This repository was archived by the owner on Dec 16, 2025. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathk8s_qwebirc.yaml
More file actions
510 lines (446 loc) · 16.3 KB
/
k8s_qwebirc.yaml
File metadata and controls
510 lines (446 loc) · 16.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
## __ __ _ ___ ____ ____
## __ \ \ / /__| |__|_ _| _ \ / ___|
## / _` \ \ /\ / / _ \ '_ \| || |_) | |
## | (_| |\ V V / __/ |_) | || _ <| |___
## \__, | \_/\_/ \___|_.__/___|_| \_\\____|
## |_|
##
## qwebirc is a fast, easy to use, free and open source IRC client
## https://qwebirc.org/ & https://github.com/qwebirc/qwebirc/
## https://github.com/Tob1as/docker-qwebirc
#---
#
#apiVersion: v1
#kind: Namespace
#metadata:
# name: irc
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: qwebirc
namespace: irc
spec:
replicas: 1
strategy:
type: RollingUpdate
selector:
matchLabels:
app: qwebirc
template:
metadata:
labels:
app: qwebirc
spec:
containers:
- name: qwebirc
image: ghcr.io/tob1as/docker-qwebirc:latest
imagePullPolicy: Always #IfNotPresent
env:
- name: HTML_COMPILE
value: "1"
ports:
- containerPort: 9090
name: qwebirc
protocol: TCP
livenessProbe:
tcpSocket:
port: 9090
failureThreshold: 4
initialDelaySeconds: 15
periodSeconds: 15
successThreshold: 1
timeoutSeconds: 10
readinessProbe:
tcpSocket:
port: 9090
failureThreshold: 4
initialDelaySeconds: 5
periodSeconds: 15
successThreshold: 1
timeoutSeconds: 10
resources:
requests:
memory: "128Mi"
cpu: "0.1"
limits:
memory: "512Mi"
cpu: "0.5"
volumeMounts:
- name: qwebirc-conf
mountPath: /qwebirc/config.py
subPath: config.py
readOnly: true
- name: qwebirc-certs
mountPath: /ssl
readOnly: true
restartPolicy: Always
volumes:
- name: qwebirc-conf
configMap:
name: qwebirc-conf
- name: qwebirc-certs
secret:
secretName: qwebirc-certs
#defaultMode: 0644
optional: true
---
# for nginx-ingress port (9090) settings, example: https://gist.github.com/superseb/ba6becd1a5e9c74ca17996aa59bcc67e
# and: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md
# and: https://github.com/rancher/rancher/issues/14744#issuecomment-1210466472
# OR: use nginx-ingress for qwebirc
apiVersion: v1
kind: Service
metadata:
name: qwebirc
namespace: irc
labels:
app: qwebirc
spec:
type: ClusterIP
ports:
- name: "qwebirc"
protocol: TCP
port: 9090
targetPort: 9090
selector:
app: qwebirc
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: qwebirc
namespace: irc
labels:
app: qwebirc
annotations:
## https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/
kubernetes.io/ingress.class: nginx
#nginx.ingress.kubernetes.io/ssl-redirect: "true"
#nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-buffering: "off"
spec:
tls:
- hosts:
- irc.example.com
secretName: ingress-tls-secret
rules:
- host: irc.example.com
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: qwebirc
port:
#name: qwebirc
number: 9090
---
## convert ssl files to base64, example:
## for i in $(find . -type f -regex ".*/.*\.\(crt\|key\|pem\)"); do echo -e "\nEncode-File $i:" ; cat $i | base64 -w0 ; done > ssl_convertinbase64.txt
## SSL for ingress
apiVersion: v1
kind: Secret
metadata:
name: ingress-tls-secret
namespace: irc
type: kubernetes.io/tls
data:
tls.crt: <ssl.crt>
tls.key: <ssl.key>
---
## SSL for qwebirc config
#apiVersion: v1
#kind: Secret
#metadata:
# name: qwebirc-certs
# namespace: irc
#type: Opaque
#data:
# server-fullchain.pem: <ssl.crt>
# server-key.pem: <ssl.key>
#
#---
apiVersion: v1
kind: ConfigMap
metadata:
name: qwebirc-conf
namespace: irc
labels:
app: qwebirc
data:
