Home Explore Help
Register Sign In
EPuters_Mirrors
/
almanack_mirror
Watch 2
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: main
Branches Tags
almanack_mir...
/
wiki.d
/
Pylink.Chroot

Pylink.Chroot 26 KB
Permalink History Raw

1234567891011121314151617181920212223242526 
  1. version=pmwiki-2.2.130 ordered=1 urlencoded=1
    2. 

  2. agent=w3m/0.5.3+git20210102
    3. 

  3. author=jrmu
    4. 

  4. charset=UTF-8
    5. 

  5. csum=
    6. 

  6. ctime=1627710549
    7. 

  7. host=38.87.162.8
    8. 

  8. name=Pylink.Chroot
    9. 

  9. rev=4
    10. 

  10. targets=Oidentd.Install
    11. 

  11. text=(:title Pylink Install Guide:)%0a%0aPyLink is a relay that can help connect channels across multiple networks together.%0a%0aAdvantages:%0a%0a# Can link up channels on multiple networks quickly%0a# Shows all users on the home server%0a%0aDisadvantages:%0a%0a# Bloated and insecure%0a# Buggy and unstable, crashes frequently%0a# Requires channel owner to op the bot to link%0a# Bad spam defenses%0a%0aPyLink should eventually be replaced with a more reliable relay written in pure C.%0a%0a!! Installation%0a%0aFirst we install all python related dependencies:%0a%0a[@%0a$ doas pkg_add python%253.8 py3-pip git%0a$ doas useradd -m -g =uid -c pylink -d /home/pylink -s /bin/ksh pylink%0a$ doas su pylink%0a$ cd%0a$ git clone https://github.com/jlu5/PyLink && cd PyLink%0a$ pip3.8 install setuptools --user%0a$ pip3.8 install pyyaml --user%0a$ pip3.8 install cachetools --user%0a$ pip3.8 install passlib --user%0a$ pip3.8 install Unidecode --user%0a$ pip3.8 install psutil --user%0a$ cd PyLink%0a$ python3 setup.py install --user%0a@]%0a%0aPyLink does not appear very secure, so we will create a chroot for it. We run the following commands as root:%0a%0a[@%0amkdir -p /home/pylink/usr/local/bin%0amkdir -p /home/pylink/usr/local/lib%0amkdir -p /home/pylink/usr/local/include/%0amkdir -p /home/pylink/usr/local/lib/pkgconfig/%0amkdir -p /home/pylink/usr/local/share/doc/%0amkdir -p /home/pylink/usr/lib%0amkdir -p /home/pylink/usr/libexec%0amkdir -p /home/pylink/var/run/%0amkdir -p /home/pylink/usr/local/man/man1/%0amkdir -p /home/pylink/usr/local/share/aclocal-1.11/am/%0amkdir -p /home/pylink/etc/ssl/%0acp /usr/local/bin/python3 /home/pylink/usr/local/bin/%0acp /usr/local/bin/python3.8-config /home/pylink/usr/local/bin/%0acp /usr/local/bin/python3-config /home/pylink/usr/local/bin/%0acp /usr/local/bin/python3.8 /home/pylink/usr/local/bin/%0acp /usr/local/lib/libpython3.8.so.0.0 /home/pylink/usr/local/lib/%0acp /usr/local/lib/libintl.so.7.0 /home/pylink/usr/local/lib/%0acp /usr/lib/libpthread.so.26.1 /home/pylink/usr/lib/%0acp /usr/lib/libutil.so.15.0 /home/pylink/usr/lib/%0acp /usr/lib/libm.so.10.1 /home/pylink/usr/lib/%0acp /usr/lib/libc.so.96.0 /home/pylink/usr/lib/%0acp /usr/local/lib/libiconv.so.7.0 /home/pylink/usr/local/lib/%0acp /usr/libexec/ld.so /home/pylink/usr/libexec/%0acp /var/run/ld.so.hints /home/pylink/var/run/%0acp -R /usr/local/include/python3.8 /home/pylink/usr/local/include/%0acp /usr/local/lib/pkgconfig/python-3.8.pc /home/pylink/usr/local/lib/pkgconfig/%0acp /usr/local/lib/pkgconfig/python3.pc /home/pylink/usr/local/lib/pkgconfig/%0acp /usr/local/lib/pkgconfig/python-3.8-embed.pc /home/pylink/usr/local/lib/pkgconfig/%0acp /usr/local/lib/pkgconfig/python3-embed.pc /home/pylink/usr/local/lib/pkgconfig/%0acp -R /usr/local/lib/python3.8 /home/pylink/usr/local/lib/%0acp /usr/local/man/man1/python3.1 /home/pylink/usr/local/man/man1/%0acp /usr/local/man/man1/python3.8.1 /home/pylink/usr/local/man/man1/%0acp -R /usr/local/share/doc/python3.8 /home/pylink/usr/local/share/doc/%0acp /usr/local/share/aclocal-1.11/python.m4 /home/pylink/usr/local/share/aclocal-1.11/%0acp /usr/local/share/automake-1.11/am/python.am /home/pylink/usr/local/share/aclocal-1.11/am/%0acp /etc/resolv.conf /home/pylink/etc/%0acp /etc/ssl/cert.pem /home/pylink/etc/ssl/%0acp /usr/local/bin/pip3.8 /home/pylink/usr/local/bin/%0acp -R /usr/lib/ /home/pylink/usr/%0acp -R /usr/local/lib/ /home/pylink/usr/local/%0achroot -u pylink -g pylink /home/pylink pip3.8 install setuptools --user%0achroot -u pylink -g pylink /home/pylink pip3.8 install pyyaml --user%0achroot -u pylink -g pylink /home/pylink pip3.8 install cachetools --user%0achroot -u pylink -g pylink /home/pylink pip3.8 install passlib --user%0achroot -u pylink -g pylink /home/pylink pip3.8 install unidecode --user%0a@]%0a%0a(:if false:)%0achroot -u pylink -g pylink /home/pylink pip3.8 install psutil --user%0a(:ifend:)%0a%0aAfterwards, we run the following as the user pylink:%0a%0a[@%0a$ cd ~/PyLink%0a$ cp example-conf.yml pylink.yml%0a@]%0a%0aWe then edit pylink.yml:%0a%0a[@%0apylink:%0a    nick: BotNick%0a    ident: BotIdent%0a    realname: Relay%0a    serverdesc: Relay%0a    prefix: "&"%0a    spawn_services: false%0a@]%0a%0aIn order for ident to display properly, you must install and configure [[oidentd/install|oidentd]].%0a%0aYou will want to run this as the user pylink to generate a password hash:%0a%0a[@%0a/home/pylink/PyLink/pylink-mkpasswd%0aPassword: %0a$pbkdf2-sha256$29000$AeBcKwWA0HqvNUYIgbBWqg$9EPkgnfsLsZHJk9YJy16MKqTEKCvZohdT1MyAbXQTjQ%0a@]%0a%0aThe login section below lets us pick a username and password for administering the bot. Use the password hash you generated above:%0a%0a[@%0alogin:%0a    accounts:%0a        username:%0a            password: "$6$rounds=81447$WlVlZYCgbnjPmVqy$28Tu/Zl0xNpePqimax2wABKn5GCoWomYEI1Pu5jqYyQNULazR4BxQmscZ0MgBHqBCCke.3u5eOtBSZwL3WwVf0"%0a            encrypted: true%0a            #require_oper: true%0a            #hosts: ["*!*@localhost", "*!*@trusted.isp"]%0apermissions:%0a    "username":%0a        - "*"%0a@]%0a%0aFor extra security, we recommend you uncomment #require_oper and set it to true, so that only opers can login. We also recommend you uncomment #hosts and set it to properly match your vhost. This will make it harder for someone to steal your relay.%0a%0aIn the permissions block, you can replace username with a full hostmask for more security.%0a%0aNow we specify the server running on our VPS:%0a%0a[@%0aservers:%0a    your:%0a        ip: 127.0.0.1%0a        port: 16667%0a        recvpass: "abcdefghijklmnopqrstuvwxyz"%0a        sendpass: "abcdefghijklmnopqrstuvwxyz"%0a        bindhost: 10.0.0.1%0a        netname: "YourNet"%0a        hostname: "relay.example.com"%0a        sid: "0PY"%0a        sidrange: "8##"%0a        protocol: "ngircd"%0a        maxnicklen: 16%0a        ssl: false%0a        autoconnect: 10%0a@]%0a%0aFor the short network name (here named @@your@@), pick something 3-5 letters that represents your network. Keep it short. ip should remain 127.0.0.1 in order to connect to localhost. We want to use port 16667 (ports 16667 and 16697 are reserved for server to server links). Note that we do not need to use SSL because we are connecting to localhost. recvpass and sendpass are the server passwords we must specify in /etc/ngircd/ngircd.conf in the [Server] block.  The netname is YourNet, the hostname depends upon your team's domain. You can leave sid and sidrange unchanged.%0a%0aFor each server you want to connect, add a new block like below:%0a%0a[@%0a    oftc:%0a        ip: irc.oftc.net%0a        port: 6697%0a        netname: "OFTC"%0a        protocol: "clientbot"%0a        pylink_nick: BotNick%0a        pylink_ident: BotIdent%0a        pylink_altnicks: ["BotNick`", "BotNick-"]%0a        ssl: true%0a        autoconnect: 30%0a        throttle_time: 1.0%0a@]%0a%0aThis block is for OFTC.%0a%0a[@%0aplugins:%0a    - commands%0a    - networks%0a    - ctcp%0a    - relay%0a    - relay_clientbot%0a    - servprotect%0a    - antispam%0a    - raw%0a@]%0a%0aWe are going to uncomment the relay and relay_clientbot plugins so we can relay in client mode.