# #
# By default, ALL modules are commented out. You must uncomment them #
# or add lines to your config to load modules. Please refer to #
-# http://wiki.inspircd.org/Modules for a list of modules and #
+# https://wiki.inspircd.org/3.0/Modules for a list of modules and #
# each modules link for any additional conf tags they require. #
# #
# ____ _ _____ _ _ ____ _ _ _ #
# this module being loaded to function.
#
#<module name="md5">
-#
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SHA256 module: Allows other modules to generate SHA256 hashes,
# usually for cryptographic uses and security.
# be enhanced (for example the addition of HMAC authentication).
#
#<module name="sha256">
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# RIPEMD160 module: Allows other modules to generate RIPEMD160 hashes,
-# usually for cryptographic uses and security.
-#
-# IMPORTANT:
-# Other modules may rely on this module being loaded to function.
-#<module name="ripemd160">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Abbreviation module: Provides the ability to abbreviate commands a-la
# read from the top of the file to the bottom. #
# #
# usercommand - If this is true, the alias can be run simply as #
-# /aliasname. Defaults to true. #
+# /ALIASNAME. Defaults to true. #
# #
# channelcommand - If this is true, the alias can be used as an #
# in-channel alias or 'fantasy command', prefixed #
# If a non-oper attempts to use the alias, it will #
# appear to not exist. #
# #
-#<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-#<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-#<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-#<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-#<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-#<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
-#<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-#<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-#<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-#<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-#<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-#<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
#
# An example of using the format value to create an alias with two
# different behaviours depending on the format of the parameters.
#
-#<alias text="ID" format="#*" replace="PRIVMSG ChanServ :IDENTIFY $2 $3"
+#<alias text="ID" format="#*" replace="SQUERY ChanServ :IDENTIFY $2 $3"
# requires="ChanServ" uline="yes">
#
-#<alias text="ID" replace="PRIVMSG NickServ :IDENTIFY $2"
+#<alias text="ID" replace="SQUERY NickServ :IDENTIFY $2"
# requires="NickServ" uline="yes">
#
# This alias fixes a glitch in xchat 2.6.x and above and the way it
# assumes IDENTIFY must be prefixed by a colon (:) character. It should
-# be placed ABOVE the default NICKSERV alias (the first example) listed
-# above.
+# be placed ABOVE the default NICKSERV alias.
#
-#<alias text="NICKSERV" format=":IDENTIFY *" replace="PRIVMSG NickServ :IDENTIFY $3-"
+#<alias text="NICKSERV" format=":IDENTIFY *" replace="SQUERY NickServ :IDENTIFY $3-"
# requires="NickServ" uline="yes">
#
# You may also add aliases to trigger based on something said in a
# command must be preceded by the fantasy prefix when used.
#
#<alias text="CS" usercommand="no" channelcommand="yes"
-# replace="PRIVMSG ChanServ :$1 $chan $2-" requires="ChanServ" uline="yes">
+# replace="SQUERY ChanServ :$1 $chan $2-" requires="ChanServ" uline="yes">
#
# This would be used as "!cs <command> <options>", with the channel
# being automatically inserted after the command in the message to
# To use, ALLTIME must be in one of your oper class blocks.
#<module name="alltime">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Anticaps module: Adds channel mode +B which allows you to punish
+# users that send overly capitalised messages to channels. Unlike the
+# blockcaps module this module is more flexible as it has more options
+# for punishment and allows channels to configure their own punishment
+# policies.
+#<module name="anticaps">
+#
+# You may also configure the characters which anticaps considers to be
+# lower case and upper case. Any characters not listed here are assumed
+# to be punctuation and will be ignored when counting:
+# <anticaps lowercase="abcdefghijklmnopqrstuvwxyz"
+# uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Auditorium module: Adds channel mode +u which makes everyone else
# except you in the channel invisible, used for large meetings etc.
# If you have the blockamsg module loaded, you can configure it with #
# the <blockamsg> tag: #
# #
-# delay - How many seconds between two messages to force #
-# them to be recognised as unrelated. #
+# delay - How much time between two messages to force them #
+# to be recognised as unrelated. #
# action - Any of 'notice', 'noticeopers', 'silent', 'kill' #
# or 'killopers'. Define how to take action when #
# a user uses /amsg or /ame. #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Block CAPS module: Adds channel mode +B, blocks all-CAPS messages.
+#
+# NOTE: This module is deprecated and will be removed in a future version
+# of InspIRCd. You should use the anticaps module shown above instead.
#<module name="blockcaps">
#
#-#-#-#-#-#-#-#-#-#-#- BLOCKCAPS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# percent - What percentage of the text must be caps before #
-# text will be blocked. #
+# percent - The percentage of a message which must be upper #
+# case before it will be blocked. #
# #
-# minlen - The minimum length a line must be for the block #
-# percent to have any effect. #
+# minlen - The minimum length a message must be before it #
+# will be blocked. #
# #
-# capsmap - A list of chars to be considered CAPS. Can be used #
-# to add CAPS characters for your language. Also you #
-# can add things like ! and space to further lock #
-# down on caps usage. #
+# lowercase - The characters which will be considered lower #
+# case. #
+# #
+# uppercase - The characters which will be considered upper #
+# case. #
+#
#<blockcaps percent="50"
# minlen="5"
-# capsmap="ABCDEFGHIJKLMNOPQRSTUVWXYZ! ">
+# lowercase="abcdefghijklmnopqrstuvwxyz"
+# uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Block color module: Blocking color-coded messages with chan mode +c.
