82 lines
2.3 KiB
Markdown
82 lines
2.3 KiB
Markdown
---
|
|
title: "QuasselCore on Debian 11"
|
|
date: 2022-02-13
|
|
draft: false
|
|
tags: ["linux", "kvm", "libvirt", "virsh", "irc", "quassel", "zfs", "debian"]
|
|
authors: ["trent"]
|
|
post: 33
|
|
---
|
|
date: 2022-02-13
|
|
|
|
## Introduction
|
|
After discovering how amazing wireguard vpn is on Android, I decided to move
|
|
my quasselcore server off of Ramnode, where I was securing it with LetsEncrypt
|
|
Certs, and instead run it on a double-natted kvm host on my home server
|
|
where I could give it more ram and cpu, and back up the entire vm image to my backup-backup server
|
|
using syncoid and zfs snapshots.
|
|
|
|
But there are a few little niggles, so I am writing it down.
|
|
|
|
## Install Packages
|
|
|
|
```shell
|
|
apt install postgresql postgresql-contrib quasselcore libqt5sql5-psql apparmor-utils
|
|
```
|
|
|
|
### stop quasselcore
|
|
```shell
|
|
systemctl stop quasselcore
|
|
```
|
|
### allow quasselcore in apparmor
|
|
so quasselcore user can read it's own configuration directory
|
|
```shell
|
|
aa-complain /usr/bin/quasselcore
|
|
systemctl restart apparmor
|
|
```
|
|
### postgresql socket connection
|
|
If you want to use Postgresql socket connection because
|
|
why wouldn't you, allow md5 authentication in `pg_hba.conf`
|
|
```conf
|
|
# /etc/postgresql/13/main/pg_hba.conf
|
|
local quassel quassel md5
|
|
```
|
|
```shell
|
|
systemctl restart postgresql
|
|
```
|
|
|
|
## Copy the Postgresql Database
|
|
### dump database on old/previous server
|
|
```shell
|
|
pg_dump -d quassel -f quasseldb.sql
|
|
```
|
|
### create database on new server
|
|
```psql
|
|
postgres# CREATE USER quassel;
|
|
postgres# \password quassel
|
|
postgres# CREATE DATABASE quassel WITH OWNER quassel;
|
|
```
|
|
### import database on new server
|
|
```shell
|
|
psql -d quassel -f quasseldb.sql
|
|
```
|
|
|
|
## Configure QuasselCore
|
|
```shell
|
|
sudo quasselcore --configdir=/var/lib/quassel --select-backend=Postgresql
|
|
```
|
|
When prompted for postgresql host, you can use `/var/run/postgresql` if
|
|
you want to use unix-socket.
|
|
|
|
Before starting quasselcore, make sure that all the files in `/var/lib/quassel`
|
|
are owned by quasselcore:quassel, and _they might not be_.
|
|
|
|
For other `quasselcore` options you can type `quasselcore -h`, but I chose to
|
|
use ufw to restrict the client port to the wireguard interface.
|
|
```shell
|
|
ufw allow in on wg1 to any port 4242
|
|
```
|
|
|
|
## Connect
|
|
To connect to your new `quasselcore`, open quassel client or quasseldroid
|
|
and simply change the host name.
|