/* * [OPTIONAL] Non-Core Modules * * The following blocks are used to load all non-core modules, including 3rd-party modules. * Modules can be prevented from loading by commenting out the line, other modules can be added by * adding a module block. These modules will be loaded prior to Services connecting to your network. */ /* * bs_autoassign * * Allows service bots to be automatically assigned to channels upon registration. */ #module { name = "bs_autoassign" } bs_autoassign { /* * Automatically assign ChanServ to channels upon registration. */ bot = "ChanServ" } /* * cs_appendtopic * * Adds the APPENDTOPIC command to ChanServ, which allows users to easially append text to * the end of existing channel topics. */ module { name = "cs_appendtopic" } command { service = "ChanServ"; name = "APPENDTOPIC"; command = "chanserv/appendtopic"; } /* * cs_enforce * * Adds the ENFORCE commad to ChanServ, which allows enforcing various channel settings like * SECUREOPS and RESTRICTED. */ module { name = "cs_enforce" } command { service = "ChanServ"; name = "ENFORCE"; command = "chanserv/enforce"; } /* * cs_entrymsg * * Allows you to set entry messages on your channel, which are shown to anyone * who joins. */ module { name = "cs_entrymsg" } command { service = "ChanServ"; name = "ENTRYMSG"; command = "chanserv/entrymsg"; } cs_entrymsg { /* The maximum number of entrymsgs allowed per channel. If not set, defaults to 5. */ maxentries = 5 } /* * cs_set_misc * * Allows you to create misc /chanserv set commands, and have the data * show up in /chanserv info. */ module { name = "cs_set_misc" } command { service = "ChanServ"; name = "SET URL"; command = "chanserv/set/misc"; } command { service = "ChanServ"; name = "SET EMAIL"; command = "chanserv/set/misc"; } /* * cs_sync * * Adds the chanserv/sync command, which syncs users channel status modes on a channel * with their access level. */ #module { name = "cs_sync" } #command { service = "ChanServ"; name = "SYNC"; command = "chanserv/sync"; } /* * db_plain * * This is the default flatfile database format. You must have at least one database * module loaded or Anope will not save databases! */ module { name = "db_plain" } db_plain { /* * The database db_plain should use */ database = "anope.db" } /* * db_mysql and db_mysql_live * * Enables (live) MySQL support. * * The db_mysql_live module is an extension to db_mysql, and should only be used if * db_mysql is being used. This module pulls data in real time from SQL as it is * requested by the core as a result of someone executing commands. * * This effectively allows you to edit your database and have it be immediately * reflected back in Anope. * * For information on how to make db_mysql_live use asynchronous queries see * m_async_commands. * * At this time db_mysql_live only supports pulling data in real time from the three * main tables: anope_cs_info, anope_ns_alias, and anope_ns_core. */ #module { name = "db_mysql" } #module { name = "db_mysql_live" } /* * hs_request * * Allows users to request vhosts which opers may then view, accept or deny */ module { name = "hs_request" } command { service = "HostServ"; name = "REQUEST"; command = "hostserv/request"; } command { service = "HostServ"; name = "ACTIVATE"; command = "hostserv/activate"; } command { service = "HostServ"; name = "REJECT"; command = "hostserv/reject"; } command { service = "HostServ"; name = "WAITING"; command = "hostserv/waiting"; } hs_request { /* * If set, Services will send a memo to the user requesting a vHost when it's been * approved or rejected. */ #memouser = yes /* * If set, Services will send a memo to all Services staff when a new vHost is requested. */ #memooper = yes } /* * m_async_commands * * Threads for each command executed by users. You should * only load this if you are using a module designed to work with this. * * If this is loaded with db_mysql_live then Anope will support * processing multiple commands at once which will negate the "lag" * issues caused from the overhead of SQL queries by db_mysql_live. * * Note that this module is currently EXPERIMENTAL and you should report * any bugs you find. */ #module { name = "m_async_commands" } /* m_dnsbl * * Allows configurable DNS blacklists to check connecting users against. If a user * is found on the blacklist they will be immediately banned. This is a crucial module * to prevent bot attacks. */ module { name = "m_dnsbl" } m_dnsbl { /* * If set, Services will check clients against the DNSBLs when services connect to its uplink. * This is not recommended, and on large networks will open a very large amount of DNS queries. * Whilst services are not drastically affected by this, your nameserver/DNSBL might care. */ check_on_connect = no /* * If set, Services will check clients when coming back from a