# #
# By default, ALL modules are commented out. You must uncomment them #
# or add lines to your config to load modules. Please refer to #
-# https://wiki.inspircd.org/3.0/Modules for a list of modules and #
+# https://docs.inspircd.org/3/modules for a list of modules and #
# each modules link for any additional conf tags they require. #
# #
# ____ _ _____ _ _ ____ _ _ _ #
# matched, or it has no format value. Aliases are #
# read from the top of the file to the bottom. #
# #
-# usercommand - If this is true, the alias can be run simply as #
-# /aliasname. Defaults to true. #
+# usercommand - If set to yes, the alias can be run simply as #
+# /ALIASNAME. Defaults to yes. #
# #
-# channelcommand - If this is true, the alias can be used as an #
+# channelcommand - If set to yes, the alias can be used as an #
# in-channel alias or 'fantasy command', prefixed #
# by the fantasy prefix character, !aliasname by #
-# default. Defaults to false. #
+# default. Defaults to no. #
# #
# format - If this is defined, the parameters of the alias #
# must match this glob pattern. For example if you #
# to successfully trigger. If they are not, then #
# the user receives a 'no such nick' 401 numeric. #
# #
-# uline - Setting this to true will ensure that the user #
-# given in 'requires' is also on a u-lined server, #
+# stripcolor - If set to yes, the text from the user will be #
+# stripped of color and format codes before #
+# matching against 'text'. #
+# #
+# uline - Setting this to yes will ensure that the user #
+# given in 'requires' is also on a U-lined server, #
# as well as actually being on the network. If the #
-# user is online, but not on a u-lined server, #
+# user is online, but not on a U-lined server, #
# then an oper alert is sent out as this is #
# possibly a sign of a user trying to impersonate #
# a service. #
# #
-# operonly - If true, this will make the alias oper only. #
+# operonly - If yes, this will make the alias oper only. #
# If a non-oper attempts to use the alias, it will #
# appear to not exist. #
# #
# An example of using the format value to create an alias with two
# different behaviours depending on the format of the parameters.
#
-#<alias text="ID" format="#*" replace="PRIVMSG ChanServ :IDENTIFY $2 $3"
+#<alias text="ID" format="#*" replace="SQUERY ChanServ :IDENTIFY $2 $3"
# requires="ChanServ" uline="yes">
#
-#<alias text="ID" replace="PRIVMSG NickServ :IDENTIFY $2"
+#<alias text="ID" replace="SQUERY NickServ :IDENTIFY $2"
# requires="NickServ" uline="yes">
#
# This alias fixes a glitch in xchat 2.6.x and above and the way it
# assumes IDENTIFY must be prefixed by a colon (:) character. It should
# be placed ABOVE the default NICKSERV alias.
#
-#<alias text="NICKSERV" format=":IDENTIFY *" replace="PRIVMSG NickServ :IDENTIFY $3-"
+#<alias text="NICKSERV" format=":IDENTIFY *" replace="SQUERY NickServ :IDENTIFY $3-"
# requires="NickServ" uline="yes">
#
# You may also add aliases to trigger based on something said in a
# command must be preceded by the fantasy prefix when used.
#
#<alias text="CS" usercommand="no" channelcommand="yes"
-# replace="PRIVMSG ChanServ :$1 $chan $2-" requires="ChanServ" uline="yes">
+# replace="SQUERY ChanServ :$1 $chan $2-" requires="ChanServ" uline="yes">
#
# This would be used as "!cs <command> <options>", with the channel
# being automatically inserted after the command in the message to
# users that send overly capitalised messages to channels. Unlike the
# blockcaps module this module is more flexible as it has more options
# for punishment and allows channels to configure their own punishment
-# policies.
+# policies.
#<module name="anticaps">
#
# You may also configure the characters which anticaps considers to be
# <anticaps lowercase="abcdefghijklmnopqrstuvwxyz"
# uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Argon2 module: Allows other modules to generate Argon2 hashes,
+# usually for cryptographic uses and security.
+# This module makes the algorithms argon2i, argon2d and argon2id
+# available for use.
+# Note that this module is extra, and must be enabled explicitly
+# to build. It depends on libargon2.
+#<module name="argon2">
+#
+# memory: Memory hardness, in KiB. E.g. 131072 KiB = 128 MiB.
+# iterations: Time hardness in iterations. (def. 3)
+# lanes: How many parallel chains can be run. (def. 1)
+# threads: Maximum amount of threads each invocation can spawn. (def. 1)
+# length: Output length in bytes. (def. 32)
+# saltlength: Salt length in bytes. (def. 16)
+# version: Algorithm version, 10 or 13. (def. 13)
+# The parameters can be customized as follows:
+#<argon2 iterations="3" memory="131074" length="32" saltlength="16">
+# Defines the parameters that are common for all the variants (i/d/id).
+# Can be overridden on individual basis, e.g.
+#<argon2i iterations="4">
+#<argon2d memory="131074"
+#<argon2id iterations="5" memory="262144" length="64" saltlength="32">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Auditorium module: Adds channel mode +u which makes everyone else
# except you in the channel invisible, used for large meetings etc.
# For example +w o:*!Attila@127.0.0.1 will op anyone matching that mask
# on join. This can be combined with extbans, for example +w o:R:Brain
# will op anyone identified to the account "Brain".
-# Another useful combination is with SSL client certificate
+# Another useful combination is with TLS (SSL) client certificate
# fingerprints: +w h:z:72db600734bb9546c1bdd02377bc21d2a9690d48 will
# give halfop to the user(s) having the given certificate.
#<module name="autoop">
#<module name="botmode">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# CallerID module: Adds usermode +g which activates hybrid-style
+# CallerID module: Adds user mode +g which activates hybrid-style
# callerid: block all private messages unless you /ACCEPT first.
#<module name="callerid">
#
# This module is oper-only and provides /CBAN.
# To use, CBAN must be in one of your oper class blocks.
#<module name="cban">
+# CBAN does not allow glob channelmasks by default for compatibility
+# reasons. You can enable glob support by uncommenting the next line.
+#<cban glob="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Censor module: Adds channel and user mode +G.
+# Censor module: Adds channel and user mode +G which block phrases that
+# are listed in the server bad words list.
#<module name="censor">
#
#-#-#-#-#-#-#-#-#-#-#- CENSOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# Optional - If you specify to use the censor module, then you must #
-# specify some censor tags. See also: #
-# https://wiki.inspircd.org/Modules/3.0/censor #
-#
-#<include file="examples/censor.conf.example">
+# If you have the censor module loaded you should specify one or more #
+# phrases to replace/block in user messages. The config for this is #
+# formatted as follows: #
+# #
+# Replaces "eggplant" with "aubergine" within messages: #
+# <badword text="eggplant" replace="aubergine"> #
+# #
+# Blocks messages that contain "fluffy capybaras": #
+#<badword text="fluffy capybaras"> #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CGI:IRC module: Enables forwarding the real IP address of a user from
# The webirc method is the recommended way to allow gateways to forward
# IP/host information. When using this method the gateway sends a WEBIRC
# message to the server on connection. For more details please read the
-# IRCv3 WebIRC specification at http://ircv3.net/specs/extensions/webirc.html.
