software-archive/ircservices5
2
Fork 0
mirror of https://github.com/NishiOwO/ircservices5.git synced 2025-04-22 01:04:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
ircservices5/data/example-modules.conf
Koragg 580cb48284
Add files via upload
2019-01-23 09:30:51 +01:00

1558 lines
58 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Example module configuration file for Services. After making the
# appropriate changes to this file, place it in the Services data directory
# (as specified in the "configure" script, default /usr/local/lib/ircservices)
# with the name "modules.conf".
###########################################################################
#
# Protocol module settings
#
###########################################################################
# Enter the protocol name here, then uncomment the appropriate directives.
Module protocol/(insert protocol name here)
# NetworkDomain domain [RECOMMENDED]
# Protocols: bahamut, dalnet, dreamforge, monkey, ptlink, rfc1459,
# trircd, ts8, undernet-p9
#
# Specifies the common domain, if any, shared by all servers on
# your IRC network; this is required for global notices to function
# properly. Make sure you do not include a "." before the domain
# name. If you do not specify this, some or all users may not
# receive global notices.
#NetworkDomain "example.net"
# ServerNumeric <numeric> [RECOMMENDED]
# Protocols: unreal
#
# Makes Services send a numeric to the remote server on connect.
# This must be a value between 1 and 254, and must not be in use by
# any other IRC server on the network. If you do not want to use a
# numeric for Services, comment the directive out.
#ServerNumeric 1
# SetServerTimes [<time>] [RECOMMENDED]
# Protocols: unreal
#
# Causes Services to synchronize all servers' internal clocks with
# its own; this can help avoid potential problems with users
# improperly gaining chanops, particularly during netsplits. If a
# time parameter is given, Services will repeatedly synchronize the
# servers clocks at that interval, otherwise synchronization will
# only be performed at startup.
#SetServerTimes
#SetServerTimes 12h
# CSSetChannelTime [OPTIONAL]
# Protocols: bahamut, monkey, trircd, unreal
#
# When enabled, causes Services to set the "creation time" (the
# time at which the first user joined the channel) of a registered
# channel to the time at which the channel was registered. This
# can help prevent spurious mode changes and "op hacking" when a
# split server reconnects to the network. When using Unreal,
# however, the first user to join the channel when it is empty gets
# set -o and +o in quick succession due to limitations of the IRC
# server; if this bothers you, do not enable this option. Also, some
# servers (such as Bahamut) generate server notices each time a
# channel's timestamp is changed, which can be safely ignored.
#CSSetChannelTime
EndModule
###########################################################################
#
# Database module configuration
#
###########################################################################
Module database/standard
# This module has no configurable settings.
EndModule
Module database/version4
# NickServDB <name> [REQUIRED]
# Specifies the filename used for the registered nickname databases.
NickServDB "nick.db"
# ChanServDB <name> [REQUIRED]
# Specifies the filename used for the registered channel databases.
ChanServDB "chan.db"
# OperServDB <name> [REQUIRED]
# Specifies the filename used for the OperServ database.
OperServDB "oper.db"
# NewsDB <name> [REQUIRED]
# Specifies the filename used for the news database.
NewsDB "news.db"
# AutokillDB <name> [REQUIRED]
# Specifies the filename used for the autokill and autokill
# exclusion databases.
AutokillDB "akill.db"
# ExceptionDB <name> [REQUIRED]
# Specifies the filename used for the session exception database.
ExceptionDB "exception.db"
# SlineDB <name> [REQUIRED]
# Specifies the filename used for the SGline, SQline, and SZline
# databases.
SlineDB "sline.db"
# StatServDB <name> [REQUIRED]
# Specifies the filename used for the StatServ server statistics
# database.
StatServDB "stats.db"
EndModule
###########################################################################
#
# Encryption module configuration
#
###########################################################################
# No encryption modules have any configurable settings.
###########################################################################
#
# Encryption module configuration
#
###########################################################################
Module encryption/md5
# EnableAnopeWorkaround [OPTIONAL]
# Enables a workaround for encrypted passwords imported from the
# Anope or Epona programs, which have a bug (inherited from an old
# version of Services) causing passwords to be incorrectly
# encrypted.
#
# WARNING: Enabling this option may reduce the security of
# encrypted passwords! If you need this option for importing an
# Anope or Epona database, it is recommended that you enable this
# only long enough to ensure that all users have used SET PASSWORD
# to reset their passwords (possibly to the same password).
#EnableAnopeWorkaround
EndModule
###########################################################################
#
# Mail module configuration
#
###########################################################################
Module mail/main
# FromAddress <email> [REQUIRED]
# Specifies the E-mail address to be used on outgoing mail. Make
# sure you enter the correct address here before uncommenting the
# directive.
#FromAddress services@example.net
# FromName <name> [OPTIONAL]
# Specifies the "real name" to be used on outgoing mail. Make sure
# to include quotes if this is a multi-word string.
#FromName "ExampleNet Services"
