Kapisi/roles/IRC/templates/inspircd/inspircd.conf.j2
2023-10-08 12:28:14 -05:00

177 lines
4.0 KiB
Django/Jinja

# Includes
<config format="xml">
<include file="/etc/inspircd/opers.conf">
<include file="/etc/inspircd/links.conf">
<include file="/etc/inspircd/modules.conf">
<files motd="/etc/inspircd/motd.txt" rules="/etc/inspircd/rules.txt">
# Server Definition
<server
name="{{ external_domain }}"
description="{{ organization['displayname'] }}/IRC"
network="{{ organization['displayname'] }}/IRC">
<admin
name="{{ organization['admin'] }}"
nick="{{ organization['admin'] }}"
email="{{ organization['email'] }}">
# Connection Information
<define name="subnetips" value="10.0.1.0/24">
<define name="localhost" value="127.0.0.1/32">
<cidr
ipv4clone="32"
ipv6clone="128">
# Plaintext on local only for bots and servers
<bind address="" port="8067" type="servers">
<bind address="" port="6667" type="clients">
<connect
name="local"
parent="main"
allow="127.0.0.1"
localmax="20"
globalmax="20"
limit="20"
requiressl="off"
modes="+Bwx"
threshold="200"
port="6667">
# SSL for external connections
<bind
address=""
port="6697"
sslprofile="clients"
type="clients">
<connect
name="main"
allow="*"
commandrate="1000"
fakelag="on"
globalmax="500"
hardsendq="1M"
limit="500"
localmax="500"
maxconnwarn="on"
modes="+wx"
pingfreq="120"
port="6697"
recvq="8192"
requiressl="off"
resolvehostnames="on"
softsendq="8192"
threshold="25"
timeout="10"
useident="no">
<sslprofile
name="clients"
provider="openssl"
cafile="/etc/letsencrypt/live/{{ ssl['identity'] }}/chain.pem"
certfile="/etc/letsencrypt/live/{{ ssl['identity'] }}/fullchain.pem"
keyfile="/etc/letsencrypt/live/{{ ssl['identity'] }}/privkey.pem"
ciphers="{{ ssl['ciphersuite'] }}"
hash="sha256"
renegotiation="no"
requestclientcert="no"
sslv3="no"
tlsv1="no"
tlsv11="no"
tlsv12="yes"
tlsv13="yes">
<openssl onrehash="yes">
# Performance
<performance
netbuffersize="10240"
somaxconn="128"
limitsomaxconn="true"
softlimit="1024"
quietbursts="yes">
<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="/var/log/inspircd/inspircd.log" flush="1">
<pid file="/var/lib/inspircd/inspircd.pid">
<options
prefixquit="Quit: "
suffixquit=""
prefixpart="&quot;"
suffixpart="&quot;"
syntaxhints="no"
cyclehosts="no"
cyclehostsfromuser="no"
ircumsgprefix="no"
announcets="yes"
allowmismatch="no"
defaultbind="auto"
hostintopic="yes"
pingwarning="15"
serverpingfreq="60"
defaultmodes="not"
moronbanner="You're banned! Contact {{ organization['email'] }} with the ERROR line below for help."
exemptchanops="nonick:v flood:o"
invitebypassmodes="yes"
nosnoticestack="no"
welcomenotice="yes">
# Security and Controls
<security
announceinvites="dynamic"
hidemodes="eI"
hideulines="no"
flatlinks="no"
hidewhois=""
hidebans="no"
hidekills=""
hidesplits="yes"
maxtargets="20"
customversion=""
operspywhois="yes"
restrictbannedusers="yes"
genericoper="no"
userstats="Pu">
<limits
maxnick="12"
maxchan="20"
maxmodes="20"
maxident="64"
maxquit="255"
maxtopic="307"
maxkick="255"
maxgecos="128"
maxaway="200">
<channels users="20" opers="60">
<maxlist chan="*" limit="60">
<whowas
groupsize="10"
maxgroups="100000"
maxkeep="1d">
# Ban options
<badnick nick="*Serv" reason="Reserved for Services">
<badhost host="*@*malware*" reason="Malware">
<badhost host="root@*" reason="Don't IRC as root!">
<exception host="{{ organization['admin'] }}@localhost" reason="localhost">
<exception host="{{ organization['admin'] }}@127.0.0.1" reason="localhost">
<exception host="{{ organization['admin'] }}@{{ external_domain }}" reason="localhost">
<exception host="{{ organization['admin'] }}@*.{{ external_domain }}" reason="localhost">
<insane
hostmasks="no"
ipmasks="no"
nickmasks="no"
trigger="99">