+# IRCv3 WebIRC specification at: https://ircv3.net/specs/extensions/webirc.html
#
-# When using this method you must specify a wildcard mask or CIDR range
-# to allow gateway connections from and at least one of either a SSL
-# client certificate fingerprint for the gateway or a password to be
-# sent in the WEBIRC command.
+# When using this method you must specify one or more wildcard masks
+# or CIDR ranges to allow gateway connections from and at least one of
+# either a TLS (SSL) client certificate fingerprint for the gateway or
+# a password to be sent in the WEBIRC command.
#
# <cgihost type="webirc"
# fingerprint="bd90547b59c1942b85f382bc059318f4c6ca54c5"
-# mask="192.0.2.0/24">
+# mask="192.0.2.0/24 198.51.100.*">
# <cgihost type="webirc"
# password="$2a$10$WEUpX9GweJiEF1WxBDSkeODBstIBMlVPweQTG9cKM8/Vd58BeM5cW"
# hash="bcrypt"
# address in the ident sent by the user. This is not recommended as it
# only works with IPv4 connections.
#
-# When using this method you must specify a wildcard mask or CIDR range to allow
-# gateway connections from. You can also optionally configure the static value
-# that replaces the IP in the ident to avoid leaking the real IP address of
-# gateway clients (defaults to "gateway" if not set).
+# When using this method you must specify one or more wildcard masks
+# or CIDR ranges to allow gateway connections from. You can also
+# optionally configure the static value that replaces the IP in the
+# ident to avoid leaking the real IP address of gateway clients
+# (defaults to "gateway" if not set).
#
# <cgihost type="ident"
-# mask="198.51.100.0/24"
+# mask="198.51.100.0/24 203.0.113.*"
# newident="wibble">
# <cgihost type="ident"
# mask="*.ident.gateway.example.com"
#<module name="chanfilter">
#
# If hidemask is set to yes, the user will not be shown the mask when
-# his/her message is blocked.
+# their message is blocked.
#
# If maxlen is set then it defines the maximum length of a filter entry.
#
# If notifyuser is set to no, the user will not be notified when
-# his/her message is blocked.
+# their message is blocked.
#<chanfilter hidemask="yes" maxlen="50" notifyuser="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# the current topic of conversation is when joining the channel.
#<module name="chanhistory">
#
-# Set the maximum number of lines allowed to be stored per channel below.
-# This is the hard limit for 'X'.
-# If notice is set to yes, joining users will get a NOTICE before playback
-# telling them about the following lines being the pre-join history.
-# If bots is set to yes, it will also send to users marked with +B
-#<chanhistory maxlines="50" notice="yes" bots="yes">
+#-#-#-#-#-#-#-#-#-#-#- CHANHISTORY CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
+# #
+# bots - Whether to send channel history to bots. Defaults to yes. #
+# #
+# enableumode - Whether to enable the +N user mode which allows users #
+# to opt-out of receiving channel history. Defaults to #
+# no. #
+# #
+# maxlines - The maximum number of lines of chat history to send to a #
+# joining users. Defaults to 50. #
+# #
+# prefixmsg - Whether to send an explanatory message to clients that #
+# don't support the chathistory batch type. Defaults to #
+# yes. #
+# #
+#<chanhistory bots="yes"
+# enableumode="yes"
+# maxlines="50"
+# prefixmsg="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channel logging module: Used to send snotice output to channels, to
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channelban: Implements extended ban j:, which stops anyone already
-# in a channel matching a ban like +b j:#channel*mask from joining.
+# in a channel matching a ban like +b j:#channel from joining.
+# It is also possible to ban based on their status in that channel,
+# like so: +b j:@#channel, this example prevents the ops from joining.
# Note that by default wildcard characters * and ? are allowed in
-# channel names. To disallow them, load m_channames and add characters
-# 42 and 63 to denyrange (see above).
+# channel names. To disallow them, load the channames module and
+# add characters 42 and 63 to denyrange (see above).
#<module name="channelban">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#<module name="chgname">
#
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Connection class ban module: Adds support for extban 'n' which
+# Connection class ban module: Adds support for extban 'n' which
# matches against the class name of the user's connection.
# This module assumes that connection classes are named in a uniform
-# way on all servers of the network.
+# way on all servers of the network. Wildcards are accepted.
#<module name="classban">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#<module name="clearchan">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Cloaking module: Adds usermode +x and cloaking support.
+# Cloaking module: Adds user mode +x and cloaking support.
# Relies on the md5 module being loaded.
# To cloak users when they connect, load the conn_umodes module and set
# <connect:modes> to include the +x mode. The example <connect> tag
#<cloak mode="half"
# key="changeme"
# domainparts="3"
-# prefix="net-">
+# prefix="net-"
+# ignorecase="no">
#
#<cloak mode="full"
# key="changeme"
-# prefix="net-">
-
-#-#-#-#-#-#-#-#-#-#-#-#- CLOSE MODULE #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Close module: Allows an oper to close all unregistered connections.
-# This module is oper-only and provides the /CLOSE command.
-# To use, CLOSE must be in one of your oper class blocks.
-#<module name="close">
+# prefix="net-"
+# ignorecase="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Clones module: Adds an oper command /CLONES for detecting cloned
# To use, CLONES must be in one of your oper class blocks.
#<module name="clones">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Codepage module: Allows using a custom 8-bit codepage for nicknames
+# and case mapping.
+#<module name="codepage">
+#
+# You should include one of the following files to set your codepage:
+#<include file="examples/codepages/ascii.conf.example">
+#<include file="examples/codepages/latin1.conf.example">
+#<include file="examples/codepages/rfc1459.conf.example">
+#<include file="examples/codepages/strict-rfc1459.conf.example">
+#
+# You can also define a custom codepage. For details on how to do this
+# please refer to the docs site:
+# https://docs.inspircd.org/3/modules/codepage
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Common channels module: Adds user mode +c, which, when set, requires
# that users must share a common channel with you to PRIVMSG or NOTICE
# killonbadreply - Whether to kill the user if they send the wrong #
# PONG reply. #
# #
-#<waitpong sendsnotice="yes" killonbadreply="yes">
+#<waitpong sendsnotice="no" killonbadreply="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channel cycle module: Adds the /CYCLE command which is a server-side
# bootwait - Amount of time in seconds to wait before enforcing
# the throttling when the server just booted.
#
-#<connflood seconds="30" maxconns="3" timeout="30"
-# quitmsg="Throttled" bootwait="10">
+#<connflood period="30" maxconns="3" timeout="30"
+# quitmsg="Throttled" bootwait="2m">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Custom prefixes: Allows for channel prefixes to be configured.
