]>
Commit | Line | Data |
---|---|---|
1 | // services configuration file (example) | |
2 | /* It allows two kinds of comments. Whitespaces between tokens are | |
3 | * ignored. All strings (even if they're just numbers) MUST be | |
4 | * enclosed in double quotes. There must be a semicolon after every | |
5 | * key/value pair. | |
6 | */ | |
7 | ||
8 | // The "uplinks" section describes what servers we can possibly link | |
9 | // to. Each subsection describes one server. | |
10 | "uplinks" { | |
11 | "private-network" { | |
12 | // IP address and port the server listens on | |
13 | "address" "10.0.0.3"; | |
14 | "port" "6660"; | |
15 | // What password should we send when we connect? | |
16 | "password" "passwordtoconnect"; | |
17 | // What password should we require our peer to send? | |
18 | // (If it is blank, we do not require a specific password.) | |
19 | "their_password" "passwordtorequire"; | |
20 | "enabled" "1"; | |
21 | // How many times should we try to connect before giving up? | |
22 | "max_tries" "3"; | |
23 | // What IP should we bind to? | |
24 | // If you do not specify bind_address, the default is used. | |
25 | // "bind_address" "192.168.0.10"; // use this ip to link | |
26 | }; | |
27 | ||
28 | /* unused-uplink is just an example to show you how you can | |
29 | * define more than one uplink (and how you can disable one or | |
30 | * more of them.) */ | |
31 | "unused-uplink" { | |
32 | "address" "10.0.0.4"; | |
33 | "port" "6660"; | |
34 | "password" "passwordtoconnect"; | |
35 | "their_password" "passwordtorequire"; | |
36 | // If "enabled" is 0, we will not try to use this uplink. | |
37 | "enabled" "0"; | |
38 | "max_tries" "3"; | |
39 | }; | |
40 | }; | |
41 | ||
42 | // The "services" section configures the services that make up srvx. | |
43 | "services" { | |
44 | "nickserv" { | |
45 | "nick" "NickServ"; | |
46 | // What user modes do you want this service to have? Please keep in | |
47 | // mind which ircd software you are using here, and that all of the | |
48 | // services need to be at least +o. | |
49 | // "modes" "+iok"; | |
50 | // If you want to by have *@* as the default hostmask for all | |
51 | // new accounts, set default_hostmask. This is discouraged | |
52 | // for security reasons. | |
53 | // "default_hostmask" "1"; | |
54 | // do we warn users when someone new auths to their account? | |
55 | "warn_clone_auth" "1"; | |
56 | // what is the default maxlogins value? | |
57 | "default_maxlogins" "2"; | |
58 | // what is the absolute maxlogins value? | |
59 | "hard_maxlogins" "10"; | |
60 | // This names a file that contains easily guessed passwords. | |
61 | // It always contains "password", "<password>" and the user's | |
62 | // account name. | |
63 | "dict_file" "/usr/share/dict/words"; | |
64 | // Minimum number of various types of characters permitted in | |
65 | // a password. | |
66 | "password_min_length" "4"; | |
67 | "password_min_digits" "1"; | |
68 | "password_min_upper" "0"; | |
69 | "password_min_lower" "0"; | |
70 | // What should valid account and nicks look like? | |
71 | // If valid_nick_regex is omitted, valid_account_regex is used | |
72 | // for both nicks and accounts. | |
73 | // These look funny because "[][-]" is the only way to write the | |
74 | // character class containing the characters ']', '[' and '-'. | |
75 | "valid_account_regex" "^[][_a-z^`'{}|-][][_a-z0-9^`'{}|-]*$"; | |
76 | "valid_nick_regex" "^[-_a-z][-_a-z0-9]*$"; | |
77 | ||
78 | // Should nick ownership be disabled? | |
79 | "disable_nicks" "0"; | |
80 | // One account may only own this many nicks. | |
81 | "nicks_per_account" "4"; | |
82 | // Send a warning when someone uses a registered nick? | |
83 | "warn_nick_owned" "0"; | |
84 | // What to do when someone uses the NickServ "reclaim" command? | |
85 | // This can be one of "none", "warn", "svsnick", or "kill", but | |
86 | // stock ircu does not support svsnick -- you need Bahamut or a | |
87 | // patch for ircu. no, don't ask srvx developers for the patch. | |
88 | "reclaim_action" "none"; | |
89 | // What (else) to do when someone uses a registered nick? | |
