This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
help:technical:znc [2017/05/25 01:03] rubin [ZNC install for network Administrators] |
help:technical:znc [2017/05/26 15:55] (current) rubin |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== ZNC install for network Administrators ====== | ====== ZNC install for network Administrators ====== | ||
+ | |||
+ | This is a guide for IRC Network Administrators. If you just want to connect to AfterNET' | ||
If you use X3 with ldap support (Or any services with ldap support) you can host a ZNC bouncer for all your users to use, by using ZNC's cyrusauth module. Here is how we build ZNC for afternet: | If you use X3 with ldap support (Or any services with ldap support) you can host a ZNC bouncer for all your users to use, by using ZNC's cyrusauth module. Here is how we build ZNC for afternet: | ||
Line 44: | Line 46: | ||
* compile: '' | * compile: '' | ||
* install: '' | * install: '' | ||
+ | * Remove plugins (See list below) that you don't want around for security or irrelevance | ||
* Run for the first time, from the install directory: '' | * Run for the first time, from the install directory: '' | ||
* Username: admin | * Username: admin | ||
Line 52: | Line 55: | ||
* Bind host: empty | * Bind host: empty | ||
* Connect to the ZNC using an irc client as the above user | * Connect to the ZNC using an irc client as the above user | ||
- | * Load the cyrusauth module: ''/ | + | * Load the cyrusauth module |
- | * Create a dummy user in znc to use as a skel/clone identity | + | * Create a dummy user in znc to use as a skel/clone identity: ''/ |
- | * Set cyrusauth module | + | * Configure this user how you want them. Mainly use your above zncadmin account to disable their flag access to bind. |
- | * Let it create users: '' | + | * Configure |
+ | * Set cyrusauth module to use it the cloneuser: '' | ||
+ | * Let it create users: '' | ||
+ | * Your services/ | ||
+ | * A network to configure for cloned users: '' | ||
+ | * A server to configure for them: '' | ||
+ | * Salt is used to unpredictibly hash usernames: '' | ||
+ | * A WebIRC Block in nefarious lets us setup our hostname: '' | ||
+ | * What hostname to use: '' | ||
* Load the sasl module: ''/ | * Load the sasl module: ''/ | ||
- | | + | |
- | * | + | * Require authentication: |
- | * Configure | + | * SASL Mechanism to support: '' |
+ | * Set < | ||
+ | |||
+ | ===== Setup IRCD ===== | ||
+ | * Add a webIRC line: | ||
+ | |||
+ | WebIRC { | ||
+ | | ||
+ | host = "*@zncip"; | ||
+ | pass = " | ||
+ | }; | ||
+ | |||
+ | * Except block to protect znc from flood limits: | ||
+ | |||
+ | Except { | ||
+ | host = " | ||
+ | gline = yes; | ||
+ | rdns = yes; | ||
+ | ipcheck = yes; | ||
+ | targetlimit = yes; | ||
+ | }; | ||
+ | |||
+ | ===== Security ===== | ||
+ | I run this script after '' | ||
+ | |||
+ | < | ||
+ | # | ||
+ | |||
+ | RM='/ | ||
+ | echo "Lets delete | ||
+ | |||
+ | #Lets remove unsafe modules! | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | $RM lib/ | ||
+ | # | ||
+ | # | ||
+ | $RM lib/ | ||
+ | # | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | # ADD? # | ||
+ | # | ||
+ | # | ||
+ | # ADD? # | ||
+ | # ADD? # | ||
+ | # | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | # | ||
+ | # | ||
+ | $RM lib/ | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | $RM lib/ | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | $RM lib/ | ||
+ | # | ||
+ | $RM lib/ | ||
+ | #$RM lib/ | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | #$RM lib/ | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | # | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | # | ||
+ | # ADD? # | ||
+ | # | ||
+ | # | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | # ADD? # | ||
+ | # ADD? # | ||
+ | # | ||
+ | $RM lib/ | ||
+ | # | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | $RM lib/ | ||
+ | # | ||
+ | # | ||
+ | # ADD? # | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | </ |