{"id":14128363,"url":"https://github.com/dhellmann/ansible-znc-on-znc","last_synced_at":"2025-02-23T10:41:36.284Z","repository":{"id":26909769,"uuid":"30371616","full_name":"dhellmann/ansible-znc-on-znc","owner":"dhellmann","description":"Configures multiple ZNC bouncer instances so each client can have its own scroll back log.","archived":false,"fork":false,"pushed_at":"2021-02-24T15:26:17.000Z","size":52,"stargazers_count":19,"open_issues_count":1,"forks_count":16,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-01-04T22:35:34.514Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dhellmann.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-02-05T18:39:05.000Z","updated_at":"2021-02-24T15:26:21.000Z","dependencies_parsed_at":"2022-09-02T00:52:14.173Z","dependency_job_id":null,"html_url":"https://github.com/dhellmann/ansible-znc-on-znc","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dhellmann%2Fansible-znc-on-znc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dhellmann%2Fansible-znc-on-znc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dhellmann%2Fansible-znc-on-znc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dhellmann%2Fansible-znc-on-znc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dhellmann","download_url":"https://codeload.github.com/dhellmann/ansible-znc-on-znc/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240304574,"owners_count":19780312,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-15T16:01:36.718Z","updated_at":"2025-02-23T10:41:36.232Z","avatar_url":"https://github.com/dhellmann.png","language":null,"funding_links":[],"categories":["Others"],"sub_categories":[],"readme":"znc-on-znc\n==========\n\nThis role makes it easy to create a set of connected ZNC bouncer\ninstances, so that each IRC client has its own scrollback.\n\nThis work is based on the work of Sean Dague and Dan Smith, as\ndescribed in https://dague.net/2014/09/13/my-irc-proxy-setup/\n\nA base ZNC instance is configured to talk to the IRC servers\nupstream. Then separate child servers are created and exposed for\nclients to connect to. Each child server has its own self-signed SSL\ncertificate and ZNC configuration file. A monit service is configured\nfor each ZNC server to ensure that the bouncer itself stays running.\n\nRequirements\n------------\n\nYou need accounts on whatever IRC server(s) you use.\n\nYou need to generate hashed password values for the user connecting to\nthe ZNC servers. Generate these values using \"znc --makepass\".\n\nYou will need to manage the firewall settings for the host you run\nthis on to expose the ports configured for each client service.\n\nRole Variables\n--------------\n\n* znc_system_user\n\n  User to use on the system to run znc.  By default it will be the same user as\n  what Ansible uses to connect to the system.\n\n* znc_system_group\n\n  Group to use on the system to run znc.  By default it will be the same group\n  as what Ansible uses to connect to the system.\n\n* znc_config_dir\n\n  Base directory for the personal ZNC configuration files. A separate\n  subdirectory is created under this path for each server. Must be\n  writable by the user running the ZNC services. Must be a full\n  path. Defaults to ~/znc.\n\n* znc_base_port\n\n  The TCP port for the base ZNC server to listen on. Clients do not\n  usually connect to this server, so the port doesn't really matter,\n  but it's configurable anyway. Defaults to 6666.\n\n* znc_max_buffer_size\n\n  The MaxBufferSize for the server.\n\n* znc_user\n\n  Dictionary containing credentials to be used to connect to the ZNC\n  bouncer. Generate these values using \"znc --makepass\".\n\n  * name\n\n    The user name.\n\n  * hash\n\n    The hashed password.\n\n  * method\n\n    The hash encryption method used. Defaults to SHA256.\n\n  * salt\n\n    The salt value used for the encryption.\n\n  * password\n\n    The unencrypted password value, used to let the child servers\n    connect to the base server.\n\n* znc_nick\n\n  The nickname to use on the IRC server.\n\n* znc_alt_nick\n\n  The alternate nickname to fall back to if znc_nick is\n  taken. Defaults to znc_nick + \"_\".\n\n* znc_buffer\n\n  The number of lines to buffer. Defaults to 500.\n\n* znc_quit_msg\n\n  Message to use when ZNC shuts down.\n\n* znc_real_name\n\n  A fuller name than the nick or ident.\n\n* znc_extra_modules\n\n  A list of module names to be added to the base server. For example,\n  include the \"log\" module to log all conversations and include\n  \"webadmin\" to enable the web UI.\n\n* znc_networks\n\n  The IRC networks to connect to. For each network, specify:\n\n  * name\n\n    The unique name of the network. For example, \"freenode\".\n\n  * ident\n\n    The confirmed identity on the IRC service. Frequently this is the\n    same as the nick, but multiple nicks can be associated with a single\n    identity. (Changed from the single value \"znc_ident\" as part of 2.x.)\n\n  * server_name\n\n    The hostname or IP of the IRC server. For example,\n    \"chat.freenode.net\".\n\n  * server_port\n\n    The port on which to connect. For SSL connections, append \"+\" to\n    the port number. For example, \"6667\" or \"6667+\".\n\n* znc_server_passwords\n\n  Mapping of network names to passwords for connecting to them as the\n  confirmed identity in the ident field. Replaces the\n  \"server_password\" parameter to allow the passwords to be stored\n  separately in a file managed with ansible-vault.\n\n* znc_channels\n\n  List of names of channels to join by default.\n\n* znc_clients\n\n  List of ZNC instances to run for different clients.\n\n  * name\n\n    The name of the client. Avoid spaces and punctuation because the\n    name is used to identify the service and name configuration files\n    and directories.\n\n  * host\n\n    The host/IP on which the client should listen.\n\n  * port\n\n    The port on which the client should listen. This port needs to be\n    exposed through your firewall. The service runs as the the user\n    ansible is using, so the port shouldn't be privileged. (See\n    znc_firewall_bypass_port.)\n\n  * ipv4\n\n    Enable IPv4. Defaults to true.\n\n  * ipv6\n\n    Enable IPv6. Defaults to false.\n\n  * buffer\n\n    Override znc_buffer for this connection. Optional, defaults to\n    value of znc_buffer.\n\n  * use_ssl\n\n    Boolean flag to control whether SSL is used. Defaults to true.\n\n  * ssl_protocols\n\n    String passed to the SSLProtocols variable in the ZNC\n    config. Defaults to empty, which does not set the value and uses\n    the default for SSLProtocols.\n\n* znc_firewall_bypass_port\n\n  Many corporate and public wifi networks block outgoing connections\n  to \"arbitrary\" or IRC ports. To bypass these, many users configure\n  their IRC bouncer to listen on a port that is more likely to be\n  open, such as 443. Because this playbook configures services to run\n  as a regular non-root user, the services cannot be bound directly to\n  port 443. Instead, this option can be used to specify one port\n  number that should be mapped to 443 using rinetd.\n\nConfiguring Your IRC Client\n---------------------------\n\nConfigure your client to connect to your server using one of the\nsettings from the `znc_clients` variable. SSL is always enabled for\nall connections.\n\nDependencies\n------------\n\nNone\n\nExample Playbook\n----------------\n\nIncluding an example of how to use your role (for instance, with\nvariables passed in as parameters) is always nice for users too:\n\n    - hosts: znc\n      roles:\n        - znc-on-znc\n      vars:\n        # By default we will run znc as the same user/group Ansible uses to\n        # connect to the system.  If you prefer to specify a different\n        # user/group or if Ansible uses the root user you can specify the\n        # user/group to run znc.  To run znc as the user 'znc' and group 'znc'\n        # uncomment the following two lines:\n        #znc_system_user: znc\n        #znc_system_group: znc\n        # znc_user and znc_server_passwords can go into a vault-encrypted file.\n        znc_user:\n          name: dhellmann\n          hash: hashhashhash\n          method: SHA256\n          salt: \"saltsaltsalt\"\n          password: unencryptedpass\n        znc_server_passwords:\n          freenode: supersecretvalue\n          tech404: evenmoresecretvalue\n        # The remaining values are safe to leave in the playbook in clear text.\n        znc_nick: dhellmann\n        znc_quit_msg: disconnecting\n        znc_real_name: Doug Hellmann\n        znc_networks:\n          - name: freenode\n            server_name: chat.freenode.net\n            server_port: 6667\n            ident: dhellmann\n            channels:\n              - \"#openstack\"\n              - \"#openstack-dev\"\n              - \"#openstack-infra\"\n              - \"#openstack-meeting\"\n              - \"#openstack-meeting-3\"\n              - \"#openstack-meeting-alt\"\n              - \"#openstack-oslo\"\n              - \"#wsme\"\n          - name: tech404\n            ident: dhellmann\n            server_name: tech404.irc.slack.com\n            server_port: \"+6697\"\n            channels:\n              - \"#python\"\n              - \"#openstack\"\n        znc_firewall_bypass_port: 6672\n        znc_clients:\n          - name: hubert\n            port: 6667\n          - name: lrrr\n            port: 6672\n            auto_clear_chan_buffer: true\n          - name: phone\n            port: 6673\n            buffer: 100\n            auto_clear_chan_buffer: true\n          - name: ipad\n            port: 6677\n            buffer: 100\n            auto_clear_chan_buffer: true\n\nLicense\n-------\n\nBSD\n\nAuthor Information\n------------------\n\nDoug Hellmann\n\n\nTODO\n----\n\n* Restart ZNC instances when their configuration files change.\n* Support using vault for passwords.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdhellmann%2Fansible-znc-on-znc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdhellmann%2Fansible-znc-on-znc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdhellmann%2Fansible-znc-on-znc/lists"}