Seeding IRC automation after a lot of work
This commit is contained in:
parent
0626c66413
commit
72a62b63eb
@ -1,53 +1,53 @@
|
|||||||
IRC is a chat system used by members of the AniNIX network. See [[IRC#Available Clients|Available Clients]] for access methods.
|
IRC is a chat system used by members of the AniNIX network.
|
||||||
|
|
||||||
# Etymology
|
# Etymology
|
||||||
[https://en.wikipedia.org/wiki/IRC IRC] stands for Internet Relay Chat -- it is a method of text-based communication across the network via various servers. IRC has long been the self-hosted communication medium of choice for hackers, developers, and the fringe -- though overall adoption has dropped a bit with the rise of other social media, networks like [https://freenode.org Freenode] are growing. IRC<ref name=ircgrow>https://royal.pingdom.com/2012/04/24/irc-is-dead-long-live-irc/</ref> is moving to the hacker niche, and we follow along.
|
[IRC](https://en.wikipedia.org/wiki/IRC) stands for Internet Relay Chat -- it is a method of text-based communication across the network via various servers. IRC has long been the self-hosted communication medium of choice for hackers, developers, and the fringe -- though overall adoption has dropped a bit with the rise of other social media, networks like [Libera](https://libera.chat/) are [still growing](https://royal.pingdom.com/2012/04/24/irc-is-dead-long-live-irc/). IRC is moving to the hacker niche, and we follow along.
|
||||||
|
|
||||||
# Relevant Files and Software
|
# Relevant Files and Software
|
||||||
The configuration for the IRC service is divided into two parts -- the daemon and services.
|
The configuration for the IRC service is divided into two parts -- the daemon and services.
|
||||||
|
|
||||||
## InspIRCd
|
## InspIRCd
|
||||||
The IRC daemon is powered by [https://inspircd.org/ InspIRCd 2][[Category:InspIRCd]]. Relevant configuration is in [file:///etc/inspircd/inspircd.conf the conf file] and it logs to [file:///var/log/inspircd/startup.log startup.log].
|
The IRC daemon is powered by [InspIRCd](https://inspircd.org/). Relevant configuration is in `/etc/inspircd/` and it logs to journald.
|
||||||
|
|
||||||
## Anope
|
## Anope
|
||||||
The services component is supplied by [https://www.anope.org/ Anope 2][[Category:Anope]]. Relevant configuration is in [file:///etc/anope/services.conf the services.conf] and it logs to the [file:///var/log/anope/ the anope log].
|
The services component is supplied by [Anope](https://www.anope.org/). Relevant configuration is in [the services.conf](file:///etc/anope/services.conf) and it logs to the [its own log](file:///var/log/anope/).
|
||||||
|
|
||||||
Anope also takes backups of [file:///var/db/anope/anope.db the anope database] to the backups folder in the same location. [[Category:TODO]]<!--This should be backed up with Wiki-->
|
Anope also takes backups of [the anope database](file:///var/db/anope/anope.db) to the backups folder in the same location.
|
||||||
|
|
||||||
<b>Caution:</b> Anope with version 2.0.3 has some issues with gcc6. If you start encountering segmentation faults with Anope, sign in to [[irc://anope.org#anope The Anope support IRC]]. Script a run of "sudo -u ircd gdb /usr/bin/services core". Enter "r <your flags>" and when it crashes run "bt full". Quit out of everything and pastebin the file. Provide this to the support staff.
|
<b>Caution:</b> Anope with version 2.0.3 has some issues with gcc6. If you start encountering segmentation faults with Anope, sign in to `irc://anope.org#anope` (the Anope support IRC network). Script a run of "sudo -u ircd gdb /usr/bin/services core". Enter `r <your flags>` and when it crashes run `bt full`. Quit out of everything and pastebin the file. Provide this to the support staff.
|
||||||
|
|
||||||
|
<b>Caution:</b> Arch's packaged version of Anope may be missing critical LDAP modules. We still install the package, but you may need to use a localized install in /opt to get it working.
|
||||||
|
|
||||||
Anope Services' NickServ authentication can be linked to [[Sora|AniNIX::Sora]] for unified credentials.[[Category:LDAP]]
|
Anope Services' NickServ authentication can be linked to [[Sora|AniNIX::Sora]] for unified credentials.[[Category:LDAP]]
|
||||||
|
|
||||||
### Service entities
|
### Service entities
|
||||||
The following entities can be messaged personally (PM'ed) for help with "/msg <entity> help
|
The following entities can be messaged personally (PM'ed) for help with `/msg <entity> help` from inside an IRC client.
|
||||||
|
|
||||||
|
|
||||||
[[Category:Public_Service]]
|
|
||||||
* NickServ will manage IRC nicknames.
|
* NickServ will manage IRC nicknames.
|
||||||
* HostServ will manage IRC virtual hosts, to mask IP's.
|
* HostServ will manage IRC virtual hosts, to mask IP's.
|
||||||
* ChanServ will manage IRC channels -- new channels can be registered on the network here.
|
* ChanServ will manage IRC channels -- new channels can be registered on the network here.
|
||||||
* MemoServ will manage IRC memos (short text-message-like messages between users).
|
* MemoServ will manage IRC memos (short text-message-like messages between users).
|
||||||
|
|
||||||
# Available Clients
|
# Available Clients
|
||||||
You will need to use your own client. All IRC clients will connect to the service by providing the following information:
|
A [simple web client](https://irc.aninix.net) is hosted.
|
||||||
|
|
||||||
|
For more advanced options like logging, you will need to use your own client. All IRC clients will connect to the service by providing the following information:
|
||||||
* Host: aninix.net
|
* Host: aninix.net
|
||||||
* Port: 6697
|
* Port: 6697
|
||||||
* The client should accept invalid certificates.
|
* The client should accept only valid certificates.
|
||||||
* The client should automatically join the #lobby channel.
|
* The client should automatically join the #lobby channel.
|
||||||
* The client should provide a nickname and NickServ password that the user intends to use.
|
* The client should provide a nickname and NickServ password that the user intends to use.
|
||||||
|
|
||||||
### Clients by OS
|
### Clients by OS
|
||||||
Some example clients can be found here.
|
Some example clients can be found here.
|
||||||
* Linux hosts are strongly recommended to use [https://wiki.archlinux.org/index.php/Weechat weechat] inside [https://wiki.archlinux.org/index.php/Tmux tmux] with the [https://weechat.org/themes/source/crym.theme.html/ crym theme], though a Hexchat version is also available.
|
* Linux hosts are strongly recommended to use [weechat](https://wiki.archlinux.org/index.php/Weechat) inside [tmux](https://wiki.archlinux.org/index.php/Tmux).
|
||||||
* Windows hosts can connect to this service using [https://hexchat.github.io/ HexChat].
|
* Windows hosts can connect to this service using [HexChat](https://hexchat.github.io/).
|
||||||
* Mac hosts can use [http://colloquy.info/downloads.html Colloquy].
|
* Mac and iOS hosts can use [Colloquy](http://colloquy.info/downloads.html).
|
||||||
* Android hosts can use [http://www.duckspike.net/andchat/ Andchat].
|
* Android hosts can use [AndChat](http://www.duckspike.net/andchat/).
|
||||||
* iOS devices should use [http://colloquy.info/downloads.html Colloquy's mobile version].
|
|
||||||
|
|
||||||
# Equivalents or Competition
|
# Equivalents or Competition
|
||||||
Rivals to IRC include other IRC networks like [http://freenode.net Freenode], mail services like [https://inbox.google.com Google Inbox], and other chat systems like Slack, Microsoft Teams, Discord, Snapchat, WhatsApp, etc. We use Discord to provide new users with a Web-only bridge to the IRC network at https://aninix.net/irc/ -- [[IRC/Discord Bridge|documentation for our Discord hosting]] is also available..
|
Rivals to IRC include other IRC networks like Libera, mail services like [Gmail](https://mail.google.com), and other chat systems like Slack, Microsoft Teams, Discord, Snapchat, WhatsApp, etc. We use Discord to provide new users with a Web-only bridge to the IRC network, but most features are only available within our own network.
|
||||||
|
|
||||||
# Additional Reference
|
|
||||||
{{:IRC/Commands and Modes}}
|
|
||||||
|
|
||||||
### Helpful Reading
|
|
||||||
|
|
||||||
# Additional Reference
|
# Additional Reference
|
||||||
|
* [IRCHelp.org for operators](https://www.irchelp.org/ircd/ircopguide.html)
|
||||||
|
* [InspIRCd modes reference](https://docs.inspircd.org/3/user-modes/)
|
||||||
|
17
roles/IRC/files/services/irc.service
Normal file
17
roles/IRC/files/services/irc.service
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=AniNIX/IRC daemon
|
||||||
|
Requires=network.target
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=forking
|
||||||
|
PIDFile=/var/lib/inspircd/inspircd.pid
|
||||||
|
ExecStart=/usr/lib/inspircd/inspircd start
|
||||||
|
ExecReload=/usr/lib/inspircd/inspircd rehash
|
||||||
|
ExecStop=/usr/lib/inspircd/inspircd stop
|
||||||
|
Restart=always
|
||||||
|
User=ircd
|
||||||
|
Group=ircd
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
16
roles/IRC/files/services/ircservices.service
Normal file
16
roles/IRC/files/services/ircservices.service
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=AniNIX/IRC | Anope Services
|
||||||
|
Requires=network.target
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
PIDFile=/run/anope/anope.pid
|
||||||
|
ExecStart=/opt/anope/bin/services --confdir=/etc/anope/ --dbdir=/opt/anope/data --localedir=/opt/anope/locale --logdir=/var/log/anope --modulesdir=/opt/anope/lib --nofork
|
||||||
|
ExecReload=/bin/kill -1 $MAINPID
|
||||||
|
Restart=always
|
||||||
|
User=ircd
|
||||||
|
Group=ircd
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
15
roles/IRC/files/services/ircweb.service
Normal file
15
roles/IRC/files/services/ircweb.service
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=AniNIX/IRC Web Client
|
||||||
|
After=network.target irc.service ircservices.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
WorkingDirectory=/usr/local/src/KiwiIRC/
|
||||||
|
ExecStart=/bin/sh ./kiwi -f
|
||||||
|
ExecReload=/bin/kill -HUP $MAINPID
|
||||||
|
KillMode=control-group
|
||||||
|
Restart=always
|
||||||
|
User=ircd
|
||||||
|
Group=ircd
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
29
roles/IRC/tasks/bots.yml
Normal file
29
roles/IRC/tasks/bots.yml
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- user:
|
||||||
|
name: "{{ item }}"
|
||||||
|
state: present
|
||||||
|
shell: "{{ daemon_shell | default('/sbin/nologin') }}"
|
||||||
|
local: yes
|
||||||
|
groups: ircd
|
||||||
|
loop:
|
||||||
|
- bitbot
|
||||||
|
- dsbridge
|
||||||
|
- theraven
|
||||||
|
- werewolf
|
||||||
|
|
||||||
|
# Install TheRaven package
|
||||||
|
- package:
|
||||||
|
name:
|
||||||
|
- TheRaven
|
||||||
|
|
||||||
|
- git:
|
||||||
|
repo: 'https://github.com/jesopo/bitbot.git'
|
||||||
|
dest: /usr/local/src/bitbot/
|
||||||
|
clone: yes
|
||||||
|
update: yes
|
||||||
|
|
||||||
|
- git:
|
||||||
|
repo:
|
||||||
|
|
||||||
|
-
|
60
roles/IRC/tasks/daemon.yml
Normal file
60
roles/IRC/tasks/daemon.yml
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Ensure directory permissions
|
||||||
|
become: yes
|
||||||
|
file:
|
||||||
|
state: directory
|
||||||
|
path: "{{ item }}"
|
||||||
|
owner: ircd
|
||||||
|
group: ircd
|
||||||
|
mode: 0750
|
||||||
|
loop:
|
||||||
|
- "/var/log/inspircd"
|
||||||
|
- "/etc/inspircd"
|
||||||
|
|
||||||
|
- name: Copy config and fill in attributes
|
||||||
|
register: templatefiles
|
||||||
|
become: yes
|
||||||
|
template:
|
||||||
|
src: "inspircd/{{ item }}.j2"
|
||||||
|
dest: "/etc/inspircd/{{ item }}"
|
||||||
|
owner: ircd
|
||||||
|
group: ircd
|
||||||
|
mode: 0600
|
||||||
|
loop:
|
||||||
|
- inspircd.conf
|
||||||
|
- modules.conf
|
||||||
|
- links.conf
|
||||||
|
- opers.conf
|
||||||
|
- rules.txt
|
||||||
|
- motd.txt
|
||||||
|
|
||||||
|
- name: Copy service file
|
||||||
|
become: yes
|
||||||
|
register: servicesfile
|
||||||
|
copy:
|
||||||
|
src: services/irc.service
|
||||||
|
dest: /usr/lib/systemd/system/irc.service
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
|
- name: Reload services
|
||||||
|
when: servicesfile.changed
|
||||||
|
become: yes
|
||||||
|
systemd:
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Ensure service running
|
||||||
|
become: yes
|
||||||
|
service:
|
||||||
|
name: irc
|
||||||
|
state: started
|
||||||
|
enabled: yes
|
||||||
|
|
||||||
|
- name: Reload on config change
|
||||||
|
become: yes
|
||||||
|
when: templatefiles.changed or servicesfile.changed
|
||||||
|
service:
|
||||||
|
name: irc
|
||||||
|
state: reloaded
|
@ -8,12 +8,11 @@
|
|||||||
- anope
|
- anope
|
||||||
- TheRaven
|
- TheRaven
|
||||||
|
|
||||||
- name: KiwiIRC Web Front
|
- include_tasks: daemon.yml
|
||||||
become: yes
|
|
||||||
git:
|
|
||||||
repo: https://github.com/prawnsalad/KiwiIRC.git
|
|
||||||
dest: /usr/local/src/KiwiIRC
|
|
||||||
|
|
||||||
|
- include_tasks: services.yml
|
||||||
|
|
||||||
|
- include_tasks: web.yml
|
||||||
|
|
||||||
|
#- include_tasks: bots.yml
|
||||||
|
|
||||||
|
65
roles/IRC/tasks/services.yml
Normal file
65
roles/IRC/tasks/services.yml
Normal file
@ -0,0 +1,65 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Ensure directory permissions
|
||||||
|
become: yes
|
||||||
|
file:
|
||||||
|
state: directory
|
||||||
|
path: "{{ item }}"
|
||||||
|
owner: ircd
|
||||||
|
group: ircd
|
||||||
|
mode: 0700
|
||||||
|
loop:
|
||||||
|
- "/etc/anope"
|
||||||
|
- "/opt/anope"
|
||||||
|
- "/opt/anope/data"
|
||||||
|
- "/var/log/anope"
|
||||||
|
|
||||||
|
- name: Copy config and fill in attributes
|
||||||
|
register: templatefiles
|
||||||
|
become: yes
|
||||||
|
template:
|
||||||
|
src: "anope/{{ item }}.j2"
|
||||||
|
dest: "/etc/anope/{{ item }}"
|
||||||
|
owner: ircd
|
||||||
|
group: ircd
|
||||||
|
mode: 0600
|
||||||
|
loop:
|
||||||
|
- botserv.conf
|
||||||
|
- chanserv.conf
|
||||||
|
- global.conf
|
||||||
|
- hostserv.conf
|
||||||
|
- memoserv.conf
|
||||||
|
- modules.conf
|
||||||
|
- nickserv.conf
|
||||||
|
- operserv.conf
|
||||||
|
- services.conf
|
||||||
|
|
||||||
|
- name: Copy service file
|
||||||
|
become: yes
|
||||||
|
register: servicesfile
|
||||||
|
copy:
|
||||||
|
src: services/ircservices.service
|
||||||
|
dest: /usr/lib/systemd/system/ircservices.service
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
|
- name: Reload services
|
||||||
|
when: servicesfile.changed
|
||||||
|
become: yes
|
||||||
|
systemd:
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Ensure service running
|
||||||
|
become: yes
|
||||||
|
service:
|
||||||
|
name: ircservices
|
||||||
|
state: started
|
||||||
|
enabled: yes
|
||||||
|
|
||||||
|
- name: Reload on config change
|
||||||
|
become: yes
|
||||||
|
when: templatefiles.changed or servicesfile.changed
|
||||||
|
service:
|
||||||
|
name: ircservices
|
||||||
|
state: reloaded
|
56
roles/IRC/tasks/web.yml
Normal file
56
roles/IRC/tasks/web.yml
Normal file
@ -0,0 +1,56 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Clone KiwiIRC
|
||||||
|
become: yes
|
||||||
|
git:
|
||||||
|
repo: https://github.com/prawnsalad/KiwiIRC.git
|
||||||
|
dest: /usr/local/src/KiwiIRC
|
||||||
|
update: no
|
||||||
|
|
||||||
|
- name: Update permissions
|
||||||
|
become: yes
|
||||||
|
file:
|
||||||
|
path: /usr/local/src/KiwiIRC
|
||||||
|
recurse: yes
|
||||||
|
owner: ircd
|
||||||
|
group: ircd
|
||||||
|
|
||||||
|
- name: Populate config
|
||||||
|
become: yes
|
||||||
|
register: config
|
||||||
|
template:
|
||||||
|
src: kiwiirc/config.js.j2
|
||||||
|
dest: /usr/local/src/KiwiIRC/config.js
|
||||||
|
owner: ircd
|
||||||
|
group: ircd
|
||||||
|
mode: 0600
|
||||||
|
|
||||||
|
- name: Copy service file
|
||||||
|
become: yes
|
||||||
|
register: servicesfile
|
||||||
|
copy:
|
||||||
|
src: services/ircweb.service
|
||||||
|
dest: /usr/lib/systemd/system/ircweb.service
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
|
- name: Reload services
|
||||||
|
when: servicesfile.changed
|
||||||
|
become: yes
|
||||||
|
systemd:
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Ensure service running
|
||||||
|
become: yes
|
||||||
|
service:
|
||||||
|
name: ircweb
|
||||||
|
state: started
|
||||||
|
enabled: yes
|
||||||
|
|
||||||
|
- name: Reload on config change
|
||||||
|
become: yes
|
||||||
|
when: config.changed or servicesfile.changed
|
||||||
|
service:
|
||||||
|
name: ircweb
|
||||||
|
state: reloaded
|
404
roles/IRC/templates/anope/botserv.conf.j2
Normal file
404
roles/IRC/templates/anope/botserv.conf.j2
Normal file
@ -0,0 +1,404 @@
|
|||||||
|
/*
|
||||||
|
* Example configuration file for BotServ.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* First, create the service. If you do not want to have a 'BotServ', but do want the ability to have
|
||||||
|
* ChanServ assigned to channels for the use of fantasy commands, you may delete the below 'service' block.
|
||||||
|
*
|
||||||
|
* Note that deleting a 'service' block for a pseudoclient that is already online will not remove the
|
||||||
|
* client, the client becomes no different from a normal service bot, so you will have to use botserv/bot
|
||||||
|
* to manually delete the client.
|
||||||
|
*
|
||||||
|
* You may then want to map some of the below commands to other services, like placing botserv/bot on
|
||||||
|
* OperServ so you can delete the below client, and mapping assign and unassign to ChanServ so users are
|
||||||
|
* able to control whether or not ChanServ is in the channel. You may also want to map botserv/set/nobot
|
||||||
|
* to OperServ so you can restrict who can assign the other core service clients.
|
||||||
|
*/
|
||||||
|
service
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
* The name of the BotServ client.
|
||||||
|
* If you change this value, you probably want to change the client directive in the configuration for the botserv module too.
|
||||||
|
*/
|
||||||
|
nick = "BotServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The username of the BotServ client.
|
||||||
|
*/
|
||||||
|
user = "services"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The hostname of the BotServ client.
|
||||||
|
*/
|
||||||
|
host = "ircservices.{{ external_domain }}"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The realname of the BotServ client.
|
||||||
|
*/
|
||||||
|
gecos = "Bot Service"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The modes this client should use.
|
||||||
|
* Do not modify this unless you know what you are doing.
|
||||||
|
*
|
||||||
|
* These modes are very IRCd specific. If left commented, sane defaults
|
||||||
|
* are used based on what protocol module you have loaded.
|
||||||
|
*
|
||||||
|
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||||
|
* not all, usefulness of the client. We will not support you if this client is
|
||||||
|
* unable to do certain things if this option is enabled.
|
||||||
|
*/
|
||||||
|
#modes = "+o"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An optional comma separated list of channels this service should join. Outside
|
||||||
|
* of log channels this is not very useful, as the service will just idle in the
|
||||||
|
* specified channels, and will not accept any types of commands.
|
||||||
|
*
|
||||||
|
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||||
|
*/
|
||||||
|
#channels = "@#services,#mychan"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core BotServ module.
|
||||||
|
*
|
||||||
|
* Provides essential functionality for BotServ.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "botserv"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The name of the client that should be BotServ.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
client = "BotServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The default bot options for newly registered channels. Note that changing these options
|
||||||
|
* will have no effect on channels which are already registered. The list must be separated
|
||||||
|
* by spaces.
|
||||||
|
*
|
||||||
|
* The options are:
|
||||||
|
* - dontkickops: Channel operators will be protected against BotServ kicks
|
||||||
|
* - dontkickvoices: Voiced users will be protected against BotServ kicks
|
||||||
|
* - greet: The channel's BotServ bot will greet incoming users that have set a greet
|
||||||
|
* in their NickServ settings
|
||||||
|
* - fantasy: Enables the use of BotServ fantasy commands in the channel
|
||||||
|
*
|
||||||
|
* This directive is optional, if left blank, there will be no defaults.
|
||||||
|
*/
|
||||||
|
defaults = "greet fantasy"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The minimum number of users there must be in a channel before the bot joins it. The best
|
||||||
|
* value for this setting is 1 or 2. This can be 0, the service bots will not part unless
|
||||||
|
* specifically unassigned, and will keep the channel open.
|
||||||
|
*/
|
||||||
|
minusers = 1
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The bots are currently not affected by any modes or bans when they try to join a channel.
|
||||||
|
* But some people may want to make it act like a real bot, that is, for example, remove all
|
||||||
|
* the bans affecting the bot before joining the channel, remove a ban that affects the bot
|
||||||
|
* set by a user when it is in the channel, and so on. Since it consumes a bit more CPU
|
||||||
|
* time, you should not enable this on larger networks.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
#smartjoin = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Modes to set on service bots when they join channels, comment this out for no modes
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
botmodes = "ao"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* User modes to set on service bots. Read the comment about the service:modes directive
|
||||||
|
* on why this can be a bad idea to set.
|
||||||
|
*/
|
||||||
|
#botumodes = "i"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core BotServ commands.
|
||||||
|
*
|
||||||
|
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||||
|
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||||
|
*
|
||||||
|
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||||
|
*
|
||||||
|
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* Give it a help command. */
|
||||||
|
command { service = "BotServ"; name = "HELP"; command = "generic/help"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* bs_assign
|
||||||
|
*
|
||||||
|
* Provides the commands:
|
||||||
|
* botserv/assign - Used to assign BotServ bots to channels
|
||||||
|
* botserv/unassign - Used to unassign BotServ bots
|
||||||
|
* botserv/set/nobot - Used to prohibit channels from being assigned BotServ bots.
|
||||||
|
*
|
||||||
|
* Used for assigning and unassigning bots to channels.