#<module name="callerid">
#
#-#-#-#-#-#-#-#-#-#-#- CALLERID CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
-# maxaccepts - Maximum number of entries a user can add to his #
-# /ACCEPT list. Default is 16 entries. #
-# operoverride - Can opers (note: ALL opers) override callerid? #
-# Default is no. #
-# tracknick - Preserve /accept entries when a user changes nick? #
+# maxaccepts - Maximum number of entries a user can add to their #
+# /ACCEPT list. Default is 30 entries. #
+# tracknick - Preserve /ACCEPT entries when a user changes nick? #
# If no (the default), the user is removed from #
-# everyone's accept list if he changes nickname. #
-# cooldown - Amount of time (in seconds) that must pass since #
-# the last notification sent to a user before he can #
-# be sent another. Default is 60 (1 minute). #
-#<callerid maxaccepts="16"
-# operoverride="no"
+# everyone's accept list if their nickname changes. #
+# cooldown - Amount of time that must pass since the last #
+# notification sent to a user before they can be #
+# sent another. Default is 1 minute. #
+#<callerid maxaccepts="30"
# tracknick="no"
-# cooldown="60">
+# cooldown="1m">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CAP module: Provides the CAP negotiation mechanism required by the
#<module name="cban">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Censor module: Adds channel and user mode +G.
+# Censor module: Adds channel and user mode +G which block phrases that
+# are listed in the server bad words list.
#<module name="censor">
#
#-#-#-#-#-#-#-#-#-#-#- CENSOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# Optional - If you specify to use the censor module, then you must #
-# specify some censor tags. See also: #
-# http://wiki.inspircd.org/Modules/censor #
-#
-#<include file="examples/censor.conf.example">
+# If you have the censor module loaded you should specify one or more #
+# phrases to replace/block in user messages. The config for this is #
+# formatted as follows: #
+# #
+# Replaces "eggplant" with "aubergine" within messages: #
+# <badword text="eggplant" replace="aubergine"> #
+# #
+# Blocks messages that contain "fluffy capybaras": #
+#<badword text="fluffy capybaras"> #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# CGI:IRC module: Adds support for automatic host changing in CGI:IRC
-# (http://cgiirc.sourceforge.net).
-# Adds snomask +w for monitoring CGI:IRC connections.
+# CGI:IRC module: Enables forwarding the real IP address of a user from
+# a gateway to the IRC server.
#<module name="cgiirc">
#
#-#-#-#-#-#-#-#-#-#-#-# CGIIRC CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
#
-# Optional - If you specify to use cgiirc, then you must specify one
-# or more cgihost tags which indicate authorised CGI:IRC servers which
-# will be connecting to your network, and an optional cgiirc tag.
-# For more information see: http://wiki.inspircd.org/Modules/cgiirc
-#
-# Set to yes if you want to notice opers when CGI:IRC clients connect.
+# If you use the cgiirc module then you must specify the gateways which
+# are authorised to forward IP/host information to your server. There
+# are currently two ways to do this:
+#
+# The webirc method is the recommended way to allow gateways to forward
+# IP/host information. When using this method the gateway sends a WEBIRC
+# message to the server on connection. For more details please read the
+# IRCv3 WebIRC specification at: https://ircv3.net/specs/extensions/webirc.html
+#
+# When using this method you must specify a wildcard mask or CIDR range
+# to allow gateway connections from and at least one of either a SSL
+# client certificate fingerprint for the gateway or a password to be
+# sent in the WEBIRC command.
+#
+# <cgihost type="webirc"
+# fingerprint="bd90547b59c1942b85f382bc059318f4c6ca54c5"
+# mask="192.0.2.0/24">
+# <cgihost type="webirc"
+# password="$2a$10$WEUpX9GweJiEF1WxBDSkeODBstIBMlVPweQTG9cKM8/Vd58BeM5cW"
+# hash="bcrypt"
+# mask="*.webirc.gateway.example.com">
+#
+# Alternatively if your gateway does not support sending the WEBIRC
+# message then you can configure InspIRCd to look for the client IP
+# address in the ident sent by the user. This is not recommended as it
+# only works with IPv4 connections.
+#
+# When using this method you must specify a wildcard mask or CIDR range to allow
+# gateway connections from. You can also optionally configure the static value
+# that replaces the IP in the ident to avoid leaking the real IP address of
+# gateway clients (defaults to "gateway" if not set).
+#
+# <cgihost type="ident"
+# mask="198.51.100.0/24"
+# newident="wibble">
+# <cgihost type="ident"
+# mask="*.ident.gateway.example.com"
+# newident="wobble">
+#
+# By default gateway connections are logged to the +w snomask. If you
+# do not want this to happen then you can uncomment this to disable it.
# <cgiirc opernotice="no">
-#
-# The type field indicates where the module should get the real
-# client's IP address from, for further information, please see the
-# CGI:IRC documentation.
-#
-# Old style:
-# <cgihost type="pass" mask="www.example.com"> # Get IP from PASS
-# <cgihost type="ident" mask="otherbox.example.com"> # Get IP from ident
-# <cgihost type="passfirst" mask="www.example.com"> # See the docs
-# New style:
-# <cgihost type="webirc" password="foobar"
-# mask="somebox.example.com"> # Get IP from WEBIRC
-#
+
# IMPORTANT NOTE:
# ---------------
#
-# When you connect CGI:IRC clients, there are two connect classes which
+# When you connect gateway clients, there are two connect classes which
# apply to these clients. When the client initially connects, the connect
-# class which matches the CGI:IRC site's host is checked. Therefore you
-# must raise the maximum local/global clients for this ip as high as you
-# want to allow cgi clients. After the client has connected and is
-# determined to be a cgi:irc client, the class which matches the client's
+# class which matches the gateway site's host is checked. Therefore you
+# must raise the maximum local/global clients for this IP as high as you
+# want to allow gateway clients. After the client has connected and is
+# determined to be a gateway client, the class which matches the client's
# real IP is then checked. You may set this class to a lower value, so that
# the real IP of the client can still be restricted to, for example, 3
# sessions maximum.
#
# If hidemask is set to yes, the user will not be shown the mask when
# his/her message is blocked.
-#<chanfilter hidemask="yes">
+#
+# If maxlen is set then it defines the maximum length of a filter entry.
+#
+# If notifyuser is set to no, the user will not be notified when
+# his/her message is blocked.
