💾 Archived View for g.nubecita.online › services › very-basic-nntp.org captured on 2023-06-14 at 13:57:51. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-01-29)
-=-=-=-=-=-=-
Remember, all executables are in =/usr/libexec/news= (Fedora and Manjaro) or =/usr/lib/news/bin= (Debian and Ubuntu).
Install inn. Configure inn.conf (see Section [[*Configure inn.conf][Configure inn.conf]]), check configuration, and create history databases. Run innd.
sudo dnf install inn
cd /usr/libexec/
cd news/
# See Section Configure inn.conf!
emacs -nw /etc/news/inn.conf
# Checking inn.conf syntax
./inncheck
cd /var/lib/news/
/usr/libexec/news/makedbz -i -o
sudo chown news:news *
chmod 644 *
ls
ll
systemctl start innd
systemctl status innd
Still conection problems: denied access from Gnus client. Because readers.conf do not allow external requests: it needs configuration.
The =journalctl -xeu innd.service= commands says (where XXX.XXX.XXX.XXX is the client IP):
nov 12 11:23:42 HOST nnrpd[85565]: ? reverse lookup for XXX.XXX.XXX.XXX failed: Name or service not known -- using IP address for access
nov 12 11:23:42 HOST nnrpd[85565]: XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX) connect - port 119
nov 12 11:23:42 HOST nnrpd[85565]: Reading access from /etc/news/readers.conf
nov 12 11:23:42 HOST nnrpd[85565]: Auth strategy 'localhost' does not match client. Removing.
nov 12 11:23:42 HOST nnrpd[85565]: No auth realms to check!
nov 12 11:23:42 HOST nnrpd[85565]: XXX.XXX.XXX.XXX removing irrelevant access group localhost
nov 12 11:23:42 HOST nnrpd[85565]: XXX.XXX.XXX.XXX no_permission
nov 12 11:23:42 HOST nnrpd[85565]: XXX.XXX.XXX.XXX times user 0.012 system 0.012 idle 0.000 elapsed 0.154
nov 12 11:23:42 HOST nnrpd[85565]: XXX.XXX.XXX.XXX time 154 nntpwrite 0(1)
Open =/etc/news/inn.conf= and uncomment the following lines. Fill it with the proper information:
pathhost: usenet.my-server.com
domain: usenet.my-server.com
server: usenet.my-server.com
bindaddress: 0.0.0.0
Uncomment and complete the following if you are not using systemd to start the innd service.
#runasuser: news
#runasgroup: news
Readers "auth" blocks are checked bottom-up.
Remember to add your local IP (the one starting "192.168.") or any IP referencing the host at the "localhost" auth block.
auth "unauthenticated-user" {
hosts: "*"
auth: "ckpasswd -f /var/lib/news/newsusers"
default: "unauthenticated-user"
}
auth "localhost" {
hosts: "localhost, 127.0.0.1, ::1, stdin, ADD_YOUR_LOCAL_IP_TOO"
default: "<localhost>"
}
access "localhost" {
users: "<localhost>"
newsgroups: "*"
access: RPA
}
access "myusenetnews" {
users: "*"
newsgroups: "myusenet.news.*"
}
Check configuration syntax with =/usr/libexec/inncheck=.
\pointright{} It is not required to restart the service!
\warning{} Respect strictly the space at =key: value=.
This will create a non-moderated ("y") group. Moderated groups are created witn "m" flag.
/usr/libexec/news/ctlinnd newgroup myusenet.news.notifications y admin
After that check if your group were added with the command explained in Section [[*List groups][List groups]].
Check newsgroups and messages with:
: /usr/libexec/news/getlist
In some systems, =getlist= would not work and the port and host must be provided.
The default value of host is to use the =server= value in =inn.conf=, or to use the NNTPSERVER environment variable. The host configured in those values may not resolve to an IP. In this case, is preferable to change the =pathhost= and =server= values to the domain name of the server, or to add the server name to =/etc/hosts= Nevertheless, =getlist= can be executed with the following parameters to specify the server IP address and port:
: /usr/libexec/news/getlist -h 127.0.0.1 -p 119
Sending articles to the server from localhost
Create a file at =~/welcome.txt=:
From: admin@example.org
Subject: Welcome!
Newsgroups: myusenet.news.notifications
Date: Sat, 12 Nov 2022 13:44:00 -0300
Welcome to the myusenet Usenet service!
Send it with:
./inews -h ~/welcome.txt
It will say nothing if the article were sent. Also, the output from =journalctl -xeu innd.service= will tell you if the message is accepted:
nov 12 14:22:50 XXXXX innd[89572]: localhost:18 checkpoint seconds 0 accepted 1 refused 0 rejected 0 duplicate 0 accepted size 556 duplicate size 0 rejected size 0
nov 12 14:22:50 XXXXX nnrpd[89834]: HOST post ok <...@HOST.DOMAIN.DOMAIN>
Using Gnus and/or Pan require TLS configuration by default!
See Section [[*Configure TLS][Configure TLS]].
Add the following to the inn.conf:
tlscapath: /etc/news/certs
tlscafile: /etc/news/certs/chain.pem
tlscertfile: /etc/news/certs/cert.pem
tlskeyfile: /etc/news/certs/privkey.pem
Create the certs directory and copy the "let's encrypt" files. ⚠ This is very insecure! So use it for testing purposes.
mkdir /etc/news/certs
cp /etc/letsencrypt/live/MY.HTTP.DOMAINNAME/* /etc/news/certs/
chown -r news:news /etc/news/certs
With this it should be possible to send message from another host to the server.
(require 'ox-gemini)
(org-export-to-file 'gemini "very-basic-nntp.gmi")