|
||||||
|
*/
|
||||||
|
module { name = "bs_assign" }
|
||||||
|
command { service = "BotServ"; name = "ASSIGN"; command = "botserv/assign"; }
|
||||||
|
command { service = "BotServ"; name = "UNASSIGN"; command = "botserv/unassign"; }
|
||||||
|
command { service = "BotServ"; name = "SET NOBOT"; command = "botserv/set/nobot"; permission = "botserv/set/nobot"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* bs_autoassign
|
||||||
|
*
|
||||||
|
* Allows service bots to be automatically assigned to channels upon registration.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "bs_autoassign"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Automatically assign ChanServ to channels upon registration.
|
||||||
|
*/
|
||||||
|
bot = "ChanServ"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* bs_badwords
|
||||||
|
*
|
||||||
|
* Provides the command botserv/badwords.
|
||||||
|
*
|
||||||
|
* Used for controlling the channel badword list.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "bs_badwords"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The maximum number of entries a single bad words list can have.
|
||||||
|
*/
|
||||||
|
badwordsmax = 32
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, BotServ will use case sensitive checking for badwords.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
#casesensitive = yes
|
||||||
|
}
|
||||||
|
command { service = "BotServ"; name = "BADWORDS"; command = "botserv/badwords"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* bs_bot
|
||||||
|
*
|
||||||
|
* Provides the command botserv/bot.
|
||||||
|
*
|
||||||
|
* Used for administrating BotServ bots.
|
||||||
|
*/
|
||||||
|
module { name = "bs_bot" }
|
||||||
|
command { service = "BotServ"; name = "BOT"; command = "botserv/bot"; permission = "botserv/bot"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* bs_botlist
|
||||||
|
*
|
||||||
|
* Provides the command botserv/botlist.
|
||||||
|
*
|
||||||
|
* Used for listing all available bots.
|
||||||
|
*/
|
||||||
|
module { name = "bs_botlist" }
|
||||||
|
command { service = "BotServ"; name = "BOTLIST"; command = "botserv/botlist"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* bs_control
|
||||||
|
*
|
||||||
|
* Provides the commands botserv/act and botserv/say.
|
||||||
|
*
|
||||||
|
* Used for making the bot message a channel.
|
||||||
|
*/
|
||||||
|
module { name = "bs_control" }
|
||||||
|
command { service = "BotServ"; name = "ACT"; command = "botserv/act"; }
|
||||||
|
command { service = "BotServ"; name = "SAY"; command = "botserv/say"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* bs_info
|
||||||
|
*
|
||||||
|
* Provides the command botserv/info.
|
||||||
|
*
|
||||||
|
* Used for getting information on bots or channels.
|
||||||
|
*/
|
||||||
|
module { name = "bs_info" }
|
||||||
|
command { service = "BotServ"; name = "INFO"; command = "botserv/info"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* bs_kick
|
||||||
|
*
|
||||||
|
* Provides the commands:
|
||||||
|
* botserv/kick - Dummy help wrapper for the KICK command.
|
||||||
|
* botserv/kick/amsg - Configures BotServ's AMSG kicker.
|
||||||
|
* botserv/kick/badwords - Configures BotServ's badwords kicker.
|
||||||
|
* botserv/kick/bolds - Configures BotServ's bold text kiceker.
|
||||||
|
* botserv/kick/caps - Configures BotServ's capital letters kicker.
|
||||||
|
* botserv/kick/colors - Configures BotServ's color kicker.
|
||||||
|
* botserv/kick/flood - Configures BotServ's flood kicker.
|
||||||
|
* botserv/kick/italics - Configures BotServ's italics kicker.
|
||||||
|
* botserv/kick/repeat - Configures BotServ's repeat kicker.
|
||||||
|
* botserv/kick/reverses - Configures BotServ's reverse kicker.
|
||||||
|
* botserv/kick/underlines - Configures BotServ's reverse kicker.
|
||||||
|
* botserv/set/dontkickops - Used for preventing BotServ from kicking channel operators.
|
||||||
|
* botserv/set/dontkickvoices - Used for preventing BotServ from kicking voices.
|
||||||
|
*
|
||||||
|
* Used for configuring what bots should kick for.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "bs_kick"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The amount of time that data for a user is valid in BotServ. If the data exceeds this time,
|
||||||
|
* it is reset or deleted depending on the case. Do not set it too high, otherwise your
|
||||||
|
* resources will be slightly affected.
|
||||||
|
*/
|
||||||
|
keepdata = 10m
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, the bots will use a kick reason that does not state the word when it is kicking.
|
||||||
|
* This is especially useful if you have young people on your network.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
gentlebadwordreason = yes
|
||||||
|
}
|
||||||
|
command { service = "BotServ"; name = "KICK"; command = "botserv/kick"; }
|
||||||
|
command { service = "BotServ"; name = "KICK AMSG"; command = "botserv/kick/amsg"; }
|
||||||
|
command { service = "BotServ"; name = "KICK BADWORDS"; command = "botserv/kick/badwords"; }
|
||||||
|
command { service = "BotServ"; name = "KICK BOLDS"; command = "botserv/kick/bolds"; }
|
||||||
|
command { service = "BotServ"; name = "KICK CAPS"; command = "botserv/kick/caps"; }
|
||||||
|
command { service = "BotServ"; name = "KICK COLORS"; command = "botserv/kick/colors"; }
|
||||||
|
command { service = "BotServ"; name = "KICK FLOOD"; command = "botserv/kick/flood"; }
|
||||||
|
command { service = "BotServ"; name = "KICK ITALICS"; command = "botserv/kick/italics"; }
|
||||||
|
command { service = "BotServ"; name = "KICK REPEAT"; command = "botserv/kick/repeat"; }
|
||||||
|
command { service = "BotServ"; name = "KICK REVERSES"; command = "botserv/kick/reverses"; }
|
||||||
|
command { service = "BotServ"; name = "KICK UNDERLINES"; command = "botserv/kick/underlines"; }
|
||||||
|
|
||||||
|
command { service = "BotServ"; name = "SET DONTKICKOPS"; command = "botserv/set/dontkickops"; }
|
||||||
|
command { service = "BotServ"; name = "SET DONTKICKVOICES"; command = "botserv/set/dontkickvoices"; }
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* bs_set
|
||||||
|
*
|
||||||
|
* Provides the commands:
|
||||||
|
* botserv/set/private - Used to prohibit specific BotServ bots from being assigned to channels.
|
||||||
|
*/
|
||||||
|
module { name = "bs_set" }
|
||||||
|
command { service = "BotServ"; name = "SET"; command = "botserv/set"; }
|
||||||
|
command { service = "BotServ"; name = "SET BANEXPIRE"; command = "botserv/set/banexpire"; }
|
||||||
|
command { service = "BotServ"; name = "SET PRIVATE"; command = "botserv/set/private"; permission = "botserv/set/private"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* greet
|
||||||
|
*
|
||||||
|
* Provides the commands:
|
||||||
|
* botserv/set/greet - Used for enabling or disabling BotServ's greet messages in a channel.
|
||||||
|
* nickserv/set/greet, nickserv/saset/greet - Used for changing a users greet message, which is displayed when they enter channels.
|
||||||
|
*/
|
||||||
|
module { name = "greet" }
|
||||||
|
command { service = "BotServ"; name = "SET GREET"; command = "botserv/set/greet"; }
|
||||||
|
command { service = "NickServ"; name = "SET GREET"; command = "nickserv/set/greet"; }
|
||||||
|
command { service = "NickServ"; name = "SASET GREET"; command = "nickserv/saset/greet"; permission = "nickserv/saset/greet"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* GREET privilege.
|
||||||
|
*
|
||||||
|
* Used by 'greet'.
|
||||||
|
*
|
||||||
|
* Users with this privilege have their greet shown when they join channels.
|
||||||
|
*/
|
||||||
|
privilege
|
||||||
|
{
|
||||||
|
name = "GREET"
|
||||||
|
rank = 40
|
||||||
|
level = 5
|
||||||
|
flag = "g"
|
||||||
|
xop = "AOP"
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* fantasy
|
||||||
|
*
|
||||||
|
* Allows 'fantaisist' commands to be used in channels.
|
||||||
|
*
|
||||||
|
* Provides the commands:
|
||||||
|
* botserv/set/fantasy - Used for enabling or disabling BotServ's fantasist commands.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "fantasy"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Defines the prefixes for fantasy commands in channels. One of these characters will have to be prepended
|
||||||
|
* to all fantasy commands. If you choose "!", for example, fantasy commands will be "!kick",
|
||||||
|
* "!op", etc. This directive is optional, if left out, the default fantasy character is "!".
|
||||||
|
*/
|
||||||
|
#fantasycharacter = "!."
|
||||||
|
}
|
||||||
|
command { service = "BotServ"; name = "SET FANTASY"; command = "botserv/set/fantasy"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Fantasy commands
|
||||||
|
*
|
||||||
|
* Fantasy commands can be executed in channels that have a BotServ bot by prefixing the
|
||||||
|
* command with one of the fantasy characters configured in botserv's fantasycharacter
|
||||||
|
* directive.
|
||||||
|
*
|
||||||
|
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||||
|
*/
|
||||||
|
fantasy { name = "ACCESS"; command = "chanserv/access"; }
|
||||||
|
fantasy { name = "AKICK"; command = "chanserv/akick"; }
|
||||||
|
fantasy { name = "AOP"; command = "chanserv/xop"; }
|
||||||
|
fantasy { name = "BAN"; command = "chanserv/ban"; }
|
||||||
|
fantasy { name = "CLONE"; command = "chanserv/clone"; }
|
||||||
|
fantasy { name = "DEHALFOP"; command = "chanserv/modes"; }
|
||||||
|
fantasy { name = "DEOP"; command = "chanserv/modes"; }
|
||||||
|
fantasy { name = "DEOWNER"; command = "chanserv/modes"; }
|
||||||
|
fantasy { name = "DEPROTECT"; command = "chanserv/modes"; }
|
||||||
|
fantasy { name = "DEVOICE"; command = "chanserv/modes"; }
|
||||||
|
fantasy { name = "DOWN"; command = "chanserv/down"; }
|
||||||
|
fantasy { name = "ENFORCE"; command = "chanserv/enforce"; }
|
||||||
|
fantasy { name = "ENTRYMSG"; command = "chanserv/entrymsg"; }
|
||||||
|
fantasy { name = "FLAGS"; command = "chanserv/flags"; }
|
||||||
|
fantasy { name = "HALFOP"; command = "chanserv/modes"; }
|
||||||
|
fantasy { name = "HELP"; command = "generic/help"; prepend_channel = false; }
|
||||||
|
fantasy { name = "HOP"; command = "chanserv/xop"; }
|
||||||
|
fantasy { name = "INFO"; command = "chanserv/info"; prepend_channel = false; }
|
||||||
|
fantasy { name = "INVITE"; command = "chanserv/invite"; }
|
||||||
|
fantasy { name = "K"; command = "chanserv/kick"; }
|
||||||
|
fantasy { name = "KB"; command = "chanserv/ban"; }
|
||||||
|
fantasy { name = "KICK"; command = "chanserv/kick"; }
|
||||||
|
fantasy { name = "LEVELS"; command = "chanserv/levels"; }
|
||||||
|
fantasy { name = "LIST"; command = "chanserv/list"; prepend_channel = false; }
|
||||||
|
fantasy { name = "LOG"; command = "chanserv/log"; }
|
||||||
|
fantasy { name = "MODE"; command = "chanserv/mode"; }
|
||||||
|
fantasy { name = "MUTE"; command = "chanserv/ban"; kick = no; mode = "QUIET"; }
|
||||||
|
fantasy { name = "OP"; command = "chanserv/modes"; }
|
||||||
|
fantasy { name = "OWNER"; command = "chanserv/modes"; }
|
||||||
|
fantasy { name = "PROTECT"; command = "chanserv/modes"; }
|
||||||
|
fantasy { name = "QOP"; command = "chanserv/xop"; }
|
||||||
|
fantasy { name = "SEEN"; command = "chanserv/seen"; prepend_channel = false; }
|
||||||
|
fantasy { name = "SOP"; command = "chanserv/xop"; }
|
||||||
|
fantasy { name = "STATUS"; command = "chanserv/status"; }
|
||||||
|
fantasy { name = "SUSPEND"; command = "chanserv/suspend"; permission = "chanserv/suspend"; }
|
||||||
|
fantasy { name = "SYNC"; command = "chanserv/sync"; }
|
||||||
|
fantasy { name = "TOPIC"; command = "chanserv/topic"; }
|
||||||
|
fantasy { name = "UNBAN"; command = "chanserv/unban"; }
|
||||||
|
fantasy { name = "UNSUSPEND"; command = "chanserv/unsuspend"; permission = "chanserv/suspend"; }
|
||||||
|
fantasy { name = "UP"; command = "chanserv/up"; }
|
||||||
|
fantasy { name = "VOICE"; command = "chanserv/modes"; }
|
||||||
|
fantasy { name = "VOP"; command = "chanserv/xop"; }
|
1311
roles/IRC/templates/anope/chanserv.conf.j2
Executable file
1311
roles/IRC/templates/anope/chanserv.conf.j2
Executable file
File diff suppressed because it is too large
Load Diff
115
roles/IRC/templates/anope/global.conf.j2
Executable file
115
roles/IRC/templates/anope/global.conf.j2
Executable file
@ -0,0 +1,115 @@
|
|||||||
|
/*
|
||||||
|
* Example configuration file for Global.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* First, create the service.
|
||||||
|
*/
|
||||||
|
service
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
* The name of the Global client.
|
||||||
|
* If you change this value, you probably want to change the client directive in the configuration for the global module too.
|
||||||
|
*/
|
||||||
|
nick = "Global"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The username of the Global client.
|
||||||
|
*/
|
||||||
|
user = "services"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The hostname of the Global client.
|
||||||
|
*/
|
||||||
|
host = "ircservices.{{ external_domain }}"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The realname of the Global client.
|
||||||
|
*/
|
||||||
|
gecos = "Global Noticer"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The modes this client should use.
|
||||||
|
* Do not modify this unless you know what you are doing.
|
||||||
|
*
|
||||||
|
* These modes are very IRCd specific. If left commented, sane defaults
|
||||||
|
* are used based on what protocol module you have loaded.
|
||||||
|
*
|
||||||
|
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||||
|
* not all, usefulness of the client. We will not support you if this client is
|
||||||
|
* unable to do certain things if this option is enabled.
|
||||||
|
*/
|
||||||
|
#modes = "+o"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An optional comma separated list of channels this service should join. Outside
|
||||||
|
* of log channels this is not very useful, as the service will just idle in the
|
||||||
|
* specified channels, and will not accept any types of commands.
|
||||||
|
*
|
||||||
|
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||||
|
*/
|
||||||
|
#channels = "@#services,#mychan"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core Global module.
|
||||||
|
*
|
||||||
|
* Provides essential functionality for Global.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "global"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The name of the client that should be Global.
|
||||||
|
*/
|
||||||
|
client = "Global"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is the global message that will be sent when Services are being
|
||||||
|
* shutdown/restarted.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
#globaloncycledown = "Services are restarting, they will be back shortly - please be good while we're gone"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is the global message that will be sent when Services (re)join the
|
||||||
|
* network.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
#globaloncycleup = "Services are now back online - have a nice day"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will hide the IRC Operator's nick in a global
|
||||||
|
* message/notice.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
#anonymousglobal = yes
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core Global commands.
|
||||||
|
*
|
||||||
|
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||||
|
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||||
|
*
|
||||||
|
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||||
|
*
|
||||||
|
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* Give it a help command. */
|
||||||
|
command { service = "Global"; name = "HELP"; command = "generic/help"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* gl_global
|
||||||
|
*
|
||||||
|
* Provides the command global/global.
|
||||||
|
*
|
||||||
|
* Used for sending a message to every online user.
|
||||||
|
*/
|
||||||
|
module { name = "gl_global" }
|
||||||
|
command { service = "Global"; name = "GLOBAL"; command = "global/global"; permission = "global/global"; }
|
188
roles/IRC/templates/anope/hostserv.conf.j2
Executable file
188
roles/IRC/templates/anope/hostserv.conf.j2
Executable file
@ -0,0 +1,188 @@
|
|||||||
|
/*
|
||||||
|
* Example configuration file for HostServ.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* First, create the service.
|
||||||
|
*/
|
||||||
|
service
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
* The name of the HostServ client.
|
||||||
|
* If you change this value, you probably want to change the client directive in the configuration for the hostserv module too.
|
||||||
|
*/
|
||||||
|
nick = "HostServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The username of the HostServ client.
|
||||||
|
*/
|
||||||
|
user = "services"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The hostname of the HostServ client.
|
||||||
|
*/
|
||||||
|
host = "ircservices.{{ external_domain }}"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The realname of the HostServ client.
|
||||||
|
*/
|
||||||
|
gecos = "vHost Service"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The modes this client should use.
|
||||||
|
* Do not modify this unless you know what you are doing.
|
||||||
|
*
|
||||||
|
* These modes are very IRCd specific. If left commented, sane defaults
|
||||||
|
* are used based on what protocol module you have loaded.
|
||||||
|
*
|
||||||
|
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||||
|
* not all, usefulness of the client. We will not support you if this client is
|
||||||
|
* unable to do certain things if this option is enabled.
|
||||||
|
*/
|
||||||
|
#modes = "+o"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An optional comma separated list of channels this service should join. Outside
|
||||||
|
* of log channels this is not very useful, as the service will just idle in the
|
||||||
|
* specified channels, and will not accept any types of commands.
|
||||||
|
*
|
||||||
|
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||||
|
*/
|
||||||
|
#channels = "@#services,#mychan"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core HostServ module.
|
||||||
|
*
|
||||||
|
* Provides essential functionality for HostServ.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "hostserv"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The name of the client that should be HostServ.
|
||||||
|
*/
|
||||||
|
client = "HostServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If enabled, vhosts are activated on users immediately when they are set.
|
||||||
|
*/
|
||||||
|
activate_on_set = false
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core HostServ commands.
|
||||||
|
*
|
||||||
|
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||||
|
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||||
|
*
|
||||||
|
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||||
|
*
|
||||||
|
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* Give it a help command. */
|
||||||
|
command { service = "HostServ"; name = "HELP"; command = "generic/help"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* hs_del
|
||||||
|
*
|
||||||
|
* Provides the commands hostserv/del and hostserv/delall.
|
||||||
|
*
|
||||||
|
* Used for removing users' vHosts.
|
||||||
|
*/
|
||||||
|
module { name = "hs_del" }
|
||||||
|
command { service = "HostServ"; name = "DEL"; command = "hostserv/del"; permission = "hostserv/del"; }
|
||||||
|
command { service = "HostServ"; name = "DELALL"; command = "hostserv/delall"; permission = "hostserv/del"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* hs_group
|
||||||
|
*
|
||||||
|
* Provides the command hostserv/group.
|
||||||
|
*
|
||||||
|
* Used for grouping one vHost to many nicks.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "hs_group"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Upon nickserv/group, this option syncs the nick's main vHost to the grouped nick.
|
||||||
|
*/
|
||||||
|
syncongroup = false
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This makes vhosts act as if they are per account.
|
||||||
|
*/
|
||||||
|
synconset = false
|
||||||
|
}
|
||||||
|
command { service = "HostServ"; name = "GROUP"; command = "hostserv/group"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* hs_list
|
||||||
|
*
|
||||||
|
* Provides the command hostserv/list.
|
||||||
|
*
|
||||||
|
* Used for listing actively set vHosts.
|
||||||
|
*/
|
||||||
|
module { name = "hs_list" }
|
||||||
|
command { service = "HostServ"; name = "LIST"; command = "hostserv/list"; permission = "hostserv/list"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* hs_off
|
||||||
|
*
|
||||||
|
* Provides the command hostserv/off.
|
||||||
|
*
|
||||||
|
* Used for turning off your vHost.
|
||||||
|
*/
|
||||||
|
module { name = "hs_off" }
|
||||||
|
command { service = "HostServ"; name = "OFF"; command = "hostserv/off"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* hs_on
|
||||||
|
*
|
||||||
|
* Provides the command hostserv/on.
|
||||||
|
*
|
||||||
|
* Used for turning on your vHost.
|
||||||
|
*/
|
||||||
|
module { name = "hs_on" }
|
||||||
|
command { service = "HostServ"; name = "ON"; command = "hostserv/on"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* hs_request
|
||||||
|
*
|
||||||
|
* Provides the commands hostserv/request, hostserv/activate, hostserv/reject, and hostserv/waiting.
|
||||||
|
*
|
||||||
|
* Used to manage vHosts requested by users.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "hs_request"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will send a memo to the user requesting a vHost when it's been
|
||||||
|
* approved or rejected.
|
||||||
|
*/
|
||||||
|
memouser = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will send a memo to all Services staff when a new vHost is requested.
|
||||||
|
*/
|
||||||
|
memooper = yes
|
||||||
|
}
|
||||||
|
command { service = "HostServ"; name = "REQUEST"; command = "hostserv/request"; }
|
||||||
|
command { service = "HostServ"; name = "ACTIVATE"; command = "hostserv/activate"; permission = "hostserv/set"; }
|
||||||
|
command { service = "HostServ"; name = "REJECT"; command = "hostserv/reject"; permission = "hostserv/set"; }
|
||||||
|
command { service = "HostServ"; name = "WAITING"; command = "hostserv/waiting"; permission = "hostserv/set"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* hs_set
|
||||||
|
*
|
||||||
|
* Provides the commands hostserv/set and hostserv/setall.
|
||||||
|
*
|
||||||
|
* Used for setting users' vHosts.
|
||||||
|
*/
|
||||||
|
module { name = "hs_set" }
|
||||||
|
command { service = "HostServ"; name = "SET"; command = "hostserv/set"; permission = "hostserv/set"; }
|
||||||
|
command { service = "HostServ"; name = "SETALL"; command = "hostserv/setall"; permission = "hostserv/set"; }
|
243
roles/IRC/templates/anope/memoserv.conf.j2
Normal file
243
roles/IRC/templates/anope/memoserv.conf.j2
Normal file
@ -0,0 +1,243 @@
|
|||||||
|
/*
|
||||||
|
* Example configuration file for MemoServ.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* First, create the service.
|
||||||
|
*/
|
||||||
|
service
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
* The name of the MemoServ client.
|
||||||
|
* If you change this value, you probably want to change the client directive in the configuration for the memoserv module too.
|
||||||
|
*/
|
||||||
|
nick = "MemoServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The username of the MemoServ client.
|
||||||
|
*/
|
||||||
|
user = "services"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The hostname of the MemoServ client.
|
||||||
|
*/
|
||||||
|
host = "ircservices.{{ external_domain }}"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The realname of the MemoServ client.
|
||||||
|
*/
|
||||||
|
gecos = "Memo Service"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The modes this client should use.
|
||||||
|
* Do not modify this unless you know what you are doing.
|
||||||
|
*
|
||||||
|
* These modes are very IRCd specific. If left commented, sane defaults
|
||||||
|
* are used based on what protocol module you have loaded.
|
||||||
|
*
|
||||||
|
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||||
|
* not all, usefulness of the client. We will not support you if this client is
|
||||||
|
* unable to do certain things if this option is enabled.
