AniNIX/Kapisi
3
0
Fork 0
Code Issues 27 Pull Requests Projects 1 Releases Wiki Activity

Seeding IRC automation after a lot of work

Browse Source
This commit is contained in:
DarkFeather
2022-12-18 22:18:43 -06:00
parent 0626c66413
commit 72a62b63eb
25 changed files with 8866 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

597
roles/IRC/templates/inspircd/inspircd.conf.j2 Normal file
View File

@@ -0,0 +1,597 @@
#-#-#-#-#-#-#-#-#-# INCLUDE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#-#
#<include file="file.conf"> #
#<include executable="/path/to/executable parameters"> #
#<include executable="/usr/bin/wget -q -O - http://example.com/inspircd.conf">
<include file="/etc/inspircd/opers.conf">
<include file="/etc/inspircd/links.conf">
<include file="/etc/inspircd/modules.conf">
<files motd="/etc/inspircd/motd.txt" rules="/etc/inspircd/rules.txt">
#-#-#-#-#-#-#-#-#-#-#-# VARIABLE DEFINITIONS -#-#-#-#-#-#-#-#-#-#-#-#
# #
# You can define variables that will be substituted later in the #
# configuration file. This can be useful to allow settings to be #
# easily changed, or to parameterize a remote includes. #
# #
# Variables may be redefined and may reference other variables. #
# Value expansion happens at the time the tag is read. #
# #
# Using variable definitions REQUIRES that the config format be #
# changed to "xml" from the default "compat" that uses escape #
# sequences such as "\"" and "\n", and does not support <define> #
<config format="xml">
#<define name="bindip" value="1.2.2.3">
#<define name="localips" value="&bindip;/24">
#-#-#-#-#-#-#-#-#-#-#-#- SERVER DESCRIPTION -#-#-#-#-#-#-#-#-#-#-#-#-
# #
# Here is where you enter the information about your server. #
# #
<server
name="{{ external_domain }}"
description="{{ organization['displayname'] }}/IRC"
#id="97K"
network="{{ organization['displayname'] }}/IRC">
#-#-#-#-#-#-#-#-#-#-#-#- ADMIN INFORMATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
# Describes the Server Administrator's real name (optionally), #
# nick, and email address. #
# #
<admin
name="{{ organization['admin'] }}"
nick="{{ organization['admin'] }}"
email="{{ organization['email'] }}">
#-#-#-#-#-#-#-#-#-#-#-#- PORT CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
# #
# Enter the port and address bindings here. #
# #
# j
<define name="subnetips" value="10.0.1.0/24">
<define name="localhost" value="127.0.0.1/32">
<bind
address=""
port="6697"
ssl="openssl"
type="clients">
<bind address="" port="6667" type="clients">
<bind address="" port="8067" type="servers">
<openssl onrehash="yes">
<sslprofile
name="Clients"
provider="openssl"
cafile="/etc/letsencrypt/live/{{ ssl['identity'] }}/fullchain.pem"
certfile="/etc/letsencrypt/live/{{ ssl['identity'] }}/cert.pem"
keyfile="/etc/letsencrypt/live/{{ ssl['identity'] }}/privkey.pem"
ciphers="{{ ssl['ciphersuite'] }}"
hash="sha256"
renegotiation="no"
requestclientcert="no"
sslv3="false"
tlsv1="no"
tlsv11="no"
tlsv12="yes">
#-#-#-#-#-#-#-#-#-#- CONNECTIONS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
# This is where you can configure which connections are allowed #
# and denied access onto your server. The password is optional. #
# You may have as many of these as you require. To allow/deny all #
# connections, use a '*' or 0.0.0.0/0. #
# #
# -- It is important to note that connect tags are read from the -- #
# TOP DOWN. This means that you should have more specific deny #
# and allow tags at the top, progressively more general, followed #
# by a <connect allow="*" (should you wish to have one). #
# #
# Connect blocks are searched twice for each user - once when the TCP #
# connection is accepted, and once when the user completes their #
# registration. Most of the information (hostname, ident response, #
# password, SSL when using STARTTLS, etc) is only available during #
# the second search, so if you are trying to make a closed server, #
# you will probably need a connect block just for user registration. #
# This can be done by using <connect registered="no"> #
#<connect deny="192.0.2.*">
