summaryrefslogtreecommitdiff
path: root/docs/conf/opers.conf.example
diff options
context:
space:
mode:
authorAttila Molnar <attilamolnar@hush.com>2014-04-07 13:40:51 +0200
committerAttila Molnar <attilamolnar@hush.com>2014-04-07 13:40:51 +0200
commitf71e6bf9cb41811f18864f5d4eecb26e29d03f25 (patch)
tree88586e73f7ff864081b8831a88637680267b7201 /docs/conf/opers.conf.example
parentce78080782c261aed2c0314bc8c66babc1369be2 (diff)
parent493ff75f1f89a7ede2800eff0368740fbaf02aa4 (diff)
Merge insp20
Diffstat (limited to 'docs/conf/opers.conf.example')
-rw-r--r--docs/conf/opers.conf.example108
1 files changed, 55 insertions, 53 deletions
diff --git a/docs/conf/opers.conf.example b/docs/conf/opers.conf.example
index b42f3129a..524ebce34 100644
--- a/docs/conf/opers.conf.example
+++ b/docs/conf/opers.conf.example
@@ -8,25 +8,26 @@
# Note: It is possible to make a class which covers all available #
# commands. To do this, specify commands="*". This is not really #
# recommended, as it negates the whole purpose of the class system, #
-# however it is provided for fast configuration (e.g. in test nets) #
+# however it is provided for fast configuration (e.g. in test nets). #
# #
<class
name="Shutdown"
- # commands: oper commands that users of this class can run.
- commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOAD GUNLOADMODULE GRELOADMODULE SAJOIN SAPART SANICK SAQUIT SATOPIC"
+ # commands: Oper-only commands that opers of this class can run.
+ commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOADMODULE GUNLOADMODULE GRELOADMODULE"
- # privs: special privileges that users with this class may utilise.
+ # privs: Special privileges that users with this class may utilise.
# VIEWING:
# - channels/auspex: allows opers with this priv to see more detail about channels than normal users.
- # - users/auspex: allows opers with this priv to view more details about users than normal users.
+ # - users/auspex: allows opers with this priv to view more details about users than normal users, e.g. real host and IP.
# - servers/auspex: allows opers with this priv to see more detail about server information than normal users.
# ACTIONS:
# - users/mass-message: allows opers with this priv to PRIVMSG and NOTICE to a server mask (e.g. NOTICE $*)
# - users/samode-usermodes: allows opers with this priv to change the user modes of any other user using /SAMODE
# - channels/high-join-limit: allows opers with this priv to join <channels:opers> total channels instead of <channels:users> total channels.
# PERMISSIONS:
+ # - users/flood/no-fakelag: prevents opers from being penalized with fake lag for flooding (*NOTE)
# - users/flood/no-throttle: allows opers with this priv to send commands without being throttled (*NOTE)
# - users/flood/increased-buffers: allows opers with this priv to send and receive data without worrying about being disconnected for exceeding limits (*NOTE)
