yakumo.izuru/suika
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

See you in Hell, scdoc!

Browse Source 
Signed-off-by: Izuru Yakumo <yakumo.izuru@chaotic.ninja>

git-svn-id: file:///srv/svn/repo/suika/trunk@817 f0ae65fe-ee39-954e-97ec-027ff2717ef4
This commit is contained in:
yakumo.izuru 2023-05-02 23:49:50 +00:00
parent 2322e7ecc5
commit bb1a214ab8
7 changed files with 508 additions and 437 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -2,4 +2,3 @@
/suikactl
/suika-znc-import
/suika.db
/doc/suika.1

11
Makefile
View File

@ -1,6 +1,5 @@
GO ?= go
RM ?= rm
SCDOC ?= scdoc
GOFLAGS ?= -v -ldflags "-w -X `go list`.Version=$(VERSION) -X `go list`.Commit=$(COMMIT) -X `go list`.Build=$(BUILD)" -tags "static_build"
PREFIX ?= /usr/local
BINDIR ?= bin
@ -16,7 +15,7 @@ BUILD = `git show -s --pretty=format:%cI`
GOARCH ?= amd64
GOOS ?= linux
all: suika suikactl suika-znc-import doc/suika.1
all: suika suikactl suika-znc-import
suika:
$(GO) build $(GOFLAGS) ./cmd/suika
@ -27,17 +26,19 @@ suikactl:
suika-znc-import:
$(GO) build $(GOFLAGS) ./cmd/suika-znc-import
strip -s suika-znc-import
doc/suika.1: doc/suika.1.scd
$(SCDOC) <doc/suika.1.scd >doc/suika.1
clean:
$(RM) -f suika suikactl suika-znc-import doc/suika.1
$(RM) -f suika suikactl suika-znc-import
install:
$(MKDIR) -p $(DESTDIR)$(PREFIX)/$(BINDIR)
$(MKDIR) -p $(DESTDIR)$(PREFIX)/$(MANDIR)/man1
$(MKDIR) -p $(DESTDIR)$(PREFIX)/$(MANDIR)/man5
$(MKDIR) -p $(DESTDIR)$(PREFIX)/$(MANDIR)/man7
$(MKDIR) -p $(DESTDIR)/etc/suika
$(MKDIR) -p $(DESTDIR)/var/lib/suika
$(CP) -f suika suikactl suika-znc-import $(DESTDIR)$(PREFIX)/$(BINDIR)
$(CP) -f doc/suika.1 $(DESTDIR)$(PREFIX)/$(MANDIR)/man1
$(CP) -f doc/suika-config.5 $(DESTDIR)$(PREFIX)/$(MANDIR)/man5
$(CP) -f doc/suika-bouncerserv.7 $(DESTDIR)$(PREFIX)/$(MANDIR)/man7
[ -f $(DESTDIR)/etc/suika/config ] || $(CP) -f config.in $(DESTDIR)/etc/suika/config
test:
go test

1
README.md
View File

@ -16,7 +16,6 @@ Dependencies:
- Go
- BSD or GNU make
- scdoc (optional, for man pages)
For end users, a `Makefile` is provided:

