Install & Chroot Soju
Overview
Soju is a user-friendly IRC bouncer that has the following features:
- Multi-user
- Support multiple clients for a single user, with proper backlog sychronization
- Support connecting to multiple upstream servers via a single IRC connection to the bouncer
Compiling from Source
As of OpenBSD 7.0, soju is not packaged yet so you'll have to compile it from source.
pkg_add git go git clone https://git.sr.ht/~emersion/soju cd soju make soju sojuctl
Golang is only a build-time dependency so it can be removed after the make command finishes.
Configuration and Running without Chroot
You can now use it as is by creating a user with sojuctl and then running soju, or you can create and use a config file.
Example config file:
listen ircs://:6999 tls /etc/soju/yourhostname.crt /etc/soju/yourhostname.key hostname yourhostname db sqlite3 /etc/soju/soju.db title A Soju Instance
And to run that (assuming you're still in soju's repository directory):
./sojuctl -config /path/to/soju.conf create-user someuser -admin ./soju -config /path/to/soju.conf
Chroot
For additional security/peace of mind, you can run it under it's own unprivileged account and in a chroot.
You can run these commands to create the user and populate the chroot (replace the placeholder paths) and then running it:
# populating chroot useradd -m -d /home/soju -s /sbin/nologin -k /var/empty -L daemon soju cd /home/soju mkdir -p etc/{soju,ssl} usr/bin usr/lib{,exec} cp /usr/lib/libc.so.* /usr/lib/libpthread.so.* usr/lib cp /usr/libexec/ld.so usr/libexec cp /etc/resolv.conf etc cp /etc/ssl/cert.pem etc/ssl cp /path/to/soju_repo/soju{,ctl} usr/bin cp /path/to/soju_repo/soju.{conf,db} etc/soju cp /etc/ssl/yourhostname.crt /etc/ssl/private/yourhostname.key etc/soju chown -R soju etc/soju/ # running soju from the chroot chroot -u soju -g soju /home/soju soju -config /etc/soju/soju.conf >>/var/log/soju.log 2>&1 &
If you want to run sojuctl from the chroot, then you can run:
chroot -u soju -g soju /home/soju sojuctl -config /etc/soju/soju.conf yourarguments
Alternatively, if soju is already running and you are connected under an admin account, you can run `/msg BouncerServ help` to see its available commands. For example, if you want to create a new user or add a new IRC network to it, then you can message BouncerServ and its appropriate command.
Autostart and Logging
To run it automatically on startup or whenever it stops, you can run it from a cron job.
You can add something like this to root's crontab (attempts to run soju every 5 minutes)
*/5 * * * * /usr/sbin/chroot -u soju -g soju /home/soju soju -config /etc/soju/soju.conf >>/var/log/soju.log 2>&1