|
||||||
|
*/
|
||||||
|
#modes = "+o"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An optional comma separated list of channels this service should join. Outside
|
||||||
|
* of log channels this is not very useful, as the service will just idle in the
|
||||||
|
* specified channels, and will not accept any types of commands.
|
||||||
|
*
|
||||||
|
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||||
|
*/
|
||||||
|
#channels = "@#services,#mychan"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core MemoServ module.
|
||||||
|
*
|
||||||
|
* Provides essential functionality for MemoServ.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "memoserv"
|
||||||
|
/*
|
||||||
|
* The name of the client that should be MemoServ. Clients are configured
|
||||||
|
* with the service blocks.
|
||||||
|
*/
|
||||||
|
client = "MemoServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The maximum number of memos a user is allowed to keep by default. Normal users may set the
|
||||||
|
* limit anywhere between 0 and this value. Services Admins can change it to any value or
|
||||||
|
* disable it.
|
||||||
|
*
|
||||||
|
* This directive is optional, but recommended. If not set, the limit is disabled
|
||||||
|
* by default, and normal users can set any limit they want.
|
||||||
|
*/
|
||||||
|
maxmemos = 20
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The delay between consecutive uses of the MemoServ SEND command. This can help prevent spam
|
||||||
|
* as well as denial-of-service attacks from sending large numbers of memos and filling up disk
|
||||||
|
* space (and memory). The default 3-second wait means a maximum average of 150 bytes of memo
|
||||||
|
* per second per user under the current IRC protocol.
|
||||||
|
*
|
||||||
|
* This directive is optional, but recommended.
|
||||||
|
*/
|
||||||
|
senddelay = 3s
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core MemoServ commands.
|
||||||
|
*
|
||||||
|
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||||
|
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||||
|
*
|
||||||
|
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||||
|
*
|
||||||
|
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* Give it a help command. */
|
||||||
|
command { service = "MemoServ"; name = "HELP"; command = "generic/help"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_cancel
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/cancel.
|
||||||
|
*
|
||||||
|
* Used to cancel memos already sent but not yet read.
|
||||||
|
*/
|
||||||
|
module { name = "ms_cancel" }
|
||||||
|
command { service = "MemoServ"; name = "CANCEL"; command = "memoserv/cancel"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_check
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/check.
|
||||||
|
*
|
||||||
|
* Used to check if a sent memo has been read.
|
||||||
|
*/
|
||||||
|
module { name = "ms_check" }
|
||||||
|
command { service = "MemoServ"; name = "CHECK"; command = "memoserv/check"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_del
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/del.
|
||||||
|
*
|
||||||
|
* Used to delete your memos.
|
||||||
|
*/
|
||||||
|
module { name = "ms_del" }
|
||||||
|
command { service = "MemoServ"; name = "DEL"; command = "memoserv/del"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_ignore
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/ignore.
|
||||||
|
*
|
||||||
|
* Used to ignore memos from specific users.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "ms_ignore"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The maximum number of entries that may be on a memo ignore list.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
max = 32
|
||||||
|
}
|
||||||
|
command { service = "MemoServ"; name = "IGNORE"; command = "memoserv/ignore"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_info
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/info.
|
||||||
|
*
|
||||||
|
* Used to show memo related information about an account or a channel.
|
||||||
|
*/
|
||||||
|
module { name = "ms_info" }
|
||||||
|
command { service = "MemoServ"; name = "INFO"; command = "memoserv/info"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_list
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/list.
|
||||||
|
*
|
||||||
|
* Used to list your current memos.
|
||||||
|
*/
|
||||||
|
module { name = "ms_list" }
|
||||||
|
command { service = "MemoServ"; name = "LIST"; command = "memoserv/list"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_read
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/read.
|
||||||
|
*
|
||||||
|
* Used to read your memos.
|
||||||
|
*/
|
||||||
|
module { name = "ms_read" }
|
||||||
|
command { service = "MemoServ"; name = "READ"; command = "memoserv/read"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_rsend
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/rsend.
|
||||||
|
*
|
||||||
|
* Used to send a memo requiring a receipt be sent back once it is read.
|
||||||
|
*
|
||||||
|
* Requires configuring memoserv:memoreceipt.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "ms_rsend"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Only allow Services Operators to use ms_rsend.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
operonly = false
|
||||||
|
}
|
||||||
|
#command { service = "MemoServ"; name = "RSEND"; command = "memoserv/rsend"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_send
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/send.
|
||||||
|
*
|
||||||
|
* Used to send memos.
|
||||||
|
*/
|
||||||
|
module { name = "ms_send" }
|
||||||
|
command { service = "MemoServ"; name = "SEND"; command = "memoserv/send"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_sendall
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/sendall.
|
||||||
|
*
|
||||||
|
* Used to send a mass memo to every registered user.
|
||||||
|
*/
|
||||||
|
module { name = "ms_sendall" }
|
||||||
|
command { service = "MemoServ"; name = "SENDALL"; command = "memoserv/sendall"; permission = "memoserv/sendall"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_set
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/set.
|
||||||
|
*
|
||||||
|
* Used to set settings such as how you are notified of new memos, and your memo limit.
|
||||||
|
*/
|
||||||
|
module { name = "ms_set" }
|
||||||
|
command { service = "MemoServ"; name = "SET"; command = "memoserv/set"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ms_staff
|
||||||
|
*
|
||||||
|
* Provides the command memoserv/staff.
|
||||||
|
*
|
||||||
|
* Used to send a memo to all registered staff members.
|
||||||
|
*/
|
||||||
|
module { name = "ms_staff" }
|
||||||
|
command { service = "MemoServ"; name = "STAFF"; command = "memoserv/staff"; permission = "memoserv/staff"; }
|
797
roles/IRC/templates/anope/modules.conf.j2
Normal file
797
roles/IRC/templates/anope/modules.conf.j2
Normal file
@ -0,0 +1,797 @@
|
|||||||
|
/*
|
||||||
|
* [OPTIONAL] Non-Core Modules
|
||||||
|
*
|
||||||
|
* The following blocks are used to load all non-core modules, including 3rd-party modules.
|
||||||
|
* Modules can be prevented from loading by commenting out the line, other modules can be added by
|
||||||
|
* adding a module block. These modules will be loaded prior to Services connecting to your network.
|
||||||
|
*
|
||||||
|
* Note that some of these modules are labeled EXTRA, and must be enabled prior to compiling by
|
||||||
|
* running the 'extras' script on Linux and UNIX.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* help
|
||||||
|
*
|
||||||
|
* Provides the command generic/help.
|
||||||
|
*
|
||||||
|
* This is a generic help command that can be used with any client.
|
||||||
|
*/
|
||||||
|
module { name = "help" }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_ldap [EXTRA]
|
||||||
|
*
|
||||||
|
* This module allows other modules to use LDAP. By itself, this module does nothing useful.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "m_ldap"
|
||||||
|
|
||||||
|
ldap
|
||||||
|
{
|
||||||
|
server = "ldap://127.0.0.1"
|
||||||
|
port = 389
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Admin credentials used for performing searches and adding users.
|
||||||
|
*/
|
||||||
|
admin_binddn = "uid=binduser,{{ ldap['userou'] }},{{ ldap['orgdn'] }}"
|
||||||
|
admin_password = "{{ secrets['Sora']['bindpassword'] }}"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_ldap_authentication [EXTRA]
|
||||||
|
*
|
||||||
|
* This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use
|
||||||
|
* LDAP to authenticate users. Requires m_ldap.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "m_ldap_authentication"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The distinguished name used for searching for users's accounts.
|
||||||
|
*/
|
||||||
|
basedn = "{{ ldap['userou'] }},{{ ldap['orgdn'] }}"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The search filter used to look up users's accounts.
|
||||||
|
* %account is replaced with the user's account.
|
||||||
|
* %object_class is replaced with the object_class configured below.
|
||||||
|
*/
|
||||||
|
search_filter = "uid=%account"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The object class used by LDAP to store user account information.
|
||||||
|
* This is used for adding new users to LDAP if registration is allowed.
|
||||||
|
*/
|
||||||
|
object_class = "organizationalPerson"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The attribute value used for account names.
|
||||||
|
*/
|
||||||
|
username_attribute = "uid"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The attribute value used for email addresses.
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
email_attribute = "email"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The attribute value used for passwords.
|
||||||
|
* Used when registering new accounts in LDAP.
|
||||||
|
*/
|
||||||
|
password_attribute = "userPassword"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, the reason to give the users who try to register with nickserv,
|
||||||
|
* including nick registration from grouping.
|
||||||
|
*
|
||||||
|
* If not set, then registration is not blocked.
|
||||||
|
*/
|
||||||
|
#disable_register_reason = "To register on this network, contact a netadmin in #lobby. They will need to add an AniNIX/Sora LDAP account for you."
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, the reason to give the users who try to "/msg NickServ SET EMAIL".
|
||||||
|
* If not set, then email changing is not blocked.
|
||||||
|
*/
|
||||||
|
disable_email_reason = "Not allowed -- this network does not use email for account management."
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_dns
|
||||||
|
*
|
||||||
|
* Adds support for the DNS protocol. By itself this module does nothing useful,
|
||||||
|
* but other modules such as m_dnsbl and os_dns require this.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_dns"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The nameserver to use for resolving hostnames, must be an IP or a resolver configuration file.
|
||||||
|
* The below should work fine on all unix like systems. Windows users will have to find their nameservers
|
||||||
|
* from ipconfig /all and put the IP here.
|
||||||
|
*/
|
||||||
|
nameserver = "/etc/resolv.conf"
|
||||||
|
#nameserver = "127.0.0.1"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* How long to wait in seconds before a DNS query has timed out.
|
||||||
|
*/
|
||||||
|
timeout = 5
|
||||||
|
|
||||||
|
|
||||||
|
/* Only edit below if you are expecting to use os_dns or otherwise answer DNS queries. */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The IP and port services use to listen for DNS queries.
|
||||||
|
* Note that ports less than 1024 are privileged on UNIX/Linux systems, and
|
||||||
|
* require Anope to be started as root. If you do this, it is recommended you
|
||||||
|
* set options:user and options:group so Anope can change users after binding
|
||||||
|
* to this port.
|
||||||
|
*/
|
||||||
|
ip = "0.0.0.0"
|
||||||
|
port = 53
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* SOA record information.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* E-mail address of the DNS administrator. */
|
||||||
|
admin = "admin@example.com"
|
||||||
|
|
||||||
|
/* This should be the names of the public facing nameservers serving the records. */
|
||||||
|
nameservers = "ns1.example.com ns2.example.com"
|
||||||
|
|
||||||
|
/* The time slave servers are allowed to cache. This should be reasonably low
|
||||||
|
* if you want your records to be updated without much delay.
|
||||||
|
*/
|
||||||
|
refresh = 3600
|
||||||
|
|
||||||
|
/* A notify block. There should probably be one per nameserver listed in 'nameservers'.
|
||||||
|
*/
|
||||||
|
notify
|
||||||
|
{
|
||||||
|
ip = "192.0.2.0"
|
||||||
|
port = 53
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_dnsbl
|
||||||
|
*
|
||||||
|
* Allows configurable DNS blacklists to check connecting users against. If a user
|
||||||
|
* is found on the blacklist they will be immediately banned. This is a crucial module
|
||||||
|
* to prevent bot attacks.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_dnsbl"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will check clients against the DNSBLs when services connect to its uplink.
|
||||||
|
* This is not recommended, and on large networks will open a very large amount of DNS queries.
|
||||||
|
* Whilst services are not drastically affected by this, your nameserver/DNSBL might care.
|
||||||
|
*/
|
||||||
|
check_on_connect = no
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will check clients when coming back from a netsplit. This can cause a large number
|
||||||
|
* of DNS queries open at once. Whilst services are not drastically affected by this, your nameserver/DNSBL
|
||||||
|
* might care.
|
||||||
|
*/
|
||||||
|
check_on_netburst = no
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, OperServ will add clients found in the DNSBL to the akill list. Without it, OperServ simply sends
|
||||||
|
* a timed G/K-line to the IRCd and forgets about it. Can be useful if your akill list is being fill up by bots.
|
||||||
|
*/
|
||||||
|
add_to_akill = yes
|
||||||
|
|
||||||
|
blacklist
|
||||||
|
{
|
||||||
|
/* Name of the blacklist. */
|
||||||
|
name = "rbl.efnetrbl.org"
|
||||||
|
|
||||||
|
/* How long to set the ban for. */
|
||||||
|
time = 4h
|
||||||
|
|
||||||
|
/* Reason for akill.
|
||||||
|
* %n is the nick of the user
|
||||||
|
* %u is the ident/username of the user
|
||||||
|
* %g is the realname of the user
|
||||||
|
* %h is the hostname of the user
|
||||||
|
* %i is the IP of the user
|
||||||
|
* %r is the reply reason (configured below). Will be nothing if not configured.
|
||||||
|
* %N is the network name set in networkinfo:networkname
|
||||||
|
*/
|
||||||
|
reason = "You are listed in the efnet RBL, visit http://rbl.efnetrbl.org/?i=%i for info"
|
||||||
|
|
||||||
|
/* Replies to ban and their reason. If no relies are configured, all replies get banned. */
|
||||||
|
reply
|
||||||
|
{
|
||||||
|
code = 1
|
||||||
|
reason = "Open Proxy"
|
||||||
|
}
|
||||||
|
|
||||||
|
#reply
|
||||||
|
{
|
||||||
|
code = 2
|
||||||
|
reason = "spamtrap666"
|
||||||
|
}
|
||||||
|
|
||||||
|
#reply
|
||||||
|
{
|
||||||
|
code = 3
|
||||||
|
reason = "spamtrap50"
|
||||||
|
}
|
||||||
|
|
||||||
|
reply
|
||||||
|
{
|
||||||
|
code = 4
|
||||||
|
reason = "TOR"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, users identified to services at the time the result comes back
|
||||||
|
* will not be banned.
|
||||||
|
*/
|
||||||
|
#allow_account = yes
|
||||||
|
}
|
||||||
|
|
||||||
|
reply
|
||||||
|
{
|
||||||
|
code = 5
|
||||||
|
reason = "Drones / Flooding"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#blacklist
|
||||||
|
{
|
||||||
|
name = "dnsbl.dronebl.org"
|
||||||
|
time = 4h
|
||||||
|
reason = "You have a host listed in the DroneBL. For more information, visit http://dronebl.org/lookup_branded?ip=%i&network=%N"
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Exempt localhost from DNSBL checks */
|
||||||
|
exempt { ip = "127.0.0.1" }
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_helpchan
|
||||||
|
*
|
||||||
|
* Gives users who are op in the specified help channel usermode +h (helpop).
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_helpchan"
|
||||||
|
|
||||||
|
helpchannel = "#help"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_httpd
|
||||||
|
*
|
||||||
|
* Allows services to serve web pages. By itself, this module does nothing useful.
|
||||||
|
*
|
||||||
|
* Note that using this will allow users to get the IP of your services.
|
||||||
|
* To prevent this we recommend using a reverse proxy or a tunnel.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_httpd"
|
||||||
|
|
||||||
|
httpd
|
||||||
|
{
|
||||||
|
/* Name of this service. */
|
||||||
|
name = "httpd/main"
|
||||||
|
|
||||||
|
/* IP to listen on. */
|
||||||
|
ip = "0.0.0.0"
|
||||||
|
|
||||||
|
/* Port to listen on. */
|
||||||
|
port = 8080
|
||||||
|
|
||||||
|
/* Time before connections to this server are timed out. */
|
||||||
|
timeout = 30
|
||||||
|
|
||||||
|
/* Listen using SSL. Requires an SSL module. */
|
||||||
|
#ssl = yes
|
||||||
|
|
||||||
|
/* If you are using a reverse proxy that sends one of the
|
||||||
|
* extforward_headers set below, set this to its IP.
|
||||||
|
* This allows services to obtain the real IP of users by
|
||||||
|
* reading the forwarded-for HTTP header.
|
||||||
|
*/
|
||||||
|
#extforward_ip = "192.168.0.255"
|
||||||
|
|
||||||
|
/* The header to look for. These probably work as is. */
|
||||||
|
extforward_header = "X-Forwarded-For Forwarded-For"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_ldap_oper [EXTRA]
|
||||||
|
*
|
||||||
|
* This module dynamically ties users to Anope opertypes when they identify
|
||||||
|
* via LDAP group membership. Requires m_ldap.
|
||||||
|
*
|
||||||
|
* Note that this doesn't give the user privileges on the IRCd, only in Services.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_ldap_oper"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An optional binddn to use when searching for groups.
|
||||||
|
* %a is replaced with the account name of the user.
|
||||||
|
*/
|
||||||
|
#binddn = "cn=Manager,dc=anope,dc=org"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An optional password to bind with.
|
||||||
|
*/
|
||||||
|
#password = "secret"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The base DN where the groups are.
|
||||||
|
*/
|
||||||
|
basedn = "ou=groups,dc=anope,dc=org"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The filter to use when searching for users.
|
||||||
|
* %a is replaced with the account name of the user.
|
||||||
|
*/
|
||||||
|
filter = "(member=uid=%a,ou=users,dc=anope,dc=org)"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The attribute of the group that is the name of the opertype.
|
||||||
|
* The cn attribute should match a known opertype in the config.
|
||||||
|
*/
|
||||||
|
opertype_attribute = "cn"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_mysql [EXTRA]
|
||||||
|
*
|
||||||
|
* This module allows other modules to use MySQL.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_mysql"
|
||||||
|
|
||||||
|
mysql
|
||||||
|
{
|
||||||
|
/* The name of this service. */
|
||||||
|
name = "mysql/main"
|
||||||
|
database = "anope"
|
||||||
|
server = "127.0.0.1"
|
||||||
|
username = "anope"
|
||||||
|
password =
|
||||||
|
port = 3306
|
||||||
|
}
|
||||||
|
}
|
||||||
|
/*
|
||||||
|
* m_redis
|
||||||
|
*
|
||||||
|
* This module allows other modules to use Redis.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_redis"
|
||||||
|
|
||||||
|
/* A redis database */
|
||||||
|
redis
|
||||||
|
{
|
||||||
|
/* The name of this service */
|
||||||
|
name = "redis/main"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The redis database to use. New connections default to 0.
|
||||||
|
*/
|
||||||
|
db = 0
|
||||||
|
|
||||||
|
ip = "127.0.0.1"
|
||||||
|
port = 6379
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_regex_pcre [EXTRA]
|
||||||
|
*
|
||||||
|
* Provides the regex engine regex/pcre, which uses the Perl Compatible Regular Expressions library.
|
||||||
|
*/
|
||||||
|
#module { name = "m_regex_pcre" }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_regex_posix [EXTRA]
|
||||||
|
*
|
||||||
|
* Provides the regex engine regex/posix, which uses the POSIX compliant regular expressions.
|
||||||
|
* This is likely the only regex module you will not need extra libraries for.
|
||||||
|
*/
|
||||||
|
#module { name = "m_regex_posix" }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_regex_tre [EXTRA]
|
||||||
|
*
|
||||||
|
* Provides the regex engine regex/tre, which uses the TRE regex library.
|
||||||
|
*/
|
||||||
|
#module { name = "m_regex_tre" }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_rewrite
|
||||||
|
*
|
||||||
|
* Allows rewriting commands sent to/from clients.
|
||||||
|
*/
|
||||||
|
#module { name = "m_rewrite" }
|
||||||
|
#command
|
||||||
|
{
|
||||||
|
service = "ChanServ"; name = "CLEAR"; command = "rewrite"
|
||||||
|
|
||||||
|
/* Enable m_rewrite. */
|
||||||
|
rewrite = true
|
||||||
|
|
||||||
|
/* Source message to match. A $ can be used to match anything. */
|
||||||
|
rewrite_source = "CLEAR $ USERS"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Message to rewrite the source message to. A $ followed by a number, eg $0, gets
|
||||||
|
* replaced by the number-th word from the source_message, starting from 0.
|
||||||
|
*/
|
||||||
|
rewrite_target = "KICK $1 *"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The command description. This only shows up in HELP's output.
|
||||||
|
* Comment this option to prevent the command from showing in the
|
||||||
|
* HELP command.
|
||||||
|
*/
|
||||||
|
rewrite_description = "Clears all users from a channel"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_proxyscan
|
||||||
|
*
|
||||||
|
* This module allows you to scan connecting clients for open proxies.
|
||||||
|
* Note that using this will allow users to get the IP of your services.
|
||||||
|
*
|
||||||
|
* Currently the two supported proxy types are HTTP and SOCKS5.
|
||||||
|
*
|
||||||
|
* The proxy scanner works by attempting to connect to clients when they
|
||||||
|
* connect to the network, and if they have a proxy running instruct it to connect
|
||||||
|
* back to services. If services are able to connect through the proxy to itself
|
||||||
|
* then it knows it is an insecure proxy, and will ban it.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_proxyscan"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The target IP services tells the proxy to connect back to. This must be a publicly
|
||||||
|
* available IP that remote proxies can connect to.
|
||||||
|
*/
|
||||||
|
#target_ip = "127.0.0.1"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The port services tells the proxy to connect to.
|
||||||
|
*/
|
||||||
|
target_port = 7226
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The listen IP services listen on for incoming connections from suspected proxies.
|
||||||
|
* This probably will be the same as target_ip, but may not be if you are behind a firewall (NAT).
|
||||||
|
*/
|
||||||
|
#listen_ip = "127.0.0.1"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The port services should listen on for incoming connections from suspected proxies.
|
||||||
|
* This most likely will be the same as target_port.
|
||||||
|
*/
|
||||||
|
listen_port = 7226
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An optional notice sent to clients upon connect.
|
||||||
|
*/
|
||||||
|
#connect_notice = "We will now scan your host for insecure proxies. If you do not consent to this scan please disconnect immediately."