config.py: |-
# qwebirc configuration file
#
# This a Python program that is imported, so feel free to use any
# Python here!
#
# Note that some changes to this configuration file require re-running
# compile.py and others require restarting qwebirc (and some require
# both!)
# If in doubt always re-compile and restart.
# The following line is required, don't remove it!
from qwebirc.config_options import *
# IRC OPTIONS
# ---------------------------------------------------------------------
#
# OPTION: IRCSERVER
# Hostname (or IP address) of IRC server to connect to.
# OPTION: IRCPORT
# Port of IRC server to connect to.
IRCSERVER, IRCPORT = "irc.example.com", 6667
# OPTION: SSLPORT
# SSL port of IRC server to connect to.
# If this option is uncommented it will override IRCPORT.
#SSLPORT = 6697
# OPTION: REALNAME
# The realname field of IRC clients will be set to this value.
REALNAME = "qwebirc"
# OPTION: IDENT
# ident to use on irc, possible values include:
# - a string, e.g. IDENT = "webchat"
# - the literal value IDENT_HEX, this will set the ident to the
# a hexadecimal version of the users IP address, e.g
# IDENT = IDENT_HEX
# - the literal value IDENT_NICKNAME, this will use the users
# supplied nickname as their ident.
IDENT = IDENT_HEX
# OPTION: OUTGOING_IP
# The IP address to bind to when connecting to the IRC server.
#
# This will not change the IP address that qwebirc listens on.
# You will need to call run.py with the --ip/-i option if you
# want that.
#OUTGOING_IP = "127.0.0.1"
# OPTION: WEBIRC_MODE
# This option controls how the IP/hostname of the connecting
# browser will be sent to IRC.
#
# Possible values include:
# - the string "webirc", i.e. WEBIRC_MODE = "webirc"
# Use WEBIRC type blocks, with a server configuration of
# the following style:
#
# cgiirc {
# type webirc;
# hostname <qwebirc's ip address>;
# password <password>;
# };
#
# Remember to set the WEBIRC_PASSWORD value to be the
# same as <password>.
# - the string "cgiirc", i.e. WEBIRC_MODE = "cgiirc"
# old style CGIIRC command, set CGIIRC_STRING to be the
# command used to set the ip/hostname, and set
# WEBIRC_PASSWORD to be the password used in the server's
# configuration file.
# - the literal value None, i.e. WEBIRC_MODE = None
# Send the IP and hostname in the realname field, overrides
# the REALNAME option.
WEBIRC_MODE = None
# OPTION: WEBIRC_PASSWORD
# Used for WEBIRC_MODE webirc and cgiirc, see WEBIRC_MODE
# option documentation.
#WEBIRC_PASSWORD = "fish"
# OPTION: CGIIRC_STRING
# Command sent to IRC server in for cgiirc WEBIRC_MODE.
# See WEBIRC_MODE option documentation.
#CGIIRC_STRING = "CGIIRC"
# UI OPTIONS
# ---------------------------------------------------------------------
#
# OPTION: BASE_URL
# URL that this qwebirc instance will be available at, add the
# port number if your instance runs on a port other than 80.
#BASE_URL = "https://irc.example.com:9090/"
BASE_URL = "http://irc.example.com:9090/"
# OPTION: NETWORK_NAME
# The name of your IRC network, displayed throughout the
# application.
NETWORK_NAME = "FooNet"
