Kapisi/roles/IRC/templates/anope/operserv.conf.j2

702 lines
22 KiB
Plaintext
Raw Permalink Normal View History

/*
* Example configuration file for OperServ.
*/
/*
* First, create the service.
*/
service
{
/*
* The name of the OperServ client.
* If you change this value, you probably want to change the client directive in the configuration for the operserv module too.
*/
nick = "OperServ"
/*
* The username of the OperServ client.
*/
user = "services"
/*
* The hostname of the OperServ client.
*/
host = "ircservices.{{ external_domain }}"
/*
* The realname of the OperServ client.
*/
gecos = "Operator Service"
/*
* The modes this client should use.
* Do not modify this unless you know what you are doing.
*
* These modes are very IRCd specific. If left commented, sane defaults
* are used based on what protocol module you have loaded.
*
* Note that setting this option incorrectly could potentially BREAK some, if
* not all, usefulness of the client. We will not support you if this client is
* unable to do certain things if this option is enabled.
*/
#modes = "+o"
/*
* An optional comma separated list of channels this service should join. Outside
* of log channels this is not very useful, as the service will just idle in the
* specified channels, and will not accept any types of commands.
*
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
*/
#channels = "@#services,#mychan"
}
/*
* Core OperServ module.
*
* Provides essential functionality for OperServ.
*/
module
{
name = "operserv"
/*
* The name of the client that should be OperServ.
*/
client = "OperServ"
/*
* These define the default expiration times for, respectively, AKILLs, CHANKILLs, SNLINEs,
* and SQLINEs.
*/
autokillexpiry = 30d
chankillexpiry = 30d
snlineexpiry = 30d
sqlineexpiry = 30d
/*
* If set, this option will make Services send an AKILL command immediately after it has been
* added with AKILL ADD. This eliminates the need for killing the user after the AKILL has
* been added.
*
* This directive is optional, but recommended.
*/
akillonadd = yes
/*
* If set, this option will make Services send an (SVS)KILL command immediately after SNLINE ADD.
* This eliminates the need for killing the user after the SNLINE has been added.
*
* This directive is optional.
*/
killonsnline = yes
/*
* If set, this option will make Services send an (SVS)KILL command immediately after SQLINE ADD.
* This eliminates the need for killing the user after the SQLINE has been added.
*
* This directive is optional.
*/
killonsqline = yes
/*
* Adds the nickname of the IRC Operator issuing an AKILL to the kill reason.
*
* This directive is optional.
*/
addakiller = yes
/*
* Adds akill IDs to akills. Akill IDs are given to users in their ban reason and can be used to easily view,
* modify, or remove an akill from the ID.
*/
akillids = yes
/*
* If set, only IRC Operators will be permitted to use OperServ, regardless of command access restrictions.
*
* This directive is optional, but recommended.
*/
opersonly = yes
}
/*
* Core OperServ commands.
*
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
* are loaded you can then configure the commands to be added to any client you like with any name you like.
*
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
*
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
*/
/* Give it a help command. */
command { service = "OperServ"; name = "HELP"; command = "generic/help"; }
/*
* os_akill
*
* Provides the command operserv/akill.
*
* Used to ban users from the network.
*/
module { name = "os_akill" }
command { service = "OperServ"; name = "AKILL"; command = "operserv/akill"; permission = "operserv/akill"; }
/*
* os_chankill
*
* Provides the command operserv/chankill.
*
* Used to akill users from an entire channel.
*/
module { name = "os_chankill" }
command { service = "OperServ"; name = "CHANKILL"; command = "operserv/chankill"; permission = "operserv/chankill"; }
/*
* os_session
*
* Provides the commands operserv/exception and operserv/session.
*
* This module enables session limiting. Session limiting prevents users from connecting more than a certain
* number of times from the same IP at the same time - thus preventing most types of cloning.
* Once a host reaches it's session limit, all clients attempting to connect from that host will
* be killed. Exceptions to the default session limit can be defined via the exception list.
*
* Used to manage the session limit exception list, and view currently active sessions.