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Who the notice should be sent from.
|
||||||
|
*/
|
||||||
|
#connect_source = "OperServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, OperServ will add infected clients to the akill list. Without it, OperServ simply sends
|
||||||
|
* a timed G/K-line to the IRCd and forgets about it. Can be useful if your akill list is being filled up by bots.
|
||||||
|
*/
|
||||||
|
add_to_akill = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* How long before connections should be timed out.
|
||||||
|
*/
|
||||||
|
timeout = 5
|
||||||
|
|
||||||
|
proxyscan
|
||||||
|
{
|
||||||
|
/* The type of proxy to check for. A comma separated list is allowed. */
|
||||||
|
type = "HTTP"
|
||||||
|
|
||||||
|
/* The ports to check. */
|
||||||
|
port = "80,8080"
|
||||||
|
|
||||||
|
/* How long to set the ban for. */
|
||||||
|
time = 4h
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The reason to ban the user for.
|
||||||
|
* %h is replaced with the type of proxy found.
|
||||||
|
* %i is replaced with the IP of proxy found.
|
||||||
|
* %p is replaced with the port.
|
||||||
|
*/
|
||||||
|
reason = "You have an open proxy running on your host (%t:%i:%p)"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_sasl
|
||||||
|
*
|
||||||
|
* Some IRCds allow "SASL" authentication to let users identify to Services
|
||||||
|
* during the IRCd user registration process. If this module is loaded, Services will allow
|
||||||
|
* authenticating users through this mechanism. Supported mechanisms are:
|
||||||
|
* PLAIN, EXTERNAL.
|
||||||
|
*/
|
||||||
|
#module { name = "m_sasl" }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_sasl_dh-aes [EXTRA]
|
||||||
|
*
|
||||||
|
* Add the DH-AES mechanism to SASL.
|
||||||
|
* Requires m_sasl to be loaded.
|
||||||
|
* Requires openssl.
|
||||||
|
*/
|
||||||
|
#module { name = "m_sasl_dh-aes" }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_sasl_dh-blowfish [EXTRA]
|
||||||
|
*
|
||||||
|
* Add the DH-BLOWFISH mechanism to SASL.
|
||||||
|
* Requires m_sasl to be loaded.
|
||||||
|
* Requires openssl.
|
||||||
|
*/
|
||||||
|
#module { name = "m_sasl_dh-blowfish" }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_ssl_gnutls [EXTRA]
|
||||||
|
*
|
||||||
|
* This module provides SSL services to Anope using GnuTLS, for example to
|
||||||
|
* connect to the uplink server(s) via SSL.
|
||||||
|
*
|
||||||
|
* You may only load either m_ssl_gnutls or m_ssl_openssl, bot not both.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_ssl_gnutls"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An optional certificate and key for m_ssl_gnutls to give to the uplink.
|
||||||
|
*
|
||||||
|
* You can generate your own certificate and key pair by using:
|
||||||
|
*
|
||||||
|
* certtool --generate-privkey --bits 2048 --outfile anope.key
|
||||||
|
* certtool --generate-self-signed --load-privkey anope.key --outfile anope.crt
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
cert = "data/anope.crt"
|
||||||
|
key = "data/anope.key"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Diffie-Hellman parameters to use when acting as a server. This is only
|
||||||
|
* required for TLS servers that want to use ephemeral DH cipher suites.
|
||||||
|
*
|
||||||
|
* This is NOT required for Anope to connect to the uplink server(s) via SSL.
|
||||||
|
*
|
||||||
|
* You can generate DH parameters by using:
|
||||||
|
*
|
||||||
|
* certtool --generate-dh-params --bits 2048 --outfile dhparams.pem
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
# dhparams = "data/dhparams.pem"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_ssl_openssl [EXTRA]
|
||||||
|
*
|
||||||
|
* This module provides SSL services to Anope using OpenSSL, for example to
|
||||||
|
* connect to the uplink server(s) via SSL.
|
||||||
|
*
|
||||||
|
* You may only load either m_ssl_openssl or m_ssl_gnutls, bot not both.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_ssl_openssl"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An optional certificate and key for m_ssl_openssl to give to the uplink.
|
||||||
|
*
|
||||||
|
* You can generate your own certificate and key pair by using:
|
||||||
|
*
|
||||||
|
* openssl genrsa -out anope.key 2048
|
||||||
|
* openssl req -new -x509 -key anope.key -out anope.crt -days 1095
|
||||||
|
*/
|
||||||
|
cert = "data/anope.crt"
|
||||||
|
key = "data/anope.key"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* As of 2014 SSL 3.0 is considered insecure, but it might be enabled
|
||||||
|
* on some systems by default for compatibility reasons.
|
||||||
|
* You can use the following option to enable or disable it explicitly.
|
||||||
|
* Leaving this option not set defaults to the default system behavior.
|
||||||
|
*/
|
||||||
|
#sslv3 = no
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_sql_authentication [EXTRA]
|
||||||
|
*
|
||||||
|
* This module allows authenticating users against an external SQL database using a custom
|
||||||
|
* query.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_sql_authentication"
|
||||||
|
|
||||||
|
/* SQL engine to use. Should be configured elsewhere with m_mysql, m_sqlite, etc. */
|
||||||
|
engine = "mysql/main"
|
||||||
|
|
||||||
|
/* Query to execute to authenticate. A non empty result from this query is considered a success,
|
||||||
|
* and the user will be authenticated.
|
||||||
|
*
|
||||||
|
* @a@ is replaced with the user's account name
|
||||||
|
* @p@ is replaced with the user's password
|
||||||
|
* @n@ is replaced with the user's nickname
|
||||||
|
* @i@ is replaced with the user's IP
|
||||||
|
*
|
||||||
|
* Note that @n@ and @i@ may not always exist in the case of a user identifying outside of the normal
|
||||||
|
* nickserv/identify command, such as through the web panel.
|
||||||
|
*
|
||||||
|
* Furthermore, if a field named email is returned from this query the user's email is
|
||||||
|
* set to its value.
|
||||||
|
*
|
||||||
|
*
|
||||||
|
* We've included some example queries for some popular website/forum systems.
|
||||||
|
*
|
||||||
|
* Drupal 6: "SELECT `mail` AS `email` FROM `users` WHERE `name` = @a@ AND `pass` = MD5(@p@) AND `status` = 1"
|
||||||
|
* e107 cms: "SELECT `user_email` AS `email` FROM `e107_user` WHERE `user_loginname` = @a@ AND `user_password` = MD5(@p@)"
|
||||||
|
* SMF Forum: "SELECT `email_address` AS `email` FROM `smf_members` WHERE `member_name` = @a@ AND `passwd` = SHA1(CONCAT(LOWER(@a@), @p@))"
|
||||||
|
* vBulletin: "SELECT `email` FROM `user` WHERE `username` = @a@ AND `password` = MD5(CONCAT(MD5(@p@), `salt`))"
|
||||||
|
* IP.Board: "SELECT `email` FROM `ibf_members` WHERE `name` = @a@ AND `members_pass_hash` = MD5(CONCAT(MD5(`members_pass_salt`), MD5(@p@)))"
|
||||||
|
*/
|
||||||
|
query = "SELECT `email_addr` AS `email` FROM `my_users` WHERE `username` = @a@ AND `password` = MD5(CONCAT('salt', @p@))"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, the reason to give the users who try to "/msg NickServ REGISTER".
|
||||||
|
* If not set, then registration is not blocked.
|
||||||
|
*/
|
||||||
|
#disable_reason = "To register on this network visit http://some.misconfigured.site/register"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, the reason to give the users who try to "/msg NickServ SET EMAIL".
|
||||||
|
* If not set, then email changing is not blocked.
|
||||||
|
*/
|
||||||
|
#disable_email_reason = "To change your email address visit http://some.misconfigured.site"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_sql_log [EXTRA]
|
||||||
|
*
|
||||||
|
* This module adds an additional target option to log{} blocks
|
||||||
|
* that allows logging Service's logs to SQL. To log to SQL, add
|
||||||
|
* the SQL service name to log:targets prefixed by sql_log:. For
|
||||||
|
* example:
|
||||||
|
*
|
||||||
|
* log
|
||||||
|
* {
|
||||||
|
* targets = "services.log sql_log:mysql/main"
|
||||||
|
* ...
|
||||||
|
* }
|
||||||
|
*
|
||||||
|
* By default this module logs to the table `logs`, and will create
|
||||||
|
* it if it doesn't exist. This module does not create any indexes (keys)
|
||||||
|
* on the table and it is recommended you add them yourself as necessary.
|
||||||
|
*/
|
||||||
|
#module { name = "m_sql_log" }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_sql_oper [EXTRA]
|
||||||
|
*
|
||||||
|
* This module allows granting users services operator privileges and possibly IRC Operator
|
||||||
|
* privileges based on an external SQL database using a custom query.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_sql_oper"
|
||||||
|
|
||||||
|
/* SQL engine to use. Should be configured elsewhere with m_mysql, m_sqlite, etc. */
|
||||||
|
engine = "mysql/main"
|
||||||
|
|
||||||
|
/* Query to execute to determine if a user should have operator privileges.
|
||||||
|
* A field named opertype must be returned in order to link the user to their oper type.
|
||||||
|
* The oper types must be configured earlier in services.conf.
|
||||||
|
*
|
||||||
|
* If a field named modes is returned from this query then those modes are set on the user.
|
||||||
|
* Without this, only a simple +o is sent.
|
||||||
|
*
|
||||||
|
* @a@ is replaced with the user's account name
|
||||||
|
* @i@ is replaced with the user's IP
|
||||||
|
*/
|
||||||
|
query = "SELECT `opertype` FROM `my_users` WHERE `user_name` = @a@"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_sqlite [EXTRA]
|
||||||
|
*
|
||||||
|
* This module allows other modules to use SQLite.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_sqlite"
|
||||||
|
|
||||||
|
/* A SQLite database */
|
||||||
|
sqlite
|
||||||
|
{
|
||||||
|
/* The name of this service. */
|
||||||
|
name = "sqlite/main"
|
||||||
|
|
||||||
|
/* The database name, it will be created if it does not exist. */
|
||||||
|
database = "anope.db"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* webcpanel
|
||||||
|
*
|
||||||
|
* This module creates a web configuration panel that allows users and operators to perform any task
|
||||||
|
* as they could over IRC. If you are using the default configuration you should be able to access
|
||||||
|
* this panel by visiting http://127.0.0.1:8080 in your web browser from the machine Anope is running on.
|
||||||
|
*
|
||||||
|
* This module requires m_httpd.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "webcpanel"
|
||||||
|
|
||||||
|
/* Web server to use. */
|
||||||
|
server = "httpd/main";
|
||||||
|
|
||||||
|
/* Template to use. */
|
||||||
|
template = "default";
|
||||||
|
|
||||||
|
/* Page title. */
|
||||||
|
title = "Anope IRC Services";
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_xmlrpc
|
||||||
|
*
|
||||||
|
* Allows remote applications (websites) to execute queries in real time to retrieve data from Anope.
|
||||||
|
* By itself this module does nothing, but allows other modules (m_xmlrpc_main) to receive and send XMLRPC queries.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "m_xmlrpc"
|
||||||
|
|
||||||
|
/* Web service to use. Requires m_httpd. */
|
||||||
|
server = "httpd/main"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* m_xmlrpc_main
|
||||||
|
*
|
||||||
|
* Adds the main XMLRPC core functions.
|
||||||
|
* Requires m_xmlrpc.
|
||||||
|
*/
|
||||||
|
#module { name = "m_xmlrpc_main" }
|
662
roles/IRC/templates/anope/nickserv.conf.j2
Executable file
662
roles/IRC/templates/anope/nickserv.conf.j2
Executable file
@ -0,0 +1,662 @@
|
|||||||
|
/*
|
||||||
|
* Example configuration file for NickServ.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* First, create the service.
|
||||||
|
*/
|
||||||
|
service
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
* The name of the NickServ client.
|
||||||
|
* If you change this value, you probably want to change the client directive in the configuration for the nickserv module too.
|
||||||
|
*/
|
||||||
|
nick = "NickServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The username of the NickServ client.
|
||||||
|
*/
|
||||||
|
user = "services"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The hostname of the NickServ client.
|
||||||
|
*/
|
||||||
|
host = "ircservices.{{ external_domain }}"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The realname of the NickServ client.
|
||||||
|
*/
|
||||||
|
gecos = "Nickname Registration Service"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The modes this client should use.
|
||||||
|
* Do not modify this unless you know what you are doing.
|
||||||
|
*
|
||||||
|
* These modes are very IRCd specific. If left commented, sane defaults
|
||||||
|
* are used based on what protocol module you have loaded.
|
||||||
|
*
|
||||||
|
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||||
|
* not all, usefulness of the client. We will not support you if this client is
|
||||||
|
* unable to do certain things if this option is enabled.
|
||||||
|
*/
|
||||||
|
#modes = "+o"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An optional comma separated list of channels this service should join. Outside
|
||||||
|
* of log channels this is not very useful, as the service will just idle in the
|
||||||
|
* specified channels, and will not accept any types of commands.
|
||||||
|
*
|
||||||
|
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||||
|
*/
|
||||||
|
#channels = "@#services,#mychan"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core NickServ module.
|
||||||
|
*
|
||||||
|
* Provides essential functionality for NickServ.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "nickserv"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The name of the client that should be NickServ.
|
||||||
|
*/
|
||||||
|
client = "NickServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Force users to give an e-mail address when they register a nick.
|
||||||
|
*
|
||||||
|
* This directive defaults to "yes" and is recommended to be enabled. This is required if e-mail registration is enabled.
|
||||||
|
*/
|
||||||
|
forceemail = no
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Require users who change their email address to confirm they
|
||||||
|
* own their new email.
|
||||||
|
*/
|
||||||
|
confirmemailchanges = no
|
||||||
|
|
||||||
|
/*
|
||||||
|
* A message sent to users on connect if they use an unregistered nick.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
unregistered_notice = "Your nickname is not registered. If you would like it registered, contact a netadmin (identified by ^) in #lobby to get it registered."
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The default options for newly registered nicks. Note that changing these options
|
||||||
|
* will have no effect on nicks which are already registered. The list must be separated
|
||||||
|
* by spaces.
|
||||||
|
*
|
||||||
|
* The options are:
|
||||||
|
* - killprotect: Kill nick if not identified within 60 seconds
|
||||||
|
* - kill_quick: Kill nick if not identified within 20 seconds, this one overrides the above
|
||||||
|
* option and the above must be specified with this one
|
||||||
|
* - ns_secure: Enable nickname security, requiring the nick's password before any operations
|
||||||
|
* can be done on it
|
||||||
|
* - ns_private: Hide the nick from NickServ's LIST command
|
||||||
|
* - hide_email: Hide's the nick's e-mail address from NickServ's INFO command
|
||||||
|
* - hide_mask: Hide's the nick's last or current user@host from NickServ's INFO command
|
||||||
|
* - hide_quit: Hide's the nick's last quit message
|
||||||
|
* - memo_signon: Notify user if they have a new memo when they sign into the nick
|
||||||
|
* - memo_receive: Notify user if they have a new memo as soon as it's received
|
||||||
|
* - memo_mail: Notify user if they have a new memo by mail
|
||||||
|
* - autoop: User will be automatically opped in channels they enter and have access to
|
||||||
|
* - msg: Services messages will be sent as PRIVMSGs instead of NOTICEs, requires
|
||||||
|
* options:useprivmsg to be enabled as well
|
||||||
|
* - ns_keepmodes: Enables keepmodes, which retains user modes across sessions
|
||||||
|
*
|
||||||
|
* This directive is optional, if left blank, the options will default to ns_secure, memo_signon, and
|
||||||
|
* memo_receive. If you really want no defaults, use "none" by itself as the option.
|
||||||
|
*/
|
||||||
|
defaults = "ns_secure ns_private hide_email hide_mask memo_signon memo_receive autoop killprotect"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The minimum length of time between consecutive uses of NickServ's REGISTER command. This
|
||||||
|
* directive is optional, but recommended. If not set, this restriction will be disabled.
|
||||||
|
*/
|
||||||
|
regdelay = 30s
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The length of time before a nick's registration expires.
|
||||||
|
*
|
||||||
|
* This directive is optional, but recommended. If not set, the default is 21 days.
|
||||||
|
*/
|
||||||
|
expire = 3650d
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Prevents the use of the ACCESS and CERT (excluding their LIST subcommand), DROP, FORBID, SUSPEND,
|
||||||
|
* GETPASS and SET PASSWORD commands by services operators on other services operators.
|
||||||
|
*
|
||||||
|
* This directive is optional, but recommended.
|
||||||
|
*/
|
||||||
|
secureadmins = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will set the channel modes a user has access to upon identifying, assuming
|
||||||
|
* they are not already set.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
modeonid = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will set these user modes on any user who identifies.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
#modesonid = "+R"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will not show netsplits in the last quit message field
|
||||||
|
* of NickServ's INFO command.
|
||||||
|
*/
|
||||||
|
hidenetsplitquit = no
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, is the length of time NickServ's killquick and kill options wait before
|
||||||
|
* forcing users off of protected nicknames.
|
||||||
|
*/
|
||||||
|
killquick = 20s
|
||||||
|
kill = 60s
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, forbids the registration of nicks that contain an existing
|
||||||
|
* nick with Services access. For example, if Tester is a Services Oper,
|
||||||
|
* you can't register NewTester or Tester123 unless you are an IRC
|
||||||
|
* Operator.
|
||||||
|
*
|
||||||
|
* NOTE: If you enable this, you will have to be logged in as an IRC
|
||||||
|
* operator in order to register a Services Root nick when setting up
|
||||||
|
* Anope for the first time.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
restrictopernicks = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The username, and possibly hostname, used for fake users created when Services needs to
|
||||||
|
* hold a nickname.
|
||||||
|
*/
|
||||||
|
enforceruser = "enforcer"
|
||||||
|
enforcerhost = "ircservices.{{ external_domain }}"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The length of time Services hold nicknames.
|
||||||
|
*
|
||||||
|
* This directive is optional, but recommended. If not set it defaults to 1 minute.
|
||||||
|
*/
|
||||||
|
releasetimeout = 1m
|
||||||
|
|
||||||
|
/*
|
||||||
|
* When a user's nick is forcibly changed to enforce a "nick kill", their new nick will start
|
||||||
|
* with this value. The rest will be made up of 6 or 7 digits.
|
||||||
|
* Make sure this is a valid nick and Nicklen+7 is not longer than the allowed Nicklen on your ircd.
|
||||||
|
*
|
||||||
|
* This directive is optional. If not set it defaults to "Guest"
|
||||||
|
*/
|
||||||
|
guestnickprefix = "Guest"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services do not allow ownership of nick names, only ownership of accounts.
|
||||||
|
*/
|
||||||
|
nonicknameownership = no
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The maximum length of passwords
|
||||||
|
*
|
||||||
|
* This directive is optional. If not set it defaults to 32.
|
||||||
|
*/
|
||||||
|
passlen = 32
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core NickServ commands.
|
||||||
|
*
|
||||||
|
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||||
|
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||||
|
*
|
||||||
|
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||||
|
*
|
||||||
|
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* Command group configuration for NickServ.
|
||||||
|
*
|
||||||
|
* Commands may optionally be placed into groups to make NickServ's HELP output easier to understand.
|
||||||
|
* Remove the following groups to use the old behavior of simply listing all NickServ commands from HELP.
|
||||||
|
*/
|
||||||
|
command_group
|
||||||
|
{
|
||||||
|
name = "nickserv/admin"
|
||||||
|
description = _("Services Operator commands")
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Give it a help command. */
|
||||||
|
command { service = "NickServ"; name = "HELP"; command = "generic/help"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_access
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/access.
|
||||||
|
*
|
||||||
|
* Used for configuring what hosts have access to your account.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "ns_access"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The maximum number of entries allowed on a nickname's access list.
|
||||||
|
* If not set, the default is 32. This number cannot be set to 0.
|
||||||
|
*/
|
||||||
|
accessmax = 32
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will add the usermask of registering users to the access list of their
|
||||||
|
* newly created account. If not set, users will always have to identify to NickServ before
|
||||||
|
* being recognized, unless they manually add an address to the access list of their account.
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
addaccessonreg = yes
|
||||||
|
}
|
||||||
|
command { service = "NickServ"; name = "ACCESS"; command = "nickserv/access"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_ajoin
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/ajoin.
|
||||||
|
*
|
||||||
|
* Used for configuring channels to join once you identify.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "ns_ajoin"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The maximum number of channels a user can have on NickServ's AJOIN command.
|
||||||
|
*/
|
||||||
|
ajoinmax = 50
|
||||||
|
}
|
||||||
|
command { service = "NickServ"; name = "AJOIN"; command = "nickserv/ajoin"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_alist
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/alist.
|
||||||
|
*
|
||||||
|
* Used for viewing what channels you have access to.
|
||||||
|
*/
|
||||||
|
module { name = "ns_alist" }
|
||||||
|
command { service = "NickServ"; name = "ALIST"; command = "nickserv/alist"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_cert
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/cert.
|
||||||
|
*
|
||||||
|
* Used for configuring your SSL certificate list, which can be used to automatically identify you.
|
||||||
|
*
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "ns_cert"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The maximum number of entries allowed on a nickname's certificate fingerprint list.
|
||||||
|
* The default is 5. This number cannot be set to 0.
|
||||||
|
*
|
||||||
|
max = 5
|
||||||
|
}
|
||||||
|
command { service = "NickServ"; name = "CERT"; command = "nickserv/cert"; }
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* ns_drop
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/drop.
|
||||||
|
*
|
||||||
|
* Used for unregistering names.
|
||||||
|
*/
|
||||||
|
module { name = "ns_drop" }
|
||||||
|
command { service = "NickServ"; name = "DROP"; command = "nickserv/drop"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_getemail
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/getemail.
|
||||||
|
*
|
||||||
|
* Used for getting registered accounts by searching for emails.
|
||||||
|
*/
|
||||||
|
module { name = "ns_getemail" }
|
||||||
|
command { service = "NickServ"; name = "GETEMAIL"; command = "nickserv/getemail"; permission = "nickserv/getemail"; group = "nickserv/admin"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_getpass
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/getpass.
|
||||||
|
*
|
||||||
|
* Used for getting users passwords.
|
||||||
|
*
|
||||||
|
* Requires no encryption is being used.
|
||||||
|
*/
|
||||||
|
#module { name = "ns_getpass" }
|
||||||
|
#command { service = "NickServ"; name = "GETPASS"; command = "nickserv/getpass"; permission = "nickserv/getpass"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_group
|
||||||
|
*
|
||||||
|
* Provides the commands nickserv/group, nickserv/glist, and nickserv/ungroup.
|
||||||
|
*
|
||||||
|
* Used for controlling nick groups.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "ns_group"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The maximum number of nicks allowed in a group.
|
||||||
|
*
|
||||||
|
* This directive is optional, but recommended. If not set or set to 0, no limits will be applied.
|
||||||
|
*/
|
||||||
|
maxaliases = 16
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, the NickServ GROUP command won't allow any group changes. This is recommended to
|
||||||
|
* prevent users from accidentally dropping their nicks, as it forces users to explicitly
|
||||||
|
* drop their nicks before adding it to another group.
|
||||||
|
*
|
||||||
|
* This directive is optional, but recommended.
|
||||||
|
*/
|
||||||
|
nogroupchange = yes
|
||||||
|
}
|
||||||
|
command { service = "NickServ"; name = "GLIST"; command = "nickserv/glist"; }
|
||||||
|
command { service = "NickServ"; name = "GROUP"; command = "nickserv/group"; }
|
||||||
|
command { service = "NickServ"; name = "UNGROUP"; command = "nickserv/ungroup"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_identify
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/identify.
|
||||||
|
*
|
||||||
|
* Used for identifying to accounts.
|
||||||
|
*/
|
||||||
|
module { name = "ns_identify" }
|
||||||
|
command { service = "NickServ"; name = "ID"; command = "nickserv/identify"; hide = true; }
|
||||||
|
command { service = "NickServ"; name = "IDENTIFY"; command = "nickserv/identify"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_info
|
||||||
|
*
|
||||||
|
* Provides the commands:
|
||||||
|
* nickserv/info. - Used for gathering information about an account.
|
||||||
|
* nickserv/set/hide, nickserv/saset/hide - Used for configuring which options are publically shown in nickserv/info.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
module { name = "ns_info" }
|
||||||
|
command { service = "NickServ"; name = "INFO"; command = "nickserv/info"; }
|
||||||
|
|
||||||
|
command { service = "NickServ"; name = "SET HIDE"; command = "nickserv/set/hide"; }
|
||||||
|
command { service = "NickServ"; name = "SASET HIDE"; command = "nickserv/saset/hide"; permission = "nickserv/saset/hide"; }
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_list
|
||||||
|
*
|
||||||
|
* Provides the commands:
|
||||||
|
* nickserv/list - Used for retrieving and searching the registered account list.