# OPTION: LOGO_URL
# URL (relative or absolute) to your logo (max height 68 pixels).
# If not set the default network name will shown in text.
# Can be set to "" to display the logo box without setting the
# logo (for use with CUSTOM_CSS)
#LOGO_URL="images/logo.png"
# OPTION: CUSTOM_CSS
# Filename of custom css to include.
# Must be in the css directory.
#CUSTOM_CSS="mynetwork.css"
# OPTION: ANALYTICS_HTML
# If you have an analytics service, you can paste the HTML
# between the triple quotes.
#ANALYTICS_HTML = """
#"""
# OPTION: CUSTOM_MENU_ITEMS
# Adds custom URLs to the top left menu.
#CUSTOM_MENU_ITEMS = [
# ["Help!", "http://www.my.help.site.example/"],
# ["Privacy policy", "http://www.privacy.policy.example/"],
#]
# OPTION: APP_TITLE
# The title of the application in the web browser.
APP_TITLE = NETWORK_NAME + " Web IRC"
# NICKNAME VALIDATION OPTIONS
# ---------------------------------------------------------------------
#
# OPTION: NICKNAME_VALIDATE
# If True then user nicknames will be validated according to
# the configuration below, otherwise they will be passed
# directly to the ircd.
NICKNAME_VALIDATE = True
# OPTION: NICKNAME_VALID_FIRST_CHAR
# A string containing valid characters for the first letter of
# a nickname.
# Default is as in RFC1459.
import string
NICKNAME_VALID_FIRST_CHAR = string.letters + "_[]{}`^\\|"
# OPTION: NICKNAME_VALID_SUBSEQUENT_CHAR
# A string containing valid characters for the rest of the
# nickname.
NICKNAME_VALID_SUBSEQUENT_CHARS = NICKNAME_VALID_FIRST_CHAR + string.digits + "-"
# OPTION: NICKNAME_MINIMUM_LENGTH
# Minimum characters permitted in a nickname on your network.
NICKNAME_MINIMUM_LENGTH = 2
# OPTION: NICKNAME_MAXIMUM_LENGTH
# Maximum characters permitted in a nickname on your network.
# Ideally we'd extract this from the ircd, but we need to know
# before we connect.
NICKNAME_MAXIMUM_LENGTH = 15
# ADMIN ENGINE OPTIONS
# ---------------------------------------------------------------------
#
# OPTION: ADMIN_ENGINE_HOSTS:
# List of IP addresses to allow onto the admin engine at
# http://instance/adminengine
ADMIN_ENGINE_HOSTS = ["127.0.0.1"]
# PROXY OPTIONS
# ---------------------------------------------------------------------
#
# OPTION: FORWARDED_FOR_HEADER
# If you're using a proxy that passes through a forwarded-for
# header set this option to the header name, also set
# FORWARDED_FOR_IPS.
FORWARDED_FOR_HEADER="x-forwarded-for"
# OPTION: FORWARDED_FOR_IPS
# This option specifies the IP addresses that forwarded-for
# headers will be accepted from.
FORWARDED_FOR_IPS=["127.0.0.1"]
# EXECUTION OPTIONS
# ---------------------------------------------------------------------
#
# OPTION: ARGS (optional)
# These arguments will be used as if qwebirc was run directly
# with them, see run.py --help for a list of options.
#ARGS = "-n -p 3989"
ARGS = "-p 9090"
#ARGS = "-p 9090 -C /ssl/server-fullchain.pem -k /ssl/server-key.pem"