%0a%0aNext, we set up logging:%0a%0a[@%0alogging:%0a    console: INFO%0a    channels:%0a#        your:%0a#            "#services":%0a#                loglevel: INFO%0a#            "#pylink-notifications":%0a#                loglevel: WARNING%0a    files:%0a        "errors":%0a            loglevel: ERROR%0a        "commands":%0a            loglevel: INFO%0a@]%0a%0aIf you want to log to a channel, uncomment those lines, then replace @@your@@ with your shortened network name and replace with your channel names. I prefer to just have error messages go to console and files.%0a%0aWe delete the changehost plugin, then add clientbot_styles to the relay plugin in order to make the relay less noisy:%0a%0a[@%0arelay:%0a    allow_free_oper_links: true%0a    tag_nicks: true%0a    forcetag_nicks:%0a        - "*Serv"%0a    separator: "/"%0a    allow_clientbot_pms: true%0a    hideoper: true%0a    show_netsplits: false%0a    accept_weird_senders: false%0a    whois_show_accounts: all%0a    whois_show_server: opers%0a    clientbot_styles:%0a        ACTION: ""%0a        JOIN: ""%0a        KICK: ""%0a        MESSAGE: "%3c$sender> $text"%0a        MODE: ""%0a        NICK: ""%0a        NOTICE: "%3c$sender> $text"%0a        PART: ""%0a        PM: "PM from $sender on $netname: $text"%0a        PNOTICE: "%3c$sender> $text"%0a        QUIT: ""%0a        SJOIN: ""%0a        SQUIT: ""%0a@]%0a%0aI delete the games and global plugin. Then, for automode and stats:%0a%0a[@%0aautomode:%0a    nick: Automode%0a    joinmodes: 'o'%0a    prefix: "@"%0astats:%0a    time_format: "%25c"%0a@]%0a%0aNow we configure antispam to block mass highlights, part/quit floods, and profanity. You can adjust the word lists (the word shibboleth is used as a test phrase):%0a%0a[@%0aantispam:%0a    masshighlight:%0a        enabled: true%0a        punishment: block%0a        reason: "Mass highlight spam is prohibited"%0a        min_length: 50%0a        min_nicks: 5%0a    textfilter:%0a        enabled: true%0a        punishment: block%0a        reason: "Spam is prohibited"%0a        watch_pms: true%0a    textfilter_globs:%0a         - "*shibboleth*"%0a    partquit:%0a@]%0a%0aYou'll need to add this to /etc/ngircd/ngircd.conf:%0a%0a[@%0a[Server]%0a        Name = relay.example.com%0a        Host = 127.0.0.1%0a        Bind = 38.81.163.143%0a        Port = 16667%0a        MyPassword = fyLnwwxSvxc2gpn3AM994FMitD%0a        PeerPassword = fyLnwwxSvxc2gpn3AM994FMitD%0a        ;Group = 123%0a        Passive = no%0a        SSLConnect = no %0a@]%0a%0aReplace 38.81.163.143 with your IP address.%0a%0aWe reload ngircd.conf:%0a%0a[@%0a$ doas rcctl reload ngircd%0a@]%0a%0aThen we start PyLink by running it inside a chroot:%0a%0a[@%0a$ doas su%0a# export HOME=/%0a# chroot -u pylink -g pylink /home/pylink python3.8 PyLink/pylink PyLink/pylink.yml%0a@]%0a%0a!! Logging in%0a%0a[@%0a/msg %3cbotnick> login username password%0a/msg %3cbotnick> create #channel%0a/msg %3cbotnick> remote %3cother> link %3cyour> #channel%0a15:39 -botnick(botident@f6e1cdd3)- Joining '#channel' now to check for op status; please run this command again after I join.%0a@]%0a%0aNow op the bot, then run the command again:%0a%0a[@%0a/msg %3cbotnick> remote %3cother> link %3cyour> #channel%0a15:39 -botnick(botident@f6e1cdd3)- Done.%0a@]%0a%0aFinally, to prevent pylink from accidentally de-opping other users:%0a%0a[@%0a/msg %3cbotnick> claim #channel -%0a@]%0a%0a!! Troubleshooting%0a%0aSometimes PyLink may crash, and when you attempt to restart it, it says that the PID file already exists: %0a%0a[@%0a$ doas su%0a# export HOME=/%0a# chroot -u pylink -g pylink /home/pylink python3.8 PyLink/pylink PyLink/pylink.yml%0a2021-02-12 00:19:39,495 [ERROR] PID file 'pylink.pid' exists; aborting!%0a@]%0a%0aSimply remove the file:%0a%0a[@%0a# rm /home/pylink/pylink.pid%0a# rm /home/pylink/PyLink/pylink.pid%0a@]%0a%0aIf the bot ever gets stuck and you can't kill it:%0a%0a[@%0a$ ps ax | grep pylink%0a22986 p7  S+       0:03.08 python3.8 PyLink/pylink PyLink/pylink.yml%0a$ doas kill -KILL 22986%0a@]%0a%0aReplace 22986 with whatever process ID python has.%0a%0aOr use an simpler command:%0a%0a[@%0acd /home/pylink%0adoas kill -KILL `cat pylink.pid`%0a@]%0a
    12. 