|
||||||
|
* nickserv/set/private, nickserv/saset/private - Used for configuring whether or a users account shows up in nickserv/list.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "ns_list"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The maximum number of nicks to be returned for a NickServ LIST command.
|
||||||
|
*/
|
||||||
|
listmax = 50
|
||||||
|
}
|
||||||
|
command { service = "NickServ"; name = "LIST"; command = "nickserv/list"; }
|
||||||
|
|
||||||
|
command { service = "NickServ"; name = "SET PRIVATE"; command = "nickserv/set/private"; }
|
||||||
|
command { service = "NickServ"; name = "SASET PRIVATE"; command = "nickserv/saset/private"; permission = "nickserv/saset/private"; }
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_logout
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/logout.
|
||||||
|
*
|
||||||
|
* Used for logging out of your account.
|
||||||
|
*/
|
||||||
|
module { name = "ns_logout" }
|
||||||
|
command { service = "NickServ"; name = "LOGOUT"; command = "nickserv/logout"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_recover
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/recover.
|
||||||
|
*
|
||||||
|
* Used for recovering your nick from services or another user.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "ns_recover"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will svsnick and svsjoin users who use the recover
|
||||||
|
* command on an identified user to the nick and channels of the recovered user.
|
||||||
|
*
|
||||||
|
* This directive is opional.
|
||||||
|
*/
|
||||||
|
restoreonrecover = yes
|
||||||
|
}
|
||||||
|
command { service = "NickServ"; name = "RECOVER"; command = "nickserv/recover"; }
|
||||||
|
# Uncomment below to emulate 1.8's behavior of ghost and release.
|
||||||
|
#command { service = "NickServ"; name = "GHOST"; command = "nickserv/recover"; }
|
||||||
|
#command { service = "NickServ"; name = "RELEASE"; command = "nickserv/recover"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_register
|
||||||
|
*
|
||||||
|
* Provides the commands nickserv/confirm, nickserv/register, and nickserv/resend.
|
||||||
|
*
|
||||||
|
* Used for registering accounts.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "ns_register"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Registration confirmation setting. Set to "none" for no registration confirmation,
|
||||||
|
* "mail" for email confirmation, and "admin" to have services operators manually confirm
|
||||||
|
* every registration. Set to "disable" to completely disable all registrations.
|
||||||
|
*/
|
||||||
|
registration = "none"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The minimum length of time between consecutive uses of NickServ's RESEND command.
|
||||||
|
*
|
||||||
|
* This directive is optional, but recommended. If not set, this restriction will be disabled.
|
||||||
|
*/
|
||||||
|
resenddelay = 90s
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Prevents users from registering their nick if they are not connected
|
||||||
|
* for at least the given number of seconds.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
#nickregdelay = 30s
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The length of time a user using an unconfirmed account has
|
||||||
|
* before the account will be released for general use again.
|
||||||
|
*/
|
||||||
|
#unconfirmedexpire = 1d
|
||||||
|
}
|
||||||
|
#command { service = "NickServ"; name = "CONFIRM"; command = "nickserv/confirm"; }
|
||||||
|
command { service = "NickServ"; name = "REGISTER"; command = "nickserv/register"; }
|
||||||
|
#command { service = "NickServ"; name = "RESEND"; command = "nickserv/resend"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_resetpass
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/resetpass.
|
||||||
|
*
|
||||||
|
* Used for resetting passwords by emailing users a temporary one.
|
||||||
|
*/
|
||||||
|
/*module { name = "ns_resetpass" }
|
||||||
|
command { service = "NickServ"; name = "RESETPASS"; command = "nickserv/resetpass"; }
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_set
|
||||||
|
*
|
||||||
|
* Provides the commands:
|
||||||
|
* nickserv/set, nickserv/saset - Dummy help wrappers for the SET and SASET commands.
|
||||||
|
* nickserv/set/autoop, nickserv/saset/autoop - Determines whether or not modes are automatically set users when joining a channel.
|
||||||
|
* nickserv/set/display, nickserv/saset/display - Used for setting a users display name.
|
||||||
|
* nickserv/set/email, nickserv/saset/email - Used for setting a users email address.
|
||||||
|
* nickserv/set/keepmodes, nickserv/saset/keepmodes - Configure whether or not services should retain a user's modes across sessions.
|
||||||
|
* nickserv/set/kill, nickserv/saset/kill - Used for configuring nickname protection.
|
||||||
|
* nickserv/set/language, nickserv/saset/language - Used for configuring what language services use.
|
||||||
|
* nickserv/set/message, nickserv/saset/message - Used to configure how services send messages to you.
|
||||||
|
* nickserv/set/password, nickserv/saset/password - Used for changing a users password.
|
||||||
|
* nickserv/set/secure, nickserv/saset/secure - Used for configuring whether a user can identify by simply being recognized by nickserv/access.
|
||||||
|
* nickserv/saset/noexpire - Used for configuring noexpire, which prevents nicks from expiring.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "ns_set"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Allow the use of the IMMED option in the NickServ SET KILL command.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
#allowkillimmed = yes
|
||||||
|
}
|
||||||
|
|
||||||
|
command { service = "NickServ"; name = "SET"; command = "nickserv/set"; }
|
||||||
|
command { service = "NickServ"; name = "SASET"; command = "nickserv/saset"; permission = "nickserv/saset/"; group = "nickserv/admin"; }
|
||||||
|
|
||||||
|
command { service = "NickServ"; name = "SET AUTOOP"; command = "nickserv/set/autoop"; }
|
||||||
|
command { service = "NickServ"; name = "SASET AUTOOP"; command = "nickserv/saset/autoop"; permission = "nickserv/saset/autoop"; }
|
||||||
|
|
||||||
|
command { service = "NickServ"; name = "SET DISPLAY"; command = "nickserv/set/display"; }
|
||||||
|
command { service = "NickServ"; name = "SASET DISPLAY"; command = "nickserv/saset/display"; permission = "nickserv/saset/display"; }
|
||||||
|
|
||||||
|
command { service = "NickServ"; name = "SET EMAIL"; command = "nickserv/set/email"; }
|
||||||
|
command { service = "NickServ"; name = "SASET EMAIL"; command = "nickserv/saset/email"; permission = "nickserv/saset/email"; }
|
||||||
|
|
||||||
|
command { service = "NickServ"; name = "SET KEEPMODES"; command = "nickserv/set/keepmodes"; }
|
||||||
|
command { service = "NickServ"; name = "SASET KEEPMODES"; command = "nickserv/saset/keepmodes"; permission = "nickserv/saset/keepmodes"; }
|
||||||
|
|
||||||
|
command { service = "NickServ"; name = "SET KILL"; command = "nickserv/set/kill"; }
|
||||||
|
command { service = "NickServ"; name = "SASET KILL"; command = "nickserv/saset/kill"; permission = "nickserv/saset/kill"; }
|
||||||
|
|
||||||
|
command { service = "NickServ"; name = "SET LANGUAGE"; command = "nickserv/set/language"; }
|
||||||
|
command { service = "NickServ"; name = "SASET LANGUAGE"; command = "nickserv/saset/language"; permission = "nickserv/saset/language"; }
|
||||||
|
|
||||||
|
command { service = "NickServ"; name = "SET MESSAGE"; command = "nickserv/set/message"; }
|
||||||
|
command { service = "NickServ"; name = "SASET MESSAGE"; command = "nickserv/saset/message"; permission = "nickserv/saset/message"; }
|
||||||
|
|
||||||
|
/* command { service = "NickServ"; name = "SET PASSWORD"; command = "nickserv/set/password"; }
|
||||||
|
command { service = "NickServ"; name = "SASET PASSWORD"; command = "nickserv/saset/password"; permission = "nickserv/saset/password"; }
|
||||||
|
*/
|
||||||
|
command { service = "NickServ"; name = "SET SECURE"; command = "nickserv/set/secure"; }
|
||||||
|
command { service = "NickServ"; name = "SASET SECURE"; command = "nickserv/saset/secure"; permission = "nickserv/saset/secure"; }
|
||||||
|
|
||||||
|
command { service = "NickServ"; name = "SASET NOEXPIRE"; command = "nickserv/saset/noexpire"; permission = "nickserv/saset/noexpire"; }
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_set_misc
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/set/misc.
|
||||||
|
*
|
||||||
|
* Allows you to create arbitrary commands to set data, and have that data show up in nickserv/info.
|
||||||
|
* A field named misc_description may be given for use with help output.
|
||||||
|
*/
|
||||||
|
module { name = "ns_set_misc" }
|
||||||
|
command { service = "NickServ"; name = "SET URL"; command = "nickserv/set/misc"; misc_description = _("Associate a URL with your account"); }
|
||||||
|
command { service = "NickServ"; name = "SASET URL"; command = "nickserv/saset/misc"; misc_description = _("Associate a URL with this account"); permission = "nickserv/saset/url"; group = "nickserv/admin"; }
|
||||||
|
#command { service = "NickServ"; name = "SET ICQ"; command = "nickserv/set/misc"; misc_description = _("Associate an ICQ account with your account"); }
|
||||||
|
#command { service = "NickServ"; name = "SASET ICQ"; command = "nickserv/saset/misc"; misc_description = _("Associate an ICQ account with this account"); permission = "nickserv/saset/icq"; group = "nickserv/admin"; }
|
||||||
|
#command { service = "NickServ"; name = "SET TWITTER"; command = "nickserv/set/misc"; misc_description = _("Associate a Twitter account with your account"); }
|
||||||
|
#command { service = "NickServ"; name = "SASET TWITTER"; command = "nickserv/saset/misc"; misc_description = _("Associate a Twitter account with this account"); permission = "nickserv/saset/twitter"; group = "nickserv/admin"; }
|
||||||
|
#command { service = "NickServ"; name = "SET FACEBOOK"; command = "nickserv/set/misc"; misc_description = _("Associate a Facebook URL with your account"); }
|
||||||
|
#command { service = "NickServ"; name = "SASET FACEBOOK"; command = "nickserv/saset/misc"; misc_description = _("Associate a Facebook URL with this account"); permission = "nickserv/saset/facebook"; group = "nickserv/admin"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_status
|
||||||
|
*
|
||||||
|
* Provides the nickserv/status command.
|
||||||
|
*
|
||||||
|
* Used to determine if a user is recognized or identified by services.
|
||||||
|
*/
|
||||||
|
module { name = "ns_status" }
|
||||||
|
command { service = "NickServ"; name = "STATUS"; command = "nickserv/status"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_suspend
|
||||||
|
*
|
||||||
|
* Provides the commands nickserv/suspend and nickserv/unsuspend.
|
||||||
|
*
|
||||||
|
* Used to suspend and unsuspend nicknames. Suspended nicknames can not be used but their settings are preserved.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "ns_suspend"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The length of time before a suspended nick becomes unsuspended.
|
||||||
|
*
|
||||||
|
* This directive is optional. If not set, the default is never.
|
||||||
|
*/
|
||||||
|
#suspendexpire = 90d
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Settings to show to non-opers in NickServ's INFO output.
|
||||||
|
* Comment to completely disable showing any information about
|
||||||
|
* suspended nicknames to non-opers.
|
||||||
|
*/
|
||||||
|
show = "suspended, by, reason, on, expires"
|
||||||
|
}
|
||||||
|
command { service = "NickServ"; name = "SUSPEND"; command = "nickserv/suspend"; permission = "nickserv/suspend"; group = "nickserv/admin"; }
|
||||||
|
command { service = "NickServ"; name = "UNSUSPEND"; command = "nickserv/unsuspend"; permission = "nickserv/suspend"; group = "nickserv/admin"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_update
|
||||||
|
*
|
||||||
|
* Provides the command nickserv/update.
|
||||||
|
*
|
||||||
|
* Used to update your status on all channels, turn on your vHost, etc.
|
||||||
|
*/
|
||||||
|
module { name = "ns_update" }
|
||||||
|
command { service = "NickServ"; name = "UPDATE"; command = "nickserv/update"; }
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Extra NickServ related modules.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ns_maxemail
|
||||||
|
*
|
||||||
|
* Limits how many times the same email address may be used in Anope
|
||||||
|
* to register accounts.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "ns_maxemail"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The limit to how many registered nicks can use the same e-mail address. If set to 0 or left
|
||||||
|
* commented, there will be no limit enforced when registering new accounts or using
|
||||||
|
* /msg NickServ SET EMAIL.
|
||||||
|
*/
|
||||||
|
maxemails = 1
|
||||||
|
}
|
701
roles/IRC/templates/anope/operserv.conf.j2
Executable file
701
roles/IRC/templates/anope/operserv.conf.j2
Executable file
@ -0,0 +1,701 @@
|
|||||||
|
/*
|
||||||
|
* Example configuration file for OperServ.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* First, create the service.
|
||||||
|
*/
|
||||||
|
service
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
* The name of the OperServ client.
|
||||||
|
* If you change this value, you probably want to change the client directive in the configuration for the operserv module too.
|
||||||
|
*/
|
||||||
|
nick = "OperServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The username of the OperServ client.
|
||||||
|
*/
|
||||||
|
user = "services"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The hostname of the OperServ client.
|
||||||
|
*/
|
||||||
|
host = "ircservices.{{ external_domain }}"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The realname of the OperServ client.
|
||||||
|
*/
|
||||||
|
gecos = "Operator Service"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The modes this client should use.
|
||||||
|
* Do not modify this unless you know what you are doing.
|
||||||
|
*
|
||||||
|
* These modes are very IRCd specific. If left commented, sane defaults
|
||||||
|
* are used based on what protocol module you have loaded.
|
||||||
|
*
|
||||||
|
* Note that setting this option incorrectly could potentially BREAK some, if
|
||||||
|
* not all, usefulness of the client. We will not support you if this client is
|
||||||
|
* unable to do certain things if this option is enabled.
|
||||||
|
*/
|
||||||
|
#modes = "+o"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* An optional comma separated list of channels this service should join. Outside
|
||||||
|
* of log channels this is not very useful, as the service will just idle in the
|
||||||
|
* specified channels, and will not accept any types of commands.
|
||||||
|
*
|
||||||
|
* Prefixes may be given to the channels in the form of mode characters or prefix symbols.
|
||||||
|
*/
|
||||||
|
#channels = "@#services,#mychan"
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core OperServ module.
|
||||||
|
*
|
||||||
|
* Provides essential functionality for OperServ.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "operserv"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The name of the client that should be OperServ.
|
||||||
|
*/
|
||||||
|
client = "OperServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* These define the default expiration times for, respectively, AKILLs, CHANKILLs, SNLINEs,
|
||||||
|
* and SQLINEs.
|
||||||
|
*/
|
||||||
|
autokillexpiry = 30d
|
||||||
|
chankillexpiry = 30d
|
||||||
|
snlineexpiry = 30d
|
||||||
|
sqlineexpiry = 30d
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, this option will make Services send an AKILL command immediately after it has been
|
||||||
|
* added with AKILL ADD. This eliminates the need for killing the user after the AKILL has
|
||||||
|
* been added.
|
||||||
|
*
|
||||||
|
* This directive is optional, but recommended.
|
||||||
|
*/
|
||||||
|
akillonadd = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, this option will make Services send an (SVS)KILL command immediately after SNLINE ADD.
|
||||||
|
* This eliminates the need for killing the user after the SNLINE has been added.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
killonsnline = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, this option will make Services send an (SVS)KILL command immediately after SQLINE ADD.
|
||||||
|
* This eliminates the need for killing the user after the SQLINE has been added.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
killonsqline = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Adds the nickname of the IRC Operator issuing an AKILL to the kill reason.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
addakiller = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Adds akill IDs to akills. Akill IDs are given to users in their ban reason and can be used to easily view,
|
||||||
|
* modify, or remove an akill from the ID.
|
||||||
|
*/
|
||||||
|
akillids = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, only IRC Operators will be permitted to use OperServ, regardless of command access restrictions.
|
||||||
|
*
|
||||||
|
* This directive is optional, but recommended.
|
||||||
|
*/
|
||||||
|
opersonly = yes
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Core OperServ commands.
|
||||||
|
*
|
||||||
|
* In Anope modules can provide (multiple) commands, each of which has a unique command name. Once these modules
|
||||||
|
* are loaded you can then configure the commands to be added to any client you like with any name you like.
|
||||||
|
*
|
||||||
|
* Additionally, you may provide a permission name that must be in the opertype of users executing the command.
|
||||||
|
*
|
||||||
|
* Sane defaults are provided below that do not need to be edited unless you wish to change the default behavior.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* Give it a help command. */
|
||||||
|
command { service = "OperServ"; name = "HELP"; command = "generic/help"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_akill
|
||||||
|
*
|
||||||
|
* Provides the command operserv/akill.
|
||||||
|
*
|
||||||
|
* Used to ban users from the network.
|
||||||
|
*/
|
||||||
|
module { name = "os_akill" }
|
||||||
|
command { service = "OperServ"; name = "AKILL"; command = "operserv/akill"; permission = "operserv/akill"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_chankill
|
||||||
|
*
|
||||||
|
* Provides the command operserv/chankill.
|
||||||
|
*
|
||||||
|
* Used to akill users from an entire channel.
|
||||||
|
*/
|
||||||
|
module { name = "os_chankill" }
|
||||||
|
command { service = "OperServ"; name = "CHANKILL"; command = "operserv/chankill"; permission = "operserv/chankill"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_session
|
||||||
|
*
|
||||||
|
* Provides the commands operserv/exception and operserv/session.
|
||||||
|
*
|
||||||
|
* This module enables session limiting. Session limiting prevents users from connecting more than a certain
|
||||||
|
* number of times from the same IP at the same time - thus preventing most types of cloning.
|
||||||
|
* Once a host reaches it's session limit, all clients attempting to connect from that host will
|
||||||
|
* be killed. Exceptions to the default session limit can be defined via the exception list.
|
||||||
|
*
|
||||||
|
* Used to manage the session limit exception list, and view currently active sessions.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "os_session"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Default session limit per host. Once a host reaches its session limit, all clients attempting
|
||||||
|
* to connect from that host will be killed.
|
||||||
|
*
|
||||||
|
* This directive is required if os_session is loaded.
|
||||||
|
*/
|
||||||
|
defaultsessionlimit = 3
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The maximum session limit that may be set for a host in an exception.
|
||||||
|
*
|
||||||
|
* This directive is required if os_session is loaded.
|
||||||
|
*/
|
||||||
|
maxsessionlimit = 100
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Sets the default expiry time for session exceptions.
|
||||||
|
*
|
||||||
|
* This directive is required if os_session is loaded.
|
||||||
|
*/
|
||||||
|
exceptionexpiry = 1d
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The message that will be NOTICE'd to a user just before they are removed from the network because
|
||||||
|
* their host's session limit has been exceeded. It may be used to give a slightly more descriptive
|
||||||
|
* reason for the impending kill as opposed to simply "Session limit exceeded".
|
||||||
|
*
|
||||||
|
* This directive is optional, if not set, nothing will be sent.
|
||||||
|
*/
|
||||||
|
sessionlimitexceeded = "The session limit for your IP %IP% has been exceeded."
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Same as above, but should be used to provide a website address where users can find out more
|
||||||
|
* about session limits and how to go about applying for an exception.
|
||||||
|
*
|
||||||
|
* Note: This directive has been intentionally commented out in an effort to remind you to change
|
||||||
|
* the URL it contains. It is recommended that you supply an address/URL where people can get help
|
||||||
|
* regarding session limits.
|
||||||
|
*
|
||||||
|
* This directive is optional, if not set, nothing will be sent.
|
||||||
|
*/
|
||||||
|
#sessionlimitdetailsloc = "Please visit http://your.website.url/ for more information about session limits."
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set and is not 0, this directive tells Services to add an AKILL if the number of subsequent kills
|
||||||
|
* for the same host exceeds this value, preventing the network from experiencing KILL floods.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
maxsessionkill = 15
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Sets the expiry time for AKILLs set for hosts exceeding the maxsessionkill directive limit.
|
||||||
|
*
|
||||||
|
* This directive is optional, if not set, defaults to 30 minutes.
|
||||||
|
*/
|
||||||
|
sessionautokillexpiry = 30m
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Sets the CIDR value used to determine which IP addresses represent the same person.
|
||||||
|
* By default this would limit 3 connections per IPv4 IP and 3 connections per IPv6 IP.
|
||||||
|
* If you are receiving IPv6 clone attacks it may be useful to set session_ipv6_cidr to
|
||||||
|
* 64 or 48.
|
||||||
|
*/
|
||||||
|
session_ipv4_cidr = 32
|
||||||
|
session_ipv6_cidr = 128
|
||||||
|
}
|
||||||
|
command { service = "OperServ"; name = "EXCEPTION"; command = "operserv/exception"; permission = "operserv/exception"; }
|
||||||
|
command { service = "OperServ"; name = "SESSION"; command = "operserv/session"; permission = "operserv/session"; }
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_defcon
|
||||||
|
*
|
||||||
|
* Provides the command operserv/defcon.
|
||||||
|
*
|
||||||
|
* Allows you to set services in defcon mode, which can be used to restrict services access
|
||||||
|
* during bot attacks.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "os_defcon"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Default DefCon level (1-5) to use when starting Services up. Level 5 constitutes normal operation
|
||||||
|
* while level 1 constitutes the most restrictive operation. If this setting is left out or set to
|
||||||
|
* 0, DefCon will be disabled and the rest of this block will be ignored.
|
||||||
|
*/
|
||||||
|
defaultlevel = 5
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The following 4 directives define what operations will take place when DefCon is set to levels
|
||||||
|
* 1 through 4. Each level is a list that must be separated by spaces.
|
||||||
|
*
|
||||||
|
* The following operations can be defined at each level:
|
||||||
|
* - nonewchannels: Disables registering new channels
|
||||||
|
* - nonewnicks: Disables registering new nicks
|
||||||
|
* - nomlockchanges: Disables changing MLOCK on registered channels
|
||||||
|
* - forcechanmodes: Forces all channels to have the modes given in the later chanmodes directive
|
||||||
|
* - reducedsessions: Reduces the session limit to the value given in the later sessionlimit directive
|
||||||
|
* - nonewclients: KILL any new clients trying to connect
|
||||||
|
* - operonly: Services will ignore all non-IRCops
|
||||||
|
* - silentoperonly: Services will silently ignore all non-IRCops
|
||||||
|
* - akillnewclients: AKILL any new clients trying to connect
|
||||||
|
* - nonewmemos: No new memos will be sent to block MemoServ attacks
|
||||||
|
*/
|
||||||
|
level4 = "nonewchannels nonewnicks nomlockchanges reducedsessions"
|
||||||
|
level3 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions"
|
||||||
|
level2 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly"
|
||||||
|
level1 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly akillnewclients"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* New session limit to use when a DefCon level is using "reduced" session limiting.
|
||||||
|
*/
|
||||||
|
sessionlimit = 2
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Length of time to add an AKILL for when DefCon is preventing new clients from connecting to the
|
||||||
|
* network.
|
||||||
|
*/
|
||||||
|
akillexpire = 5m
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The channel modes to set on all channels when the DefCon channel mode system is in use.
|
||||||
|
*
|
||||||
|
* Note 1: Choose these modes carefully, because when DefCon switches to a level which does NOT have
|
||||||
|
* the mode setting selected, Services will set the reverse on all channels, e.g. if this setting
|
||||||
|
* is +RN when DefCon is used, all channels will be set to +RN, when DefCon is removed, all
|
||||||
|
* channels will be set to -RN. You don't want to set this to +k for example, because when DefCon
|
||||||
|
* is removed, all channels are set -k, removing the key from previously keyed channels.
|
||||||
|
*
|
||||||
|
* Note 2: MLOCKed modes will not be lost.
|
||||||
|
*/
|
||||||
|
chanmodes = "+Ri"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This value can be used to automatically return the network to DefCon level 5 after the specified
|
||||||
|
* time period, just in case any IRC Operator forgets to remove a DefCon setting.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
timeout = 15m
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will send a global message on DefCon level changes.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
globalondefcon = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services will send the global message defined in the message directive on DefCon level
|
||||||
|
* changes.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
#globalondefconmore = yes
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Defines the message that will be sent on DefCon level changes when globalondefconmore is set.
|
||||||
|
*
|
||||||
|
* This directive is required only when globalondefconmore is set.
|
||||||
|
*/
|
||||||
|
#message = "Put your message to send your users here. Don't forget to uncomment globalondefconmore"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Defines the message that will be sent when DefCon is returned to level 5. This directive is optional,
|
||||||
|
* and will also override globalondefcon and globalondefconmore when set.
|
||||||
|
*/
|
||||||
|
offmessage = "Services are now back to normal; sorry for any inconvenience"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Defines the reason to use when clients are KILLed or AKILLed from the network while the proper
|
||||||
|
* DefCon operation is in effect.
|
||||||
|
*/
|
||||||
|
akillreason = "This network is currently not accepting connections. We are working on diagnostics, so please try again later."
|
||||||
|
}
|
||||||
|
command { service = "OperServ"; name = "DEFCON"; command = "operserv/defcon"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_dns
|
||||||
|
*
|
||||||
|
* Provides the command operserv/dns.
|
||||||
|
*
|
||||||
|
* This module requires that m_dns is loaded.
|
||||||
|
*
|
||||||
|
* This module allows controlling a DNS zone. This is useful for
|
||||||
|
* controlling what servers users are placed on for load balancing,
|
||||||
|
* and to automatically remove split servers.
|
||||||
|
*
|
||||||
|
* To use this module you must set a nameserver record for services
|
||||||
|
* so that DNS queries go to services.
|
||||||
|
*
|
||||||
|
* Alternatively, you may use a slave DNS server to hide service's IP,
|
||||||
|
* provide query caching, and provide better fault tolerance.
|
||||||
|
*
|
||||||
|
* To do this using BIND, configure similar to:
|
||||||
|
*
|
||||||
|
* options { max-refresh-time 60; };
|
||||||
|
* zone "irc.example.com" IN {
|
||||||
|
* type slave;
|
||||||
|
* masters { 127.0.0.1 port 5353; };
|
||||||
|
* };
|
||||||
|
*
|
||||||
|
* Where 127.0.0.1:5353 is the IP and port services are listening on.
|
||||||
|
* We recommend you externally firewall both UDP and TCP to the port
|
||||||
|
* Anope is listening on.
|
||||||
|
*
|
||||||
|
* Finally set a NS record for irc.example.com. to BIND or services.
|
||||||
|
*/
|
||||||
|
#module
|
||||||
|
{
|
||||||
|
name = "os_dns"
|
||||||
|
|
||||||
|
/* TTL for records. This should be very low if your records change often. */
|
||||||
|
ttl = 1m
|
||||||
|
|
||||||
|
/* If a server drops this many users the server is automatically removed from the DNS zone.
