Setting up "The Lounge" web IRC client in a Jail


New Member

Reaction score: 10
Messages: 2

After quite a bit of playing around this setup for The Lounge (My first production-deployed jail!), I think I've got something fairly solid built up! Here's a little guide to reproduce what I've done:

Install sysutils/ezjail on your target host machine, if you haven't already and go through the generic setup:

Setup the secondary loopback interface for your jails:
sysrc cloned_interfaces="lo1"
service netif cloneup

Enable and start ezjail:
sysrc ezjail_enable="YES"
service ezjail start

Create your basejail:
ezjail-admin install -p

Copy your host machine's /etc/resolv.conf to the newjail template, assuming your host has a working dns configuration you'd like you use:
cp /etc/resolv.conf /usr/jails/newjail/etc/resolv.conf

Create a jail for The Lounge:
(Replace "ue0" with your external network interface, which you can find with ifconfig)
ezjail-admin create thelounge 'lo1|,ue0|'

Start and enter the jail:
ezjail-admin start thelounge
ezjail-admin console thelounge

Bootstrap pkg, and update the package database:
(If this hangs for awhile, internet probably isn't working properly in the jail!)
pkg update

Install yarn and node:
pkg install yarn node

Create a user for The Lounge:
pw adduser lounger -d /nonexistent -s /usr/sbin/nologin -c "The Lounge User"

Make the configuration directory for The Lounge:
mkdir /usr/local/etc/thelounge
chown lounger /usr/local/etc/thelounge

Install The Lounge from the npm package:
(Not sure for other architectures, but on arm64, the sqlite package fails to build, however it's not vital so don't worry!)
yarn global add thelounge

Run The Lounge as lounger, making sure to set the "THELOUNGE_HOME" enviroment variable, which ensures our configuration ends up in our desired directory:
su -m lounger -c "setenv THELOUNGE_HOME /usr/local/etc/thelounge; /usr/local/bin/thelounge start
This will initialize all it's configuration files, press Ctrl+C after it stops printing output

Create a The Lounge user, which is the account you'll use to connect:
su -m lounger -c "setenv THELOUNGE_HOME /usr/local/etc/thelounge; /usr/local/bin/thelounge add myuser

Create an rc script for the lounge, which lets your control it via service:
mkdir -p /usr/local/etc/rc.d && vi /usr/local/etc/rc.d/thelounge
Insert the following script:

. /etc/rc.subr


load_rc_config ${name}



: ${thelounge_enable="NO"}
: ${thelounge_user="lounger"}
: ${thelounge_home="/usr/local/etc/thelounge"}

        cmd="${command} start"
        if thelounge_running; then
                echo "The Lounge is already running!"
                su -m ${thelounge_user} -c "setenv THELOUNGE_HOME ${thelounge_home}; ${cmd} &" > /dev
/null 2>&1

        # pretty bad way to do this, but it'll work lol
        if thelounge_running; then
                pgrep -u ${thelounge_user} | xargs -I _ kill -s SIGINT _
                echo "The Lounge isn't currently running!"

        if thelounge_running; then
                echo "The Lounge is up and running!"
                echo "The Lounge isn't currently running! Aww!"

        pids=$(pgrep -u ${thelounge_user})
        [ ! -z "$pids" ] && return 0 || return 1

run_rc_command "$1"

Save and exit vi, and mark the file as executable:
chmod +x /usr/local/etc/rc.d/thelounge

Enable the service:
sysrc thelounge_enable="YES"

Start the service:
service thelounge start

At this point, the lounge should be in a pretty solid state, but for the optimal configuration, we should reverse proxy to it from our host!

Run ifconfig, and take note of the ip on our jail's external interface:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
    groups: lo
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
    inet netmask 0xffffffff
    groups: lo
ue0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ether b8:27:eb:4b:85:33
    inet netmask 0xffffffff broadcast
    media: Ethernet autoselect (1000baseT <full-duplex>)
    status: active

In this case, it's "" under ue0

Exit from the jail to the host:

Install nginx, if you haven't already:
pkg install nginx

Configure Nginx as your reverse proxy (If you know what you're doing, you can configure this yourself, otherwise, you should delete the contents of the file and insert this config:
vi /usr/local/etc/nginx/nginx.conf
worker_processes  1;

events {
    worker_connections  1024;

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

    server {
        server_name; # optionally set this to the domain you want The Lounge on
        listen 80;
        client_max_body_size 10m;

        location / {
            proxy_pass; # your jail ip at port 9000 (the default port for The Lounge
            proxy_http_version 1.1;
            proxy_set_header Connection "upgrade";
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-Proto $scheme;

Enable and start nginx:
sysrc nginx_enable="YES"
service nginx start

And now, if you had any luck, if you visit in your web browser, you should get the The Lounge! It's a pretty dang sweet piece of kit, so hope this may have helped anyone out there :)

If you'd like to run The Lounge in it's own window, www/surf makes for the perfect tool!

On your desktop, create the following script:
vi /usr/local/bin/thelounge
surf "" # again, set to your configured server name
chmod +x /usr/local/bin/thelounge

And a nifty .desktop file!
mkdir -p ~/.local/share/applications && vi ~/.local/share/applications/thelounge.desktop
[Desktop Entry]
Comment=The comfiest place to lounge!
Categories=Chat;IRC;Instant Messaging;
Name=The Lounge
mkdir -p ~/.icons && fetch -o ~/.icons/thelounge.svg

Then, you should be able to launch it from something like dmenu, or rofi, or your start menu, I don't know yer desktop