nixos-dotfiles

https://git.tonybtw.com/nixos-dotfiles.git git://git.tonybtw.com/nixos-dotfiles.git

4,107 bytes raw

# irc-public.nix - Public-facing IRC server configuration
{
  config,
  pkgs,
  ...
}: {
  services.ngircd = {
    enable = true;
    package = pkgs.ngircd.overrideAttrs (oldAttrs: {
      configureFlags = builtins.filter (f: f != "--with-pam") oldAttrs.configureFlags;
      buildInputs = builtins.filter (i: i != pkgs.pam) oldAttrs.buildInputs;
    });

    config = ''
      [Global]
      Name = irc.yourdomain.com
      Info = Community IRC Server
      AdminInfo1 = Your Name
      AdminInfo2 = Your Community Server
      AdminEMail = admin@yourdomain.com

      # Network and connection settings
      Listen = 0.0.0.0
      Ports = 6667
      MotdFile = /etc/ngircd/motd.txt

      # User limits
      MaxConnections = 500
      MaxConnectionsIP = 5
      MaxJoins = 10
      MaxNickLength = 16
      PingTimeout = 120
      PongTimeout = 20

      # DNS and ident
      DNS = yes

      [Limits]
      ConnectRetry = 60
      MaxPenaltyTime = -1

      [Options]
      AllowRemoteOper = no
      ChrootDir =
      CloakHost = %x
      CloakHostModeX = %x
      CloakHostSalt = your-random-salt-here
      CloakUserToNick = yes
      ConnectIPv4 = yes
      ConnectIPv6 = yes
      DefaultUserModes = i
      MorePrivacy = no
      NoticeBeforeRegistration = no
      OperCanUseMode = yes
      OperChanPAutoOp = yes
      OperServerMode = yes
      PredefChannelsOnly = no
      RequireAuthPing = no
      ScrubCTCP = no
      SyslogFacility = local1
      WebircPassword =

      [SSL]
      CAFile =
      CertFile = /etc/ngircd/ssl/server-cert.pem
      CipherList = HIGH:!aNULL:@STRENGTH
      DHFile = /etc/ngircd/ssl/dhparams.pem
      KeyFile = /etc/ngircd/ssl/server-key.pem
      Ports = 6697

      # Operator accounts (CHANGE THESE!)
      [Operator]
      Name = admin
      Password = change-this-password-hash
      Mask = *!*@*

      # Default channels
      [Channel]
      Name = #general
      Topic = General Discussion
      Modes = nt

      [Channel]
      Name = #announcements
      Topic = Server Announcements
      Modes = ntm

      [Channel]
      Name = #support
      Topic = Help and Support
      Modes = nt

      [Channel]
      Name = #offtopic
      Topic = Off Topic Chat
      Modes = nt
    '';
  };

  # Create MOTD file
  environment.etc."ngircd/motd.txt".text = ''
    ╔═══════════════════════════════════════════════════╗
    ║       Welcome to the Community IRC Server!        ║
    ╚═══════════════════════════════════════════════════╝

    Server Rules:
    1. Be respectful to all users
    2. No spam or flooding
    3. No harassment or hate speech
    4. Keep discussion appropriate for all ages
    5. Follow channel-specific rules

    Available channels:
    - #general      : General discussion
    - #announcements: Server announcements (moderated)
    - #support      : Help and support
    - #offtopic     : Off topic chat

    For help, type: /join #support

    Enjoy your stay!
  '';

  # Open firewall ports
  networking.firewall.allowedTCPPorts = [
    6667  # Plain IRC
    6697  # SSL IRC
  ];

  # Optional: Setup Let's Encrypt for SSL
  # Uncomment and configure if you want SSL support
  # security.acme = {
  #   acceptTerms = true;
  #   defaults.email = "admin@yourdomain.com";
  #   certs."irc.yourdomain.com" = {
  #     group = "ngircd";
  #     postRun = "systemctl reload ngircd.service";
  #   };
  # };

  # Optional: TheLounge web IRC client
  # Uncomment to enable web-based IRC access
  # services.thelounge = {
  #   enable = true;
  #   port = 9000;
  #   public = true;  # Allow registration
  #
  #   extraConfig = {
  #     reverseProxy = true;  # If behind nginx
  #
  #     defaults = {
  #       name = "Community IRC";
  #       host = "127.0.0.1";
  #       port = 6667;
  #       tls = false;
  #       rejectUnauthorized = false;
  #       join = "#general";
  #     };
  #   };
  # };
}

