mirror of
https://github.com/anope/anope.git
synced 2026-06-12 18:54:47 +02:00
Adam
1699 lines
52 KiB
Plaintext
1699 lines
52 KiB
Plaintext
/*
|
|
* Example configuration file for Services. After making the appropriate
|
|
* changes to this file, place it in the Services data directory (as
|
|
* specified in the "configure" script, default /home/username/services/data)
|
|
* under the name "services.conf".
|
|
*
|
|
* The format of this file is fairly simple: three types of comments are supported:
|
|
* - All text after a '#' on a line is ignored, as in shell scripting
|
|
* - All text after '//' on a line is ignored, as in C++
|
|
* - A block of text like this one is ignored, as in C
|
|
*
|
|
* Outside of comments, there are three structures: blocks, keys, and values.
|
|
*
|
|
* A block is a named container, which contains a number of key to value pairs
|
|
* - you may think of this as an array.
|
|
*
|
|
* A block is created like so:
|
|
* foobar
|
|
* {
|
|
* moo = "cow"
|
|
* foo = bar
|
|
* }
|
|
*
|
|
* Keys are case insensitive. Values depend on what key - generally, information is
|
|
* given in the key comment. The quoting of values (and most other syntax) is quite
|
|
* flexible, however, please do not forget to quote your strings:
|
|
*
|
|
* "This is a parameter string with spaces in it"
|
|
*
|
|
* If you need to include a double quote inside a quoted string, precede it
|
|
* by a backslash:
|
|
*
|
|
* "This string has \"double quotes\" in it"
|
|
*
|
|
* Time parameters can be specified either as an integer representing a
|
|
* number of seconds (e.g. "3600" = 1 hour), or as an integer with a unit
|
|
* specifier: "s" = seconds, "m" = minutes, "h" = hours, "d" = days.
|
|
* Combinations (such as "1h30m") are not permitted. Examples (all of which
|
|
* represent the same length of time, one day):
|
|
*
|
|
* "86400", "86400s", "1440m", "24h", "1d"
|
|
*
|
|
* CAUTION:
|
|
* Please note that your services might _CRASH_ if you add more format-
|
|
* strings (%s, %d, etc.) to custom messages than Anope needs. Use the
|
|
* default messages to see how many format-strings are needed.
|
|
*
|
|
* In the documentation for each directive, one of the following will be
|
|
* included to indicate whether an option is required:
|
|
*
|
|
* [REQUIRED]
|
|
* Indicates a directive which must be given. Without it, Services will
|
|
* not start.
|
|
*
|
|
* [RECOMMENDED]
|
|
* Indicates a directive which may be omitted, but omitting it may cause
|
|
* undesirable side effects.
|
|
*
|
|
* [OPTIONAL]
|
|
* Indicates a directive which is optional. If not given, the feature
|
|
* will typically be disabled. If this is not the case, more
|
|
* information will be given in the documentation.
|
|
*
|
|
* [DISCOURAGED]
|
|
* Indicates a directive which may cause undesirable side effects if
|
|
* specified.
|
|
*
|
|
* [DEPRECATED]
|
|
* Indicates a directive which will disappear in a future version of
|
|
* Services, usually because its functionality has been either
|
|
* superseded by that of other directives or incorporated into the main
|
|
* program.
|
|
*/
|
|
|
|
|
|
/*
|
|
* [REQUIRED] IRCd Config
|
|
*
|
|
* This section is used to set up Anope to connect to your IRC network.
|
|
* This section can be included multiple times, and Anope will attempt to
|
|
* connect to each server until it finally connects.
|
|
*/
|
|
uplink
|
|
{
|
|
/*
|
|
* The IP or hostname of the IRC server you wish to connect Services to.
|
|
* Usually, you will want to connect Services over 127.0.0.1 (aka localhost).
|
|
*
|
|
* NOTE: On some shell providers, this will not be an option.
|
|
*/
|
|
host = "127.0.0.1"
|
|
|
|
/*
|
|
* Enable if Services should connect using IPv6.
|
|
*/
|
|
ipv6 = no
|
|
|
|
/*
|
|
* Enable if Services should connect using SSL.
|
|
* You must have m_ssl loaded for this to work.
|
|
*/
|
|
ssl = no
|
|
|
|
/*
|
|
* The port to connect to.
|
|
* The IRCd *MUST* be configured to listen on this port, and to accept
|
|
* server connections.
|
|
*
|
|
* Refer to your IRCd documentation for how this is to be done.
|
|
*/
|
|
port = 6667
|
|
|
|
/*
|
|
* The password to send to the IRC server for authentication.
|
|
* This must match the link block on your IRCd.
|
|
*
|
|
* Refer to your IRCd documentation for more information on link blocks.
|
|
*/
|
|
password = "mypassword"
|
|
}
|
|
|
|
/*
|
|
* [REQUIRED] Server Information
|
|
*
|
|
* This section contains information about the Services server.
|
|
*/
|
|
serverinfo
|
|
{
|
|
/*
|
|
* The hostname that Services will be seen as, it must have no conflicts with any
|
|
* other server names on the rest of your IRC network. Note that it does not have
|
|
* to be an existing hostname, just one that isn't on your network already.
|
|
*/
|
|
name = "services.localhost.net"
|
|
|
|
/*
|
|
* The text which should appear as the server's information in /whois and similar
|
|
* queries.
|
|
*/
|
|
description = "Services for IRC Networks"
|
|
|
|
/*
|
|
* The local address that Services will bind to before connecting to the remote
|
|
* server. This may be useful for multihomed hosts. If ommited, Services will let
|
|
* the Operating System choose the local address. This directive is optional.
|
|
*
|
|
* If you don't know what this means or don't need to use it, just leave this
|
|
* directives commented out.
|
|
*/
|
|
#localhost = "nowhere."
|
|
|
|
/*
|
|
* What Server ID to use for this connection?
|
|
* Note: This should *ONLY* be used for TS6/P10 IRCds. Refer to your IRCd documentation
|
|
* to see if this is needed.
|
|
*/
|
|
#id = "00A"
|
|
|
|
/*
|
|
* The filename containing the Services process ID. The path is relative to the
|
|
* services executable. If not given, defaults to "services.pid".
|
|
*/
|
|
pid = "services.pid"
|
|
|
|
/*
|
|
* The filename containing the Message of the Day. The path is relative to the
|
|
* services executable. If not given, defaults to "services.motd".
|
|
*/
|
|
motd = "services.motd"
|
|
}
|
|
|
|
/*
|
|
* [REQUIRED] Protocol module
|
|
* This directive tells Anope which IRCd Protocol to speak when connecting.
|
|
* You MUST modify this to match the IRCd you run.
|
|
*
|
|
* Supported:
|
|
* - bahamut
|
|
* - inspircd11
|
|
* - inspircd12
|
|
* - inspircd20
|
|
* - plexus
|
|
* - ratbox
|
|
* - unreal
|
|
*/
|
|
module { name = "inspircd12" }
|
|
|
|
/*
|
|
* [REQUIRED] Network Information
|
|
*
|
|
* This section contains information about the IRC network that Services will be
|
|
* connecting to.
|
|
*/
|
|
networkinfo
|
|
{
|
|
/*
|
|
* This is the name of the network that Services will be running on.
|
|
*/
|
|
networkname = "LocalNet"
|
|
|
|
/*
|
|
* Set this to the maximum allowed nick length on your network.
|
|
* Be sure to set this correctly, as setting this wrong can result in
|
|
* Services being disconnected from the network. This directive is optional,
|
|
* but recommended.
|
|
*/
|
|
nicklen = 31
|
|
|
|
/* Set this to the maximum allowed ident length on your network.
|
|
* Be sure to set this correctly, as setting this wrong can result in
|
|
* Services being disconnected from the network. This directive is optional,
|
|
* but recommended.
|
|
*/
|
|
userlen = 10
|
|
|
|
/* Set this to the maximum allowed hostname length on your network.
|
|
* Be sure to set this correctly, as setting this wrong can result in
|
|
* Services being disconnected from the network. This directive is optional,
|
|
* but recommended.
|
|
*/
|
|
hostlen = 64
|
|
}
|
|
|
|
/*
|
|
* [REQUIRED] Services Options
|
|
*
|
|
* This section contains various options which determine how Services will operate.
|
|
*/
|
|
options
|
|
{
|
|
/*
|
|
* The maximum length of passwords
|
|
*/
|
|
passlen = 32
|
|
|
|
/*
|
|
* These keys are used to initiate the random number generator. These numbers
|
|
* MUST be random as you want your passcodes to be random. Don't give these
|
|
* keys to anyone! Keep them private!
|
|
*
|
|
* NOTE: If you don't uncomment these or keep their default values, any talented
|
|
* programmer would be able to easily "guess" random strings used to mask
|
|
* information. Be safe, and come up with three different 7-digit numbers.
|
|
*
|
|
* These directives are optional, but highly recommended.
|
|
*/
|
|
#userkey1 = 9866235
|
|
#userkey2 = 8362013
|
|
#userkey3 = 2362899
|
|
|
|
/*
|
|
* Allows Services to continue file write operations (i.e. database saving)
|
|
* even if the original file cannot be backed up. Enabling this option may
|
|
* allow Services to continue operation under conditions where it might
|
|
* otherwise fail, such as a nearly-full disk.
|
|
*
|
|
* NOTE: Enabling this option can cause irrecoverable data loss under some
|
|
* conditions, so make CERTAIN you know what you're doing when you enable it!
|
|
*
|
|
* This directive is optional, and you are discouraged against enabling it.
|
|
*/
|
|
#nobackupokay = yes
|
|
|
|
/*
|
|
* If set, Services will perform more stringent checks on passwords. If this
|
|
* isn't set, Services will only disallow a password if it is the same as the
|
|
* entity (nickname name) with which it is associated. When set, however,
|
|
* Services will also check that the password is at least five
|
|
* characters long, and in the future will probably check other things
|
|
* as well.
|
|
*
|
|
* This directive is optional, but recommended.
|
|
*/
|
|
strictpasswords = yes
|
|
|
|
/*
|
|
* Sets the number of invalid password tries before Services removes a user
|
|
* from the network. If a user enters a number of invalid passwords equal to
|
|
* the given amount for any Services function or combination of functions
|
|
* during a single IRC session (subject to badpasstimeout, below), Services
|
|
* will issues a /KILL for the user. If not given, Services will ignore
|
|
* failed password attempts (though they will be logged in any case).
|
|
*
|
|
* This directive is optional, but recommended.
|
|
*/
|
|
badpasslimit = 5
|
|
|
|
/*
|
|
* Sets the time after which invalid passwords are forgotten about. If a user
|
|
* does not enter any incorrect passwords in this amount of time, the incorrect
|
|
* password count will reset to zero. If not given, the timeout will be
|
|
* disabled, and the incorrect password count will never be reset until the user
|
|
* disconnects.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
badpasstimeout = 1h
|
|
|
|
/*
|
|
* Sets the delay between automatic database updates. This time is reset by
|
|
* the OperServ UPDATE command.
|
|
*/
|
|
updatetimeout = 5m
|
|
|
|
/*
|
|
* Sets the delay between checks for expired nicknames and channels. The
|
|
* OperServ UPDATE command will also cause a check for expiration and reset
|
|
* this timer.
|
|
*/
|
|
expiretimeout = 30m
|
|
|
|
/*
|
|
* Sets the timout period for reading from the uplink.
|
|
*/
|
|
readtimeout = 5s
|
|
|
|
/*
|
|
* Sets the interval between sending warning messages for program errors via
|
|
* WALLOPS/GLOBOPS.
|
|
*/
|
|
warningtimeout = 4h
|
|
|
|
/*
|
|
* Sets the (maximum) frequency at which the timeout list is checked. This,
|
|
* combined with readtimeout above, determine how accurately timed events,
|
|
* such as nick kills, occur; it also determines how much CPU time Services
|
|
* will use doing this. Higher values will cause less accurate timing but
|
|
* less CPU usage.
|
|
*
|
|
* This shouldn't be set any higher than 10 seconds, and 1 second is best
|
|
* if your system is powerful enough (or your network small enough) to
|
|
* handle it. 0 will cause the timeout list to be checked every time
|
|
* through the main loop, which will probably slow down Services too much
|
|
* to be useful on most networks.
|
|
*
|
|
* Note that this value is not an absolute limit on the period between
|
|
* checks of the timeout list; the previous may be as great as readtimeout
|
|
* (above) during periods of inactivity.
|
|
*
|
|
* If this directive is not given, it will default to 0. See the 2nd paragraph
|
|
* above for performance impacts if you do this.
|
|
*/
|
|
timeoutcheck = 3s
|
|
|
|
/*
|
|
* Sets the number of days backups of databases are kept. If you don't give it,
|
|
* or if you set it to 0, Services won't backup the databases.
|
|
*
|
|
* NOTE: Services must run 24 hours a day for this feature to work.
|
|
*
|
|
* This directive is optional, but recommended.
|
|
*/
|
|
keepbackups = 3
|
|
|
|
/*
|
|
* If set, Services will require a reason when a FORBID is added, else the
|
|
* reason is optional. This directive also applies to SUSPENDed channels as
|
|
* well.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
forceforbidreason = yes
|
|
|
|
/*
|
|
* If set, this will allow users to let Services send PRIVMSGs to them
|
|
* instead of NOTICEs. Also see the defmsg option of nickserv:defaults,
|
|
* which also toggles the default communication (PRIVMSG or NOTICE) to
|
|
* use for unregistered users.
|
|
*
|
|
* This is a feature that is against the IRC RFC and should be used ONLY
|
|
* if absolutely necessary.
|
|
*
|
|
* This directive is optional, and not recommended.
|
|
*/
|
|
#useprivmsg = yes
|
|
|
|
/*
|
|
* If set, will force Services to only respond to PRIVMSGs addresses to
|
|
* Nick@ServerName - e.g. NickServ@localhost.net. This should be used in
|
|
* conjunction with IRCd aliases. This directive is optional.
|
|
*
|
|
* When using Bahamut, this option will NOT work if the uplink server is
|
|
* configured as a services hub. The serviceshub option is not designed to
|
|
* be used with Anope.
|
|
*/
|
|
#usestrictprivmsg = yes
|
|
|
|
/*
|
|
* If set, Services will only show /stats o to IRC Operators. This directive
|
|
* is optional.
|
|
*/
|
|
#hidestatso = yes
|
|
|
|
/*
|
|
* Prevents users from registering their nick if they are not connected
|
|
* for at least the given number of seconds.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#nickregdelay = 30
|
|
|
|
/*
|
|
* If set, forbids the registration of nicks that contain an existing
|
|
* nick with Services access. For example, if Tester is a Services Oper,
|
|
* you can't register NewTester or Tester123 unless you are an IRC
|
|
* Operator.
|
|
*
|
|
* NOTE: If you enable this, you will have to be logged in as an IRC
|
|
* operator in order to register a Services Root nick when setting up
|
|
* Anope for the first time.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#restrictopernicks = yes
|
|
|
|
/*
|
|
* The number of LOGON/OPER news items to display when a user logs on.
|
|
*
|
|
* This directive is optional, if no set it will default to 3.
