inspircd #0
Description
This charm provides a templated IRC server using inspircd, for use in a small or corporate environment. Support for clustering is not provided. .
- Tags:
- app-servers ›
Overview
InspIRCd (www.inspircd.org) is an IRC server that integrates well with LDAP authentication. This charm will install and configure the inspircd package. A working knowledge of inspircd is assumed.
See http://www.inspircd.org and https://wiki.inspircd.org/Configuration for more details on the various options.
Installation
To deploy this charm you will need at a minimum: a cloud environment, working Juju installation and a successful bootstrap. Once bootstrapped, deploy the inspircd charm:
juju deploy inspircd
You will likely need an SSL key and certificate, which can be delivered to the charm thusly:
juju set ca_certificate="$(base64 -w0 < /path/to/ca-cert.pem)" \
ssl_key="$(base64 -w0 < /path/to/key.pem)" \
ssl_certificate="$(base64 -w0 < /path/to/certificate.pem)" \
for evaluation, you can do this instead, to disable ssl usage:
juju set inspircd ssl_ports=''
Finally, expose the service:
juju expose inspircd
Usage
Known Limitations and Issues
- The ldapauth support requires a version of inspircd that has fixes for: https://bugs.launchpad.net/ubuntu/+source/inspircd/+bug/1428209 consistent handling of user:pass format You will also likely want: https://bugs.launchpad.net/ubuntu/+source/inspircd/+bug/1437044 for the logging enhancements.
- The logrotate support requires that this fix be present: https://bugs.launchpad.net/ubuntu/+source/inspircd/+bug/1437030
TODO:
LATER:
Contact Information
LaMont Jones lamont.jones@canonical.com
Configuration
- adminmail
- (string) Administrator email address (for whois, etc)
- admin@example.com
- adminname
- (string) Administrator name (for whois, etc)
- Network administrator
- adminnick
- (string) Administrator description (for whois, etc)
- Administrator
- ca_certificate
- (string) Base64 encoded openssl CA certificate (chain)
- channel_defaultmodes
- (string) default modes for new channels
- nt
- channel_limit_opers
- (int) maximum number of channels that an oper may be in at one time
- 60
- channel_limit_users
- (int) maximum number of channels that a user may be in at one time
- 20
- class_list
- (string) additional class blocks of the form "[[name, 'cmds'], [name, 'cmds'], ...]"
- []
- config-changed
- (string) A dummy option to allow triggering config-changed
- connect_list
- (string) connect blocks formed as per the default.
- [{ name: "general", allow: "*", timeout: 60, flood: 20, threshold: 1, pingfreq: 120, sendq: 262144, recvq: 8192, localmax: 3, globalmax: 3}]
- crl_filename
- (string) name of CRL file, if any.
- die_password
- (string) /DIE password
- hold_package
- (boolean) should we apt-hold the inspircd package
- ldapauth_allowpattern
- (string) a whitespace separated list of patterns to allow
- ldapauth_attribute
- (string) attribute for ldapauth queries
- ldapauth_baserdn
- (string) baserdn for ldapauth queries
- ldapauth_bindauth
- (string) password for ldapauth_binddn
- ldapauth_binddn
- (string) bind DN for ldapauth queries
- ldapauth_killreason
- (string) kill reason for ldapauth denied users
- Access denied
- ldapauth_searchscope
- (string) searchscope for ldapauth queries
- subtree
- ldapauth_server
- (string) ldap server uri for ldapauth queries. If not set, no the ldapauth module is not used.
- ldapauth_userfield
- (boolean) base auth on username (default is to use the nick)
- ldapauth_verbose
- (boolean) make ldapauth verbose?
- ldapauth_whitelist
- (string) a list of whitelisting rules
- [ cidr="127.0.0.1" ]
- ldapoper_attribute
- (string) attribute for ldapoper queries
- ldapoper_baserdn
- (string) baserdn for ldapoper queries
- ldapoper_bindauth
- (string) password for ldapoper_binddn
- ldapoper_binddn
- (string) bind DN for ldapoper queries
- ldapoper_list
- (string) ldapoper blocks of the form "[[user, host, type], [user, host, type], ...]"
- []
- ldapoper_searchscope
- (string) scope for ldapoper queries
- subtree
- ldapoper_server
- (string) ldap server uri for ldapoper queries. If not set, no the ldapoper module is not used.
- logrotate_count
- (string) how many old logs should be kept by logrotate
- 52
- logrotate_dateext
- (boolean) use dateext in logrotate
- True
- logrotate_frequency
- (string) how often should logrotation happen
- weekly
- maxtopic
- (int) maximum length of a channel topic. Per the inspircd documents: The highest "safe" value you can set this option to is 500, but it is recommended that you keep it somewhat near its default (or lower).
- 307
- motd
- (string) Default message of the day
- Welcome to the IRC network!
- nagios_context
- (string) Used by the nrpe subordinate charms. A string that will be prepended to instance name to set the host name in nagios. So for instance the hostname would be something like: juju-myservice-0 If you're running multiple environments with the same services in them this allows you to differentiate between them.
- juju
- nagios_nick
- (string) nick used for the nagios check
- ubuntu
- nagios_server_password
- (string) server password used for the nagios check (implies SSL)
- nagios_servicegroup
- (string) Used by the nrpe subordinate charms. servicegroup for our checks.
- irc
- networkdesc
- (string) IRC network description
- My Network
- networkname
- (string) Short IRC network name
- MyNet
- oper_list
- (string) oper blocks of the form "[[user, password, host, type], [user, password, host, type], ...]"
- []
- origin
- (string) repository for apt-add-repository, if non-empty
- password
- (string) IRC cluster server password
- peer_ports
- (string) A list of [IP, port] port for peering: e.g. '[["0.0.0.0", 7777]]'. The first one is provided to any peering relations
- ports
- (string) A list of [IP, port] non-SSL ports
- [["127.0.0.1", 6667]]
- restart_password
- (string) /RESTART password
- servername
- (string) name of the server
- irc.local
- ssl_certificate
- (string) Base64 encoded openssl certificate
- ssl_cipher_suite
- (string) List of server SSL/TLS cipher suites to use (a.k.a. GnuTLS priority string).
- PFS:-VERS-SSL3.0:-DHE-DSS:-ARCFOUR-128:-3DES-CBC:-CAMELLIA-128-GCM:-CAMELLIA-256-GCM:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC
- ssl_key
- (string) Base64 encoded openssl key (PEM)
- ssl_ports
- (string) A list of [IP, port] SSL ports. Ignored if either ssl_key or ssl_cert is empty.
- [["0.0.0.0", 6697]]
- type_list
- (string) additional type blocks of the form "[[name, 'classes', host], [name, 'classes', host], ...]"
- []