AniNIX/Kapisi
3
0
Fork 0
Code Issues 27 Pull Requests Projects 1 Releases Wiki Activity

Updates for latest inspircd & anope

Browse Source
This commit is contained in:
DarkFeather
2025-09-29 16:33:05 -05:00
parent a14dfd6562
commit 78af592485
16 changed files with 77 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/IRC/files/services/anope.service
View File

@@ -6,10 +6,10 @@ After=network.target
[Service]
Type=simple
PIDFile=/run/anope/anope.pid
ExecStart=/opt/anope/bin/services --confdir=/etc/anope/ --dbdir=/opt/anope/data --localedir=/opt/anope/locale --logdir=/var/log/anope --modulesdir=/opt/anope/lib --nofork
ExecStart=/usr/bin/services --confdir=/etc/anope/ --dbdir=/opt/anope/data --logdir=/var/log/anope --localedir=/usr/lib/anope/locale --modulesdir=/usr/lib/anope --nofork
ExecReload=/bin/kill -1 $MAINPID
Restart=always
User=ircd
User=anope
Group=ircd
[Install]

6
roles/IRC/files/services/inspircd.service
View File

@@ -5,12 +5,12 @@ After=network.target
[Service]
Type=forking
PIDFile=/var/lib/inspircd/inspircd.pid
ExecStart=/usr/bin/inspircd
PIDFile=/var/lib//inspircd.pid
ExecStart=/usr/bin/
ExecReload=kill -HUP $MAINPID
ExecStop=kill $MAINPID
Restart=always
User=ircd
User=inspircd
Group=ircd
[Install]

42
roles/IRC/tasks/daemon.yml
View File

@@ -5,12 +5,13 @@
file:
state: directory
path: "{{ item }}"
owner: ircd
owner: inspircd
group: ircd
mode: 0750
loop:
- "/var/log/inspircd"
- "/etc/inspircd"
- "/etc/inspircd/data/"
- name: Generate dhparam
become: yes
@@ -23,40 +24,24 @@
file:
state: file
path: /etc/inspircd/dhparams.pem
owner: ircd
owner: inspircd
group: ircd
mode: 0640
- name: Add ircd user to ssl
- name: Add inspircd user to ssl
become: yes
user:
name: ircd
groups: ssl
name: inspircd
groups: ssl,ircd
append: yes
- name: Copy service file
become: yes
register: servicesfile
copy:
src: services/inspircd.service
dest: /usr/lib/systemd/system/inspircd.service
owner: root
group: root
mode: 0644
- name: Reload services
when: servicesfile.changed
become: yes
systemd:
daemon_reload: true
- name: Copy config and fill in attributes
register: templatefiles
become: yes
template:
src: "inspircd/{{ item }}.j2"
dest: "/etc/inspircd/{{ item }}"
owner: ircd
owner: inspircd
group: ircd
mode: 0600
loop:
@@ -67,20 +52,11 @@
- rules.txt
- motd.txt
- name: Tracking directory
become: yes
file:
dest: "/etc/inspircd/data/"
owner: ircd
group: ircd
mode: 0750
state: directory
- name: Ensure tracking files
become: yes
file:
dest: "/etc/inspircd/{{ item }}"
owner: ircd
owner: inspircd
group: ircd
mode: 0600
loop:
@@ -96,7 +72,7 @@
- name: Reload on config change
become: yes
when: templatefiles.changed or servicesfile.changed
when: templatefiles.changed
service:
name: inspircd
state: reloaded

11
roles/IRC/tasks/services.yml
View File

@@ -1,11 +1,18 @@
---
- name: Add anope user to ircd
become: yes
user:
name: anope
groups: ircd
append: yes
- name: Ensure directory permissions
become: yes
file:
state: directory
path: "{{ item }}"
owner: ircd
owner: anope
group: ircd
mode: 0700
loop:
@@ -20,7 +27,7 @@
template:
src: "anope/{{ item }}.j2"
dest: "/etc/anope/{{ item }}"
owner: ircd
owner: anope
group: ircd
mode: 0600
loop:

4
roles/IRC/templates/anope/modules.conf.j2
View File

@@ -36,7 +36,7 @@ module
* Admin credentials used for performing searches and adding users.
*/
admin_binddn = "uid=binduser,{{ ldap['userou'] }},{{ ldap['orgdn'] }}"
admin_password = "{{ secrets['Sora']['bindpassword'] }}"
admin_password = "{{ secrets['Password']['bindpassword'] }}"
}
}
@@ -91,7 +91,7 @@ module
*
* If not set, then registration is not blocked.
*/
#disable_register_reason = "To register on this network, contact a netadmin in #lobby. They will need to add an AniNIX/Sora LDAP account for you."
#disable_register_reason = "To register on this network, contact a netadmin in #lobby. They will need to add an AniNIX/Password LDAP account for you."
/*
* If set, the reason to give the users who try to "/msg NickServ SET EMAIL".