  12. time=1638453790
    13. 

  13. title=Pylink Install Guide
    14. 

  14. author:1638453790=jrmu
    15. 

  15. diff:1638453790:1638453683:=272a273,310%0a>          - "* arse *"%0a>          - "* ass *"%0a>          - "* asses *"%0a>          - "*asshole*"%0a>          - "*bastard*"%0a>          - "*bitch*"%0a>          - "*blow job*"%0a>          - "*blowjob*"%0a>          - "*bollock*"%0a>          - "* boner *"%0a>          - "* boob *"%0a>          - "* boobs *"%0a>          - "* cock *"%0a>          - "* cocks *"   %0a>          - "*cocksuck*"%0a>          - "* crap*"  %0a>          - "* cum *"%0a>          - "* cumming*"%0a>          - "* cunt*" %0a>          - "*dick*"%0a>          - "* dildo*"  %0a>          - "*ejaculat*"%0a>          - "* fag*"%0a>          - "*fatass*"%0a>          - "*fuck*"%0a>          - "* jizz*"%0a>          - "* horny*"%0a>          - "*mast?rbat*"%0a>          - "*nigger*"%0a>          - "*nigga*"%0a>          - "* piss*"%0a>          - "*pussies*"%0a>          - "*pussy*"%0a>          - "* shit*"%0a>          - "* slut*"%0a>          - "* suck*"%0a>          - "* tits*"%0a>          - "* whore*"%0a
    16. 

  16. host:1638453790=38.87.162.8
    17. 

  17. author:1638453683=jrmu
    18. 

  18. diff:1638453683:1638453591:=24c24%0a%3c $ doas pkg_add python%253.8 py3-pip git%0a---%0a> $ doas pkg_add python%253.8 py3-pip%2520.1 git%0a
    19. 

  19. host:1638453683=38.87.162.8
    20. 

  20. author:1638453591=jrmu
    21. 

  21. diff:1638453591:1627710549:=24c24%0a%3c $ doas pkg_add python%253.8 py3-pip%2520.1 git%0a---%0a> $ doas pkg_add python-3.8.6p0 py3-pip-20.1.1p0 git%0a
    22. 

  22. host:1638453591=38.87.162.8
    23. 

  23. author:1627710549=jrmu
    24. 

