* After defining different types of operators in the above opertype section, we now define who is in these groups
* through 'oper' blocks, similar to ircd access.
*
* The default is to comment these out (so NOBODY will have Services access).
* You probably want to add yourself and a few other people at minimum.
*
* As with all permissions, make sure to only give trustworthy people access to Services.
*/
/* Include services operators from YAML */
{% for oper in secrets['IRC']['opers'] %}
oper
{
name = "{{ oper }}"
type = "Services Root"
require_oper = "yes"
}
{% endfor %}
/*
* [OPTIONAL] Mail Config
*
* This section contains settings related to the use of e-mail from Services.
* If the usemail directive is set to yes, unless specified otherwise, all other
* directives are required.
*
* NOTE: Users can find the IP of the machine services is running on by examining
* mail headers. If you do not want your IP known, you should set up a mail relay
* to strip the relevant headers.
*/
mail
{
/*
* If set, this option enables the mail commands in Services. You may choose
* to disable it if you have no Sendmail-compatible mailer installed. Whilst
* this directive (and entire block) is optional, it is required if the
* nickserv:emailregistration is set to yes.
*/
usemail = no
/*
* This is the command-line that will be used to call the mailer to send an
* e-mail. It must be called with all the parameters needed to make it
* scan the mail input to find the mail recipient; consult your mailer
* documentation.
*
* Postfix users must use the compatible sendmail utility provided with
* it. This one usually needs no parameters on the command-line. Most
* sendmail applications (or replacements of it) require the -t option
* to be used.
*/
sendmailpath = "/usr/sbin/sendmail -t"
/*
* This is the e-mail address from which all the e-mails are to be sent from.
* It should really exist.
*/
sendfrom = "services@localhost.net"
/*
* If set, SENDPASS and RESETPASS will be restricted to IRC operators.
* This directive is optional.
*
* WARNING: If you choose to not enable this option, you should limit the
* number of processes that the services user can have at a time (you can
* create a special user for this; remember to NEVER launch Services as
* root).
*/
restrict = yes
/*
* This controls the minimum amount of time a user must wait before sending
* another e-mail after they have sent one. It also controls the minimum time
* a user must wait before they can receive another e-mail.
*
* This feature prevents users from being mail bombed using Services and
* it is highly recommended that it be used.
*
* This directive is optional, but highly recommended.
*/
delay = 5m
/*
* If set, Services will not attempt to put quotes around the TO: fields
* in e-mails.
*
* This directive is optional, and as far as we know, it's only needed
* if you are using ESMTP or QMail to send out e-mails.
*/
#dontquoteaddresses = yes
/*
* The subject and message of emails sent to users when they register accounts.
*/
registration_subject = "Nickname Registration for %n"
registration_message = "Hi,
You have requested to register the nickname %n on %N.
Please type \" /msg NickServ confirm %c \" to complete registration.
If you don't know why this mail was sent to you, please ignore it silently.
%N administrators."
/*
* The subject and message of emails sent to users when they request a new password.
*/
reset_subject = "N/A" /* "Reset password request for %n" */
reset_message = "N/A" /* "Hi, You have requested to have the password for %n reset. To reset your password, type \"/msg NickServ CONFIRM %n %c\". If you don't know why this mail was sent to you, please ignore it silently. %N administrators." */
/*
* The subject and message of emails sent to users when they request SENDPASS.
*/
sendpass_subject = "N/A" /* "Nickname password for %n" */
sendpass_message = "N/A" /* "Hi, You have requested to receive the password of nickname %n by e-mail. The password is %p. For security purposes, you should change it as soon as you receive this mail. If you don't know why this mail was sent to you, please ignore it silently. %N administrators." */
/*
* The subject and message of emails sent to users when they request a new email address.
*/
emailchange_subject = "Email confirmation"
emailchange_message = "Hi,
You have requested to change your email address to %e.
Please type \" /msg NickServ confirm %c \" to confirm this change.
If you don't know why this mail was sent to you, please ignore it silently.
%N administrators."
/*
* The subject and message of emails sent to users when they recieve a new memo.
*/
memo_subject = "New memo"
memo_message = "Hi %n
You've just received a new memo from %s. This is memo number %d.
Memo text:
%t"
}
/*
* [OPTIONAL] DNS Config
*
* This section is used to configure DNS.
* At this time DNS is only used by a few modules (m_dnsbl)
* and is not required by the core to function.