# MaxMessages <count> [RECOMMENDED]
# Specifies the maximum number of messages that are permitted to be
# in transit simultaneously. Attempts to send messages above this
# limit will be rejected with a "no resources" error. If not
# given, no limit is enforced.
MaxMessages 100
# SendTimeout <time> [RECOMMENDED]
# Specifies the amount of time Services will wait before aborting a
# mail message in the process of being sent. If not specified,
# message sends will not time out.
SendTimeout 1m
EndModule
################################ Sendmail-based low-level module
Module mail/sendmail
# SendmailPath <path> [REQUIRED]
# Specifies the full path to the "sendmail" program to be used to
# send mail. This program must accept a command-line option "-t"
# to extract recipient addresses from a mail message given on
# standard input (the standard "sendmail" program does this).
# The program will be executed with the same environment as
# Services itself is run with.
SendmailPath /usr/lib/sendmail
EndModule
################################ SMTP-based low-level module
Module mail/smtp
# RelayHost <hostname> [REQUIRED]
# Specifies the host to which all mail will be sent, e.g. your
# local mail server. This directive may be given multiple times to
# specify backup servers; the servers will be tried in the order
# listed.
#RelayHost mail.example.net
# SMTPName <hostname> [REQUIRED]
# Specifies the hostname Services will use in the HELO command to
# the remote server. Normally, this should be set to the same as
# the hostname of the machine Services runs on.
#SMTPName services.example.net
EndModule
###########################################################################
#
# OperServ configuration
#
###########################################################################
Module operserv/main
# OperServName <nick> <string> [REQUIRED]
# Specifies the nickname (first parameter) and "real" name (second
# parameter) used by the OperServ pseudoclient.
OperServName "OperServ" "Operator Server"
# GlobalName <nick> <string> [REQUIRED]
# Specifies the nickname (first parameter) and "real" name (second
# parameter) used by the global-noticer pseudoclient. This client
# is used to send messages from the OperServ GLOBAL command and
# news messages.
GlobalName "Global" "Global Noticer"
# ServicesRoot <nick> [REQUIRED]
# Specifies the Services "super-user". The super-user, or "root" as
# in Unix terminology, is the only user who can add or delete
# Services admins.
#
# This is commented out by default; make sure you insert the correct
# nick before uncommenting it.
#ServicesRoot SuperUser
# KillClonesAutokill <expiry-time> [RECOMMENDED]
# Causes Services to add an autokill for hosts killed using the
# KILLCLONES command, to prevent the clients from immediately
# reconnecting. The expiry-time parameter sets the expiry time for
# the autokill.
#
# If the autokill module (operserv/akill) is not loaded, this
# directive has no effect.
KillClonesAutokill 30m
# AllowRaw [DISCOURAGED]
# Enables use of the OperServ RAW command. This command can be
# used for testing IRC server features and other limited uses, but
# can also wreak havoc on a network if used improperly; use with
# extreme caution.
#AllowRaw
# WallOper [OPTIONAL]
# Causes Services to send a WALLOPS/GLOBOPS when a user becomes an
# IRC operator. Note that this can cause WALLOPS floods when
# Services first connects to the network.
#WallOper
# WallBadOS [OPTIONAL]
# Causes Services to send a WALLOPS/GLOBOPS if a non-IRC-operator
# tries to use OperServ.
#WallBadOS
# WallOSChannel [OPTIONAL]
# Cause Services to send a WALLOPS/GLOBOPS on use of any of the
# MODE, KICK, CLEARMODES, and CLEARCHAN commands.
#WallOSChannel
# WallSU [OPTIONAL]
# Causes Services to send a WALLOPS/GLOBOPS whenever a Services
# admin successfully obtains Services super-user privileges with
# the SU command. Note that Services will always send a
# WALLOPS/GLOBOPS when an incorrect password is given to the SU
# command or a user without Services admin privileges attempts to
# use the SU command.
WallSU
EndModule
################################ Autokill module settings
Module operserv/akill
# AutokillReason <reason> [REQUIRED]
# The reason to use when sending out KILLs for autokills and with
# the actual AKILL/GLINE commands. Some servers show this reason
# to users if their connection is rejected because they match an
# autokill. If you include a "%s" in the reason, it will be
# replaced by the reason given with the autokill itself.
AutokillReason "You are banned from this network"
#AutokillReason "Autokilled: %s"
# AutokillExpiry <time> [RECOMMENDED]
# Sets the default expiry time for autokills. If not defined,
# autokills will not expire by default.
AutokillExpiry 30d
# AkillChanExpiry <time> [REQUIRED]
# Sets the default expiry time for autokills added by an AKILLCHAN
# command.
AkillChanExpiry 7d
# OperMaxExpiry <time> [OPTIONAL]
# Sets the maximum expiry time usable by Services operators. If
# not defined, Services operators can set any expiry time, just as
# Services administrators can. If this is set to a value lower
# than AutokillExpiry or AkillChanExpiry, autokills entered without
# an expiry time will use this setting instead of the relevant
# default.
#OperMaxExpiry 7d
# EnableExclude [OPTIONAL]
# Causes autokill exclusions to be usable. If not given, the
# EXCLUDE command will be unavailable, and any autokill
# exclusions previously added will be ignored.
#
# NOTICE: On IRC servers without autokill exclusion functionality
# (such as that in trircd version 5), this will cause autokills to
# not be sent to the server; instead, Services will issue a KILL
# for each user that matches an autokill and does not match any
# autokill exclusions. This is necessary to allow Services to
# apply exclusions to users before they are disconnected.
#EnableExclude
# ExcludeReason <reason> [REQUIRED if EnableExclude set]
# The reason to use when sending out EXCLUDE commands on servers
# which support them. If you include a "%s" in the reason, it will
# be replaced by the reason given with the exclusion itself.
ExcludeReason "IRC operator host"
#ExcludeReason "Excluded from autokills: %s"