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
user_drop_mark = 50
|
||||||
|
|
||||||
|
/* The time used for user_drop_mark. */
|
||||||
|
user_drop_time = 1m
|
||||||
|
|
||||||
|
/* When a server is removed from the zone for dropping users, it is readded after this time.
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
user_drop_readd_time = 5m
|
||||||
|
|
||||||
|
/* If set, when a server splits, it is automatically removed from the zone. */
|
||||||
|
remove_split_servers = yes
|
||||||
|
|
||||||
|
/* If set, when a server connects to the network, it will be automatically added to
|
||||||
|
* the zone if it is a known server.
|
||||||
|
*/
|
||||||
|
readd_connected_servers = no
|
||||||
|
}
|
||||||
|
#command { service = "OperServ"; name = "DNS"; command = "operserv/dns"; permission = "operserv/dns"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_config
|
||||||
|
*
|
||||||
|
* Provides the command operserv/config.
|
||||||
|
*
|
||||||
|
* Used to view and set configuration options while services are running.
|
||||||
|
*/
|
||||||
|
module { name = "os_config" }
|
||||||
|
command { service = "OperServ"; name = "CONFIG"; command = "operserv/config"; permission = "operserv/config"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_forbid
|
||||||
|
*
|
||||||
|
* Provides the command operserv/forbid.
|
||||||
|
*
|
||||||
|
* Used to forbid specific nicks, channels, emails, etc. from being used.
|
||||||
|
*/
|
||||||
|
module { name = "os_forbid" }
|
||||||
|
command { service = "OperServ"; name = "FORBID"; command = "operserv/forbid"; permission = "operserv/forbid"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_ignore
|
||||||
|
*
|
||||||
|
* Provides the command operserv/ignore.
|
||||||
|
*
|
||||||
|
* Used to make Services ignore users.
|
||||||
|
*/
|
||||||
|
module { name = "os_ignore" }
|
||||||
|
command { service = "OperServ"; name = "IGNORE"; command = "operserv/ignore"; permission = "operserv/ignore"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_info
|
||||||
|
*
|
||||||
|
* Provides the command operserv/info.
|
||||||
|
*
|
||||||
|
* Used to add oper only notes to users and channels.
|
||||||
|
*/
|
||||||
|
module { name = "os_info" }
|
||||||
|
command { service = "OperServ"; name = "INFO"; command = "operserv/info"; permission = "operserv/info"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_jupe
|
||||||
|
*
|
||||||
|
* Provides the command operserv/jupe.
|
||||||
|
*
|
||||||
|
* Used to disconnect servers from the network and prevent them from relinking.
|
||||||
|
*/
|
||||||
|
module { name = "os_jupe" }
|
||||||
|
command { service = "OperServ"; name = "JUPE"; command = "operserv/jupe"; permission = "operserv/jupe"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_kick
|
||||||
|
*
|
||||||
|
* Provides the command operserv/kick.
|
||||||
|
*
|
||||||
|
* Used to kick users from channels.
|
||||||
|
*/
|
||||||
|
module { name = "os_kick" }
|
||||||
|
command { service = "OperServ"; name = "KICK"; command = "operserv/kick"; permission = "operserv/kick"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_kill
|
||||||
|
*
|
||||||
|
* Provides the command operserv/kill.
|
||||||
|
*
|
||||||
|
* Used to forcibly disconnect users from the network.
|
||||||
|
*/
|
||||||
|
module { name = "os_kill" }
|
||||||
|
command { service = "OperServ"; name = "KILL"; command = "operserv/kill"; permission = "operserv/kill"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_list
|
||||||
|
*
|
||||||
|
* Provides the commands operserv/chanlist and operserv/userlist.
|
||||||
|
*
|
||||||
|
* Used to list and search the channels and users currently on the network.
|
||||||
|
*/
|
||||||
|
module { name = "os_list" }
|
||||||
|
command { service = "OperServ"; name = "CHANLIST"; command = "operserv/chanlist"; permission = "operserv/chanlist"; }
|
||||||
|
command { service = "OperServ"; name = "USERLIST"; command = "operserv/userlist"; permission = "operserv/userlist"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_login
|
||||||
|
*
|
||||||
|
* Provides the commands operserv/login and operserv/logout.
|
||||||
|
*
|
||||||
|
* Used to login to OperServ, only required if your oper block requires this.
|
||||||
|
*/
|
||||||
|
module { name = "os_login" }
|
||||||
|
command { service = "OperServ"; name = "LOGIN"; command = "operserv/login"; }
|
||||||
|
command { service = "OperServ"; name = "LOGOUT"; command = "operserv/logout"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_logsearch
|
||||||
|
*
|
||||||
|
* Provides the command operserv/logsearch.
|
||||||
|
*
|
||||||
|
* Used to search services log files.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "os_logsearch"
|
||||||
|
|
||||||
|
/* The log file name to search. There should be a log{} block configured to log
|
||||||
|
* to a file of this name.
|
||||||
|
*/
|
||||||
|
logname = "services.log"
|
||||||
|
}
|
||||||
|
command { service = "OperServ"; name = "LOGSEARCH"; command = "operserv/logsearch"; permission = "operserv/logsearch"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_mode
|
||||||
|
*
|
||||||
|
* Provides the commands operserv/mode and operserv/umode.
|
||||||
|
*
|
||||||
|
* Used to change user and channel modes.
|
||||||
|
*/
|
||||||
|
module { name = "os_mode" }
|
||||||
|
command { service = "OperServ"; name = "UMODE"; command = "operserv/umode"; permission = "operserv/umode"; }
|
||||||
|
command { service = "OperServ"; name = "MODE"; command = "operserv/mode"; permission = "operserv/mode"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_modinfo
|
||||||
|
*
|
||||||
|
* Provides the commands operserv/modinfo and operserv/modlist.
|
||||||
|
*
|
||||||
|
* Used to show information about loaded modules.
|
||||||
|
*/
|
||||||
|
module { name = "os_modinfo" }
|
||||||
|
command { service = "OperServ"; name = "MODINFO"; command = "operserv/modinfo"; permission = "operserv/modinfo"; }
|
||||||
|
command { service = "OperServ"; name = "MODLIST"; command = "operserv/modlist"; permission = "operserv/modinfo"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_module
|
||||||
|
*
|
||||||
|
* Provides the commands operserv/modload, operserv/modreload, and operserv/modunload.
|
||||||
|
*
|
||||||
|
* Used to load, reload, and unload modules.
|
||||||
|
*/
|
||||||
|
module { name = "os_module" }
|
||||||
|
command { service = "OperServ"; name = "MODLOAD"; command = "operserv/modload"; permission = "operserv/modload"; }
|
||||||
|
command { service = "OperServ"; name = "MODRELOAD"; command = "operserv/modreload"; permission = "operserv/modload"; }
|
||||||
|
command { service = "OperServ"; name = "MODUNLOAD"; command = "operserv/modunload"; permission = "operserv/modload"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_news
|
||||||
|
*
|
||||||
|
* Provides the commands operserv/logonnews, operserv/opernews, and operserv/randomnews.
|
||||||
|
*
|
||||||
|
* Used to configure news notices shown to users when they connect, and opers when they oper.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "os_news"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The service bot names to use to send news to users on connection
|
||||||
|
* and to opers when they oper.
|
||||||
|
*/
|
||||||
|
announcer = "Global"
|
||||||
|
oper_announcer = "OperServ"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The number of LOGON/OPER news items to display when a user logs on.
|
||||||
|
*
|
||||||
|
* This directive is optional, if not set it will default to 3.
|
||||||
|
*/
|
||||||
|
#newscount = 3
|
||||||
|
}
|
||||||
|
command { service = "OperServ"; name = "LOGONNEWS"; command = "operserv/logonnews"; permission = "operserv/news"; }
|
||||||
|
command { service = "OperServ"; name = "OPERNEWS"; command = "operserv/opernews"; permission = "operserv/news"; }
|
||||||
|
command { service = "OperServ"; name = "RANDOMNEWS"; command = "operserv/randomnews"; permission = "operserv/news"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_noop
|
||||||
|
*
|
||||||
|
* Provides the command operserv/noop.
|
||||||
|
*
|
||||||
|
* Used to NOOP a server, which prevents users from opering on that server.
|
||||||
|
*/
|
||||||
|
module { name = "os_noop" }
|
||||||
|
command { service = "OperServ"; name = "NOOP"; command = "operserv/noop"; permission = "operserv/noop"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_oline
|
||||||
|
*
|
||||||
|
* Provides the command operserv/oline.
|
||||||
|
*
|
||||||
|
* Used to set oper flags on users, and is specific to UnrealIRCd.
|
||||||
|
* See /helpop ?svso on your IRCd for more information.
|
||||||
|
*
|
||||||
|
* module { name = "os_oline" }
|
||||||
|
* command { service = "OperServ"; name = "OLINE"; command = "operserv/oline"; permission = "operserv/oline"; }
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* os_oper
|
||||||
|
*
|
||||||
|
* Provides the command operserv/oper.
|
||||||
|
*
|
||||||
|
* Used to configure opers and show information about opertypes.
|
||||||
|
*/
|
||||||
|
module { name = "os_oper" }
|
||||||
|
command { service = "OperServ"; name = "OPER"; command = "operserv/oper"; permission = "operserv/oper"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_reload
|
||||||
|
*
|
||||||
|
* Provides the command operserv/reload.
|
||||||
|
*
|
||||||
|
* Used to reload the services.conf configuration file.
|
||||||
|
*/
|
||||||
|
module { name = "os_reload" }
|
||||||
|
command { service = "OperServ"; name = "RELOAD"; command = "operserv/reload"; permission = "operserv/reload"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_set
|
||||||
|
*
|
||||||
|
* Provides the command operserv/set.
|
||||||
|
*
|
||||||
|
* Used to set various settings such as superadmin, debug mode, etc.
|
||||||
|
*/
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "os_set"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If set, Services Admins will be able to use SUPERADMIN [ON|OFF] which will temporarily grant
|
||||||
|
* them extra privileges such as being a founder on ALL channels.
|
||||||
|
*
|
||||||
|
* This directive is optional.
|
||||||
|
*/
|
||||||
|
superadmin = yes
|
||||||
|
}
|
||||||
|
command { service = "OperServ"; name = "SET"; command = "operserv/set"; permission = "operserv/set"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_shutdown
|
||||||
|
*
|
||||||
|
* Provides the commands operserv/quit, operserv/restart, and operserv/shutdown.
|
||||||
|
*
|
||||||
|
* Used to quit, restart, or shutdown services.
|
||||||
|
*/
|
||||||
|
module { name = "os_shutdown" }
|
||||||
|
command { service = "OperServ"; name = "QUIT"; command = "operserv/quit"; permission = "operserv/quit"; }
|
||||||
|
command { service = "OperServ"; name = "RESTART"; command = "operserv/restart"; permission = "operserv/restart"; }
|
||||||
|
command { service = "OperServ"; name = "SHUTDOWN"; command = "operserv/shutdown"; permission = "operserv/shutdown"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_stats
|
||||||
|
*
|
||||||
|
* Provides the operserv/stats command.
|
||||||
|
*
|
||||||
|
* Used to show statistics about services.
|
||||||
|
*/
|
||||||
|
module { name = "os_stats" }
|
||||||
|
command { service = "OperServ"; name = "STATS"; command = "operserv/stats"; permission = "operserv/stats"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_svs
|
||||||
|
*
|
||||||
|
* Provides the commands operserv/svsnick, operserv/svsjoin, and operserv/svspart.
|
||||||
|
*
|
||||||
|
* Used to force users to change nicks, join and part channels.
|
||||||
|
*/
|
||||||
|
module { name = "os_svs" }
|
||||||
|
command { service = "OperServ"; name = "SVSNICK"; command = "operserv/svsnick"; permission = "operserv/svs"; }
|
||||||
|
command { service = "OperServ"; name = "SVSJOIN"; command = "operserv/svsjoin"; permission = "operserv/svs"; }
|
||||||
|
command { service = "OperServ"; name = "SVSPART"; command = "operserv/svspart"; permission = "operserv/svs"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_sxline
|
||||||
|
*
|
||||||
|
* Provides the operserv/snline and operserv/sqline commands.
|
||||||
|
*
|
||||||
|
* Used to ban real names, nick names, and possibly channels.
|
||||||
|
*/
|
||||||
|
module { name = "os_sxline" }
|
||||||
|
command { service = "OperServ"; name = "SNLINE"; command = "operserv/snline"; permission = "operserv/snline"; }
|
||||||
|
command { service = "OperServ"; name = "SQLINE"; command = "operserv/sqline"; permission = "operserv/sqline"; }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* os_update
|
||||||
|
*
|
||||||
|
* Provides the operserv/update command.
|
||||||
|
*
|
||||||
|
* Use to immediately update the databases.
|
||||||
|
*/
|
||||||
|
module { name = "os_update" }
|
||||||
|
command { service = "OperServ"; name = "UPDATE"; command = "operserv/update"; permission = "operserv/update"; }
|
1183
roles/IRC/templates/anope/services.conf.j2
Normal file
1183
roles/IRC/templates/anope/services.conf.j2
Normal file
File diff suppressed because it is too large
Load Diff
597
roles/IRC/templates/inspircd/inspircd.conf.j2
Normal file
597
roles/IRC/templates/inspircd/inspircd.conf.j2
Normal file
@ -0,0 +1,597 @@
|
|||||||
|
#-#-#-#-#-#-#-#-#-# INCLUDE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
#<include file="file.conf"> #
|
||||||
|
#<include executable="/path/to/executable parameters"> #
|
||||||
|
#<include executable="/usr/bin/wget -q -O - http://example.com/inspircd.conf">
|
||||||
|
<include file="/etc/inspircd/opers.conf">
|
||||||
|
<include file="/etc/inspircd/links.conf">
|
||||||
|
<include file="/etc/inspircd/modules.conf">
|
||||||
|
<files motd="/etc/inspircd/motd.txt" rules="/etc/inspircd/rules.txt">
|
||||||
|
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-# VARIABLE DEFINITIONS -#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# You can define variables that will be substituted later in the #
|
||||||
|
# configuration file. This can be useful to allow settings to be #
|
||||||
|
# easily changed, or to parameterize a remote includes. #
|
||||||
|
# #
|
||||||
|
# Variables may be redefined and may reference other variables. #
|
||||||
|
# Value expansion happens at the time the tag is read. #
|
||||||
|
# #
|
||||||
|
# Using variable definitions REQUIRES that the config format be #
|
||||||
|
# changed to "xml" from the default "compat" that uses escape #
|
||||||
|
# sequences such as "\"" and "\n", and does not support <define> #
|
||||||
|
<config format="xml">
|
||||||
|
#<define name="bindip" value="1.2.2.3">
|
||||||
|
#<define name="localips" value="&bindip;/24">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#- SERVER DESCRIPTION -#-#-#-#-#-#-#-#-#-#-#-#-
|
||||||
|
# #
|
||||||
|
# Here is where you enter the information about your server. #
|
||||||
|
# #
|
||||||
|
<server
|
||||||
|
name="{{ external_domain }}"
|
||||||
|
description="{{ organization['displayname'] }}/IRC"
|
||||||
|
#id="97K"
|
||||||
|
network="{{ organization['displayname'] }}/IRC">
|
||||||
|
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#- ADMIN INFORMATION -#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# Describes the Server Administrator's real name (optionally), #
|
||||||
|
# nick, and email address. #
|
||||||
|
# #
|
||||||
|
<admin
|
||||||
|
name="{{ organization['admin'] }}"
|
||||||
|
nick="{{ organization['admin'] }}"
|
||||||
|
email="{{ organization['email'] }}">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#- PORT CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
|
||||||
|
# #
|
||||||
|
# Enter the port and address bindings here. #
|
||||||
|
# #
|
||||||
|
# j
|
||||||
|
<define name="subnetips" value="10.0.1.0/24">
|
||||||
|
<define name="localhost" value="127.0.0.1/32">
|
||||||
|
|
||||||
|
<bind
|
||||||
|
address=""
|
||||||
|
port="6697"
|
||||||
|
ssl="openssl"
|
||||||
|
type="clients">
|
||||||
|
|
||||||
|
<bind address="" port="6667" type="clients">
|
||||||
|
|
||||||
|
<bind address="" port="8067" type="servers">
|
||||||
|
|
||||||
|
<openssl onrehash="yes">
|
||||||
|
|
||||||
|
<sslprofile
|
||||||
|
name="Clients"
|
||||||
|
provider="openssl"
|
||||||
|
cafile="/etc/letsencrypt/live/{{ ssl['identity'] }}/fullchain.pem"
|
||||||
|
certfile="/etc/letsencrypt/live/{{ ssl['identity'] }}/cert.pem"
|
||||||
|
keyfile="/etc/letsencrypt/live/{{ ssl['identity'] }}/privkey.pem"
|
||||||
|
ciphers="{{ ssl['ciphersuite'] }}"
|
||||||
|
hash="sha256"
|
||||||
|
renegotiation="no"
|
||||||
|
requestclientcert="no"
|
||||||
|
sslv3="false"
|
||||||
|
tlsv1="no"
|
||||||
|
tlsv11="no"
|
||||||
|
tlsv12="yes">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#- CONNECTIONS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# This is where you can configure which connections are allowed #
|
||||||
|
# and denied access onto your server. The password is optional. #
|
||||||
|
# You may have as many of these as you require. To allow/deny all #
|
||||||
|
# connections, use a '*' or 0.0.0.0/0. #
|
||||||
|
# #
|
||||||
|
# -- It is important to note that connect tags are read from the -- #
|
||||||
|
# TOP DOWN. This means that you should have more specific deny #
|
||||||
|
# and allow tags at the top, progressively more general, followed #
|
||||||
|
# by a <connect allow="*" (should you wish to have one). #
|
||||||
|
# #
|
||||||
|
# Connect blocks are searched twice for each user - once when the TCP #
|
||||||
|
# connection is accepted, and once when the user completes their #
|
||||||
|
# registration. Most of the information (hostname, ident response, #
|
||||||
|
# password, SSL when using STARTTLS, etc) is only available during #
|
||||||
|
# the second search, so if you are trying to make a closed server, #
|
||||||
|
# you will probably need a connect block just for user registration. #
|
||||||
|
# This can be done by using <connect registered="no"> #
|
||||||
|
|
||||||
|
#<connect deny="192.0.2.*">
|
||||||
|
#<connect deny="3ffe::0/32" reason="The 6bone address space is deprecated">
|
||||||
|
<connect
|
||||||
|
name="local"
|
||||||
|
parent="main"
|
||||||
|
allow="127.0.0.1"
|
||||||
|
localmax="20"
|
||||||
|
globalmax="20"
|
||||||
|
limit="20"
|
||||||
|
requiressl="off"
|
||||||
|
threshold="200"
|
||||||
|
port="6667">
|
||||||
|
<connect
|
||||||
|
name="main"
|
||||||
|
allow="*"
|
||||||
|
commandrate="1000"
|
||||||
|
fakelag="on"
|
||||||
|
globalmax="500"
|
||||||
|
hardsendq="1M"
|
||||||
|
limit="500"
|
||||||
|
localmax="500"
|
||||||
|
maxconnwarn="on"
|
||||||
|
modes="+wx"
|
||||||
|
pingfreq="120"
|
||||||
|
port="6697"
|
||||||
|
recvq="8192"
|
||||||
|
requiressl="on"
|
||||||
|
resolvehostnames="on"
|
||||||
|
softsendq="8192"
|
||||||
|
threshold="25"
|
||||||
|
timeout="10"
|
||||||
|
useident="no">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#- CIDR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
