changeset 8: |
9d962d355197 |
parent: |
0c85895d4e27
|
author: |
Richard Westhaver <ellis@rwest.io> |
date: |
Tue, 20 Aug 2024 21:19:10 -0400 |
permissions: |
-rw-r--r-- |
description: |
addy caddy service unit |
2 # This is a sample configuration file for the ngIRCd IRC daemon, which must 3 # be customized to the local preferences and needs. 5 # Comments are started with "#" or ";". 7 # A lot of configuration options in this file start with a ";". You have 8 # to remove the ";" in front of each variable to actually set a value! 9 # The disabled variables are shown with example values for completeness only 10 # and the daemon is using compiled-in default settings. 12 # Use "ngircd --configtest" (see manual page ngircd(8)) to validate that the 13 # server interprets the configuration file as expected! 15 # Please see ngircd.conf(5) for a complete list of configuration options 16 # and their descriptions. 20 # The [Global] section of this file is used to define the main 21 # configuration of the server, like the server name and the ports 22 # on which the server should be listening. 23 # These settings depend on your personal preferences, so you should 24 # make sure that they correspond to your installation and setup! 26 # Server name in the IRC network, must contain at least one dot 27 # (".") and be unique in the IRC network. When not set, ngIRCd tries 28 # to deduce a valid IRC server name from the local host name. 29 ;Name = irc.example.net 31 # Information about the server and the administrator, used by the 32 # ADMIN command. Not required by server but by RFC! 33 ;AdminInfo1 = Description 34 ;AdminInfo2 = Location 35 ;AdminEMail = admin@irc.server 37 # Text file which contains the ngIRCd help text. This file is required 38 # to display help texts when using the "HELP <cmd>" command. Default: a 39 # built-in standard path (check "ngircd --configtest"). 40 ;HelpFile = /usr/local/share/doc/ngircd/Commands.txt 42 # Info text of the server. This will be shown by WHOIS and 43 # LINKS requests for example. Set to the server software name and 45 ;Info = Server Info Text 47 # Comma separated list of IP addresses on which the server should 48 # listen. Default values are: 49 # "0.0.0.0" or (if compiled with IPv6 support) "::,0.0.0.0" 50 # so the server listens on all IP addresses of the system by default. 51 ;Listen = 127.0.0.1,192.168.0.1 53 # Text file with the "message of the day" (MOTD). This message will 54 # be shown to all users connecting to the server: Default: a built-in 55 # standard path (check "ngircd --configtest"). 56 ;MotdFile = /usr/local/etc/ngircd.motd 58 # A simple Phrase (<127 chars) if you don't want to use a motd file. 59 ;MotdPhrase = "Hello world!" 61 # The name of the IRC network to which this server belongs. This name 62 # is optional, should only contain ASCII characters, and can't contain 63 # spaces. It is only used to inform clients. The default is empty, 64 # so no network name is announced to clients. 65 ;Network = aIRCnetwork 67 # Global password for all users needed to connect to the server. 71 # This tells ngIRCd to write its current process ID to a file. 72 # Note that the pidfile is written AFTER chroot and switching the 73 # user ID, e.g. the directory the pidfile resides in must be 74 # writable by the ngIRCd user and exist in the chroot directory. 75 ;PidFile = /var/run/ngircd/ngircd.pid 77 # Ports on which the server should listen. There may be more than 78 # one port, separated with ",". (Default: 6667) 79 ;Ports = 6667, 6668, 6669 81 # Group ID under which the ngIRCd should run; you can use the name 82 # of the group or the numerical ID. ATTENTION: For this to work the 83 # server must have been started with root privileges! 86 # User ID under which the server should run; you can use the name 87 # of the user or the numerical ID. ATTENTION: For this to work the 88 # server must have been started with root privileges! In addition, 89 # the configuration and MOTD files must be readable by this user, 90 # otherwise RESTART and REHASH won't work! 94 # Define some limits and timeouts for this ngIRCd instance. Default 95 # values should be safe, but it is wise to double-check :-) 97 # The server tries every <ConnectRetry> seconds to establish a link 98 # to not yet (or no longer) connected servers. 