]>
Commit | Line | Data |
---|---|---|
d1b8e200 | 1 | newserv Modules |
005396ab | 2 | =============== |
d1b8e200 GB |
3 | |
4 | This is a brief overview of the newserv modules. | |
5 | ||
6 | core | |
005396ab | 7 | ---- |
d1b8e200 GB |
8 | |
9 | This is not actually a module. Instead, this is the code of the "newserv" binary | |
10 | which provides minimal support for loading modules. | |
11 | ||
12 | authext, bans, chanindex, channel, irc, nick, server | |
005396ab | 13 | ---------------------------------------------------- |
d1b8e200 GB |
14 | |
15 | These modules provide basic support for accounts, channels, nicks and server | |
16 | connections. Virtually all other modules depend on at least some of these | |
17 | modules. | |
18 | ||
19 | localuser | |
005396ab | 20 | --------- |
d1b8e200 GB |
21 | |
22 | Implements functionality for creating local users that are "connected" to the | |
23 | newserv instance. | |
24 | ||
25 | control | |
005396ab | 26 | ------- |
d1b8e200 GB |
27 | |
28 | Spawns the control user for your newserv instance. The control user provides | |
29 | an IRC-based interface for newserv commands, e.g. to manage loaded modules | |
30 | and modify user accounts. | |
31 | ||
32 | Other modules can register their own commands. | |
33 | ||
d1b8e200 GB |
34 | Configuration: |
35 | ||
36 | [control] | |
37 | nick=N3 | |
fb0b5a22 GB |
38 | #ident=control |
39 | #hostname=your.hostname.here | |
005396ab | 40 | #realname=newserv Control Service |
fb0b5a22 | 41 | #authname=C |
d1b8e200 | 42 | |
e7b7b171 | 43 | control_commands |
005396ab | 44 | ---------------- |
e7b7b171 GB |
45 | |
46 | Provides commonly-used oper commands. | |
47 | ||
48 | control_management | |
005396ab | 49 | ------------------ |
e7b7b171 GB |
50 | |
51 | Provides user management commands. | |
52 | ||
d1b8e200 | 53 | auth |
005396ab | 54 | ---- |
d1b8e200 GB |
55 | |
56 | Supports sending AC tokens. You should only use this module if you don't have | |
57 | some other form of authentication service on your network (such as Q). This | |
58 | module lets opers use arbitrary account names and IDs. | |
59 | ||
60 | chanfix | |
005396ab | 61 | ------- |
d1b8e200 | 62 | |
c6603960 P |
63 | Keeps track of channel ops and can be used to re-op opless channels. However, |
64 | since its chanfixing commands require oper, it should be paired with the request | |
65 | module, which provides REQUESTOP for users and uses chanfix internally. | |
d1b8e200 GB |
66 | |
67 | chanserv | |
005396ab | 68 | -------- |
d1b8e200 GB |
69 | |
70 | This is QuakeNet's channel service (Q). In order to load this module you will | |
71 | need also need to load the pqsql module. | |
72 | ||
c6603960 P |
73 | Configuration: |
74 | ||
75 | [chanserv] | |
76 | nick=Q | |
77 | user=TheQBot | |
78 | host=some.host | |
79 | realname=ChannelService | |
80 | account=Q | |
81 | secret= | |
82 | ticketsecret= | |
83 | createaccountsecret= | |
84 | ||
85 | secret can be an arbitrary string, at most 128 characters long. If not set, Q | |
86 | will generate a random one and not write it to the configuration. | |
87 | ||
88 | ticketsecret can be an arbitrary string, at most 256 characters long and must | |
89 | be set for ticket auth to work. Note that you must implement ticket auth | |
90 | yourself if you wish to use it. | |
91 | ||
92 | createaccountsecret must be a hex string of exact 128 characters (i.e. 64 bytes | |
93 | of hex-encoded data). | |
94 | ||
d1b8e200 | 95 | pqsql |
005396ab | 96 | ----- |
d1b8e200 GB |
97 | |
98 | Provides support for PostgreSQL database queries. | |
99 | ||
100 | Configuration: | |
101 | ||
102 | [pqsql] | |
103 | host=127.0.0.1 | |
104 | port=5432 | |
105 | username=gunnar | |
106 | password=changeme | |
c6603960 | 107 | #database=newserv |
d1b8e200 GB |
108 | |
109 | dbapi2 | |
005396ab | 110 | ------ |
d1b8e200 GB |
111 | |
112 | Implements database functionality used by some other modules. In addition to | |
113 | loading the dbapi2 module you will also need to load one of the database | |
114 | provider modules: sqlite-dbapi2 or pqsql-dbapi2 | |
115 | ||
116 | fakeusers | |
005396ab | 117 | --------- |
d1b8e200 GB |
118 | |
119 | Provides a way to spawn fake users. | |
120 | ||
121 | glines | |
005396ab | 122 | ------ |
d1b8e200 GB |
123 | |
124 | Implements gline commands and general gline functionality that is used by other | |