|
|
*/
|
|
#newscount = 3
|
|
|
|
/*
|
|
* A space-separated list of ulined servers on your network, it is assumed that
|
|
* the servers in this list are allowed to set channel modes and Services will
|
|
* not attempt to reverse their mode changes.
|
|
*
|
|
* WARNING: Do NOT put your normal IRC user servers in this directive.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#ulineservers = "stats.your.network"
|
|
|
|
/*
|
|
* Default modes for mode lock, these are set on newly registered channels.
|
|
*/
|
|
mlock = "+nrt"
|
|
|
|
/*
|
|
* Modes that will not be allowed to be locked. Oper only modes such as +O
|
|
* are always restricted from regular users and are not affected by this.
|
|
* Comment out for no restrictions.
|
|
*/
|
|
nomlock = "z"
|
|
|
|
/*
|
|
* Modes to set on service bots when they join channels, comment this out for no modes
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
botmodes = "ao"
|
|
|
|
/*
|
|
* How long to wait between connection retries, in seconds.
|
|
*/
|
|
retrywait = 60
|
|
|
|
/*
|
|
* If set, Services will hide commands that users doesn't have the privileges to execute
|
|
* from HELP output.
|
|
*/
|
|
hideprivilegedcommands = no
|
|
}
|
|
|
|
/*
|
|
* [RECOMMENDED] Service client configuration
|
|
*
|
|
* Defines some of the core services. Commands are later added to these services.
|
|
*/
|
|
|
|
service
|
|
{
|
|
/*
|
|
* The nick, user name, host, and real name of the service.
|
|
*/
|
|
nick = "BotServ"
|
|
user = "services"
|
|
host = "localhost.net"
|
|
gecos = "Bot Service"
|
|
}
|
|
|
|
service
|
|
{
|
|
nick = "ChanServ"
|
|
user = "services"
|
|
host = "localhost.net"
|
|
gecos = "Channel Registration Service"
|
|
}
|
|
|
|
service
|
|
{
|
|
nick = "Global"
|
|
user = "services"
|
|
host = "localhost.net"
|
|
gecos = "Global Noticer"
|
|
}
|
|
|
|
service
|
|
{
|
|
nick = "HostServ"
|
|
user = "services"
|
|
host = "localhost.net"
|
|
gecos = "vHost Service"
|
|
}
|
|
|
|
service
|
|
{
|
|
nick = "MemoServ"
|
|
user = "services"
|
|
host = "localhost.net"
|
|
gecos = "Memo Service"
|
|
}
|
|
|
|
service
|
|
{
|
|
nick = "NickServ"
|
|
user = "services"
|
|
host = "localhost.net"
|
|
gecos = "Nickname Registration Service"
|
|
}
|
|
|
|
service
|
|
{
|
|
nick = "OperServ"
|
|
user = "services"
|
|
host = "localhost.net"
|
|
gecos = "Operator Service"
|
|
}
|
|
|
|
/*
|
|
* [RECOMMENDED] Core clients
|
|
*/
|
|
|
|
module { name = "bs_main" }
|
|
botserv
|
|
{
|
|
/*
|
|
* The name of the client that should be BotServ.
|
|
* Clients are configured above.
|
|
*/
|
|
name = "BotServ"
|
|
|
|
/*
|
|
* The default bot options for newly registered channels. Note that changing these options
|
|
* will have no effect on channels which are already registered. The list must be separated
|
|
* by spaces.
|
|
*
|
|
* The options are:
|
|
* - dontkickops: Channel operators will be protected against BotServ kicks
|
|
* - dontkickvoices: Voiced users will be protected against BotServ kicks
|
|
* - greet: The channel's BotServ bot will greet incoming users that have set a greet
|
|
* in their NickServ settings
|
|
* - fantasy: Enables the use of BotServ fantasy commands in the channel
|
|
*
|
|
* This directive is optional, if left blank, there will be no defaults.
|
|
*/
|
|
defaults="greet fantasy"
|
|
|
|
/*
|
|
* The minimum number of users there must be in a channel before the bot joins it. The best
|
|
* value for this setting is 1 or 2. This can be 0, the service bots will not part unless
|
|
* specifically unassigned, and will keep the channel open.
|
|
*/
|
|
minusers = 1
|
|
|
|
/*
|
|
* The maximum number of entries a single bad words list can have. Setting it too high can
|
|
* reduce performance slightly.
|
|
*/
|
|
badwordsmax = 32
|
|
|
|
/*
|
|
* The amount of time that data for a user is valid in BotServ. If the data exceeds this time,
|
|
* it is reset or deleted depending on the case. Do not set it too high, otherwise your
|
|
* resources will be slightly affected.
|
|
*/
|
|
keepdata = 10m
|
|
|
|
/*
|
|
* The bots are currently not affected by any modes or bans when they try to join a channel.
|
|
* But some people may want to make it act like a real bot, that is, for example, remove all
|
|
* the bans affecting the bot before joining the channel, remove a ban that affects the bot
|
|
* set by a user when it is in the channel, and so on. Since it consumes a bit more CPU
|
|
* time, you should not enable this on larger networks.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#smartjoin = yes
|
|
|
|
/*
|
|
* If set, the bots will use a kick reason that does not state the word when it is kicking.
|
|
* This is especially useful if you have young people on your network.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
gentlebadwordreason = yes
|
|
|
|
/*
|
|
* If set, BotServ will use case sensitive checking for badwords.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#casesensitive = yes
|
|
|
|
/*
|
|
* Defines the prefix for fantasy commands in channels. This character will have to be prepended
|
|
* to all fantasy commands. If you choose "!", for example, fantasy commands will be "!kick",
|
|
* "!op", etc. This directive is optional, if left out, the default fantasy character is "!".
|
|
*/
|
|
#fantasycharacter = "!"
|
|
}
|
|
|
|
/*
|
|
* [RECOMMENDED] Core ChanServ module.
|
|
*
|
|
* Provides essential functionality for ChanServ
|
|
*/
|
|
module { name = "cs_main" }
|
|
|
|
chanserv
|
|
{
|
|
/*
|
|
* The name of the client that should be ChanServ. Clients are configured
|
|
* with the service blocks.
|
|
*/
|
|
name = "ChanServ"
|
|
|
|
/*
|
|
* The default options for newly registered channels. Note that changing these options
|
|
* will have no effect on channels which are already registered. The list must be separated
|
|
* by spaces.
|
|
*
|
|
* The options are:
|
|
* - keeptopic: Retain topic when the channel is not in use
|
|
* - opnotice: Send a notice when OP/DEOP commands are used
|
|
* - peace: Disallow users from kicking or removing modes from others who are of the same
|
|
* access level or superior
|
|
* - private: Hide the channel from ChanServ's LIST command
|
|
* - restricted: Kick/ban users who are restricted from the channel
|
|
* - secure: Enable channel security, requiring the user to be identified with NickServ in
|
|
* order to be considered for being on the access list of the channel
|
|
* - secureops: Only allow operator status to be given if the user is on the access list
|
|
* - securefounder: Only allow the real founder of the channel to drop the channel, change it's
|
|
* password, or change the founder or successor
|
|
* - signkick: Use of ChanServ's KICK command will cause the user's nick to be signed to the kick.
|
|
* - signkicklevel: Same as above, but the kick will not be signed if the user is at the same access
|
|
* level or superior to the target
|
|
* - topiclock: Disallow the topic to be changed except with ChanServ's TOPIC command
|
|
* - persist: Keep the channel open at all times
|
|
* - none: No defaults
|
|
*
|
|
* This directive is optional, if left blank, the options will default to keetopic, secure, securefounder,
|
|
* and signkick. If you really want no defaults, use "none" by itself as the option.