101 # Number of seconds after which the whole daemon should shutdown when 102 # no connections are left active after handling at least one client 103 # (0: never, which is the default). 104 # This can be useful for testing or when ngIRCd is started using 105 # "socket activation" with systemd(8), for example. 108 # Maximum number of simultaneous in- and outbound connections the 109 # server is allowed to accept (0: unlimited): 112 # Maximum number of simultaneous connections from a single IP address 113 # the server will accept (0: unlimited): 114 ;MaxConnectionsIP = 5 116 # Maximum number of channels a user can be member of (0: no limit): 119 # Maximum length of an user nickname (Default: 9, as in RFC 2812). 120 # Please note that all servers in an IRC network MUST use the same 121 # maximum nickname length! 124 # Maximum penalty time increase in seconds, per penalty event. Set to -1 125 # for no limit (the default), 0 to disable penalties altogether. The 126 # daemon doesn't use penalty increases higher than 2 seconds during 127 # normal operation, so values greater than 1 rarely make sense. 130 # Maximum number of channels returned in response to a /list 131 # command (0: unlimited): 134 # After <PingTimeout> seconds of inactivity the server will send a 135 # PING to the peer to test whether it is alive or not. 138 # If a client fails to answer a PING with a PONG within <PongTimeout> 139 # seconds, it will be disconnected by the server. 143 # Optional features and configuration options to further tweak the 144 # behavior of ngIRCd. If you want to get started quickly, you most 145 # probably don't have to make changes here -- they are all optional. 147 # List of allowed channel types (channel prefixes) for newly created 148 # channels on the local server. By default, all supported channel 149 # types are allowed. Set this variable to the empty string to disallow 150 # creation of new channels by local clients at all. 151 ;AllowedChannelTypes = #&+ 153 # Are remote IRC operators allowed to control this server, e.g. 154 # use commands like CONNECT, SQUIT, DIE, ...? 155 ;AllowRemoteOper = no 157 # A directory to chroot in when everything is initialized. It 158 # doesn't need to be populated if ngIRCd is compiled as a static 159 # binary. By default ngIRCd won't use the chroot() feature. 160 # ATTENTION: For this to work the server must have been started 161 # with root privileges! 162 ;ChrootDir = /var/empty 164 # Set this hostname for every client instead of the real one. 165 # Use %x to add the hashed value of the original hostname. 166 ;CloakHost = cloaked.host 168 # Use this hostname for hostname cloaking on clients that have the 169 # user mode "+x" set, instead of the name of the server. 170 # Use %x to add the hashed value of the original hostname. 171 ;CloakHostModeX = cloaked.user 173 # The Salt for cloaked hostname hashing. When undefined a random 174 # hash is generated after each server start. 175 ;CloakHostSalt = abcdefghijklmnopqrstuvwxyz 177 # Set every clients' user name to their nickname 178 ;CloakUserToNick = yes 180 # Try to connect to other IRC servers using IPv4 and IPv6, if possible. 184 # Default user mode(s) to set on new local clients. Please note that 185 # only modes can be set that the client could set using regular MODE 186 # commands, you can't set "a" (away) for example! Default: none. 187 ;DefaultUserModes = i 189 # Do DNS lookups when a client connects to the server. 192 # Do IDENT lookups if ngIRCd has been compiled with support for it. 193 # Users identified using IDENT are registered without the "~" character 194 # prepended to their user name. 197 # Directory containing configuration snippets (*.conf), that should 198 # be read in after parsing this configuration file. 199 # Default: a built-in directory name when no configuration file was 200 # explicitly given on the command line (check "ngircd --configtest"), 201 # none (empty) otherwise. 