Weechat: Difference between revisions

From NixOS Wiki
imported>Grahamc
document making otr work with weechat, sorry wiki maitainers, this is probably bad. :)
Lennart (talk | contribs)
No edit summary
 
(12 intermediate revisions by 10 users not shown)
Line 1: Line 1:
''WeeChat'' is an extensible chat client with a command line interface.
[https://weechat.org/ WeeChat] is an extensible chat client with a command line interface.


== Plugins ==
This article is an extension to the documentation in the [https://nixos.org/manual/nixos/stable/#module-services-weechat NixOS manual].
WeeChat can be extended with plugins, which can be written in a variety of scripting languages. As these plugins may depend on external libraries, we need to take care that those are found by WeeChat. For example the [https://weechat.org/scripts/source/jabber.py.html/ Jabber plugin] depends on the <code>xmpppy</code> python library, which is provided in a separate nix package. To make WeeChat find the library, we can override the <code>weechat</code> nix package and add the dependency as an extra build input, e.g. by changing the <code>~/.nixpkgs/config.nix</code> as follows:
 
== Module ==
 
To use WeeChat using the NixOS module, you should note that additional configuration is required. This is because of the screen security wrapper.
 
<syntaxhighlight lang="nix">
  services.weechat.enable = true;
  programs.screen.screenrc = ''
    multiuser on
    acladd USER # TODO: change to your local user
    term screen-256color
  '';
</syntaxhighlight>
 
After that you may attach the screen session using <code>$ screen -x weechat/weechat-screen</code>.
 
== Scripts ==
WeeChat can be extended with scripts. Those can be written in a variety of scripting languages. As these scripts may depend on external libraries, we need to take care that those are found by WeeChat. This can either be done by adding already packaged scripts or by extending WeeChat's extraBuildInputs.
 
=== Packaged WeeChat Scripts ===
There are multiple prepackaged <code>weechatScripts</code> in the nixpkgs. Those are Nix packages for a WeeChat script with the script's extra dependencies. The easiest way is to create an [[Overlays | overlay]].
 
<syntaxhighlight lang="nix">
self: super:
{
  weechat = super.weechat.override {
    configure = { availablePlugins, ... }: {
      scripts = with super.weechatScripts; [
        weechat-otr
        wee-slack
      ];
      # Uncomment this if you're on Darwin, there's no PHP support available. See https://github.com/NixOS/nixpkgs/blob/e6bf74e26a1292ca83a65a8bb27b2b22224dcb26/pkgs/applications/networking/irc/weechat/wrapper.nix#L13 for more info.
      # plugins = builtins.attrValues (builtins.removeAttrs availablePlugins [ "php" ]);
    };
  };
}
</syntaxhighlight>
 
=== WeeChat extraBuildInputs ===
For example the [https://weechat.org/scripts/source/jabber.py.html/ Jabber script] depends on the <code>xmpppy</code> python library, which is provided in a separate nix package. To make WeeChat find the library, we can override the <code>weechat</code> nix package and add the dependency as an extra build input, e.g. by changing the <code>~/.nixpkgs/config.nix</code> as follows:


<syntaxhighlight lang="nix">
<syntaxhighlight lang="nix">
Line 12: Line 51:
</syntaxhighlight>
</syntaxhighlight>


=== Problem loading multiline.pl ===
The script <b>multiline.pl</b> depends on the Pod::Select module. However, since perl version v5.31.1 Pod::Select has been removed. You can either install PodParser or use nix-shell to wrap weechat so it can find it:


=== Making the wechat-otr.py plugin work===
<syntaxhighlight lang="shell">
nix-shell -p perl -p perl532Packages.PodParser --run weechat
</syntaxhighlight>


You have to override potr to use an old, vulnerable version of pycrypto:
This script was also packaged as <code>weechatScripts.multiline</code> and is currently available in the [https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/applications/networking/irc/weechat/scripts/multiline/default.nix unstable release].
<syntaxhighlight lang="nix">
      (weechat.override {
        configure = { availablePlugins, ... }: {
          plugins = [
            (availablePlugins.python.withPackages (ps: [
              (ps.potr.overridePythonAttrs (oldAttrs:
                {
                  propagatedBuildInputs = [
                    (ps.buildPythonPackage rec {
                      name = "pycrypto-${version}";
                      version = "2.6.1";


                      src = pkgs.fetchurl {
== Glowing Bear, nginx, TLS, and Oauth2 Proxy ==
                        url = "mirror://pypi/p/pycrypto/${name}.tar.gz";
One can set up Glowing Bear as a web client to Weechat. However, its best to proxy inbound connections from the internet through a more robust service with TLS enabled. Lastly, it's convenient to reuse an auth provider to provide access to internal applications.  
                        sha256 = "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj";
                      };


                      patches = pkgs.stdenv.lib.singleton (pkgs.fetchpatch {
This configuration snippet can illustrate how to configure it:
                        name = "CVE-2013-7459.patch";
<syntaxhighlight lang="nix">
                        url = "https://anonscm.debian.org/cgit/collab-maint/python-crypto.git"
{ config, pkgs, ... }:
                          + "/plain/debian/patches/CVE-2013-7459.patch?h=debian/2.6.1-7";
{
                        sha256 = "01r7aghnchc1bpxgdv58qyi2085gh34bxini973xhy3ks7fq3ir9";
  services.weechat.enable = true;
                      });