258
doc/suika-bouncerserv.7 Normal file
View File

@ -0,0 +1,258 @@
.Dd $Mdocdate$
.Dt SUIKA-BOUNCERSERV 7
.Os
.Sh NAME
.Nm suika-bouncerserv
.Nd Service bot exposed by suika to control the bouncer
.Sh DESCRIPTION
suika exposes an IRC service called BouncerServ to manage the bouncer.
Commands can be sent via regular private messages
(/msg BouncerServ <command> [args...]). Commands may be written in full or
abbreviated form, for instance network can be abbreviated as net or just
n.
.Ss COMMANDS
.Bl -tag -width 11n
.It help [command]
Show a list of commands. If command is specified, show a help message for
the command.
.It network create -addr <addr> [options...]
Connect to a new network at addr. -addr is mandatory.
addr supports several connection types:
.Bl -tag -width 5n
.It [ircs://]<host>[:port]
connects with TLS over TCP
.It irc+insecure://<host>[:port]
connects with plain-text TCP
.It irc+unix:///<path>
connects to a Unix socket
.El
Other options are:
-name <name>
Short network name. This will be used instead of addr to refer to the
network.
-username <username>
Connect with the specified username. By default, the nickname is used.
-pass <pass>
Connect with the specified server password.
-realname <realname>
Connect with the specified real name. By default, the account's realname
is used if set, otherwise the network's nickname is used.
-nick <nickname>
Connect with the specified nickname. By default, the account's username
is used.
-enabled true|false
Enable or disable the network. If the network is disabled, the bouncer
won't connect to it. By default, the network is enabled.
-connect-command <command>
Send the specified command as a raw IRC message right after connecting
to the server. This can be used to identify to an account when the
server doesn't support SASL.
.It network update [name] [options...]
Update an existing network. The options are the same as the
network create command.
When this command is executed, suika will disconnect and re-connect to the
network.
If name is not specified, the current network is updated.
.It network delete [name]
Disconnect and delete a network.
If name is not specified, the current network is deleted.
.It network quote [name] <command>
Send a raw IRC line as-is to a network.
If name is not specified, the command is sent to the current network.
.It network status
Show a list of saved networks and their current status.
.It channel status [options...]
Show a list of saved channels and their current status.
Options:
-network <name>
Only show channels for the specified network. By default, only the channels in the current network are displayed.
channel update <name> [options...]
Update the options of an existing channel.
Options are:
-detached true|false
Attach or detach this channel.
A detached channel is joined but is hidden by the bouncer. This is useful to e.g. collect logs and highlights in low-interest or high-traffic channels.
-relay-detached <mode>
Set when to relay messages from detached channels to the user with a BouncerServ NOTICE.
Modes are:
message
Relay any message from this channel when detached.
highlight
Relay only messages mentioning you when detached.
none
Don't relay any messages from this channel when detached.
default
Currently same as highlight. This is the default behaviour.
-reattach-on <mode>
Set when to automatically reattach to detached channels.
Modes are:
message
Reattach to this channel when any message is received.
highlight
Reattach to this channel when any message mentioning you is received.
none
Never automatically reattach to this channel.
default
Currently same as none. This is the default behaviour.
-detach-after <duration>
Automatically detach this channel after the specified duration has elapsed without receving any message corresponding to -detach-on.
Example duration values: 1h30m, 30s, 2.5h.
Setting this value to 0 will disable this behaviour, i.e. this channel will never be automatically detached. This is the default behaviour.
-detach-on <mode>
Set when to reset the auto-detach timer used by -detach-after, causing it to wait again for the auto-detach duration timer before detaching. Joining, reattaching, sending a message, or changing any channel option will reset the timer, in addition to the messages specified by the mode.
Modes are:
message
Receiving any message from this channel will reset the auto-detach timer.
highlight
Receiving any message mentioning you from this channel will reset the auto-detach timer.
none
Receiving messages from this channel will not reset the auto-detach timer. Sending messages or joining the channel will still reset the timer.
default
Currently same as message. This is the default behaviour.
.It channel delete <name>
Leave and forget a channel.
.It certfp generate [options...]
Generate self-signed certificate and use it for authentication (via SASL EXTERNAL).
Generates a 3072-bit RSA private key by default.
Options are:
-network <name>
Select a network. By default, the current network is selected, if any.
-key-type <type>
Private key algorithm to use. Valid values are: rsa, ecdsa and ed25519. ecdsa uses the NIST P-521 curve.
-bits <bits>
Size of RSA key to generate. Ignored for other key types.
certfp fingerprint [options...]
Show SHA-1 and SHA-256 fingerprints for the certificate currently used with the network.
Options are:
-network <name>
Select a network. By default, the current network is selected, if any.
sasl status [options...]
Show current SASL status.
Options are:
-network <name>
Select a network. By default, the current network is selected, if any.
.It sasl set-plain [options...] <username> <password>
Set SASL PLAIN credentials.
Options are:
-network <name>
Select a network. By default, the current network is selected, if any.
.It sasl reset [options...]
Disable SASL authentication and remove stored credentials.
Options are:
-network <name>
Select a network. By default, the current network is selected, if any.
.It user status
Show a list of users on this server. Only admins can query this information.
user create -username <username> -password <password> [options...]
Create a new suika user. Only admin users can create new accounts. The -username and -password flags are mandatory.
Options are:
-username <username>
The bouncer username. This cannot be changed after the user has been created.
-password <password>
The bouncer password.
-disable-password
Disable password authentication. The user will be unable to login.
-admin true|false
Make the new user an administrator.
-nick <nick>
Set the user's nickname. This is used as a fallback if there is no nickname set for a network.
-realname <realname>
Set the user's realname. This is used as a fallback if there is no realname set for a network.
-enabled true|false
Enable or disable the user. If the user is disabled, the bouncer will not connect to any of their networks, and downstream connections will be immediately closed. By default, users are enabled.
.It user update [username] [options...]
Update a user. The options are the same as the user create command.
If username is omitted, the current user is updated. Only admins can update other users.
Not all flags are valid in all contexts:
•The -username flag is never valid, usernames are immutable.
•The -nick and -realname flag are only valid when updating the current user.
•The -admin and -enabled flags are only valid when updating another user.
.It user delete <username> [confirmation token]
Delete a suika user.
Only admins can delete other users.
.It user run <username> <command...>
Execute a command as another user.
Only admins can use this command.
.It server status
Show some bouncer statistics. Only admins can query this information.
.It server notice <message>
Broadcast a notice. All currently connected bouncer users will receive the message from the special BouncerServ service. Only admins can broadcast a notice.
.El
.Sh SEE ALSO
.Xr suika 1
.Xr suika-config 5
.Sh AUTHORS
.An Simon Ser and contributors
.Lk https://emersion.fr
.Pp
.An Izuru Yakumo Aq Mt yakumo.izuru@chaotic.ninja