|
|
*/
|
|
defaults="keeptopic peace secure securefounder signkick"
|
|
|
|
/*
|
|
* The maximum number of channels which may be registered to a single nickname.
|
|
*
|
|
* This directive is optional, but recommended.
|
|
* If not set, there will be no restriction on the numbers of channels a single nickname can have registered.
|
|
*/
|
|
maxregistered = 20
|
|
|
|
/*
|
|
* The length of time before a channel registration expires.
|
|
*
|
|
* This directive is optional, but recommended.
|
|
* If not set, the default is 14 days.
|
|
*/
|
|
expire = 14d
|
|
|
|
/*
|
|
* The length of time before a suspended channel becomes unsuspended.
|
|
*
|
|
* This directive is optional.
|
|
* If not set, the default is to never.
|
|
*/
|
|
#suspendexpire = 90d
|
|
|
|
/*
|
|
* The lenth of time before a forbidden channel drops.
|
|
*
|
|
* This directive is optional.
|
|
* If not set, the default is to never.
|
|
*/
|
|
#forbidexpire = 90d
|
|
|
|
/*
|
|
* The default ban type for newly registered channels (and when importing old databases).
|
|
*
|
|
* defbantype can be:
|
|
*
|
|
* 0: ban in the form of *!user@host
|
|
* 1: ban in the form of *!*user@host
|
|
* 2: ban in the form of *!*@host
|
|
* 3: ban in the form of *!*user@*.domain
|
|
*/
|
|
defbantype = 2
|
|
|
|
/*
|
|
* The maximum number of entries on a channel's access list.
|
|
*/
|
|
accessmax = 1024
|
|
|
|
/*
|
|
* The maximum number of entries on a channel's autokick list.
|
|
*/
|
|
autokickmax = 32
|
|
|
|
/*
|
|
* The default reason for an autokick if none is given.
|
|
*/
|
|
autokickreason = "User has been banned from the channel"
|
|
|
|
/*
|
|
* The length of time ChanServ stays in a channel after kicking a user from a channel they are not
|
|
* permitted to be in. This only occurs when the user is the only one in the channel.
|
|
*/
|
|
inhabit = 15s
|
|
|
|
/*
|
|
* Limits the use of the ChanServ LIST command to IRC operators.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#listopersonly = yes
|
|
|
|
/*
|
|
* The maximum number of channels to be returned for a ChanServ LIST command.
|
|
*/
|
|
listmax = 50
|
|
|
|
/*
|
|
* Allow only IRC Operators to use ChanServ.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#opersonly = yes
|
|
|
|
/*
|
|
* ChanServ levels configuration, for use with cs_access.
|
|
*
|
|
* These levels are used by the chanserv/access access system.
|
|
* The levels configured below will be used as a default by newly registered channels.
|
|
*
|
|
* The level "founder" is a special level that means anyone with the level_founder permission
|
|
* can use (which of course defaults to "founder"). Anyone with the founder level permission in
|
|
* a channel can do anything in the channel.
|
|
*/
|
|
level_change = 10
|
|
level_list = 1
|
|
level_akick = 10
|
|
level_assign = "founder"
|
|
level_autohalfop = 4
|
|
level_autoop = 5
|
|
level_autoowner = 9999
|
|
level_autoprotect = 10
|
|
level_autovoice = 3
|
|
level_badwords = 10
|
|
level_ban = 4
|
|
level_fantasia = 3
|
|
level_founder = "founder"
|
|
level_getkey = 5
|
|
level_greet = 5
|
|
level_halfop = 5
|
|
level_halfopme = 4
|
|
level_info = 9999
|
|
level_invite = 5
|
|
level_kick = 4
|
|
level_memo = 10
|
|
level_mode = 5
|
|
level_nokick = 1
|
|
level_opdeop = 5
|
|
level_opdeopme = 5
|
|
level_owner = "founder"
|
|
level_ownerme = 9999
|
|
level_protect = 9999
|
|
level_protectme = 10
|
|
level_say = 5
|
|
level_signkick = 9999
|
|
level_set = 9999
|
|
level_topic = 5
|
|
level_unban = 4
|
|
level_voice = 4
|
|
level_voiceme = 3
|
|
|
|
/*
|
|
* ChanServ flags configuration, for use with cs_flags.
|
|
*
|
|
* These flags are used by the chanserv/flags access system.
|
|
*/
|
|
flag_change = "f"
|
|
flag_list = "l"
|
|
flag_akick = "K"
|
|
flag_assign = "s"
|
|
flag_autohalfop = "H"
|
|
flag_autoop = "O"
|
|
flag_autoowner = "Q"
|
|
flag_autoprotect = "A"
|
|
flag_autovoice = "V"
|
|
flag_badwords = "k"
|
|
flag_ban = "b"
|
|
flag_fantasia = "c"
|
|
flag_founder = "F"
|
|
flag_getkey = "G"
|
|
flag_greet = "g"
|
|
flag_halfop = "h"
|
|
flag_halfopme = "h"
|
|
flag_info = "I"
|
|
flag_invite = "i"
|
|
flag_kick = "k"
|
|
flag_memo = "m"
|
|
flag_mode = "s"
|
|
flag_nokick = "N"
|
|
flag_opdeop = "o"
|
|
flag_opdeopme = "o"
|
|
flag_owner = "q"
|
|
flag_ownerme = "q"
|
|
flag_protect = "a"
|
|
flag_protectme = "a"
|
|
flag_say = "B"
|
|
flag_set = "s"
|
|
flag_signkick = "K"
|
|
flag_topic = "t"
|
|
flag_unban = "u"
|
|
flag_voice = "v"
|
|
flag_voiceme = "v"
|
|
}
|
|
|
|
module { name = "gl_main" }
|
|
global
|
|
{
|
|
/*
|
|
* The name of the client that should be Global. Clients are configured
|
|
* with the service blocks.
|
|
*/
|
|
name = "Global"
|
|
|
|
/*
|
|
* If set, Services will send global messages on starting up and shutting
|
|
* down/restarting.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#globaloncycle = yes
|
|
|
|
/*
|
|
* This is the global message that will be sent when Services are being
|
|
* shutdown/restarted. This directive is only required if you enable
|
|
* globaloncycle above.
|
|
*/
|
|
globaloncycledown = "Services are restarting, they will be back shortly - please be good while we're gone"
|
|
|
|
/*
|
|
* This is the global message that will be sent when Services (re)join the
|
|
* network. This directive is only required if you enable globaloncycle above.
|
|
*/
|
|
globaloncycleup = "Services are now back online - have a nice day"
|
|
|
|
/*
|
|
* If set, Services will hide the IRC operator's nick in a global
|
|
* message/notice.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#anonymousglobal = yes
|
|
}
|
|
|
|
module { name = "hs_main" }
|
|
hostserv
|
|
{
|
|
/*
|
|
* The name of the client that should be HostServ. Clients are configured
|
|
* with the service blocks.
|
|
*/
|
|
name = "HostServ"
|
|
}
|
|
|
|
module { name = "ms_main" }
|
|
memoserv
|
|
{
|
|
/*
|
|
* The name of the client that should be MemoServ. Clients are configured
|
|
* with the service blocks.
|
|
*/
|
|
name = "MemoServ"
|
|
|
|
/*
|
|
* The maximum number of memos a user is allowed to keep by default. Normal users may set the
|
|
* limit anywhere between 0 and this value. Services Admins can change it to any value or
|
|
* disable it.
|
|
*
|
|
* This directive is optional, but recommended. If not set, the limit is disabled
|
|
* by default, and normal users can set any limit they want.
