Setting up an InspIRCd IRC Server on Ubuntu 16.04 LTS

Published on: Fri, May 18, 2018 at 11:02 am EST
Linux Guides Server Apps Social Ubuntu

Internet Relay Chat (IRC) is something that has been around since the early days of the internet. In this guide, I will be showing you how to setup an IRC server with InspIRCd with Atheme for additional IRC services. InspIRCd is one of the few IRC servers written from scratch and one of only a few IRC servers to provide a tunable number of features through the use of an advanced module system.

Prerequisites

InspIRCd should work with any instance size. It's minimum system requirements are a 700MHz CPU and 300MB of RAM.

Update the system

When logging in as a sudo user, you can update the system to the latest stable status as follows:

apt-get update && apt-get upgrade 

Configuring the firewall

First let’s harden the VPS a little bit. We will enable ufw and add a few rules. Let's start with configuring ports:

ufw allow 22/tcp
ufw allow 6667/tcp
ufw enable

The firewall will prompt a dialog to accept changes. Just press Y for yes.

Command may disrupt existing ssh connections. Proceed with operation (y|n)?

Install and configure InspIRCd

Next we can install InspIRCd, for Ubuntu 16.04 this package is available through the main repository.

apt-get install inspircd 

Once the installation is done, we can start configuring the service. The main configuration can be found in the /etc/inspircd/inspircd.conf file and has the layout of an XML file.

nano /etc/inspircd/inspircd.conf

First search for the server tag. This tag is where you enter the details of your server/network, most of these settings are visible to your users.

  • name: Hostname of your server. It does not need to resolve, but does need to be the correct syntax (e.g: sub.example.net).
  • description: Server description.
  • id: The SID to use for this server. This should not be uncommented unless there is a SID conflict. This must be three characters long. The first character must be a digit [0-9], the remaining two chars may be letters [A-Z] or digits.
  • network: Network name given on connect to clients. Should be the same on all servers on the network and not contain spaces.

In our guide we will be using the following:

<server name="irc.example.net"
        description="My EXAMPLE.NET server"
        id="5AA"            
        network="ExampleNET">

Replace the original tag with the one above.

Next, search for the admin tag. These settings are the administrative details of your server. They are shown when you type the /ADMIN command.

  • name: Real Name
  • nick: Nickname (preferably what you use on the network).
  • email: email address. Does not have to be valid but this address will be the one your users should contact you in case of troubles.

Let's use the administrator Xenial:

<admin name="Xenial Xerius"
   nick="xenial"
   email="admin@irc.example.net">

Now move to the bind address. This tag is used for opening the service. By default you will see the localhost IP (127.0.0.1). This means that the service cannot be contacted by the outside world. Let's open up our service by using no address at all. This will cause the service to bind to any ethernet interface the machine owns:

<bind address="" port="6667" type="clients">

The next tag will be the power tag. This tag defines two passwords.

  • diepass: Password for operators to use if they want to shutdown a server.
  • restartpass: Password for operators to use if they need to restart a server.

It's best to change these default passwords:

<power diepass="die123" restartpass="restart123" pause="2">

The last settings we will be changing are the oper settings. These define the operator logins.

  • name: operator login that is used to oper up (Example: /oper name password).
  • password: unhashed and plain text
  • host: What hostnames/IP's are allowed to oper up. Multiple options can be separated by spaces, and CIDR's are allowed. You can just use * or @ for this section.
  • type: What oper type this is. The block above should have three classes already defined: NetAdmin, GlobalOp and Helper. The NetAdmin is the one we will be using.

Change the oper tag using the following content. Note that for our example we will be using "@" for the host. In a production environment, it is not desirable to use this:

<oper name="xenial"
   password="mypassword"
   host="*@*"
   type="NetAdmin">

Before we restart the service, edit the motd and rules files:

nano /etc/inspircd/inspircd.motd

Replace it with your own, for example:

This is the motd of example.net. Here you can list planned outages or information your users need to know about this IRC server.

Finally edit the rules files.

nano /etc/inspircd/inspircd.rules

Add your own rules, for example:

The first rule of Fight Club is: You do not talk about Fight Club. The second rule of Fight Club is: You DO NOT TALK ABOUT FIGHT CLUB! 