# ExcludeExpiry <time> [OPTIONAL]
# Sets the default expiry time for autokill exclusions. If not
# defined, autokill exclusions will not expire by default.
ExcludeExpiry 30d
# ImmediatelySendAutokill [OPTIONAL]
# Causes OperServ to inform all servers of a new autokill the
# moment it is added, rather than waiting for someone to match it
# first. (Note that autokill exclusions are always sent to the
# server immediately; this is to avoid an autokill being triggered
# by a non-excluded match before the exclusion has been sent,
# resulting in the excluded users being autokilled as well.)
#ImmediatelySendAutokill
# WallOSAkill [OPTIONAL]
# Cause Services to send a WALLOPS/GLOBOPS on use of the AKILL or
# EXCLUDE command to add or delete autokills or exclusions.
#WallOSAkill
# WallAutokillExpire [OPTIONAL]
# Causes Services to send a WALLOPS/GLOBOPS whenever an autokill
# or autokill exclusion expires.
#WallAutokillExpire
EndModule
################################ News module settings
Module operserv/news
# This module has no configurable settings.
EndModule
################################ Sessions module settings
Module operserv/sessions
# DefSessionLimit <limit> [RECOMMENDED]
# Default session limit per host. Once a host reaches its session
# limit, all clients attempting to connect from that host will be
# killed. A value of zero (or omitting the option entirely) means
# an unlimited session limit.
DefSessionLimit 3
# MaxSessionLimit <limit> [OPTIONAL]
# The maximum session limit that may be set for a host in an
# exception.
MaxSessionLimit 100
# ExceptionExpiry <time> [RECOMMENDED]
# Sets the default expiry time for exceptions. If not set,
# exceptions will not expire by default.
ExceptionExpiry 1d
# SessionLimitExceeded <message> [OPTIONAL]
# The message that will be NOTICE'd to a user just before they are
# removed from the network because their host's session limit has
# been exceeded. It may be used to give a slightly more
# descriptive reason for the impending kill as opposed to simply
# "Session limit exceeded". If this is commented out, nothing will
# be sent.
SessionLimitExceeded "The session limit for your host %s has been exceeded."
# SessionLimitDetailsLoc <message> [OPTIONAL]
# Same as above, but should be used to provide a website address
# where users can find out more about session limits and how to go
# about applying for an exception. If this is commented out,
# nothing will be sent.
#
# This option has been intentionally commented out in an effort to
# remind you to change the URL it contains. It is recommended that
# you supply an address/URL where people can get help regarding
# session limits.
#SessionLimitDetailsLoc "Please visit http://your.website.url/ for more information about session limits."
# SessionLimitAutokill <max-kill-interval> <num-kills> <expiry> <reason> [OPTIONAL]
# With this option, Services will add an automatic autokill when
# the same host's session limit is exceeded repeatedly in a short
# period of time. If not given, autokills will not be
# automatically added (Services will just keep killing users from
# the host as they come on). Note that the autokill module
# (operserv/akill) must be loaded for this to work.
#
# <max-kill-interval> sets the maximum interval which can elapse
# between kills before the kill counter is reset.
#
# <num-kills> sets the number of kills before an autokill is added.
#
# <expiry> sets the expiration time for the autokill.
#
# <reason> sets the reason for the autokill.
#SessionLimitAutokill 10s 5 30m "Exceeding session limit"
# WallOSException [OPTIONAL]
# Cause Services to send a WALLOPS/GLOBOPS on use of the EXCEPTION
# command to add or delete a session exception.
#WallOSException
# WallExceptionExpire [OPTIONAL]
# Causes Services to send a WALLOPS/GLOBOPS whenever a session
# limit exception expires.
#WallExceptionExpire
EndModule
################################ S-line module settings
Module operserv/sline
# SGlineReason <reason> [REQUIRED]
# The reason to use when sending out KILLs and SGLINE commands.
# Some servers show this reason to users if their connection is
# rejected because they match an SGline. If you include a "%s"
# in the reason, it will be replaced by the reason given with the
# SGline entry itself.
SGlineReason "Invalid real name"
#SGlineReason "Invalid real name: %s"
# SQlineReason <reason> [REQUIRED]
# The reason to use when sending out KILLs and SQLINE commands.
# Some servers show this reason to users if their connection is
# rejected because they match an SQline. If you include a "%s"
# in the reason, it will be replaced by the reason given with the
# SQline entry itself.
SQlineReason "Reserved nickname"
#SQlineReason "Reserved nickname: %s"
# SZlineReason <reason> [REQUIRED]
# The reason to use when sending out KILLs and SZLINE commands.
# Some servers show this reason to users if their connection is
# rejected because they match an SZline. If you include a "%s"
# in the reason, it will be replaced by the reason given with the
# SZline entry itself.
SZlineReason "You are banned from this network"
#SZlineReason "Z-lined: %s"