142
doc/suika-config.5 Normal file
View File

@ -0,0 +1,142 @@
.Dd $Mdocdate$
.Dt SUIKA-CONFIG 5
.Os
.Sh NAME
.Nm suika-config
.Nd Configuration file for suika IRC bouncer
.Sh DESCRIPTION
The config file has one directive per line
Example:
listen ircs://
.Pp
tls cert.pem key.pem
.Pp
hostname example.org
The following directives are supported:
.Bl -tag -width 7n -compact
.It listen <uri>
Listening URI (default: ":6697")
The following URIs are supported:
.Bl -tag -width 11n -compact
.It ircs://[host]:[port]
listens with TLS over TCP
.It irc+insecure://[host]:[port]
listens with plain-text over TCP
.It unix:///<path>
listens on a Unix domain socket
.It wss://[host]:[port]
listens for WebSocket connections over
TLS
.It ws+insecure://[host]:[port]
listens for plain-text WebSocket
connections
.It ident://[host]:[port]
listens for plain-text ident
connections
.It http+prometheus://[host]:[port]
listens for plain-text HTTP
connections and serves Prometheus
metrics (host must be "localhost")
.It http+pprof://[host]:[port]
listens for plain-text HTTP
connections and serves pprof
runtime profiling data
(host must be "localhost").
For more information, see:
<https://pkg.go.dev/net/http/pprof>.
.El
If the scheme is omitted, "ircs" is assumed.
If multiple "listen" directives are specified,
suika will listen on each of them.
.It hostname <name>
Server hostname
.It title <title>
Server title. This will be sent as
the ISUPPORT NETWORK value when
clients don't select a specific
network.
.It tls <cert> <key>
Enable TLS support. The certificate
and key files must be PEM-encoded.
.It db <driver> <source>
Set the database location for user,
network and channel storage. By
default, a sqlite3 database is
opened in ./suika.db.
Supported drivers:
.Bl tag -width 7n -compact
.It sqlite3
expects source to be a path to
the SQLite file
.It postgres
expects source to be a space-
separated list of key=value
parameters, e.g. db postgres
host=/run/postgresql
dbname=suika. Note that
sslmode defaults to require.
For more information on
connection strings, see:
<https://pkg.go.dev/github.com/lib/pq#hdr-Connection_String_Parameters>
.El
.It log fs <path>
Path to the bouncer logs directory, or empty to
disable logging. By default, logging is disabled.
.It http-origin <patterns>
List of allowed HTTP origins for WebSocket listeners.
The parameters are interpreted as shell patterns, see *glob*(7).
By default, only the request host is authorized.
Use this directive to enable cross-origin WebSockets.
.It accept-proxy-ip <cidr..>
Allow the specified IPs to act as a proxy. Proxys have the ability to
overwrite the remote and local connection addresses (via the PROXY protocol,
the Forwarded HTTP header field defined in RFC 7239 or the X-Forwarded-\*
HTTP header fields). The special name "localhost" accepts the loopback
addresses 127.0.0.0/8 and ::1/128.
By default, all IPs are rejected.
.It max-user-networks <limit>
Maximum number of networks per user. By default, there is no limit.
.It motd <path>
Path to the MOTD file. The bouncer MOTD is sent to clients which aren't
bound to a specific network. By default, no MOTD is sent.
.It multi-upstream-mode <true|false>
Globally enable or disable multi-upstream mode.
By default, multi-upstream mode is enabled.
.It upstream-user-ip <cidr...>
Enable per-user IP addresses.
One IPv4 range and/or one IPv6 range can be
specified in CIDR notation.
One IP address per range will be assigned to
each user and will be used as the source address when connecting to an
upstream network.
This can be useful to avoid having the whole bouncer banned from an upstream
network because of one malicious user.
.El
.Sh SEE ALSO
.Xr suika 1
.Xr suika-bouncerserv 7
.Sh AUTHORS
.An Simon Ser and contributors Aq https://emersion.fr
.An Izuru Yakumo Aq Mt yakumo.izuru@chaotic.ninja