|
|
*/
|
|
maxmemos = 20
|
|
|
|
/*
|
|
* The delay between consecutive uses of the MemoServ SEND command. This can help prevent spam
|
|
* as well as denial-of-service attacks from sending large numbers of memos and filling up disk
|
|
* space (and memory). The default 3-second wait means a maximum average of 150 bytes of memo
|
|
* per second per user under the current IRC protocol.
|
|
*
|
|
* This directive is optional, but recommended.
|
|
*/
|
|
senddelay = 3s
|
|
|
|
/*
|
|
* Allow the use of memo receipts for the following groups:
|
|
*
|
|
* 1 - Opers Only
|
|
* 2 - Everybody
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#memoreceipt = 1
|
|
}
|
|
|
|
module { name = "ns_main" }
|
|
nickserv
|
|
{
|
|
/*
|
|
* The name of the client that should be NickServ. Clients are configured
|
|
* with the service blocks.
|
|
*/
|
|
name = "NickServ"
|
|
|
|
/*
|
|
* Force users to give an e-mail address when they register a nick.
|
|
*
|
|
* This directive is recommended to be enabled, and required if e-mail registration is enabled.
|
|
*/
|
|
forceemail = yes
|
|
|
|
/*
|
|
* Require users who change their email address to confirm they
|
|
* own it.
|
|
*/
|
|
confirmemailchanges = no
|
|
|
|
/*
|
|
* Require an e-mail to be sent to the user before they can register their nick.
|
|
*/
|
|
#emailregistration = yes
|
|
|
|
/*
|
|
* The default options for newly registered nicks. Note that changing these options
|
|
* will have no effect on nicks which are already registered. The list must be separated
|
|
* by spaces.
|
|
*
|
|
* The options are:
|
|
* - kill: Kill nick if not identified within 60 seconds
|
|
* - killquick: Kill nick if not identified within 20 seconds, this one overrides the above
|
|
* option and the above must be specified with this one
|
|
* - secure: Enable nickname security, requiring the nick's password before any operations
|
|
* can be done on it
|
|
* - private: Hide the nick from NickServ's LIST command
|
|
* - hideemail: Hide's the nick's e-mail address from NickServ's INFO command
|
|
* - hideusermask: Hide's the nick's last or current user@host from NickServ's INFO command
|
|
* - hidequit: Hide's the nick's last quit message
|
|
* - memosignon: Notify user if they have a new memo when they sign into the nick
|
|
* - memoreceive: Notify user if they have a new memo as soon as it's received
|
|
* - autoop: User will be automatically opped in channels they enter and have access to
|
|
* - msg: Services messages will be sent as PRIVMSGs instead of NOTICEs, requires UsePrivmsg
|
|
* to be enabled as well
|
|
*
|
|
* This directive is optional, if left blank, the options will default to secure, memosignon, and
|
|
* memoreceive. If you really want no defaults, use "none" by itself as the option.
|
|
*/
|
|
defaults="secure private hideemail hideusermask memosignon memoreceive autoop"
|
|
|
|
/*
|
|
* A list of languages to load on startup that will be available in /nickserv set language.
|
|
* Useful if you translate Anope to your language. (Explained further in docs/LANGUAGE).
|
|
* Note that english should not be listed here because it is the base language.
|
|
*/
|
|
languages = "ca_ES de_DE el_GR es_ES fr_FR hu_HU it_IT nl_NL pl_PL pt_PT ru_RU tr_TR"
|
|
|
|
/*
|
|
* Default language that non- and newly-registered nicks will receive messages in.
|
|
* Leave empty to default to English.
|
|
*/
|
|
#defaultlanguage = "es_ES"
|
|
|
|
/*
|
|
* The minimum length of time between consecutive uses of NickServ's REGISTER command. This
|
|
* directive is optional, but recommended. If not set, this restriction will be disabled.
|
|
*/
|
|
regdelay = 30s
|
|
|
|
/*
|
|
* The minimum length of time between consecutive uses of NickServ's RESEND command.
|
|
*
|
|
* This directive is optional, but recommended. If not set, this restriction will be disabled.
|
|
*/
|
|
resenddelay = 90s
|
|
|
|
/*
|
|
* The length of time before a nick registration expires.
|
|
*
|
|
* This directive is optional, but recommended. If not set, the default is 21 days.
|
|
*/
|
|
expire = 21d
|
|
|
|
/*
|
|
* The length of time before a suspended nick becomes unsuspended.
|
|
*
|
|
* This directive is optional. If not set, the default is to never.
|
|
*/
|
|
#suspendexpire = 90d
|
|
|
|
/*
|
|
* The length of time a user using an unconfirmed account has
|
|
* before the account will be released for general use again.
|
|
*
|
|
* This directive is only required if the e-mail registration option is enabled.
|
|
*/
|
|
#unconfirmedexpire = 1d
|
|
|
|
/*
|
|
* The maximum number of nicks allowed in a group.
|
|
*
|
|
* This directive is optional, but recommended. If not set or set to 0, no limits will be applied.
|
|
*/
|
|
maxaliases = 16
|
|
|
|
/*
|
|
* The maximum number of entries allowed on a nickname's access list.
|
|
*/
|
|
accessmax = 32
|
|
|
|
/*
|
|
* The username (and possibly hostname) used for the fake user created when NickServ collides
|
|
* a user. Should be in the user@host format.
|
|
*/
|
|
enforceruser = "enforcer"
|
|
enforcerhost = "localhost.net"
|
|
|
|
/*
|
|
* The delay before a NickServ collided nick is released.
|
|
*/
|
|
releasetimeout = 1m
|
|
|
|
/*
|
|
* Allow the use of the IMMED option in the NickServ SET KILL command.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#allowkillimmed = yes
|
|
|
|
/*
|
|
* If set, the NickServ GROUP command won't allow any group change. This is recommended for
|
|
* better performance and to protect against nick stealing, however users will have less
|
|
* flexibility.
|
|
*
|
|
* This directive is optional, but recommended.
|
|
*/
|
|
#nogroupchange = yes
|
|
|
|
/*
|
|
* Limits the use of the NickServ LIST command to IRC operators.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#listopersonly = yes
|
|
|
|
/*
|
|
* The maximum number of nicks to be returned for a NickServ LIST command.
|
|
*/
|
|
listmax = 50
|
|
|
|
/*
|
|
* When a user's nick is forcibly changed to enforce a "nick kill", their new nick will start
|
|
* with this value. The rest will be made up of 6 or 7 digits.
|
|
*/
|
|
guestnickprefix = "Guest"
|
|
|
|
/*
|
|
* Prevents the use of the DROP, FORBID, GETPASS, and SET PASSWORD commands by Services Admins
|
|
* on other Services Admins or the Services Root(s).
|
|
*
|
|
* This directive is optional, but recommended.
|
|
*/
|
|
secureadmins = yes
|
|
|
|
/*
|
|
* If set, any user wanting to use the privileges of Services Root, Services Admin, or Services
|
|
* Operator must have been logged as an IRC Operator with the /oper command.
|
|
*
|
|
* This directive is optional, but recommended.
|
|
*/
|
|
strictprivileges = yes
|
|
|
|
/*
|
|
* If set, Services will set the channel modes a user has access to upon identifying, assuming
|
|
* they are not already set.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
modeonid = yes
|
|
|
|
/*
|
|
* If set, Services will add the usermask of registering users to the access list of their
|
|
* newly created account. If not set, users will always have to identify to NickServ before
|
|
* being recognized, unless they manually add an address to the access list of their account.
|
|
* This directive is optional.
|
|
*/
|
|
addaccessonreg = yes
|
|
|
|
/*
|
|
* The maximum number of channels a user can have on NickServ's AJOIN command.
|
|
*/
|
|
ajoinmax = 10
|
|
}
|
|
|
|
module { name = "os_main" }
|
|
operserv
|
|
{
|
|
/*
|
|
* The name of the client that should be OperServ. Clients are configured
|
|
* with the service blocks.