*/
module
{
name = "os_session"
/*
* Default session limit per host. Once a host reaches its session limit, all clients attempting
* to connect from that host will be killed.
*
* This directive is required if os_session is loaded.
*/
defaultsessionlimit = 3
/*
* The maximum session limit that may be set for a host in an exception.
*
* This directive is required if os_session is loaded.
*/
maxsessionlimit = 100
/*
* Sets the default expiry time for session exceptions.
*
* This directive is required if os_session is loaded.
*/
exceptionexpiry = 1d
/*
* The message that will be NOTICE'd to a user just before they are removed from the network because
* their host's session limit has been exceeded. It may be used to give a slightly more descriptive
* reason for the impending kill as opposed to simply "Session limit exceeded".
*
* This directive is optional, if not set, nothing will be sent.
*/
sessionlimitexceeded = "The session limit for your IP %IP% has been exceeded."
/*
* Same as above, but should be used to provide a website address where users can find out more
* about session limits and how to go about applying for an exception.
*
* Note: This directive has been intentionally commented out in an effort to remind you to change
* the URL it contains. It is recommended that you supply an address/URL where people can get help
* regarding session limits.
*
* This directive is optional, if not set, nothing will be sent.
*/
#sessionlimitdetailsloc = "Please visit http://your.website.url/ for more information about session limits."
/*
* If set and is not 0, this directive tells Services to add an AKILL if the number of subsequent kills
* for the same host exceeds this value, preventing the network from experiencing KILL floods.
*
* This directive is optional.
*/
maxsessionkill = 15
/*
* Sets the expiry time for AKILLs set for hosts exceeding the maxsessionkill directive limit.
*
* This directive is optional, if not set, defaults to 30 minutes.
*/
sessionautokillexpiry = 30m
/*
* Sets the CIDR value used to determine which IP addresses represent the same person.
* By default this would limit 3 connections per IPv4 IP and 3 connections per IPv6 IP.
* If you are receiving IPv6 clone attacks it may be useful to set session_ipv6_cidr to
* 64 or 48.
*/
session_ipv4_cidr = 32
session_ipv6_cidr = 128
}
command { service = "OperServ"; name = "EXCEPTION"; command = "operserv/exception"; permission = "operserv/exception"; }
command { service = "OperServ"; name = "SESSION"; command = "operserv/session"; permission = "operserv/session"; }
/*
* os_defcon
*
* Provides the command operserv/defcon.
*
* Allows you to set services in defcon mode, which can be used to restrict services access
* during bot attacks.
*/
module
{
name = "os_defcon"
/*
* Default DefCon level (1-5) to use when starting Services up. Level 5 constitutes normal operation
* while level 1 constitutes the most restrictive operation. If this setting is left out or set to
* 0, DefCon will be disabled and the rest of this block will be ignored.
*/
defaultlevel = 5
/*
* The following 4 directives define what operations will take place when DefCon is set to levels
* 1 through 4. Each level is a list that must be separated by spaces.
*
* The following operations can be defined at each level:
* - nonewchannels: Disables registering new channels
* - nonewnicks: Disables registering new nicks
* - nomlockchanges: Disables changing MLOCK on registered channels
* - forcechanmodes: Forces all channels to have the modes given in the later chanmodes directive
* - reducedsessions: Reduces the session limit to the value given in the later sessionlimit directive
* - nonewclients: KILL any new clients trying to connect
* - operonly: Services will ignore all non-IRCops
* - silentoperonly: Services will silently ignore all non-IRCops
* - akillnewclients: AKILL any new clients trying to connect
* - nonewmemos: No new memos will be sent to block MemoServ attacks
*/
level4 = "nonewchannels nonewnicks nomlockchanges reducedsessions"
level3 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions"
level2 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly"
level1 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly akillnewclients"
/*
* New session limit to use when a DefCon level is using "reduced" session limiting.
*/
sessionlimit = 2
/*
* Length of time to add an AKILL for when DefCon is preventing new clients from connecting to the
* network.
*/
akillexpire = 5m
/*
* The channel modes to set on all channels when the DefCon channel mode system is in use.