Now that everything is set up, restart the IRC service:

service inspircd restart

To verify that everything is running, query the netstat tool:

netstat -tulpn | grep -i inspircd

It should list the program inspircd, listening on port 6666:

tcp6       0      0 :::6667                 :::*                    LISTEN      31313/inspircd
udp        0      0 0.0.0.0:39335           0.0.0.0:*                           31313/inspircd

To test the server we can install a terminal IRC client. On Windows you can use a program such as mIRC. In our example we will be using weechat. This is a text based IRC client that can be used in a terminal session.

Install the weechat application through the repositories:

apt-get install weechat 

Once this application is installed, run this IRC client:

weechat

To view all commands weechat has to offer, you can request the help command:

/help

To exit weechat you can type the following command:

/quit    

Add our local server to a connection in weechat:

/server add local localhost

Now we can connect to the connection profile named 'local':

/connect local

You will see our motd and rules pop up in the terminal window.

To promote yourself to an operator, type the following:

/oper xenial mypassword

This will show us a confirmation on success:

22:40:34   local  -- | User mode [+o] by irc.example.net
22:40:34   local  -- | You are now a NetAdmin

That's it for our IRC server.

Installing IRC services - Atheme

Atheme is a set of services for IRC networks designed for large IRC networks with high scalability requirements. It adds additional services such as NickServ (Nickname Registration) to your IRC network.

Atheme can be found in the Ubuntu repository:

apt-get install atheme-services

Once the binaries are installed, extract the example configuration file and copy it to the atheme folder:

gunzip /usr/share/doc/atheme-services/examples/atheme.conf.example.gz
cp /usr/share/doc/atheme-services/examples/atheme.conf.example /etc/atheme/atheme.conf

Next, edit this configuration file:

nano /etc/atheme/atheme.conf

First search for the loadmodule protocol command. This should be defined as follows:

loadmodule "modules/protocol/charybdis";

Replace charybdis with the protocol of inspircd:

loadmodule "modules/protocol/inspircd12";

Next search for the service name:

name = "services.int";

Change services.int to match the domain name or IP address of your IRC server:

name = "services.irc.example.net";

Once this is done search for the numeric:

numeric = "00A";

Now change it to a value different than the numeric used in the server tag used before.

numeric = "77C";

Once this is done, let's configure the network name. Search for netname:

netname = "misconfigured network";

Change this value to the network parameter in the server tag.

netname = "ExampleNET";

Change the value of the hidehostsuffix:

hidehostsuffix = "users.misconfigured";

Remove the .misconfigured:

hidehostsuffix = "users";

Next change the admin name to the one we used before:

adminname = "xenial";

Match the adminemail to the associated email used before:

adminemail = "admin@irc.example.net";

Now that this is done, we need to create an uplink for our services. Find the two uplink code blocks and comment them all out. Add /* before the uplink{ command and */ at the end of the closing brace.

It will look like the following:

/* this is an example for using an IPv6 address as an uplink */
/*
uplink "irc6.example.net" {
        host = "::1";
        password = "linkage";
        port = 6667;
};
*/

Next, add our own uplink. This uplink will only run on our localhost's IP, and on port 7001. Specify a super secret password (we will be using it later on):

uplink "services.irc.example.net" {
    host = "127.0.0.1";

    // password
    // If you want to have same send_password and accept_password, you
    // can specify both using 'password' instead of individually.
    password = "SuperSecret123456";

    port = 7001;
 };

Finally search for our service definitions. Start with the nickserv block first.

In the nickserv block, search for the host tag and change it to ExampleNet/services/NickServ:

nickserv {

    ...<<truncated>>...

    /* (*)host
     * The hostname we want NickServ to have.
     */
    host = "ExampleNet/services/NickServ";

    /* (*)real
     * The realname (gecos) information we want NickServ to have.
     */
    real = "Nickname Services";

    ...<<truncated>>...