125 | modules. | |
126 | ||
fb0b5a22 | 127 | geoip |
005396ab | 128 | ----- |
fb0b5a22 GB |
129 | |
130 | Provides geo-location services for other modules. | |
131 | ||
132 | Configuration: | |
133 | ||
134 | [geoip] | |
135 | #db=GeoIP.dat | |
136 | ||
d1b8e200 | 137 | helpmod2 |
005396ab | 138 | -------- |
d1b8e200 GB |
139 | |
140 | This is QuakeNet's G service. It is primarily used on official support channels. | |
141 | ||
142 | invalidbans | |
005396ab | 143 | ----------- |
d1b8e200 GB |
144 | |
145 | This module automatically removes invalid IPv6 bans as these can desync channel | |
146 | modes on snircd 1.3.4a. | |
147 | ||
148 | jupe | |
005396ab | 149 | ---- |
d1b8e200 GB |
150 | |
151 | Provides commands to set, list and remove jupes. | |
152 | ||
153 | lua | |
005396ab | 154 | --- |
d1b8e200 GB |
155 | |
156 | Provides support for Lua scripts. For an example of a fairly complex script | |
157 | have a look at the labspace repository at http://hg.quakenet.org/lua-labspace/ | |
158 | ||
159 | Configuration: | |
160 | ||
161 | [lua] | |
c6603960 P |
162 | #botnick=U |
163 | #scriptsuffix=.lua | |
d1b8e200 GB |
164 | scriptdir=./luascripts |
165 | script=labspace | |
166 | ||
167 | Note: You will need to create the script directory in your newserv | |
168 | installation directory (e.g. "luascripts" in this example) and symlink the | |
169 | lua/lib directory into it. | |
170 | ||
171 | newsearch | |
005396ab | 172 | --------- |
d1b8e200 GB |
173 | |
174 | Provides functionality to search for nicks and channels based on certain | |
175 | criteria. | |
176 | ||
e7b7b171 | 177 | nickwatch |
005396ab | 178 | --------- |
e7b7b171 GB |
179 | |
180 | Implements event-based nicksearch queries. | |
181 | ||
c6603960 P |
182 | nterfacer |
183 | --------- | |
184 | ||
185 | Implements a protocol that allows external services to communicate with this | |
186 | newserv instance. | |
187 | ||
188 | You will need to implement your own client if you wish to use this. | |
189 | ||
190 | Configuration: | |
191 | ||
192 | [nterfacer] | |
193 | #debug=0 | |
194 | # listening port | |
195 | #port=2438 | |
196 | # Each individual permit/allowed client must have a hostname and password | |
197 | hostname=127.0.0.1 | |
198 | password=changeme | |
199 | ||
d1b8e200 | 200 | miscreply |
005396ab | 201 | --------- |
d1b8e200 GB |
202 | |
203 | Implements rping and various other status query commands. | |
204 | ||
fb0b5a22 GB |
205 | Configuration: |
206 | ||
207 | [miscreply] | |
208 | #admin1=Located at the Union Aerospace Corp. facility, Stroggos | |
209 | #admin2=Network IRC Service | |
210 | #admin3=No administrative info available | |
211 | ||
e7b7b171 | 212 | patrol |
005396ab | 213 | ------ |
e7b7b171 GB |
214 | |
215 | Implements functionality to spawn trojanscan swarm clones. | |
216 | ||
217 | Configuration: | |
218 | ||
219 | [patrol] | |
220 | #minpoolhosts=5000 | |
221 | ||
fb0b5a22 | 222 | patricia, patricianick, patriciasearch |
005396ab | 223 | -------------------------------------- |
fb0b5a22 GB |
224 | |
225 | Implements finding nicks based on CIDR prefixes. | |
226 | ||
d1b8e200 | 227 | proxyscan |
005396ab | 228 | --------- |
d1b8e200 GB |
229 | |
230 | Does on-connect proxy scans and glines open proxies. | |
231 | ||
c6603960 P |
232 | Configuration: |
233 | ||
234 | [proxyscan] | |
235 | # listen port | |
236 | port=9999 | |
237 | # bind IP | |
238 | ip=127.0.0.1 | |
239 | maxscans=200 | |
240 | rescaninterval=3600 | |
241 | nick=P | |
242 | user=proxyscan | |
243 | host=some.host | |
244 | realname=Proxyscan | |
245 | ||
d1b8e200 | 246 | request |
005396ab | 247 | ------- |
d1b8e200 | 248 | |
7e6b4e43 GB |
249 | This is QuakeNet's channel service request bot (R). |
250 | ||
251 | Configuration: | |
252 | ||
253 | [request] | |
254 | #nick=R | |
255 | #user=request | |
256 | #host=request.quakenet.org | |
257 | #real=Service Request v0.23 | |
258 | #snick=S | |
259 | #sserver=spamscan.quakenet.org | |
260 | #qnick=Q | |
261 | #qserver=cserve.quakenet.org | |
c6603960 P |
262 | #auth=R |
263 | #authid=1780711 | |
264 | # Auth to S | |
265 | #user=R | |
266 | #password=bla | |
d1b8e200 GB |
267 | |
268 | serverlist | |
005396ab | 269 | ---------- |
d1b8e200 GB |
270 | |
271 | Implements the serverlist command which shows various information about | |
272 | connected servers (including their network latency). | |
