1175 lines
		
	
	
		
			37 KiB
		
	
	
	
		
			Django/Jinja
		
	
	
	
	
	
			
		
		
	
	
			1175 lines
		
	
	
		
			37 KiB
		
	
	
	
		
			Django/Jinja
		
	
	
	
	
	
| /*
 | |
|  * Example configuration file for Services. After making the appropriate
 | |
|  * changes to this file, place it in the Services data directory (as
 | |
|  * specified in the "configure" script, default /home/username/services/data)
 | |
|  * under the name "services.conf".
 | |
|  *
 | |
|  * The format of this file is fairly simple: three types of comments are supported:
 | |
|  *  - All text after a '#' on a line is ignored, as in shell scripting
 | |
|  *  - All text after '//' on a line is ignored, as in C++
 | |
|  *  - A block of text like this one is ignored, as in C
 | |
|  *
 | |
|  * Outside of comments, there are three structures: blocks, keys, and values.
 | |
|  *
 | |
|  * A block is a named container, which contains a number of key to value pairs
 | |
|  * - you may think of this as an array.
 | |
|  *
 | |
|  * A block is created like so:
 | |
|  * foobar
 | |
|  * {
 | |
|  *    moo = "cow"
 | |
|  *    foo = bar
 | |
|  * }
 | |
|  *
 | |
|  * Keys are case insensitive. Values depend on what key - generally, information is
 | |
|  * given in the key comment. The quoting of values (and most other syntax) is quite
 | |
|  * flexible, however, please do not forget to quote your strings:
 | |
|  *
 | |
|  *   "This is a parameter string with spaces in it"
 | |
|  *
 | |
|  * If you need to include a double quote inside a quoted string, precede it
 | |
|  * by a backslash:
 | |
|  *
 | |
|  *   "This string has \"double quotes\" in it"
 | |
|  *
 | |
|  * Time parameters can be specified either as an integer representing a
 | |
|  * number of seconds (e.g. "3600" = 1 hour), or as an integer with a unit
 | |
|  * specifier: "s" = seconds, "m" = minutes, "h" = hours, "d" = days.
 | |
|  * Combinations (such as "1h30m") are not permitted. Examples (all of which
 | |
|  * represent the same length of time, one day):
 | |
|  *
 | |
|  *   "86400", "86400s", "1440m", "24h", "1d"
 | |
|  *
 | |
|  * CAUTION:
 | |
|  * Please note that your services might _CRASH_ if you add more format-
 | |
|  * strings (%s, %d, etc.) to custom messages than Anope needs. Use the
 | |
|  * default messages to see how many format-strings are needed.
 | |
|  *
 | |
|  * In the documentation for each directive, one of the following will be
 | |
|  * included to indicate whether an option is required:
 | |
|  *
 | |
|  * [REQUIRED]
 | |
|  *     Indicates a directive which must be given. Without it, Services will
 | |
|  *     not start.
 | |
|  *
 | |
|  * [RECOMMENDED]
 | |
|  *     Indicates a directive which may be omitted, but omitting it may cause
 | |
|  *     undesirable side effects.
 | |
|  *
 | |
|  * [OPTIONAL]
 | |
|  *     Indicates a directive which is optional. If not given, the feature
 | |
|  *     will typically be disabled. If this is not the case, more
 | |
|  *     information will be given in the documentation.
 | |
|  *
 | |
|  * [DISCOURAGED]
 | |
|  *     Indicates a directive which may cause undesirable side effects if
 | |
|  *     specified.
 | |
|  *
 | |
|  * [DEPRECATED]
 | |
|  *     Indicates a directive which will disappear in a future version of
 | |
|  *     Services, usually because its functionality has been either
 | |
|  *     superseded by that of other directives or incorporated into the main
 | |
|  *     program.
 | |
|  */
 | |
| 
 | |
| /*
 | |
|  * [OPTIONAL] Defines
 | |
|  *
 | |
|  * You can define values to other values, which can be used to easially change
 | |
|  * every value in the configuration. For example, use:
 | |
|  *
 | |
|  * define
 | |
|  * {
 | |
|  * 	name = "ChanServ"
 | |
|  *	value = "ChannelServ"
 | |
|  * }
 | |
|  *
 | |
|  * To replace every occurance of ChanServ with ChannelServ in the configuration file,
 | |
|  * and in every included configuration file (such as chanserv.example.conf).
 | |
|  */
 | |
| 
 | |
| /*
 | |
|  * The services.host define is used in multiple different locations throughout the
 | |
|  * configuration for services clients hostnames.
 | |
|  */
 | |
| define
 | |
| {
 | |
| 	name = "ircservices.{{ external_domain }}"
 | |
| 	value = "ircservices.{{ external_domain }}"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [OPTIONAL] Additional Includes
 | |
|  *
 | |
|  * You can include additional configuration files here.
 | |
|  * You may also include executable files, which will be executed and
 | |
|  * the output from it will be included into your configuration.
 | |
|  */
 | |
| 
 | |
| /*
 | |
| include
 | |
| {
 | |
| 	type = "file"
 | |
| 	name = "some.conf"
 | |
| }
 | |
| 
 | |
| include
 | |
| {
 | |
| 	type = "executable"
 | |
| 	name = "/usr/bin/wget -q -O - http://some.misconfigured.network.com/services.conf"
 | |
| }
 | |
| */
 | |
| 
 | |
| /*
 | |
|  * [REQUIRED] IRCd Config
 | |
|  *
 | |
|  * This section is used to set up Anope to connect to your IRC network.
 | |
|  * This section can be included multiple times, and Anope will attempt to
 | |
|  * connect to each server until it finally connects.
 | |
|  */
 | |
| uplink
 | |
| {
 | |
| 	/*
 | |
| 	 * The IP or hostname of the IRC server you wish to connect Services to.
 | |
| 	 * Usually, you will want to connect Services over 127.0.0.1 (aka localhost).
 | |
| 	 *
 | |
| 	 * NOTE: On some shell providers, this will not be an option.
 | |
| 	 */
 | |
| 	host = "127.0.0.1"
 | |
| 
 | |
| 	/*
 | |
| 	 * Enable if Services should connect using IPv6.
 | |
| 	 */
 | |
| 	ipv6 = no
 | |
| 
 | |
| 	/*
 | |
| 	 * Enable if Services should connect using SSL.
 | |
| 	 * You must have m_ssl loaded for this to work.
 | |
| 	 */
 | |
| 	ssl = no
 | |
| 
 | |
| 	/*
 | |
| 	 * The port to connect to.
 | |