102
doc/suika.1 Normal file
View File

@ -0,0 +1,102 @@
.Dd $Mdocdate$
.Dt SUIKA 1
.Os
.Sh NAME
.Nm suika
.Nd Drunk as hell IRC bouncer oni.
.Sh SYNOPSIS
.Nm
.Op Fl options
.Ar ...
.Sh DESCRIPTION
suika is an user-friendly IRC bouncer.
It connects to upstream IRC servers on
behalf of the user to provide extra
features.
.Bl -tag -width 10n -compact
.It *
Multiple separate users sharing the same
bouncer, each with their own upstream
servers
.It *
Clients connecting to multiple upstream
servers via a single connection to the
bouncer
.It *
Sending the backlog (messages received
while the user was disconnected from
the bouncer), with per-client buffers
.El
When joining a channel, the channel will
be saved and automatically joined on
the next connection. When registering
or authenticating with NickServ, the
credentials will be saved and
automatically used on the next
connection if the server supports
SASL. When parting a channel with
the reason "detach", the channel
will be detached instead of being
left.
When all clients are disconnected
from the bouncer, the user is
automatically marked as away.
suika supports two connection modes:
.Bl -tag -width 10n -compact
.It Single upstream mode
one downstream connection maps to one upstream
connection. To enable this mode,
connect to the bouncer with the username
"<username>/<network>".
If the bouncer isn't connected to the upstream
server, it will get automatically added.
Then channels can be joined and
parted as if you were directly
connected to the upstream server.
.It Multiple upstream mode
one downstream connection maps to multiple upstream
connections.
Channels and nicks are suffixed
with the network name. To join
a channel, you need to use
the suffix too:
/join #channel/network.
Same applies to messages
sent to users.
.El
For per-client history to work, clients need to indicate their name. This can
be done by adding a "@<client>" suffix to the username.
suika will reload the configuration file, the TLS certificate/key and the MOTD
file when it receives the HUP signal. The configuration options listen, db
and log cannot be reloaded.
Administrators can broadcast a message to all bouncer users via /notice
$<hostname> <text>, or via /notice $\* <text> in multi-upstream mode. All
currently connected bouncer users will receive the message from the special
BouncerServ service.
.Sh OPTIONS
.Bl -tag -width 11n -compact
.It -h, -help
Show help message and quit
.It -config <path>
Path to the config file. If unset, a default config file is used.
.It -debug
Enable debug logging (this will leak sensitive information
such as passwords)
.It -listen <uri>
Listening URI (default ":6697"). Can be specified multiple times.
.El
.Sh SEE ALSO
.Xr suika-config 5
.Xr suika-bouncerserv 7
.Sh AUTHORS
.An Simon Ser and contributors https://emersion.fr
.An Izuru Yakumo Aq Mt yakumo.izuru@chaotic.ninja