90 | // This can be anything "reclaim_action" can be, but it makes | |
91 | // more sense to use the "warn_nick_owned" instead of "warn". | |
92 | "auto_reclaim_action" "none"; | |
93 | // How long to wait before doing the auto_reclaim_action? | |
94 | // This is ignored if "auto_reclaim_action" is "none". | |
95 | "auto_reclaim_delay" "0"; | |
96 | ||
97 | // access control for who can change account flags | |
98 | "flag_levels" { | |
99 | "g" "800"; | |
100 | "lc_h" "800"; // specifically lower case h | |
101 | "uc_H" "800"; // .. and upper case H | |
102 | "S" "999"; | |
103 | "b" "1"; | |
104 | }; | |
105 | // and for who can change epithets for staff | |
106 | "set_epithet_level" "800"; | |
107 | // what opserv access level do you need to set somebody else's level? | |
108 | "modoper_level" "850"; | |
109 | ||
110 | // how often should accounts be expired? | |
111 | "account_expire_freq" "1d"; | |
112 | // how long until an account with access to any channel(s) expires? | |
113 | "account_expire_delay" "35d"; | |
114 | // how long until an account with no access to any channels expires? | |
115 | "nochan_account_expire_delay" "14d"; | |
116 | /* "require_qualified" has been removed. It is now | |
117 | * integrated into the modcmd command authorization | |
118 | * and dispatch mechanism. "/msg OpServ help modcmd" | |
119 | * for details. | |
120 | */ | |
121 | // If somebody keeps guessing passwords incorrectly, do we gag them? | |
122 | "autogag_enabled" "1"; | |
123 | "autogag_duration" "30m"; | |
124 | "auth_policer" { | |
125 | "size" "5"; | |
126 | "drain-rate" "0.05"; | |
127 | }; | |
128 | // How to integrate with email cookies? | |
129 | "email_enabled" "0"; // if set, /mail/enable MUST be set too | |
130 | "email_required" "0"; // ignored unless email_enabled is non-zero | |
131 | "cookie_timeout" "1d"; // how long before we expire cookies? | |
132 | "accounts_per_email" "1"; // you may want to increase this; or not | |
133 | "email_search_level" "600"; // minimum OpServ level to search based on email address | |
134 | "email_visible_level" "800"; // minimum OpServ level to see somebody's email address | |
135 | "sync_log" "1"; // Output password and email changes, plus registration to sync.log | |
136 | }; | |
137 | ||
138 | "opserv" { | |
139 | "nick" "OpServ"; | |
140 | // What user modes do you want this service to have? Please keep in | |
141 | // mind which ircd software you are using here, and that all of the | |
142 | // services need to be at least +o. | |
143 | // "modes" "+iok"; | |
144 | // should use of this service be limited to global opers? | |
145 | "privileged" "1"; | |
146 | // fullname for service | |
147 | "description" "Oper Service Bot"; | |
148 | // hostname for service; only used if "description" is also set | |
149 | "hostname" "dances-all-night-with.srvx.net"; | |
150 | // what channel should opserv send debug output to? | |
151 | "debug_channel" "#opserv"; | |
152 | "debug_channel_modes" "+tinms"; | |
153 | // where to send general alerts (e.g. flood alerts)? | |
154 | "alert_channel" "#ircops"; | |
155 | "alert_channel_modes" "+tns"; | |
156 | // who to tell about staff auths? | |
157 | "staff_auth_channel" "#opserv"; | |
158 | "staff_auth_channel_modes" "+tinms"; | |
159 | // how many clones to allow from an untrusted host? | |
160 | "untrusted_max" "4"; | |
161 | // how long of a g-line should be issued if the max hosts is exceeded? | |
162 | "clone_gline_duration" "1h"; | |
163 | // how long to g-line for ?block (or, by default, for ?trace gline)? | |
164 | "block_gline_duration" "1h"; | |
165 | // how long to keep an illegal channel locked down (seconds)? | |
166 | "purge_lock_delay" "60"; | |
167 | // channel join flood policer params? | |
168 | "join_policer" { | |
169 | "size" "20"; | |
170 | "drain-rate" "1"; | |
171 | }; | |
172 | // automatically moderate join flooded channels? | |
173 | "join_flood_moderate" "1"; | |
174 | // Don't moderate and warn channels unless there are more than | |
175 | // join_flood_moderate_threshold users in the channel. the | |