273 | ||
c6603960 P |
274 | Configuration: |
275 | ||
276 | [serverlist] | |
277 | q_server=CServe.quakenet.org | |
278 | s_server=services2.uk.quakenet.org | |
279 | service_re=^services\d*\..*$ | |
280 | hub_re=^hub\d*\..*$ | |
281 | not_client_re=^(testserv\d*\.).*$ | |
282 | ||
d1b8e200 | 283 | settime |
005396ab | 284 | ------- |
d1b8e200 GB |
285 | |
286 | Provides commands to set the network time. | |
287 | ||
288 | splitlist | |
005396ab | 289 | --------- |
d1b8e200 GB |
290 | |
291 | Keeps track of servers that were lost during a netsplit. This module is used | |
292 | by chanfix to determine when it shouldn't re-op users. | |
293 | ||
c6603960 P |
294 | ticketauth |
295 | ---------- | |
296 | ||
297 | Provides ticketauth, a way to authenticate to noperserv using a one-time | |
298 | ticket. It works similar to the ticket auth in chanserv. | |
299 | ||
300 | If you want to use ticketauth, you'll need to implement a method to issue | |
301 | tickets using the shared secret yourself. | |
302 | ||
303 | Configuration: | |
304 | ||
305 | [ticketauth] | |
306 | sharedsecret= | |
307 | ||
308 | sharedsecret is an arbitrary string of at most 512 characters. | |
309 | ||
d1b8e200 | 310 | trojanscan |
005396ab | 311 | ---------- |
d1b8e200 GB |
312 | |
313 | Used to find and gline drones on the network. | |
314 | ||
c6603960 P |
315 | Note that this module uses MySQL exclusively and in a blocking manner, so that |
316 | a hanging connection to the MySQL database can and will block all network I/O. | |
317 | For this reason, you will probably want a newserv instance dedicated to running | |
318 | trojanscan if you wish to run it. | |
319 | ||
320 | Configuration: | |
321 | ||
322 | [trojanscan] | |
323 | nick=T | |
324 | ident=trojanscan | |
325 | hostname=trojanscan.quakenet.org | |
326 | realname=Trojanscan v2.73 | |
327 | authname=T | |
328 | # MySQL credentials | |
329 | dbhost=localhost | |
330 | dbport=3306 | |
331 | dbuser=moo | |
332 | dbpass=changeme | |
333 | db=moo | |
334 | maxchans=750 | |
335 | cycletime=16000 | |
336 | parttime=2600 | |
337 | maxusers=20 | |
338 | minchansize=150 | |
339 | ||
d1b8e200 | 340 | trusts |
005396ab | 341 | ------ |
d1b8e200 GB |
342 | |
343 | Implements connection limits. Supports the TRUST protocol which is used | |
fb0b5a22 GB |
344 | by quakenet-iauthd to determine whether to allow users to connect to the |
345 | network. | |
d1b8e200 | 346 | |
fb0b5a22 | 347 | You will need to load the trusts_master module on exactly one of your newserv |
d1b8e200 GB |
348 | instances. All other instances should load the trusts_slave module in order |
349 | to receive replication updates from the trusts master: | |
350 | ||
351 | [trusts] | |
352 | master=1 | |
353 | #masterserver=trusts.services.netsplit.net # Only used if master=0 | |
354 | ||
355 | In most cases you will also want to load the trusts_management module on | |
356 | your trusts master. This module provides commands to add, modify and delete | |
357 | trusts. | |
358 | ||
359 | If you want to enforce connection limits on your network you can use the | |
360 | trusts_policy module: | |
361 | ||
362 | [trusts_policy] | |
363 | enforcepolicy_irc=1 | |
364 | enforcepolicy_auth=0 | |
365 | trustport=5776 | |
366 | server=gnb.netsplit.net,changeme | |
367 | server=test.gnb.netsplit.net,changeme | |
368 | ||
369 | You can use the QuakeNet IAuth daemon available at | |
c6603960 | 370 | https://hg.quakenet.org/iauthd/ to enforce connection limits using IAuth rather |
d1b8e200 GB |
371 | than g:lines. |
372 | ||
fb0b5a22 | 373 | whowas, whowas_channels |
005396ab | 374 | ----------------------- |
d1b8e200 GB |
375 | |
376 | Keeps track of historical user records. Used by the glines module to chase | |
377 | nicks and by newsearch. | |
378 | ||
fb0b5a22 GB |
379 | The whowas_channels module optionally keeps track of which channels users |
380 | were on. | |
381 | ||
c6603960 P |
382 | Configuration: |
383 | ||
384 | [whowas] | |
385 | maxentries=1000 | |
386 | ||
d1b8e200 | 387 | xsb |
005396ab | 388 | --- |
d1b8e200 | 389 | |
005396ab CP |
390 | Provides newserv<->newserv communication capabilities. Used by the trusts |
391 | modules to sync trusts between newserv instances. | |
d1b8e200 GB |
392 | |
393 | Configuration: | |
394 | ||
395 | [xsb] | |
396 | servicemask=*.services.netsplit.net |