| 	 * The IRCd *MUST* be configured to listen on this port, and to accept
 | |
| 	 * server connections.
 | |
| 	 *
 | |
| 	 * Refer to your IRCd documentation for how this is to be done.
 | |
| 	 */
 | |
| 	port = 8067
 | |
| 
 | |
| 	/*
 | |
| 	 * The password to send to the IRC server for authentication.
 | |
| 	 * This must match the link block on your IRCd.
 | |
| 	 *
 | |
| 	 * Refer to your IRCd documentation for more information on link blocks.
 | |
| 	 */
 | |
| 	password = "{{ secrets['IRC']['servicespass'] }}"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [REQUIRED] Server Information
 | |
|  *
 | |
|  * This section contains information about the Services server.
 | |
|  */
 | |
| serverinfo
 | |
| {
 | |
| 	/*
 | |
| 	 * The hostname that Services will be seen as, it must have no conflicts with any
 | |
| 	 * other server names on the rest of your IRC network. Note that it does not have
 | |
| 	 * to be an existing hostname, just one that isn't on your network already.
 | |
| 	 */
 | |
| 	name = "ircservices.{{ external_domain }}"
 | |
| 
 | |
| 	/*
 | |
| 	 * The text which should appear as the server's information in /whois and similar
 | |
| 	 * queries.
 | |
| 	*/
 | |
| 	description = "{{ organization['displayname'] }}/IRCServices"
 | |
| 
 | |
| 	/*
 | |
| 	 * The local address that Services will bind to before connecting to the remote
 | |
| 	 * server. This may be useful for multihomed hosts. If ommited, Services will let
 | |
| 	 * the Operating System choose the local address. This directive is optional.
 | |
| 	 *
 | |
| 	 * If you don't know what this means or don't need to use it, just leave this
 | |
| 	 * directive commented out.
 | |
| 	 */
 | |
| 	#localhost = "ircservices.{{ external_domain }}"
 | |
| 
 | |
| 	/*
 | |
| 	 * What Server ID to use for this connection?
 | |
| 	 * Note: This should *ONLY* be used for TS6/P10 IRCds. Refer to your IRCd documentation
 | |
| 	 * to see if this is needed.
 | |
| 	 */
 | |
| 	#id = "00A"
 | |
| 
 | |
| 	/*
 | |
| 	 * The filename containing the Services process ID. The path is relative to the
 | |
| 	 * services root directory. If not given, defaults to "data/services.pid".
 | |
| 	 */
 | |
| 	pid = "/var/lib/anope/runtime/services.pid"
 | |
| 
 | |
| 	/*
 | |
| 	 * The filename containing the Message of the Day. The path is relative to the
 | |
| 	 * services root directory. If not given, defaults to "conf/services.motd".
 | |
| 	 */
 | |
| 	motd = "/var/lib/anope/services.motd"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [REQUIRED] Protocol module
 | |
|  *
 | |
|  * This directive tells Anope which IRCd Protocol to speak when connecting.
 | |
|  * You MUST modify this to match the IRCd you run.
 | |
|  */
 | |
| module
 | |
| {
 | |
| 	name = "inspircd3"
 | |
| 
 | |
| 	/*
 | |
| 	 * Some protocol modules can enforce mode locks server-side. This reduces the spam caused by
 | |
| 	 * services immediately reversing mode changes for locked modes.
 | |
| 	 *
 | |
| 	 * If the protocol module you have loaded does not support this, this setting will have no effect.
 | |
| 	 */
 | |
| 	use_server_side_mlock = yes
 | |
| 
 | |
| 	/*
 | |
| 	 * Some protocol modules can enforce topic locks server-side. This reduces the spam caused by
 | |
| 	 * services immediately reversing topic changes.
 | |
| 	 *
 | |
| 	 * If the protocol module you have loaded does not support this, this setting will have no effect.
 | |
| 	 */
 | |
| 	use_server_side_topiclock = yes
 | |
| }
 | |
| /*
 | |
|  * [REQUIRED] Network Information
 | |
|  *
 | |
|  * This section contains information about the IRC network that Services will be
 | |
|  * connecting to.
 | |
|  */
 | |
| networkinfo
 | |
| {
 | |
| 	/*
 | |
| 	 * This is the name of the network that Services will be running on.
 | |
| 	 */
 | |
| 	networkname = "{{ organization['displayname'] }}/IRC"
 | |
| 
 | |
| 	/*
 | |
| 	 * Set this to the maximum allowed nick length on your network.
 | |
| 	 * Be sure to set this correctly, as setting this wrong can result in
 | |
| 	 * Services being disconnected from the network. This directive is optional,
 | |
| 	 * but recommended.
 | |
| 	 */
 | |
| 	nicklen = 12
 | |
| 
 | |
| 	/* Set this to the maximum allowed ident length on your network.
 | |
| 	 * Be sure to set this correctly, as setting this wrong can result in
 | |
| 	 * Services being disconnected from the network. This directive is optional,
 | |
| 	 * but recommended.
 | |
| 	 */
 | |
| 	userlen = 64
 | |
| 
 | |
| 	/* Set this to the maximum allowed hostname length on your network.
 | |
| 	 * Be sure to set this correctly, as setting this wrong can result in
 | |
| 	 * Services being disconnected from the network. This directive is optional,
 | |
| 	 * but recommended.
 | |
| 	 */
 | |
| 	hostlen = 64
 | |
| 
 | |
| 	/* This is the maximum channel length ?
 | |
| 	 * Added 11-12-2015 for testing
 | |
|          */
 | |
| 	chanlen = 20
 | |
| 
 | |
| 	/* Adding vhost definitions.
 | |
| 	 */
 | |
| 	vhost_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [REQUIRED] Services Options
 | |
|  *
 | |
|  * This section contains various options which determine how Services will operate.
 | |
|  */
 | |
| options
 | |
| {
 | |
| 	/*
 | |
| 	 * The case mapping used by services. This must be set to a valid locale name
 | |
| 	 * installed on your machine. Services use this case map to compare, with
 | |
| 	 * case insensitivity, things such as nick names, channel names, etc.
 | |
| 	 *
 | |
| 	 * We provide two special casemaps shipped with Anope, ascii and rfc1459.
 | |
| 	 *
 | |
| 	 * This value should be set to what your IRCd uses, which is probably rfc1459,
 | |
| 	 * however Anope has always used ascii for comparison, so the default is ascii.
 | |
| 	 *
 | |
| 	 * Changing this value once set is not recommended.