netsplit. This can cause a large number * of DNS queries open at once. Whilst services are not drastically affected by this, your nameserver/DNSBL * might care. */ check_on_netburst = no /* * If set, OperServ will add clients found in the DNSBL to the akill list. Without it, OperServ simply sends * a timed G/K-line to the IRCd and forgets about it. Can be useful if your akill list is being fill up by bots. */ add_to_akill = yes } blacklist { /* Name of the blacklist */ name = "rbl.efnetrbl.org" /* How long to set the ban for */ time = 4h /* Reason for akill. * %n is the nick of the user * %u is the ident/username of the user * %g is the realname of the user * %h is the hostname of the user * %i is the IP of the user * %r is the reason (configured below). Will be nothing if not configured. * %N is the network name set in networkinfo:networkname */ reason = "You are listed in the efnet RBL, visit http://rbl.efnetrbl.org/?i=%i for info" /* Replies to ban and their reason. If this is totally ommited all replies get banned */ 1 = "Open Proxy" /* Don't ban for result 2 or 3 */ #2 = "spamtrap666" #3 = "spamtrap50" 4 = "TOR" 5 = "Drones / Flooding" } blacklist { name = "dnsbl.dronebl.org" time = 4h reason = "You have a host listed in the DroneBL. For more information, visit http://dronebl.org/lookup_branded.do?ip=%i&network=%N" } /* m_helpchan * * Gives users who are op in the specified help channel usermode +h (helpop). */ #module { name = "m_helpchan" } m_helpchan { helpchannel = "#help" } /* * m_ldap * * This module allows other modules to use LDAP. By itself, this module does nothing useful. */ #module { name = "m_ldap" } ldap { server = "ldap://127.0.0.1" port = 389 admin_binddn = "cn=Manager,dc=anope,dc=org" admin_password = "secret" } /* * m_ldap_authentication * * This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use * LDAP to authenticate users. Requires m_ldap. */ #module { name = "m_ldap_authentication" } m_ldap_authentication { /* * The distinguished name we should bind to when a user tries to identify. */ binddn = "ou=users,dc=anope,dc=org" /* * The object class used by LDAP to store user account information. * Used for adding new users to LDAP if disable_ns_register is false */ object_class = "anopeUser" /* * The attribute value used for account names. */ username_attribute = "uid" /* * The attribute value used for email addresses. * This directive is optional. */ email_attribute = "email" /* * The attribute value used for passwords. * Used when registering new accounts in LDAP. */ password_attribute = "userPassword" /* * Enable to have this module disable /nickserv register. */ disable_ns_register = false /* * The reason to give the users who try to /ns register if * disable_ns_register is enabled. */ #disable_reason = "To register on this network visit http://some.misconfigured.site/register" } /* * m_ldap_oper * * This module dynamically ties users to Anope opertypes when they identify * via LDAP group membership. Requires m_ldap. * * Note that this doesn't give the user privileges on the IRCd, only in Services. */ #module { name = "m_ldap_oper" } m_ldap_oper { /* * An optional binddn to use when searching for groups. * %a is replaced with the account name of the user. */ #binddn = "cn=Manager,dc=anope,dc=org" /* * An optional password to bind with. */ #password = "secret" /* * The base DN where the groups are. */ basedn = "ou=groups,dc=anope,dc=org" /* * The filter to use when searching for users. * %a is replaced with the account name of the user. */ filter = "(member=uid=%a,ou=users,dc=anope,dc=org)" /* * The attribute of the group that is the name of the opertype. * The cn attribute should match a known opertype in the config. */ opertype_attribute = "cn" } /* * m_mysql * * This module allows other modules (db_mysql/db_mysql_live) to use MySQL. * Be sure you have imported the table schema with mydbgen before * trying to use MySQL */ #module { name = "m_mysql" } mysql { database = "anope" server = "127.0.0.1" username = "anope" password = "mypassword" port = 3306 } /* * m_ssl * * This module uses SSL to connect to the uplink server(s) */ module { name = "m_ssl" } /* * m_statusupdate * * This module automatically updates users status on channels when the * channel's access list is modified. */ module { name = "m_statusupdate" } /* * m_xmlrpc * * Allows remote applications (websites) to execute queries in real time to retrieve data from Anope. * By itself this module does nothing, but allows other modules (m_xmlrpc_main) to receive and send XMLRPC queries. */ #module { name = "m_xmlrpc" } m_xmlrpc { /* IP to listen on */ bindip = "127.0.0.1" /* Port to listen on */ port = 26673 /* Enable for IPv6 */ ipv6 = no /* If enabled, requires m_ssl to be loaded */ ssl = no /* IPs allowed to connect (separate with