- Notifications
You must be signed in to change notification settings - Fork0
Full Quassel IRC setup in a box, via SaltStack configuration management
License
NotificationsYou must be signed in to change notification settings
digitalcircuit/salt-box-quassel
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
This takes a stock Ubuntu 22.04/24.04 system, and with Salt, turns it into an IRC setup with desktop, mobile, and web clients, search, a home page, and includes Let's Encrypt certificates for encrypted connections.
This is not endorsed by the officialQuassel IRC project,Quassel Webserver, orQuassel Rest Search
Work in progress: features may change without warning. Please read the commit log before updating production systems.
- Customize the files in
pillarto suit your environment- See below for the minimum viable setup (e.g. local development)
- Apply the salt state via
salt-call- Works with amasterless minion Salt setup, no need for master
- Set your server hostname
# Hostname details (optional/default configuration removed)server:# Hostnameshostnames:# Domains by certificate chain# Main domaincert-primary:# Hostname visible to the world, used in SSL certs and brandingroot:public.domain.here.example.com
- Set up
certbotfor Let's Encrypt certificates, or disable it
pillar/server/web/certbot.sls:
# Certificate details for Let's Encrypt (optional/default configuration removed)certbot:# Replace dummy certificates with certificates from Let's Encrypt?## NOTE - enabling certbot implies you agree to the Let's Encrypt# Terms of Service (subscriber agreement). Please read it first.# https://letsencrypt.org/repository/#let-s-encrypt-subscriber-agreementenable:True# Use staging/test server to avoid rate-limit issues?testing:False# Account detailsaccount:# Email address for recoveryemail:real-email-address@example.com
- Set initial credentials for Quassel core
pillar/server/chat/quassel/main.sls:
# Quassel configuration (optional/default configuration removed)server:chat:quassel:# Quassel corecore:# Initial/administrative useradmin:username:initial_quassel_userpassword:change_this_password# PostgreSQL database setupdatabase:password:also_change_this_database_password
- Quassel IRC core running on port
4242, with admin useras in pillar data- Stable version configuredfrom mamarley's PPA
- Website atconfigured server hostname, with HTTP/HTTPS enabled
- Quassel Web available at
https://hostname/chat - Quassel Rest Search available at
https://hostname/search - Basic connection information and links to the desktop andAndroid client, Quasseldroid
- Quassel Web available at
- Let's Encrypt for certificates with automated deployment and renewal, including reloading services
- 2 GB swapfile for low-memory systems (e.g. 1 GB RAM)
- Initial NPM deploy of Quassel Web spikes memory usage
Tune PostgreSQL performance (recommended)
- Modify
pillar/server/storage/database.slsaccording to your system specifications. - Periodic cleanup may help as well, seethe Quassel IRC project wiki for details
- Modify
Add new Quassel core user
$ sudo --user=quasselcore quasselcore --add-user --configdir=/var/lib/quassel
- Change password of Quassel core user
USERNAMEwithout access to original password
$ sudo --user=quasselcore quasselcore --change-userpass=USERNAME --configdir=/var/lib/quassel
Administration UI to be added later.
- Useful for a shared core provided by a network
- Not yet recommended for use by fully untrusted users
- Work is ongoing in the Quassel IRC upstream project to provide restricted accounts
pillar/server/chat/quassel/main.sls:
# Quassel configurationserver:chat:quassel:# [...existing configuration here...]# Restrictions and lockdownlockdown:# Lock the IRC ident to the Quassel account usernamestrict-ident:False# Limit what networks can be used from any Quassel accountstrict-networks:# If enabled, only networks listed below are allowedenabled:False# List of allowed IRC networks (domain names and/or IP addresses)## NOTE - Domain names are translated to IP addresses, refreshed# periodically. If you make use of round-robin DNS, you will need to# specify all possible domain names/IP addresses.hosts: -"irc.example.invalid" -"server-a.example.invalid" -"server-b.example.invalid"# List of allowed ports for IRC connectionsports: -6667 -6697
- Modify
pillar/server/chat/quassel/versions.sls- Recommendation: set a fixed tag/commit ID for production, test newer versions locally first
- Configure
pillar/server/metrics.slswith metrics server details - Example receiving setup: Grafana + Telegraf HTTP Listener + InfluxDB
- Configure
pillar/common/backup/system.slswith upload script and encryption settings- Example script given for use withrclone, enabling backup to many cloud/self-hosted services
- Quassel IRC for the IRC client and server core
- Quassel Webserver for web chat
- Quassel Rest Search for web search
- Some credits in the individual files, too
- If you're missing, let me know, and I'll fix it as soon as I can!
About
Full Quassel IRC setup in a box, via SaltStack configuration management
Topics
Resources
License
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Releases
No releases published
Packages0
No packages published
Uh oh!
There was an error while loading.Please reload this page.