Change the hostname tag for all of the other services as well:

nickserv:  ExampleNet/services/NickServ
chanserv:  ExampleNet/services/ChanServ
global:    ExampleNet/services/Global
infoserv:  ExampleNet/services/InfoServ
operserv:  ExampleNet/services/OperServ
saslserv:  ExampleNet/services/SaslServ
memoserv:  ExampleNet/services/MemoServ
gameserv:  ExampleNet/services/GameServ
botserv:   ExampleNet/services/BotServ
groupserv: ExampleNet/services/GroupServ
hostserv:  ExampleNet/services/HostServ
helpserv:  ExampleNet/services/HelpServ
alis:      ExampleNet/services/ALIS

Once this is done, save and quit the configuration file.

To test it all out, run the atheme-services binary:

atheme-services

This should tell you exactly if it works or not. If you are not receiving output like what is shown below, go back and check for any errors in the configuration file:

[19/02/2018 23:06:24] db-open-read: database '/var/lib/atheme/services.db' does not yet exist; a new one will be created.
[19/02/2018 23:06:24] pid 1929
[19/02/2018 23:06:24] running in background mode from /

Now enable the service by editing the services file:

nano /etc/default/atheme-services

Change the ENABLED value:

DAEMON_OPTS=""
ENABLED=1

Now we can start the service:

service atheme-services restart

Check its status:

service atheme-services status

This will return similar results:

● atheme-services.service - LSB: Atheme-services daemon init.d script
   Loaded: loaded (/etc/init.d/atheme-services; bad; vendor preset: enabled)
   Active: active (running) since Wed 2018-02-19 23:45:05 UTC; 8s ago
     Docs: man:systemd-sysv-generator(8)

Feb 19 23:45:05 vultr.guest atheme-services[2810]: Starting Atheme IRC Services: atheme-service
Feb 19 23:45:05 vultr.guest atheme-services[2810]: [19/02/2018 23:45:05] atheme 6.0.11 is start
Feb 19 23:45:05 vultr.guest atheme-services[2810]: [19/02/2018 23:45:05] Module operserv/sgline
Feb 19 23:45:05 vultr.guest atheme-services[2810]: [19/02/2018 23:45:05] module_load(): module
Feb 19 23:45:05 vultr.guest atheme-services[2810]: [19/02/2018 23:45:05] /etc/atheme/atheme.con
Feb 19 23:45:05 vultr.guest atheme-services[2810]: [19/02/2018 23:45:05] db-open-read: database
Feb 19 23:45:05 vultr.guest atheme-services[2810]: [19/02/2018 23:45:05] pid 2824
Feb 19 23:45:05 vultr.guest atheme-services[2810]: [19/02/2018 23:45:05] running in background
Feb 19 23:45:05 vultr.guest atheme-services[2810]: .
Feb 19 23:45:05 vultr.guest systemd[1]: Started LSB: Atheme-services daemon init.d script.

Before we are finished, we need to add our Atheme services to InspIRCd:

nano /etc/inspircd/inspircd.conf

At the end of the file add these lines:

<bind address="127.0.0.1" port="7001" type="servers">

<uline server="services.irc.example.net">

<link name="services.irc.example.net"
  ipaddr="127.0.0.1"
  port="7001"
  allowmask="127.0.0.1"
  sendpass="SuperSecret123456"
  recvpass="SuperSecret123456">

<chanprotect noservices="no"
         qprefix="~"
         aprefix="&">

# Modules needed for services to function
<module name="m_chanprotect.so">
<module name="m_halfop.so">
<module name="m_services_account.so">
<module name="m_deaf.so">
<module name="m_spanningtree.so">
<module name="m_globops.so">
<module name="m_cban.so">
<module name="m_svshold.so">
<module name="m_hidechans.so">
<module name="m_servprotect.so">
<module name="m_chghost.so">
<module name="m_namesx.so">
<module name="m_uhnames.so">    

Now restart the InspIRCd service:

service inspircd restart

Ensure that everything is running fine:

service inspircd status

Now start our weechat client again:

weechat

Connect to our local server:

/connect local

You will see one of our Atheme services pop up immediately: NickServ. It will greet you with information about itself.

23:12:48   local  -- | NickServ (NickServ@ExampleNet/services/NickServ): Welcome to ExampleNet,
                 | root! Here on ExampleNet, we provide services to enable the registration of
                 | nicknames and channels! For details, type /msg NickServ help and /msg
                 | ChanServ help.

You can query NickServ and find out its available commands with the following:

/msg NickServ help

Want to contribute ?

You could earn up to $300 by adding new articles