*/
dns
{
/*
* The nameserver to use for resolving hostnames, must be an IP or a resolver configuration file.
* The below should work fine on all unix like systems. Windows users will have to find their nameservers
* from ipconfig /all and put the IP here
*/
nameserver = "/etc/resolv.conf"
#nameserver = "127.0.0.1"
/*
* How long to wait in seconds before a DNS query has timed out
*/
timeout = 5
}
/*
* [REQUIRED] Database configuration.
*
* This section is used to configure databases used by Anope.
* You should at least load one database method, otherwise any data you
* have will not be stored!
*/
/*
* [DEPRECATED] db_old
*
* This is the old binary database format from late Anope 1.7.x, Anope 1.8.x, and
* early Anope 1.9.x. This module only loads these databases, and will NOT save them.
* You should only use this to upgrade old databases to a newer database format by loading
* other database modules in addition to this one, which will be used when saving databases.
*/
#module { name = "db_old" }
db_old
{
/*
* This is the encryption type used by the databases. This must be set correctly or
* your passwords will not work. Valid options are: md5, oldmd5, sha1, and plain.
*/
#hash = "md5"
}
/*
* [DEPRECATED] db_plain
*
* This is the flatfile database format from Anope-1.9.2 to Anope-1.9.5.
* To convert from this format, load both this and db_flatfile. Be sure to name db_flatfile's
* target database to something else. Start Anope then shut down so the new database will be written.
* Then unload this and restart Anope, loading from the new database.
*/
#module { name = "db_plain" }
/*db_plain
*{
*
* The database name db_plain should use
*
* database = "/var/db/anope/anope.db"
}*/
/*
* db_flatfile
*
* This is the default flatfile database format.
*/
module { name = "db_flatfile" }
db_flatfile
{
/*
* The database name db_flatfile should use
*/
database = "anope.db"
}
/*
* db_sql
*
* This module allows saving and loading databases using one of the SQL engines.
* This module loads the databases once on startup, then incrementally updates
* objects in the database as they are changed within Anope in real time. Changes
* to the SQL tables not done by Anope will have no effect and will be overwritten.
*
*/
#module { name = "db_sql" }
/*
* db_sql_live
*
* This module allows saving and loading databases using one of the SQL engines.
* This module reads and writes to SQL in real time. Changes to the SQL tables
* will be immediately reflected into Anope. This module should not be loaded
* in conjunction with db_sql.
*/
#module { name = "db_sql_live" }
db_sql
{
/*
* The SQL service db_sql(_live) should use, these are configured in modules.conf.
* For MySQL, this should probably be mysql/main.
*/
engine = "sqlite/main"
/*
* An optional prefix to prepended to the name of each created table.
* Do not use the same prefix for other programs.
*/
#prefix = "anope_db_"
}
/*
* [REQUIRED] Encryption modules.
*
* The encryption modules are used when dealing with passwords. This determines how
* the passwords are stored in the databases, and does not add any security as
* far as transmitting passwords over the network goes.
*
* Without any encryption modules, passwords will be stored in plain text, allowing
* for passwords to be recovered later but isn't secure therefore is not recommended.
*
* The other encryption modules use one-way encryption, so the passwords can not
* be recovered later if those are used.
*
* NOTE: enc_old is Anope's previous (broken) MD5 implementation, if your databases
* were made using that module, continue to use it and do not use enc_md5.
*
* NOTE: enc_sha1 relies on how the OS stores 2+ byte data internally, and is
* potentially broken when moving between 2 different OSes, such as moving from
* Linux to Windows. It is recommended that you use enc_sha256 instead if you want
* to use an SHA-based encryption. If you choose to do so, it is also recommended
* that you first try to get everyone's passwords converted to enc_sha256 before
* switching OSes by placing enc_sha256 at the beginning of the list.
*
* The first encryption module loaded is the primary encryption module. All new passwords are
* encrypted by this module. Old passwords stored in another encryption method are
* automatically re-encrypted by the primary encryption module on next identify.
*/
#module { name = "enc_md5" }
#module { name = "enc_sha1" }
module { name = "enc_sha256" }
/*
* When using enc_none, passwords will be stored without encryption in plain
* text, allowing for passwords to be recovered later. This isn't secure therefore
* is not recommended.
*/
#module { name = "enc_none" }
/*
* enc_old is Anope's previous (broken) MD5 implementation, if your databases
* were made using that module, load it here to allow conversion to the primary