430
doc/suika.1.scd
View File

@ -1,430 +0,0 @@
suika(1)
# NAME
suika - IRC bouncer. Hard-fork of soju
# SYNOPSIS
*suika* [options...]
# DESCRIPTION
suika is a user-friendly IRC bouncer. It connects to upstream IRC servers on
behalf of the user to provide extra features.
- Multiple separate users sharing the same bouncer, each with their own
upstream servers
- Clients connecting to multiple upstream servers via a single connection to
the bouncer
- Sending the backlog (messages received while the user was disconnected from
the bouncer), with per-client buffers
When joining a channel, the channel will be saved and automatically joined on
the next connection. When registering or authenticating with NickServ, the
credentials will be saved and automatically used on the next connection if the
server supports SASL. When parting a channel with the reason "detach", the
channel will be detached instead of being left.
When all clients are disconnected from the bouncer, the user is automatically
marked as away.
suika supports two connection modes:
- Single upstream mode: one downstream connection maps to one upstream
connection. To enable this mode, connect to the bouncer with the username
"<username>/<network>". If the bouncer isn't connected to the upstream
server, it will get automatically added. Then channels can be joined and
parted as if you were directly connected to the upstream server.
- Multiple upstream mode: one downstream connection maps to multiple upstream
connections. Channels and nicks are suffixed with the network name. To join
a channel, you need to use the suffix too: _/join #channel/network_. Same
applies to messages sent to users.
For per-client history to work, clients need to indicate their name. This can
be done by adding a "@<client>" suffix to the username.
suika will reload the configuration file, the TLS certificate/key and the MOTD
file when it receives the HUP signal. The configuration options _listen_, _db_
and _log_ cannot be reloaded.
Administrators can broadcast a message to all bouncer users via _/notice
$<hostname> <text>_, or via _/notice $\* <text>_ in multi-upstream mode. All
currently connected bouncer users will receive the message from the special
_BouncerServ_ service.
# OPTIONS
*-h, -help*
Show help message and quit.
*-config* <path>
Path to the config file. If unset, a default config file is used.
*-debug*
Enable debug logging (this will leak sensitive information such as
passwords).
*-listen* <uri>
Listening URI (default: ":6697"). Can be specified multiple times.
# CONFIG FILE
The config file has one directive per line.
Example:
```
listen ircs://
tls cert.pem key.pem
hostname example.org
```
The following directives are supported:
*listen* <uri>
Listening URI (default: ":6697").
The following URIs are supported:
- _[ircs://][host][:port]_ listens with TLS over TCP (default port if
omitted: 6697)
- _irc+insecure://[host][:port]_ listens with plain-text over TCP (default
port if omitted: 6667)
- _unix:///<path>_ listens on a Unix domain socket
- _wss://[host][:port]_ listens for WebSocket connections over TLS (default
port: 443)
- _ws+insecure://[host][:port]_ listens for plain-text WebSocket
connections (default port: 80)
- _ident://[host][:port]_ listens for plain-text ident connections (default
port: 113)
- _http+prometheus://localhost:<port>_ listens for plain-text HTTP
connections and serves Prometheus metrics (host must be "localhost")
- _http+pprof://localhost:<port>_ listens for plain-text HTTP connections
and serves pprof runtime profiling data (host must be "localhost"). For
more information, see: <https://pkg.go.dev/net/http/pprof>.
If the scheme is omitted, "ircs" is assumed. If multiple *listen*
directives are specified, suika will listen on each of them.
*hostname* <name>
Server hostname (default: system hostname).
*title* <title>
Server title. This will be sent as the _ISUPPORT NETWORK_ value when clients
don't select a specific network.
*tls* <cert> <key>
Enable TLS support. The certificate and the key files must be PEM-encoded.
*db* <driver> <source>
Set the database location for user, network and channel storage. By default,
a _sqlite3_ database is opened in "./suika.db".
Supported drivers:
- _sqlite3_ expects _source_ to be a path to the SQLite file
- _postgres_ expects _source_ to be a space-separated list of _key=value_
parameters, e.g. _db postgres "host=/run/postgresql dbname=suika"_. Note