#<connect deny="3ffe::0/32" reason="The 6bone address space is deprecated">
<connect
name="local"
parent="main"
allow="127.0.0.1"
localmax="20"
globalmax="20"
limit="20"
requiressl="off"
threshold="200"
port="6667">
<connect
name="main"
allow="*"
commandrate="1000"
fakelag="on"
globalmax="500"
hardsendq="1M"
limit="500"
localmax="500"
maxconnwarn="on"
modes="+wx"
pingfreq="120"
port="6697"
recvq="8192"
requiressl="on"
resolvehostnames="on"
softsendq="8192"
threshold="25"
timeout="10"
useident="no">
#-#-#-#-#-#-#-#-#-#-#-#- CIDR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
# #
# CIDR configuration allows detection of clones and applying of #
# throttle limits across a CIDR range. (A CIDR range is a group of #
# IPs, for example, the CIDR range 192.168.1.0-192.168.1.255 may be #
# represented as 192.168.1.0/24). This means that abuse across an ISP #
# is detected and curtailed much easier. Here is a good chart that #
# shows how many IPs the different CIDRs correspond to: #
# http://en.wikipedia.org/wiki/CIDR#Prefix_aggregation #
# #
<cidr
# ipv4clone: specifies how many bits of an IP address should be
# looked at for clones. The default only looks for clones on a
# single IP address of a user. You do not want to set this
# extremely low. (Values are 0-32).
ipv4clone="32"
# ipv6clone: specifies how many bits of an IP address should be
# looked at for clones. The default only looks for clones on a
# single IP address of a user. You do not want to set this
# extremely low. (Values are 0-128).
ipv6clone="128">
#-#-#-#-#-#-#-#-#-#-#-# MAXIMUM CHANNELS -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
<channels users="20" opers="60">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-# DNS SERVER -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# If these values are not defined, InspIRCd uses the default DNS resolver
# of your system.
#<dns server="127.0.0.1" timeout="5">
#<dns server="::1" timeout="5">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-# PID FILE -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# Define the path to the PID file here. The PID file can be used to #
# rehash the ircd from the shell or to terminate the ircd from the #
# shell using shell scripts, perl scripts, etc... and to monitor the #
# ircd's state via cron jobs. If this is a relative path, it will be #
# relative to the configuration directory, and if it is not defined, #
# the default of 'inspircd.pid' is used. #
# #
<pid file="/var/lib/inspircd/inspircd.pid">
#-#-#-#-#-#-#-#-#-#-#-#-#- BANLIST LIMITS #-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# Use these tags to customise the ban limits on a per channel basis. #
# The tags are read from top to bottom, and any tag found which #
# matches the channels name applies the banlimit to that channel. #
# It is advisable to put an entry with the channel as '*' at the #
# bottom of the list. If none are specified or no maxbans tag is #
# matched, the banlist size defaults to 64 entries. #
# #
#<banlist chan="#largechan" limit="128">
<maxlist chan="*" limit="60">
#-#-#-#-#-#-#-#-#-#-#- DISABLED FEATURES -#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# This tag is optional, and specifies one or more features which are #
# not available to non-operators. #
# #
# For example you may wish to disable NICK and prevent non-opers from #
# changing their nicknames. #
# Note that any disabled commands take effect only after the user has #
# 'registered' (e.g. after the initial USER/NICK/PASS on connection) #
# so for example disabling NICK will not cripple your network. #
# #
# You can also define if you want to disable any channelmodes #
# or usermodes from your users. #
# #
# `fakenonexistant' will make the ircd pretend that nonexistant #
# commands simply don't exist to non-opers ("no such command"). #
# #
#<disabled commands="TOPIC MODE" usermodes="" chanmodes="" fakenonexistant="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#- SERVER OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# Settings to define which features are usable on your server. #