+#<chanfilter hidemask="yes" maxlen="50" notifyuser="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channel history module: Displays the last 'X' lines of chat to a user
# If notice is set to yes, joining users will get a NOTICE before playback
# telling them about the following lines being the pre-join history.
# If bots is set to yes, it will also send to users marked with +B
-#<chanhistory maxlines="20" notice="yes" bots="yes">
+#<chanhistory maxlines="50" notice="yes" bots="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channel logging module: Used to send snotice output to channels, to
# that looks like the name of another channel on the network.
#<module name="channames">
-<channames
+#<channames
# denyrange: characters or range of characters to deny in channel
# names.
- denyrange="2,3"
+ #denyrange="2,3"
# allowrange: characters or range of characters to specifically allow
# in channel names.
- allowrange="">
+ #allowrange="">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channelban: Implements extended ban j:, which stops anyone already
#<module name="chgname">
#
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Connection class ban module: Adds support for extban 'n' which
+# Connection class ban module: Adds support for extban 'n' which
# matches against the class name of the user's connection.
# This module assumes that connection classes are named in a uniform
# way on all servers of the network.
#<module name="classban">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Clear chan module: Allows opers to masskick, masskill or mass-G/ZLine
-# all users on a channel using /CLEARCHAN.
+# Clear chan module: Allows opers to masskick, masskill or
+# mass G/Z-line all users on a channel using /CLEARCHAN.
#<module name="clearchan">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# To use cloaking, you must define a cloak key, and optionally a #
# cloak prefix as shown below. The cloak key must be shared across #
-# the network for correct cloaking. #
+# the network for consistent cloaking and must be at least thirty #
+# characters long. #
# #
# There are two methods of cloaking: #
# #
-# half Cloak only the "unique" portion of a host; show #
-# the last 2 parts of the domain, /16 subnet of IPv4 #
-# or /48 subnet of the IPv6 address. #
+# half Cloak only the "unique" portion of a host; by #
+# default show the last 2 parts of the domain, #
+# /16 subnet of IPv4 or /48 subnet of the IPv6 #
+# address. #
+# To change the number of shown parts, modify the #
+# domainparts option. #
# #
# full Cloak the users completely, using three slices for #
# common CIDR bans (IPv4: /16, /24; IPv6: /48, /64). #
# #
# The methods use a single key that can be any length of text. #
# An optional prefix may be specified to mark cloaked hosts. #
+# #
+# IMPORTANT: Changing these details will break all of your existing #
+# bans. If you do not want this to happen you can define multiple #
+# cloak tags. The first will be used for cloaking and the rest will #
+# be used for checking if a user is banned in a channel. #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#
#<cloak mode="half"
-# key="secret"
+# key="changeme"
+# domainparts="3"
+# prefix="net-">
+#
+#<cloak mode="full"
+# key="changeme"
# prefix="net-">
-
-#-#-#-#-#-#-#-#-#-#-#-#- CLOSE MODULE #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Close module: Allows an oper to close all unregistered connections.
-# This module is oper-only and provides the /CLOSE command.
-# To use, CLOSE must be in one of your oper class blocks.
-#<module name="close">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Clones module: Adds an oper command /CLONES for detecting cloned
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Connectban: Provides IP connection throttling. Any IP range that
-# connects too many times (configurable) in an hour is Z-Lined for a
+# connects too many times (configurable) in an hour is Z-lined for a
# (configurable) duration, and their count resets to 0.
#<module name="connectban">
#
#<module name="connflood">
#
#-#-#-#-#-#-#-#-#-#-#- CONNTHROTTLE CONFIGURATION -#-#-#-#-#-#-#-#-#-#
-# seconds, maxconns - Amount of connections per <seconds>.
+# period, maxconns - Amount of connections per <period>.
#
# timeout - Time to wait after the throttle was activated
# before deactivating it. Be aware that the time
# quitmsg="Throttled" bootwait="10">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Custom prefixes: Allows for channel prefixes to be added.
+# Custom prefixes: Allows for channel prefixes to be configured.
#<module name="customprefix">
#
# name The name of the mode, must be unique from other modes.
# rank A numeric rank for this prefix, defining what permissions it gives.
# The rank of voice, halfop and op is 10000, 20000, and 30000,
# respectively.
-# ranktoset The numeric rank required to set/unset this mode. Defaults to rank.
+# ranktoset The numeric rank required to set this mode. Defaults to rank.
+# ranktounset The numeric rank required to unset this mode. Defaults to ranktoset.
# depriv Can you remove the mode from yourself? Defaults to yes.
#<customprefix name="founder" letter="q" prefix="~" rank="50000" ranktoset="50000">
#<customprefix name="admin" letter="a" prefix="&" rank="40000" ranktoset="50000">
#<customprefix name="halfop" letter="h" prefix="%" rank="20000" ranktoset="30000">
-#<customprefix name="halfvoice" letter="V" prefix="-" rank="1" ranktoset="20000">
+#
+# You can also override the configuration of prefix modes added by both the core
+# and other modules by adding a customprefix tag with change="yes" specified.
+# <customprefix name="op" change="yes" rank="30000" ranktoset="30000">
+# <customprefix name="voice" change="yes" rank="10000" ranktoset="10000" depriv="no">
#
# Do /RELOADMODULE customprefix after changing the settings of this module.
#<banfile pattern="*.txt" action="allow">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Deaf module: Adds support for the usermode +d - deaf to channel
-# messages and channel notices.
+# Deaf module: Adds support for the usermodes +dD:
+# d - deaf to channel messages and notices.
+# D - deaf to user messages and notices.
+# The +D user mode is not enabled by default to enable link compatibility
+# with 2.0 servers.
#<module name="deaf">
+#
+#-#-#-#-#-#-#-#-#-#-#-#- DEAF CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
+# bypasschars - Characters that bypass deaf to a regular user.
+# bypasscharsuline - Characters that bypass deaf to a U-lined user (services).