176 | // value 0 will disable the threshold. | |
177 | "join_flood_moderate_threshold" "50"; | |
178 | // new user flood policer params | |
179 | "new_user_policer" { | |
180 | "size" "200"; | |
181 | "drain-rate" "3"; | |
182 | }; | |
183 | }; | |
184 | ||
185 | "chanserv" { | |
186 | // You may disable a service by removing its "nick" config item. | |
187 | // That means: SERVICES WILL ONLY WORK IF YOU DEFINE THEIR NICK. | |
188 | // (This is changed relative srvx-1.0.x, which would use default | |
189 | // unless you specified ".disabled".) | |
190 | "nick" "ChanServ"; | |
191 | // What user modes do you want this service to have? Please keep in | |
192 | // mind which ircd software you are using here, and that all of the | |
193 | // services need to be at least +o. | |
194 | // "modes" "+iok"; | |
195 | // Does your ircd have off-channel services support? Does it have | |
196 | // a registered channel mode? Does it support services opping themselves? | |
197 | // Bahamut has these things; ircu2.10.11 does not. | |
198 | // This setting takes three numerical values: | |
199 | // 0 = off | |
200 | // 1 = use a registered channel mode, have services op themselves | |
201 | // 2 = all of the above, and a channel setting to have ChanServ not | |
202 | // idle in the channel | |
203 | "off_channel" "0"; | |
204 | // how long should a person be unseen before resending infoline? | |
205 | "info_delay" "120"; | |
206 | // maximum greeting length | |
207 | "max_greetlen" "200"; | |
208 | // maximum users in a channel userlist | |
209 | "max_chan_users" "512"; | |
210 | // maximum bans on a channel banlist | |
211 | "max_chan_bans" "512"; | |
212 | // maximum length of a user's infoline | |
213 | "max_userinfo_length" "400"; | |
214 | // If DynLimit is on and there are N users in the channel, ChanServ will | |
215 | // try to keep the limit at N+<adjust_threshold>. | |
216 | "adjust_threshold" "15"; | |
217 | // .. but ChanServ will only increment or decrement the limit this often. | |
218 | "adjust_delay" "30"; | |
219 | // How often to look for channels that have expired? | |
220 | "chan_expire_freq" "3d"; | |
221 | // How long is a channel unvisited (by masters or above) before it can be expired? | |
222 | "chan_expire_delay" "30d"; | |
223 | // what !set options should we show when user calls "!set" with no arguments? | |
224 | "set_shows" ("DefaultTopic", "TopicMask", "Greeting", "UserGreeting", "Modes", "PubCmd", "InviteMe", "UserInfo", "GiveVoice", "GiveOps", "EnfOps", "EnfModes", "EnfTopic", "TopicSnarf", "Setters", "CtcpUser", "CtcpReaction", "Protect", "Toys", "DynLimit", "NoDelete"); | |
225 | ||
226 | // A list of !8ball responses | |
227 | "8ball" ("Not a chance.", | |
228 | "In your dreams.", | |
229 | "Absolutely!", | |
230 | "Could be, could be."); | |
231 | // channel(s) that support helpers must be in to be helping | |
232 | // if this is a list, any one by itself will do | |
233 | "support_channel" ("#support", "#registration"); | |
234 | // maximum number of channels owned by one account before FORCE is required | |
235 | "max_owned" "5"; | |
236 | // how long between automatic topic refreshes with TopicRefresh 0 | |
237 | "refresh_period" "3h"; | |
238 | // what should !access say for various staff? | |
239 | "irc_operator_epithet" "a megalomaniacal power hungry tyrant"; | |
240 | "network_helper_epithet" "a wannabe tyrant"; | |
241 | "support_helper_epithet" "a wannabe tyrant"; | |
242 | // what should a newly registered channel get as its modes? | |
243 | "default_modes" "+nt"; | |
244 | // minimum opserv access to set, clear or override nodelete setting? | |
245 | "nodelete_level" "1"; | |
246 | // how long before a new channel owner can give ownership away? | |
247 | "giveownership_timeout" "1w"; | |
248 | }; | |
249 | ||
250 | "global" { | |
251 | "nick" "Global"; | |
252 | // What user modes do you want this service to have? Please keep in | |
253 | // mind which ircd software you are using here, and that all of the | |
254 | // services need to be at least +o. | |
255 | // "modes" "+iok"; | |
256 | // should users get community announcements by default or not? | |