that _sslmode_ defaults to _require_. For more information on connection
strings, see:
<https://pkg.go.dev/github.com/lib/pq#hdr-Connection_String_Parameters>.
*log* fs <path>
Path to the bouncer logs root directory, or empty to disable logging. By
default, logging is disabled.
*http-origin* <patterns...>
List of allowed HTTP origins for WebSocket listeners. The parameters are
interpreted as shell patterns, see *glob*(7).
By default, only the request host is authorized. Use this directive to
enable cross-origin WebSockets.
*accept-proxy-ip* <cidr...>
Allow the specified IPs to act as a proxy. Proxys have the ability to
overwrite the remote and local connection addresses (via the PROXY protocol,
the Forwarded HTTP header field defined in RFC 7239 or the X-Forwarded-\*
HTTP header fields). The special name "localhost" accepts the loopback
addresses 127.0.0.0/8 and ::1/128.
By default, all IPs are rejected.
*max-user-networks* <limit>
Maximum number of networks per user. By default, there is no limit.
*motd* <path>
Path to the MOTD file. The bouncer MOTD is sent to clients which aren't
bound to a specific network. By default, no MOTD is sent.
*multi-upstream-mode* true|false
Globally enable or disable multi-upstream mode. By default, multi-upstream
mode is enabled.
*upstream-user-ip* <cidr...>
Enable per-user IP addresses. One IPv4 range and/or one IPv6 range can be
specified in CIDR notation. One IP address per range will be assigned to
each user and will be used as the source address when connecting to an
upstream network.
This can be useful to avoid having the whole bouncer banned from an upstream
network because of one malicious user.
# IRC SERVICE
suika exposes an IRC service called *BouncerServ* to manage the bouncer.
Commands can be sent via regular private messages
(_/msg BouncerServ <command> [args...]_). Commands may be written in full or
abbreviated form, for instance *network* can be abbreviated as *net* or just
*n*.
*help* [command]
Show a list of commands. If _command_ is specified, show a help message for
the command.
*network create* *-addr* <addr> [options...]
Connect to a new network at _addr_. _-addr_ is mandatory.
_addr_ supports several connection types:
- _[ircs://]<host>[:port]_ connects with TLS over TCP
- _irc+insecure://<host>[:port]_ connects with plain-text TCP
- _irc+unix:///<path>_ connects to a Unix socket
For example, to connect to Libera Chat:
```
net create -addr irc.libera.chat
```
Other options are:
*-name* <name>
Short network name. This will be used instead of _addr_ to refer to the
network.
*-username* <username>
Connect with the specified username. By default, the nickname is used.
*-pass* <pass>
Connect with the specified server password.
*-realname* <realname>
Connect with the specified real name. By default, the account's realname
is used if set, otherwise the network's nickname is used.
*-nick* <nickname>
Connect with the specified nickname. By default, the account's username
is used.
*-enabled* true|false
Enable or disable the network. If the network is disabled, the bouncer
won't connect to it. By default, the network is enabled.
*-connect-command* <command>
Send the specified command as a raw IRC message right after connecting
to the server. This can be used to identify to an account when the
server doesn't support SASL.
For instance, to identify with _NickServ_, the following command can be
used:
```
PRIVMSG NickServ :IDENTIFY <password>
```
The flag can be specified multiple times to send multiple IRC messages.
To clear all commands, set it to the empty string.
*network update* [name] [options...]
Update an existing network. The options are the same as the
_network create_ command.
When this command is executed, suika will disconnect and re-connect to the
network.
If _name_ is not specified, the current network is updated.
*network delete* [name]
Disconnect and delete a network.
If _name_ is not specified, the current network is deleted.
*network quote* [name] <command>
Send a raw IRC line as-is to a network.
If _name_ is not specified, the command is sent to the current network.
*network status*
Show a list of saved networks and their current status.
*channel status* [options...]
Show a list of saved channels and their current status.
Options:
*-network* <name>
Only show channels for the specified network. By default, only the
channels in the current network are displayed.
*channel update* <name> [options...]
