feat(docker-compose, configuration): update volume paths and enhance Atheme service configuration

Refactor the docker-compose configuration to use local paths for data and logs for UnrealIRCd and Atheme services, improving clarity and accessibility. Introduce a new Atheme service configuration with dependencies and environment variables, ensuring proper setup for the IRC services. Additionally, add example configuration files for Atheme and update the webpanel configuration to align with the new structure. This enhances the overall usability and maintainability of the service configurations.

Author: kzndotsh

Containerfile

@@ -146,6 +146,9 @@ COPY --chown=ircd:ircd scripts/start-services.sh /usr/local/bin/start-services
 COPY --chown=ircd:ircd scripts/manage-modules.sh /usr/local/bin/manage-modules
 COPY --chown=ircd:ircd scripts/module-config.sh /usr/local/bin/module-config
 COPY --chown=ircd:ircd scripts/start-webpanel.sh /usr/local/bin/start-webpanel
+
+# Create directory for prepare-config script and copy it
+RUN mkdir -p /opt/irc/scripts
 COPY --chown=ircd:ircd scripts/prepare-config.sh /opt/irc/scripts/prepare-config.sh
 
 # Set proper permissions and create necessary symlinks
@@ -165,7 +168,7 @@ USER ircd:ircd
 WORKDIR /usr/local/unrealircd
 
 # Expose default IRC ports
-EXPOSE 6667 6697
+EXPOSE 6667 6697 6900 8600
 
 # Health check for both services
 HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \

compose.yaml

@@ -21,8 +21,8 @@ services:
     volumes:
       - ./unrealircd/conf:/usr/local/unrealircd/conf:ro
       - ./scripts:/opt/irc/scripts:ro
-      - unrealircd_data:/usr/local/unrealircd/data
-      - unrealircd_logs:/usr/local/unrealircd/logs
+      - ./data/unrealircd:/usr/local/unrealircd/data
+      - ./logs/unrealircd:/usr/local/unrealircd/logs
     # Use the ircd user (non-root) for security
     user: 1001:1001
 
@@ -70,68 +70,69 @@ services:
 
     # Volume mounts - persist certificates and credentials
     volumes:
-      - letsencrypt_data:/etc/letsencrypt
+      - ./data/letsencrypt:/etc/letsencrypt
       - ./cloudflare-credentials.ini:/etc/letsencrypt/cloudflare-credentials.ini:ro
 
     # Network access for DNS challenges
     networks:
       - irc_network
 
-  # atheme:
-  #   build:
-  #     context: .
-  #     dockerfile: Containerfile
-  #     target: runtime
-  #     args:
-  #       UNREALIRCD_VERSION: "6.1.10"
-  #       ATHEME_VERSION: "7.2.12"
-  #   container_name: atheme
-  #   hostname: atheme
-  #   depends_on:
-  #     unrealircd:
-  #       condition: service_healthy
-  #   volumes:
-  #     - atheme_data:/usr/local/atheme/data
-  #     - atheme_logs:/usr/local/atheme/logs
-  #     - ./services/atheme:/usr/local/atheme/etc:ro
-  #   environment:
-  #     - TZ=UTC
-  #     - ATHEME_CONF=/usr/local/atheme/etc/atheme-minimal.conf
-  #     - ATHEME_DATA=/usr/local/atheme/data
-  #   networks:
-  #     - irc_network
-  #   command: ["/usr/local/bin/atheme-services", "-c", "/usr/local/atheme/etc/atheme-minimal.conf"]
-  #   restart: unless-stopped
+  atheme:
+    build:
+      context: .
+      dockerfile: Containerfile
+      target: runtime
+      args:
+        UNREALIRCD_VERSION: "6.1.10"
+        ATHEME_VERSION: "7.2.12"
+    container_name: atheme
+    hostname: atheme
+    depends_on:
+      unrealircd:
+        condition: service_healthy
+    volumes:
+      - ./data/atheme:/usr/local/atheme/data
+      - ./logs/atheme:/usr/local/atheme/logs
+      - ./services/atheme:/usr/local/atheme/etc:ro
+    environment:
+      - TZ=UTC
+      - ATHEME_CONF=/usr/local/atheme/etc/atheme.conf
+      - ATHEME_DATA=/usr/local/atheme/data
+    networks:
+      - irc_network
+    command: ["/usr/local/bin/atheme-services", "-c", "/usr/local/atheme/etc/atheme.conf"]
+    restart: unless-stopped
 
