaintext.

Next, edit /etc/ngircd/ngircd.conf in irc.network.org. If you do not control this server, you will need to ask the other admin to edit it.

[Server]

Name = irc.example.com

Host = irc.example.com

Bind = 198.51.100.1

Port = 16697

MyPassword = IRCNETWORKORGPASSWORD

PeerPassword = IRCEXAMPLECOMPASSWORD

Group = 123

Passive = yes

SSLConnect = yes

    ;ServiceMask = *Serv,Global

Autostart

To automatically restart ngIRCd if it was terminated unexpectedly, create a script in /usr/local/libexec/project/ngircd.sh:

doas touch /usr/local/libexec/project/ngircd.sh
doas chmod +x /usr/local/libexec/project/ngircd.sh

Inside /usr/local/libexec/project/ngircd.sh:

#!/bin/sh
SERVICE_NAME="ngircd"
SERVICE_USER="_ngircd"
SERVICE_PID="/var/ngircd/var/run/ngircd/ngircd.pid"
if # pgrep -u $SERVICE_USER -x "$SERVICE_NAME" > /dev/null
then
  if [ -f $SERVICE_PID ]; then
    rm -f $SERVICE_PID
    rcctl -d start $SERVICE_NAME
  fi
fi

Add this as a cronjob:

$ doas crontab -e
*       *       *       *       *       /usr/local/libexec/project/checker_ngircd.sh > /dev/null 2>&1

For the solution to work, you need to enable the use of pid files in /etc/ngircd/ngircd.conf:

PidFile = /var/run/ngircd/ngircd.pid

Make sure to configure hopm.