+# Both of these take a list of characters that must match
+# the starting character of a message.
+# If 'bypasscharsuline' is empty, then 'bypasschars' will
+# match for both regular and U-lined users.
+# enableprivdeaf - Whether to enable usermode +D (privdeaf).
+# privdeafuline - Whether U-lined users bypass usermode +D (privdeaf).
+#
+#<deaf bypasschars="" bypasscharsuline="!" enableprivdeaf="no" privdeafuline="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Delay join module: Adds the channel mode +D which delays all JOIN
# Glob masks are accepted here also. #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Devoice module: Let users devoice themselves using /DEVOICE #chan.
-#<module name="devoice">
+# Disable module: Provides support for disabling commands and modes. #
+#<module name="disable">
+#
+#-#-#-#-#-#-#-#-#-#-#-#- DISABLE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# If you have the disable module loaded then you need to specify the #
+# commands and modes that you want disabled. Users who have not fully #
+# connected yet are exempt from this module so you can e.g. disable #
+# the NICK command but still allow users to connect to the server. #
+# #
+# commands - A space-delimited list of commands that can not be used #
+# by users. You can exempt server operators from this with #
+# the servers/use-disabled-commands privilege. #
+# #
+# chanmodes - One or more channel modes that can not be added/removed #
+# by users. You can exempt server operators from this #
+# with the servers/use-disabled-modes privilege. #
+# #
+# usermodes - One or more user modes that can not be added/removed by #
+# users. You can exempt server operators from this with #
+# the servers/use-disabled-modes privilege. #
+# #
+# fakenonexistent - Whether to pretend that a disabled command/mode #
+# does not exist when executed/changed by a user. #
+# Defaults to no. #
+# #
+# notifyopers - Whether to send a notice to snomask `a` when a user #
+# is prevented from using a disabled command/mode. #
+# Defaults to no. #
+# #
+#<disabled commands="KICK TOPIC" #
+# chanmodes="kp" #
+# usermodes="iw" #
+# fakenonexistent="yes" #
+# notifyopers="no"> #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# DNS blacklist module: Provides support for looking up IPs on one or #
# more blacklists. #
-#<module name="dnsbl"> #
+#<module name="dnsbl">
# #
# For configuration options please see the wiki page for dnsbl at #
-# http://wiki.inspircd.org/Modules/dnsbl #
+# https://wiki.inspircd.org/Modules/3.0/dnsbl #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Exempt channel operators module: Provides support for allowing #
-# channel operators to be exempt from some channel modes. Supported #
-# modes are blockcaps, noctcp, blockcolor, nickflood, flood, censor, #
-# filter, regmoderated, nonick, nonotice, and stripcolor. #
-#<module name="exemptchanops"> #
+# users of a specified channel status to be exempt from some channel #
+# restriction modes. Supported restrictions are #
+# blockcaps, blockcolor, censor, filter, flood, nickflood, noctcp, #
+# nonick, nonotice, regmoderated, stripcolor, and topiclock. #
+# See <options:exemptchanops> in inspircd.conf.example for a more #
+# detailed list of the restriction modes that can be exempted. #
+# These are settable using: /MODE #chan +X <restriction>:<status> #
+#<module name="exemptchanops">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Filter module: Provides message filtering, similar to SPAMFILTER. #
# stdlib - stdlib regexps, provided via regex_stdlib, see comment #
# at the <module> tag for info on availability. #
# #
-#<filteropts engine="glob"> #
+# If notifyuser is set to no, the user will not be notified when #
+# his/her message is blocked. #
+#<filteropts engine="glob" notifyuser="yes">
+# #
+# Your choice of regex engine must match on all servers network-wide. #
# #
-# Your choice of regex engine must match on all servers network-wide.
-#
# To learn more about the configuration of this module, read #
# examples/filter.conf.example, which covers the various types of #
# filters and shows how to add exemptions. #
-#
+# #
#-#-#-#-#-#-#-#-#-#-#- FILTER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
# Optional - If you specify to use the filter module, then #
# specify below the path to the filter.conf file, or define some #
-# <filter> tags. #
+# <keyword> tags. #
# #
#<include file="examples/filter.conf.example">
#<module name="flashpolicyd"> #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Gecos ban: Implements extended ban 'r', which stops anyone matching
-# a mask like +b r:*realname?here* from joining a channel.
+# Real name ban: Implements two extended bans: #
+# 'a', which matches a n!u@h+realname mask like +b a:*!*@host+*real* #
+# 'r', which matches a realname mask like +b r:*realname?here* #
#<module name="gecosban">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#
# <connect deny="*" geoip="TR,RU">
#
+# If enabled you can also ban people from channnels by country code
+# using the G: extban (e.g. /MODE #channel +b G:US).
+# <geoip extban="yes">
+#
# The country code must be in capitals and should be an ISO country
# code such as TR, GB, or US. Unknown IPs (localhost, LAN IPs, etc)
# will be assigned the country code "UNK". Since connect classes are
# must be in one of your oper class blocks.
#<module name="globalload">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# HAProxy module: Adds support for the HAProxy PROXY v2 protocol. To
+# use this module specify hook="haproxy" in the <bind> tag that HAProxy
+# has been configured to connect to.
+#<module name="haproxy">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# HELPOP module: Provides the /HELPOP command
#<module name="helpop">
# If you specify to use the helpop module, then specify below the #
# path to the helpop.conf file. #
# #
-#<include file="examples/inspircd.helpop-full.example">
+#<include file="examples/helpop.conf.example">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Hide chans module: Allows users to hide their channels list from non-
# Only show invite exceptions (+I) to channel members:
#<hidelist mode="invex" rank="0">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Hide mode module: Allows for hiding mode changes from users who do not
+# have sufficient channel privileges.