|
||||||
|
# #
|
||||||
|
# CIDR configuration allows detection of clones and applying of #
|
||||||
|
# throttle limits across a CIDR range. (A CIDR range is a group of #
|
||||||
|
# IPs, for example, the CIDR range 192.168.1.0-192.168.1.255 may be #
|
||||||
|
# represented as 192.168.1.0/24). This means that abuse across an ISP #
|
||||||
|
# is detected and curtailed much easier. Here is a good chart that #
|
||||||
|
# shows how many IPs the different CIDRs correspond to: #
|
||||||
|
# http://en.wikipedia.org/wiki/CIDR#Prefix_aggregation #
|
||||||
|
# #
|
||||||
|
<cidr
|
||||||
|
# ipv4clone: specifies how many bits of an IP address should be
|
||||||
|
# looked at for clones. The default only looks for clones on a
|
||||||
|
# single IP address of a user. You do not want to set this
|
||||||
|
# extremely low. (Values are 0-32).
|
||||||
|
ipv4clone="32"
|
||||||
|
# ipv6clone: specifies how many bits of an IP address should be
|
||||||
|
# looked at for clones. The default only looks for clones on a
|
||||||
|
# single IP address of a user. You do not want to set this
|
||||||
|
# extremely low. (Values are 0-128).
|
||||||
|
ipv6clone="128">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-# MAXIMUM CHANNELS -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
<channels users="20" opers="60">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#-#-#-# DNS SERVER -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# If these values are not defined, InspIRCd uses the default DNS resolver
|
||||||
|
# of your system.
|
||||||
|
#<dns server="127.0.0.1" timeout="5">
|
||||||
|
#<dns server="::1" timeout="5">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#-#-#-# PID FILE -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# Define the path to the PID file here. The PID file can be used to #
|
||||||
|
# rehash the ircd from the shell or to terminate the ircd from the #
|
||||||
|
# shell using shell scripts, perl scripts, etc... and to monitor the #
|
||||||
|
# ircd's state via cron jobs. If this is a relative path, it will be #
|
||||||
|
# relative to the configuration directory, and if it is not defined, #
|
||||||
|
# the default of 'inspircd.pid' is used. #
|
||||||
|
# #
|
||||||
|
<pid file="/var/lib/inspircd/inspircd.pid">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#-#- BANLIST LIMITS #-#-#-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# Use these tags to customise the ban limits on a per channel basis. #
|
||||||
|
# The tags are read from top to bottom, and any tag found which #
|
||||||
|
# matches the channels name applies the banlimit to that channel. #
|
||||||
|
# It is advisable to put an entry with the channel as '*' at the #
|
||||||
|
# bottom of the list. If none are specified or no maxbans tag is #
|
||||||
|
# matched, the banlist size defaults to 64 entries. #
|
||||||
|
# #
|
||||||
|
#<banlist chan="#largechan" limit="128">
|
||||||
|
<maxlist chan="*" limit="60">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#- DISABLED FEATURES -#-#-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# This tag is optional, and specifies one or more features which are #
|
||||||
|
# not available to non-operators. #
|
||||||
|
# #
|
||||||
|
# For example you may wish to disable NICK and prevent non-opers from #
|
||||||
|
# changing their nicknames. #
|
||||||
|
# Note that any disabled commands take effect only after the user has #
|
||||||
|
# 'registered' (e.g. after the initial USER/NICK/PASS on connection) #
|
||||||
|
# so for example disabling NICK will not cripple your network. #
|
||||||
|
# #
|
||||||
|
# You can also define if you want to disable any channelmodes #
|
||||||
|
# or usermodes from your users. #
|
||||||
|
# #
|
||||||
|
# `fakenonexistant' will make the ircd pretend that nonexistant #
|
||||||
|
# commands simply don't exist to non-opers ("no such command"). #
|
||||||
|
# #
|
||||||
|
#<disabled commands="TOPIC MODE" usermodes="" chanmodes="" fakenonexistant="yes">
|
||||||
|
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#-#- SERVER OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# Settings to define which features are usable on your server. #
|
||||||
|
# #
|
||||||
|
|
||||||
|
<options
|
||||||
|
# prefixquit: What (if anything) users' quit messages
|
||||||
|
# should be prefixed with.
|
||||||
|
prefixquit="Quit: "
|
||||||
|
|
||||||
|
# suffixquit: What (if anything) users' quit messages
|
||||||
|
# should be suffixed with.
|
||||||
|
suffixquit=""
|
||||||
|
|
||||||
|
# prefixpart: What (if anything) users' part messages
|
||||||
|
# should be prefixed with.
|
||||||
|
prefixpart="""
|
||||||
|
# NOTE: Use "\"" instead of """ if not using <config format="xml">
|
||||||
|
|
||||||
|
# suffixpart: What (if anything) users' part message
|
||||||
|
# should be suffixed with.
|
||||||
|
suffixpart="""
|
||||||
|
|
||||||
|
# fixedquit: Set all users' quit messages to this value.
|
||||||
|
#fixedquit=""
|
||||||
|
|
||||||
|
# fixedpart: Set all users' part messages in all channels
|
||||||
|
# to this value.
|
||||||
|
#fixedpart=""
|
||||||
|
|
||||||
|
# syntaxhints: If enabled, if a user fails to send the correct parameters
|
||||||
|
# for a command, the ircd will give back some help text of what
|
||||||
|
# the correct parameters are.
|
||||||
|
syntaxhints="no"
|
||||||
|
|
||||||
|
# cyclehosts: If enabled, when a user gets a host set, it will cycle
|
||||||
|
# them in all their channels. If not, it will simply change their host
|
||||||
|
# without cycling them.
|
||||||
|
cyclehosts="no"
|
||||||
|
|
||||||
|
# cyclehostsfromuser: If enabled, the source of the mode change for
|
||||||
|
# cyclehosts will be the user who cycled. This can look nicer, but
|
||||||
|
# triggers anti-takeover mechanisms of some obsolete bots.
|
||||||
|
cyclehostsfromuser="no"
|
||||||
|
|
||||||
|
# ircumsgprefix: Use undernet-style message prefixing for NOTICE and
|
||||||
|
# PRIVMSG. If enabled, it will add users' prefix to the line, if not,
|
||||||
|
# it will just message the user normally.
|
||||||
|
ircumsgprefix="no"
|
||||||
|
|
||||||
|
# announcets: If set to yes, when the timestamp on a channel changes, all users
|
||||||
|
# in the channel will be sent a NOTICE about it.
|
||||||
|
announcets="yes"
|
||||||
|
|
||||||
|
# allowmismatch: Setting this option to yes will allow servers to link even
|
||||||
|
# if they don't have the same "optionally common" modules loaded. Setting this to
|
||||||
|
# yes may introduce some desyncs and unwanted behaviour.
|
||||||
|
allowmismatch="no"
|
||||||
|
|
||||||
|
# defaultbind: Sets the default for <bind> tags without an address. Choices are
|
||||||
|
# ipv4 or ipv6; if not specified, IPv6 will be used if your system has support,
|
||||||
|
# falling back to IPv4 otherwise.
|
||||||
|
defaultbind="auto"
|
||||||
|
|
||||||
|
# hostintopic: If enabled, channels will show the host of the topic setter
|
||||||
|
# in the topic. If set to no, it will only show the nick of the topic setter.
|
||||||
|
hostintopic="yes"
|
||||||
|
|
||||||
|
# pingwarning: If a server does not respond to a ping within x seconds,
|
||||||
|
# it will send a notice to opers with snomask +l informing that the server
|
||||||
|
# is about to ping timeout.
|
||||||
|
pingwarning="15"
|
||||||
|
|
||||||
|
# serverpingfreq: How often pings are sent between servers (in seconds).
|
||||||
|
serverpingfreq="60"
|
||||||
|
|
||||||
|
# defaultmodes: What modes are set on a empty channel when a user
|
||||||
|
# joins it and it is unregistered.
|
||||||
|
defaultmodes="not"
|
||||||
|
|
||||||
|
# moronbanner: This is the text that is sent to a user when they are
|
||||||
|
# banned from the server.
|
||||||
|
moronbanner="You're banned! Contact {{ organization['email'] }} with the ERROR line below for help."
|
||||||
|
|
||||||
|
# exemptchanops: exemptions for channel access restrictions based on prefix.
|
||||||
|
exemptchanops="nonick:v flood:o"
|
||||||
|
|
||||||
|
# invitebypassmodes: This allows /invite to bypass other channel modes.
|
||||||
|
# (Such as +k, +j, +l, etc.)
|
||||||
|
invitebypassmodes="yes"
|
||||||
|
|
||||||
|
# nosnoticestack: This prevents snotices from 'stacking' and giving you
|
||||||
|
# the message saying '(last message repeated X times)'. Defaults to no.
|
||||||
|
nosnoticestack="no"
|
||||||
|
|
||||||
|
# welcomenotice: When turned on, this sends a NOTICE to connecting users
|
||||||
|
# with the text Welcome to <networkname>! after successful registration.
|
||||||
|
# Defaults to yes.
|
||||||
|
welcomenotice="yes">
|
||||||
|
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-# PERFORMANCE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
|
||||||
|
<performance
|
||||||
|
# netbuffersize: Size of the buffer used to receive data from clients.
|
||||||
|
# The ircd may only read this amount of text in 1 go at any time.
|
||||||
|
netbuffersize="10240"
|
||||||
|
|
||||||
|
# somaxconn: The maximum number of connections that may be waiting
|
||||||
|
# in the accept queue. This is *NOT* the total maximum number of
|
||||||
|
# connections per server. Some systems may only allow this to be up
|
||||||
|
# to 5, while others (such as Linux and *BSD) default to 128.
|
||||||
|
somaxconn="128"
|
||||||
|
|
||||||
|
# limitsomaxconn: By default, somaxconn (see above) is limited to a
|
||||||
|
# safe maximum value in the 2.0 branch for compatibility reasons.
|
||||||
|
# This setting can be used to disable this limit, forcing InspIRCd
|
||||||
|
# to use the value specified above.
|
||||||
|
limitsomaxconn="true"
|
||||||
|
|
||||||
|
# softlimit: This optional feature allows a defined softlimit for
|
||||||
|
# connections. If defined, it sets a soft max connections value.
|
||||||
|
softlimit="1024"
|
||||||
|
|
||||||
|
# quietbursts: When syncing or splitting from a network, a server
|
||||||
|
# can generate a lot of connect and quit messages to opers with
|
||||||
|
# +C and +Q snomasks. Setting this to yes squelches those messages,
|
||||||
|
# which makes it easier for opers, but degrades the functionality of
|
||||||
|
# bots like BOPM during netsplits.
|
||||||
|
quietbursts="yes">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-# SECURITY CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
|
||||||
|
<security
|
||||||
|
|
||||||
|
# announceinvites: This option controls which members of the channel
|
||||||
|
# receive an announcement when someone is INVITEd. Available values:
|
||||||
|
# 'none' - don't send invite announcements
|
||||||
|
# 'all' - send invite announcements to all members
|
||||||
|
# 'ops' - send invite announcements to ops and higher ranked users
|
||||||
|
# 'dynamic' - send invite announcements to halfops (if available) and
|
||||||
|
# higher ranked users. This is the recommended setting.
|
||||||
|
announceinvites="dynamic"
|
||||||
|
|
||||||
|
# hidemodes: If enabled, then the listmodes given will be hidden
|
||||||
|
# from users below halfop. This is not recommended to be set on +b
|
||||||
|
# as it may break some functionality in popular clients such as mIRC.
|
||||||
|
hidemodes="eI"
|
||||||
|
|
||||||
|
# hideulines: If this value is set to yes, U-lined servers will
|
||||||
|
# be hidden from non-opers in /links and /map.
|
||||||
|
hideulines="no"
|
||||||
|
|
||||||
|
# flatlinks: If this value is set to yes, /map and /links will
|
||||||
|
# be flattened when shown to non-opers.
|
||||||
|
flatlinks="no"
|
||||||
|
|
||||||
|
# hidewhois: When defined, the given text will be used in place
|
||||||
|
# of the server a user is on when whoised by a non-oper. Most
|
||||||
|
# networks will want to set this to something like "*.netname.net"
|
||||||
|
# to conceal the actual server a user is on.
|
||||||
|
# Note that enabling this will cause users' idle times to only be
|
||||||
|
# shown when the format /WHOIS <nick> <nick> is used.
|
||||||
|
hidewhois=""
|
||||||
|
|
||||||
|
# hidebans: If this value is set to yes, when a user is banned ([gkz]lined)
|
||||||
|
# only opers will see the ban message when the user is removed
|
||||||
|
# from the server.
|
||||||
|
hidebans="no"
|
||||||
|
|
||||||
|
# hidekills: If defined, replaces who set a /kill with a custom string.
|
||||||
|
hidekills=""
|
||||||
|
|
||||||
|
# hidesplits: If enabled, non-opers will not be able to see which
|
||||||
|
# servers split in a netsplit, they will only be able to see that one
|
||||||
|
# occurred (If their client has netsplit detection).
|
||||||
|
hidesplits="yes"
|
||||||
|
|
||||||
|
# maxtargets: Maximum number of targets per command.
|
||||||
|
# (Commands like /notice, /privmsg, /kick, etc)
|
||||||
|
maxtargets="20"
|
||||||
|
|
||||||
|
# customversion: Displays a custom string when a user /version's
|
||||||
|
# the ircd. This may be set for security reasons or vanity reasons.
|
||||||
|
customversion=""
|
||||||
|
|
||||||
|
# operspywhois: show opers (users/auspex) the +s channels a user is in. Values:
|
||||||
|
# splitmsg Split with an explanatory message
|
||||||
|
# yes Split with no explanatory message
|
||||||
|
# no Do not show
|
||||||
|
operspywhois="yes"
|
||||||
|
|
||||||
|
# runasuser: If this is set, InspIRCd will attempt to switch
|
||||||
|
# to run as this user, which allows binding of ports under 1024.
|
||||||
|
# You should NOT set this unless you are starting as root.
|
||||||
|
# NOT SUPPORTED/NEEDED UNDER WINDOWS.
|
||||||
|
#runasuser="ircd"
|
||||||
|
|
||||||
|
# runasgroup: If this is set, InspIRCd will attempt to switch
|
||||||
|
# to run as this group, which allows binding of ports under 1024.
|
||||||
|
# You should NOT set this unless you are starting as root.
|
||||||
|
# NOT SUPPORTED/NEEDED UNDER WINDOWS.
|
||||||
|
#runasgroup="ircd"
|
||||||
|
|
||||||
|
# restrictbannedusers: If this is set to yes, InspIRCd will not allow users
|
||||||
|
# banned on a channel to change nickname or message channels they are
|
||||||
|
# banned on.
|
||||||
|
restrictbannedusers="yes"
|
||||||
|
|
||||||
|
# genericoper: Setting this value to yes makes all opers on this server
|
||||||
|
# appear as 'is an IRC operator' in their WHOIS, regardless of their
|
||||||
|
# oper type, however oper types are still used internally. This only
|
||||||
|
# affects the display in WHOIS.
|
||||||
|
genericoper="no"
|
||||||
|
|
||||||
|
# userstats: /stats commands that users can run (opers can run all).
|
||||||
|
userstats="Pu">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#-# LIMITS CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# This configuration tag defines the maximum sizes of various types #
|
||||||
|
# on IRC, such as the maximum length of a channel name, and the #
|
||||||
|
# maximum length of a channel. Note that with the exception of the #
|
||||||
|
# identmax value all values given here are the exact values you would #
|
||||||
|
# expect to see on IRC. This contrasts with the older InspIRCd #
|
||||||
|
# releases where these values would be one character shorter than #
|
||||||
|
# defined to account for a null terminator on the end of the text. #
|
||||||
|
# #
|
||||||
|
# These values should match network-wide otherwise issues will occur. #
|
||||||
|
# #
|
||||||
|
# The highest safe value you can set any of these options to is 500, #
|
||||||
|
# but it is recommended that you keep them somewhat #
|
||||||
|
# near their defaults (or lower). #
|
||||||
|
|
||||||
|
<limits
|
||||||
|
# maxnick: Maximum length of a nickname.
|
||||||
|
maxnick="12"
|
||||||
|
|
||||||
|
# maxchan: Maximum length of a channel name.
|
||||||
|
maxchan="20"
|
||||||
|
|
||||||
|
# maxmodes: Maximum number of mode changes per line.
|
||||||
|
maxmodes="20"
|
||||||
|
|
||||||
|
# maxident: Maximum length of a ident/username.
|
||||||
|
maxident="64"
|
||||||
|
|
||||||
|
# maxquit: Maximum length of a quit message.
|
||||||
|
maxquit="255"
|
||||||
|
|
||||||
|
# maxtopic: Maximum length of a channel topic.
|
||||||
|
maxtopic="307"
|
||||||
|
|
||||||
|
# maxkick: Maximum length of a kick message.
|
||||||
|
maxkick="255"
|
||||||
|
|
||||||
|
# maxgecos: Maximum length of a GECOS (realname).
|
||||||
|
maxgecos="128"
|
||||||
|
|
||||||
|
# maxaway: Maximum length of an away message.
|
||||||
|
maxaway="200">
|
||||||
|
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# Logging
|
||||||
|
# -------
|
||||||
|
#
|
||||||
|
# Logging is covered with the <log> tag, which you may use to change
|
||||||
|
# the behaviour of the logging of the IRCd.
|
||||||
|
#
|
||||||
|
# In InspIRCd as of 1.2, logging is pluggable and very extensible.
|
||||||
|
# Different files can log the same thing, different 'types' of log can
|
||||||
|
# go to different places, and modules can even extend the log tag
|
||||||
|
# to do what they want.
|
||||||
|
#
|
||||||
|
# An example log tag would be:
|
||||||
|
# <log method="file" type="OPER" level="default" target="logs/opers.log">
|
||||||
|
# which would log all information on /oper (failed and successful) to
|
||||||
|
# a file called opers.log.
|
||||||
|
#
|
||||||
|
# There are many different types which may be used, and modules may
|
||||||
|
# generate their own. A list of useful types:
|
||||||
|
# - USERS - information relating to user connection and disconnection
|
||||||
|
# - OPER - succesful and failed oper attempts
|
||||||
|
# - KILL - kill related messages
|
||||||
|
# - snomask - server notices (*all* snomasks will be logged)
|
||||||
|
# - FILTER - messages related to filter matches (m_filter)
|
||||||
|
# - CONFIG - configuration related messages
|
||||||
|
# - COMMAND - die and restart messages, and messages related to unknown user types
|
||||||
|
# - SOCKET - socket engine informational/error messages
|
||||||
|
# - MODULE - module related messages
|
||||||
|
# - STARTUP - messages related to starting up the server
|
||||||
|
#
|
||||||
|
# You may also log *everything* by using a type of *, and subtract things out
|
||||||
|
# of that by using -TYPE - for example "* -USERINPUT -USEROUTPUT".
|
||||||
|
#
|
||||||
|
# Useful levels are:
|
||||||
|
# - default (general messages, including errors)
|
||||||
|
# - sparse (misc error messages)
|
||||||
|
# - debug (debug messages)
|
||||||
|
#
|
||||||
|
# Some types only produce output in the debug level, those are:
|
||||||
|
# - BANCACHE - ban cache debug messages
|
||||||
|
# - CHANNELS - information relating to joining/creating channels
|
||||||
|
# - CULLLIST - debug messages related to issues with removing users
|
||||||
|
# - RESOLVER - DNS related debug messages
|
||||||
|
# - CONNECTCLASS - Connection class debug messages
|
||||||
|
# - USERINPUT
|
||||||
|
# - USEROUTPUT
|
||||||
|
#
|
||||||
|
# The following log tag is highly default and uncustomised. It is recommended you
|
||||||
|
# sort out your own log tags. This is just here so you get some output.
|
||||||
|
|
||||||
|
<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="/var/log/ircd.log">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#-#- WHOWAS OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# This tag lets you define the behaviour of the /whowas command of #
|
||||||
|
# your server. #
|
||||||
|
# #
|
||||||
|
|
||||||
|
<whowas
|
||||||
|
# groupsize: Maximum entries per nick shown when performing
|
||||||
|
# a /whowas nick.
|
||||||
|
groupsize="10"
|
||||||
|
|
||||||
|
# maxgroups: Maximum number of nickgroups that can be added to
|
||||||
|
# the list so that /whowas does not use a lot of resources on
|
||||||
|
# large networks.
|
||||||
|
maxgroups="100000"
|
||||||
|
|
||||||
|
# maxkeep: Maximum time a nick is kept in the whowas list
|
||||||
|
# before being pruned. Time may be specified in seconds,
|
||||||
|
# or in the following format: 1y2w3d4h5m6s. Minimum is
|
||||||
|
# 1 hour.
|
||||||
|
maxkeep="1d">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#-#-#- BAN OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# The ban tags define nick masks, host masks and ip ranges which are #
|
||||||
|
# banned from your server. All details in these tags are local to #
|
||||||
|
# Your server. #
|
||||||
|
# #
|
||||||
|
|
||||||
|
#<badip ipmask="192.0.2.*" reason="Nope.">
|
||||||
|
<badnick nick="*Serv" reason="Reserved for Services">
|
||||||
|
<badhost host="*@*malware*" reason="Malware">
|
||||||
|
<badhost host="root@*" reason="Don't IRC as root!">
|
||||||
|
<exception host="{{ organization['admin'] }}@localhost" reason="localhost">
|
||||||
|
<exception host="{{ organization['admin'] }}@127.0.0.1" reason="localhost">
|
||||||
|
<exception host="{{ organization['admin'] }}@{{ external_domain }}" reason="localhost">
|
||||||
|
<exception host="{{ organization['admin'] }}@*.{{ external_domain }}" reason="localhost">
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#- INSANE BAN OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# This optional tag allows you to specify how wide a gline, eline, #
|
||||||
|
# kline, zline or qline can be before it is forbidden from being #
|
||||||
|
# set. By setting hostmasks="yes", you can allow all G, K, E lines, #
|
||||||
|
# no matter how many users the ban would cover. This is not #
|
||||||
|
# recommended! By setting ipmasks="yes", you can allow all Z lines, #
|
||||||
|
# no matter how many users these cover too. Needless to say we #
|
||||||
|
# don't recommend you do this, or, set nickmasks="yes", which will #
|
||||||
|
# allow any qline. #
|
||||||
|
# #
|
||||||
|
<insane
|
||||||
|
# hostmasks: Allow bans with insane hostmasks. (over-reaching bans)
|
||||||
|
hostmasks="no"
|
||||||
|
# ipmasks: Allow bans with insane ipmasks. (over-reaching bans)
|
||||||
|
ipmasks="no"
|
||||||
|
# nickmasks: Allow bans with insane nickmasks. (over-reaching bans)
|
||||||
|
nickmasks="no"
|
||||||
|
# trigger: What percentage of users on the network to trigger
|
||||||
|
# specifying an insane ban as. The default is 95.5%, which means
|
||||||
|
# if you have a 1000 user network, a ban will not be allowed if it
|
||||||
|
# will be banning 955 or more users.
|
||||||
|
trigger="99">
|
||||||
|
|
||||||
|
#########################################################################
|
||||||
|
# #
|
||||||
|
# - InspIRCd Development Team - #
|
||||||
|
# http://www.inspircd.org #
|
||||||
|
# #
|
||||||
|
#########################################################################
|
55
roles/IRC/templates/inspircd/links.conf.j2
Normal file
55
roles/IRC/templates/inspircd/links.conf.j2
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
#-#-#-#-#-#-#-#-#-#-#- SERVER LINK CONFIGURATION -#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# Defines which servers can link to this one, and which servers this #
|
||||||
|
# server may create outbound links to. #
|
||||||
|
# #
|
||||||
|
# ____ _ _____ _ _ ____ _ _ _ #
|
||||||
|
# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
|
||||||
|
# | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | #
|
||||||
|
# | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| #
|
||||||
|
# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
|
||||||
|
# #
|
||||||
|
# If you want to link servers to InspIRCd you must load the #
|
||||||
|
# m_spanningtree.so module! #
|
||||||
|
# #
|
||||||
|
# #
|
||||||
|
|
||||||
|
# Server link block
|
||||||
|
#<link name="hub.example.org"
|
||||||
|
# ipaddr="penguin.example.org"
|
||||||
|
# port="7000"
|
||||||
|
# allowmask="203.0.113.0/24"
|
||||||
|
# timeout="300"
|
||||||
|
# ssl="gnutls"
|
||||||
|
# bind="1.2.3.4"
|
||||||
|
# statshidden="no"
|
||||||
|
# hidden="no"
|
||||||
|
# sendpass="outgoing!password"
|
||||||
|
# recvpass="incoming!password">
|
||||||
|
{{ secrets['IRC']['links'] }}
|
||||||
|
|
||||||
|
# Link block for services. Options are the same as for the first
|
||||||
|
# link block (depending on what your services package supports).
|
||||||
|
<link name="ircservices.{{ external_domain }}"
|
||||||
|
ipaddr="core.{{ replica_domain }}"
|
||||||
|
port="8067"
|
||||||
|
allowmask="10.0.1.3/32"
|
||||||
|
sendpass="{{ secrets['IRC']['servicespass'] }}"
|
||||||
|
recvpass="{{ secrets['IRC']['servicespass'] }}">
|
||||||
|
|
||||||
|
# Simple autoconnect block. This enables automatic connection to a hub
|
||||||
|
#<autoconnect period="300" server="hub.example.org">
|
||||||
|
|
||||||
|
#<autoconnect period="120" server="hub.us.example.org hub.eu.example.org leaf.eu.example.org">
|
||||||
|
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#- ULINES CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# This tag defines a ulined server. A U-Lined server has special #
|
||||||
|
# permissions, and should be used with caution. Services servers are #
|
||||||
|
# usually u-lined in this manner. #
|
||||||
|
# #
|
||||||
|
# The 'silent' value, if set to yes, indicates that this server should#
|
||||||
|
# not generate quit and connect notices, which can cut down on noise #
|
||||||
|
# to opers on the network. #
|
||||||
|
# #
|
||||||
|
<uline server="ircservices.{{ external_domain }}" silent="no">
|
1900
roles/IRC/templates/inspircd/modules.conf.j2
Normal file
1900
roles/IRC/templates/inspircd/modules.conf.j2
Normal file
File diff suppressed because it is too large
Load Diff
45
roles/IRC/templates/inspircd/motd.txt.j2
Normal file
45
roles/IRC/templates/inspircd/motd.txt.j2
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
........................................