 | |
| 	 */
 | |
| 	casemap = "ascii"
 | |
| 
 | |
| 	/*
 | |
| 	 * The maximum length of passwords
 | |
| 	 */
 | |
| 	passlen = 32
 | |
| 
 | |
| 	/*
 | |
| 	 * This key is used to initiate the random number generator. This number
 | |
| 	 * MUST be random as you want your passcodes to be random. Don't give this
 | |
| 	 * key to anyone! Keep it private!
 | |
| 	 *
 | |
| 	 * NOTE: If you don't uncomment this or keep the default values, any talented
 | |
| 	 * programmer would be able to easily "guess" random strings used to mask
 | |
| 	 * information. Be safe, and come up with a 7-digit number.
 | |
| 	 *
 | |
| 	 * This directive is optional, but highly recommended.
 | |
| 	 */
 | |
| 	seed = 7861233
 | |
| 
 | |
| 	/*
 | |
| 	 * Allows Services to continue file write operations (i.e. database saving)
 | |
| 	 * even if the original file cannot be backed up. Enabling this option may
 | |
| 	 * allow Services to continue operation under conditions where it might
 | |
| 	 * otherwise fail, such as a nearly-full disk.
 | |
| 	 *
 | |
| 	 * NOTE: Enabling this option can cause irrecoverable data loss under some
 | |
| 	 * conditions, so make CERTAIN you know what you're doing when you enable it!
 | |
| 	 *
 | |
| 	 * This directive is optional, and you are discouraged against enabling it.
 | |
| 	 */
 | |
| 	#nobackupokay = yes
 | |
| 
 | |
| 	/*
 | |
| 	 * If set, Services will perform more stringent checks on passwords. If this
 | |
| 	 * isn't set, Services will only disallow a password if it is the same as the
 | |
| 	 * entity (nickname name) with which it is associated. When set, however,
 | |
| 	 * Services will also check that the password is at least five
 | |
| 	 * characters long, and in the future will probably check other things
 | |
| 	 * as well.
 | |
| 	 *
 | |
| 	 * This directive is optional, but recommended.
 | |
| 	 */
 | |
| 	strictpasswords = yes
 | |
| 
 | |
| 	/*
 | |
| 	 * Sets the number of invalid password tries before Services removes a user
 | |
| 	 * from the network. If a user enters a number of invalid passwords equal to
 | |
| 	 * the given amount for any Services function or combination of functions
 | |
| 	 * during a single IRC session (subject to badpasstimeout, below), Services
 | |
| 	 * will issues a /KILL for the user. If not given, Services will ignore
 | |
| 	 * failed password attempts (though they will be logged in any case).
 | |
| 	 *
 | |
| 	 * This directive is optional, but recommended.
 | |
| 	 */
 | |
| 	badpasslimit = 5
 | |
| 
 | |
| 	/*
 | |
| 	 * Sets the time after which invalid passwords are forgotten about. If a user
 | |
| 	 * does not enter any incorrect passwords in this amount of time, the incorrect
 | |
| 	 * password count will reset to zero. If not given, the timeout will be
 | |
| 	 * disabled, and the incorrect password count will never be reset until the user
 | |
| 	 * disconnects.
 | |
| 	 *
 | |
| 	 * This directive is optional.
 | |
| 	 */
 | |
| 	badpasstimeout = 1h
 | |
| 
 | |
| 	/*
 | |
| 	 * Sets the delay between automatic database updates. This time is reset by
 | |
| 	 * the OperServ UPDATE command.
 | |
| 	 */
 | |
| 	updatetimeout = 5m
 | |
| 
 | |
| 	/*
 | |
| 	 * Sets the delay between checks for expired nicknames and channels. The
 | |
| 	 * OperServ UPDATE command will also cause a check for expiration and reset
 | |
| 	 * this timer.
 | |
| 	 */
 | |
| 	expiretimeout = 30m
 | |
| 
 | |
| 	/*
 | |
| 	 * Sets the timeout period for reading from the uplink.
 | |
| 	 */
 | |
| 	readtimeout = 5s
 | |
| 
 | |
| 	/*
 | |
| 	 * Sets the interval between sending warning messages for program errors via
 | |
| 	 * WALLOPS/GLOBOPS.
 | |
| 	 */
 | |
| 	warningtimeout = 4h
 | |
| 
 | |
| 	/*
 | |
| 	 * Sets the (maximum) frequency at which the timeout list is checked. This,
 | |
| 	 * combined with readtimeout above, determines how accurately timed events,
 | |
| 	 * such as nick kills, occur; it also determines how much CPU time Services
 | |
| 	 * will use doing this. Higher values will cause less accurate timing but
 | |
| 	 * less CPU usage.
 | |
| 	 *
 | |
| 	 * This shouldn't be set any higher than 10 seconds, and 1 second is best
 | |
| 	 * if your system is powerful enough (or your network small enough) to
 | |
| 	 * handle it. 0 will cause the timeout list to be checked every time
 | |
| 	 * through the main loop, which will probably slow down Services too much
 | |
| 	 * to be useful on most networks.
 | |
| 	 *
 | |
| 	 * Note that this value is not an absolute limit on the period between
 | |
| 	 * checks of the timeout list; the previous may be as great as readtimeout
 | |
| 	 * (above) during periods of inactivity.
 | |
| 	 *
 | |
| 	 * If this directive is not given, it will default to 0. See the 2nd paragraph
 | |
| 	 * above for performance impacts if you do this.
 | |
| 	 */
 | |
| 	timeoutcheck = 3s
 | |
| 
 | |
| 	/*
 | |
| 	 * Sets the number of days backups of databases are kept. If you don't give it,
 | |
| 	 * or if you set it to 0, Services won't backup the databases.
 | |
| 	 *
 | |
| 	 * NOTE: Services must run 24 hours a day for this feature to work.
 | |
| 	 *
 | |
| 	 * This directive is optional, but recommended.
 | |
| 	 */
 | |
| 	keepbackups = 15
 | |
| 
 | |
| 	/*
 | |
| 	 * If set, Services will require a reason when a FORBID is added, else the
 | |
| 	 * reason is optional. This directive also applies to SUSPENDed channels as
 | |
| 	 * well.
 | |
| 	 *
 | |
| 	 * This directive is optional.
 | |
| 	 */
 | |
| 	forceforbidreason = yes
 | |
| 
 | |
| 	/*
 | |
| 	 * If set, this will allow users to let Services send PRIVMSGs to them
 | |
| 	 * instead of NOTICEs. Also see the defmsg option of nickserv:defaults,
 | |
| 	 * which also toggles the default communication (PRIVMSG or NOTICE) to
 | |