*
* Note 1: Choose these modes carefully, because when DefCon switches to a level which does NOT have
* the mode setting selected, Services will set the reverse on all channels, e.g. if this setting
* is +RN when DefCon is used, all channels will be set to +RN, when DefCon is removed, all
* channels will be set to -RN. You don't want to set this to +k for example, because when DefCon
* is removed, all channels are set -k, removing the key from previously keyed channels.
*
* Note 2: MLOCKed modes will not be lost.
*/
chanmodes = "+Ri"
/*
* This value can be used to automatically return the network to DefCon level 5 after the specified
* time period, just in case any IRC Operator forgets to remove a DefCon setting.
*
* This directive is optional.
*/
timeout = 15m
/*
* If set, Services will send a global message on DefCon level changes.
*
* This directive is optional.
*/
globalondefcon = yes
/*
* If set, Services will send the global message defined in the message directive on DefCon level
* changes.
*
* This directive is optional.
*/
#globalondefconmore = yes
/*
* Defines the message that will be sent on DefCon level changes when globalondefconmore is set.
*
* This directive is required only when globalondefconmore is set.
*/
#message = "Put your message to send your users here. Don't forget to uncomment globalondefconmore"
/*
* Defines the message that will be sent when DefCon is returned to level 5. This directive is optional,
* and will also override globalondefcon and globalondefconmore when set.
*/
offmessage = "Services are now back to normal; sorry for any inconvenience"
/*
* Defines the reason to use when clients are KILLed or AKILLed from the network while the proper
* DefCon operation is in effect.
*/
akillreason = "This network is currently not accepting connections. We are working on diagnostics, so please try again later."
}
command { service = "OperServ"; name = "DEFCON"; command = "operserv/defcon"; }
/*
* os_dns
*
* Provides the command operserv/dns.
*
* This module requires that m_dns is loaded.
*
* This module allows controlling a DNS zone. This is useful for
* controlling what servers users are placed on for load balancing,
* and to automatically remove split servers.
*
* To use this module you must set a nameserver record for services
* so that DNS queries go to services.
*
* Alternatively, you may use a slave DNS server to hide service's IP,
* provide query caching, and provide better fault tolerance.
*
* To do this using BIND, configure similar to:
*
* options { max-refresh-time 60; };
* zone "irc.example.com" IN {
* type slave;
* masters { 127.0.0.1 port 5353; };
* };
*
* Where 127.0.0.1:5353 is the IP and port services are listening on.
* We recommend you externally firewall both UDP and TCP to the port
* Anope is listening on.
*
* Finally set a NS record for irc.example.com. to BIND or services.
*/
#module
{
name = "os_dns"
/* TTL for records. This should be very low if your records change often. */
ttl = 1m
/* If a server drops this many users the server is automatically removed from the DNS zone.
* This directive is optional.
*/
user_drop_mark = 50
/* The time used for user_drop_mark. */
user_drop_time = 1m
/* When a server is removed from the zone for dropping users, it is readded after this time.
* This directive is optional.
*/
user_drop_readd_time = 5m
/* If set, when a server splits, it is automatically removed from the zone. */
remove_split_servers = yes
/* If set, when a server connects to the network, it will be automatically added to
* the zone if it is a known server.
*/
readd_connected_servers = no
}
#command { service = "OperServ"; name = "DNS"; command = "operserv/dns"; permission = "operserv/dns"; }
/*
* os_config
*
* Provides the command operserv/config.
*
* Used to view and set configuration options while services are running.
*/
module { name = "os_config" }
command { service = "OperServ"; name = "CONFIG"; command = "operserv/config"; permission = "operserv/config"; }
/*
* os_forbid
*
* Provides the command operserv/forbid.
*
* Used to forbid specific nicks, channels, emails, etc. from being used.
*/
module { name = "os_forbid" }
command { service = "OperServ"; name = "FORBID"; command = "operserv/forbid"; permission = "operserv/forbid"; }
/*
* os_ignore
*
* Provides the command operserv/ignore.
*
* Used to make Services ignore users.
*/
module { name = "os_ignore" }
command { service = "OperServ"; name = "IGNORE"; command = "operserv/ignore"; permission = "operserv/ignore"; }
/*
* os_info
*
* Provides the command operserv/info.
