Link with another ngIRCd server
Before you begin
In this guide, we assume ngircd has been installed and configured to support [SSL. In this guide, we assume ngircd has been installed and configured to support [SSL.
Updating the Configuration
Suppose you have two servers that you want to link together: irc.example.com
with IP address 192.0.2.1 and irc.network.org
with IP address 198.51.100.1.
NOTE: In your own configuration, you must replace these values with real hostnames and IP addresses.
Edit the [Server]
block in /etc/ngircd/ngircd.conf
in irc.example.com
:
[Server]
Name = irc.network.org
Host = irc.network.org
Bind = 192.0.2.1
Port = 16697
MyPassword = IRCEXAMPLECOMPASSWORD
PeerPassword = IRCNETWORKORGPASSWORD
Group = 123
Passive = yes
SSLConnect = yes
;ServiceMask = *Serv,Global
Make sure the [Server] block is not commented.
Notice that for irc.example.com
, the other hostname, Host = irc.network.org
(the other server) is used. If possible, we recommend using a symbolic hostname for Host rather than an IP address. That way, if the IP address changes in the future, the conf file does not need to be updated. So, we use Host = irc.network.org
and not an IP address like 192.0.2.1
.
Bind should be set to the public IP address for irc.example.com
. If you have a DDoS-filtered IP, you should use it. We recommend using an IPv4 address because IPv6 can be less reliable.
MyPassword for irc.example.com
(this server) must match the PeerPassword for irc.network.org
(the other server), and PeerPassword for irc.example.com
must match MyPassword for irc.network.org
.
You must replace IRCEXAMPLECOMPASSWORD
and IRCNETWORKORGPASSWORD
with strong passwords.
These passwords are stored in cleartext (not hashed) so we recommend you generate a new password.
Port 16697 with SSL is recommended to keep the connection secure and to avoid having traffic on port 6697, which is normally used by users to connect to the IRCd. Set SSLConnect to yes.
ngIRCd allows server groups. Only one direct link will be formed
with servers with the same group ID.
One server should have Passive = yes
, and the other should have Passive = no
. If using a hub and spoke model, a useful convention is for hubs to have Passive = yes
, and leaf nodes Passive = no
.
SSL should be used to prevent sensitive information being sent in plaintext.
Next, edit /etc/ngircd/ngircd.conf
in irc.network.org
. If you do not control this server, you will need to ask the other admin to edit it.
[Server]
Name = irc.example.com
Host = irc.example.com
Bind = 198.51.100.1
Port = 16697
MyPassword = IRCNETWORKORGPASSWORD
PeerPassword = IRCEXAMPLECOMPASSWORD
Group = 123
Passive = yes
SSLConnect = yes
;ServiceMask = *Serv,Global
Autostart
To automatically restart ngIRCd if it was terminated unexpectedly, create a script in /usr/local/libexec/project/ngircd.sh:
doas touch /usr/local/libexec/project/ngircd.sh
doas chmod +x /usr/local/libexec/project/ngircd.sh
Inside /usr/local/libexec/project/ngircd.sh:
#!/bin/sh
SERVICE_NAME="ngircd"
SERVICE_USER="_ngircd"
SERVICE_PID="/var/ngircd/var/run/ngircd/ngircd.pid"
if # pgrep -u $SERVICE_USER -x "$SERVICE_NAME" > /dev/null
then
if [ -f $SERVICE_PID ]; then
rm -f $SERVICE_PID
rcctl -d start $SERVICE_NAME
fi
fi
Add this as a cronjob:
$ doas crontab -e
* * * * * /usr/local/libexec/project/checker_ngircd.sh > /dev/null 2>&1
For the solution to work, you need to enable the use of pid files in /etc/ngircd/ngircd.conf:
PidFile = /var/run/ngircd/ngircd.pid
Make sure to configure hopm.