Quassel Web

Follow up on my second blog post where I installed quassel, now I want to setup the Quassel Web, and rest-search

I’m basing this on a vultr guide just because I used this plus a bunch of issues and random help pages to get it working.

Personally I have my quassel running on sub-domain, instead of the root with /quassel, using sockets to connect instead of http proxy, for extra security and possibily extra speed.

  1. Create a new user quassel-webserver with useradd -d /opt/quassel-webserver -M -r quassel-webserver
  2. git clone https://github.com/magne4000/quassel-webserver.git /opt/quassel-webserver
  3. chown -R quassel-webserver:quasselweb-server /opt/quassel-webserver

  4. su - quassel-webserver

  5. I then followed this issue, specifcially the last comment to get it actually installed.

  6. npm install --production

  7. copy settings.js to settings-user.js and make the following changes

    host: 'localhost',
forcedefault: 'true',

  8. Put that service file into /lib/systemd/system/quassel-webserver.service

  9. Enable and start the service.

  10. Copy nginx server block into /etc/nginx/sites-enabled/chat.conf and edit the domains to match correctly.

Nginx server block

This runs on chat.domain.com, and has an external location for certbot acme.

server {
        listen 80;
        server_name chat.domain.com;
        location '/.well-known/acme-challenge/' {
                root /var/www/acme/; #certbot
        }

        location / {
                return 301 https://$host$request_uri;
        }
}

server {
        listen 443;
        ssl on;
        server_name chat.domain.com;

        ssl_certificate /etc/letsencrypt/live/chat.domain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/chat.domain.com/privkey.pem;

        location / {
                proxy_pass http://unix:/var/run/quassel-webserver/quassel-webserver.sock;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_http_version 1.1;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_redirect off;
        }
}

SySTemD service (With sockets)

[Unit]
Description=Quassel Web server for web-based IRC chatting
After=local-fs.target network.target

[Service]
Type=simple
User=quassel-web
# Run ExecStartPre with root-permissions to create socket
# Directory creation and socket deletion can fail, but chown ownership is required
PermissionsStartOnly=true
ExecStartPre=-/bin/mkdir /var/run/quassel-web
ExecStartPre=/bin/chown -R quassel-web:quassel-web /var/run/quassel-web/
ExecStartPre=-/bin/rm /var/run/quassel-web/quassel-web.sock
# Run ExecStart with User/Group permissions above
ExecStart=/usr/bin/node "/opt/quassel-web/quassel_web_root/qweb/quassel-webserver/app.js" --socket="/var/run/quassel-web/quassel-web.sock"

[Install]
WantedBy=multi-user.target