ZNC
Jump to navigation
Jump to search
Guide to ZNC
This page describes client and server setup for ZNC with LDAP authentication. For more info on ZNC, see [1].
Server setup
Saslauthd setup
For LDAP authentication, we use the Cyrusauth module [2], which needs to communicate with the SASL authentication daemon (saslauthd).
-
On the server, install the following packages:
apt install sasl2-bin ca-certificates
-
Open /etc/default/saslauthd, and change the following lines:
START=yes MECHANISM="ldap"
-
Paste the following into /etc/saslauthd.conf:
ldap_servers: ldaps://auth1.csclub.uwaterloo.ca ldaps://auth2.csclub.uwaterloo.ca ldap_search_base: ou=People,dc=csclub,dc=uwaterloo,dc=ca ldap_filter: (uid=%u)
-
Start saslauthd:
# service saslauthd start
-
Test saslauthd to make sure it's working:
$ testsaslauthd -u "your_csc_username" -p "your_csc_password"
You should see a response like
0: OK "Success."
ZNC setup
-
Install ZNC:
# apt install znc
-
Add a user for ZNC and create an initial configuration:
# useradd -s /bin/bash -m znc # usermod -a -G sasl znc # su - znc $ znc --makeconf
Note that the znc user must be part of the sasl group to communicate with saslauthd.
- Visit the web interface at <SERVER_IP>:<PORT>. Note that you may need to modify your browser settings so that you can visit a website at port 6667 or 6697.
- Log in using your admin credentials, then go to "Global Settings". Check the "cyrusauth" box, type "saslauthd" in the arguments input field, then scroll to the bottom and click "Save".
-
You will now need to connect to ZNC with an IRC client. The commands below assume Weechat is being used, but other clients should be similar.
/server add myznc <SERVER_IP>/<PORT> -username=<ADMIN_USERNAME> -password=<ADMIN_PASSWORD> /connect myznc /alias add znc /quote znc /znc *Cyrusauth CreateUsers yes
This will tell ZNC to create a new user on their first login.