# ImmediatelySendSline [OPTIONAL]
# Causes OperServ to inform all servers of a new S-line the moment
# it is added, rather than waiting for someone to match it first.
#ImmediatelySendSline
# SGlineExpiry <time> [OPTIONAL]
# Sets the default expiry time for SGlines. If not defined,
# SGlines of that type will not expire by default.
#SGlineExpiry 30d
# SQlineExpiry <time> [OPTIONAL]
# Sets the default expiry time for SQlines. If not defined,
# SQlines of that type will not expire by default.
#SQlineExpiry 30d
# SZlineExpiry <time> [OPTIONAL]
# Sets the default expiry time for SZlines. If not defined,
# SZlines of that type will not expire by default.
SZlineExpiry 30d
# WallOSSline [OPTIONAL]
# Cause Services to send a WALLOPS/GLOBOPS on use of the SGLINE,
# SQLINE, or SZLINE commands to add or delete S-lines.
#WallOSSline
# WallSlineExpire [OPTIONAL]
# Causes Services to send a WALLOPS/GLOBOPS whenever an autokill
# expires.
#WallSlineExpire
# SQlineIgnoreOpers [OPTIONAL]
# Allows IRC operators to use nicknames that match an SQline.
# (Note that this may not function properly if the IRC server does
# not allow IRC operators to use such nicknames.)
SQlineIgnoreOpers
# SQlineKill [OPTIONAL]
# Normally, users whose nickname matches an SQline will have their
# nickname changed (on servers which support forced nickname
# changing) instead of being killed. Setting this option causes
# such users to be killed even on such servers, which may be
# helpful for dealing with clone attacks.
#
# Note that if this option is set, Services will not send SQlines
# to the IRC network; if it did, the IRC servers would step in and
# send the user an "invalid nickname" message before Services had a
# chance to kill the user.
#SQlineKill
EndModule
###########################################################################
#
# NickServ configuration
#
###########################################################################
Module nickserv/main
# NickServName <nick> <string> [REQUIRED]
# Specifies the nickname (first parameter) and "real" name (second
# parameter) used by the NickServ pseudoclient.
NickServName "NickServ" "Nickname Server"