-  # unrealircd-webpanel:
-  #   build:
-  #     context: .
-  #     dockerfile: web/webpanel/Containerfile
-  #   container_name: unrealircd-webpanel
-  #   hostname: unrealircd-webpanel
-  #   depends_on:
-  #     unrealircd:
-  #       condition: service_healthy
-  #   volumes:
-  #     - unrealircd-webpanel_data:/var/www/html/unrealircd-webpanel/data
-  #     - unrealircd-webpanel_config:/var/www/html/unrealircd-webpanel/config
-  #   environment:
-  #     - TZ=UTC
-  #     - UNREALIRCD_HOST=unrealircd
-  #     - UNREALIRCD_PORT=8600
-  #     - UNREALIRCD_RPC_USER=adminpanel
-  #     - UNREALIRCD_RPC_PASSWORD=webpanel_password_2024
-  #   ports:
-  #     - '8080:80'  # Web interface
-  #   networks:
-  #     - irc_network
-  #   restart: unless-stopped
-  #   healthcheck:
-  #     test: ["CMD", "curl", "-f", "http://localhost/unrealircd-webpanel/"]
-  #     interval: 30s
-  #     timeout: 10s
-  #     retries: 3
-  #     start_period: 60s
+  unrealircd-webpanel:
+    build:
+      context: .
+      dockerfile: web/webpanel/Containerfile
+    container_name: unrealircd-webpanel
+    hostname: unrealircd-webpanel
+    depends_on:
+      unrealircd:
+        condition: service_healthy
+    volumes:
+      - ./data/webpanel:/var/www/html/unrealircd-webpanel/data
+      - ./config/webpanel:/var/www/html/unrealircd-webpanel/config
+    env_file:
+      - path: .env
+        required: false
+    environment:
+      - TZ=UTC
+      - UNREALIRCD_HOST=unrealircd
+      - UNREALIRCD_PORT=${IRC_RPC_PORT:-8600}
+    ports:
+      - '8080:80'
+    networks:
+      - irc_network
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost/"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 60s
 
   # gamja:
   #   build:
@@ -166,7 +167,7 @@ services:
   #     unrealircd:
   #       condition: service_healthy
   #   volumes:
-  #     - thelounge_data:/var/opt/thelounge
+  #     - ./data/thelounge:/var/opt/thelounge
   #   networks:
   #     - irc_network
   #   ports:
@@ -177,25 +178,4 @@ networks:
   irc_network:
     driver: bridge
 
-volumes:
-  unrealircd_data:
-    driver: local
-  unrealircd_logs:
-    driver: local
-  unrealircd_modules:
-    driver: local
-  unrealircd_contrib:
-    driver: local
-  # atheme_data:
-    # driver: local
-  # atheme_logs:
-    # driver: local
-  # unrealircd-webpanel_data:
-    # driver: local
-  # unrealircd-webpanel_config:
-    # driver: local
-  # thelounge_data:
-    # driver: local
-  letsencrypt_data:
-    driver: local
 

docs/SECRET_MANAGEMENT.md

@@ -87,6 +87,20 @@ docker compose up unrealircd
 - `IRC_SSL_CERT_PATH` - SSL certificate path
 - `IRC_SSL_KEY_PATH` - SSL key path
 
+### **Atheme Services**
+- `ATHEME_SERVER_NAME` - Services server name
+- `ATHEME_SERVER_DESC` - Services server description
+- `ATHEME_UPLINK_HOST` - IRC server hostname/IP
+- `ATHEME_UPLINK_PORT` - IRC server port
+- `ATHEME_SEND_PASSWORD` - Password sent to IRC server
+- `ATHEME_RECEIVE_PASSWORD` - Password received from IRC server
+- `ATHEME_HELP_CHANNEL` - Help channel for users
+- `ATHEME_HELP_URL` - Help website URL
+
+### **Webpanel**
+- `WEBPANEL_RPC_USER` - RPC username for webpanel
+- `WEBPANEL_RPC_PASSWORD` - RPC password for webpanel
+
 ## 📝 **Making Configuration Changes**
 
 ### **✅ DO: Edit the Template**

env.example

@@ -7,6 +7,9 @@ IRC_PORT=6667
 IRC_TLS_PORT=6697
 IRC_SERVER_PORT=6900
 IRC_RPC_PORT=8600
+IRC_ROOT_DOMAIN=atl.chat
+IRC_SERVICES_SERVER=services.atl.chat
+IRC_SERVICES_PASSWORD=change_me_services_password_here
 
 # IRC Server Security
 [email protected]
@@ -20,16 +23,37 @@ IRC_OPER_PASSWORD='$argon2id$v=19$m=6144,t=2,p=2$WXOLpTE+DPDr8q6OBVTx3w$bqXpBsaA
 
 # SSL/TLS Configuration
 [email protected]
-SSL_CERT_PATH=./.runtime/certs
+IRC_SSL_CERT_PATH=./data/letsencrypt/live/irc.atl.chat/fullchain.pem
+IRC_SSL_KEY_PATH=./data/letsencrypt/live/irc.atl.chat/privkey.pem
 