| 	 * use for unregistered users.
 | |
| 	 *
 | |
| 	 * This is a feature that is against the IRC RFC and should be used ONLY
 | |
| 	 * if absolutely necessary.
 | |
| 	 *
 | |
| 	 * This directive is optional, and not recommended.
 | |
| 	 */
 | |
| 	#useprivmsg = yes
 | |
| 
 | |
| 	/*
 | |
| 	 * If set, will force Services to only respond to PRIVMSGs addresses to
 | |
| 	 * Nick@ServerName - e.g. NickServ@localhost.net. This should be used in
 | |
| 	 * conjunction with IRCd aliases. This directive is optional.
 | |
| 	 *
 | |
| 	 * When using Bahamut, this option will NOT work if the uplink server is
 | |
| 	 * configured as a services hub. The serviceshub option is not designed to
 | |
| 	 * be used with Anope.
 | |
| 	 */
 | |
| 	#usestrictprivmsg = yes
 | |
| 
 | |
| 	/*
 | |
| 	 * If set, Services will only show /stats o to IRC Operators. This directive
 | |
| 	 * is optional.
 | |
| 	 */
 | |
| 	#hidestatso = yes
 | |
| 
 | |
| 	/*
 | |
| 	 * Prevents users from registering their nick if they are not connected
 | |
| 	 * for at least the given number of seconds.
 | |
| 	 *
 | |
| 	 * This directive is optional.
 | |
| 	 */
 | |
| 	#nickregdelay = 30
 | |
| 
 | |
| 	/*
 | |
| 	 * If set, forbids the registration of nicks that contain an existing
 | |
| 	 * nick with Services access. For example, if Tester is a Services Oper,
 | |
| 	 * you can't register NewTester or Tester123 unless you are an IRC
 | |
| 	 * Operator.
 | |
| 	 *
 | |
| 	 * NOTE: If you enable this, you will have to be logged in as an IRC
 | |
| 	 * operator in order to register a Services Root nick when setting up
 | |
| 	 * Anope for the first time.
 | |
| 	 *
 | |
| 	 * This directive is optional.
 | |
| 	 */
 | |
| 	#restrictopernicks = yes
 | |
| 
 | |
| 	/*
 | |
| 	 * The number of LOGON/OPER news items to display when a user logs on.
 | |
| 	 *
 | |
| 	 * This directive is optional, if no set it will default to 3.
 | |
| 	 */
 | |
| 	#newscount = 3
 | |
| 
 | |
| 	/*
 | |
| 	 * A space-separated list of ulined servers on your network, it is assumed that
 | |
| 	 * the servers in this list are allowed to set channel modes and Services will
 | |
| 	 * not attempt to reverse their mode changes.
 | |
| 	 *
 | |
| 	 * WARNING: Do NOT put your normal IRC user servers in this directive.
 | |
| 	 *
 | |
| 	 * This directive is optional.
 | |
| 	 */
 | |
| 	#ulineservers = "stats.your.network"
 | |
| 
 | |
| 	/*
 | |
| 	 * Modes to set on service bots when they join channels, comment this out for no modes
 | |
| 	 *
 | |
| 	 * This directive is optional.
 | |
| 	 */
 | |
| 	botmodes = "ao"
 | |
| 
 | |
| 	/*
 | |
| 	 * How long to wait between connection retries, in seconds.
 | |
| 	 */
 | |
| 	retrywait = 60
 | |
| 
 | |
| 	/*
 | |
| 	 * If set, Services will hide commands that users don't have the privileges to execute
 | |
| 	 * from HELP output.
 | |
| 	 */
 | |
| 	hideprivilegedcommands = no
 | |
| 
 | |
| 	/*
 | |
| 	 * If set, Services do not allow ownership of nick names, only ownership of accounts.
 | |
| 	 */
 | |
| 	nonicknameownership = no
 | |
| 
 | |
| 	/* The regex engine to use, as provided by the regex modules.
 | |
| 	 * Leave commented to disable regex matching.
 | |
| 	 *
 | |
| 	 * Note for this to work the regex module providing the regex engine must be loaded.
 | |
| 	 */
 | |
| 	regexengine = "regex/pcre"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [OPTIONAL] BotServ
 | |
|  *
 | |
|  * Includes botserv.example.conf, which is necessary for BotServ functionality.
 | |
|  *
 | |
|  * Remove this block to disable BotServ.
 | |
| 
 | |
| include
 | |
| {
 | |
| 	type = "file"
 | |
| 	name = "botserv.conf"
 | |
| }
 | |
| */ /* TODO: This is disabled for now. */
 | |
| 
 | |
| /*
 | |
|  * [RECOMMENDED] ChanServ
 | |
|  *
 | |
|  * Includes chanserv.example.conf, which is necessary for ChanServ functionality.
 | |
|  *
 | |
|  * Remove this block to disable ChanServ.
 | |
|  */
 | |
| include
 | |
| {
 | |
| 	type = "file"
 | |
| 	name = "chanserv.conf"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [RECOMMENDED] Global
 | |
|  *
 | |
|  * Includes global.example.conf, which is necessary for Global functionality.
 | |
|  *
 | |
|  * Remove this block to disable Global.
 | |
|  */
 | |
| include
 | |
| {
 | |
| 	type = "file"
 | |
| 	name = "global.conf"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [OPTIONAL] HostServ
 | |
|  *
 | |
|  * Includes hostserv.example.conf, which is necessary for HostServ functionality.
 | |
|  *
 | |
|  * Remove this block to disable HostServ.
 | |
|  */
 | |
| include
 | |
| {
 | |
| 	type = "file"
 | |
| 	name = "hostserv.conf"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [OPTIONAL] MemoServ
 | |
|  *
 | |
|  * Includes memoserv.example.conf, which is necessary for MemoServ functionality.
 | |
|  *
 | |
|  * Remove this block to disable MemoServ.
 | |
|  */
 | |
| include
 | |
| {
 | |
| 	type = "file"
 | |
| 	name = "memoserv.conf"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [OPTIONAL] NickServ
 | |
|  *
 | |
|  * Includes memoserv.example.conf, which is necessary for NickServ functionality.
 | |
|  *
 | |
|  * Remove this block to disable NickServ.
 | |
|  */
 | |
| include
 | |
| {
 | |
| 	type = "file"
 | |
| 	name = "nickserv.conf"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [RECOMMENDED] OperServ
 | |
|  *
 | |
|  * Includes operserv.example.conf, which is necessary for OperServ functionality.
 | |
|  *
 | |
|  * Remove this block to disable OperServ.
 | |
|  */
 | |
| include
 | |
| {
 | |
| 	type = "file"
 | |
| 	name = "operserv.conf"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [RECOMMENDED] Logging Configuration
 | |
|  *
 | |
|  * This section is used for configuring what is logged and where it is logged to.
 | |