# #
<options
# prefixquit: What (if anything) users' quit messages
# should be prefixed with.
prefixquit="Quit: "
# suffixquit: What (if anything) users' quit messages
# should be suffixed with.
suffixquit=""
# prefixpart: What (if anything) users' part messages
# should be prefixed with.
prefixpart="&quot;"
# NOTE: Use "\"" instead of "&quot;" if not using <config format="xml">
# suffixpart: What (if anything) users' part message
# should be suffixed with.
suffixpart="&quot;"
# fixedquit: Set all users' quit messages to this value.
#fixedquit=""
# fixedpart: Set all users' part messages in all channels
# to this value.
#fixedpart=""
# syntaxhints: If enabled, if a user fails to send the correct parameters
# for a command, the ircd will give back some help text of what
# the correct parameters are.
syntaxhints="no"
# cyclehosts: If enabled, when a user gets a host set, it will cycle
# them in all their channels. If not, it will simply change their host
# without cycling them.
cyclehosts="no"
# cyclehostsfromuser: If enabled, the source of the mode change for
# cyclehosts will be the user who cycled. This can look nicer, but
# triggers anti-takeover mechanisms of some obsolete bots.
cyclehostsfromuser="no"
# ircumsgprefix: Use undernet-style message prefixing for NOTICE and
# PRIVMSG. If enabled, it will add users' prefix to the line, if not,
# it will just message the user normally.
ircumsgprefix="no"
# announcets: If set to yes, when the timestamp on a channel changes, all users
# in the channel will be sent a NOTICE about it.
announcets="yes"
# allowmismatch: Setting this option to yes will allow servers to link even
# if they don't have the same "optionally common" modules loaded. Setting this to
# yes may introduce some desyncs and unwanted behaviour.
allowmismatch="no"
# defaultbind: Sets the default for <bind> tags without an address. Choices are
# ipv4 or ipv6; if not specified, IPv6 will be used if your system has support,
# falling back to IPv4 otherwise.
defaultbind="auto"
# hostintopic: If enabled, channels will show the host of the topic setter
# in the topic. If set to no, it will only show the nick of the topic setter.
hostintopic="yes"
# pingwarning: If a server does not respond to a ping within x seconds,
# it will send a notice to opers with snomask +l informing that the server
# is about to ping timeout.
pingwarning="15"
# serverpingfreq: How often pings are sent between servers (in seconds).
serverpingfreq="60"
# defaultmodes: What modes are set on a empty channel when a user
# joins it and it is unregistered.
defaultmodes="not"
# moronbanner: This is the text that is sent to a user when they are
# banned from the server.
moronbanner="You're banned! Contact {{ organization['email'] }} with the ERROR line below for help."
# exemptchanops: exemptions for channel access restrictions based on prefix.
exemptchanops="nonick:v flood:o"
# invitebypassmodes: This allows /invite to bypass other channel modes.
# (Such as +k, +j, +l, etc.)
invitebypassmodes="yes"
# nosnoticestack: This prevents snotices from 'stacking' and giving you
# the message saying '(last message repeated X times)'. Defaults to no.
nosnoticestack="no"
# welcomenotice: When turned on, this sends a NOTICE to connecting users
# with the text Welcome to <networkname>! after successful registration.
# Defaults to yes.
welcomenotice="yes">
#-#-#-#-#-#-#-#-#-#-#-# PERFORMANCE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#
# #
<performance
# netbuffersize: Size of the buffer used to receive data from clients.
# The ircd may only read this amount of text in 1 go at any time.
netbuffersize="10240"
# somaxconn: The maximum number of connections that may be waiting
# in the accept queue. This is *NOT* the total maximum number of
# connections per server. Some systems may only allow this to be up
# to 5, while others (such as Linux and *BSD) default to 128.
somaxconn="128"