|
|
*/
|
|
name = "OperServ"
|
|
|
|
/*
|
|
* If set, Services Admins will be able to use SUPERADMIN [ON|OFF] which will temporarily grant
|
|
* them extra privileges such as being a founder on ALL channels, ability to adjust another
|
|
* users' modes, etc.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#superadmin = yes
|
|
|
|
/*
|
|
* These define the default expiration times for, respectively, AKILLs, CHANKILLs, SNLINEs,
|
|
* SQLINEs, and SZLINEs.
|
|
*/
|
|
autokillexpiry = 30d
|
|
chankillexpiry = 30d
|
|
snlineexpiry = 30d
|
|
sqlineexpiry = 30d
|
|
szlineexpiry = 30d
|
|
|
|
/*
|
|
* If set, this option will make Services send an AKILL command immediately after it has been
|
|
* added with AKILL ADD. This eliminates the need for killing the user after the AKILL has
|
|
* been added.
|
|
*
|
|
* This directive is optional, but recommended.
|
|
*/
|
|
akillonadd = yes
|
|
|
|
/*
|
|
* If set, this option will make Services send an (SVS)KILL command immediately after SNLINE ADD.
|
|
* This eliminates the need for killing the user after the SNLINE has been added.
|
|
*
|
|
*This directive is optional.
|
|
*/
|
|
#killonsnline = yes
|
|
|
|
/*
|
|
* If set, this option will make Services send an (SVS)KILL command immediately after SQLINE ADD.
|
|
* This eliminates the need for killing the user after the SQLINE has been added.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
#killonsqline = yes
|
|
|
|
/*
|
|
* Defines what actions should trigger notifications. The list must be separated by spaces.
|
|
*
|
|
* The notifications are:
|
|
* - oper: A user has become an IRC operator
|
|
* - bados: A non-IRCop attempts to use OperServ
|
|
* - akillexpire: An AKILL has expired
|
|
* - snlineexpire: An SNLINE has expired
|
|
* - sqlineexpire: An SQLINE has expired
|
|
* - szlineexpire: An SZLINE has expired
|
|
* - exceptionexpire: A session exception has expired
|
|
*
|
|
* This directive is optional, if left blank, there will be no notifications.
|
|
*/
|
|
notifications="oper"
|
|
|
|
/*
|
|
* Enables session limiting. Session limiting prevents users from connecting more than a certain
|
|
* number of times from the same host at the same time - thus preventing most types of cloning.
|
|
* Once a host reaches it's session limit, all clients attempting to connect from that host will
|
|
* be killed. Exceptions to the default session limit can be defined via the exception list. It
|
|
* should be noted that session limiting, along with a large exception list, can degrade Services'
|
|
* performance.
|
|
*
|
|
* See the source and comments in sessions.c and the online help for more information about
|
|
* session limiting.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
limitsessions = yes
|
|
|
|
/*
|
|
* Default session limit per host. Once a host reaches it's session limit, all clients attempting
|
|
* to connect from that host will be killed. A value of zero means an unlimited session limit.
|
|
*
|
|
* This directive is optional.
|
|
* If not given and session limiting is enabled, it will default to no limit.
|
|
*/
|
|
defaultsessionlimit = 3
|
|
|
|
/*
|
|
* The maximum session limit that may be set for a host in an exception.
|
|
*
|
|
* This directive is only required if session limiting is enabled.
|
|
*/
|
|
maxsessionlimit = 100
|
|
|
|
/*
|
|
* Sets the default expiry time for session exceptions.
|
|
*
|
|
* This directive is only required if session limiting is enabled.
|
|
*/
|
|
exceptionexpiry = 1d
|
|
|
|
/*
|
|
* The message that will be NOTICE'd to a user just before they are removed from the network because
|
|
* their host's session limit has been exceeded. It may be used to give a slightly more descriptive
|
|
* reason for the impending kill as opposed to simply "Session limit exceeded".
|
|
*
|
|
* This directive is optional, if not set, nothing will be sent.
|
|
*/
|
|
sessionlimitexceeded = "The session limit for your host %s has been exceeded."
|
|
|
|
/*
|
|
* Same as above, but should be used to provide a website address where users can find out more
|
|
* about session limits and how to go about applying for an exception.
|
|
*
|
|
* Note: This directive has been intentionally commented out in an effort to remind you to change
|
|
* the URL it contains. It is recommended that you supply an address/URL where people can get help
|
|
* regarding session limits.
|
|
*
|
|
* This directive is optional, if not set, nothing will be sent.
|
|
*/
|
|
#sessionlimitdetailsloc = "Please visit http://your.website.url/ for more information about session limits."
|
|
|
|
/*
|
|
* If set and is not 0, this directive tells Services to add an AKILL the number of subsequent kills
|
|
* for the same host exceeds this value, preventing the network from experiencing KILL floods.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
maxsessionkill = 15
|
|
|
|
/*
|
|
* Sets the expiry time for AKILLs set for hosts exceeding the maxsessionkill directive limit.
|
|
*
|
|
* This directive is optional, if not set, defaults to 30 minutes.
|
|
*/
|
|
sessionautokillexpiry = 30m
|
|
|
|
/*
|
|
* Adds the nickname of the IRC Operator issuing an AKILL to the kill reason.
|
|
*
|
|
* This directive is optional.
|
|
*/
|
|
addakiller = yes
|
|
|
|
/*
|
|
* If set, only IRC Operators will be permitted to use OperServ, regardless of module-based command
|
|
* access restrictions.
|
|
*
|
|
* This directive is optional, but recommended.
|
|
*/
|
|
opersonly = yes
|
|
}
|
|
|
|
/*
|
|
* [RECOMMENDED] Logging Configuration
|
|
*
|
|
* This section is used for configuring what is logged and where it is logged to.
|
|
* You may have multiple log blocks if you wish. Remember to properly secure any
|
|
* channels you choose to have Anope log to!
|
|
*/
|
|
log
|
|
{
|
|
/*
|
|
* Target(s) to log to, which may be one of the following:
|
|
* - a channel name
|
|
* - a filename
|
|
* - globops
|
|
*/
|
|
target = "services.log"
|
|
/* Log to both services.log and the channel #services */
|
|
#target = "services.log #services"
|
|
|
|
/*
|
|
* The source(s) to only accept log messages from. Leave commented to allow all sources.
|
|
* This can be a users name, a channel name, one of our clients (eg, OperServ), or a server name.
|
|
*/
|
|
#source = ""
|
|
|
|
/*
|
|
* The number of days to keep logfiles, only useful if you are logging to a file.
|
|
* Set to 0 to never delete old logfiles.
|
|
*
|
|
* Note that Anope must run 24 hours a day for this feature to work correctly.
|
|
*/
|
|
logage = 7
|
|
|
|
/*
|
|
* Enable to have the core services clients join and stay in the log channel(s) when logging.
|
|
* Note: on some IRCds this is not optional, and is enforced on.
|
|
*/
|
|
inhabitlogchannel = yes
|
|
|
|
/*
|
|
* What types of log messages should be logged by this block. There are nine general categories:
|
|
*
|
|
* admin - Execution of admin commands (OperServ, etc).
|
|
* override - A services operator using their powers to execute a command they couldn't normally.
|
|
* commands - Execution of general commands.
|
|
* servers - Server actions, linking, squitting, etc.
|
|
* channels - Actions in channels such as joins, parts, kicks, etc.
|
|
* users - User actions such as connecting, disconnecting, changing name, etc.
|
|
* other - All other messages without a category.
|
|
* rawio - Logs raw input and output from services
|
|
* debug - Debug messages (log files can become VERY large from this).