                      buildInputs = [ pkgs.gmp ];
  # Go read the terms at https://letsencrypt.org/repository/
  security.acme.acceptTerms = false;
  security.acme.email = "";


                      preConfigure = ''
  services.nginx = {
                        sed -i 's,/usr/include,/no-such-dir,' configure
    enable = true;
                        sed -i "s!,'/usr/include/'!!" setup.py
    recommendedGzipSettings = true;
                      '';
    recommendedOptimisation = true;
                    })
    recommendedProxySettings = true;
                  ];
    recommendedTlsSettings = true;
                }
    # You'd think this is a good idea, but Safari doesn't support 1.3 on websockets yet from my testing in 2020.  If one is only using Chrome, consider it.
              ))
    # sslProtocols = "TLSv1.3";
            ]))
    virtualHosts = {
           ];
      "irc.your.fqdn.goes.here" = {
        forceSSL = true;
        enableACME = true;
        locations."^~ /weechat" = {
          proxyPass = "http://127.0.0.1:9000/weechat/";
           proxyWebsockets = true;
         };
         };
       })
        locations."/" = {
          root = pkgs.glowing-bear;
        };
      };
    };
 
    services.oauth2.proxy = {
       enable = true;
      email.addresses = ''
        # your email goes here for authorization
      '';
      nginx.virtualhosts = [
        "irc.your.fqdn.goes.here"
      ];
      clientID = "";
      keyFile = "";
    };
}
</syntaxhighlight>
</syntaxhighlight>
[[Category:Applications]]
[[Category:NixOS Manual]]

Latest revision as of 22:30, 27 May 2024

WeeChat is an extensible chat client with a command line interface.

This article is an extension to the documentation in the NixOS manual.

Module

To use WeeChat using the NixOS module, you should note that additional configuration is required. This is because of the screen security wrapper.

  services.weechat.enable = true;
  programs.screen.screenrc = ''
    multiuser on
    acladd USER # TODO: change to your local user
    term screen-256color
  '';

After that you may attach the screen session using $ screen -x weechat/weechat-screen.

Scripts

WeeChat can be extended with scripts. Those can be written in a variety of scripting languages. As these scripts may depend on external libraries, we need to take care that those are found by WeeChat. This can either be done by adding already packaged scripts or by extending WeeChat's extraBuildInputs.

Packaged WeeChat Scripts

There are multiple prepackaged weechatScripts in the nixpkgs. Those are Nix packages for a WeeChat script with the script's extra dependencies. The easiest way is to create an overlay.

self: super:
{
  weechat = super.weechat.override {
    configure = { availablePlugins, ... }: {
      scripts = with super.weechatScripts; [
        weechat-otr
        wee-slack
      ];
      # Uncomment this if you're on Darwin, there's no PHP support available. See https://github.com/NixOS/nixpkgs/blob/e6bf74e26a1292ca83a65a8bb27b2b22224dcb26/pkgs/applications/networking/irc/weechat/wrapper.nix#L13 for more info.
      # plugins = builtins.attrValues (builtins.removeAttrs availablePlugins [ "php" ]);
    };
  };
}

WeeChat extraBuildInputs

For example the Jabber script depends on the xmpppy python library, which is provided in a separate nix package. To make WeeChat find the library, we can override the weechat nix package and add the dependency as an extra build input, e.g. by changing the ~/.nixpkgs/config.nix as follows:

{
  packageOverrides = pkgs: rec {
    weechat = pkgs.weechat.override { extraBuildInputs = [ pkgs.xmpppy ]; };
  };
}

Problem loading multiline.pl

The script multiline.pl depends on the Pod::Select module. However, since perl version v5.31.1 Pod::Select has been removed. You can either install PodParser or use nix-shell to wrap weechat so it can find it:

nix-shell -p perl -p perl532Packages.PodParser --run weechat

This script was also packaged as weechatScripts.multiline and is currently available in the unstable release.

Glowing Bear, nginx, TLS, and Oauth2 Proxy

One can set up Glowing Bear as a web client to Weechat. However, its best to proxy inbound connections from the internet through a more robust service with TLS enabled. Lastly, it's convenient to reuse an auth provider to provide access to internal applications.

This configuration snippet can illustrate how to configure it:

{ config, pkgs, ... }:
{
  services.weechat.enable = true;

  # Go read the terms at https://letsencrypt.org/repository/
  security.acme.acceptTerms = false;
  security.acme.email = "";

  services.nginx = {
    enable = true;
    recommendedGzipSettings = true;
    recommendedOptimisation = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
    # You'd think this is a good idea, but Safari doesn't support 1.3 on websockets yet from my testing in 2020.  If one is only using Chrome, consider it.
    # sslProtocols = "TLSv1.3";
    virtualHosts = {
      "irc.your.fqdn.goes.here" = {
        forceSSL = true;
        enableACME = true;
        locations."^~ /weechat" = {
          proxyPass = "http://127.0.0.1:9000/weechat/";
          proxyWebsockets = true;
        };
        locations."/" = {
          root = pkgs.glowing-bear;
        };
      };
    };

    services.oauth2.proxy = {
      enable = true;
      email.addresses = ''
        # your email goes here for authorization
      '';
      nginx.virtualhosts = [
        "irc.your.fqdn.goes.here"
      ];
      clientID = "";
      keyFile = "";
    };
}