+#<module name="hidemode">
+#
+# Hide bans (+b) from people who are not voiced:
+#<hidemode mode="ban" rank="10000">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Hide oper module: Allows opers to hide their oper status from non-
# opers by setting user mode +H on themselves.
#
#-#-#-#-#-#-#-#-#-#-#- HOSTCHANGE CONFIGURATION -#-#-#-#-#-#-#-#-#-#
# #
-# See http://wiki.inspircd.org/Modules/hostchange for help. #
+# See https://wiki.inspircd.org/Modules/3.0/hostchange for help. #
# #
-#<host suffix="invalid.org" separator="." prefix="">
-#<hostchange mask="*@42.theanswer.example.org" action="addnick">
-#<hostchange mask="*root@*" action="suffix">
+#<hostchange mask="*@42.theanswer.example.org" action="addaccount" suffix=".users.example.com">
+#<hostchange mask="*root@*" action="addnick" prefix="example/users/">
#<hostchange mask="a@example.com" action="set" value="foo.bar.baz">
-#<hostchange mask="localhost" ports="7000,7001,7005-7007" action="set" value="blahblah.foo">
+#<hostchange mask="*@localhost" ports="7000,7001,7005-7007" action="set" value="blahblah.foo">
# hostcycle: If loaded, when a user gets a host or ident set, it will
# cycle them in all their channels. If not loaded it will simply change
# If you choose to use the httpd module, then you will need to add
# a <bind> tag with type "httpd", and load at least one of the other
# httpd_* modules to provide pages to display.
+# <bind address="127.0.0.1" port="8067" type="httpd">
+# <bind address="127.0.0.1" port="8097" type="httpd" ssl="gnutls">
#
# You can adjust the timeout for HTTP connections below. All HTTP
-# connections will be closed after (roughly) this many seconds.
+# connections will be closed after (roughly) this time period.
#<httpd timeout="20">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# <httpdacl path="/*" types="blacklist" blacklist="*">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# HTTP config module: Allows the configuration of the server to be
-# viewed over HTTP. Requires httpd to be loaded for it to function.
+# HTTP config module: Allows the server configuration to be viewed over
+# HTTP via the /config path. Requires the httpd module to be loaded for
+# it to function.
+#
+# IMPORTANT: This module exposes extremely sensitive information about
+# your server and users so you *MUST* protect it using a local-only
+# <bind> tag and/or the httpd_acl module. See above for details.
#<module name="httpd_config">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# HTTP stats module: Provides basic stats pages over HTTP.
-# Requires httpd to be loaded for it to function.
+# HTTP stats module: Provides server statistics over HTTP via the /stats
+# path. Requires the httpd module to be loaded for it to function.
+#
+# IMPORTANT: This module exposes extremely sensitive information about
+# your server and users so you *MUST* protect it using a local-only
+# <bind> tag and/or the httpd_acl module. See above for details.
#<module name="httpd_stats">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# the timeout for ident lookups here. If not defined, it will default #
# to 5 seconds. This is a non-blocking timeout which holds the user #
# in a 'connecting' state until the lookup is complete. #
-# The bind value indicates which IP to bind outbound requests to. #
-# nolookupprefix: If on, the idents of users being in a connect class #
+# prefixunqueried: If on, the idents of users being in a connect class#
# with ident lookups disabled (i.e. <connect useident="off">) will be #
# prefixed with a "~". If off, the ident of those users will not be #
# prefixed. Default is off. #
#
-#<ident timeout="5" nolookupprefix="no">
+#<ident timeout="5" prefixunqueried="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Invite exception module: Adds support for channel invite exceptions
#<inviteexception bypasskey="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# IRCv3 module: Provides the following IRCv3.1 extensions:
+# IRCv3 module: Provides the following IRCv3 extensions:
# extended-join, away-notify and account-notify. These are optional
# enhancements to the client-to-server protocol. An extension is only
# active for a client when the client specifically requests it, so this
#
# Further information on these extensions can be found at the IRCv3
# working group website:
-# http://ircv3.org/extensions/
+# https://ircv3.net/irc/
#
#<module name="ircv3">
# The following block can be used to control which extensions are
#<ircv3 accountnotify="on" awaynotify="on" extendedjoin="on">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# IRCv3 cap-notify module: Provides the cap-notify IRCv3.2 extension.
-# Required for IRCv3.2 conformance.
+# IRCv3 account-tag module. Adds the 'account' tag which contains the
+# services account name of the message sender.
+#<module name="ircv3_accounttag">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 batch module: Provides the batch IRCv3 extension which allows
+# the server to inform a client that a group of messages are related to
+# each other.
+#<module name="ircv3_batch">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 cap-notify module: Provides the cap-notify IRCv3 extension.
+# Required for IRCv3 conformance.
#<module name="ircv3_capnotify">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# IRCv3 chghost module: Provides the chghost IRCv3.2 extension which
+# IRCv3 chghost module: Provides the chghost IRCv3 extension which
# allows capable clients to learn when the host/ident of another user
# changes without cycling the user. This module is compatible with the
# hostcycle module. If both are loaded, clients supporting the chghost
#<module name="ircv3_chghost">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# IRCv3 echo-message module: Provides the echo-message IRCv3.2
+# IRCv3 client-to-client tags module: Provides the message-tags IRCv3
+# extension which allows clients to add extra data to their messages.
+# This is used to support new IRCv3 features such as replies and ids.
+#<module name="ircv3_ctctags">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 echo-message module: Provides the echo-message IRCv3
# extension which allows capable clients to get an acknowledgement when
# their messages are delivered and learn what modifications, if any,
# were applied to them.
#<module name="ircv3_echomessage">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# IRCv3 invite-notify module: Provides the invite-notify IRCv3.2
+# IRCv3 invite-notify module: Provides the invite-notify IRCv3
# extension which notifies supporting clients when a user invites
# another user into a channel. This respects <options:announceinvites>.
#<module name="ircv3_invitenotify">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 server-time module. Adds the 'time' tag which adds a timestamp
+# to all messages received from the server.
+#<module name="ircv3_servertime">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 Strict Transport Security module: Provides the sts IRCv3
+# extension which allows clients connecting insecurely to upgrade their
+# connections to TLS.