# OPTION: SYSLOG_ADDR (optional)
# Used in conjunction with util/syslog.py and -s option.
# This option specifies the address and port that syslog
# datagrams will be sent to.
#SYSLOG_ADDR = "127.0.0.1", 514
# TUNEABLE VALUES
# ---------------------------------------------------------------------
#
# You probably don't want to fiddle with these unless you really know
# what you're doing...
# OPTION: UPDATE_FREQ
# Maximum rate (in seconds) at which updates will be propagated
# to clients
UPDATE_FREQ = 0.5
# OPTION: MAXBUFLEN
# Maximum client AJAX recieve buffer size (in bytes), if this
# buffer size is exceeded then the client will be disconnected.
# This value should match the client sendq size in your ircd's
# configuration.
MAXBUFLEN = 100000
# OPTION: MAXSUBSCRIPTIONS
# Maximum amount of 'subscriptions' to a specific AJAX channel,
# i.e. an IRC connection.
# In theory with a value greater than one you can connect more
# than one web IRC client to the same IRC connection, ala
# irssi-proxy.
MAXSUBSCRIPTIONS = 1
# OPTION: MAXLINELEN
# If the client sends a line greater than MAXLINELEN (in bytes)
# then they will be disconnected.
# Note that IRC normally silently drops messages >=512 bytes.
MAXLINELEN = 600
# OPTION: DNS_TIMEOUT
# DNS requests that do not respond within DNS_TIMEOUT seconds
# will be cancelled.
DNS_TIMEOUT = 5
# OPTION: HTTP_AJAX_REQUEST_TIMEOUT
# Connections made to the AJAX engine are closed after this
# this many seconds.
# Note that this value is intimately linked with the client
# AJAX code at this time, changing it will result in bad
# things happening.
HTTP_AJAX_REQUEST_TIMEOUT = 295
# OPTION: HTTP_REQUEST_TIMEOUT
# Connections made to everything but the AJAX engine will
# be closed after this many seconds, including connections
# that haven't started/completed an HTTP request.
HTTP_REQUEST_TIMEOUT = 5
# OPTION: STATIC_BASE_URL
# This value is used to build the URL for all static HTTP
# requests.
# You'd find this useful if you're running multiple qwebirc
# instances on the same host.
STATIC_BASE_URL = ""
# OPTION: DYNAMIC_BASE_URL
# This value is used to build the URL for all dynamic HTTP
# requests.
# You'd find this useful if you're running multiple qwebirc
# instances on the same host.
DYNAMIC_BASE_URL = ""
# OPTION: DYNAMIC_CONFIGURATION
# If True then request configuration from the backend when we
# initially connect.
DYNAMIC_CONFIGURATION = False
# OPTION: CONNECTION_RESOLVER
# A list of (ip, port) tuples of resolvers to use for looking
# the SRV record(s) used for connecting to the name set in
# IRC_SERVER.
# The default value is None, and in this case qwebirc will use
# the system's default resolver(s).
CONNECTION_RESOLVER = None
# OPTION: ACCOUNT_WHOIS_COMMAND
# Command sent when a username is clicked.
#ACCOUNT_WHOIS_COMMAND = "/msg Q whois #"
# QUAKENET SPECIFIC VALUES
# ---------------------------------------------------------------------
#
# These values are of no interest if you're not QuakeNet.
# At present they still need to be set, this will change soon.
#
# OPTION: HMACKEY
# Shared key to use with hmac WEBIRC_MODE.
HMACKEY = "mrmoo"
# OPTION: HMACTEMPORAL
# Divisor used for modulo HMAC timestamp generation.
HMACTEMPORAL = 30
# OPTION: AUTHGATEDOMAIN
# Domain accepted inside authgate tickets.
AUTHGATEDOMAIN = "webchat_test"
# OPTION: QTICKETKEY
# Key shared with the authgate that is used to decrypt
# qtickets.
QTICKETKEY = "boo"
# OPTION: AUTH_SERVICE
# Service that auth commands are sent to. Also used to check
# responses from said service.
#AUTH_SERVICE = "Q!TheQBot@CServe.quakenet.org"
AUTH_SERVICE = "none"
# OPTION: AUTH_OK_REGEX
# JavaScript regular expression that should match when
# AUTH_SERVICE has returned an acceptable response to
# authentication.
AUTH_OK_REGEX = "^You are now logged in as [^ ]+\\.$"
# OPTION: AUTHGATEPROVIDER
# Authgate module to use, normally imported directly.
# dummyauthgate does nothing.
import dummyauthgate as AUTHGATEPROVIDER