257 | "announcements_default" "on"; | |
258 | }; | |
259 | }; | |
260 | ||
261 | // The modules section gives configuration information to optional modules. | |
262 | "modules" { | |
263 | "helpserv" { | |
264 | // The description/fullname field | |
265 | "description" "Help Queue Manager"; | |
266 | // HelpServ bots log all of their requests to this file, with | |
267 | // details on when they were opened, closed, their contents, | |
268 | // helper, etc. The file is written in saxdb format for easy | |
269 | // parsing by external programs. Please note that you cannot | |
270 | // use ?set to change this value while srvx is running. | |
271 | "reqlogfile" "helpservreq.log"; | |
272 | // How long should a helpserv be inactive (no requests assigned) | |
273 | // before it can be unregistered by the expire command? | |
274 | "expiration" "60d"; | |
275 | }; | |
276 | "sockcheck" { | |
277 | "max_sockets" "64"; // allow 64 concurrent clients to be checked | |
278 | "max_read" "1024"; // don't read more than 1024 bytes from any client | |
279 | "gline_duration" "1h"; // issue G-lines lasting one hour | |
280 | "max_cache_age" "60"; // only cache results for 60 seconds | |
281 | // "address" "192.168.0.10"; // do proxy tests from this address | |
282 | }; | |
283 | "snoop" { | |
284 | // Where to send snoop messages? | |
285 | "channel" "#wherever"; | |
286 | // Which bot? | |
287 | "bot" "OpServ"; | |
288 | // Show new users and joins from net joins? (off by default) | |
289 | "show_bursts" "0"; | |
290 | }; | |
291 | "memoserv" { | |
292 | "bot" "NickServ"; | |
293 | "message_expiry" "30d"; // age when messages are deleted; set | |
294 | // to 0 to disable message expiration | |
295 | }; | |
296 | }; | |
297 | ||
298 | "policers" { | |
299 | "commands-luser" { | |
300 | "size" "5"; | |
301 | "drain-rate" "0.5"; | |
302 | }; | |
303 | }; | |
304 | ||
305 | "rlimits" { | |
306 | "data" "50M"; | |
307 | "stack" "6M"; | |
308 | "vmem" "100M"; | |
309 | }; | |
310 | ||
311 | "server" { | |
312 | "hostname" "localhost.domain"; | |
313 | "description" "Network Services"; | |
314 | "network" "GenericNET"; | |
315 | "hidden_host" "users.Generic.NET"; // set this if you enabled ircd/Undernet's +x mode | |
316 | /* hidden_host should match the F:HIDDEN_HOST: line in your ircu's ircd.conf; | |
317 | * srvx does not set the host suffix for users, but must know it when making | |
318 | * things like bans, where it should not show the user's real hostname. */ | |
319 | "numeric" "10"; // hint: If you get collisions on link, CHANGE THIS. | |
320 | "max_users" "256"; // You can save a little memory by setting this to a lower value. | |
321 | "force_n2k" "1"; // Use extended (5-digit) numnick for self, even if 3 are possible. | |
322 | "ping_freq" "60"; | |
323 | "ping_timeout" "90"; | |
324 | "max_cycles" "30"; // max uplink cycles before giving up | |
325 | // Admin information is traditionally: location, location, email | |
326 | "admin" ("IRC Network", "Gotham City, GO", "Mr Commissioner <james.gordon@police.gov>"); | |
327 | /* the following two settings are for ircu's HEAD_IN_SAND features, and are equivelent to | |
328 | * the F: lines in ircu's ircd.conf. both can be disabled by commenting them out. */ | |
329 | "his_servername" "*.Generic.NET"; // hidden server name, shown in remote /whois requests | |
330 | "his_servercomment" "The Generic, Boring IRC Network"; | |
331 | }; | |
332 | ||
333 | // controlling how services (mostly NickServ) send mail | |
334 | "mail" { | |
335 | // These options are the defaults. | |
336 | "enable" "0"; | |
337 | "mailer" "/usr/sbin/sendmail"; | |
338 | "from_address" "admin@poorly.configured.server"; | |
339 | // These are not :> | |
340 | "extra_headers" ("X-Ereet-Services: srvx r reet"); | |
341 | "body_prefix_first" ("Welcome to our network. This prefix is used whenever srvx thinks this may be the first time we send email to your address."); | |
342 | "body_prefix" ("This goes before the mail text.", "Each string here is treated as a separate \"paragraph\" for line wrapping."); | |