#
@@ -39,10 +40,11 @@
# chanmodes: Oper-only channel modes that opers with this class can use.
chanmodes="*">
-<class name="ServerLink" commands="CONNECT SQUIT CONNECT MKPASSWD ALLTIME SWHOIS CLOSE JUMPSERVER LOCKSERV" usermodes="*" chanmodes="*" privs="servers/auspex">
-<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE RLINE CHECK NICKLOCK SHUN CLONES CBAN CLEARCHAN" usermodes="*" chanmodes="*">
-<class name="OperChat" commands="WALLOPS GLOBOPS SETIDLE" usermodes="*" chanmodes="*" privs="users/mass-message">
-<class name="HostCloak" commands="SETHOST SETIDENT SETNAME CHGHOST CHGIDENT" usermodes="*" chanmodes="*" privs="users/auspex">
+<class name="SACommands" commands="SAJOIN SAPART SANICK SAQUIT SATOPIC SAKICK SAMODE">
+<class name="ServerLink" commands="CONNECT SQUIT RCONNECT RSQUIT MKPASSWD ALLTIME SWHOIS JUMPSERVER LOCKSERV UNLOCKSERV" usermodes="*" chanmodes="*" privs="servers/auspex">
+<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE RLINE CHECK NICKLOCK NICKUNLOCK SHUN CLONES CBAN CLOSE" usermodes="*" chanmodes="*">
+<class name="OperChat" commands="WALLOPS GLOBOPS" usermodes="*" chanmodes="*" privs="users/mass-message">
+<class name="HostCloak" commands="SETHOST SETIDENT CHGNAME CHGHOST CHGIDENT SETIDLE" usermodes="*" chanmodes="*" privs="users/auspex">
#-#-#-#-#-#-#-#-#-#-#-#- OPERATOR COMPOSITION -#-#-#-#-#-#-#-#-#-#-#
@@ -53,44 +55,44 @@
# #
<type
- # name: Name of type. Used in actual olines below.
+ # name: Name of type. Used in actual server operator accounts below.
name="NetAdmin"
- # classes: classes (above blocks) that this type belongs to.
- classes="OperChat BanControl HostCloak Shutdown ServerLink"
+ # classes: Classes (blocks above) that this type belongs to.
+ classes="SACommands OperChat BanControl HostCloak Shutdown ServerLink"
- # vhost: host oper gets on oper-up. This is optional.
- vhost="netadmin.omega.org.za"
+ # vhost: Host opers of this type get when they log in (oper up). This is optional.
+ vhost="netadmin.omega.example.org"
- # modes: usermodes besides +o that are set on a oper of this type
+ # modes: User modes besides +o that are set on an oper of this type
# when they oper up. Used for snomasks and other things.
# Requires that m_opermodes.so be loaded.
modes="+s +cCqQ">
-<type name="GlobalOp" classes="OperChat BanControl HostCloak ServerLink" vhost="ircop.omega.org.za">
-<type name="Helper" classes="HostCloak" vhost="helper.omega.org.za">
+<type name="GlobalOp" classes="SACommands OperChat BanControl HostCloak ServerLink" vhost="ircop.omega.example.org">
+<type name="Helper" classes="HostCloak" vhost="helper.omega.example.org">
#-#-#-#-#-#-#-#-#-#-#- OPERATOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
# Opers are defined here. This is a very important section. #
-# Remember to only make operators out of trust worthy people. #
+# Remember to only make operators out of trustworthy people. #
# #
-# oline with plain-text password
+# Operator account with a plain-text password.
<oper
- # name: oper login that is used to oper up (/oper name password).
- # Remember: This is case sensitive
- name="Brain"
+ # name: Oper login that is used to oper up (/oper name password).
+ # Remember: This is case sensitive.
+ name="Attila"
- # password: case-sensitive, unhashed...yea...self-explanatory.
+ # password: Case-sensitive, unhashed (plaintext).
password="s3cret"
- # host: What hostnames/IP's are allowed to oper up with this oline.
- # Multiple options can be separated by spaces and CIDR's are allowed.
- # You CAN use just * or *@* for this section, but it is not recommended
+ # host: What hostnames and IPs are allowed to use this operator account.
+ # Multiple options can be separated by spaces and CIDRs are allowed.
+ # You can use just * or *@* for this section, but it is not recommended
# for security reasons.
- host="yourident@dialup15.isp.com *@localhost *@example.com *@2001:db8::/32"
+ host="attila@inspircd.org *@2001:db8::/32"
# ** ADVANCED ** This option is disabled by default.
# fingerprint: When using the m_sslinfo module, you may specify
@@ -102,61 +104,61 @@
# If m_sslinfo isn't loaded, this option will be ignored.
#fingerprint="67cb9dc013248a829bb2171ed11becd4"
- # autologin: if an SSL fingerprint for this oper is specified, you can
+ # autologin: If an SSL fingerprint for this oper is specified, you can
# have the oper block automatically log in. This moves all security of the
# oper block to the protection of the client certificate, so be sure that
# the private key is well-protected! Requires m_sslinfo.
#autologin="on"
- # sslonly: This oper can only oper up if they're using a SSL connection.
