Removing large amounts of extra commenting and old/unused features; SASL support

2023-04-18 23:56:59 -05:00
parent e9fde0d8c9
commit 49b67de7ec
6 changed files with 193 additions and 2249 deletions
--- a/roles/IRC/templates/inspircd/opers.conf.j2
+++ b/roles/IRC/templates/inspircd/opers.conf.j2
@@ -1,118 +1,12 @@
-#-#-#-#-#-#-#-#-#-#-#-#-  CLASS CONFIGURATION   -#-#-#-#-#-#-#-#-#-#-#-
-#                                                                     #
-#   Classes are a group of commands which are grouped together and    #
-#   given a unique name. They're used to define which commands        #
-#   are available to certain types of Operators.                      #
-#                                                                     #
-#                                                                     #
-#  Note: It is possible to make a class which covers all available    #
-#  commands. To do this, specify commands="*". This is not really     #
-#  recommended, as it negates the whole purpose of the class system,  #
-#  however it is provided for fast configuration (e.g. in test nets). #
-#                                                                     #
-
-<class
-     name="Shutdown"
-
-     # commands: Oper-only commands that opers of this class can run.
-     commands="CLOSE DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOADMODULE GLOADMODULE GUNLOADMODULE GRELOADMODULE"
-
-     # privs: Special privileges that users with this class may utilise.
-     #  VIEWING:
-     #   - channels/auspex: allows opers with this priv to see more detail about channels than normal users.
-     #   - users/auspex: allows opers with this priv to view more details about users than normal users, e.g. real host and IP.
-     #   - servers/auspex: allows opers with this priv to see more detail about server information than normal users.
-     # ACTIONS:
-     #   - users/mass-message: allows opers with this priv to PRIVMSG and NOTICE to a server mask (e.g. NOTICE $*)
-     #   - channels/high-join-limit: allows opers with this priv to join <channels:opers> total channels instead of <channels:users> total channels.
-     # PERMISSIONS:
-     #   - users/flood/no-fakelag: prevents opers from being penalized with fake lag for flooding (*NOTE)
-     #   - users/flood/no-throttle: allows opers with this priv to send commands without being throttled (*NOTE)
-     #   - users/flood/increased-buffers: allows opers with this priv to send and receive data without worrying about being disconnected for exceeding limits (*NOTE)
-     #
-     # *NOTE: These privs are potentially dangerous, as they grant users with them the ability to hammer your server's CPU/RAM as much as they want, essentially.
-     privs="users/auspex channels/auspex servers/auspex users/mass-message channels/high-join-limit users/flood/no-throttle users/flood/increased-buffers channels/ignore-noctcp channels/restricted-create users/ignore-commonchans users/ignore-noctcp users/ignore-privdeaf users/samode-usermodes"
-
-     # usermodes: Oper-only usermodes that opers with this class can use.
-     usermodes="*"
-
-     # chanmodes: Oper-only channel modes that opers with this class can use.
-     chanmodes="*">
-
-<class name="SACommands" commands="SAJOIN SAPART SANICK SAQUIT SATOPIC SAKICK SAMODE OJOIN CHECK">
-<class name="ServerLink" commands="CONNECT SQUIT RCONNECT RSQUIT MKPASSWD ALLTIME SWHOIS JUMPSERVER LOCKSERV UNLOCKSERV" usermodes="*" chanmodes="*" privs="servers/auspex">
-<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE RLINE CHECK NICKLOCK NICKUNLOCK SHUN CLONES CBAN CLOSE" usermodes="*" chanmodes="*">
-<class name="OperChat" commands="WALLOPS GLOBOPS" usermodes="*" chanmodes="*" privs="users/mass-message">
-<class name="HostCloak" commands="SETHOST SETIDENT SETIDLE CHGNAME CHGHOST CHGIDENT" usermodes="*" chanmodes="*" privs="users/auspex">
-
-
-#-#-#-#-#-#-#-#-#-#-#-#-  OPERATOR COMPOSITION   -#-#-#-#-#-#-#-#-#-#-#
-#                                                                     #
-#   This is where you specify which types of operators you have on    #
-#   your server, as well as the commands they are allowed to use.     #
-#   This works alongside with the classes specified above.            #
-#                                                                     #
-
+# We are not yet deeply using the class system -- only NetAdmins should be managing the network. Most management will be through services.
+<class name="NetAdmin" commands="*" usermodes="*" chanmodes="*" privs="*">
 <type
-    # name: Name of type. Used in actual server operator accounts below.
-    # Cannot contain spaces. If you would like a space, use
-    # the _ character instead and it will translate to a space on whois.
    name="NetAdmin"
-
-    # classes: Classes (blocks above) that this type belongs to.
-    classes="SACommands OperChat BanControl HostCloak Shutdown ServerLink"
-
-    # vhost: Host opers of this type get when they log in (oper up). This is optional.
+    classes="NetAdmin"
    vhost="{{ external_domain }}"
-
-    # modes: User modes besides +o that are set on an oper of this type
-    # when they oper up. Used for snomasks and other things.
-    # Requires that m_opermodes.so be loaded.
-    # Set all watchlists for NetAdmins.
    modes="+s +aAcCjkKlLoOqQr">
-<type name="GlobalOp" classes="SACommands OperChat BanControl HostCloak ServerLink" vhost="{{ external_domain }}">
-<type name="Helper" classes="HostCloak" vhost="{{ external_domain }}">

-
-#-#-#-#-#-#-#-#-#-#-#-  OPERATOR CONFIGURATION   -#-#-#-#-#-#-#-#-#-#-#
-#                                                                     #
-#   Opers are defined here. This is a very important section.         #
-#   Remember to only make operators out of trustworthy people.        #
-#                                                                     #
-
-# Unhashed operblock
-#<oper
-#      name="Brain"
-#      password="youshouldhashthis"
-#      host="brain@dialup15.isp.test.com *@localhost *@example.com *@2001:db8::/32"
-#      #fingerprint="67cb9dc013248a829bb2171ed11becd4"
-#      type="NetAdmin">
-#
+# Operators are tracked in the vault.
 {% for oper in secrets['IRC']['opers'] %}
 <oper name="{{ oper }}" password="{{ secrets['IRC']['opers'][oper] }}" hash="sha256" host="*@127.0.0.1 *@10.0.1.* *@localhost *@aninix.net" type="NetAdmin">
 {% endfor %}
-
-#-#-#-#-#-#-#-#-#-#-  DIE/RESTART CONFIGURATION   -#-#-#-#-#-#-#-#-#-#-
-#                                                                     #
-#   You can configure the passwords here which you wish to use for    #
-#   the /DIE and /RESTART commands. Only trusted ircops who will      #
-#   need this ability should know the die and restart password.       #
-#                                                                     #
-<power
-       # hash: what hash these passwords are hashed with.
-       # Requires the module for selected hash (m_md5.so, m_sha256.so
-       # or m_ripemd160.so) be loaded and the password hashing module
-       # (m_password_hash.so) loaded.
-       # Options here are: "md5", "sha256" and "ripemd160", or one of
-       # these prefixed with "hmac-", e.g.: "hmac-sha256".
-       # Optional, but recommended. Create hashed passwords with:
-       # /mkpasswd <hash> <password>
-       hash="sha256"
-
-       # diepass: Password for opers to use if they need to shutdown (die)
-       # a server.
-       diepass="{{ secrets['IRC']['diepass'] }}"
-
-       # restartpass: Password for opers to use if they need to restart
-       # a server.
-       restartpass="{{ secrets['IRC']['restartpass'] }}">