343 | "body_suffix_first" ("We care a lot about spam. If you did not request this email, bitch and moan loudly at our opers, and tell our ISP to gank our connection."); | |
344 | "body_suffix" ("PLEASE DO NOT BE ALARMED. CALMLY BOARD THE AIRCRAFT, STRAP YOUR ARMS ACROSS YOUR BODY, AND JUMP THE HELL OUT OF THE PLANE.", "Yaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaatta!"); | |
345 | }; | |
346 | ||
347 | // New section in srvx-1.2 to control database locations, etc. | |
348 | // If you leave this section out, each database will be in its own file, | |
349 | // and they will be written out every half hour. | |
350 | "dbs" { | |
351 | // This just illustrates how you can jam every database into one huge ("mondo") file. | |
352 | "ChanServ" { "mondo_section" "ChanServ"; }; | |
353 | "gline" { "mondo_section" "gline"; }; | |
354 | "Global" { "mondo_section" "Global"; }; | |
355 | "HelpServ" { "mondo_section" "HelpServ"; }; | |
356 | "modcmd" { "mondo_section" "modcmd"; }; | |
357 | "NickServ" { "mondo_section" "NickServ"; }; | |
358 | "OpServ" { "mondo_section" "OpServ"; }; | |
359 | "sendmail" { "mondo_section" "sendmail"; }; | |
360 | ||
361 | // These are the options if you want a database to be in its own file. | |
362 | "mondo" { | |
363 | // Where to put it? | |
364 | "filename" "srvx.db"; | |
365 | // How often should it be saved? | |
366 | // (You can disable automatic saves by setting this to 0.) | |
367 | "frequency" "30m"; | |
368 | }; | |
369 | }; | |
370 | ||
371 | // New section in srvx-1.2 to control log destinations. | |
372 | // If you leave this section out, each service (technically, each log | |
373 | // facility) will be in its own file, just like before. | |
374 | "logs" { | |
375 | // Two kinds of items exist in this section. | |
376 | ||
377 | // One is a facility configuration subsection. These have the | |
378 | // name of a log facility (one of "ChanServ", "Global", | |
379 | // "HelpServ", "NickServ", "OpServ", "ProxyCheck", or "srvx") and | |
380 | // the value is a subsection. The "srvx" log facility is a | |
381 | // catch-all/fall-back facility. | |
382 | "srvx" { | |
383 | // The "max_age" option says how long to keep log audit entries. | |
384 | "max_age" "10m"; | |
385 | // The "max_count" option says how many log audit entries to keep. | |
386 | "max_count" "1024"; | |
387 | // Audit (command tracking) entries are discarded if they exceed | |
388 | // either limit: for example, if entry 500 is 10 minutes old, it | |
389 | // will be discarded next time any audit command is logged. | |
390 | }; | |
391 | ||
392 | // The other kind of item is a target list. The name of each is a | |
393 | // description of facility-and-severity combinations, and the value | |
394 | // is a string (or list of strings) that describe where matching | |
395 | // events should be logged. As a special case, the facility * will | |
396 | // specify how to log events regardless of their true facility, and | |
397 | // the severity * will match all severities for a facility. | |
398 | // Log targets use a psuedo-URI syntax: one of "file:filename", | |
399 | // "std:[out|err|n]" where n is a valid file descriptor, or | |
400 | // "irc:#channel" (nicknames or server masks can be used instead | |
401 | // of channel names, but should be used with care). | |
402 | // The severity is one of "replay", "debug", "command", "info", | |
403 | // "override", "staff", "warning", "error", or "fatal". | |
404 | // WARNING: If any severity except "replay" for a facility is left | |
405 | // unspecified, it will use the default target (for example, | |
406 | // "file:chanserv.log"). For "replay" severity, you must ALWAYS | |
407 | // list a target to log it -- this is because it is very rarely | |
408 | // useful. | |
409 | "*.*" ("std:out", "file:everything.log"); // does NOT suppress any defaults | |
410 | "*.override,staff" "irc:#big-brother"; // report all uses of staff commands | |
411 | "ChanServ.*" "file:chanserv.log"; // duplicates the default behavior | |
412 | "ProxyCheck.*" (); // stop it from logging anything | |
413 | }; |