  24. diff:1627710549:1627710549:=1,401d0%0a%3c (:title Pylink Install Guide:)%0a%3c %0a%3c PyLink is a relay that can help connect channels across multiple networks together.%0a%3c %0a%3c Advantages:%0a%3c %0a%3c # Can link up channels on multiple networks quickly%0a%3c # Shows all users on the home server%0a%3c %0a%3c Disadvantages:%0a%3c %0a%3c # Bloated and insecure%0a%3c # Buggy and unstable, crashes frequently%0a%3c # Requires channel owner to op the bot to link%0a%3c # Bad spam defenses%0a%3c %0a%3c PyLink should eventually be replaced with a more reliable relay written in pure C.%0a%3c %0a%3c !! Installation%0a%3c %0a%3c First we install all python related dependencies:%0a%3c %0a%3c [@%0a%3c $ doas pkg_add python-3.8.6p0 py3-pip-20.1.1p0 git%0a%3c $ doas useradd -m -g =uid -c pylink -d /home/pylink -s /bin/ksh pylink%0a%3c $ doas su pylink%0a%3c $ cd%0a%3c $ git clone https://github.com/jlu5/PyLink && cd PyLink%0a%3c $ pip3.8 install setuptools --user%0a%3c $ pip3.8 install pyyaml --user%0a%3c $ pip3.8 install cachetools --user%0a%3c $ pip3.8 install passlib --user%0a%3c $ pip3.8 install Unidecode --user%0a%3c $ pip3.8 install psutil --user%0a%3c $ cd PyLink%0a%3c $ python3 setup.py install --user%0a%3c @]%0a%3c %0a%3c PyLink does not appear very secure, so we will create a chroot for it. We run the following commands as root:%0a%3c %0a%3c [@%0a%3c mkdir -p /home/pylink/usr/local/bin%0a%3c mkdir -p /home/pylink/usr/local/lib%0a%3c mkdir -p /home/pylink/usr/local/include/%0a%3c mkdir -p /home/pylink/usr/local/lib/pkgconfig/%0a%3c mkdir -p /home/pylink/usr/local/share/doc/%0a%3c mkdir -p /home/pylink/usr/lib%0a%3c mkdir -p /home/pylink/usr/libexec%0a%3c mkdir -p /home/pylink/var/run/%0a%3c mkdir -p /home/pylink/usr/local/man/man1/%0a%3c mkdir -p /home/pylink/usr/local/share/aclocal-1.11/am/%0a%3c mkdir -p /home/pylink/etc/ssl/%0a%3c cp /usr/local/bin/python3 /home/pylink/usr/local/bin/%0a%3c cp /usr/local/bin/python3.8-config /home/pylink/usr/local/bin/%0a%3c cp /usr/local/bin/python3-config /home/pylink/usr/local/bin/%0a%3c cp /usr/local/bin/python3.8 /home/pylink/usr/local/bin/%0a%3c cp /usr/local/lib/libpython3.8.so.0.0 /home/pylink/usr/local/lib/%0a%3c cp /usr/local/lib/libintl.so.7.0 /home/pylink/usr/local/lib/%0a%3c cp /usr/lib/libpthread.so.26.1 /home/pylink/usr/lib/%0a%3c cp /usr/lib/libutil.so.15.0 /home/pylink/usr/lib/%0a%3c cp /usr/lib/libm.so.10.1 /home/pylink/usr/lib/%0a%3c cp /usr/lib/libc.so.96.0 /home/pylink/usr/lib/%0a%3c cp /usr/local/lib/libiconv.so.7.0 /home/pylink/usr/local/lib/%0a%3c cp /usr/libexec/ld.so /home/pylink/usr/libexec/%0a%3c cp /var/run/ld.so.hints /home/pylink/var/run/%0a%3c cp -R /usr/local/include/python3.8 /home/pylink/usr/local/include/%0a%3c cp /usr/local/lib/pkgconfig/python-3.8.pc /home/pylink/usr/local/lib/pkgconfig/%0a%3c cp /usr/local/lib/pkgconfig/python3.pc /home/pylink/usr/local/lib/pkgconfig/%0a%3c cp /usr/local/lib/pkgconfig/python-3.8-embed.pc /home/pylink/usr/local/lib/pkgconfig/%0a%3c cp /usr/local/lib/pkgconfig/python3-embed.pc /home/pylink/usr/local/lib/pkgconfig/%0a%3c cp -R /usr/local/lib/python3.8 /home/pylink/usr/local/lib/%0a%3c cp /usr/local/man/man1/python3.1 /home/pylink/usr/local/man/man1/%0a%3c cp /usr/local/man/man1/python3.8.1 /home/pylink/usr/local/man/man1/%0a%3c cp -R /usr/local/share/doc/python3.8 /home/pylink/usr/local/share/doc/%0a%3c cp /usr/local/share/aclocal-1.11/python.m4 /home/pylink/usr/local/share/aclocal-1.11/%0a%3c cp /usr/local/share/automake-1.11/am/python.am /home/pylink/usr/local/share/aclocal-1.11/am/%0a%3c cp /etc/resolv.conf /home/pylink/etc/%0a%3c cp /etc/ssl/cert.pem /home/pylink/etc/ssl/%0a%3c cp /usr/local/bin/pip3.8 /home/pylink/usr/local/bin/%0a%3c cp -R /usr/lib/ /home/pylink/usr/%0a%3c cp -R /usr/local/lib/ /home/pylink/usr/local/%0a%3c chroot -u pylink -g pylink /home/pylink pip3.8 install setuptools --user%0a%3c chroot -u pylink -g pylink /home/pylink pip3.8 install pyyaml --user%0a%3c chroot -u pylink -g pylink /home/pylink pip3.8 install cachetools --user%0a%3c chroot -u pylink -g pylink /home/pylink pip3.8 install passlib --user%0a%3c chroot -u pylink -g pylink /home/pylink pip3.8 install unidecode --user%0a%3c @]%0a%3c %0a%3c (:if false:)%0a%3c chroot -u pylink -g pylink /home/pylink pip3.8 install psutil --user%0a%3c (:ifend:)%0a%3c %0a%3c Afterwards, we run the following as the user pylink:%0a%3c %0a%3c [@%0a%3c $ cd ~/PyLink%0a%3c $ cp example-conf.yml pylink.yml%0a%3c @]%0a%3c %0a%3c We then edit pylink.yml:%0a%3c %0a%3c [@%0a%3c pylink:%0a%3c     nick: BotNick%0a%3c     ident: BotIdent%0a%3c     realname: Relay%0a%3c     serverdesc: Relay%0a%3c     prefix: "&"%0a%3c     spawn_services: false%0a%3c @]%0a%3c %0a%3c In order for ident to display properly, you must install and configure [[oidentd/install|oidentd]].%0a%3c %0a%3c You will want to run this as the user pylink to generate a password hash:%0a%3c %0a%3c [@%0a%3c /home/pylink/PyLink/pylink-mkpasswd%0a%3c Password: %0a%3c $pbkdf2-sha256$29000$AeBcKwWA0HqvNUYIgbBWqg$9EPkgnfsLsZHJk9YJy16MKqTEKCvZohdT1MyAbXQTjQ%0a%3c @]%0a%3c %0a%3c The login section below lets us pick a username and password for administering the bot. Use the password hash you generated above:%0a%3c %0a%3c [@%0a%3c login:%0a%3c     accounts:%0a%3c         username:%0a%3c             password: "$6$rounds=81447$WlVlZYCgbnjPmVqy$28Tu/Zl0xNpePqimax2wABKn5GCoWomYEI1Pu5jqYyQNULazR4BxQmscZ0MgBHqBCCke.3u5eOtBSZwL3WwVf0"%0a%3c             encrypted: true%0a%3c             #require_oper: true%0a%3c             #hosts: ["*!*@localhost", "*!*@trusted.isp"]%0a%3c permissions:%0a%3c     "username":%0a%3c         - "*"%0a%3c @]%0a%3c %0a%3c For extra security, we recommend you uncomment #require_oper and set it to true, so that only opers can login. We also recommend you uncomment #hosts and set it to properly match your vhost. This will make it harder for someone to steal your relay.%0a%3c %0a%3c In the permissions block, you can replace username with a full hostmask for more security.%0a%3c %0a%3c Now we specify the server running on our VPS:%0a%3c %0a%3c [@%0a%3c servers:%0a%3c     your:%0a%3c         ip: 127.0.0.1%0a%3c         port: 16667%0a%3c         recvpass: "abcdefghijklmnopqrstuvwxyz"%0a%3c         sendpass: "abcdefghijklmnopqrstuvwxyz"%0a%3c         bindhost: 10.0.0.1%0a%3c         netname: "YourNet"%0a%3c         hostname: "relay.example.com"%0a%3c         sid: "0PY"%0a%3c         sidrange: "8##"%0a%3c         protocol: "ngircd"%0a%3c         maxnicklen: 16%0a%3c         ssl: false%0a%3c         autoconnect: 10%0a%3c @]%0a%3c %0a%3c For the short network name (here named @@your@@), pick something 3-5 letters that represents your network. Keep it short. ip should remain 127.0.0.1 in order to connect to localhost. We want to use port 16667 (ports 16667 and 16697 are reserved for server to server links). Note that we do not need to use SSL because we are connecting to localhost. recvpass and sendpass are the server passwords we must specify in /etc/ngircd/ngircd.conf in the [Server] block.  