# You can also override the configuration of prefix modes added by both the core
# and other modules by adding a customprefix tag with change="yes" specified.
# <customprefix name="op" change="yes" rank="30000" ranktoset="30000">
-# <customprefix name="voice" change="yes" rank="10000" ranktoset="10000" depriv="no">
+# <customprefix name="voice" change="yes" rank="10000" ranktoset="20000" depriv="no">
#
# Do /RELOADMODULE customprefix after changing the settings of this module.
#<banfile pattern="*.txt" action="allow">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Deaf module: Adds support for the usermode +d - deaf to channel
-# messages and channel notices.
+# Deaf module: Adds support for user modes +d and +D:
+# d - deaf to channel messages and notices.
+# D - deaf to user messages and notices.
+# The +D user mode is not enabled by default to enable link compatibility
+# with 2.0 servers.
#<module name="deaf">
+#
+#-#-#-#-#-#-#-#-#-#-#-#- DEAF CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
+# bypasschars - Characters that bypass deaf to a regular user.
+# bypasscharsuline - Characters that bypass deaf to a U-lined user (services).
+# Both of these take a list of characters that must match
+# the starting character of a message.
+# If 'bypasscharsuline' is empty, then 'bypasschars' will
+# match for both regular and U-lined users.
+# enableprivdeaf - Whether to enable user mode +D (privdeaf).
+# privdeafuline - Whether U-lined users bypass user mode +D (privdeaf).
+#
+#<deaf bypasschars="" bypasscharsuline="!" enableprivdeaf="no" privdeafuline="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Delay join module: Adds the channel mode +D which delays all JOIN
#<goodchan name="#funtimes"> #
# Glob masks are accepted here also. #
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Disable module: Provides support for disabling commands and modes. #
+#<module name="disable">
+#
+#-#-#-#-#-#-#-#-#-#-#-#- DISABLE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# If you have the disable module loaded then you need to specify the #
+# commands and modes that you want disabled. Users who have not fully #
+# connected yet are exempt from this module so you can e.g. disable #
+# the NICK command but still allow users to connect to the server. #
+# #
+# commands - A space-delimited list of commands that can not be used #
+# by users. You can exempt server operators from this with #
+# the servers/use-disabled-commands privilege. #
+# #
+# chanmodes - One or more channel modes that can not be added/removed #
+# by users. You can exempt server operators from this #
+# with the servers/use-disabled-modes privilege. #
+# #
+# usermodes - One or more user modes that can not be added/removed by #
+# users. You can exempt server operators from this with #
+# the servers/use-disabled-modes privilege. #
+# #
+# fakenonexistent - Whether to pretend that a disabled command/mode #
+# does not exist when executed/changed by a user. #
+# Defaults to no. #
+# #
+# notifyopers - Whether to send a notice to snomask `a` when a user #
+# is prevented from using a disabled command/mode. #
+# Defaults to no. #
+# #
+#<disabled commands="KICK TOPIC" #
+# chanmodes="kp" #
+# usermodes="iw" #
+# fakenonexistent="yes" #
+# notifyopers="no"> #
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# DNS blacklist module: Provides support for looking up IPs on one or #
# more blacklists. #
-#<module name="dnsbl"> #
+#<module name="dnsbl">
+# #
+# For configuration options please see the docs page for dnsbl at #
+# https://docs.inspircd.org/3/modules/dnsbl. You can also use one or #
+# more of the following example configs for popular DNSBLs: #
+# #
+# DroneBL (https://dronebl.org) #
+#<include file="examples/providers/dronebl.conf.example">
+# #
+# EFnet RBL (https://rbl.efnetrbl.org) #
+#<include file="examples/providers/efnet-rbl.conf.example">
# #
-# For configuration options please see the wiki page for dnsbl at #
-# https://wiki.inspircd.org/Modules/3.0/dnsbl #
+# dan.me.uk Tor exit node DNSBL (https://www.dan.me.uk/dnsbl) #
+#<include file="examples/providers/torexit.conf.example">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Exempt channel operators module: Provides support for allowing #
# users of a specified channel status to be exempt from some channel #
-# restriction modes. Supported restrictions are #
-# blockcaps, blockcolor, censor, filter, flood, nickflood, noctcp, #
-# nonick, nonotice, regmoderated, stripcolor, and topiclock. #
+# restriction modes. Supported restrictions are: #
+# anticaps, auditorium-see, auditorium-vis, blockcaps, blockcolor, #
+# censor, filter, flood, nickflood, noctcp, nonick, nonotice, #
+# regmoderated, stripcolor, and topiclock. #
# See <options:exemptchanops> in inspircd.conf.example for a more #
# detailed list of the restriction modes that can be exempted. #
-# These are settable using /mode #chan +X <restriction>:<status> #
-#<module name="exemptchanops"> #
+# These are settable using: /MODE #chan +X <restriction>:<status> #
+# Furthermore, the exemptions configured in <options:exemptchanops> #
+# can also be negated by using: /MODE #chan +X <restriction>:* #
+#<module name="exemptchanops">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Filter module: Provides message filtering, similar to SPAMFILTER. #
# at the <module> tag for info on availability. #
# #
# If notifyuser is set to no, the user will not be notified when #
-# his/her message is blocked. #
-#<filteropts engine="glob" notifyuser="yes">
+# their message is blocked. #
+# #
+# If warnonselfmsg is set to yes when a user sends a message to #
+# themself that matches a filter the filter will be ignored and a #
+# warning will be sent to opers instead. This stops spambots which #
+# send their spam message to themselves first to check if it is being #
+# filtered by the server. #
+#<filteropts engine="glob" notifyuser="yes" warnonselfmsg="no">
# #
# Your choice of regex engine must match on all servers network-wide. #
# #
# #
# Optional - If you specify to use the filter module, then #
# specify below the path to the filter.conf file, or define some #
-# <filter> tags. #
+# <keyword> tags. #
# #
#<include file="examples/filter.conf.example">
#<module name="gecosban">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# GeoIP module: Allows the server admin to match users by country code.
-# This module is in extras. Re-run configure with:
-# ./configure --enable-extras=m_geoip.cpp
-# and run make install, then uncomment this module to enable it.
-# This module requires GeoIP to be installed on your system,
-# use your package manager to find the appropriate packages
-# or check the InspIRCd wiki page for this module.
-#<module name="geoip">
-#
-# The actual allow/ban actions are done by connect classes, not by the
-# GeoIP module. An example connect class to ban people from russia or
-# turkey:
-#
-# <connect deny="*" geoip="TR,RU">
-#
-# If enabled you can also ban people from channnels by country code
-# using the G: extban (e.g. /mode #channel +b G:US).
-# <geoip extban="yes">
-#
-# The country code must be in capitals and should be an ISO country
-# code such as TR, GB, or US. Unknown IPs (localhost, LAN IPs, etc)
-# will be assigned the country code "UNK". Since connect classes are
-# matched from top down, your deny classes must be above your allow
-# classes for them to match.