# NSEnableRegister [OPTIONAL]
# Allows the REGISTER command to be used. This is usually a good
# thing, but if you don't want your users to be able to register
# nicknames, remove (or comment out) this directive. Note that you
# will need to at least enable this to register the Services
# super-user nick (defined in the operserv/main ServicesRoot
# directive), or you will not be able to use any privileged
# OperServ functions!
NSEnableRegister
# NSRegEmailMax <count> [OPTIONAL]
# Sets the maximum number of nicknames that can be registered to a
# single E-mail address; this affects both ordinary registration as
# well as changing the address using SET EMAIL, and also nickname
# linking (if the appropriate module is loaded). If not given,
# there is no limit.
#
# This option is most useful in combination with NSRequireEmail,
# below.
#NSRegEmailMax 20
# NSRequireEmail [OPTIONAL]
# Makes an E-mail address required at registration time. Users
# also will not be able to clear the address once registered,
# though they can change it. If not set, an E-mail address is not
# required (but may still be given), and the address may be cleared
# later on.
NSRequireEmail
# NSRegDenyIfSuspended [OPTIONAL]
# Disallows the use of REGISTER if the E-mail address given with
# the command is associated with a suspended nickname. This can
# help prevent users from getting around nickname suspensions by
# registering a new nickname.
NSRegDenyIfSuspended
# NSRegDelay <time> [RECOMMENDED]
# Sets the minimum length of time between consecutive uses of the
# REGISTER command. If not given, this restriction is disabled.
#
# WARNING: Not setting NSRegDelay, or setting it too low, will not
# only allow "registration flooding" but, if the mail-auth
# module is also loaded, will also allow users to abuse
# this command to send large quantities of mail (mailbombs)
# to arbitrary users!
NSRegDelay 5m
# NSInitialRegDelay <time> [OPTIONAL]
# Sets the minimum length of time the user must be connected before
# using the REGISTER command for the first time. If not given,
# this restriction is disabled. This option can be helpful in
# preventing malicious bots from flooding your network with
# registrations.
#NSInitialRegDelay 30s
# NSSetEmailDelay <time> [RECOMMENDED]
# Sets the minimum length of time between consecutive uses of the
# SET EMAIL command. If not given, this restriction is disabled.
#
# WARNING: If you use the mail-auth module, then not setting
# NSSetEmailDelay, or setting it too low, will allow users
# to abuse this command to send large quantities of mail
# (mailbombs) to arbitrary users!
NSSetEmailDelay 5m
# NSDef... [OPTIONAL]
# Sets the default options for newly registered nicks. Note that
# changing these options will have no effect on nicks which are
# already registered. Options not listed here will be unset on new
# nicks.
#
# If both NSDefKill and NSDefKillQuick are given, NSDefKillQuick
# takes precedence. KILL IMMED cannot be specified as a default.
#NSDefKill
#NSDefKillQuick
NSDefSecure
#NSDefPrivate
#NSDefNoOp
NSDefHideEmail
NSDefHideUsermask
#NSDefHideQuit
NSDefMemoSignon
NSDefMemoReceive
# NSExpire <time> [RECOMMENDED]
# Sets the length of time before a nick registration expires. If
# not set, nicknames will not expire.
NSExpire 30d
# NSExpireWarning <time> [OPTIONAL]
# Sets the length of time before nick expiration during which
# warnings are sent to the user when the user is online (and not
# identified). If not set, no warnings will be sent; however, a
# message will still be sent when the nickname actually expires.
NSExpireWarning 3d
# NSSuspendExpire <time> <grace-period> [RECOMMENDED]
# Sets the default expiry time and recovery grace period for
# nickname suspensions. (The expiry time can be set individually
# for each suspension; the grace period cannot.)
#
# The recovery grace period is the length of time a nick must exist
# for, after being unsuspended, before it is allowed to expire.
# This gives the owner a chance to reclaim the nick. It is
# enforced, if necessary, by adjusting the "last seen time" value,
# as well as the AUTH timeout when the mail-auth module is in use,
# when the nick is unsuspended. If set to zero, nicknames that are
# suspended for longer than "NSExpire" will be expired (dropped)
# during the next check for nickname expiration, giving the owners
# very little time to identify for their nicknames and prevent
# their expiry.
#
# If not specified, nickname suspensions will not expire by
# default, and there will be no grace period for recovering the nick.
NSSuspendExpire 25d 5d
# NSShowPassword [OPTIONAL]
# Causes the user's password to be sent back to them in a NOTICE at
# registration time, as a reminder.
NSShowPassword
# NSEnforcerUser <user>[@<host>] [REQUIRED]
# Sets the username (and possibly hostname) used for the fake user
# created when NickServ collides a user. Should be in user@host
# format. If the host is not given, the one from ServicesUser is
# used.
NSEnforcerUser enforcer
#NSEnforcerUser enforcer@localhost.net
# NSForceNickChange [OPTIONAL]
# When enabled, makes NickServ change a user's nick to a
# "Guest######" nick instead of killing them when enforcing a
# "nick kill". (The actual nickname used is determined by the
# GuestNickPrefix setting in ircservices.conf.)
#
# This setting has no effect with IRC servers that do not support
# forcibly changing a client's nickname, and a warning will be
# written to the log file if this option is used in such a case.
#NSForceNickChange
# NSReleaseTimeout <time> [REQUIRED]
# Sets the delay before a NickServ-collided nick is released.
NSReleaseTimeout 1m
# NSAllowKillImmed [OPTIONAL]
# When given, allows the use of the IMMED option with the NickServ
# SET KILL command.
#NSAllowKillImmed
# NSListOpersOnly [OPTIONAL]
# When enabled, limits use of the NickServ LIST and LISTEMAIL
# commands to IRC operators.
#NSListOpersOnly
# NSSecureAdmins [RECOMMENDED]
# When enabled, prevents the use of the DROPNICK, GETPASS, FORBID,
# SUSPEND, and SET PASSWORD commands by Services admins on other
# Services admins or the Services root. (These restrictions do not
# apply to the Services root.)
NSSecureAdmins
# NSEnableDropEmail [OPTIONAL]
# Allows the DROPEMAIL command to be used. This command can help
# recover from mass-registration attacks, but can also destroy your
# database if used improperly.
#NSEnableDropEmail
# NSDropEmailExpire [REQUIRED]
# Sets the maximum length of time allowed between a DROPEMAIL
# command and the corresponding DROPEMAIL-CONFIRM command.
NSDropEmailExpire 10m
# NSHelpWarning <time> [OPTIONAL]
# When enabled, displays a "do not abuse NickServ" warning at the
# end of the NickServ HELP output similar to previous versions of
# Services. Otherwise, the warning is not displayed.
#NSHelpWarning
# NSAlias <alias>=<command> [OPTIONAL]
# Creates an alias for a command. "alias" is the name of the
# alias, and "command" is the command which should be executed for
# that alias; the two are joined by an equals sign ("=") with no
# intervening whitespace. The alias and command names are
# case-insensitive.
#
# Any number of aliases can be created by adding more NSAlias
# directives, but recursive aliases are not allowed; "command" must
# be a valid (unaliased) command name.
#NSAlias ID=IDENTIFY
EndModule
################################ Access list module
Module nickserv/access
# NSAccessMax <count> [REQUIRED]
# Sets the maximum number of entries allowed on a nickname access
# list.
NSAccessMax 32
# NSFirstAccessEnable [OPTIONAL]
# When enabled, causes an access entry based on the registering
# user's username and hostname to be automatically added to the
# access list of a newly-registered nickname. When disabled,
# newly-registered nicknames will have an empty access list.
NSFirstAccessEnable
# NSFirstAccessWild [OPTIONAL]
# When enabled, causes the first access list entry added to a newly
# registered nickname to use a wildcard in the hostname when
# appropriate. When disabled, the first access list entry consists
# of the registering user's username and hostname as-is, without
# wildcards. This directive has no effect if NSFirstAccessEnable
# is disabled.
NSFirstAccessWild
EndModule
################################ Autojoin module
Module nickserv/autojoin
# NSAutojoinMax <count> [REQUIRED]
# Sets the maximum number of entries allowed on an autojoin list.
# There is little point in setting this higher than the maximum
# number of channels a client is allowed to join by the server
# (usually 10).
NSAutojoinMax 10
EndModule
################################ Link module
Module nickserv/link
# NSLinkMax <count> [REQUIRED]
# Sets the maximum number of links allowed for a single nickname
# group.
NSLinkMax 20
EndModule
################################ Authentication module
Module nickserv/mail-auth
# NSNoAuthExpire <time> [OPTIONAL]
# Sets the period of time after which a newly registered nickname
# will expire if it is not authenticated. If not specified, the
# standard nickname expiration time (NSExpire) is used.
#NSNoAuthExpire 12h
# NSSendauthDelay <time> [RECOMMENDED]
# Sets the minimum length of time between consecutive uses of the
# SENDAUTH command for the same nick group. If not specified, this
# restriction is disabled.
#
# WARNING: Not setting NSSendauthDelay, or setting it too low, will
# allow users to abuse this command to send large
# quantities of mail (mailbombs) to arbitrary users!
NSSendauthDelay 1d
EndModule
###########################################################################
#
# ChanServ configuration
#
###########################################################################
Module chanserv/main
# ChanServName <nick> <string> [REQUIRED]
# Specifies the nickname (first parameter) and "real" name (second
# parameter) used by the ChanServ pseudoclient.
ChanServName "ChanServ" "Channel Server"