The netname is YourNet, the hostname depends upon your team's domain. You can leave sid and sidrange unchanged.%0a%3c %0a%3c For each server you want to connect, add a new block like below:%0a%3c %0a%3c [@%0a%3c     oftc:%0a%3c         ip: irc.oftc.net%0a%3c         port: 6697%0a%3c         netname: "OFTC"%0a%3c         protocol: "clientbot"%0a%3c         pylink_nick: BotNick%0a%3c         pylink_ident: BotIdent%0a%3c         pylink_altnicks: ["BotNick`", "BotNick-"]%0a%3c         ssl: true%0a%3c         autoconnect: 30%0a%3c         throttle_time: 1.0%0a%3c @]%0a%3c %0a%3c This block is for OFTC.%0a%3c %0a%3c [@%0a%3c plugins:%0a%3c     - commands%0a%3c     - networks%0a%3c     - ctcp%0a%3c     - relay%0a%3c     - relay_clientbot%0a%3c     - servprotect%0a%3c     - antispam%0a%3c     - raw%0a%3c @]%0a%3c %0a%3c We are going to uncomment the relay and relay_clientbot plugins so we can relay in client mode.%0a%3c %0a%3c Next, we set up logging:%0a%3c %0a%3c [@%0a%3c logging:%0a%3c     console: INFO%0a%3c     channels:%0a%3c #        your:%0a%3c #            "#services":%0a%3c #                loglevel: INFO%0a%3c #            "#pylink-notifications":%0a%3c #                loglevel: WARNING%0a%3c     files:%0a%3c         "errors":%0a%3c             loglevel: ERROR%0a%3c         "commands":%0a%3c             loglevel: INFO%0a%3c @]%0a%3c %0a%3c If you want to log to a channel, uncomment those lines, then replace @@your@@ with your shortened network name and replace with your channel names. I prefer to just have error messages go to console and files.%0a%3c %0a%3c We delete the changehost plugin, then add clientbot_styles to the relay plugin in order to make the relay less noisy:%0a%3c %0a%3c [@%0a%3c relay:%0a%3c     allow_free_oper_links: true%0a%3c     tag_nicks: true%0a%3c     forcetag_nicks:%0a%3c         - "*Serv"%0a%3c     separator: "/"%0a%3c     allow_clientbot_pms: true%0a%3c     hideoper: true%0a%3c     show_netsplits: false%0a%3c     accept_weird_senders: false%0a%3c     whois_show_accounts: all%0a%3c     whois_show_server: opers%0a%3c     clientbot_styles:%0a%3c         ACTION: ""%0a%3c         JOIN: ""%0a%3c         KICK: ""%0a%3c         MESSAGE: "%3c$sender> $text"%0a%3c         MODE: ""%0a%3c         NICK: ""%0a%3c         NOTICE: "%3c$sender> $text"%0a%3c         PART: ""%0a%3c         PM: "PM from $sender on $netname: $text"%0a%3c         PNOTICE: "%3c$sender> $text"%0a%3c         QUIT: ""%0a%3c         SJOIN: ""%0a%3c         SQUIT: ""%0a%3c @]%0a%3c %0a%3c I delete the games and global plugin. Then, for automode and stats:%0a%3c %0a%3c [@%0a%3c automode:%0a%3c     nick: Automode%0a%3c     joinmodes: 'o'%0a%3c     prefix: "@"%0a%3c stats:%0a%3c     time_format: "%25c"%0a%3c @]%0a%3c %0a%3c Now we configure antispam to block mass highlights, part/quit floods, and profanity. You can adjust the word lists (the word shibboleth is used as a test phrase):%0a%3c %0a%3c [@%0a%3c antispam:%0a%3c     masshighlight:%0a%3c         enabled: true%0a%3c         punishment: block%0a%3c         reason: "Mass highlight spam is prohibited"%0a%3c         min_length: 50%0a%3c         min_nicks: 5%0a%3c     textfilter:%0a%3c         enabled: true%0a%3c         punishment: block%0a%3c         reason: "Spam is prohibited"%0a%3c         watch_pms: true%0a%3c     textfilter_globs:%0a%3c          - "* arse *"%0a%3c          - "* ass *"%0a%3c          - "* asses *"%0a%3c          - "*asshole*"%0a%3c          - "*bastard*"%0a%3c          - "*bitch*"%0a%3c          - "*blow job*"%0a%3c          - "*blowjob*"%0a%3c          - "*bollock*"%0a%3c          - "* boner *"%0a%3c          - "* boob *"%0a%3c          - "* boobs *"%0a%3c          - "* cock *"%0a%3c          - "* cocks *"   %0a%3c          - "*cocksuck*"%0a%3c          - "* crap*"  %0a%3c          - "* cum *"%0a%3c          - "* cumming*"%0a%3c          - "* cunt*" %0a%3c          - "*dick*"%0a%3c          - "* dildo*"  %0a%3c          - "*ejaculat*"%0a%3c          - "* fag*"%0a%3c          - "*fatass*"%0a%3c          - "*fuck*"%0a%3c          - "* jizz*"%0a%3c          - "* horny*"%0a%3c          - "*mast?rbat*"%0a%3c          - "*nigger*"%0a%3c          - "*nigga*"%0a%3c          - "* piss*"%0a%3c          - "*pussies*"%0a%3c          - "*pussy*"%0a%3c          - "* shit*"%0a%3c          - "* slut*"%0a%3c          - "* suck*"%0a%3c          - "* tits*"%0a%3c          - "* whore*"%0a%3c          - "*shibboleth*"%0a%3c     partquit:%0a%3c @]%0a%3c %0a%3c You'll need to add this to /etc/ngircd/ngircd.conf:%0a%3c %0a%3c [@%0a%3c [Server]%0a%3c         Name = relay.example.com%0a%3c         Host = 127.0.0.1%0a%3c         Bind = 38.81.163.143%0a%3c         Port = 16667%0a%3c         MyPassword = fyLnwwxSvxc2gpn3AM994FMitD%0a%3c         PeerPassword = fyLnwwxSvxc2gpn3AM994FMitD%0a%3c         ;Group = 123%0a%3c         Passive = no%0a%3c         SSLConnect = no %0a%3c @]%0a%3c %0a%3c Replace 38.81.163.143 with your IP address.%0a%3c %0a%3c We reload ngircd.conf:%0a%3c %0a%3c [@%0a%3c $ doas rcctl reload ngircd%0a%3c @]%0a%3c %0a%3c Then we start PyLink by running it inside a chroot:%0a%3c %0a%3c [@%0a%3c $ doas su%0a%3c # export HOME=/%0a%3c # chroot -u pylink -g pylink /home/pylink python3.8 PyLink/pylink PyLink/pylink.yml%0a%3c @]%0a%3c %0a%3c !! Logging in%0a%3c %0a%3c [@%0a%3c /msg %3cbotnick> login username password%0a%3c /msg %3cbotnick> create #channel%0a%3c /msg %3cbotnick> remote %3cother> link %3cyour> #channel%0a%3c 15:39 -botnick(botident@f6e1cdd3)- Joining '#channel' now to check for op status; please run this command again after I join.%0a%3c @]%0a%3c %0a%3c Now op the bot, then run the command again:%0a%3c %0a%3c [@%0a%3c /msg %3cbotnick> remote %3cother> link %3cyour> #channel%0a%3c 15:39 -botnick(botident@f6e1cdd3)- Done.%0a%3c @]%0a%3c %0a%3c Finally, to prevent pylink from accidentally de-opping other users:%0a%3c %0a%3c [@%0a%3c /msg %3cbotnick> claim #channel -%0a%3c @]%0a%3c %0a%3c !! Troubleshooting%0a%3c %0a%3c Sometimes PyLink may crash, and when you attempt to restart it, it says that the PID file already exists: %0a%3c %0a%3c [@%0a%3c $ doas su%0a%3c # export HOME=/%0a%3c # chroot -u pylink -g pylink /home/pylink python3.8 PyLink/pylink PyLink/pylink.yml%0a%3c 2021-02-12 00:19:39,495 [ERROR] PID file 'pylink.pid' exists; aborting!%0a%3c @]%0a%3c %0a%3c Simply remove the file:%0a%3c %0a%3c [@%0a%3c # rm /home/pylink/pylink.pid%0a%3c # rm /home/pylink/PyLink/pylink.pid%0a%3c @]%0a%3c %0a%3c If the bot ever gets stuck and you can't kill it:%0a%3c %0a%3c [@%0a%3c $ ps ax | grep pylink%0a%3c 22986 p7  S+       0:03.08 python3.8 PyLink/pylink PyLink/pylink.yml%0a%3c $ doas kill -KILL 22986%0a%3c @]%0a%3c %0a%3c Replace 22986 with whatever process ID python has.%0a%3c %0a%3c Or use an simpler command:%0a%3c %0a%3c [@%0a%3c cd /home/pylink%0a%3c doas kill -KILL `cat pylink.pid`%0a%3c @]%0a
    25. 

  25. host:1627710549=38.87.162.8
    26. 

  26.