+# Geolocation ban module: Adds support for extban 'G' which matches #
+# against the ISO 3166-1 alpha-2 codes for the countries that users #
+# are connecting from. Users connecting from unknown origins such as #
+# internal networks can be matched against using the XX alpha-2 code. #
+# A full list of ISO 3166-1 alpha-2 codes can be found at #
+# https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 #
+#<module name="geoban">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Geolocation connect class module: Adds support for limiting connect #
+# classes to users from specific countries. With this module you can #
+# specify a space-delimited list of two character the ISO 3166-1 #
+# alpha-2 codes in the "country" field of a connect class. e.g. to #
+# deny connections from users in Russia or Turkey: #
+# #
+# <connect deny="*" country="TR RU"> #
+# #
+# Users connecting from unknown origins such as internal networks can #
+# be matched against using the XX alpha-2 code. A full list of ISO #
+# 3166-1 alpha-2 codes can be found at #
+# https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 #
+#<module name="geoclass">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# MaxMindDB geolocation module: Provides geolocation information for #
+# other modules that need it using the libMaxMindDB library. #
+# #
+# This module is in extras. Re-run configure with: #
+# ./configure --enable-extras geo_maxmind
+# and run make install, then uncomment this module to enable it. #
+# #
+# This module requires libMaxMindDB to be installed on your system. #
+# Use your package manager to find the appropriate packages or check #
+# the InspIRCd documentation page for this module. #
+#<module name="geo_maxmind">
+# #
+# If you use the geo_maxmind module you MUST provide a database file #
+# to look up geolocation information in. You can either purchase this #
+# from MaxMind at https://www.maxmind.com/en/geoip2-country-database #
+# or use the free CC-BY-SA licensed GeoLite2 Country database which #
+# can be downloaded at https://dev.maxmind.com/geoip/geoip2/geolite2/ #
+#<maxmind file="GeoLite2-Country.mmdb">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Globops module: Provides the /GLOBOPS command and snomask +g.
# If you specify to use the helpop module, then specify below the #
# path to the helpop.conf file. #
# #
-#<include file="examples/helpop-full.conf.example">
+#<include file="examples/helpop.conf.example">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Hide chans module: Allows users to hide their channels list from non-
#<module name="hidechans">
#
# This mode can optionally prevent opers from seeing channels on a +I
-# user, for more privacy if set to true.
+# user, for more privacy if set to yes.
# This setting is not recommended for most mainstream networks.
-#<hidechans affectsopers="false">
+#<hidechans affectsopers="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Hide list module: Allows for hiding the list of listmodes from users
#
#-#-#-#-#-#-#-#-#-#-#- HOSTCHANGE CONFIGURATION -#-#-#-#-#-#-#-#-#-#
# #
-# See https://wiki.inspircd.org/Modules/3.0/hostchange for help. #
+# See https://docs.inspircd.org/3/modules/hostchange for help. #
# #
#<hostchange mask="*@42.theanswer.example.org" action="addaccount" suffix=".users.example.com">
#<hostchange mask="*root@*" action="addnick" prefix="example/users/">
# the timeout for ident lookups here. If not defined, it will default #
# to 5 seconds. This is a non-blocking timeout which holds the user #
# in a 'connecting' state until the lookup is complete. #
-# The bind value indicates which IP to bind outbound requests to. #
-# nolookupprefix: If on, the idents of users being in a connect class #
-# with ident lookups disabled (i.e. <connect useident="off">) will be #
-# prefixed with a "~". If off, the ident of those users will not be #
-# prefixed. Default is off. #
+# prefixunqueried: If yes, the idents of users in a connect class #
+# with ident lookups disabled (i.e. <connect useident="no">) will be #
+# prefixed with a "~". If no, the ident of those users will not be #
+# prefixed. Default is no. #
#
-#<ident timeout="5" nolookupprefix="no">
+#<ident timeout="5" prefixunqueried="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Invite exception module: Adds support for channel invite exceptions
#
# Further information on these extensions can be found at the IRCv3
# working group website:
-# http://ircv3.net/irc/
+# https://ircv3.net/irc/
#
#<module name="ircv3">
# The following block can be used to control which extensions are
# enabled. Note that extended-join can be incompatible with delayjoin
# and host cycling.
-#<ircv3 accountnotify="on" awaynotify="on" extendedjoin="on">
+#<ircv3 accountnotify="yes" awaynotify="yes" extendedjoin="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# IRCv3 account-tag module. Adds the 'account' tag which contains the
# extension will get the chghost message and won't see host cycling.
#<module name="ircv3_chghost">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 client-to-client tags module: Provides the message-tags IRCv3
+# extension which allows clients to add extra data to their messages.
+# This is used to support new IRCv3 features such as replies and ids.
+#<module name="ircv3_ctctags">
+#
+# If you want to only allow client tags that are intended for processing
+# by the server you can disable the following setting. Doing this is not
+# recommended though as it may break clients.
+#<ctctags allowclientonlytags="yes">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# IRCv3 echo-message module: Provides the echo-message IRCv3
# extension which allows capable clients to get an acknowledgement when
# another user into a channel. This respects <options:announceinvites>.
#<module name="ircv3_invitenotify">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 labeled-response module: Provides the labeled-response IRCv3
+# extension which allows server responses to be associated with the
+# client message which caused them to be sent.
+#<module name="ircv3_labeledresponse">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 message id module: Provides the msgid IRCv3 extension which
+# adds a unique identifier to each message when the message-tags cap
+# has been requested. This enables support for modern features such as
+# reactions and replies.
+#<module name="ircv3_msgid">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# IRCv3 server-time module. Adds the 'time' tag which adds a timestamp
# to all messages received from the server.
#
# host - A glob match for the SNI hostname to apply this policy to.
# duration - The amount of time that the policy lasts for. Defaults to
-# approximately two months by default.
+# five minutes by default. You should raise this to a month
+# or two once you know that your config is valid.
# port - The port on which TLS connections to the server are being
# accepted. You MUST have a CA-verified certificate on this
# port. Self signed certificates are not acceptable.
# preload - Whether client developers can include your certificate in
# preload lists.
#
-# <sts host="*.example.com" duration="60d" port="6697" preload="yes">
+# <sts host="*.example.com" duration="5m" port="6697" preload="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Join flood module: Adds support for join flood protection +j X:Y.
# Closes the channel for N seconds if X users join in Y seconds.
#<module name="joinflood">
#
-# The number of seconds to close the channel for:
-#<joinflood duration="1m">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Jump server module: Adds support for the RPL_REDIR numeric.
-# This module is oper-only.
-# To use, JUMPSERVER must be in one of your oper class blocks.
-# If your server is redirecting new clients and you get disconnected,
-# do a REHASH from shell to open up again.
-#<module name="jumpserver">
+# duration: The number of seconds to close a channel for when it is
+# being flooded with joins.
+#
+# bootwait: The number of seconds to disengage joinflood for after
+# a server boots. This allows users to reconnect without
+# being throttled by joinflood.
+#
+# splitwait: The number of seconds to disengage joinflood for after
+# a server splits. This allows users to reconnect without
+# being throttled by joinflood.