202 ;IncludeDir = /usr/local/etc/conf.d 204 # Enhance user privacy slightly (useful for IRC server on TOR or I2P) 205 # by censoring some information like idle time, logon time, etc. 208 # Normally ngIRCd doesn't send any messages to a client until it is 209 # registered. Enable this option to let the daemon send "NOTICE *" 210 # messages to clients while connecting. 211 ;NoticeBeforeRegistration = no 213 # Should IRC Operators be allowed to use the MODE command even if 214 # they are not(!) channel-operators? 217 # Should IRC Operators get AutoOp (+o) in persistent (+P) channels? 218 ;OperChanPAutoOp = yes 220 # Mask IRC Operator mode requests as if they were coming from the 221 # server? (This is a compatibility hack for ircd-irc2 servers) 224 # Use PAM if ngIRCd has been compiled with support for it. 225 # Users identified using PAM are registered without the "~" character 226 # prepended to their user name. 229 # When PAM is enabled, all clients are required to be authenticated 230 # using PAM; connecting to the server without successful PAM 231 # authentication isn't possible. 232 # If this option is set, clients not sending a password are still 233 # allowed to connect: they won't become "identified" and keep the "~" 234 # character prepended to their supplied user name. 235 # Please note: To make some use of this behavior, it most probably 236 # isn't useful to enable "Ident", "PAM" and "PAMIsOptional" at the 237 # same time, because you wouldn't be able to distinguish between 238 # Ident'ified and PAM-authenticated users: both don't have a "~" 239 # character prepended to their respective user names! 242 # When PAM is enabled, this value determines the used PAM 244 # This setting allows to run multiple ngIRCd instances with 245 # different PAM configurations on each instance. 246 # If you set it to "ngircd-foo", PAM will use 247 # /etc/pam.d/ngircd-foo instead of the default 249 ;PAMServiceName = ngircd 251 # Let ngIRCd send an "authentication PING" when a new client connects, 252 # and register this client only after receiving the corresponding 254 ;RequireAuthPing = no 256 # Silently drop all incoming CTCP requests. 259 # Syslog "facility" to which ngIRCd should send log messages. 260 # Possible values are system dependent, but most probably auth, daemon, 261 # user and local1 through local7 are possible values; see syslog(3). 262 # Default is "local5" for historical reasons, you probably want to 263 # change this to "daemon", for example. 264 ;SyslogFacility = local1 266 # Password required for using the WEBIRC command used by some 267 # Web-to-IRC gateways. If not set/empty, the WEBIRC command can't 268 # be used. (Default: not set) 269 ;WebircPassword = xyz 272 # SSL-related configuration options. Please note that this section 273 # is only available when ngIRCd is compiled with support for SSL! 274 # So don't forget to remove the ";" above if this is the case ... 276 # SSL Trusted CA Certificates File for verifying peer certificates. 277 # (Default: not set; so no certificates are trusted) 278 ;CAFile = /etc/ssl/CA/cacert.pem 280 # Certificate Revocation File (for marking otherwise valid 281 # certficates as invalid) 282 ;CRLFile = /etc/ssl/CA/crl.pem 284 # SSL Server Key Certificate 285 ;CertFile = /usr/local/etc/ssl/server-cert.pem 287 # Select cipher suites allowed for SSL/TLS connections. This defaults 288 # to HIGH:!aNULL:@STRENGTH (OpenSSL) or SECURE128 (GnuTLS). 289 # See 'man 1ssl ciphers' (OpenSSL) or 'man 3 gnutls_priority_init' 290 # (GnuTLS) for details. 292 ;CipherList = HIGH:!aNULL:@STRENGTH:!SSLv3 294 ;CipherList = SECURE128:-VERS-SSL3.0 296 # Diffie-Hellman parameters 297 ;DHFile = /usr/local/etc/ssl/dhparams.pem 300 ;KeyFile = /usr/local/etc/ssl/server-key.pem 302 # password to decrypt SSLKeyFile (OpenSSL only) 303 ;KeyFilePassword = secret 305 # Additional Listen Ports that expect SSL/TLS encrypted connections 309 # [Operator] sections are used to define IRC Operators. There may be 310 # more than one [Operator] block, one for each local operator. 