|  * You may have multiple log blocks if you wish. Remember to properly secure any
 | |
|  * channels you choose to have Anope log to!
 | |
|  */
 | |
| log
 | |
| {
 | |
| 	/*
 | |
| 	 * Target(s) to log to, which may be one of the following:
 | |
| 	 *   - a channel name
 | |
| 	 *   - a filename
 | |
| 	 *   - globops
 | |
| 	 */
 | |
| 	target = "anope-services.log #services"
 | |
| 
 | |
| 	/* Log to both services.log and the channel #services
 | |
| 	 *
 | |
| 	 * Note that some older IRCds, such as Ratbox, require services to be in the
 | |
| 	 * log channel to be able to message it. To do this, configure service:channels to
 | |
| 	 * join your logging channel.
 | |
| 	 */
 | |
| 	#target = "services.log #services"
 | |
| 
 | |
| 	/*
 | |
| 	 * The source(s) to only accept log messages from. Leave commented to allow all sources.
 | |
| 	 * This can be a users name, a channel name, one of our clients (eg, OperServ), or a server name.
 | |
| 	 */
 | |
| 	#source = ""
 | |
| 
 | |
| 	/*
 | |
| 	 * The number of days to keep logfiles, only useful if you are logging to a file.
 | |
| 	 * Set to 0 to never delete old logfiles.
 | |
| 	 *
 | |
| 	 * Note that Anope must run 24 hours a day for this feature to work correctly.
 | |
| 	 */
 | |
| 	logage = 7
 | |
| 
 | |
| 	/*
 | |
| 	 * What types of log messages should be logged by this block. There are nine general categories:
 | |
| 	 *
 | |
| 	 *  admin      - Execution of admin commands (OperServ, etc).
 | |
| 	 *  override   - A services operator using their powers to execute a command they couldn't normally.
 | |
| 	 *  commands   - Execution of general commands.
 | |
| 	 *  servers    - Server actions, linking, squitting, etc.
 | |
| 	 *  channels   - Actions in channels such as joins, parts, kicks, etc.
 | |
| 	 *  users      - User actions such as connecting, disconnecting, changing name, etc.
 | |
| 	 *  other      - All other messages without a category.
 | |
| 	 *  rawio      - Logs raw input and output from services
 | |
| 	 *  debug      - Debug messages (log files can become VERY large from this).
 | |
| 	 *
 | |
| 	 * These options determine what messages from the categories should be logged. Wildcards are accepted, and
 | |
| 	 * you can also negate values with a ~. For example, "~operserv/akill operserv/*" would log all operserv
 | |
| 	 * messages except for operserv/akill. Note that processing stops at the first matching option, which
 | |
| 	 * means "* ~operserv/*" would log everything because * matches everything.
 | |
| 	 *
 | |
| 	 * Valid admin, override, and command options are:
 | |
| 	 *    pesudo-serv/commandname (eg, operserv/akill, chanserv/set)
 | |
| 	 *
 | |
| 	 * Valid server options are:
 | |
| 	 *    connect, quit, sync, squit
 | |
| 	 *
 | |
| 	 * Valid channel options are:
 | |
| 	 *    create, destroy, join, part, kick, leave, mode
 | |
| 	 *
 | |
| 	 * Valid user options are:
 | |
| 	 *    connect, disconnect, quit, nick, ident, host, mode, maxusers, oper
 | |
| 	 *
 | |
| 	 * Rawio and debug are simple yes/no answers, there are no types for them.
 | |
| 	 *
 | |
| 	 * Note that modules may add their own values to these options.
 | |
| 	 */
 | |
| 	admin = "operserv/*"
 | |
| 	override = "chanserv/* nickserv/* memoserv/set botserv/* ~botserv/set"
 | |
| 	commands = "~operserv/* *"
 | |
| 	servers = "*"
 | |
| 	#channels = "~mode *"
 | |
| 	users = "connect disconnect nick"
 | |
| 	other = "*"
 | |
| 	rawio = no
 | |
| 	debug = no
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * A log block to globops some useful things.
 | |
|  */
 | |
| log
 | |
| {
 | |
| 	target = "globops"
 | |
| 	admin = "global/* operserv/mode operserv/kick operserv/akill operserv/s*line operserv/noop operserv/jupe operserv/oline operserv/set operserv/svsnick nickserv/getpass */drop"
 | |
| 	servers = "squit"
 | |
| 	users = "oper"
 | |
| 	other = "expire/* bados akill/*"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [RECOMMENDED] Oper Access Config
 | |
|  *
 | |
|  * This section is used to set up staff access to restricted oper only commands.
 | |
|  * You may define groups of commands and privileges, as well as who may use them.
 | |
|  *
 | |
|  * This block is recommended, as without it you will be unable to access most oper commands.
 | |
|  * It replaces the old ServicesRoot directive amongst others.
 | |
|  *
 | |
|  * The command names below are defaults and are configured in the *serv.conf's. If you configure
 | |
|  * additional commands with permissions, such as commands from third party modules, the permissions
 | |
|  * must be included in the opertype block before the command can be used.
 | |
|  *
 | |
|  * Available privileges:
 | |
|  *  botserv/administration        - Can perform certain BotServ administrative tasks
 | |
|  *  chanserv/access/modify        - Can modify channel access and akick lists
 | |
|  *  chanserv/auspex               - Can see any information with /chanserv info
 | |
|  *  chanserv/no-register-limit    - May register an unlimited number of channels and nicknames
 | |
|  *  chanserv/set                  - Can modify the settings of any channel (incl. changing of the owner!)
 | |
|  *  memoserv/info                 - Can see any information with /memoserv info
 | |
|  *  memoserv/set-limit            - Can set the limit of max stored memos on any user and channel
 | |
|  *  memoserv/no-limit             - Can send memos through limits and throttles
 | |
|  *  nickserv/access               - Can modify other users access list
 | |
|  *  nickserv/auspex               - Can see any information with /nickserv info
 | |
|  *  nickserv/confirm              - Can confirm other users nicknames
 | |
|  *  nickserv/drop                 - Can drop other users nicks
 | |
|  *
 | |
|  * Available commands:
 | |