Update the options of an existing channel.
Options are:
*-relay-detached* <mode>
Set when to relay messages from detached channels to the user with a BouncerServ NOTICE.
Modes are:
*message*
Relay any message from this channel when detached.
*highlight*
Relay only messages mentioning you when detached.
*none*
Don't relay any messages from this channel when detached.
*default*
Currently same as *highlight*. This is the default behaviour.
*-reattach-on* <mode>
Set when to automatically reattach to detached channels.
Modes are:
*message*
Reattach to this channel when any message is received.
*highlight*
Reattach to this channel when any message mentioning you is received.
*none*
Never automatically reattach to this channel.
*default*
Currently same as *none*. This is the default behaviour.
*-detach-after* <duration>
Automatically detach this channel after the specified duration has elapsed without receving any message corresponding to *-detach-on*.
Example duration values: *1h30m*, *30s*, *2.5h*.
Setting this value to 0 will disable this behaviour, i.e. this channel will never be automatically detached. This is the default behaviour.
*-detach-on* <mode>
Set when to reset the auto-detach timer used by *-detach-after*, causing it to wait again for the auto-detach duration timer before detaching.
Joining, reattaching, sending a message, or changing any channel option will reset the timer, in addition to the messages specified by the mode.
Modes are:
*message*
Receiving any message from this channel will reset the auto-detach timer.
*highlight*
Receiving any message mentioning you from this channel will reset the auto-detach timer.
*none*
Receiving messages from this channel will not reset the auto-detach timer. Sending messages or joining the channel will still reset the timer.
*default*
Currently same as *message*. This is the default behaviour.
*certfp generate* [options...]
Generate self-signed certificate and use it for authentication (via SASL
EXTERNAL).
Generates a 3072-bit RSA private key by default.
Options are:
*-network* <name>
Select a network. By default, the current network is selected, if any.
*-key-type* <type>
Private key algorithm to use. Valid values are: _rsa_, _ecdsa_ and
_ed25519_. _ecdsa_ uses the NIST P-521 curve.
*-bits* <bits>
Size of RSA key to generate. Ignored for other key types.
*certfp fingerprint* [options...]
Show SHA-1 and SHA-256 fingerprints for the certificate
currently used with the network.
Options are:
*-network* <name>
Select a network. By default, the current network is selected, if any.
*sasl status* [options...]
Show current SASL status.
Options are:
*-network* <name>
Select a network. By default, the current network is selected, if any.
*sasl set-plain* [options...] <username> <password>
Set SASL PLAIN credentials.
Options are:
*-network* <name>
Select a network. By default, the current network is selected, if any.
*sasl reset* [options...]
Disable SASL authentication and remove stored credentials.
Options are:
*-network* <name>
Select a network. By default, the current network is selected, if any.
*user create* -username <username> -password <password> [options...]
Create a new suika user. Only admin users can create new accounts.
The _-username_ and _-password_ flags are mandatory.
Options are:
*-username* <username>
The bouncer username. This cannot be changed after the user has been
created.
*-password* <password>
The bouncer password.
*-admin* true|false
Make the new user an administrator.
*-realname* <realname>
Set the user's realname. This is used as a fallback if there is no
realname set for a network.
*user update* [username] [options...]
Update a user. The options are the same as the _user create_ command.
If _username_ is omitted, the current user is updated. Only admins can
update other users.
Not all flags are valid in all contexts:
- The _-username_ flag is never valid, usernames are immutable.
- The _-realname_ flag is only valid when updating the current user.
- The _-admin_ flag is only valid when updating another user.
*user delete* <username>
Delete a suika user. Only admins can delete accounts.
*server status*
Show some bouncer statistics. Only admins can query this information.
*server notice* <message>
Broadcast a notice. All currently connected bouncer users will receive the
message from the special _BouncerServ_ service. Only admins can broadcast a
notice.
# AUTHORS
Maintained by Aoi Koizumi <koizumi.aoi@chaotic.ninja>