From c69298ec9dbb8854027bc4e63ad912a0597d937b Mon Sep 17 00:00:00 2001
From: emdee <emdee@no_reply@plastiras.org>
Date: Thu, 8 Feb 2024 23:37:36 +0100
Subject: [PATCH] Add ToxygenWeechat

---
 ToxygenWeechat.md | 156 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 156 insertions(+)
 create mode 100644 ToxygenWeechat.md

diff --git a/ToxygenWeechat.md b/ToxygenWeechat.md
new file mode 100644
index 0000000..38c5aad
--- /dev/null
+++ b/ToxygenWeechat.md
@@ -0,0 +1,156 @@
+## Toxygen Weechat
+
+You can have a [weechat](https://github.com/weechat/qweechat)
+console so that you can have IRC and jabber in a window as well as Tox.
+There's a copy of qweechat in ```thirdparty/qweechat``` backported to
+PyQt5 and integrated into toxygen. Follow the normal instructions for
+adding a ```relay``` to [weechat](https://github.com/weechat/weechat)
+```
+/relay add ipv4.ssl.weechat 9001
+/relay start ipv4.ssl.weechat
+```
+or
+```
+/set relay.network.ipv6 off
+/set relay.network.password password
+/relay add weechat 9000
+/relay start weechat
+```
+and use the Plugins/Weechat Console to start weechat under Toxygen.
+Then use the File/Connect menu item of the Console to connect to weechat.
+
+Weechat has a Jabber plugin to enable XMPP:
+```
+/python load jabber.el
+/help jabber
+```
+so you can have Tox, IRC and XMPP in the same application!
+
+### Creating servers for IRC over Tor
+
+Create a proxy called tor
+```
+/proxy add tor socks5 127.0.0.1 9050
+```
+
+It should now show up in the list of proxies.
+```
+/proxy list
+```
+
+```
+/nick SyniTox
+```
+
+## TLS certificates
+
+[Create a Self-signed Certificate](https://www.oftc.net/NickServ/CertFP/)
+
+Choose a SyniTox you will identify as.
+
+Create a directory for your certificates ~/.config/weechat/ssl/ 
+and make a subdirectory for each server ~/.config/weechat/ssl/irc.oftc.net/ 
+
+Change to the server directory and use openssl to make a keypair and answer the questions:
+```
+openssl req -nodes -newkey rsa:2048 -keyout SyniTox.key -x509 -days 3650 -out SyniTox.cer
+chmod 400 SyniTox.key
+```
+We now combine certificate and key to a single file SyniTox.pem 
+```
+cat SyniTox.cer SyniTox.key > SyniTox.pem
+chmod 400 SyniTox.pem
+```
+
+Do this for each server you want to connect to, or just use one for all of them.
+
+### Libera TokTok channel
+
+The main discussion forum for Tox is the #TokTok channel on libera.
+
+libera has an onion server so we can map an address in tor. Add this
+to your /etc/tor/torrc
+```
+MapAddress palladium.libera.chat libera75jm6of4wxpxt4aynol3xjmbtxgfyjpu34ss4d7r7q2v5zrpyd.onion
+```
+Or without the MapAddress just use
+libera75jm6of4wxpxt4aynol3xjmbtxgfyjpu34ss4d7r7q2v5zrpyd.onion
+as the server address below.
+
+Define the server in weechat
+https://www.weechat.org/files/doc/stable/weechat_user.en.html#irc_sasl_authentication
+```
+/server remove libera
+/server add libera palladium.libera.chat/6697 -tls -tls_verify
+/set irc.server.libera.ipv6 off
+/set irc.server.libera.proxy tor
+/set irc.server.libera.username SyniTox
+/set irc.server.libera.nicks SyniTox
+/set irc.server.libera.tls on
+/set irc.server.libera.tls_cert "${weechat_config_dir}/ssl/libera.chat/SyniTox.pem"
+```
+
+```
+/set irc.server.libera.sasl_mechanism ecdsa-nist256p-challenge
+/set irc.server.libera.sasl_username "SyniTox"
+/set irc.server.libera.sasl_key "${weechat_config_dir}/ssl/libera.chat/SyniTox.pem"
+```
+
+Disconnect and connect back to the server. 
+```
+/disconnect libera
+/connect libera
+```
+
+/msg nickserv identify password SyniTox
+
+
+### oftc.net
+
+To use oftc.net over tor, you need to authenticate by SSL certificates.
+
+
+Define the server in weechat
+```
+/server remove irc.oftc.net
+/server add OFTC irc.oftc.net/6697  -tls -tls_verify
+/set irc.server.OFTC.ipv6 off
+/set irc.server.OFTC.proxy tor
+/set irc.server.OFTC.username SyniTox
+/set irc.server.OFTC.nicks SyniTox
+/set irc.server.OFTC.tls on
+/set irc.server.OFTC.tls_cert "${weechat_config_dir}/ssl/irc.oftc.chat/SyniTox.pem"
+
+# Disconnect and connect back to the server. 
+/disconnect OFTC
+/connect OFTC
+``` 
+You must be identified in order to validate using certs
+```
+/msg nickserv identify password SyniTox
+```
+To allow NickServ to identify you based on this certificate you need
+to associate the certificate fingerprint with your nick. To do this
+issue the command cert add to Nickserv (try /msg nickserv helpcert).
+```
+/msg nickserv cert add
+```
+
+### Privacy
+
+[Add somes settings bellow to weechat](https://szorfein.github.io/weechat/tor/configure-weechat/).
+Detail from [faq](https://weechat.org/files/doc/weechat_faq.en.html#security).
+
+```
+/set irc.server_default.msg_part ""
+/set irc.server_default.msg_quit ""
+/set irc.ctcp.clientinfo ""
+/set irc.ctcp.finger ""
+/set irc.ctcp.source ""
+/set irc.ctcp.time ""
+/set irc.ctcp.userinfo ""
+/set irc.ctcp.version ""
+/set irc.ctcp.ping ""
+/plugin unload xfer
+/set weechat.plugin.autoload "*,!xfer"
+```