177 lines
4.0 KiB
Django/Jinja
177 lines
4.0 KiB
Django/Jinja
# Includes
|
|
<config format="xml">
|
|
<include file="/etc/inspircd/opers.conf">
|
|
<include file="/etc/inspircd/links.conf">
|
|
<include file="/etc/inspircd/modules.conf">
|
|
<files motd="/etc/inspircd/motd.txt" rules="/etc/inspircd/rules.txt">
|
|
|
|
# Server Definition
|
|
<server
|
|
name="{{ external_domain }}"
|
|
description="{{ organization['displayname'] }}/IRC"
|
|
network="{{ organization['displayname'] }}/IRC">
|
|
<admin
|
|
name="{{ organization['admin'] }}"
|
|
nick="{{ organization['admin'] }}"
|
|
email="{{ organization['email'] }}">
|
|
|
|
# Connection Information
|
|
<define name="subnetips" value="10.0.1.0/24">
|
|
<define name="localhost" value="127.0.0.1/32">
|
|
<cidr
|
|
ipv4clone="32"
|
|
ipv6clone="128">
|
|
|
|
|
|
# Plaintext on local only for bots and servers
|
|
<bind address="" port="8067" type="servers">
|
|
<bind address="" port="6667" type="clients">
|
|
<connect
|
|
name="local"
|
|
parent="main"
|
|
allow="127.0.0.1"
|
|
localmax="20"
|
|
globalmax="20"
|
|
limit="20"
|
|
requiressl="off"
|
|
modes="+Bwx"
|
|
threshold="200"
|
|
port="6667">
|
|
|
|
# SSL for external connections
|
|
<bind
|
|
address=""
|
|
port="6697"
|
|
sslprofile="clients"
|
|
type="clients">
|
|
<connect
|
|
name="main"
|
|
allow="*"
|
|
commandrate="1000"
|
|
fakelag="on"
|
|
globalmax="500"
|
|
hardsendq="1M"
|
|
limit="500"
|
|
localmax="500"
|
|
maxconnwarn="on"
|
|
modes="+wx"
|
|
pingfreq="120"
|
|
port="6697"
|
|
recvq="8192"
|
|
requiressl="off"
|
|
resolvehostnames="on"
|
|
softsendq="8192"
|
|
threshold="25"
|
|
timeout="10"
|
|
useident="no">
|
|
<sslprofile
|
|
name="clients"
|
|
provider="openssl"
|
|
cafile="/etc/letsencrypt/live/{{ ssl['identity'] }}/chain.pem"
|
|
certfile="/etc/letsencrypt/live/{{ ssl['identity'] }}/fullchain.pem"
|
|
keyfile="/etc/letsencrypt/live/{{ ssl['identity'] }}/privkey.pem"
|
|
ciphers="{{ ssl['ciphersuite'] }}"
|
|
hash="sha256"
|
|
renegotiation="no"
|
|
requestclientcert="no"
|
|
sslv3="no"
|
|
tlsv1="no"
|
|
tlsv11="no"
|
|
tlsv12="yes"
|
|
tlsv13="yes">
|
|
<openssl onrehash="yes">
|
|
|
|
|
|
|
|
# Performance
|
|
<performance
|
|
netbuffersize="10240"
|
|
somaxconn="128"
|
|
limitsomaxconn="true"
|
|
softlimit="1024"
|
|
quietbursts="yes">
|
|
<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="/var/log/inspircd/inspircd.log" flush="1">
|
|
<pid file="/var/lib/inspircd/inspircd.pid">
|
|
<options
|
|
|
|
prefixquit="Quit: "
|
|
suffixquit=""
|
|
prefixpart="""
|
|
suffixpart="""
|
|
|
|
syntaxhints="no"
|
|
|
|
cyclehosts="no"
|
|
cyclehostsfromuser="no"
|
|
|
|
ircumsgprefix="no"
|
|
|
|
announcets="yes"
|
|
|
|
allowmismatch="no"
|
|
|
|
defaultbind="auto"
|
|
|
|
hostintopic="yes"
|
|
|
|
pingwarning="15"
|
|
serverpingfreq="60"
|
|
|
|
defaultmodes="not"
|
|
|
|
moronbanner="You're banned! Contact {{ organization['email'] }} with the ERROR line below for help."
|
|
exemptchanops="nonick:v flood:o"
|
|
invitebypassmodes="yes"
|
|
nosnoticestack="no"
|
|
|
|
welcomenotice="yes">
|
|
|
|
|
|
|
|
# Security and Controls
|
|
<security
|
|
announceinvites="dynamic"
|
|
hidemodes="eI"
|
|
hideulines="no"
|
|
flatlinks="no"
|
|
hidewhois=""
|
|
hidebans="no"
|
|
hidekills=""
|
|
hidesplits="yes"
|
|
maxtargets="20"
|
|
customversion=""
|
|
operspywhois="yes"
|
|
restrictbannedusers="yes"
|
|
genericoper="no"
|
|
userstats="Pu">
|
|
<limits
|
|
maxnick="12"
|
|
maxchan="20"
|
|
maxmodes="20"
|
|
maxident="64"
|
|
maxquit="255"
|
|
maxtopic="307"
|
|
maxkick="255"
|
|
maxgecos="128"
|
|
maxaway="200">
|
|
<channels users="20" opers="60">
|
|
<maxlist chan="*" limit="60">
|
|
<whowas
|
|
groupsize="10"
|
|
maxgroups="100000"
|
|
maxkeep="1d">
|
|
|
|
# Ban options
|
|
<badnick nick="*Serv" reason="Reserved for Services">
|
|
<badhost host="*@*malware*" reason="Malware">
|
|
<badhost host="root@*" reason="Don't IRC as root!">
|
|
<exception host="{{ organization['admin'] }}@localhost" reason="localhost">
|
|
<exception host="{{ organization['admin'] }}@127.0.0.1" reason="localhost">
|
|
<exception host="{{ organization['admin'] }}@{{ external_domain }}" reason="localhost">
|
|
<exception host="{{ organization['admin'] }}@*.{{ external_domain }}" reason="localhost">
|
|
<insane
|
|
hostmasks="no"
|
|
ipmasks="no"
|
|
nickmasks="no"
|
|
trigger="99">
|