*
* Used to add oper only notes to users and channels.
*/
module { name = "os_info" }
command { service = "OperServ"; name = "INFO"; command = "operserv/info"; permission = "operserv/info"; }
/*
* os_jupe
*
* Provides the command operserv/jupe.
*
* Used to disconnect servers from the network and prevent them from relinking.
*/
module { name = "os_jupe" }
command { service = "OperServ"; name = "JUPE"; command = "operserv/jupe"; permission = "operserv/jupe"; }
/*
* os_kick
*
* Provides the command operserv/kick.
*
* Used to kick users from channels.
*/
module { name = "os_kick" }
command { service = "OperServ"; name = "KICK"; command = "operserv/kick"; permission = "operserv/kick"; }
/*
* os_kill
*
* Provides the command operserv/kill.
*
* Used to forcibly disconnect users from the network.
*/
module { name = "os_kill" }
command { service = "OperServ"; name = "KILL"; command = "operserv/kill"; permission = "operserv/kill"; }
/*
* os_list
*
* Provides the commands operserv/chanlist and operserv/userlist.
*
* Used to list and search the channels and users currently on the network.
*/
module { name = "os_list" }
command { service = "OperServ"; name = "CHANLIST"; command = "operserv/chanlist"; permission = "operserv/chanlist"; }
command { service = "OperServ"; name = "USERLIST"; command = "operserv/userlist"; permission = "operserv/userlist"; }
/*
* os_login
*
* Provides the commands operserv/login and operserv/logout.
*
* Used to login to OperServ, only required if your oper block requires this.
*/
module { name = "os_login" }
command { service = "OperServ"; name = "LOGIN"; command = "operserv/login"; }
command { service = "OperServ"; name = "LOGOUT"; command = "operserv/logout"; }
/*
* os_logsearch
*
* Provides the command operserv/logsearch.
*
* Used to search services log files.
*/
module
{
name = "os_logsearch"
/* The log file name to search. There should be a log{} block configured to log
* to a file of this name.
*/
logname = "services.log"
}
command { service = "OperServ"; name = "LOGSEARCH"; command = "operserv/logsearch"; permission = "operserv/logsearch"; }
/*
* os_mode
*
* Provides the commands operserv/mode and operserv/umode.
*
* Used to change user and channel modes.
*/
module { name = "os_mode" }
command { service = "OperServ"; name = "UMODE"; command = "operserv/umode"; permission = "operserv/umode"; }
command { service = "OperServ"; name = "MODE"; command = "operserv/mode"; permission = "operserv/mode"; }
/*
* os_modinfo
*
* Provides the commands operserv/modinfo and operserv/modlist.
*
* Used to show information about loaded modules.
*/
module { name = "os_modinfo" }
command { service = "OperServ"; name = "MODINFO"; command = "operserv/modinfo"; permission = "operserv/modinfo"; }
command { service = "OperServ"; name = "MODLIST"; command = "operserv/modlist"; permission = "operserv/modinfo"; }
/*
* os_module
*
* Provides the commands operserv/modload, operserv/modreload, and operserv/modunload.
*
* Used to load, reload, and unload modules.
*/
module { name = "os_module" }
command { service = "OperServ"; name = "MODLOAD"; command = "operserv/modload"; permission = "operserv/modload"; }
command { service = "OperServ"; name = "MODRELOAD"; command = "operserv/modreload"; permission = "operserv/modload"; }
command { service = "OperServ"; name = "MODUNLOAD"; command = "operserv/modunload"; permission = "operserv/modload"; }
/*
* os_news
*
* Provides the commands operserv/logonnews, operserv/opernews, and operserv/randomnews.
*
* Used to configure news notices shown to users when they connect, and opers when they oper.
*/
module
{
name = "os_news"
/*
* The service bot names to use to send news to users on connection
* and to opers when they oper.
*/
announcer = "Global"
oper_announcer = "OperServ"
/*
* The number of LOGON/OPER news items to display when a user logs on.
*
* This directive is optional, if not set it will default to 3.