spaces), this should be secured. We also recommend you firewall this * with an outside program to increase security. */ allowed = "127.0.0.0/24" } /* * m_xmlrpc_main * * Adds the main XMLRPC core functions. * Requires m_xmlrpc. */ #module { name = "m_xmlrpc_main" } /* * ns_maxemail * * Limits how many times the same email address may be used in Anope * to register accounts. */ module { name = "ns_maxemail" } ns_maxemail { /* * The limit to how many registered nicks can use the same e-mail address. If set to 0 or left * commented, there will be no limit enforced when registering new accounts or using * /msg NickServ SET EMAIL. */ #maxemails = 1 } /* * ns_set_misc * * Allows you to create misc /nickserv set commands, and have the data * show up in /nickserv info. */ module { name = "ns_set_misc" } command { service = "NickServ"; name = "SET URL"; command = "nickserv/set/misc"; } command { service = "NickServ"; name = "SET ICQ"; command = "nickserv/set/misc"; } /* * os_defcon * * Allows you to set services in defcon mode, which can be used to restrict services access * during bot attacks. */ #module { name = "os_defcon" } command { service = "OperServ"; name = "DEFCON"; command = "operserv/defcon"; } defcon { /* * Default DefCon level (1-5) to use when starting Services up. Level 5 constitutes normal operation * while level 1 constitutes the most restrictive operation. If this setting is left out or set to * 0, DefCon will be disabled and the rest of this block will be ignored. */ #defaultlevel = 5 /* * The following 4 directives define what operations will take place when DefCon is set to levels * 1 through 4. Each level is a list that must be separated by spaces. * * The following operations can be defined at each level: * - nonewchannels: Disables registering new channels * - nonewnicks: Disables registering new nicks * - nomlockchanges: Disables changing MLOCK on registered channels * - forcechanmodes: Forces all channels to have the modes given in the later chanmodes directive * - reducedsessions: Reduces the session limit to the value given in the later sessionlimit directive * - nonewclients: KILL any new clients trying to connect * - operonly: Services will ignore all non-IRCops * - silentoperonly: Services will silently ignore all non-IRCops * - akillnewclients: AKILL any new clients trying to connect * - nonewmemos: No new memos will be sent to block MemoServ attacks */ level4 = "nonewchannels nonewnicks nomlockchanges reducedsessions" level3 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions" level2 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly" level1 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly akillnewclients" /* * New session limit to use when a DefCon level is using "reduced" session limiting. */ #sessionlimit = 2 /* * Length of time to add an AKILL for when DefCon is preventing new clients from connecting to the * network. */ #akillexpire = 5m /* * The channel modes to set on all channels when the DefCon channel mode system is in use. * * Note 1: Choose these modes carefully, because when DefCon switches to a level which does NOT have * the mode setting selected, Services will set the reverse on all channels, e.g. if this setting * is +RN when DefCon is used, all channels will be set to +RN, when DefCon is removed, all * channels will be set to -RN. You don't want to set this to +k for example, because when DefCon * is removed all channels with -k. * * Note 2: MLOCKed modes will not be lost. */ #chanmodes = "+R" /* * This value can be used to automatically return the network to DefCon level 5 after the specified * time period, just in case any IRC Operator forgets to remove a DefCon setting. * * This directive is optional. */ #timeout = 15m /* * If set, Services will send a global message on DefCon level changes. * * This directive is optional. */ #globalondefcon = yes /* * If set, Services will send the global message defined in the message directive on DefCon level * changes. * * This directive is optional. */ #globalondefconmore = yes /* * Defines the message that will be sent on DefCon level changes when globalondefconmore is set. * * This directive is required only when globalondefconmore is set. */ #message = "Put your message to send your users here. Dont forget to uncomment globalondefconmore" /* * Defines the message that will be sent when DefCon is returned to level 5. This directive is optional, * and will also override globalondefcon and globalondefconmore when set. */ #offmessage = "Services are now back to normal, sorry for any inconvenience" /* * Defines the reason to use when clients are KILLed or AKILLed from the network while the proper * DefCon operation is in effect. */ #akillreason = "This network is currently not accepting connections, please try again later" }