Skip to main content

ErgoIRC

Want to start an IRC Server, because why not? Go for it!

Quick Start

Download the latest release from this page: https://github.com/ergochat/ergo/releases/latest

Extract it into a folder, then run the following commands:

cp default.yaml ircd.yaml
vim ircd.yaml  # modify the config file to your liking
./ergo mkcerts # omit and use below instructions if you want to use a CA cert
./ergo run     # server should be ready to go!

Note: See the productionizing guide in the manual for recommendations on how to run a production network.

TLS Certificates

If you want to use certificates from the https://ca.info.nx3 CA on your IRC server, you can do so with the following instructions:

First, make sure you have the step-cli installed, then run this command (assuming you have a DNS record pointing towards your desired domain):

step ca certificate irc.your.domain ergoirc.crt ergoirc.key

This will use ACME to get a certificate for your server!

From here, you are able to create an auto-renewer using systemd timers if desired:

; /etc/systemd/system/cert-renewer@.service

[Unit]
Description=Certificate renewer for %I
After=network-online.target
Documentation=https://smallstep.com/docs/step-ca/certificate-authority-server-production
StartLimitIntervalSec=0
; PartOf=cert-renewer.target

[Service]
Type=oneshot
User=root

Environment=STEPPATH=/etc/step-ca \
            CERT_LOCATION=/etc/step/certs/%i.crt \
            KEY_LOCATION=/etc/step/certs/%i.key

; ExecCondition checks if the certificate is ready for renewal,
; based on the exit status of the command.
; (In systemd <242, you can use ExecStartPre= here.)
ExecCondition=/usr/bin/step certificate needs-renewal ${CERT_LOCATION}

; ExecStart renews the certificate, if ExecStartPre was successful.
ExecStart=/usr/bin/step ca renew --force ${CERT_LOCATION} ${KEY_LOCATION}

; Try to reload or restart the systemd service that relies on this cert-renewer
; If the relying service doesn't exist, forge ahead.
; (In systemd <229, use `reload-or-try-restart` instead of `try-reload-or-restart`)
ExecStartPost=/usr/bin/env sh -c "! systemctl --quiet is-active %i.service || systemctl try-reload-or-restart %i"

[Install]
WantedBy=multi-user.target
; /etc/systemd/system/cert-renewer@.timer  

[Unit]
Description=Timer for certificate renewal of %I
Documentation=https://smallstep.com/docs/step-ca/certificate-authority-server-production
; PartOf=cert-renewer.target

[Timer]
Persistent=true

; Run the timer unit every 15 minutes.
OnCalendar=*:1/15

; Always run the timer on time.
AccuracySec=1us

; Add jitter to prevent a "thundering hurd" of simultaneous certificate renewals.
RandomizedDelaySec=5m

[Install]
WantedBy=timers.target

With these two files, you can now automatically renew your certificate by enabling the timer (assuming your certificates are stored in /etc/step/certs/ergoirc.*, and your service is ergoirc.service):

systemctl disable cert-renewer@ergoirc.service

 

Back to top