If you wish to have your server added to the round-robin, please contact a wiki sysop so they can add you into the new round-robin system. You will have to provide the following information:
- Server name
- IPv4 and/or IPv6
- Region (must be one of: AMER, EURO or ASIA)
Your node must:
- Have a valid TLS certificate for the round-robin
- Be reachable over the Internet on ports 6667 and 6697
- Be linked to the network
- and have a relatively up to date version of UnrealIRCd
After your node gets added to the rotation it will be periodically scanned. You can check the status of your node in the rotation through this page
TLS certificate
Soon, to be part of the round-robin you will need a valid TLS certificate for both irc.letspiss.net
and your own server domain. To do this you can use acme.sh
(run the installer!). Here is an example of how to generate a certificate for both in one go (assuming you use cloudflare for your domain, for other providers check here):
# These are the credentials required to get the irc.letspiss.net certificate export ACMEDNS_BASE_URL="https://auth.autie.net" export ACMEDNS_USERNAME="7a72b116-70de-4a49-83a5-dcfeb2dfabb2" export ACMEDNS_PASSWORD="R6uA0z8-bwfU8xZxqbTIkoNUBE91Yrn7LN-34qRx" export ACMEDNS_SUBDOMAIN="cdd942bb-0b02-4e50-9bf0-639d61c60741" # You will have to change this! export CF_Token="aaaaabbbbbcccc" export CF_Account_ID="ddddeeeeeffff" export CF_Zone_ID="ggggghhhhiiii" ~/.acme.sh/acme.sh --issue -d irc.letspiss.net --dns dns_acmedns -d my.fancy.server.blah.com --dns dns_cf
You can also use standalone (requires you to run the command with root access (or sudo) ( --cert-home is recommended since else the certs will be placed in your /root directory)
/home/irc-user/.acme.sh/acme.sh --server letsencrypt --auto-upgrade --issue -d irc.letspiss.net --dns dns_acmedns -d my.fancy.server.blah.com --standalone --cert-home /home/irc-user/.acme.sh
If you use custom DNS or want to do this manually, run the above environment variable commands for ACMEDNS_*
and use the --yes-I-know-dns-manual-mode-enough-go-ahead-please
option (note this does not support automatic cert renewal, and it will have to be done manually) as shown below:
~/.acme.sh/acme.sh --server letsencrypt --auto-upgrade --issue -d irc.letspiss.net --dns dns_acmedns -d my.fancy.server.blah.com --yes-I-know-dns-manual-mode-enough-go-ahead-please
You will then need to manually add the new TXT
record to your DNS zone while acme.sh
is running.
After this you will have to edit your configs to look like this:
listen { ip *; port 6697; options { tls; } tls-options { certificate "/home/ircd/.acme.sh/irc.letspiss.net/fullchain.cer"; key "/home/ircd/.acme.sh/irc.letspiss.net/irc.letspiss.net.key"; }; }
Note: Do not change the certificate key for the serversonly
listen block or your spkifp will change and you won't be able to link to the network.
Alternatively, using two certificates
If you just want to use acme.sh
for the round-robin certificate and use your existing infrastructure for your other certificate(s), call acme.sh
as ~/.acme.sh/acme.sh --issue -d irc.letspiss.net --dns dns_acmedns
and add a SNI block instead of changing the config above:
sni irc.letspiss.net { tls-options { certificate "/home/ircd/.acme.sh/irc.letspiss.net/fullchain.cer"; key "/home/ircd/.acme.sh/irc.letspiss.net/irc.letspiss.net.key"; }; };
Alternatively to the alternative, use ZeroSSL
If we run out of the LetsEncrypt quota, we can use zerossl, by adding the --server zerossl
parameter to acme.sh
.
Current Rotation. NO LONGER IN USE
This section is collapsed by default. Click Expand on the right hand side to view.
(No longer in use, no need to add yourself here anymore)Previous list from the Pad Preserved Here, THIS IS NOT A ROTATION LIST.
This section is collapsed by default. Click Expand on the right hand side to view.