+#<module name="ircv3_sts">
+#
+# If using the ircv3_sts module you MUST define a STS policy to send
+# to clients using the <sts> tag. This tag takes the following
+# attributes:
+#
+# host - A glob match for the SNI hostname to apply this policy to.
+# duration - The amount of time that the policy lasts for. Defaults to
+# approximately two months by default.
+# port - The port on which TLS connections to the server are being
+# accepted. You MUST have a CA-verified certificate on this
+# port. Self signed certificates are not acceptable.
+# preload - Whether client developers can include your certificate in
+# preload lists.
+#
+# <sts host="*.example.com" duration="60d" port="6697" preload="yes">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Join flood module: Adds support for join flood protection +j X:Y.
# Closes the channel for N seconds if X users join in Y seconds.
# The number of seconds to close the channel for:
#<joinflood duration="1m">
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Jump server module: Adds support for the RPL_REDIR numeric.
-# This module is oper-only.
-# To use, JUMPSERVER must be in one of your oper class blocks.
-# If your server is redirecting new clients and you get disconnected,
-# do a REHASH from shell to open up again.
-#<module name="jumpserver">
-
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Anti auto rejoin: Adds support for prevention of auto-rejoin (+J).
#<module name="kicknorejoin">
# allowpattern="Guest* Bot*" #
# killreason="Access denied" #
# verbose="yes" #
-# host="$uid.$ou.inspircd.org"> #
+# host="$uid.$ou.inspircd.org" #
+# useusername="no"> #
# #
# <ldapwhitelist cidr="10.42.0.0/16"> #
# #
# regardless of if they have an account, for example guest and bot #
# users. #
# #
+# The useusername setting chooses whether the user's username or #
+# nickname is used when locating a user account, if a username isn't #
+# provided in PASS. #
+# #
# Killreason indicates the QUIT reason to give to users if they fail #
# to authenticate. #
# #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Map hiding module: replaces /MAP and /LINKS output to users with a #
-# message to see a website, set by maphide="http://test.org/map" in #
+# message to see a website, set by maphide="https://test.org/map" in #
# the <security> tag, instead. #
#<module name="maphide">
#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# mysql is more complex than described here, see the wiki for more #
-# info: http://wiki.inspircd.org/Modules/mysql #
+# info: https://wiki.inspircd.org/Modules/3.0/mysql #
#
#<database module="mysql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database2">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Named modes module: Allows for the display and set/unset of channel
# modes via long-form mode names via +Z and the /PROP command.
-# For example, to set a ban, do /mode #channel +Z ban=foo!bar@baz or
+# For example, to set a ban, do /MODE #channel +Z ban=foo!bar@baz or
# /PROP #channel ban=foo!bar@baz
#<module name="namedmodes">
#<module name="nicklock">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# No CTCP module: Adds the channel mode +C to block CTCPs and extban
-# 'C' to block CTCPs sent by specific users.
+# No CTCP module: Adds the channel mode +C and user mode +T to block
+# CTCPs and extban 'C' to block CTCPs sent by specific users.
#<module name="noctcp">
+#
+# The +T user mode is not enabled by default to enable link compatibility
+# with 2.0 servers. You can enable it by uncommenting this:
+#<noctcp enableumode="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# No kicks module: Adds the +Q channel mode and the Q: extban to deny
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper channels mode: Adds the +O channel mode and extban O:<mask>
# to ban, except, etc. specific oper types. For example
-# /mode #channel +iI O:* is equivalent to channel mode +O, but you
+# /MODE #channel +iI O:* is equivalent to channel mode +O, but you
# may also set +iI O:AdminTypeOnly to only allow admins.
# Modes +I and +e work in a similar fashion.
#<module name="operchans">
# onoper - If on, the message is sent on /OPER, otherwise it's #
# only sent when /OPERMOTD is used. #
# #
-# processcolors - Allow color codes to be processed in the opermotd. #
-# Read the comment above <connect:allowmotdcolors> in #
-# inspircd.conf.example for details. #
-# #
-#<opermotd file="examples/opermotd.txt.example" onoper="yes" processcolors="false">
+#<opermotd file="examples/opermotd.txt.example" onoper="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Override module: Adds support for oper override.
#
#-#-#-#-#-#-#-#-#-#-# OVERRIDE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# override is too complex it describe here, see the wiki: #
-# http://wiki.inspircd.org/Modules/override #
+# Much of override's configuration relates to your oper blocks. #
+# For more information on how to allow opers to override, see: #
+# https://wiki.inspircd.org/Modules/3.0/override #
+# #
+# noisy - If enabled, all oper overrides will be announced #
+# via channel notice. #
+# #
+# requirekey - If enabled, overriding on join requires a channel #
+# key of "override" to be specified #
+# #
+# enableumode - If enabled, usermode +O is required for override. #
+# #
+#<override noisy="yes" requirekey="no" enableumode="true">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper levels module: Gives each oper a level and prevents actions
# Oper modes module: Allows you to specify modes to add/remove on oper.
# Specify the modes as the 'modes' parameter of the <type> tag
# and/or as the 'modes' parameter of the <oper> tag.
-# This module is oper-only. For the user equivalent, see the
+# This module is oper-only. For the user equivalent, see the
# conn_umodes module.
#<module name="opermodes">
# cmd: Command for the user to run when it receives a connect
# password.
- cmd="PRIVMSG $nickrequired :IDENTIFY $pass">
+ cmd="SQUERY $nickrequired :IDENTIFY $pass">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Password hash module: Allows hashed passwords to be used.
#<include file="permchannels.conf">
#
# You may also create channels on startup by using the <permchannels> block.
-# Don't forget to set them +P in the modes, or they won't stay permanent.