|
|
*
|
|
* These options determine what messages from the categories should be logged. Wildcards are accepted, and
|
|
* you can also negate values with a ~. For example, "~operserv/akill operserv/*" would log all operserv
|
|
* messages except for operserv/akill. Note that processing stops at the first matching option, which
|
|
* means "* ~operserv/*" would log everything because * matches everything.
|
|
*
|
|
* Valid admin, override, and command options are:
|
|
* pesudo-serv/commandname (eg, operserv/akill, chanserv/set)
|
|
*
|
|
* Valid server options are:
|
|
* connect, quit, sync
|
|
*
|
|
* Valid channel options are:
|
|
* create, destroy, join, part, kick, leave, mode
|
|
*
|
|
* Valid user options are:
|
|
* connect, disconnect, quit, nick, ident, host, mode, maxusers
|
|
*
|
|
* Rawio and debug are simple yes/no answers, there are no types for them.
|
|
*
|
|
* Note that modules may add their own values to these options.
|
|
*/
|
|
admin = "operserv/*"
|
|
override = "chanserv/* nickserv/* memoserv/set botserv/* ~botserv/set"
|
|
commands = "~operserv/* *"
|
|
servers = "*"
|
|
#channels = "~mode *"
|
|
users = "connect disconnect nick"
|
|
other = "*"
|
|
rawio = no
|
|
debug = no
|
|
}
|
|
|
|
/*
|
|
* A log block to globops some useful things.
|
|
*/
|
|
log
|
|
{
|
|
target = "globops"
|
|
admin = "global/* operserv/mode operserv/kick opeserv/akill operserv/s*line operserv/noop operserv/jupe */forbid nickserv/getpass */drop"
|
|
}
|
|
|
|
/*
|
|
* [RECOMMENDED] Oper Access Config
|
|
*
|
|
* This section is used to set up staff access to restricted oper only commands.
|
|
* You may define groups of commands and privileges, as well as who may use them.
|
|
*
|
|
* This block is recommended, as without it you will be unable to access most oper commands.
|
|
* It replaces the old ServicesRoot directive amongst others.
|
|
*
|
|
* Note that third party modules may add additional commands and privileges to this list.
|
|
*
|
|
* Available privileges:
|
|
* botserv/administration - Can perform certain BotServ administrative tasks
|
|
* chanserv/access/modify - Can modify channel access and akick lists
|
|
* chanserv/auspex - Can see any information with /chanserv info
|
|
* chanserv/no-register-limit - May register an unlimited number of channels and nicknames
|
|
* chanserv/set - Can modify the settings of any channel (incl. changing of the owner and password!)
|
|
* memoserv/info - Can see any information with /memoserv info
|
|
* memoserv/set-limit - Can set the limit of max stored memos on any user and channel
|
|
* memoserv/no-limit - Can send memos through limits and throttles
|
|
* nickserv/auspex - Can see any information with /nickserv info
|
|
* nickserv/confirm - Can confirm other users nicknames
|
|
* nickserv/drop - Can drop other users nicks
|
|
*
|
|
* Available commands:
|
|
* botserv/bot/del botserv/bot/add botserv/bot/change botserv/assign/private
|
|
* botserv/botlist botserv/set/private botserv/set/nobot
|
|
*
|
|
* chanserv/access/list chanserv/drop chanserv/forbid chanserv/getkey
|
|
* chanserv/list chanserv/suspend chanserv/topic chanserv/status
|
|
* chanserv/mode
|
|
*
|
|
* chanserv/saset/bantype chanserv/saset/description chanserv/saset/email chanserv/saset/entrymsg
|
|
* chanserv/saset/founder chanserv/saset/keeptopic chanserv/saset/opnotice chanserv/saset/restricted
|
|
* chanserv/saset/peace chanserv/saset/persist chanserv/saset/private
|
|
* chanserv/saset/secure chanserv/saset/securefounder chanserv/saset/secureops
|
|
* chanserv/saset/signkick chanserv/saset/successor chanserv/saset/topiclock
|
|
* chanserv/saset/url chanserv/saset/noexpire
|
|
*
|
|
* memoserv/sendall memoserv/staff
|
|
*
|
|
* nickserv/getpass nickserv/sendpass nickserv/getemail nickserv/suspend
|
|
* nickserv/resetpass
|
|
*
|
|
* nickserv/saset/autoop nickserv/saset/email nickserv/saset/greet
|
|
* nickserv/saset/icq nickserv/saset/kill nickserv/saset/language nickserv/saset/message
|
|
* nickserv/saset/private nickserv/saset/secure nickserv/saset/url nickserv/saset/noexpire
|
|
*
|
|
* hostserv/set hostserv/del
|
|
*
|
|
* global/global
|
|
*
|
|
* operserv/news operserv/stats operserv/kick
|
|
* operserv/mode operserv/session operserv/modlist operserv/ignore
|
|
* operserv/chankill operserv/akill operserv/sqline operserv/snline
|
|
* operserv/szline operserv/oper operserv/config operserv/umode
|
|
* operserv/modload operserv/jupe operserv/set operserv/noop
|
|
* operserv/quit operserv/update operserv/reload operserv/restart
|
|
* operserv/shutdown operserv/svsnick operserv/oline operserv/kill
|
|
*
|
|
* Firstly, we define 'opertypes' which are named whatever we want ('Network Administrator', etc).
|
|
* These can contain commands for oper-only strings (see above) which grants access to that specific command,
|
|
* and privileges (which grant access to more general permissions for the named area).
|
|
* Wildcard entries are permitted for both, e.g. 'commands = "operserv/*"' for all OperServ commands.
|
|
*
|
|
* Below are some default example types, but this is by no means exhaustive,
|
|
* and it is recommended that you configure them to your needs.
|
|
*/
|
|
|
|
opertype
|
|
{
|
|
/* The name of this opertype */
|
|
name = "Helper"
|
|
|
|
/* What commands (see above) this opertype has */
|
|
commands = "hostserv/*"
|
|
}
|
|
|
|
opertype
|
|
{
|
|
/* The name of this opertype */
|
|
name = "Services Operator"
|
|
|
|
/* What opertype(s) this inherits from. Seperate with a comma. */
|
|
inherits = "Helper, Another Helper"
|
|
|
|
/* What commands (see above) this opertype may use */
|
|
commands = "chanserv/list chanserv/suspend chanserv/status chanserv/topic memoserv/staff nickserv/sendpass nickserv/resetpass nickserv/suspend operserv/mode operserv/chankill operserv/szline operserv/akill operserv/session operserv/modlist operserv/sqline operserv/oper operserv/kick operserv/ignore operserv/snline"
|
|
|
|
/* What privs (see above) this opertype has */
|
|
privs = "chanserv/auspex chanserv/no-register-limit memoserv/* nickserv/auspex nickserv/confirm"
|
|
|
|
/*
|
|
* Modes to be set on users when they identify to accounts linked to this opertype.
|
|
*
|
|
* This can be used to automatically oper users who identify for services operator accounts, and is
|
|
* useful for setting modes such as Plexus's user mode +N.
|
|
*
|
|
* Note that some IRCds, such as InspIRCd, do not allow directly setting +o, and this will not work.
|
|
*/
|
|
#modes = "+o"
|
|
}
|
|
|
|
opertype
|
|
{
|
|
name = "Services Administrator"
|
|
|
|
inherits = "Services Operator"
|
|
|
|
commands = "chanserv/access/list chanserv/drop chanserv/forbid chanserv/getkey chanserv/saset/noexpire memoserv/sendall nickserv/saset/* nickserv/getemail operserv/news operserv/jupe operserv/svsnick operserv/stats operserv/oline operserv/noop global/*"
|
|
|
|
privs = "*"
|
|
}
|
|
|
|
opertype
|
|
{
|
|
name = "Services Root"
|
|
|
|
commands = "*"
|
|
|
|
privs = "*"
|
|
}
|
|
|
|
/*
|
|
* After defining different types of operators in the above opertype section, we now define who is in these groups
|
|
* through 'oper' blocks, similar to ircd access.
