# Setting up "The Lounge" web IRC client in a Jail



## Trigex (Jan 15, 2020)

After quite a bit of playing around this setup for The Lounge _(My first production-deployed jail!), _I think I've got something fairly solid built up! Here's a little guide to reproduce what I've done:

Install sysutils/ezjail on your target host machine, if you haven't already and go through the generic setup:

Setup the secondary loopback interface for your jails:
`sysrc cloned_interfaces="lo1"`
`service netif cloneup`

Enable and start ezjail:
`sysrc ezjail_enable="YES"`
`service ezjail start`

Create your basejail:
`ezjail-admin install -p`

Copy your host machine's /etc/resolv.conf to the newjail template, assuming your host has a working dns configuration you'd like you use:
`cp /etc/resolv.conf /usr/jails/newjail/etc/resolv.conf`

Create a jail for The Lounge:
(Replace "ue0" with your external network interface, which you can find with `ifconfig`)
`ezjail-admin create thelounge 'lo1|127.0.1.1,ue0|192.168.1.50'`

Start and enter the jail:
`ezjail-admin start thelounge`
`ezjail-admin console thelounge`

Bootstrap pkg, and update the package database:
_(If this hangs for awhile, internet probably isn't working properly in the jail!)_
`pkg update`

Install yarn and node:
`pkg install yarn node`

Create a user for The Lounge:
`pw adduser lounger -d /nonexistent -s /usr/sbin/nologin -c "The Lounge User"`

Make the configuration directory for The Lounge:
`mkdir /usr/local/etc/thelounge`
`chown lounger /usr/local/etc/thelounge`

Install The Lounge from the npm package:
_(Not sure for other architectures, but on arm64, the sqlite package fails to build, however it's not vital so don't worry!)_
`yarn global add thelounge`

Run The Lounge as lounger, making sure to set the "THELOUNGE_HOME" enviroment variable, which ensures our configuration ends up in our desired directory:
`su -m lounger -c "setenv THELOUNGE_HOME /usr/local/etc/thelounge; /usr/local/bin/thelounge start`
This will initialize all it's configuration files, press Ctrl+C after it stops printing output

Create a The Lounge user, which is the account you'll use to connect:
`su -m lounger -c "setenv THELOUNGE_HOME /usr/local/etc/thelounge; /usr/local/bin/thelounge add myuser`

Create an rc script for the lounge, which lets your control it via service:
`mkdir -p /usr/local/etc/rc.d && vi /usr/local/etc/rc.d/thelounge`
Insert the following script:

```
#!/bin/sh

. /etc/rc.subr

name="thelounge"
rcvar=thelounge_enable

load_rc_config ${name}

command=/usr/local/bin/thelounge

start_cmd="${name}_start"
stop_cmd="${name}_stop"
status_cmd="${name}_status"

: ${thelounge_enable="NO"}
: ${thelounge_user="lounger"}
: ${thelounge_home="/usr/local/etc/thelounge"}

thelounge_start(){
        cmd="${command} start"
        if thelounge_running; then
                echo "The Lounge is already running!"
        else
                su -m ${thelounge_user} -c "setenv THELOUNGE_HOME ${thelounge_home}; ${cmd} &" > /dev
/null 2>&1
        fi
}

thelounge_stop(){
        # pretty bad way to do this, but it'll work lol
        if thelounge_running; then
                pgrep -u ${thelounge_user} | xargs -I _ kill -s SIGINT _
        else
                echo "The Lounge isn't currently running!"
        fi
}

thelounge_status(){
        if thelounge_running; then
                echo "The Lounge is up and running!"
        else
                echo "The Lounge isn't currently running! Aww!"
        fi
}

thelounge_running(){
        pids=$(pgrep -u ${thelounge_user})
        [ ! -z "$pids" ] && return 0 || return 1
}

run_rc_command "$1"
```

Save and exit vi, and mark the file as executable:
`chmod +x /usr/local/etc/rc.d/thelounge`

Enable the service:
`sysrc thelounge_enable="YES"`

Start the service:
`service thelounge start`

At this point, the lounge should be in a pretty solid state, but for the optimal configuration, we should reverse proxy to it from our host!

Run ifconfig, and take note of the ip on our jail's external interface:
`ifconfig`

```
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
    options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
    groups: lo
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
    options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
    inet 127.0.1.1 netmask 0xffffffff
    groups: lo
ue0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=80000<LINKSTATE>
    ether b8:27:eb:4b:85:33
    inet 192.168.1.50 netmask 0xffffffff broadcast 192.168.1.50
    media: Ethernet autoselect (1000baseT <full-duplex>)
    status: active
```

In this case, it's "192.168.1.50" under ue0

Exit from the jail to the host:
`exit`

Install nginx, if you haven't already:
`pkg install nginx`

Configure Nginx as your reverse proxy (If you know what you're doing, you can configure this yourself, otherwise, you should delete the contents of the file and insert this config:
`vi /usr/local/etc/nginx/nginx.conf`

```
worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

    server {
        server_name 192.168.1.50; # optionally set this to the domain you want The Lounge on
        listen 80;
        client_max_body_size 10m;

        location / {
            proxy_pass http://192.168.1.50:9000/; # your jail ip at port 9000 (the default port for The Lounge
            proxy_http_version 1.1;
            proxy_set_header Connection "upgrade";
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-Proto $scheme;
        }
    }
}
```

Enable and start nginx:
`sysrc nginx_enable="YES"`
`service nginx start`

And now, if you had any luck, if you visit 192.168.1.50 in your web browser, you should get the The Lounge! It's a pretty dang sweet piece of kit, so hope this may have helped anyone out there 

BONUS CLIENT SCRIPT!!!!!:
If you'd like to run The Lounge in it's own window, www/surf makes for the perfect tool!

On your desktop, create the following script:
`vi /usr/local/bin/thelounge`

```
surf "192.168.1.50" # again, set to your configured server name
```
`chmod +x /usr/local/bin/thelounge`

And a nifty .desktop file!
`mkdir -p ~/.local/share/applications && vi ~/.local/share/applications/thelounge.desktop`

```
[Desktop Entry]
Comment=The comfiest place to lounge!
Exec=/usr/local/bin/thelounge
Icon=/home/youruser/.icons/thelounge.svg
Categories=Chat;IRC;Instant Messaging;
Name=The Lounge
StartupNotify=false
Terminal=false
Type=Application
```
`mkdir -p ~/.icons && fetch https://files.catbox.moe/390dtv.svg -o ~/.icons/thelounge.svg`

Then, you should be able to launch it from something like dmenu, or rofi, or your start menu, I don't know yer desktop


----------



## lucenera (May 24, 2022)

Hi, your guide was very helpful: I finally managed to switch from an Ubuntu server to one with FreeBSD 13.1. I manage the jail with BastilleBSD and I encountered only one problem: even though I entered thelounge_enable="YES” in the jail's rc.conf file, the service still does not start automatically when the jail starts; I have to do it manually. What can it depend on? Other services start normally.


----------