1	`# irc-public.nix - Public-facing IRC server configuration`
2	`{`
3	`config,`
4	`pkgs,`
5	`...`
6	`}: {`
7	`services.ngircd = {`
8	`enable = true;`
9	`package = pkgs.ngircd.overrideAttrs (oldAttrs: {`
10	`configureFlags = builtins.filter (f: f != "--with-pam") oldAttrs.configureFlags;`
11	`buildInputs = builtins.filter (i: i != pkgs.pam) oldAttrs.buildInputs;`
12	`});`
13
14	`config = ''`
15	`[Global]`
16	`Name = irc.yourdomain.com`
17	`Info = Community IRC Server`
18	`AdminInfo1 = Your Name`
19	`AdminInfo2 = Your Community Server`
20	`AdminEMail = admin@yourdomain.com`
21
22	`# Network and connection settings`
23	`Listen = 0.0.0.0`
24	`Ports = 6667`
25	`MotdFile = /etc/ngircd/motd.txt`
26
27	`# User limits`
28	`MaxConnections = 500`
29	`MaxConnectionsIP = 5`
30	`MaxJoins = 10`
31	`MaxNickLength = 16`
32	`PingTimeout = 120`
33	`PongTimeout = 20`
34
35	`# DNS and ident`
36	`DNS = yes`
37
38	`[Limits]`
39	`ConnectRetry = 60`
40	`MaxPenaltyTime = -1`
41
42	`[Options]`
43	`AllowRemoteOper = no`
44	`ChrootDir =`
45	`CloakHost = %x`
46	`CloakHostModeX = %x`
47	`CloakHostSalt = your-random-salt-here`
48	`CloakUserToNick = yes`
49	`ConnectIPv4 = yes`
50	`ConnectIPv6 = yes`
51	`DefaultUserModes = i`
52	`MorePrivacy = no`
53	`NoticeBeforeRegistration = no`
54	`OperCanUseMode = yes`
55	`OperChanPAutoOp = yes`
56	`OperServerMode = yes`
57	`PredefChannelsOnly = no`
58	`RequireAuthPing = no`
59	`ScrubCTCP = no`
60	`SyslogFacility = local1`
61	`WebircPassword =`
62
63	`[SSL]`
64	`CAFile =`
65	`CertFile = /etc/ngircd/ssl/server-cert.pem`
66	`CipherList = HIGH:!aNULL:@STRENGTH`
67	`DHFile = /etc/ngircd/ssl/dhparams.pem`
68	`KeyFile = /etc/ngircd/ssl/server-key.pem`
69	`Ports = 6697`
70
71	`# Operator accounts (CHANGE THESE!)`
72	`[Operator]`
73	`Name = admin`
74	`Password = change-this-password-hash`
75	`Mask = !@*`
76
77	`# Default channels`
78	`[Channel]`
79	`Name = #general`
80	`Topic = General Discussion`
81	`Modes = nt`
82
83	`[Channel]`
84	`Name = #announcements`
85	`Topic = Server Announcements`
86	`Modes = ntm`
87
88	`[Channel]`
89	`Name = #support`
90	`Topic = Help and Support`
91	`Modes = nt`
92
93	`[Channel]`
94	`Name = #offtopic`
95	`Topic = Off Topic Chat`
96	`Modes = nt`
97	`'';`
98	`};`
99
100	`# Create MOTD file`
101	`environment.etc."ngircd/motd.txt".text = ''`
102	`╔═══════════════════════════════════════════════════╗`
103	`║ Welcome to the Community IRC Server! ║`
104	`╚═══════════════════════════════════════════════════╝`
105
106	`Server Rules:`
107	`1. Be respectful to all users`
108	`2. No spam or flooding`
109	`3. No harassment or hate speech`
110	`4. Keep discussion appropriate for all ages`
111	`5. Follow channel-specific rules`
112
113	`Available channels:`
114	`- #general : General discussion`
115	`- #announcements: Server announcements (moderated)`
116	`- #support : Help and support`
117	`- #offtopic : Off topic chat`
118
119	`For help, type: /join #support`
120
121	`Enjoy your stay!`
122	`'';`
123
124	`# Open firewall ports`
125	`networking.firewall.allowedTCPPorts = [`
126	`6667 # Plain IRC`
127	`6697 # SSL IRC`
128	`];`
129
130	`# Optional: Setup Let's Encrypt for SSL`
131	`# Uncomment and configure if you want SSL support`
132	`# security.acme = {`
133	`# acceptTerms = true;`
134	`# defaults.email = "admin@yourdomain.com";`
135	`# certs."irc.yourdomain.com" = {`
136	`# group = "ngircd";`
137	`# postRun = "systemctl reload ngircd.service";`
138	`# };`
139	`# };`
140
141	`# Optional: TheLounge web IRC client`
142	`# Uncomment to enable web-based IRC access`
143	`# services.thelounge = {`
144	`# enable = true;`
145	`# port = 9000;`
146	`# public = true; # Allow registration`
147	`#`
148	`# extraConfig = {`
149	`# reverseProxy = true; # If behind nginx`
150	`#`
151	`# defaults = {`
152	`# name = "Community IRC";`
153	`# host = "127.0.0.1";`
154	`# port = 6667;`
155	`# tls = false;`
156	`# rejectUnauthorized = false;`
157	`# join = "#general";`
158	`# };`
159	`# };`
160	`# };`
161	`}`