 # Cloudflare DNS-01 Challenge (for automatic certificates)
-# Create cloudflare-credentials.ini from template
-# [email protected]
-# CLOUDFLARE_API_KEY=your-api-key-here
+# Create cloudflare-credentials.ini from cloudflare-credentials.ini.template
+# Add your API token to the credentials file (NOT as environment variable)
+
+# Atheme Services Configuration
+ATHEME_SERVER_NAME=services.atl.chat
+ATHEME_SERVER_DESC=All Things Linux IRC Services
+ATHEME_UPLINK_HOST=irc.atl.chat
+ATHEME_UPLINK_PORT=6900
+ATHEME_SEND_PASSWORD=change_me_atheme_send_password_here
+ATHEME_RECEIVE_PASSWORD=change_me_atheme_receive_password_here
+ATHEME_HELP_CHANNEL=#help
+ATHEME_HELP_URL=https://discord.gg/linux
 
 # Webpanel Configuration
+UNREALIRCD_HOST=unrealircd
+UNREALIRCD_PORT=8600
+UNREALIRCD_RPC_USER=adminpanel
+UNREALIRCD_RPC_PASSWORD=test1234
 WEBPANEL_RPC_USER=adminpanel
-WEBPANEL_RPC_PASSWORD=change_me_webpanel_password_here
+WEBPANEL_RPC_PASSWORD=test1234
+
+# Webpanel Database Configuration (for SQL authentication backend)
+DB_HOST=localhost
+DB_PORT=3306
+DB_NAME=unrealircdwebpanel
+DB_USER=unrealircdwebpanel
+DB_PASSWORD=change_me_webpanel_db_password_here
 
 # TheLounge Configuration
 THELOUNGE_PORT=9000

scripts/prepare-config.sh

@@ -75,14 +75,22 @@ prepare_config() {
     fi
 
     # Prepare Atheme configuration
-    if [ -f "$atheme_config" ]; then
+    local atheme_template="$PROJECT_ROOT/services/atheme/atheme.conf.template"
+    if [ -f "$atheme_template" ]; then
+        log_info "Preparing Atheme configuration from template..."
+        local temp_file="/tmp/atheme.conf.tmp"
+        envsubst < "$atheme_template" > "$temp_file"
+        mv "$temp_file" "$atheme_config"
+        log_success "Atheme configuration prepared from template"
+    elif [ -f "$atheme_config" ]; then
         log_info "Preparing Atheme configuration..."
         local temp_file="/tmp/atheme.conf.tmp"
         envsubst < "$atheme_config" > "$temp_file"
         mv "$temp_file" "$atheme_config"
         log_success "Atheme configuration prepared"
     else
         log_warning "Atheme configuration file not found: $atheme_config"
+        log_warning "Template file not found: $atheme_template"
     fi
 
     log_success "All configuration files prepared successfully"
@@ -98,6 +106,10 @@ prepare_config() {
     echo "  IRC_ROOT_DOMAIN: ${IRC_ROOT_DOMAIN:-'not set'}"
     echo "  IRC_SERVICES_PASSWORD: ${IRC_SERVICES_PASSWORD:-'not set'}"
     echo "  IRC_OPER_PASSWORD: ${IRC_OPER_PASSWORD:-'not set'}"
+    echo "  ATHEME_SERVER_NAME: ${ATHEME_SERVER_NAME:-'not set'}"
+    echo "  ATHEME_UPLINK_HOST: ${ATHEME_UPLINK_HOST:-'not set'}"
+    echo "  ATHEME_UPLINK_PORT: ${ATHEME_UPLINK_PORT:-'not set'}"
+    echo "  ATHEME_SEND_PASSWORD: ${ATHEME_SEND_PASSWORD:-'not set'}"
 }
 
 # Main function

scripts/start-webpanel.sh

@@ -36,6 +36,20 @@ WAIT_INTERVAL="${WAIT_INTERVAL:-5}"   # 5 seconds between checks
 
 print_status "Starting UnrealIRCd WebPanel..."
 
+# Set proper permissions for mounted directories
+print_status "Setting permissions for mounted directories..."
+if [ -d "/var/www/html/unrealircd-webpanel/data" ]; then
+    chown -R webpanel:webpanel /var/www/html/unrealircd-webpanel/data
+    chmod -R 775 /var/www/html/unrealircd-webpanel/data
+    print_success "Data directory permissions set"
+fi
+
+if [ -d "/var/www/html/unrealircd-webpanel/config" ]; then
+    chown -R webpanel:webpanel /var/www/html/unrealircd-webpanel/config
+    chmod -R 775 /var/www/html/unrealircd-webpanel/config
+    print_success "Config directory permissions set"
+fi
+
 # Skip JSON-RPC API check for now - start WebPanel directly
 print_status "Starting WebPanel without JSON-RPC API check..."
 print_warning "Note: WebPanel may need manual configuration to connect to UnrealIRCd"