Quassel Web
Follow up on my second blog post where I installed quassel, now I want to setup the Quassel Web, and rest-search
I’m basing this on a vultr guide just because I used this plus a bunch of issues and random help pages to get it working.
Personally I have my quassel running on sub-domain, instead of the root with /quassel, using sockets to connect instead of http proxy, for extra security and possibily extra speed.
- Create a new user
quassel-webserver
withuseradd -d /opt/quassel-webserver -M -r quassel-webserver
git clone https://github.com/magne4000/quassel-webserver.git /opt/quassel-webserver
chown -R quassel-webserver:quasselweb-server /opt/quassel-webserver
su - quassel-webserver
I then followed this issue, specifcially the last comment to get it actually installed.
npm install --production
copy settings.js to settings-user.js and make the following changes
host: 'localhost', forcedefault: 'true',
Put that service file into
/lib/systemd/system/quassel-webserver.service
Enable and start the service.
Copy nginx server block into
/etc/nginx/sites-enabled/chat.conf
and edit the domains to match correctly.
Nginx server block
This runs on chat.domain.com, and has an external location for certbot acme.
server {
listen 80;
server_name chat.domain.com;
location '/.well-known/acme-challenge/' {
root /var/www/acme/; #certbot
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443;
ssl on;
server_name chat.domain.com;
ssl_certificate /etc/letsencrypt/live/chat.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/chat.domain.com/privkey.pem;
location / {
proxy_pass http://unix:/var/run/quassel-webserver/quassel-webserver.sock;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
}
}
SySTemD service (With sockets)
[Unit]
Description=Quassel Web server for web-based IRC chatting
After=local-fs.target network.target
[Service]
Type=simple
User=quassel-web
# Run ExecStartPre with root-permissions to create socket
# Directory creation and socket deletion can fail, but chown ownership is required
PermissionsStartOnly=true
ExecStartPre=-/bin/mkdir /var/run/quassel-web
ExecStartPre=/bin/chown -R quassel-web:quassel-web /var/run/quassel-web/
ExecStartPre=-/bin/rm /var/run/quassel-web/quassel-web.sock
# Run ExecStart with User/Group permissions above
ExecStart=/usr/bin/node "/opt/quassel-web/quassel_web_root/qweb/quassel-webserver/app.js" --socket="/var/run/quassel-web/quassel-web.sock"
[Install]
WantedBy=multi-user.target