+#
+#<joinflood duration="1m"
+# bootwait="30s"
+# splitwait="30s">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Anti auto rejoin: Adds support for prevention of auto-rejoin (+J).
# LDAP module: Allows other SQL modules to access a LDAP database
# through a unified API.
# This modules is in extras. Re-run configure with:
-# ./configure --enable-extras=m_ldap.cpp
+# ./configure --enable-extras ldap
# and run make install, then uncomment this module to enable it.
#
#<module name="ldap">
# repeated to whitelist multiple CIDRs. #
# #
# ldaprequire allows further filtering on the LDAP user, by requiring #
-# certain LDAP attibutes to have a given value. It can be repeated, #
+# certain LDAP attributes to have a given value. It can be repeated, #
# in which case the list will act as an OR list, that is, the #
# authentication will succeed if any of the requirements in the list #
# is satisfied. #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Map hiding module: replaces /MAP and /LINKS output to users with a #
-# message to see a website, set by maphide="http://test.org/map" in #
+# message to see a website, set by maphide="https://test.org/map" in #
# the <security> tag, instead. #
#<module name="maphide">
# Message flood module: Adds message/notice flood protection via
# channel mode +f.
#<module name="messageflood">
+#
+# The weight to give each message type. TAGMSGs are considered to be
+# 1/5 of a NOTICE or PRIVMSG to avoid users being accidentally flooded
+# out of a channel by automatic client features such as typing
+# notifications.
+#<messageflood notice="1.0" privmsg="1.0" tagmsg="0.2">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# MLOCK module: Adds support for server-side enforcement of services
# MySQL module: Allows other SQL modules to access MySQL databases
# through a unified API.
# This module is in extras. Re-run configure with:
-# ./configure --enable-extras=m_mysql.cpp
+# ./configure --enable-extras mysql
# and run make install, then uncomment this module to enable it.
#<module name="mysql">
#
#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# mysql is more complex than described here, see the wiki for more #
-# info: https://wiki.inspircd.org/Modules/3.0/mysql #
+# mysql is more complex than described here, see the docs for more #
+# info: https://docs.inspircd.org/3/modules/mysql #
#
#<database module="mysql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database2">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Named modes module: Allows for the display and set/unset of channel
# modes via long-form mode names via +Z and the /PROP command.
-# For example, to set a ban, do /mode #channel +Z ban=foo!bar@baz or
+# For example, to set a ban, do /MODE #channel +Z ban=foo!bar@baz or
# /PROP #channel ban=foo!bar@baz
#<module name="namedmodes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# NAMESX module: Provides support for the NAMESX extension which allows
-# clients to see all the prefixes set on a user without getting confused.
-# This is supported by mIRC, x-chat, klient, and maybe more.
+# NAMESX module: Provides support for the IRCv3 multi-prefix capability
+# and legacy NAMESX extension which allow clients to see all the prefix
+# modes set on a user.
#<module name="namesx">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# National characters module:
# 1) Allows using national characters in nicknames.
# 2) Allows using custom (national) casemapping over the network.
+#
+# This module is incredibly poorly written and documented. You should
+# probably use the codepage module instead for 8-bit codepages.
#<module name="nationalchars">
#
# file - Location of the file which contains casemapping rules. If this
# which allows up to X nick changes in Y seconds.
#<module name="nickflood">
#
-# The number of seconds to prevent nick changes for:
+# The time period to prevent nick changes for:
#<nickflood duration="1m">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Network business join module:
# Allows an oper to join a channel using /OJOIN, giving them +Y on the
-# channel which makes them immune to kick/deop/etc.
+# channel which makes them immune to kicks.
#<module name="ojoin">
#
# Specify the prefix that +Y will grant here.
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper channels mode: Adds the +O channel mode and extban O:<mask>
# to ban, except, etc. specific oper types. For example
-# /mode #channel +iI O:* is equivalent to channel mode +O, but you
+# /MODE #channel +iI O:* is equivalent to channel mode +O, but you
# may also set +iI O:AdminTypeOnly to only allow admins.
# Modes +I and +e work in a similar fashion.
#<module name="operchans">
#<module name="operlog">
#
# If the following option is on then all oper commands will be sent to
-# the snomask 'r'. The default is off.
-#<operlog tosnomask="off">
+# the snomask 'r'. The default is no.
+#<operlog tosnomask="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper prefixing module: Adds a channel prefix mode +y which is given
-# to all IRC operators automatically on all channels they are in.
+# to all server operators automatically on all channels they are in.
# This prefix mode is more powerful than channel op and other regular
# prefix modes.
#
-# Load this module if you want all your IRC operators to have channel
-# operator powers.
+# Load this module if you want all your server operators to have
+# channel operator powers.
#<module name="operprefix">
#
# You may additionally customise the prefix character.
#<operprefix prefix="!">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Oper MOTD module: Provides support for separate message of the day
+# Oper MOTD module: Provides support for a separate message of the day
# on oper-up.
# This module is oper-only.
#<module name="opermotd">
#
#-#-#-#-#-#-#-#-#-#-# OPERMOTD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# If you are using the opermotd module, specify the motd here. #
+# If you are using the opermotd module, specify the motd file here. #
# #
# onoper - If on, the message is sent on /OPER, otherwise it's #
# only sent when /OPERMOTD is used. #
# #
# Much of override's configuration relates to your oper blocks. #
# For more information on how to allow opers to override, see: #
-# https://wiki.inspircd.org/Modules/3.0/override #
+# https://docs.inspircd.org/3/modules/override #
# #
# noisy - If enabled, all oper overrides will be announced #
# via channel notice. #
# #
# requirekey - If enabled, overriding on join requires a channel #
-# key of "override" to be specified #
+# key of "override" to be specified. #
# #
-# enableumode - If enabled, usermode +O is required for override. #
+# enableumode - If enabled, user mode +O is required for override. #
# #
-#<override noisy="yes" requirekey="no" enableumode="true">
+#<override noisy="yes" requirekey="no" enableumode="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper levels module: Gives each oper a level and prevents actions
# Oper modes module: Allows you to specify modes to add/remove on oper.
# Specify the modes as the 'modes' parameter of the <type> tag
# and/or as the 'modes' parameter of the <oper> tag.
-# This module is oper-only. For the user equivalent, see the
+# This module is oper-only. For the user equivalent, see the
# conn_umodes module.
#<module name="opermodes">
# cmd: Command for the user to run when it receives a connect
# password.
- cmd="PRIVMSG $nickrequired :IDENTIFY $pass">
+ cmd="SQUERY $nickrequired :IDENTIFY $pass">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Password hash module: Allows hashed passwords to be used.
# whenever +P is set, unset, or the topic/modes on a +P channel is changed.
# If you want to do this, set the filename below, and uncomment the include.
#
-# If 'listmodes' is true then all list modes (+b, +I, +e, +g...) will be
-# saved. Defaults to false.
-#<permchanneldb filename="permchannels.conf" listmodes="true">
+# If 'listmodes' is yes then all list modes (+b, +I, +e, +g...) will be
+# saved. Defaults to no.