|  *   botserv/bot/del       botserv/bot/add       botserv/bot/change  botserv/assign/private
 | |
|  *   botserv/botlist       botserv/set/private   botserv/set/nobot
 | |
|  *
 | |
|  *   chanserv/access/list     chanserv/drop                 chanserv/getkey           chanserv/invite
 | |
|  *   chanserv/list            chanserv/suspend              chanserv/topic            chanserv/clearusers
 | |
|  *
 | |
|  *   chanserv/saset/bantype   chanserv/saset/description    chanserv/saset/email
 | |
|  *   chanserv/saset/founder   chanserv/saset/keeptopic      chanserv/saset/restricted
 | |
|  *   chanserv/saset/peace     chanserv/saset/persist        chanserv/saset/private
 | |
|  *   chanserv/saset/secure    chanserv/saset/securefounder  chanserv/saset/secureops
 | |
|  *   chanserv/saset/signkick  chanserv/saset/successor      chanserv/saset/topiclock
 | |
|  *   chanserv/saset/url       chanserv/saset/noexpire
 | |
|  *
 | |
|  *   memoserv/sendall        memoserv/staff
 | |
|  *
 | |
|  *   nickserv/getpass        nickserv/sendpass      nickserv/getemail   nickserv/suspend
 | |
|  *   nickserv/resetpass      nickserv/release       nickserv/list
 | |
|  *
 | |
|  *   nickserv/saset/autoop   nickserv/saset/email   nickserv/saset/greet
 | |
|  *   nickserv/saset/icq      nickserv/saset/kill    nickserv/saset/language nickserv/saset/message
 | |
|  *   nickserv/saset/private  nickserv/saset/secure  nickserv/saset/url      nickserv/saset/noexpire
 | |
|  *
 | |
|  *   hostserv/set            hostserv/del
 | |
|  *
 | |
|  *   global/global
 | |
|  *
 | |
|  *   operserv/news         operserv/stats        operserv/kick       operserv/exception
 | |
|  *   operserv/mode         operserv/session      operserv/modlist    operserv/ignore
 | |
|  *   operserv/chankill     operserv/akill        operserv/sqline     operserv/snline
 | |
|  *   operserv/szline       operserv/oper         operserv/config     operserv/umode
 | |
|  *   operserv/modload      operserv/jupe         operserv/set        operserv/noop
 | |
|  *   operserv/quit         operserv/update       operserv/reload     operserv/restart
 | |
|  *   operserv/shutdown     operserv/svsnick      operserv/oline      operserv/kill
 | |
|  *
 | |
|  * Firstly, we define 'opertypes' which are named whatever we want ('Network Administrator', etc).
 | |
|  * These can contain commands for oper-only strings (see above) which grants access to that specific command,
 | |
|  * and privileges (which grant access to more general permissions for the named area).
 | |
|  * Wildcard entries are permitted for both, e.g. 'commands = "operserv/*"' for all OperServ commands.
 | |
|  *
 | |
|  * Below are some default example types, but this is by no means exhaustive,
 | |
|  * and it is recommended that you configure them to your needs.
 | |
|  */
 | |
| 
 | |
| opertype
 | |
| {
 | |
| 	/* The name of this opertype */
 | |
| 	name = "Helper"
 | |
| 
 | |
| 	/* What commands (see above) this opertype has */
 | |
| 	commands = "hostserv/*"
 | |
| }
 | |
| 
 | |
| opertype
 | |
| {
 | |
| 	/* The name of this opertype */
 | |
| 	name = "Services Operator"
 | |
| 
 | |
| 	/* What opertype(s) this inherits from. Seperate with a comma. */
 | |
| 	inherits = "Helper, Another Helper"
 | |
| 
 | |
| 	/* What commands (see above) this opertype may use */
 | |
| 	commands = "chanserv/list chanserv/suspend chanserv/topic memoserv/staff nickserv/list nickserv/sendpass nickserv/resetpass nickserv/suspend operserv/mode operserv/chankill operserv/szline operserv/akill operserv/session operserv/modlist operserv/sqline operserv/oper operserv/kick operserv/ignore operserv/snline"
 | |
| 
 | |
| 	/* What privs (see above) this opertype has */
 | |
| 	privs = "chanserv/auspex chanserv/no-register-limit memoserv/* nickserv/auspex nickserv/confirm"
 | |
| 
 | |
| 	/*
 | |
| 	 * Modes to be set on users when they identify to accounts linked to this opertype.
 | |
| 	 *
 | |
| 	 * This can be used to automatically oper users who identify for services operator accounts, and is
 | |
| 	 * useful for setting modes such as Plexus's user mode +N.
 | |
| 	 *
 | |
| 	 * Note that some IRCds, such as InspIRCd, do not allow directly setting +o, and this will not work.
 | |
| 	 */
 | |
| 	#modes = "+o"
 | |
| }
 | |
| 
 | |
| opertype
 | |
| {
 | |
| 	name = "Services Administrator"
 | |
| 
 | |
| 	inherits = "Services Operator"
 | |
| 
 | |
| 	commands = "chanserv/access/list chanserv/drop chanserv/getkey chanserv/saset/noexpire memoserv/sendall nickserv/saset/* nickserv/getemail operserv/news operserv/jupe operserv/svsnick operserv/stats operserv/oline operserv/noop operserv/forbid global/*"
 | |
| 
 | |
| 	privs = "*"
 | |
| }
 | |
| 
 | |
| opertype
 | |
| {
 | |
| 	name = "Services Root"
 | |
| 
 | |
| 	commands = "*"
 | |
| 
 | |
| 	privs = "*"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * After defining different types of operators in the above opertype section, we now define who is in these groups
 | |
|  * through 'oper' blocks, similar to ircd access.
 | |
|  *
 | |
|  * The default is to comment these out (so NOBODY will have Services access).
 | |
|  * You probably want to add yourself and a few other people at minimum.
 | |
|  *
 | |
|  * As with all permissions, make sure to only give trustworthy people access to Services.
 | |
|  */
 | |
| 
 | |
| /* Include services operators from YAML */
 | |
| {% for oper in secrets['IRC']['opers'] %}
 | |
| oper
 | |
| {
 | |
|     name = "{{ oper }}"
 | |
|     type = "Services Root"
 | |
|     require_oper = "yes"
 | |
| }
 | |
| {% endfor %}
 | |
| 
 | |
| /*
 | |
|  * [OPTIONAL] Mail Config
 | |
|  *
 | |
|  * This section contains settings related to the use of e-mail from Services.
 | |
|  * If the usemail directive is set to yes, unless specified otherwise, all other
 | |
|  * directives are required.