*/
#newscount = 3
}
command { service = "OperServ"; name = "LOGONNEWS"; command = "operserv/logonnews"; permission = "operserv/news"; }
command { service = "OperServ"; name = "OPERNEWS"; command = "operserv/opernews"; permission = "operserv/news"; }
command { service = "OperServ"; name = "RANDOMNEWS"; command = "operserv/randomnews"; permission = "operserv/news"; }
/*
* os_noop
*
* Provides the command operserv/noop.
*
* Used to NOOP a server, which prevents users from opering on that server.
*/
module { name = "os_noop" }
command { service = "OperServ"; name = "NOOP"; command = "operserv/noop"; permission = "operserv/noop"; }
/*
* os_oline
*
* Provides the command operserv/oline.
*
* Used to set oper flags on users, and is specific to UnrealIRCd.
* See /helpop ?svso on your IRCd for more information.
*
* module { name = "os_oline" }
* command { service = "OperServ"; name = "OLINE"; command = "operserv/oline"; permission = "operserv/oline"; }
*/
/*
* os_oper
*
* Provides the command operserv/oper.
*
* Used to configure opers and show information about opertypes.
*/
module { name = "os_oper" }
command { service = "OperServ"; name = "OPER"; command = "operserv/oper"; permission = "operserv/oper"; }
/*
* os_reload
*
* Provides the command operserv/reload.
*
* Used to reload the services.conf configuration file.
*/
module { name = "os_reload" }
command { service = "OperServ"; name = "RELOAD"; command = "operserv/reload"; permission = "operserv/reload"; }
/*
* os_set
*
* Provides the command operserv/set.
*
* Used to set various settings such as superadmin, debug mode, etc.
*/
module
{
name = "os_set"
/*
* If set, Services Admins will be able to use SUPERADMIN [ON|OFF] which will temporarily grant
* them extra privileges such as being a founder on ALL channels.
*
* This directive is optional.
*/
superadmin = yes
}
command { service = "OperServ"; name = "SET"; command = "operserv/set"; permission = "operserv/set"; }
/*
* os_shutdown
*
* Provides the commands operserv/quit, operserv/restart, and operserv/shutdown.
*
* Used to quit, restart, or shutdown services.
*/
module { name = "os_shutdown" }
command { service = "OperServ"; name = "QUIT"; command = "operserv/quit"; permission = "operserv/quit"; }
command { service = "OperServ"; name = "RESTART"; command = "operserv/restart"; permission = "operserv/restart"; }
command { service = "OperServ"; name = "SHUTDOWN"; command = "operserv/shutdown"; permission = "operserv/shutdown"; }
/*
* os_stats
*
* Provides the operserv/stats command.
*
* Used to show statistics about services.
*/
module { name = "os_stats" }
command { service = "OperServ"; name = "STATS"; command = "operserv/stats"; permission = "operserv/stats"; }
/*
* os_svs
*
* Provides the commands operserv/svsnick, operserv/svsjoin, and operserv/svspart.
*
* Used to force users to change nicks, join and part channels.
*/
module { name = "os_svs" }
command { service = "OperServ"; name = "SVSNICK"; command = "operserv/svsnick"; permission = "operserv/svs"; }
command { service = "OperServ"; name = "SVSJOIN"; command = "operserv/svsjoin"; permission = "operserv/svs"; }
command { service = "OperServ"; name = "SVSPART"; command = "operserv/svspart"; permission = "operserv/svs"; }
/*
* os_sxline
*
* Provides the operserv/snline and operserv/sqline commands.
*
* Used to ban real names, nick names, and possibly channels.
*/
module { name = "os_sxline" }
command { service = "OperServ"; name = "SNLINE"; command = "operserv/snline"; permission = "operserv/snline"; }
command { service = "OperServ"; name = "SQLINE"; command = "operserv/sqline"; permission = "operserv/sqline"; }
/*
* os_update
*
* Provides the operserv/update command.
*
* Use to immediately update the databases.
*/
module { name = "os_update" }
command { service = "OperServ"; name = "UPDATE"; command = "operserv/update"; permission = "operserv/update"; }