# CSEnableRegister [OPTIONAL]
# Allows the REGISTER command to be used. This is usually a good
# thing, but if you don't want your users to be able to register
# channels, remove (or comment out) this directive. Note, however,
# that Services administrators and the Services super-user will
# still be able to use the REGISTER command regardless of whether
# this directive is given or not.
CSEnableRegister
# CSRegisteredOnly [OPTIONAL]
# Treats unregistered channels as if they were forbidden,
# disallowing access by ordinary users to any channels not
# explicitly registered with ChanServ. IRC operators will be
# allowed to enter such channels, as they are for ordinary
# forbidden channels. Note that this directive operates
# independently from the CSEnableRegister directive; if
# CSEnableRegister is commented out, non-Services-admin IRC
# operators will be able to join unregistered channels but will
# not be permitted to register them.
#CSRegisteredOnly
# CSMaxReg <count> [RECOMMENDED]
# Limits the number of channels which may be registered to a single
# nickname. In the case of linked nicks, this limit applies to the
# entire set of linked nicks.
CSMaxReg 20
# CSDef... [OPTIONAL]
# Sets the default options for newly registered channels. Note
# that changing these options will have no effect on channels which
# are already registered. Options not listed here will be unset on
# new channels.
CSDefKeepTopic
#CSDefSecureOps
#CSDefPrivate
#CSDefTopicLock
#CSDefLeaveOps
CSDefSecure
#CSDefOpNotice
#CSDefEnforce
#CSDefMemoRestricted
#CSDefHideEmail
#CSDefHideTopic
#CSDefHideMlock
# CSDefModeLock <mode-string> [OPTIONAL]
# Sets the default mode lock for newly registered channels, in the
# same format as the SET MLOCK command. If not set, the default is
# "+nt". Note that only binary modes (modes which take no
# parameters) can be used with this directive.
CSDefModeLock +nt
# CSExpire <time> [RECOMMENDED]
# Sets the length of time before a channel expires. If not set,
# channels will not expire.
CSExpire 14d
# CSSuspendExpire <time> [RECOMMENDED]
# Sets the default expiry time and recovery grace period for channel
# suspensions. If not set, channel suspensions will not expire by
# default and there will be no recovery grace period.
CSSuspendExpire 12d 2d
# CSShowPassword [OPTIONAL]
# If specified, causes the user's password to be sent back to them
# in a NOTICE at registration time, as a reminder.
CSShowPassword
# CSAccessMax <count> [REQUIRED]
# Sets the maximum number of entries on a channel's access list.
# Channel access lists may contain only registered nicknames;
# therefore, checking each entry on the list requires only a single
# scalar comparison instead of a wildcard match, and this limit may
# be safely set much higher than (for example) the autokick list
# size limit without impacting performance significantly.
CSAccessMax 1024
# CSAutokickMax <count> [REQUIRED]
# Sets the maximum number of entries on a channel's autokick list.
CSAutokickMax 32
# CSInhabit <time> [REQUIRED]
# Sets the length of time ChanServ stays in a channel after kicking
# a user from a channel s/he is not permitted to be in. This only
# occurs when the user is the only one in the channel.
CSInhabit 15s
# CSRestrictDelay <time> [OPTIONAL]
# When enabled, causes ChanServ to permit users to join channels
# with the RESTRICTED option set if they would be permitted to join
# after identifying for their nick, and to not remove mode +o (ops)
# from users who would be auto-opped if identified for their nick,
# for the given period of time after Services starts up. This gives
# such users time to identify to NickServ before being kicked out of
# restricted channels or getting deopped.
CSRestrictDelay 15s
# CSListOpersOnly [OPTIONAL]
# When enabled, limits use of the ChanServ LIST command to IRC
# operators.
#CSListOpersOnly
# CSForbidShortChannel [OPTIONAL]
# When enabled, treats the channel "#" as a forbidden channel, not
# allowing any users to join it. When not enabled, the channel "#"
# can be used normally, although ChanServ functions cannot be used
# with it. If CSRegisteredOnly is enabled, this directive has no
# effect (the "#" channel will be treated as forbidden along with
# all other unregistered channel).
#CSForbidShortChannel
# CSSkipModeRCheck [OPTIONAL]
# When enabled, causes ChanServ to not kick users with unregistered
# nicknames who try to join <tt>+R</tt> channels (on networks
# supporting <tt>+R</tt> or another mode restricting channels to
# registered nicknames only).
#CSSkipModeRCheck
# CSAlias <alias>=<command> [OPTIONAL]
# Creates an alias for a command. The parameter format is the same
# as for the NSAlias directive.
#CSAlias ID=IDENTIFY
EndModule
###########################################################################
#
# MemoServ configuration
#
###########################################################################
Module memoserv/main
# MemoServName <nick> <string> [REQUIRED]
# Specifies the nickname (first parameter) and "real" name (second
# parameter) used by the MemoServ pseudoclient.
MemoServName "MemoServ" "Memo Server"
# MSMaxMemos <count> [RECOMMENDED]
# Sets the maximum number of memos a user is allowed to keep by
# default. Normal users may set the limit anywhere between zero
# and this value; Services admins can change it to any value or
# disable it. If not given, the limit is disabled by default, and
# normal users can set any limit they want.
MSMaxMemos 20
# MSExpire <time> [OPTIONAL]
# Sets the length of time after a memo is sent until it expires and
# is automatically deleted. If not set, memos will not expire.
# Note that memos sent while MSExpire is disabled will not expire
# even if MSExpire is later enabled.
#MSExpire 3d
# MSExpireDelay <time> [OPTIONAL]
# Sets the length of time after first being read a memo's
# expiration will be delayed. Even if a memo reaches the age given
# in the MSExpire directive, it will not be deleted until at least
# the length of time given in this directive has passed since the
# memo was first read. If not set, memo expiration will not be
# delayed, and unread memos which have expired will be deleted
# immediately upon being read.
#
# If MSExpire is not set, this directive is ignored.
MSExpireDelay 1d
# MSSendDelay <time> [RECOMMENDED]
# Sets the delay between consecutive uses of the MemoServ SEND
# command. This can help prevent spam as well as denial-of-service
# attacks from sending large numbers of memos and filling up disk
# space (and memory). A 3-second wait means a maximum average of
# 150 bytes of memo per second per user under the current IRC
# protocol.
MSSendDelay 3s
# MSAlias <alias>=<command> [OPTIONAL]
# Creates an alias for a command. The parameter format is the same
# as for the NSAlias directive.
#MSAlias R=READ
EndModule
################################ FORWARD module
Module memoserv/forward
# MSAllowForward [OPTIONAL]
# If given, allows the FORWARD command to be used (the SET FORWARD
# command is always available). While the FORWARD command can be
# useful particularly for users first setting the FORWARD option
# on, a large number of users using the FORWARD ALL command can
# place a significant load on Services.
MSAllowForward
# MSForwardDelay <time> [RECOMMENDED if MSAllowForward is set]
# Sets the minimum length of time between consecutive uses of the
# FORWARD command. If not given, this restriction is disabled.
# (Note that this can allow users to place a significant load on
# Services and/or your mail server!)
#
# If MSAllowForward is not set, this directive is ignored.
MSForwardDelay 10s
EndModule
################################ IGNORE module
Module memoserv/ignore
# MSIgnoreMax [REQUIRED]
# Sets the maximum number of entries a user can have for their
# nickname group's memo ignore list.
MSIgnoreMax 32
EndModule
###########################################################################
#
# StatServ configuration
#
###########################################################################
Module statserv/main
# StatServName <nick> <string> [REQUIRED]
# Specifies the nickname (first parameter) and "real" name (second
# parameter) used by the StatServ pseudoclient.
StatServName "StatServ" "Statistics Server"