#<permchannels channel="#opers" modes="isP" topic="Opers only.">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#
#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# pgsql is more complex than described here, see the wiki for #
-# more: http://wiki.inspircd.org/Modules/pgsql #
+# pgsql is more complex than described here, see the wiki for #
+# more: https://wiki.inspircd.org/Modules/3.0/pgsql #
#
#<database module="pgsql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database" ssl="no">
# Muteban: Implements extended ban 'm', which stops anyone matching
# a mask like +b m:nick!user@host from speaking on channel.
#<module name="muteban">
+#
+# If notifyuser is set to no, the user will not be notified when
+# his/her message is blocked.
+#<muteban notifyuser="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Random quote module: Provides a random quote on connect.
#<randquote file="quotes.txt">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Redirect module: Adds channel redirection mode +L. #
-# Optional: <redirect:antiredirect> to add usermode +L to stop forced #
-# redirection and instead print an error. #
-# #
-# Note: You can not update this with a simple rehash, it requires #
-# reloading the module for it to take effect. #
-# This also breaks linking to servers that do not have the option. #
-# This defaults to false for the 2.0 version, it will be enabled in #
-# all the future versions. #
+# Redirect module: Adds channel mode +L which redirects users to #
+# another channel when the channel has reached its user limit and #
+# user mode +L which stops redirection. #
#<module name="redirect">
-#<redirect antiredirect="true">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Regular expression provider for glob or wildcard (?/*) matching.
-# You must have at least 1 provider loaded to use the filter or rline
+# You must have at least 1 provider loaded to use the filter or R-line
# modules. This module has no additional requirements, as it uses the
# matching already present in InspIRCd core.
#<module name="regex_glob">
# Regular expression provider for PCRE (Perl-Compatible Regular
# Expressions). You need libpcre installed to compile and load this
# module. You must have at least 1 provider loaded to use the filter or
-# rline modules.
+# R-line modules.
#<module name="regex_pcre">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Regular expression provider for POSIX regular expressions.
# You shouldn't need any additional libraries on a POSIX-compatible
# system (i.e.: any Linux, BSD, but not Windows). You must have at
-# least 1 provider loaded to use filter or rline.
+# least 1 provider loaded to use the filter or R-line modules.
# On POSIX-compliant systems, regex syntax can be found by using the
# command: 'man 7 regex'.
#<module name="regex_posix">
# to compile and load this module.
#<module name="regex_tre">
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Registered users only channel creation module. If enabled, only
-# registered users and opers can create new channels.
-#
-# You probably *DO NOT* want to load this module on a public network.
-#
-#<module name="regonlycreate">
-
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Remove module: Adds the /REMOVE command which is a peaceful
-# alternative to /KICK.
+# alternative to /KICK. It also provides the /FPART command which works
+# in the same way as /REMOVE.
#<module name="remove">
#
# supportnokicks: If true, /REMOVE is not allowed on channels where the
#<remove supportnokicks="true" protectedrank="50000">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# A module to block, kick or ban upon similar messages being uttered several times.
-# Syntax [~*][lines]:[sec]{[:difference]}{[:matchlines]}
-# ~ is to block, * is to ban, default is kick.
-# lines - In mode 1 the amount of lines that has to match consecutively - In mode 2 the size of the backlog to keep for matching
-# seconds - How old the message has to be before it's invalidated.
-# distance - Edit distance, in percent, between two strings to trigger on.
-# matchlines - When set, the function goes into mode 2. In this mode the function will trigger if this many of the last <lines> matches.
+# Repeat module: Allows to block, kick or ban upon similar messages
+# being uttered several times. Provides channel mode +E.
+#
+# Syntax: [~|*]<lines>:<sec>[:<difference>][:<backlog>]
+# ~ is to block, * is to ban, default is kick.
+# lines - In mode 1, the amount of lines that has to match consecutively.
+# In mode 2, the size of the backlog to keep for matching.
+# seconds - How old the message has to be before it's invalidated.
+# difference - Edit distance, in percent, between two strings to trigger on.
+# backlog - When set, the function goes into mode 2. In this mode the
+# function will trigger if this many of the last <lines> matches.
#
# As this module can be rather CPU-intensive, it comes with some options.
-# maxbacklog - Maximum size that can be specified for backlog. 0 disables multiline matching.
-# maxdistance - Max percentage of difference between two lines we'll allow to match. Set to 0 to disable edit-distance matching.
-# maxlines - Max lines of backlog to match against.
-# maxsecs - Maximum value of seconds a user can set. 0 to allow any.
-# size - Maximum number of characters to check for, can be used to truncate messages
-# before they are checked, resulting in less CPU usage. Increasing this beyond 512
-# doesn't have any effect, as the maximum length of a message on IRC cannot exceed that.
-#<repeat maxbacklog="20" maxlines="20" maxdistance="50" maxsecs="0" size="512">
+# maxbacklog - Maximum size that can be specified for backlog. 0 disables
+# multiline matching.
+# maxdistance - Max percentage of difference between two lines we'll allow
+# to match. Set to 0 to disable edit-distance matching.
+# maxlines - Max lines of backlog to match against.
+# maxtime - Maximum period of time a user can set. 0 to allow any.
+# size - Maximum number of characters to check for, can be used to
+# truncate messages before they are checked, resulting in
+# less CPU usage. Increasing this beyond 512 doesn't have
+# any effect, as the maximum length of a message on IRC
+# cannot exceed that.
+#<repeat maxbacklog="20" maxdistance="50 maxlines="20" maxtime="0" size="512">
#<module name="repeat">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Restricted channels module: Allows only opers to create channels.
+# Restricted channels module: Allows only opers with the
+# channels/restricted-create priv and/or registered users to
+# create channels.
#
# You probably *DO NOT* want to load this module on a public network.
#
#<module name="restrictchans">
+#
+# allowregistered: should registered users be allowed to bypass the restrictions?
+#<restrictchans allowregistered="no">
+#
+# Allow any channel matching #user-* to be created, bypassing restrictchans checks
+#<allowchannel name="#user-*">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Restrict message module: Allows users to only message opers.
#<module name="restrictmsg">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# R-Line module: Ban users through regular expression patterns.