 | |
|  *
 | |
|  * NOTE: Users can find the IP of the machine services is running on by examining
 | |
|  * mail headers. If you do not want your IP known, you should set up a mail relay
 | |
|  * to strip the relevant headers.
 | |
|  */
 | |
| mail
 | |
| {
 | |
| 	/*
 | |
| 	 * If set, this option enables the mail commands in Services. You may choose
 | |
| 	 * to disable it if you have no Sendmail-compatible mailer installed. Whilst
 | |
| 	 * this directive (and entire block) is optional, it is required if the
 | |
| 	 * nickserv:emailregistration is set to yes.
 | |
| 	 */
 | |
| 	usemail = no
 | |
| 
 | |
| 	/*
 | |
| 	 * This is the command-line that will be used to call the mailer to send an
 | |
| 	 * e-mail. It must be called with all the parameters needed to make it
 | |
| 	 * scan the mail input to find the mail recipient; consult your mailer
 | |
| 	 * documentation.
 | |
| 	 *
 | |
| 	 * Postfix users must use the compatible sendmail utility provided with
 | |
| 	 * it. This one usually needs no parameters on the command-line. Most
 | |
| 	 * sendmail applications (or replacements of it) require the -t option
 | |
| 	 * to be used.
 | |
| 	 */
 | |
| 	sendmailpath = "/usr/sbin/sendmail -t"
 | |
| 
 | |
| 	/*
 | |
| 	 * This is the e-mail address from which all the e-mails are to be sent from.
 | |
| 	 * It should really exist.
 | |
| 	 */
 | |
| 	sendfrom = "services@localhost.net"
 | |
| 
 | |
| 	/*
 | |
| 	 * If set, SENDPASS and RESETPASS will be restricted to IRC operators.
 | |
| 	 * This directive is optional.
 | |
| 	 *
 | |
| 	 * WARNING: If you choose to not enable this option, you should limit the
 | |
| 	 * number of processes that the services user can have at a time (you can
 | |
| 	 * create a special user for this; remember to NEVER launch Services as
 | |
| 	 * root).
 | |
| 	 */
 | |
| 	restrict = yes
 | |
| 
 | |
| 	/*
 | |
| 	 * This controls the minimum amount of time a user must wait before sending
 | |
| 	 * another e-mail after they have sent one. It also controls the minimum time
 | |
| 	 * a user must wait before they can receive another e-mail.
 | |
| 	 *
 | |
| 	 * This feature prevents users from being mail bombed using Services and
 | |
| 	 * it is highly recommended that it be used.
 | |
| 	 *
 | |
| 	 * This directive is optional, but highly recommended.
 | |
| 	 */
 | |
| 	delay = 5m
 | |
| 
 | |
| 	/*
 | |
| 	 * If set, Services will not attempt to put quotes around the TO: fields
 | |
| 	 * in e-mails.
 | |
| 	 *
 | |
| 	 * This directive is optional, and as far as we know, it's only needed
 | |
| 	 * if you are using ESMTP or QMail to send out e-mails.
 | |
| 	 */
 | |
| 	#dontquoteaddresses = yes
 | |
| 
 | |
| 	/*
 | |
| 	 * The subject and message of emails sent to users when they register accounts.
 | |
| 	 */
 | |
| 	registration_subject = "Nickname Registration for %n"
 | |
| 	registration_message = "Hi,
 | |
| 
 | |
| 				You have requested to register the nickname %n on %N.
 | |
| 				Please type \" /msg NickServ confirm %c \" to complete registration.
 | |
| 
 | |
| 				If you don't know why this mail was sent to you, please ignore it silently.
 | |
| 				%N administrators."
 | |
| 
 | |
| 	/*
 | |
| 	 * The subject and message of emails sent to users when they request a new password.
 | |
| 	 */
 | |
| 	reset_subject = "N/A" /* "Reset password request for %n" */
 | |
| 	reset_message = "N/A" /* "Hi, You have requested to have the password for %n reset. To reset your password, type \"/msg NickServ CONFIRM %n %c\". If you don't know why this mail was sent to you, please ignore it silently. %N administrators." */
 | |
| 
 | |
| 	/*
 | |
| 	 * The subject and message of emails sent to users when they request SENDPASS.
 | |
| 	 */
 | |
| 	sendpass_subject = "N/A" /* "Nickname password for %n" */
 | |
| 	sendpass_message = "N/A" /* "Hi, You have requested to receive the password of nickname %n by e-mail. The password is %p. For security purposes, you should change it as soon as you receive this mail. If you don't know why this mail was sent to you, please ignore it silently. %N administrators." */
 | |
| 
 | |
| 	/*
 | |
| 	 * The subject and message of emails sent to users when they request a new email address.
 | |
| 	 */
 | |
| 	emailchange_subject = "Email confirmation"
 | |
| 	emailchange_message = "Hi,
 | |
| 
 | |
| 			You have requested to change your email address to %e.
 | |
| 			Please type \" /msg NickServ confirm %c \" to confirm this change.
 | |
| 
 | |
| 			If you don't know why this mail was sent to you, please ignore it silently.
 | |
| 
 | |
| 			%N administrators."
 | |
| 
 | |
| 	/*
 | |
| 	 * The subject and message of emails sent to users when they recieve a new memo.
 | |
| 	 */
 | |
| 	memo_subject = "New memo"
 | |
| 	memo_message = "Hi %n
 | |
| 		You've just received a new memo from %s. This is memo number %d.
 | |
| 
 | |
| 		Memo text:
 | |
| 
 | |
| 		%t"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [OPTIONAL] DNS Config
 | |
|  *
 | |
|  * This section is used to configure DNS.
 | |
|  * At this time DNS is only used by a few modules (m_dnsbl)
 | |
|  * and is not required by the core to function.
 | |
|  */
 | |
| dns
 | |
| {
 | |
| 	/*
 | |
| 	 * The nameserver to use for resolving hostnames, must be an IP or a resolver configuration file.
 | |
| 	 * The below should work fine on all unix like systems. Windows users will have to find their nameservers
 | |
| 	 * from ipconfig /all and put the IP here
 | |
| 	 */
 | |
| 	nameserver = "/etc/resolv.conf"
 | |
| 	#nameserver = "127.0.0.1"
 | |
| 
 | |
| 	/*
 | |
| 	 * How long to wait in seconds before a DNS query has timed out
 | |
| 	 */
 | |
| 	timeout = 5
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [REQUIRED] Database configuration.
 | |
|  *
 | |