# SSOpersOnly [OPTIONAL]
# Limits the use of StatServ to IRC operators only.
#SSOpersOnly
EndModule
###########################################################################
#
# HTTP server modules
#
###########################################################################
Module httpd/main
# ListenTo <address>:<port> [REQUIRED]
# Specifies the address and port number on which the HTTP server
# will listen for incoming requests. <address> may be specified as
# an IP address (first example below), a hostname (second example),
# or the special string "*", which means "any IP address" (third
# example).
#
# When a hostname is given, as in the second example below,
# Services will look up the address(es) associated with the
# hostname at startup time, and bind to every IP address found.
# This can be useful, for example, with dynamic DNS, in which
# the server's IP address changes periodically; however, the
# hostname lookup can take time--especially if there is no DNS
# server on the local network--and is susceptible to network or
# DNS server outages, so IP addresses or "*" should be used
# whenever possible.
#
# Note that many systems restrict low port numbers to the system
# administrator; in particular, Unix-like systems allow only the
# root user (UID 0) to use ports less than 1024.
#ListenTo 127.0.0.1:12701
#ListenTo services.example.net:8080
#ListenTo *:80
# ListenBacklog [REQUIRED]
# Specifies the maximum number of connections that can be received
# by the operating system without being accepted by Services (the
# second parameter, `backlog', to the listen() system call). If
# you start seeing refused or delayed connections on a busy server,
# try increasing this value.
#
# If you don't understand the above, leave this setting alone.
ListenBacklog 5
# RequestBufferSize <bytes> [REQUIRED]
# Specifies the size of the buffer allocated for each HTTP request.
# Note that this buffer is allocated for every connection, and an
# additional amount of memory will be allocated for header pointers
# (in the pathological case this extra amount could reach 4/3 of
# the value given for this directive). If a client sends a request
# (including POST data) exceeding this value, an error will be
# returned and the connection terminated.
#
# If you don't understand the above, leave this setting alone.
RequestBufferSize 4096
# MaxConnections <count> [RECOMMENDED]
# Specifies the maximum number of simultaneous connections allowed.
# If not given, no limit is placed on the number of connections;
# however, the operating system may impose its own limits, which
# are not under the control of Services.
MaxConnections 10
# MaxRequests <count> [RECOMMENDED]
# Specifies the maximum number of requests that can be made over a
# single connection before the server disconnects it. If not
# given, no limit is placed on the number of requests per
# connection; note that this may allow malicious users to interfere
# with Services' normal operations by sending large numbers of
# requests over a single connection.
MaxRequests 20
# IdleTimeout <time> [RECOMMENDED]
# Specifies the length of time a connection can be idle (not
# sending data) before it will be automatically closed. If not
# given, connections will never be closed automatically.
IdleTimeout 30s
# LogConnections [OPTIONAL]
# If given, a log message will be written for each connection to
# the server.
LogConnections
EndModule
################################ IP address authorization module
Module httpd/auth-ip
# AllowHost <path> <address> [OPTIONAL]
# DenyHost <path> <address> [OPTIONAL]
# Specifies which hosts will be allowed (or not allowed) to access
# resources provided by the HTTP server. The <path> parameter is a
# URL path (not including the "http://host.name"), and matches any
# URL which begins with the same string; for example, "/dir"
# matches both "/dir/file" and "/dirty". The <address> can be an
# IP address, a hostname (as with ListenTo in the main server
# module, all addresses associated with the hostname will be
# allowed or denied), the string "*" (which means all addresses),
# or the special format "<IP-address>/<mask>", where <mask> is an
# integer from 1 to 31 giving the number of bits in the subnet
# address, which indicates that the entire subnet of addressess
# specified should be allowed or denied; for example,
# "192.168.1.64/26" represents the range of addresses from
# 192.168.1.64 to 192.168.1.127.
#
# Examples:
# AllowHost /debug 127.0.0.1 # Allow all requests from localhost
# # to the debug page
# AllowHost / 192.168.0.0/24 # Allow any host in the 192.168.0.*
# # network access to the entire
# # server
# DenyHost / shell.example.org # Deny connections from any address
# # associated with shell.example.org
#
# Multiple AllowHost or DenyHost directives for the same path may
# be used to specify multiple addresses to allow or deny. Each
# condition will be checked in the order they are listed here, and
# the first matching one will be used. For example, these lines:
# AllowHost / 192.168.0.1
# DenyHost / 192.168.0.0/24
# deny access to all hosts in the 192.168.0.* network _except_
# 192.168.0.1. However, the reverse:
# DenyHost / 192.168.0.0/24
# AllowHost / 192.168.0.1
# simply blocks all hosts in the 192.168.0.* network, since the
# first rule matches 192.168.0.1 and the second is never checked.
#
# Access to the entire server can be allowed or denied by using the
# path "/", which matches every URL (since all URLs begin with a
# slash). Such a rule should always be included at the end of the
# rule list to explicitly indicate what should be done with
# requests that do not match any other rule; the behavior of the
# module for requests without a matching rule is undefined. For
# example:
# AllowHost / *
# or:
# DenyHost / *
#
# WARNING: Hostnames are resolved only once at startup; any changes
# in a host's IP address will not be seen by Services.
#
# Note: These directives are listed as "optional" only because the
# module will still load even if no directives are listed;
# however, unless AllowHost/DenyHost directives are given,
# the module will not have any effect.
AllowHost / *
EndModule
################################ Password authorization module
Module httpd/auth-password
# AuthName <name> [REQUIRED]
# Specifies the name to be used by the user's browser when asking
# for a password (as in "Enter username and password for <name>:").
AuthName "IRC Services"