+#
+# 'saveperiod' determines how often to check if the database needs to be
+# saved to disk. Defaults to every five seconds.
+#<permchanneldb filename="permchannels.conf"
+# listmodes="yes"
+# saveperiod="5s">
#<include file="permchannels.conf">
#
# You may also create channels on startup by using the <permchannels> block.
# PostgreSQL module: Allows other SQL modules to access PgSQL databases
# through a unified API.
# This module is in extras. Re-run configure with:
-# ./configure --enable-extras=m_pgsql.cpp
+# ./configure --enable-extras pgsql
# and run make install, then uncomment this module to enable it.
#<module name="pgsql">
#
#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# pgsql is more complex than described here, see the wiki for #
-# more: https://wiki.inspircd.org/Modules/3.0/pgsql #
+# pgsql is more complex than described here, see the docs for #
+# more: https://docs.inspircd.org/3/modules/pgsql #
#
#<database module="pgsql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database" ssl="no">
#<module name="muteban">
#
# If notifyuser is set to no, the user will not be notified when
-# his/her message is blocked.
+# their message is blocked.
#<muteban notifyuser="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Remove module: Adds the /REMOVE command which is a peaceful
-# alternative to /KICK.
+# alternative to /KICK. It also provides the /FPART command which works
+# in the same way as /REMOVE.
#<module name="remove">
#
-# supportnokicks: If true, /REMOVE is not allowed on channels where the
-# nokicks (+Q) mode is set. Defaults to false.
+# supportnokicks: If yes, /REMOVE is not allowed on channels where the
+# nokicks (+Q) mode is set. Defaults to no.
# protectedrank: Members having this rank or above may not be /REMOVE'd
# by anyone. Set to 0 to disable this feature. Defaults to 50000.
-#<remove supportnokicks="true" protectedrank="50000">
+#<remove supportnokicks="yes" protectedrank="50000">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# A module to block, kick or ban upon similar messages being uttered several times.
-# Syntax [~*][lines]:[sec]{[:difference]}{[:matchlines]}
-# ~ is to block, * is to ban, default is kick.
-# lines - In mode 1 the amount of lines that has to match consecutively - In mode 2 the size of the backlog to keep for matching
-# seconds - How old the message has to be before it's invalidated.
-# distance - Edit distance, in percent, between two strings to trigger on.
-# matchlines - When set, the function goes into mode 2. In this mode the function will trigger if this many of the last <lines> matches.
+# Repeat module: Allows to block, kick or ban upon similar messages
+# being uttered several times. Provides channel mode +E.
+#
+# Syntax: [~|*]<lines>:<sec>[:<difference>][:<backlog>]
+# ~ is to block, * is to ban, default is kick.
+# lines - In mode 1, the amount of lines that has to match consecutively.
+# In mode 2, the size of the backlog to keep for matching.
+# seconds - How old the message has to be before it's invalidated.
+# difference - Edit distance, in percent, between two strings to trigger on.
+# backlog - When set, the function goes into mode 2. In this mode the
+# function will trigger if this many of the last <lines> matches.
#
# As this module can be rather CPU-intensive, it comes with some options.
-# maxbacklog - Maximum size that can be specified for backlog. 0 disables multiline matching.
-# maxdistance - Max percentage of difference between two lines we'll allow to match. Set to 0 to disable edit-distance matching.
-# maxlines - Max lines of backlog to match against.
-# maxtime - Maximum period of time a user can set. 0 to allow any.
-# size - Maximum number of characters to check for, can be used to truncate messages
-# before they are checked, resulting in less CPU usage. Increasing this beyond 512
-# doesn't have any effect, as the maximum length of a message on IRC cannot exceed that.
-#<repeat maxbacklog="20" maxlines="20" maxdistance="50" maxtime="0" size="512">
+# maxbacklog - Maximum size that can be specified for backlog. 0 disables
+# multiline matching.
+# maxdistance - Max percentage of difference between two lines we'll allow
+# to match. Set to 0 to disable edit-distance matching.
+# maxlines - Max lines of backlog to match against.
+# maxtime - Maximum period of time a user can set. 0 to allow any.
+# size - Maximum number of characters to check for, can be used to
+# truncate messages before they are checked, resulting in
+# less CPU usage. Increasing this beyond 512 doesn't have
+# any effect, as the maximum length of a message on IRC
+# cannot exceed that.
+# kickmessage - Kick message when * is specified
+#<repeat maxbacklog="20"
+# maxdistance="50"
+# maxlines="20"
+# maxtime="0s"
+# size="512"
+# kickmessage="Repeat flood">
#<module name="repeat">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Restricted channels module: Allows only opers or registered users to
+# Restricted channels module: Allows only opers with the
+# channels/restricted-create priv and/or registered users to
# create channels.
#
# You probably *DO NOT* want to load this module on a public network.
# If you wish to re-check a user when they change nickname (can be
# useful under some situations, but *can* also use CPU with more users
# on a server) then set 'matchonnickchange' to yes.
+# If you additionally want Z-lines to be added on matches, then
+# set 'zlineonmatch' to yes.
# Also, this is where you set what Regular Expression engine is to be
# used. If you ever change it while running, all of your R-lines will
# be wiped. This is the regex engine used by all R-lines set, and
# regex_<engine> must be loaded, or rline will be non-functional
# until you load it or change the engine to one that is loaded.
#
-#<rline matchonnickchange="yes" engine="pcre">
+#<rline matchonnickchange="yes" zlineonmatch="no" engine="pcre">
#
# Generally, you will NOT want to use 'glob' here, as this turns an
# R-line into just another G-line. The exceptions are that R-lines will
# so that at least \s or [[:space:]] is available.
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# RMODE module: Adds the /RMODE command
-# Allows channel mods to remove list modes en masse.
-# Syntax: /rmode <channel> <mode> [pattern]
-# E.g. '/rmode #Channel b m:*' will remove all mute-extbans on the channel.
+# RMODE module: Adds the /RMODE command.
+# Allows channel operators to remove list modes en masse, optionally
+# matching a glob-based pattern.
+# Syntax: /RMODE <channel> <mode> [<pattern>]
+# E.g. '/RMODE #channel b m:*' will remove all mute extbans on the channel.
#<module name="rmode">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SAMODE module: Adds the /SAMODE command which allows server operators
# to change modes on a channel without requiring them to have any
-# channel priviliges. Also allows changing user modes for any user.
+# channel privileges. Also allows changing user modes for any user.
# This module is oper-only.
# To use, SAMODE must be in one of your oper class blocks.
#<module name="samode">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SATOPIC module: Adds the /SATOPIC command which allows changing the
-# topic on a channel without requiring any channel priviliges.
+# topic on a channel without requiring any channel privileges.