|
||||||
|
........................................
|
||||||
|
..................HHH...................
|
||||||
|
................HHHHHHHH................
|
||||||
|
.............HHHHHHHHHHHHH..............
|
||||||
|
..........HHHHHHH.....HHHHHHH...........
|
||||||
|
.......HHHHHHH...........HHHHHHH........
|
||||||
|
......HHHHH.................HHHHH.......
|
||||||
|
......HHH.....................HHH.......
|
||||||
|
......HHH.....HH....#.........HHH.......
|
||||||
|
......HHH.....HH.....###......HHH.......
|
||||||
|
......HHH.....HH........##....HHH.......
|
||||||
|
......HHH.....HH........##....HHH.......
|
||||||
|
......HHH.....HH.....###......HHH.......
|
||||||
|
......HHH.....HH....#.........HHH.......
|
||||||
|
......HHH.....................HHH.......
|
||||||
|
......HHHHH.................HHHHH.......
|
||||||
|
.......HHHHHHH...........HHHHHHH........
|
||||||
|
..........HHHHHHH......HHHHHHH..........
|
||||||
|
............HHHHHHH.HHHHHHH.............
|
||||||
|
...............HHHHHHHHH................
|
||||||
|
..................HHH...................
|
||||||
|
........................................
|
||||||
|
........................................
|
||||||
|
........................................
|
||||||
|
|
||||||
|
Welcome to the AniNIX/IRC secure chat system!
|
||||||
|
Reach out to ops and founders in #lobby if you
|
||||||
|
need any help.
|
||||||
|
|
||||||
|
You should check which channels you want to join.
|
||||||
|
Type the following to get a list:
|
||||||
|
/list
|
||||||
|
|
||||||
|
You will need to request an AniNIX/Sora LDAP
|
||||||
|
account from an op or founder in #lobby to be
|
||||||
|
able to log in. If you already have an account,
|
||||||
|
use the following to authenticate:
|
||||||
|
"/quote ns identify <password>"
|
||||||
|
|
||||||
|
For reference, check out the Wiki:
|
||||||
|
https://{{ external_domain }}/AniNIX/Wiki
|
||||||
|
|
||||||
|
User code of conduct is recorded below:
|
||||||
|
https://{{ external_domain }}/AniNIX/Wiki/src/branch/main/Policies/User_Ethics.md
|
118
roles/IRC/templates/inspircd/opers.conf.j2
Normal file
118
roles/IRC/templates/inspircd/opers.conf.j2
Normal file
@ -0,0 +1,118 @@
|
|||||||
|
#-#-#-#-#-#-#-#-#-#-#-#- CLASS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
|
||||||
|
# #
|
||||||
|
# Classes are a group of commands which are grouped together and #
|
||||||
|
# given a unique name. They're used to define which commands #
|
||||||
|
# are available to certain types of Operators. #
|
||||||
|
# #
|
||||||
|
# #
|
||||||
|
# Note: It is possible to make a class which covers all available #
|
||||||
|
# commands. To do this, specify commands="*". This is not really #
|
||||||
|
# recommended, as it negates the whole purpose of the class system, #
|
||||||
|
# however it is provided for fast configuration (e.g. in test nets). #
|
||||||
|
# #
|
||||||
|
|
||||||
|
<class
|
||||||
|
name="Shutdown"
|
||||||
|
|
||||||
|
# commands: Oper-only commands that opers of this class can run.
|
||||||
|
commands="CLOSE DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOADMODULE GLOADMODULE GUNLOADMODULE GRELOADMODULE"
|
||||||
|
|
||||||
|
# privs: Special privileges that users with this class may utilise.
|
||||||
|
# VIEWING:
|
||||||
|
# - channels/auspex: allows opers with this priv to see more detail about channels than normal users.
|
||||||
|
# - users/auspex: allows opers with this priv to view more details about users than normal users, e.g. real host and IP.
|
||||||
|
# - servers/auspex: allows opers with this priv to see more detail about server information than normal users.
|
||||||
|
# ACTIONS:
|
||||||
|
# - users/mass-message: allows opers with this priv to PRIVMSG and NOTICE to a server mask (e.g. NOTICE $*)
|
||||||
|
# - channels/high-join-limit: allows opers with this priv to join <channels:opers> total channels instead of <channels:users> total channels.
|
||||||
|
# PERMISSIONS:
|
||||||
|
# - users/flood/no-fakelag: prevents opers from being penalized with fake lag for flooding (*NOTE)
|
||||||
|
# - users/flood/no-throttle: allows opers with this priv to send commands without being throttled (*NOTE)
|
||||||
|
# - users/flood/increased-buffers: allows opers with this priv to send and receive data without worrying about being disconnected for exceeding limits (*NOTE)
|
||||||
|
#
|
||||||
|
# *NOTE: These privs are potentially dangerous, as they grant users with them the ability to hammer your server's CPU/RAM as much as they want, essentially.
|
||||||
|
privs="users/auspex channels/auspex servers/auspex users/mass-message channels/high-join-limit users/flood/no-throttle users/flood/increased-buffers channels/ignore-noctcp channels/restricted-create users/ignore-commonchans users/ignore-noctcp users/ignore-privdeaf users/samode-usermodes"
|
||||||
|
|
||||||
|
# usermodes: Oper-only usermodes that opers with this class can use.
|
||||||
|
usermodes="*"
|
||||||
|
|
||||||
|
# chanmodes: Oper-only channel modes that opers with this class can use.
|
||||||
|
chanmodes="*">
|
||||||
|
|
||||||
|
<class name="SACommands" commands="SAJOIN SAPART SANICK SAQUIT SATOPIC SAKICK SAMODE OJOIN CHECK">
|
||||||
|
<class name="ServerLink" commands="CONNECT SQUIT RCONNECT RSQUIT MKPASSWD ALLTIME SWHOIS JUMPSERVER LOCKSERV UNLOCKSERV" usermodes="*" chanmodes="*" privs="servers/auspex">
|
||||||
|
<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE RLINE CHECK NICKLOCK NICKUNLOCK SHUN CLONES CBAN CLOSE" usermodes="*" chanmodes="*">
|
||||||
|
<class name="OperChat" commands="WALLOPS GLOBOPS" usermodes="*" chanmodes="*" privs="users/mass-message">
|
||||||
|
<class name="HostCloak" commands="SETHOST SETIDENT SETIDLE CHGNAME CHGHOST CHGIDENT" usermodes="*" chanmodes="*" privs="users/auspex">
|
||||||
|
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#-#- OPERATOR COMPOSITION -#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# This is where you specify which types of operators you have on #
|
||||||
|
# your server, as well as the commands they are allowed to use. #
|
||||||
|
# This works alongside with the classes specified above. #
|
||||||
|
# #
|
||||||
|
|
||||||
|
<type
|
||||||
|
# name: Name of type. Used in actual server operator accounts below.
|
||||||
|
# Cannot contain spaces. If you would like a space, use
|
||||||
|
# the _ character instead and it will translate to a space on whois.
|
||||||
|
name="NetAdmin"
|
||||||
|
|
||||||
|
# classes: Classes (blocks above) that this type belongs to.
|
||||||
|
classes="SACommands OperChat BanControl HostCloak Shutdown ServerLink"
|
||||||
|
|
||||||
|
# vhost: Host opers of this type get when they log in (oper up). This is optional.
|
||||||
|
vhost="{{ external_domain }}"
|
||||||
|
|
||||||
|
# modes: User modes besides +o that are set on an oper of this type
|
||||||
|
# when they oper up. Used for snomasks and other things.
|
||||||
|
# Requires that m_opermodes.so be loaded.
|
||||||
|
# Set all watchlists for NetAdmins.
|
||||||
|
modes="+s +aAcCjkKlLoOqQr">
|
||||||
|
<type name="GlobalOp" classes="SACommands OperChat BanControl HostCloak ServerLink" vhost="{{ external_domain }}">
|
||||||
|
<type name="Helper" classes="HostCloak" vhost="{{ external_domain }}">
|
||||||
|
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#-#- OPERATOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
|
||||||
|
# #
|
||||||
|
# Opers are defined here. This is a very important section. #
|
||||||
|
# Remember to only make operators out of trustworthy people. #
|
||||||
|
# #
|
||||||
|
|
||||||
|
# Unhashed operblock
|
||||||
|
#<oper
|
||||||
|
# name="Brain"
|
||||||
|
# password="youshouldhashthis"
|
||||||
|
# host="brain@dialup15.isp.test.com *@localhost *@example.com *@2001:db8::/32"
|
||||||
|
# #fingerprint="67cb9dc013248a829bb2171ed11becd4"
|
||||||
|
# type="NetAdmin">
|
||||||
|
#
|
||||||
|
{% for oper in secrets['IRC']['opers'] %}
|
||||||
|
<oper name="{{ oper }}" password="{{ secrets['IRC']['opers'][oper] }}" hash="sha256" host="*@127.0.0.1 *@10.0.1.* *@localhost *@aninix.net" type="Helper">
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
|
#-#-#-#-#-#-#-#-#-#- DIE/RESTART CONFIGURATION -#-#-#-#-#-#-#-#-#-#-
|
||||||
|
# #
|
||||||
|
# You can configure the passwords here which you wish to use for #
|
||||||
|
# the /DIE and /RESTART commands. Only trusted ircops who will #
|
||||||
|
# need this ability should know the die and restart password. #
|
||||||
|
# #
|
||||||
|
<power
|
||||||
|
# hash: what hash these passwords are hashed with.
|
||||||
|
# Requires the module for selected hash (m_md5.so, m_sha256.so
|
||||||
|
# or m_ripemd160.so) be loaded and the password hashing module
|
||||||
|
# (m_password_hash.so) loaded.
|
||||||
|
# Options here are: "md5", "sha256" and "ripemd160", or one of
|
||||||
|
# these prefixed with "hmac-", e.g.: "hmac-sha256".
|
||||||
|
# Optional, but recommended. Create hashed passwords with:
|
||||||
|
# /mkpasswd <hash> <password>
|
||||||
|
hash="sha256"
|
||||||
|
|
||||||
|
# diepass: Password for opers to use if they need to shutdown (die)
|
||||||
|
# a server.
|
||||||
|
diepass="{{ secrets['IRC']['diepass'] }}"
|
||||||
|
|
||||||
|
# restartpass: Password for opers to use if they need to restart
|
||||||
|
# a server.
|
||||||
|
restartpass="{{ secrets['IRC']['restartpass'] }}">
|
4
roles/IRC/templates/inspircd/rules.txt.j2
Normal file
4
roles/IRC/templates/inspircd/rules.txt.j2
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
1) Be respectful and do not use the AniNIX for malicious actions.
|
||||||
|
2) Follow the Hacker Ethic.
|
||||||
|
3) Contribute, rather than detract, from any community.
|
||||||
|
Reach out to DarkFeather if you have questions.
|
259
roles/IRC/templates/kiwiirc/config.js.j2
Normal file
259
roles/IRC/templates/kiwiirc/config.js.j2
Normal file
@ -0,0 +1,259 @@
|
|||||||
|
var conf = {};
|
||||||
|
|
||||||
|
// Run the Kiwi server under a different user/group
|
||||||
|
conf.user = "ircd";
|
||||||
|
conf.group = "ircd";
|
||||||
|
|
||||||
|
|
||||||
|
// Log file location
|
||||||
|
conf.log = "kiwi.log";
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Server listen blocks
|
||||||
|
*/
|
||||||
|
|
||||||
|
// Do not edit this line!
|
||||||
|
conf.servers = [];
|
||||||
|
|
||||||
|
// Example server block
|
||||||
|
conf.servers.push({
|
||||||
|
port: 7778,
|
||||||
|
address: "127.0.0.1"
|
||||||
|
});
|
||||||
|
|
||||||
|
// Example SSL server block
|
||||||
|
//conf.servers.push({
|
||||||
|
// port: 7777,
|
||||||
|
// address: "0.0.0.0",
|
||||||
|
//
|
||||||
|
// ssl: true,
|
||||||
|
// ssl_key: "server.key",
|
||||||
|
// ssl_cert: "cert.pem"
|
||||||
|
//});
|
||||||
|
|
||||||
|
// Network interface for outgoing connections
|
||||||
|
conf.outgoing_address = {
|
||||||
|
IPv4: '0.0.0.0'
|
||||||
|
//IPv6: '::'
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
// Do we want to enable the built in Identd server?
|
||||||
|
conf.identd = {
|
||||||
|
enabled: false,
|
||||||
|
port: 113,
|
||||||
|
address: "0.0.0.0"
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
// Where the client files are
|
||||||
|
conf.public_http = "client/";
|
||||||
|
|
||||||
|
// Transports available to the client.
|
||||||
|
// Behind an Apache reverse proxy? Uncomment the below - Apache does not support websockets!
|
||||||
|
//conf.client_transports = ['polling'];
|
||||||
|
|
||||||
|
// Max connections per connection. 0 to disable
|
||||||
|
conf.max_client_conns = 5;
|
||||||
|
|
||||||
|
// Max connections per server. 0 to disable.
|
||||||
|
// Setting is ignored if:
|
||||||
|
// - There is a WEBIRC password configured for the server,
|
||||||
|
// - Kiwi is configured to send the client's ip as a username for the server, or
|
||||||
|
// - Kiwi is running in restricted server mode.
|
||||||
|
conf.max_server_conns = 0;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Default encoding to be used by the server
|
||||||
|
* As specified and limited to iconv-lite library support.
|
||||||
|
*/
|
||||||
|
conf.default_encoding = 'utf8';
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Default GECOS (real name) for IRC connections
|
||||||
|
* %n will be replaced with the users nick
|
||||||
|
* %h will be replaced with the users hostname
|
||||||
|
*/
|
||||||
|
conf.default_gecos = '%n@%h is using a Web IRC client';
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Default ident / username for IRC connections
|
||||||
|
* %n will be replaced with the users nick
|
||||||
|
* %h will be replaced with the users hostname
|
||||||
|
* %i will be replaced with a hexed value of the users IP
|
||||||
|
*/
|
||||||
|
conf.default_ident = '%i';
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Default quit message
|
||||||
|
* If a browser gets disconnected without sending a QUIT command, this
|
||||||
|
* message will be used instead.
|
||||||
|
*/
|
||||||
|
conf.quit_message = 'http://www.kiwiirc.com/ - A hand-crafted IRC client';
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Auto reconnect if the IRC server disconnects a kiwi user
|
||||||
|
* Hundreds of connected users getting disconnected then reconnecting at once may see
|
||||||
|
* high CPU usage causing further dropouts. Set to false if under high usage.
|
||||||
|
*/
|
||||||
|
conf.ircd_reconnect = true;
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Client side plugins
|
||||||
|
* Array of URLs that will be loaded into the browser when the client first loads up
|
||||||
|
* See http://github.com/prawnsalad/KiwiIRC/wiki/Client-plugins
|
||||||
|
*/
|
||||||
|
conf.client_plugins = [
|
||||||
|
// "http://server.com/kiwi/plugins/myplugin.html"
|
||||||
|
];
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
// Directory to find the server modules
|
||||||
|
conf.module_dir = "../server_modules/";
|
||||||
|
|
||||||
|
// Which modules to load
|
||||||
|
conf.modules = [
|
||||||
|
// Open a TCP port to control the Kiwi server (default port 8888)
|
||||||
|
// "control",
|
||||||
|
|
||||||
|
// Automatically reload CSS files when a theme changes
|
||||||
|
// "client_file_watcher",
|
||||||
|
];
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
// WebIRC password enabled for this server
|
||||||
|
conf.webirc_pass = "";
|
||||||
|
|
||||||
|
// Use the above *OR* the below webirc_pass option
|
||||||
|
|
||||||
|
// Multiple WebIRC passwords may be used for multiple servers
|
||||||
|
//conf.webirc_pass = {
|
||||||
|
// "irc.network.com": "configured_webirc_password",
|
||||||
|
// "127.0.0.1": "foobar"
|
||||||
|
//};
|
||||||
|
|
||||||
|
|
||||||
|
// Whether to verify IRC servers' SSL certificates against built-in well-known certificate authorities
|
||||||
|
conf.reject_unauthorised_certificates = false;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Reverse proxy settings
|
||||||
|
* Reverse proxies that have been reported to work can be found at:
|
||||||
|
* https://kiwiirc.com/docs/installing/proxies
|
||||||
|
*/
|
||||||
|
|
||||||
|
// Whitelisted HTTP proxies in CIDR format
|
||||||
|
conf.http_proxies = ["127.0.0.1/32"];
|
||||||
|
|
||||||
|
// Header that contains the real-ip from the HTTP proxy
|
||||||
|
conf.http_proxy_ip_header = "x-forwarded-for";
|
||||||
|
|
||||||
|
// Base HTTP path to the KIWI IRC client (eg. /kiwi)
|
||||||
|
conf.http_base_path = "/kiwi";
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* SOCKS (version 5) proxy settings
|
||||||
|
* This feature is only available on node 0.10.0 and above.
|
||||||
|
* Do not enable it if you're running 0.8 or below or Bad Things will happen.
|
||||||
|
*/
|
||||||
|
conf.socks_proxy = {};
|
||||||
|
|
||||||
|
// Enable proxying outbound connections through a SOCKS proxy
|
||||||
|
conf.socks_proxy.enabled = false;
|
||||||
|
|
||||||
|
// Proxy *all* outbound connections through a SOCKS proxy
|
||||||
|
conf.socks_proxy.all = false;
|
||||||
|
|
||||||
|
// Use SOCKS proxy for these hosts only (if conf.sock_proxy.all === false)
|
||||||
|
conf.socks_proxy.proxy_hosts = [
|
||||||
|
"irc.{{ external_domain }}"
|
||||||
|
];
|
||||||
|
|
||||||
|
// Host and port for the SOCKS proxy
|
||||||
|
conf.socks_proxy.address = '127.0.0.1';
|
||||||
|
conf.socks_proxy.port = 1080;
|
||||||
|
|
||||||
|
// Username and password for the SOCKS proxy
|
||||||
|
// Set user to null to disable password authentication
|
||||||
|
conf.socks_proxy.user = null;
|
||||||
|
conf.socks_proxy.pass = null;
|
||||||
|
|
||||||
|
|
||||||
|
// Default settings for the client. These may be changed in the browser
|
||||||
|
conf.client = {
|
||||||
|
server: 'localhost',
|
||||||
|
port: 6667,
|
||||||
|
ssl: false,
|
||||||
|
channel: '#lobby',
|
||||||
|
channel_key: '',
|
||||||
|
nick: 'kiwi_?',
|
||||||
|
settings: {
|
||||||
|
theme: 'cli',
|
||||||
|
text_theme: 'default',
|
||||||
|
channel_list_style: 'tabs',
|
||||||
|
scrollback: 250,
|
||||||
|
show_joins_parts: true,
|
||||||
|
show_timestamps: false,
|
||||||
|
use_24_hour_timestamps: true,
|
||||||
|
mute_sounds: false,
|
||||||
|
show_emoticons: true,
|
||||||
|
ignore_new_queries: false,
|
||||||
|
count_all_activity: false,
|
||||||
|
show_autocomplete_slideout: true,
|
||||||
|
locale: null // null = use the browser locale settings
|
||||||
|
},
|
||||||
|
window_title: '{{ organization['displayname'] }}/IRC | KiwiIRC Webchat'
|
||||||
|
};
|
||||||
|
|
||||||
|
// List of themes available for the user to choose from
|
||||||
|
conf.client_themes = [
|
||||||
|
'relaxed',
|
||||||
|
'mini',
|
||||||
|
'cli',
|
||||||
|
'basic'
|
||||||
|
];
|
||||||
|
|
||||||
|
|
||||||
|
// If set, the client may only connect to this 1 IRC server
|
||||||
|
conf.restrict_server = "127.0.0.1";
|
||||||
|
conf.restrict_server_port = 6667;
|
||||||
|
conf.restrict_server_ssl = false;
|
||||||
|
//conf.restrict_server_password = "";
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If running multiple kiwi servers you may specify them here.
|
||||||
|
* Note: All kiwi servers must have the same conf.http_base_path config option.
|
||||||
|
*
|
||||||
|
* To force the client to connect to one other kiwi server, use:
|
||||||
|
* conf.client.kiwi_server = 'https://kiwi-server2.com';
|
||||||
|
*
|
||||||
|
* To force the client to connect to a random kiwi server from a list, use:
|
||||||
|
* conf.client.kiwi_server = ['https://kiwi-server1.com', 'https://kiwi-server2.com'];
|
||||||
|
*/
|
||||||
|
//conf.client.kiwi_server = '';
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Do not amend the below lines unless you understand the changes!
|
||||||
|
*/
|
||||||
|
module.exports.production = conf;
|
Loading…
Reference in New Issue
Block a user