# Protect <path> <user>:<pass> [OPTIONAL]
# Sets the URLs (paths) which will be protected by password
# authorization, and the username and password for each path. The
# username and password can be different for each path. The path
# given will match any URL beginning with that string, as with the
# auth-ip module.
#
# Examples:
# Protect /debug "debug:debug"
# Protect /~ "nickuser:nickpass"
#
# Note: This directive is listed as "optional" only because the
# module will still load even if no directives are listed;
# however, unless Protect directives are given, the module
# will not have any effect. Use a path of "/" to apply
# password protection to the entire server.
EndModule
################################ Database access module
Module httpd/dbaccess
# NOTICE: This module allows complete access to all Services data;
# be certain to protect it from unauthorized access using
# authorization modules or other means.
# Prefix <path> [REQUIRED]
# Sets the URL (path) at which database access will be accessible.
# If this does not end with a slash, one will be appended
# automatically. Access is provided using the following directory
# tree:
#
# <path>/ Main menu
# <path>/operserv/ OperServ data and menu
# <path>/operserv/akill/ Autokill list
# <path>/operserv/news/ News item list
# <path>/operserv/sessions/ Session and exception lists
# <path>/operserv/sline/ S-line lists
# <path>/nickserv/ Nickname list and information
# <path>/chanserv/ Channel list and information
# <path>/statserv/ Network statistics
# <path>/xml-export/ XML-format database download
#
# Categories for which the relevant module is not loaded will not
# be accessible.
#
# WARNING: These functions, particularly the XML export function,
# can cause Services to stop for a significant period of
# time while they are processed!
#
# This is commented out by default; make sure you implement proper
# access protection (see above) before uncommenting it.
#Prefix "/dbaccess"
EndModule
################################ Debug page module
Module httpd/debug
# DebugURL <path> [REQUIRED]
# Sets the URL (path) at which the debug page will be accessible.
# This must begin with a slash.
DebugURL "/debug"
EndModule
################################ Nick/channel redirect module
Module httpd/redirect
# NicknamePrefix <path> [OPTIONAL]
# Sets the URL (path) at which nickname redirects will be
# accessible; all characters after this prefix, up to the next
# slash, will be taken as the nickname. This must begin with a
# slash. The default value, "/~", emulates the traditional home
# page URL of "http://www.example.net/~username/". If you use a
# directory name instead, it must end with a slash, for example:
# "/nickname/". See also ChannelPrefix, below.
#
# If not set, nickname redirects will not be done.
NicknamePrefix "/~"
# ChannelPrefix <path> [OPTIONAL]
# Sets the URL (path) at which channel redirects will be
# accessible; all characters after this prefix, up to the next
# slash, will be taken as the channel name (without the leading
# "#", which cannot be used in URLs). The path must begin with
# a slash. The default value, "/channel/", gives URLs like
# "http://services.example.net/channels/channelname/" for channel
# "#channelname".
#
# If not set, channel redirects will not be done.
#
# Note: If a URL could be interpreted as both a nickname URL and a
# channel URL, the nickname will take precedence, even if it
# is not registered or does not have a URL associated with it.
ChannelPrefix "/channel/"
EndModule
################################ Top page module
Module httpd/top-page
# Filename <path> [<content-type>] [OPTIONAL]
# Sets the name of a file to be delivered as the server's top page.
# If this does not begin with a slash, then it is taken as relative
# to the Services data directory. The second parameter specifies
# the MIME content type of the file; if not given, it defaults to
# text/html.
#Filename "Top Page.txt" text/plain
#Filename /var/www/html/ircservices/top-page.html
# Redirect <URL> [OPTIONAL]
# Sets a URL to be provided as a redirect to a client accessing the
# top page. This must be a full URL, beginning with "http://" (or
# some other protocol specifier). If both Filename and Redirect
# are given, Redirect takes precedence.
#Redirect http://www.example.net/ircservices/
EndModule
###########################################################################
#
# Miscellaneous modules
#
###########################################################################
################################ DevNull settings
Module misc/devnull
# DevNullName <nick> <string> [REQUIRED]
# Specifies the nickname (first parameter) and "real" name (second
# parameter) used by the DevNull pseudoclient.
DevNullName "DevNull" "/dev/null -- message sink"
EndModule
################################ HelpServ settings
Module misc/helpserv
# HelpServName <nick> <string> [REQUIRED]
# Specifies the nickname (first parameter) and "real" name (second
# parameter) used by the HelpServ pseudoclient.
HelpServName "HelpServ" "Help Server"
# HelpDir <dirname> [REQUIRED]
# Specifies the name of the subdirectory containing help files for
# HelpServ.
HelpDir helpfiles
EndModule
################################ XML export settings
Module misc/xml-export
# This module has no configurable settings.
EndModule
################################ XML import settings
Module misc/xml-import
# OnNicknameCollision <action> [OPTIONAL]
# Specifies the action to be taken when a nickname in the data to
# import is already registered. The string must be one of either
# "skipgroup" (skip over the nickname group containing the nickname
# in the imported data), "skipnick" (skip only the colliding
# nickname), "overwrite" (drop the existing nickname), or "abort"
# (do not import any data). Note that when "abort" is selected,
# the entire XML input is still checked for errors, but Services
# will abort before actually merging any data.
#
# When using "overwrite", if a nickname group has only one nickname
# and that nickname is overwritten, the nickname group will be
# dropped as well. As a consequence, any channels owned by such a
# nickname will be dropped (or shifted to their successors) as
# well. All nicknames and channels overwritten or dropped in this
# manner will be displayed on standard error.
#
# If not specified, defaults to "skipgroup".
#OnNicknameCollision skipgroup
# OnChannelCollision <action> [OPTIONAL]
# Specifies the action to be taken when a channel in the data to
# import is already registered. The string must be one of either
# "skip" (skip over the channel in the imported data), "overwrite"
# (drop the existing channel), or "abort" (do not import any data).
# Note that when "abort" is selected, the entire XML input is still
# checked for errors, but Services will abort before actually
# merging any data. If not specified, defaults to "skip".
#OnChannelCollision skip
# ImportNews [OPTIONAL]
# Causes news items in the XML data to be imported into the
# database (normally, news items are skipped).
#ImportNews
# VerboseImport [OPTIONAL]
# Causes a detailed list of imported nicknames, channels, and other
# data to be printed to standard output.
VerboseImport
EndModule
Reference in New Issue View Git Blame Copy Permalink