# This module is oper-only.
# To use, SATOPIC must be in one of your oper class blocks.
#<module name="satopic">
# Layer via AUTHENTICATE. Note: You also need to have cap loaded
# for SASL to work.
#<module name="sasl">
-# Define the following to your services server name to improve security
-# by ensuring the SASL messages are only sent to the services server
-# and not to all connected servers. This prevents a rogue server from
-# capturing SASL messages and disables the SASL cap when services is
-# down.
-#<sasl target="services.mynetwork.com">
+
+# You must define <sasl:target> to the name of your services server so
+# that InspIRCd knows where to send SASL authentication messages and
+# when it should enable the SASL capability.
+# You can also define <sasl:requiressl> to require users to use TLS (SSL)
+# in order to be able to use SASL.
+#<sasl target="services.mynetwork.com"
+# requiressl="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Secure list module: Prevent /LIST in the first minute of connection,
# securelist blocking these sites from listing, define exception tags #
# as shown below: #
#<securehost exception="*@*.netsplit.de">
-#<securehost exception="*@*.ircdriven.com">
-#<securehost exception="*@*.ircs.me">
# #
-# Define the following variable to change how long a user must wait #
-# before issuing a LIST. If not defined, defaults to 60 seconds. #
+# exemptregistered - Whether the waiting period applies to users who #
+# are logged in to a services account. #
+# Defaults to no. #
+# #
+# showmsg - Whether to tell users that they need to wait for a while #
+# before they can use the /LIST command. #
+# Defaults to no. #
# #
-#<securelist waittime="1m"> #
+# waittime - The time period that a user must be connected for before #
+# they can use the /LIST command. #
+# Defaults to 1 minute. #
+# #
+#<securelist exemptregistered="yes"
+# showmsg="yes"
+# waittime="1m">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Servprotect module: Provides support for Austhex style +k /
#<module name="setidle">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Services support module: Adds several usermodes such as +R and +M.
+# Services support module: Adds several user modes such as +R and +M.
# This module implements the 'identified' state via account names,
# and is similar in operation to the way asuka and ircu handle services.
#
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SETNAME module: Adds the /SETNAME command.
#<module name="setname">
+#
+#-#-#-#-#-#-#-#-#-#-#-#- SETNAME CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# operonly - Whether the SETNAME command should only be usable by #
+# server operators. Defaults to no. #
+# #
+# notifyopers - Whether to send a snotice to snomask `a` when a user #
+# changes their real name. Defaults to to yes if #
+# oper-only and no if usable by everyone. #
+# #
+#<setname notifyopers="yes"
+# operonly="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Serverban: Implements extended ban 's', which stops anyone connected
# to a server matching a mask like +b s:server.mask.here from joining.
+# Wildcards are accepted.
#<module name="serverban">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# they enter a command. #
# This module adds one command for each <showfile> tag that shows the #
# given file to the user as a series of messages or numerics. #
-#<module name="showfile"> #
+#<module name="showfile">
# #
#-#-#-#-#-#-#-#-#-#-# SHOWFILE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# endtext="End of server rules.">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Show whois module: Adds the +W usermode which allows opers to see
+# Show whois module: Adds the +W user mode which allows opers to see
# when they are /WHOIS'd.
# This module is oper-only by default.
#<module name="showwhois">
# To use, SHUN must be in one of your oper class blocks.
#<module name="shun">
#
-# You may also configure which commands you wish a user to be able to
-# perform when shunned. It should be noted that if a shunned user
-# issues QUIT or PART then their message will be removed, as if they
-# did not issue one.
+# Configuration:
#
-# You can optionally let the user know that their command was blocked.
+# affectopers: Whether server operators are exempt from shuns. This
+# option is deprecated; you should instead give exempt
+# server operators the servers/ignore-shun privilege.
#
-# You may also let SHUN affect opers (defaults to no).
-#<shun enabledcommands="ADMIN PING PONG QUIT PART JOIN" notifyuser="yes" affectopers="no">
+# allowconnect: Whether to only apply shuns to users who are fully
+# connected to the server.
+#
+# allowtags: Whether to allow client tags to be attached to enabled
+# commands.
+#
+# cleanedcommands: The commands that, if enabled, should be cleaned
+# of any message content if a shunned user tries to
+# execute them.
+#
+# enabledcommands: The commands that a shunned user is allowed to
+# execute.
+#
+# notifyuser: Whether to notify shunned users that a command they tried
+# to execute has been blocked.
+#
+#<shun enabledcommands="ADMIN OPER PING PONG QUIT PART JOIN"
+# cleanedcommands="AWAY PART QUIT"
+# affectopers="no"
+# allowconnect="no"
+# allowtags="no"
+# notifyuser="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# SSL mode module: Adds support for SSL-only channels via the '+z'
-# channel mode, SSL-only private messages via the '+z' user mode and
-# the 'z:' extban which matches SSL client certificate fingerprints.
+# SSL mode module: Adds support for TLS (SSL)-only channels via the '+z'
+# channel mode, TLS (SSL)-only private messages via the '+z' user mode and
+# the 'z:' extban which matches TLS (SSL) client certificate fingerprints.
#
-# Does not do anything useful without a working SSL module and the
+# Does not do anything useful without a working TLS (SSL) module and the
# sslinfo module (see below).
#<module name="sslmodes">
#
#<sslmodes enableumode="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# SSL rehash signal module: Allows the SSL modules to be rehashed by
+# SSL rehash signal module: Allows the TLS (SSL) modules to be rehashed by
# sending SIGUSR1 to a running InspIRCd process.
-# This modules is in extras. Re-run configure with:
-# ./configure --enable-extras=m_sslrehashsignal.cpp
+# This module is in extras. Re-run configure with:
+# ./configure --enable-extras sslrehashsignal
# and run make install, then uncomment this module to enable it.
#<module name="sslrehashsignal">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# GnuTLS SSL module: Adds support for SSL connections using GnuTLS,
+# GnuTLS SSL module: Adds support for TLS (SSL) connections using GnuTLS,
# if enabled. You must answer 'yes' in ./configure when asked or
# manually symlink the source for this module from the directory
# src/modules/extra, if you want to enable this, or it will not load.
#
#-#-#-#-#-#-#-#-#-#-#- GNUTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# ssl_gnutls is too complex to describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/3.0/ssl_gnutls #
+# ssl_gnutls is too complex to describe here, see the docs: #
+# https://docs.inspircd.org/3/modules/ssl_gnutls #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SSL info module: Allows users to retrieve information about other
-# users' peer SSL certificates and keys. This can be used by client
-# scripts to validate users. For this to work, one of ssl_gnutls
-# or ssl_openssl must be loaded. This module also adds the
-# "* <user> is using a secure connection" whois line, the ability for
-# opers to use SSL cert fingerprints to verify their identity and the
-# ability to force opers to use SSL connections in order to oper up.
-# It is highly recommended to load this module if you use SSL on your
-# network.
-# For how to use the oper features, please see the first example <oper> tag
-# in opers.conf.example.
+# users' peer TLS (SSL) certificates and keys via the SSLINFO command.
+# This can be used by client scripts to validate users. For this to
+# work, one of ssl_gnutls, ssl_mbedtls or ssl_openssl must be loaded.