# limitsomaxconn: By default, somaxconn (see above) is limited to a
# safe maximum value in the 2.0 branch for compatibility reasons.
# This setting can be used to disable this limit, forcing InspIRCd
# to use the value specified above.
limitsomaxconn="true"
# softlimit: This optional feature allows a defined softlimit for
# connections. If defined, it sets a soft max connections value.
softlimit="1024"
# quietbursts: When syncing or splitting from a network, a server
# can generate a lot of connect and quit messages to opers with
# +C and +Q snomasks. Setting this to yes squelches those messages,
# which makes it easier for opers, but degrades the functionality of
# bots like BOPM during netsplits.
quietbursts="yes">
#-#-#-#-#-#-#-#-#-#-#-# SECURITY CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
# #
<security
# announceinvites: This option controls which members of the channel
# receive an announcement when someone is INVITEd. Available values:
# 'none' - don't send invite announcements
# 'all' - send invite announcements to all members
# 'ops' - send invite announcements to ops and higher ranked users
# 'dynamic' - send invite announcements to halfops (if available) and
# higher ranked users. This is the recommended setting.
announceinvites="dynamic"
# hidemodes: If enabled, then the listmodes given will be hidden
# from users below halfop. This is not recommended to be set on +b
# as it may break some functionality in popular clients such as mIRC.
hidemodes="eI"
# hideulines: If this value is set to yes, U-lined servers will
# be hidden from non-opers in /links and /map.
hideulines="no"
# flatlinks: If this value is set to yes, /map and /links will
# be flattened when shown to non-opers.
flatlinks="no"
# hidewhois: When defined, the given text will be used in place
# of the server a user is on when whoised by a non-oper. Most
# networks will want to set this to something like "*.netname.net"
# to conceal the actual server a user is on.
# Note that enabling this will cause users' idle times to only be
# shown when the format /WHOIS <nick> <nick> is used.
hidewhois=""
# hidebans: If this value is set to yes, when a user is banned ([gkz]lined)
# only opers will see the ban message when the user is removed
# from the server.
hidebans="no"
# hidekills: If defined, replaces who set a /kill with a custom string.
hidekills=""
# hidesplits: If enabled, non-opers will not be able to see which
# servers split in a netsplit, they will only be able to see that one
# occurred (If their client has netsplit detection).
hidesplits="yes"
# maxtargets: Maximum number of targets per command.
# (Commands like /notice, /privmsg, /kick, etc)
maxtargets="20"
# customversion: Displays a custom string when a user /version's
# the ircd. This may be set for security reasons or vanity reasons.
customversion=""
# operspywhois: show opers (users/auspex) the +s channels a user is in. Values:
# splitmsg Split with an explanatory message
# yes Split with no explanatory message
# no Do not show
operspywhois="yes"
# runasuser: If this is set, InspIRCd will attempt to switch
# to run as this user, which allows binding of ports under 1024.
# You should NOT set this unless you are starting as root.
# NOT SUPPORTED/NEEDED UNDER WINDOWS.
#runasuser="ircd"
# runasgroup: If this is set, InspIRCd will attempt to switch
# to run as this group, which allows binding of ports under 1024.
# You should NOT set this unless you are starting as root.
# NOT SUPPORTED/NEEDED UNDER WINDOWS.
#runasgroup="ircd"
# restrictbannedusers: If this is set to yes, InspIRCd will not allow users
# banned on a channel to change nickname or message channels they are
# banned on.
restrictbannedusers="yes"
# genericoper: Setting this value to yes makes all opers on this server
# appear as 'is an IRC operator' in their WHOIS, regardless of their
# oper type, however oper types are still used internally. This only
# affects the display in WHOIS.
genericoper="no"