|
|
*
|
|
* The default is to comment these out (so NOBODY will have Services access).
|
|
* You probably want to add yourself and a few other people at minimum.
|
|
*
|
|
* As with all permissions, make sure to only give trustworthy people access to Services.
|
|
*/
|
|
|
|
oper
|
|
{
|
|
/* The nickname of this services oper */
|
|
#name = "nick1"
|
|
|
|
/* The opertype this person will have */
|
|
type = "Services Root"
|
|
|
|
/* An optional password. If defined the user must login using /operserv login first */
|
|
#password = "secret"
|
|
|
|
/* An optional SSL fingerprint. If defined is required to use this opertype. */
|
|
#certfp = "ed3383b3f7d74e89433ddaa4a6e5b2d7"
|
|
}
|
|
|
|
/*
|
|
oper
|
|
{
|
|
name = "nick2"
|
|
type = "Services Administrator"
|
|
}
|
|
|
|
oper
|
|
{
|
|
name = "nick3"
|
|
type = "Helper"
|
|
}
|
|
*/
|
|
|
|
/*
|
|
* [OPTIONAL] Mail Config
|
|
*
|
|
* This section contains settings related to the use of e-mail from Services.
|
|
* If the usemail directive is set to yes, unless specified otherwise, all other
|
|
* directives are required.
|
|
*/
|
|
mail
|
|
{
|
|
/*
|
|
* If set, this option enables the mail commands in Services. You may choose
|
|
* to disable it if you have no Sendmail-compatible mailer installed. Whilst
|
|
* this directive (and entire block) is optional, it is required if the
|
|
* nickserv:emailregistration is set to yes.
|
|
*/
|
|
usemail = yes
|
|
|
|
/*
|
|
* This is the command-line that will be used to call the mailer to send an
|
|
* e-mail. It must be called with all the parameters needed to make it
|
|
* scan the mail input to find the mail recipient; consult your mailer
|
|
* documentation.
|
|
*
|
|
* Postfix users must use the compatible sendmail utility provided with
|
|
* it. This one usually needs no parameters on the command-line. Most
|
|
* sendmail applications (or replacements of it) require the -t option
|
|
* to be used.
|
|
*/
|
|
sendmailpath = "/usr/sbin/sendmail -t"
|
|
|
|
/*
|
|
* This is the e-mail address from which all the e-mails are to be sent from.
|
|
* It should really exist.
|
|
*/
|
|
sendfrom = "services@localhost.net"
|
|
|
|
/*
|
|
* If set, SENDPASS and RESETPASS will be restricted to IRC operators.
|
|
* This directive is optional.
|
|
*
|
|
* WARNING: If you choose to not enable this option, you should limit the
|
|
* number of processes that the services user can have at a time (you can
|
|
* create a special user for this; remember to NEVER launch Services as
|
|
* root).
|
|
*/
|
|
restrict = yes
|
|
|
|
/*
|
|
* This controls the minimum amount of time a user must wait before sending
|
|
* another e-mail after they have sent one. It also controls the minimum time
|
|
* a user must wait before they can receive another e-mail.
|
|
*
|
|
* This feature prevents users from being mail bombed using Services and
|
|
* it is highly recommended that it be used.
|
|
*
|
|
* This directive is optional, but highly recommended.
|
|
*/
|
|
delay = 5m
|
|
|
|
/*
|
|
* If set, Services will not attempt to put quotes around the TO: fields
|
|
* in e-mails.
|
|
*
|
|
* This directive is optional, and as far as we know, it's only needed
|
|
* if you are using ESMTP or QMail to send out e-mails.
|
|
*/
|
|
#dontquoteaddresses = yes
|
|
}
|
|
|
|
/*
|
|
* [OPTIONAL] DNS Config
|
|
*
|
|
* This section is used to configure DNS.
|
|
* At this time DNS is only used by a few modules (m_dnsbl)
|
|
* and is not required by the core to function.
|
|
*/
|
|
dns
|
|
{
|
|
/*
|
|
* The nameserver to use for resolving hostnames, must be an IP or a resolver configuration file.
|
|
* The below should work fine on all unix like systems. Windows users will have to find their nameservers
|
|
* from ipconfig /all and put the IP here
|
|
*/
|
|
nameserver = "/etc/resolv.conf"
|
|
#nameserver = "127.0.0.1"
|
|
|
|
/*
|
|
* How long to wait in seconds before a DNS query has timed out
|
|
*/
|
|
timeout = 5
|
|
}
|
|
|
|
/*
|
|
* [REQUIRED] Encryption modules.
|
|
*
|
|
* The encryption modules are used when dealing with passwords. This determines how
|
|
* the passwords are stored in the databases, and does not add any security as
|
|
* far as transmitting passwords over the network goes.
|
|
*
|
|
* Without any encryption modules, passwords will be stored in plain text, allowing
|
|
* for passwords to be recovered later but isn't secure therefore is not recommended.
|
|
*
|
|
* The other encryption modules use one-way encryption, so the passwords can not
|
|
* be recovered later if those are used.
|
|
*
|
|
* NOTE: enc_old is Anope's previous (broken) MD5 implementation, if your databases
|
|
* were made using that module, continue to use it and do not use enc_md5.
|
|
*
|
|
* NOTE: enc_sha1 relies on how the OS stores 2+ byte data internally, and is
|
|
* potentially broken when moving between 2 different OSes, such as moving from
|
|
* Linux to Windows. It is recommended that you use enc_sha256 instead if you want
|
|
* to use an SHA-based encryption. If you choose to do so, it is also recommended
|
|
* that you first try to get everyone's passwords converted to enc_sha256 before
|
|
* switching OSes by placing enc_sha256 at the beginning of the list.
|
|
*
|
|
* The first encryption module loaded is the primary encryption module. All new passwords are
|
|
* encrypted by this module. Old passwords stored in another encryption method are
|
|
* automatically re-encrypted by the primary encryption module on next identify.
|
|
*/
|
|
module { name = "enc_md5" }
|
|
#module { name = "enc_sha1" }
|
|
#module { name = "enc_sha256" }
|
|
|
|
/*
|
|
* When using enc_none, passwords will be stored without encryption in plain
|
|
* text, allowing for passwords to be recovered later. This isn't secure therefore
|
|
* is not recommended.
|
|
*/
|
|
#module { name = "enc_none" }
|
|
|
|
/*
|
|
* enc_old is Anope's previous (broken) MD5 implementation, if your databases
|
|
* were made using that module, load it here to allow conversion to the primary
|
|
* encryption method.
|
|
*/
|
|
#module { name = "enc_old" }
|
|
|
|
/*
|
|
* [OPTIONAL] Additional includes
|
|
*
|
|
* You can include additional configuration files here.
|
|
* You may also include executable files, which will be executed and
|
|
* the output from it will be included into your configuration.
|
|
*/
|
|
|
|
/* Include core commands */
|
|
include
|
|
{
|
|
type = "file"
|
|
name = "commands.example.conf"
|
|
}
|
|
|
|
/* Extra (optional) modules */
|
|
include
|
|
{
|
|
type = "file"
|
|
name = "modules.example.conf"
|
|
}
|
|
|
|
/*
|
|
include
|
|
{
|
|
type = "executable"
|
|
name = "/usr/bin/wget -q -O - http://some.miconfigured.network.com/services.conf"
|
|
}
|
|
*/
|
|
|
|
|