|  * This section is used to configure databases used by Anope.
 | |
|  * You should at least load one database method, otherwise any data you
 | |
|  * have will not be stored!
 | |
|  */
 | |
| 
 | |
| /*
 | |
|  * [DEPRECATED] db_old
 | |
|  *
 | |
|  * This is the old binary database format from late Anope 1.7.x, Anope 1.8.x, and
 | |
|  * early Anope 1.9.x. This module only loads these databases, and will NOT save them.
 | |
|  * You should only use this to upgrade old databases to a newer database format by loading
 | |
|  * other database modules in addition to this one, which will be used when saving databases.
 | |
|  */
 | |
| #module { name = "db_old" }
 | |
| db_old
 | |
| {
 | |
| 	/*
 | |
| 	 * This is the encryption type used by the databases. This must be set correctly or
 | |
| 	 * your passwords will not work. Valid options are: md5, oldmd5, sha1, and plain.
 | |
| 	 */
 | |
| 	#hash = "md5"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [DEPRECATED] db_plain
 | |
|  *
 | |
|  * This is the flatfile database format from Anope-1.9.2 to Anope-1.9.5.
 | |
|  * To convert from this format, load both this and db_flatfile. Be sure to name db_flatfile's
 | |
|  * target database to something else. Start Anope then shut down so the new database will be written.
 | |
|  * Then unload this and restart Anope, loading from the new database.
 | |
|  */
 | |
| #module { name = "db_plain" }
 | |
| /*db_plain
 | |
|  *{
 | |
|  *
 | |
|  * The database name db_plain should use
 | |
|  *
 | |
|  *	database = "/var/db/anope/anope.db"
 | |
| }*/
 | |
| 
 | |
| /*
 | |
|  * db_flatfile
 | |
|  *
 | |
|  * This is the default flatfile database format.
 | |
|  */
 | |
| module { name = "db_flatfile" }
 | |
| db_flatfile
 | |
| {
 | |
| 	/*
 | |
| 	 * The database name db_flatfile should use
 | |
| 	 */
 | |
| 	database = "anope.db"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * db_sql
 | |
|  *
 | |
|  * This module allows saving and loading databases using one of the SQL engines.
 | |
|  * This module loads the databases once on startup, then incrementally updates
 | |
|  * objects in the database as they are changed within Anope in real time. Changes
 | |
|  * to the SQL tables not done by Anope will have no effect and will be overwritten.
 | |
|  *
 | |
|  */
 | |
| #module { name = "db_sql" }
 | |
| 
 | |
| /*
 | |
|  * db_sql_live
 | |
|  *
 | |
|  * This module allows saving and loading databases using one of the SQL engines.
 | |
|  * This module reads and writes to SQL in real time. Changes to the SQL tables
 | |
|  * will be immediately reflected into Anope. This module should not be loaded
 | |
|  * in conjunction with db_sql.
 | |
|  */
 | |
| #module { name = "db_sql_live" }
 | |
| 
 | |
| db_sql
 | |
| {
 | |
| 	/*
 | |
| 	 * The SQL service db_sql(_live) should use, these are configured in modules.conf.
 | |
| 	 * For MySQL, this should probably be mysql/main.
 | |
| 	 */
 | |
| 	engine = "sqlite/main"
 | |
| 
 | |
| 	/*
 | |
| 	 * An optional prefix to prepended to the name of each created table.
 | |
| 	 * Do not use the same prefix for other programs.
 | |
| 	 */
 | |
| 	#prefix = "anope_db_"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * [REQUIRED] Encryption modules.
 | |
|  *
 | |
|  * The encryption modules are used when dealing with passwords. This determines how
 | |
|  * the passwords are stored in the databases, and does not add any security as
 | |
|  * far as transmitting passwords over the network goes.
 | |
|  *
 | |
|  * Without any encryption modules, passwords will be stored in plain text, allowing
 | |
|  * for passwords to be recovered later but isn't secure therefore is not recommended.
 | |
|  *
 | |
|  * The other encryption modules use one-way encryption, so the passwords can not
 | |
|  * be recovered later if those are used.
 | |
|  *
 | |
|  * NOTE: enc_old is Anope's previous (broken) MD5 implementation, if your databases
 | |
|  * were made using that module, continue to use it and do not use enc_md5.
 | |
|  *
 | |
|  * NOTE: enc_sha1 relies on how the OS stores 2+ byte data internally, and is
 | |
|  * potentially broken when moving between 2 different OSes, such as moving from
 | |
|  * Linux to Windows. It is recommended that you use enc_sha256 instead if you want
 | |
|  * to use an SHA-based encryption. If you choose to do so, it is also recommended
 | |
|  * that you first try to get everyone's passwords converted to enc_sha256 before
 | |
|  * switching OSes by placing enc_sha256 at the beginning of the list.
 | |
|  *
 | |
|  * The first encryption module loaded is the primary encryption module. All new passwords are
 | |
|  * encrypted by this module. Old passwords stored in another encryption method are
 | |
|  * automatically re-encrypted by the primary encryption module on next identify.
 | |
|  */
 | |
| #module { name = "enc_md5" }
 | |
| #module { name = "enc_sha1" }
 | |
| module { name = "enc_sha256" }
 | |
| 
 | |
| /*
 | |
|  * When using enc_none, passwords will be stored without encryption in plain
 | |
|  * text, allowing for passwords to be recovered later. This isn't secure therefore
 | |
|  * is not recommended.
 | |
|  */
 | |
| #module { name = "enc_none" }
 | |
| 
 | |
| /*
 | |
|  * enc_old is Anope's previous (broken) MD5 implementation, if your databases
 | |
|  * were made using that module, load it here to allow conversion to the primary
 | |
|  * encryption method.
 | |
|  */
 | |
| #module { name = "enc_old" }
 | |
| 
 | |
| /* Extra (optional) modules */
 | |
| include
 | |
| {
 | |
| 	type = "file"
 | |
| 	name = "modules.conf"
 | |
| }
 | |
| 
 | |
| /*
 | |
|  * Chanstats Modules
 | |
|  * Requires a MySQL Database
 | |
|  */
 | |
| 
 | |
| #include
 | |
| #{
 | |
| #	type = "file"
 | |
| #	name = "chanstats.example.conf"
 | |
| #}
 |