# userstats: /stats commands that users can run (opers can run all).
userstats="Pu">
#-#-#-#-#-#-#-#-#-#-#-#-# LIMITS CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
# #
# This configuration tag defines the maximum sizes of various types #
# on IRC, such as the maximum length of a channel name, and the #
# maximum length of a channel. Note that with the exception of the #
# identmax value all values given here are the exact values you would #
# expect to see on IRC. This contrasts with the older InspIRCd #
# releases where these values would be one character shorter than #
# defined to account for a null terminator on the end of the text. #
# #
# These values should match network-wide otherwise issues will occur. #
# #
# The highest safe value you can set any of these options to is 500, #
# but it is recommended that you keep them somewhat #
# near their defaults (or lower). #
<limits
# maxnick: Maximum length of a nickname.
maxnick="12"
# maxchan: Maximum length of a channel name.
maxchan="20"
# maxmodes: Maximum number of mode changes per line.
maxmodes="20"
# maxident: Maximum length of a ident/username.
maxident="64"
# maxquit: Maximum length of a quit message.
maxquit="255"
# maxtopic: Maximum length of a channel topic.
maxtopic="307"
# maxkick: Maximum length of a kick message.
maxkick="255"
# maxgecos: Maximum length of a GECOS (realname).
maxgecos="128"
# maxaway: Maximum length of an away message.
maxaway="200">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Logging
# -------
#
# Logging is covered with the <log> tag, which you may use to change
# the behaviour of the logging of the IRCd.
#
# In InspIRCd as of 1.2, logging is pluggable and very extensible.
# Different files can log the same thing, different 'types' of log can
# go to different places, and modules can even extend the log tag
# to do what they want.
#
# An example log tag would be:
# <log method="file" type="OPER" level="default" target="logs/opers.log">
# which would log all information on /oper (failed and successful) to
# a file called opers.log.
#
# There are many different types which may be used, and modules may
# generate their own. A list of useful types:
# - USERS - information relating to user connection and disconnection
# - OPER - succesful and failed oper attempts
# - KILL - kill related messages
# - snomask - server notices (*all* snomasks will be logged)
# - FILTER - messages related to filter matches (m_filter)
# - CONFIG - configuration related messages
# - COMMAND - die and restart messages, and messages related to unknown user types
# - SOCKET - socket engine informational/error messages
# - MODULE - module related messages
# - STARTUP - messages related to starting up the server
#
# You may also log *everything* by using a type of *, and subtract things out
# of that by using -TYPE - for example "* -USERINPUT -USEROUTPUT".
#
# Useful levels are:
# - default (general messages, including errors)
# - sparse (misc error messages)
# - debug (debug messages)
#
# Some types only produce output in the debug level, those are:
# - BANCACHE - ban cache debug messages
# - CHANNELS - information relating to joining/creating channels
# - CULLLIST - debug messages related to issues with removing users
# - RESOLVER - DNS related debug messages
# - CONNECTCLASS - Connection class debug messages
# - USERINPUT
# - USEROUTPUT
#
# The following log tag is highly default and uncustomised. It is recommended you
# sort out your own log tags. This is just here so you get some output.
<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="/var/log/ircd.log">
#-#-#-#-#-#-#-#-#-#-#-#-#- WHOWAS OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# This tag lets you define the behaviour of the /whowas command of #
# your server. #
# #
<whowas
# groupsize: Maximum entries per nick shown when performing
# a /whowas nick.
groupsize="10"
# maxgroups: Maximum number of nickgroups that can be added to
# the list so that /whowas does not use a lot of resources on
# large networks.
maxgroups="100000"