312 # ID of the operator (may be different of the nickname) 315 # Password of the IRC operator 318 # Optional Mask from which /OPER will be accepted 319 ;Mask = *!ident@somewhere.example.com 322 # More [Operator] sections, if you like ... 325 # Other servers are configured in [Server] sections. If you 326 # configure a port for the connection, then this ngircd tries to 327 # connect to the other server on the given port; if not it waits 328 # for the other server to connect. 329 # There may be more than one server block, one for each server. 332 # The ngIRCd allows "server groups": You can assign an "ID" to every 333 # server with which you want this ngIRCd to link. If a server of a 334 # group won't answer, the ngIRCd tries to connect to the next server 335 # in the given group. But the ngircd never tries to connect to two 336 # servers with the same group ID. 338 # IRC name of the remote server, must match the "Name" variable in 339 # the [Global] section of the other server (when using ngIRCd). 340 ;Name = irc2.example.net 342 # Internet host name or IP address of the peer (only required when 343 # this server should establish the connection). 344 ;Host = connect-to-host.example.net 346 # IP address to use as _source_ address for the connection. if 347 # unspecified, ngircd will let the operating system pick an address. 350 # Port of the server to which the ngIRCd should connect. If you 351 # assign no port the ngIRCd waits for incoming connections. 354 # Own password for the connection. This password has to be configured 355 # as "PeerPassword" on the other server. 356 ;MyPassword = MySecret 358 # Foreign password for this connection. This password has to be 359 # configured as "MyPassword" on the other server. 360 ;PeerPassword = PeerSecret 362 # Group of this server (optional) 365 # Set the "Passive" option to "yes" if you don't want this ngIRCd to 366 # connect to the configured peer (same as leaving the "Port" variable 367 # empty). The advantage of this option is that you can actually 368 # configure a port an use the IRC command CONNECT more easily to 369 # manually connect this specific server later. 372 # Connect to the remote server using TLS/SSL (Default: false) 375 # Verify the TLS certificate presented by the remote server 379 # Define a (case insensitive) list of masks matching nicknames that 380 # should be treated as IRC services when introduced via this remote 381 # server, separated by commas (","). 382 # REGULAR SERVERS DON'T NEED this parameter, so leave it empty 383 # (which is the default). 384 # When you are connecting IRC services which mask as a IRC server 385 # and which use "virtual users" to communicate with, for example 386 # "NickServ" and "ChanServ", you should set this parameter to 387 # something like "*Serv" or "NickServ,ChanServ,XyzServ". 388 ;ServiceMask = *Serv,Global 391 # More [Server] sections, if you like ... 394 # Pre-defined channels can be configured in [Channel] sections. 395 # Such channels are created by the server when starting up and even 396 # persist when there are no more members left. 397 # Persistent channels are marked with the mode 'P', which can be set 398 # and unset by IRC operators like other modes on the fly. 399 # There may be more than one [Channel] block, one for each channel. 401 # Name of the channel 404 # Topic for this channel 405 ;Topic = a great topic 407 # Initial channel modes, as used in "MODE" commands. Modifying lists 408 # (ban list, invite list, exception list) is supported. 409 # This option can be specified multiple times, evaluated top to bottom. 410 ;Modes = +tnk mykey +l 5 411 ;Modes = +b nick!~user@bad.host.example.com 413 # Should ngIRCd automatically join ("autojoin") all users to this 414 # channel on connect? Note: The users must have permissions to access 415 # the channel, otherwise joining them will fail! 418 # Key file, syntax for each line: "<user>:<nick>:<key>". 420 ;KeyFile = /usr/local/etc/#chan.key 423 # More [Channel] sections, if you like ...