13
roles/IRC/templates/anope/services.conf.j2
View File

@@ -135,7 +135,7 @@ uplink
*
* NOTE: On some shell providers, this will not be an option.
*/
host = "10.0.1.3"
host = "127.0.0.1"
/*
* Enable if Services should connect using IPv6.
@@ -221,19 +221,10 @@ serverinfo
*
* This directive tells Anope which IRCd Protocol to speak when connecting.
* You MUST modify this to match the IRCd you run.
*
* Supported:
* - bahamut
* - inspircd11
* - inspircd12
* - inspircd20
* - plexus
* - ratbox
* - unreal
*/
module
{
name = "inspircd20"
name = "inspircd3"
/*
* Some protocol modules can enforce mode locks server-side. This reduces the spam caused by

9
roles/IRC/templates/inspircd/inspircd.conf.j2
View File

@@ -1,5 +1,4 @@
# Includes
<config format="xml">
<include file="/etc/inspircd/opers.conf">
<include file="/etc/inspircd/links.conf">
<include file="/etc/inspircd/modules.conf">
@@ -54,6 +53,7 @@
limit="500"
localmax="500"
maxconnwarn="on"
maxchans="20"
modes="+wx"
pingfreq="120"
port="6697"
@@ -119,7 +119,7 @@
defaultmodes="not"
moronbanner="You're banned! Contact {{ organization['email'] }} with the ERROR line below for help."
xlinemessage="You're banned! Contact {{ organization['email'] }} with the ERROR line below for help."
exemptchanops="nonick:v flood:o"
invitebypassmodes="yes"
nosnoticestack="no"
@@ -134,7 +134,7 @@
hidemodes="eI"
hideulines="no"
flatlinks="no"
hidewhois=""
hideserver=""
hidebans="no"
hidekills=""
hidesplits="yes"
@@ -152,9 +152,8 @@
maxquit="255"
maxtopic="307"
maxkick="255"
maxgecos="128"
maxreal="128"
maxaway="200">
<channels users="20" opers="60">
<maxlist chan="*" limit="60">
<whowas
groupsize="10"

2
roles/IRC/templates/inspircd/links.conf.j2
View File

@@ -3,7 +3,7 @@
<link name="ircservices.{{ external_domain }}"
ipaddr="core.{{ replica_domain }}"
port="8067"
allowmask="10.0.1.3/32"
allowmask="127.0.0.1"
sendpass="{{ secrets['IRC']['servicespass'] }}"
recvpass="{{ secrets['IRC']['servicespass'] }}">

16
roles/IRC/templates/inspircd/modules.conf.j2
View File

@@ -54,8 +54,8 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Block CAPS module: Adds channel mode +B, blocks all-CAPS messages.
<module name="m_blockcaps.so">
<blockcaps percent="50"
<module name="m_anticaps.so">
<anticaps percent="50"
minlen="5"
capsmap="ABCDEFGHIJKLMNOPQRSTUVWXYZ! ">
@@ -402,15 +402,15 @@
# integration with services packages.
<module name="m_topiclock.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Userip module: Adds the /USERIP command.
# Allows users to query their own IP, also allows opers to query the IP
# of anyone else.
<module name="m_userip.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Spanning tree module: Allows linking of servers using the spanning
# tree protocol (see the READ THIS BIT section above).
# You will almost always want to load this.
#
<module name="m_spanningtree.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CBAN module: This module adds the /CBAN command which allows server
# operators to prevent channels matching a glob from being created.
<module name="cban">

2
roles/IRC/templates/inspircd/motd.txt.j2
View File

@@ -31,7 +31,7 @@ You should check which channels you want to join.
Type the following to get a list:
/list
You will need to request an AniNIX/Sora LDAP
You will need to request an AniNIX/Password LDAP
account from an op or founder in #lobby to be
able to log in. If you already have an account,
use the following to authenticate:

2
roles/IRC/templates/inspircd/opers.conf.j2
View File

@@ -8,5 +8,5 @@
# Operators are tracked in the vault.
{% for oper in secrets['IRC']['opers'] %}
<oper name="{{ oper }}" password="{{ secrets['IRC']['opers'][oper] }}" hash="sha256" host="*@127.0.0.1 *@10.0.1.* *@localhost *@aninix.net" type="NetAdmin">
<oper name="{{ oper }}" password="{{ secrets['IRC']['opers'][oper] }}" hash="sha256" host="*@127.0.0.1 *@10.0.1.* *@localhost *@aninix.net" type="NetAdmin" maxchans="60">
{% endfor %}