# maxkeep: Maximum time a nick is kept in the whowas list
# before being pruned. Time may be specified in seconds,
# or in the following format: 1y2w3d4h5m6s. Minimum is
# 1 hour.
maxkeep="1d">
#-#-#-#-#-#-#-#-#-#-#-#-#-#- BAN OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# The ban tags define nick masks, host masks and ip ranges which are #
# banned from your server. All details in these tags are local to #
# Your server. #
# #
#<badip ipmask="192.0.2.*" reason="Nope.">
<badnick nick="*Serv" reason="Reserved for Services">
<badhost host="*@*malware*" reason="Malware">
<badhost host="root@*" reason="Don't IRC as root!">
<exception host="{{ organization['admin'] }}@localhost" reason="localhost">
<exception host="{{ organization['admin'] }}@127.0.0.1" reason="localhost">
<exception host="{{ organization['admin'] }}@{{ external_domain }}" reason="localhost">
<exception host="{{ organization['admin'] }}@*.{{ external_domain }}" reason="localhost">
#-#-#-#-#-#-#-#-#-#-#- INSANE BAN OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# This optional tag allows you to specify how wide a gline, eline, #
# kline, zline or qline can be before it is forbidden from being #
# set. By setting hostmasks="yes", you can allow all G, K, E lines, #
# no matter how many users the ban would cover. This is not #
# recommended! By setting ipmasks="yes", you can allow all Z lines, #
# no matter how many users these cover too. Needless to say we #
# don't recommend you do this, or, set nickmasks="yes", which will #
# allow any qline. #
# #
<insane
# hostmasks: Allow bans with insane hostmasks. (over-reaching bans)
hostmasks="no"
# ipmasks: Allow bans with insane ipmasks. (over-reaching bans)
ipmasks="no"
# nickmasks: Allow bans with insane nickmasks. (over-reaching bans)
nickmasks="no"
# trigger: What percentage of users on the network to trigger
# specifying an insane ban as. The default is 95.5%, which means
# if you have a 1000 user network, a ban will not be allowed if it
# will be banning 955 or more users.
trigger="99">
#########################################################################
# #
# - InspIRCd Development Team - #
# http://www.inspircd.org #
# #
#########################################################################

55
roles/IRC/templates/inspircd/links.conf.j2 Normal file
View File

@@ -0,0 +1,55 @@
#-#-#-#-#-#-#-#-#-#-#- SERVER LINK CONFIGURATION -#-#-#-#-#-#-#-#-#-#
# #
# Defines which servers can link to this one, and which servers this #
# server may create outbound links to. #
# #
# ____ _ _____ _ _ ____ _ _ _ #
# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
# | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | #
# | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| #
# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
# #
# If you want to link servers to InspIRCd you must load the #
# m_spanningtree.so module! #
# #
# #
# Server link block
#<link name="hub.example.org"
# ipaddr="penguin.example.org"
# port="7000"
# allowmask="203.0.113.0/24"
# timeout="300"
# ssl="gnutls"
# bind="1.2.3.4"
# statshidden="no"
# hidden="no"
# sendpass="outgoing!password"
# recvpass="incoming!password">
{{ secrets['IRC']['links'] }}
# Link block for services. Options are the same as for the first
# link block (depending on what your services package supports).
<link name="ircservices.{{ external_domain }}"
ipaddr="core.{{ replica_domain }}"
port="8067"
allowmask="10.0.1.3/32"
sendpass="{{ secrets['IRC']['servicespass'] }}"
recvpass="{{ secrets['IRC']['servicespass'] }}">
# Simple autoconnect block. This enables automatic connection to a hub
#<autoconnect period="300" server="hub.example.org">
#<autoconnect period="120" server="hub.us.example.org hub.eu.example.org leaf.eu.example.org">
#-#-#-#-#-#-#-#-#-#-#-#- ULINES CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
# This tag defines a ulined server. A U-Lined server has special #
# permissions, and should be used with caution. Services servers are #
# usually u-lined in this manner. #
# #
# The 'silent' value, if set to yes, indicates that this server should#
# not generate quit and connect notices, which can cut down on noise #
# to opers on the network. #
# #
<uline server="ircservices.{{ external_domain }}" silent="no">

1900
roles/IRC/templates/inspircd/modules.conf.j2 Normal file
View File

File diff suppressed because it is too large Load Diff

45
roles/IRC/templates/inspircd/motd.txt.j2 Normal file
View File

@@ -0,0 +1,45 @@
........................................
........................................
..................HHH...................
................HHHHHHHH................