+ # sslonly: If on, this oper can only oper up if they're using a SSL connection.
# Setting this option adds a decent bit of security. Highly recommended
# if the oper is on wifi, or specifically, unsecured wifi. Note that it
# is redundant to specify this option if you specify a fingerprint.
# This setting only takes effect if m_sslinfo is loaded.
#sslonly="yes"
- # vhost: overrides the vhost in the type block. Class and modes may also
- # be overridden
- vhost="brain.netadmin.omega"
+ # vhost: Overrides the vhost in the type block. Class and modes may also
+ # be overridden.
+ vhost="attila.example.org"
- # type: What oper type this oline is. See the block above for list
- # of types. NOTE: This is case-sensitive as well.
+ # type: Which type of operator this person is; see the block
+ # above for the list of types. NOTE: This is case-sensitive as well.
type="NetAdmin">
-# oline with plain-text password and no comments..for all who like copy & paste
+# Operator with a plaintext password and no comments, for easy copy & paste.
<oper
name="Brain"
password="s3cret"
- host="yourident@dialup15.isp.com *@localhost *@example.com *@2001:db8::/32"
+ host="brain@dialup15.isp.com *@localhost *@example.com *@2001:db8::/32"
#fingerprint="67cb9dc013248a829bb2171ed11becd4"
type="NetAdmin">
-# oline with hashed password. It is highly recommended to use hashed passwords.
+# Operator with a hashed password. It is highly recommended to use hashed passwords.
<oper
- # name: oper login that is used to oper up (/oper name password).
- # Remember: This is case sensitive
- name="Brain"
+ # name: Oper login that is used to oper up (/oper name password).
+ # Remember: This is case sensitive.
+ name="Adam"
- # hash: what hash this password is hashed with.
+ # hash: What hash this password is hashed with.
# Requires the module for selected hash (m_md5.so, m_sha256.so
# or m_ripemd160.so) be loaded and the password hashing module
# (m_password_hash.so) loaded.
# Options here are: "md5", "sha256" and "ripemd160", or one of
# these prefixed with "hmac-", e.g.: "hmac-sha256".
- # Create hashed password with: /mkpasswd <hash> <password>
- hash="sha256"
+ # Create hashed passwords with: /mkpasswd <hash> <password>
+ hash="hmac-sha256"
- # password: a hash of your password (see above option) hashed
- # with /mkpasswd <hash> <password> . See m_password_hash in modules.conf
+ # password: A hash of the password (see above option) hashed
+ # with /mkpasswd <hash> <password>. See m_password_hash in modules.conf
# for more information about password hashing.
- password="1ec1c26b50d5d3c58d9583181af8076655fe00756bf7285940ba3670f99fcba0"
+ password="qQmv3LcF$Qh63wzmtUqWp9OXnLwe7yv1GcBwHpq59k2a0UrY8xe0"
- # host: What hostnames/IP's are allowed to oper up with this oline.
- # Multiple options can be separated by spaces and CIDR's are allowed.
- # You CAN use just * or *@* for this section, but it is not recommended
+ # host: What hostnames and IPs are allowed to use this operator account.
+ # Multiple options can be separated by spaces and CIDRs are allowed.
+ # You can use just * or *@* for this section, but it is not recommended
# for security reasons.
- host="yourident@dialup15.isp.com *@localhost *@example.com *@2001:db8::/32"
+ host="*@127.0.0.1 *@192.0.2.40 *@198.51.100.4"
- # type: What oper type this oline is. See the block above for list
- # of types. NOTE: This is case-sensitive as well.
- type="NetAdmin">
+ # type: Which type of operator this person is; see the block
+ # above for the list of types. NOTE: This is case-sensitive as well.
+ type="Helper">