InspIRCd v4 is still early in development!
If you use this branch you may experience crashes, weird behaviour, and unannounced breaking changes.
You probably want to use InspIRCd v3 instead.
The "sslrehashsignal" Module (v4)
This module depends on UNIX-specific features and must be manually enabled at compile time.
If you are building on a UNIX platform you can enable this module using the following command:
./configure --enable-extras sslrehashsignal
Description
This module allows the SIGUSR1
signal to be sent to the server to reload TLS (SSL) certificates.
Configuration
To load this module use the following <module>
tag:
<module name="sslrehashsignal">
This module requires no other configuration.
Signals
Name | Description |
---|---|
SIGUSR1 | Reloads the server's TLS (SSL) certificates. |
Special Notes
If you are using an automated tool such as Certbot for renewing your certificates you may find it useful to use the following script as a deploy hook:
#!/bin/sh
set -e
# The location your renewal tool places your certificates.
CERT_DIR="/etc/letsencrypt/live/irc.example.com"
# The location of the InspIRCd config directory.
INSPIRCD_CONFIG_DIR="/etc/inspircd"
# The location of the InspIRCd pid file.
INSPIRCD_PID_FILE="/var/run/inspircd/inspircd.pid"
# The user:group that InspIRCd runs as.
INSPIRCD_OWNER="inspircd:inspircd"
if [ -e ${CERT_DIR} -a -e ${INSPIRCD_CONFIG_DIR} ]
then
cp "${CERT_DIR}/fullchain.pem" "${INSPIRCD_CONFIG_DIR}/cert.pem"
cp "${CERT_DIR}/privkey.pem" "${INSPIRCD_CONFIG_DIR}/key.pem"
chown ${INSPIRCD_OWNER} "${INSPIRCD_CONFIG_DIR}/cert.pem" "${INSPIRCD_CONFIG_DIR}/key.pem"
if [ -e ${INSPIRCD_PID_FILE} ]
then
kill -USR1 `cat ${INSPIRCD_PID_FILE}`
fi
fi