+# This module also adds the "<user> is using a secure connection"
+# and "<user> has TLS (SSL) client certificate fingerprint <fingerprint>"
+# WHOIS lines, the ability for opers to use TLS (SSL) cert fingerprints to
+# verify their identity and the ability to force opers to use TLS (SSL)
+# connections in order to oper up. It is highly recommended to load
+# this module if you use TLS (SSL) on your network.
+# For how to use the oper features, please see the first
+# example <oper> tag in opers.conf.example.
#
#<module name="sslinfo">
+#
+# If you want to prevent users from viewing TLS (SSL) certificate information
+# and fingerprints of other users, set operonly to yes.
+#<sslinfo operonly="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# mbedTLS SSL module: Adds support for SSL/TLS connections using mbedTLS.
+# mbedTLS TLS (SSL) module: Adds support for TLS (SSL) connections using mbedTLS.
#<module name="ssl_mbedtls">
+#
+#-#-#-#-#-#-#-#-#-#-#- MBEDTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# ssl_mbedtls is too complex to describe here, see the docs: #
+# https://docs.inspircd.org/3/modules/ssl_mbedtls #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# OpenSSL SSL module: Adds support for SSL connections using OpenSSL,
+# OpenSSL TLS (SSL) module: Adds support for TLS (SSL) connections using OpenSSL,
# if enabled. You must answer 'yes' in ./configure when asked or symlink
# the source for this module from the directory src/modules/extra, if
# you want to enable this, or it will not load.
#
#-#-#-#-#-#-#-#-#-#-#- OPENSSL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# ssl_openssl is too complex to describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/3.0/ssl_openssl #
+# ssl_openssl is too complex to describe here, see the docs: #
+# https://docs.inspircd.org/3/modules/ssl_openssl #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Strip color module: Adds channel mode +S that strips color codes and
# SQLite3 module: Allows other SQL modules to access SQLite3 #
# databases through a unified API. #
# This module is in extras. Re-run configure with: #
-# ./configure --enable-extras=m_sqlite3.cpp
+# ./configure --enable-extras sqlite3
# and run make install, then uncomment this module to enable it. #
#
#<module name="sqlite3">
#
#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# sqlite is more complex than described here, see the wiki for more #
-# info: https://wiki.inspircd.org/Modules/3.0/sqlite3 #
+# sqlite is more complex than described here, see the docs for more #
+# info: https://docs.inspircd.org/3/modules/sqlite3 #
#
#<database module="sqlite" hostname="/full/path/to/database.db" id="anytext">
#
#-#-#-#-#-#-#-#-#-#-#- SQLAUTH CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# sqlauth is too complex to describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/3.0/sqlauth #
+# sqlauth is too complex to describe here, see the docs: #
+# https://docs.inspircd.org/3/modules/sqlauth #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SQL oper module: Allows you to store oper credentials in an SQL
# #
# dbid - Database ID to use (see SQL modules). #
# #
-# See also: https://wiki.inspircd.org/Modules/3.0/sqloper #
+# See also: https://docs.inspircd.org/3/modules/sqloper #
# #
#<sqloper dbid="1">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# StartTLS module: Implements STARTTLS, which allows clients #
-# connected to non SSL enabled ports to enable SSL, if a proper SSL #
-# module is loaded (either ssl_gnutls or ssl_openssl). #
+# connected to non TLS (SSL) enabled ports to enable TLS (SSL), if #
+# a proper TLS (SSL) module is loaded (either ssl_gnutls, #
+# ssl_mbedtls or ssl_openssl). #
#<module name="starttls">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#<module name="svshold">
# SVSHOLD does not generate server notices by default, you can turn
# notices on by uncommenting the next line.
-#<svshold silent="false">
+#<svshold silent="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SWHOIS module: Allows you to add arbitrary lines to user WHOIS.
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Timed bans module: Adds timed channel bans with the /TBAN command.
#<module name="timedbans">
+# By default, it sends a notice to channel operators when timed ban is
+# set and when it is removed by server.
+#<timedbans sendnotice="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Test line module: Adds the /TLINE command, used to test how many
#<module name="topiclock">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# UHNAMES support module: Adds support for the IRCX style UHNAMES
-# extension, which displays ident and hostname in the names list for
-# each user, saving clients from doing a WHO on the channel.
-# If a client does not support UHNAMES it will not enable it, this will
-# not break incompatible clients.
+# UHNAMES support module: Adds support for the IRCv3 userhost-in-names
+# capability and legacy UHNAMES extension which display the ident and
+# hostname of users in the NAMES list.
#<module name="uhnames">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#<module name="watch">
#
# Set the maximum number of entries on a user's watch list below.
-#<watch maxentries="32">
+#<watch maxwatch="32">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# WebSocket module: Adds HTML5 WebSocket support.
# Specify hook="websocket" in a <bind> tag to make that port accept
-# WebSocket connections. Compatible with SSL/TLS.
+# WebSocket connections. Compatible with TLS (SSL).
# Requires SHA-1 hash support available in the sha1 module.
#<module name="websocket">
#
-# Whether to re-encode messages as UTF-8 before sending to WebSocket
-# clients. This is recommended as the WebSocket protocol requires all
-# text frames to be sent as UTF-8. If you do not have this enabled
-# messages will be sent as binary frames instead.
-#<websocket sendastext="yes">
+# proxyranges: A space-delimited list of glob or CIDR matches to trust
+# the X-Real-IP or X-Forwarded-For headers from. If enabled
+# the server will use the IP address specified by those HTTP
+# headers. You should NOT enable this unless you are using
+# a HTTP proxy like nginx as it will allow IP spoofing.
+# sendastext: Whether to re-encode messages as UTF-8 before sending to
+# WebSocket clients. This is recommended as the WebSocket
+# protocol requires all text frames to be sent as UTF-8.
+# If you do not have this enabled messages will be sent as
+# binary frames instead.
+#<websocket proxyranges="192.0.2.0/24 198.51.100.*"
+# sendastext="yes">
#
# If you use the websocket module you MUST specify one or more origins
# which are allowed to connect to the server. You should set this as
# strict as possible to prevent malicious webpages from connecting to
# your server.
-# <wsorigin allow="https://*.example.com/">
+# <wsorigin allow="https://*.example.com">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# XLine database: Stores all *-lines (G/Z/K/R/any added by other modules)
+# X-line database: Stores all *-lines (G/Z/K/R/any added by other modules)
# in a file which is re-loaded on restart. This is useful
# for two reasons: it keeps bans so users may not evade them, and on
# bigger networks, server connections will take less time as there will
# be a lot less bans to apply - as most of them will already be there.
#<module name="xline_db">
-# Specify the filename for the xline database here.
-#<xlinedb filename="xline.db">
+# Specify the filename for the xline database and how often to check whether
+# the database needs to be saved here.
+#<xlinedb filename="xline.db" saveperiod="5s">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# ____ _ _____ _ _ ____ _ _ _ #