.............HHHHHHHHHHHHH..............
..........HHHHHHH.....HHHHHHH...........
.......HHHHHHH...........HHHHHHH........
......HHHHH.................HHHHH.......
......HHH.....................HHH.......
......HHH.....HH....#.........HHH.......
......HHH.....HH.....###......HHH.......
......HHH.....HH........##....HHH.......
......HHH.....HH........##....HHH.......
......HHH.....HH.....###......HHH.......
......HHH.....HH....#.........HHH.......
......HHH.....................HHH.......
......HHHHH.................HHHHH.......
.......HHHHHHH...........HHHHHHH........
..........HHHHHHH......HHHHHHH..........
............HHHHHHH.HHHHHHH.............
...............HHHHHHHHH................
..................HHH...................
........................................
........................................
........................................
Welcome to the AniNIX/IRC secure chat system!
Reach out to ops and founders in #lobby if you
need any help.
You should check which channels you want to join.
Type the following to get a list:
/list
You will need to request an AniNIX/Sora LDAP
account from an op or founder in #lobby to be
able to log in. If you already have an account,
use the following to authenticate:
"/quote ns identify <password>"
For reference, check out the Wiki:
https://{{ external_domain }}/AniNIX/Wiki
User code of conduct is recorded below:
https://{{ external_domain }}/AniNIX/Wiki/src/branch/main/Policies/User_Ethics.md

118
roles/IRC/templates/inspircd/opers.conf.j2 Normal file
View File

@@ -0,0 +1,118 @@
#-#-#-#-#-#-#-#-#-#-#-#- CLASS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
# #
# Classes are a group of commands which are grouped together and #
# given a unique name. They're used to define which commands #
# are available to certain types of Operators. #
# #
# #
# Note: It is possible to make a class which covers all available #
# commands. To do this, specify commands="*". This is not really #
# recommended, as it negates the whole purpose of the class system, #
# however it is provided for fast configuration (e.g. in test nets). #
# #
<class
name="Shutdown"
# commands: Oper-only commands that opers of this class can run.
commands="CLOSE DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOADMODULE GLOADMODULE GUNLOADMODULE GRELOADMODULE"
# privs: Special privileges that users with this class may utilise.
# VIEWING:
# - channels/auspex: allows opers with this priv to see more detail about channels than normal users.
# - users/auspex: allows opers with this priv to view more details about users than normal users, e.g. real host and IP.
# - servers/auspex: allows opers with this priv to see more detail about server information than normal users.
# ACTIONS:
# - users/mass-message: allows opers with this priv to PRIVMSG and NOTICE to a server mask (e.g. NOTICE $*)
# - channels/high-join-limit: allows opers with this priv to join <channels:opers> total channels instead of <channels:users> total channels.
# PERMISSIONS:
# - users/flood/no-fakelag: prevents opers from being penalized with fake lag for flooding (*NOTE)
# - users/flood/no-throttle: allows opers with this priv to send commands without being throttled (*NOTE)
# - users/flood/increased-buffers: allows opers with this priv to send and receive data without worrying about being disconnected for exceeding limits (*NOTE)
#
# *NOTE: These privs are potentially dangerous, as they grant users with them the ability to hammer your server's CPU/RAM as much as they want, essentially.
privs="users/auspex channels/auspex servers/auspex users/mass-message channels/high-join-limit users/flood/no-throttle users/flood/increased-buffers channels/ignore-noctcp channels/restricted-create users/ignore-commonchans users/ignore-noctcp users/ignore-privdeaf users/samode-usermodes"
# usermodes: Oper-only usermodes that opers with this class can use.
usermodes="*"
# chanmodes: Oper-only channel modes that opers with this class can use.
chanmodes="*">
<class name="SACommands" commands="SAJOIN SAPART SANICK SAQUIT SATOPIC SAKICK SAMODE OJOIN CHECK">
<class name="ServerLink" commands="CONNECT SQUIT RCONNECT RSQUIT MKPASSWD ALLTIME SWHOIS JUMPSERVER LOCKSERV UNLOCKSERV" usermodes="*" chanmodes="*" privs="servers/auspex">
<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE RLINE CHECK NICKLOCK NICKUNLOCK SHUN CLONES CBAN CLOSE" usermodes="*" chanmodes="*">
<class name="OperChat" commands="WALLOPS GLOBOPS" usermodes="*" chanmodes="*" privs="users/mass-message">
<class name="HostCloak" commands="SETHOST SETIDENT SETIDLE CHGNAME CHGHOST CHGIDENT" usermodes="*" chanmodes="*" privs="users/auspex">
#-#-#-#-#-#-#-#-#-#-#-#- OPERATOR COMPOSITION -#-#-#-#-#-#-#-#-#-#-#
# #
# This is where you specify which types of operators you have on #
# your server, as well as the commands they are allowed to use. #
# This works alongside with the classes specified above. #
# #
<type
# name: Name of type. Used in actual server operator accounts below.
# Cannot contain spaces. If you would like a space, use
# the _ character instead and it will translate to a space on whois.
name="NetAdmin"
# classes: Classes (blocks above) that this type belongs to.
classes="SACommands OperChat BanControl HostCloak Shutdown ServerLink"
# vhost: Host opers of this type get when they log in (oper up). This is optional.
vhost="{{ external_domain }}"
# modes: User modes besides +o that are set on an oper of this type
# when they oper up. Used for snomasks and other things.
# Requires that m_opermodes.so be loaded.
# Set all watchlists for NetAdmins.
modes="+s +aAcCjkKlLoOqQr">
<type name="GlobalOp" classes="SACommands OperChat BanControl HostCloak ServerLink" vhost="{{ external_domain }}">
<type name="Helper" classes="HostCloak" vhost="{{ external_domain }}">
#-#-#-#-#-#-#-#-#-#-#- OPERATOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
# Opers are defined here. This is a very important section. #
# Remember to only make operators out of trustworthy people. #
# #
# Unhashed operblock
#<oper
# name="Brain"
# password="youshouldhashthis"
# host="brain@dialup15.isp.test.com *@localhost *@example.com *@2001:db8::/32"
# #fingerprint="67cb9dc013248a829bb2171ed11becd4"
# type="NetAdmin">
#
{% for oper in secrets['IRC']['opers'] %}
<oper name="{{ oper }}" password="{{ secrets['IRC']['opers'][oper] }}" hash="sha256" host="*@127.0.0.1 *@10.0.1.* *@localhost *@aninix.net" type="Helper">
{% endfor %}
#-#-#-#-#-#-#-#-#-#- DIE/RESTART CONFIGURATION -#-#-#-#-#-#-#-#-#-#-
# #
# You can configure the passwords here which you wish to use for #
# the /DIE and /RESTART commands. Only trusted ircops who will #
# need this ability should know the die and restart password. #
# #
<power
# hash: what hash these passwords are hashed with.
# Requires the module for selected hash (m_md5.so, m_sha256.so
# or m_ripemd160.so) be loaded and the password hashing module
# (m_password_hash.so) loaded.
# Options here are: "md5", "sha256" and "ripemd160", or one of
# these prefixed with "hmac-", e.g.: "hmac-sha256".
# Optional, but recommended. Create hashed passwords with:
# /mkpasswd <hash> <password>
hash="sha256"
# diepass: Password for opers to use if they need to shutdown (die)
# a server.
diepass="{{ secrets['IRC']['diepass'] }}"
# restartpass: Password for opers to use if they need to restart
# a server.
restartpass="{{ secrets['IRC']['restartpass'] }}">

4
roles/IRC/templates/inspircd/rules.txt.j2 Normal file
View File

@@ -0,0 +1,4 @@
1) Be respectful and do not use the AniNIX for malicious actions.
2) Follow the Hacker Ethic.
3) Contribute, rather than detract, from any community.
Reach out to DarkFeather if you have questions.