+# R-line module: Ban users through regular expression patterns.
#<module name="rline">
#
#-#-#-#-#-#-#-#-#-#-#-#- RLINE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# useful under some situations, but *can* also use CPU with more users
# on a server) then set 'matchonnickchange' to yes.
# Also, this is where you set what Regular Expression engine is to be
-# used. If you ever change it while running, all of your R-Lines will
-# be wiped. This is the regex engine used by all R-Lines set, and
+# used. If you ever change it while running, all of your R-lines will
+# be wiped. This is the regex engine used by all R-lines set, and
# regex_<engine> must be loaded, or rline will be non-functional
# until you load it or change the engine to one that is loaded.
#
#<rline matchonnickchange="yes" engine="pcre">
#
-# Generally, you will NOT want to use 'glob' here, as this turns
-# rline into just another gline. The exceptions are that rline will
+# Generally, you will NOT want to use 'glob' here, as this turns an
+# R-line into just another G-line. The exceptions are that R-lines will
# always use the full "nick!user@host realname" string, rather than only
# user@host, but beware that only the ? and * wildcards are available,
# and are the only way to specify where the space can occur if you do
# so that at least \s or [[:space:]] is available.
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# RMODE module: Adds the /RMODE command
-# Allows channel mods to remove list modes en masse.
-# Syntax: /rmode <channel> <mode> [pattern]
-# E.g. '/rmode #Channel b m:*' will remove all mute-extbans on the channel.
+# RMODE module: Adds the /RMODE command.
+# Allows channel operators to remove list modes en masse, optionally
+# matching a glob-based pattern.
+# Syntax: /RMODE <channel> <mode> [<pattern>]
+# E.g. '/RMODE #channel b m:*' will remove all mute extbans on the channel.
#<module name="rmode">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Layer via AUTHENTICATE. Note: You also need to have cap loaded
# for SASL to work.
#<module name="sasl">
+# Define the following to your services server name to improve security
+# by ensuring the SASL messages are only sent to the services server
+# and not to all connected servers. This prevents a rogue server from
+# capturing SASL messages and disables the SASL cap when services is
+# down.
+#<sasl target="services.mynetwork.com">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Secure list module: Prevent /LIST in the first minute of connection,
#
#-#-#-#-#-#-#-#-#-# SECURELIST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# Securelist can be harmful to some IRC search engines such as #
-# netsplit.de and searchirc.com. To prevent securelist blocking these #
-# sites from listing, define exception tags as shown below: #
-#<securehost exception="*@*.searchirc.org">
+# Securelist can be harmful to some IRC search engines. To prevent #
+# securelist blocking these sites from listing, define exception tags #
+# as shown below: #
#<securehost exception="*@*.netsplit.de">
-#<securehost exception="*@echo940.server4you.de">
#<securehost exception="*@*.ircdriven.com">
+#<securehost exception="*@*.ircs.me">
# #
# Define the following variable to change how long a user must wait #
# before issuing a LIST. If not defined, defaults to 60 seconds. #
# #
-#<securelist waittime="60"> #
+#<securelist waittime="1m"> #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Servprotect module: Provides support for Austhex style +k /
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SETNAME module: Adds the /SETNAME command.
#<module name="setname">
+#
+#-#-#-#-#-#-#-#-#-#-#-#- SETNAME CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# operonly - Whether the SETNAME command should only be usable by #
+# server operators. Defaults to no. #
+# #
+# notifyopers - Whether to send a snotice to snomask `a` when a user #
+# changes their real name. Defaults to to yes if #
+# oper-only and no if usable by everyone. #
+# #
+#<setname notifyopers="yes"
+# operonly="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Serverban: Implements extended ban 's', which stops anyone connected
# they enter a command. #
# This module adds one command for each <showfile> tag that shows the #
# given file to the user as a series of messages or numerics. #
-#<module name="showfile"> #
+#<module name="showfile">
# #
#-#-#-#-#-#-#-#-#-#-# SHOWFILE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# (similar to /MOTD; the default). #
# * notice: Send contents as a series of notices. #
# * msg: Send contents as a series of private messages. #
-# colors - If true, color codes (\c, \b, \u, etc.) will be processed #
-# and sent as ANSI colors. If false (default) the file will #
-# be displayed as-is. #
# #
# When using the method "numeric", the following extra settings are #
# available: #
# #
#<showfile name="RULES"
# file="rules.txt"
-# colors="true"
# introtext="Server rules:"
# endtext="End of server rules.">
# You can optionally let the user know that their command was blocked.
#
# You may also let SHUN affect opers (defaults to no).
-#<shun enabledcommands="PING PONG QUIT PART JOIN" notifyuser="yes" affectopers="no">
+#<shun enabledcommands="ADMIN PING PONG QUIT PART JOIN" notifyuser="yes" affectopers="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# SSL channel mode module: Adds support for SSL-only channels via
-# channel mode +z and the 'z' extban which matches SSL client
-# certificate fingerprints.
-# Does not do anything useful without a working SSL module (see below).
+# SSL mode module: Adds support for SSL-only channels via the '+z'
+# channel mode, SSL-only private messages via the '+z' user mode and
+# the 'z:' extban which matches SSL client certificate fingerprints.
+#
+# Does not do anything useful without a working SSL module and the
+# sslinfo module (see below).
#<module name="sslmodes">
+#
+# The +z user mode is not enabled by default to enable link compatibility
+# with 2.0 servers. You can enable it by uncommenting this:
+#<sslmodes enableumode="yes">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# SSL rehash signal module: Allows the SSL modules to be rehashed by
+# sending SIGUSR1 to a running InspIRCd process.
+# This modules is in extras. Re-run configure with:
+# ./configure --enable-extras=m_sslrehashsignal.cpp
+# and run make install, then uncomment this module to enable it.
+#<module name="sslrehashsignal">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# GnuTLS SSL module: Adds support for SSL connections using GnuTLS,
#-#-#-#-#-#-#-#-#-#-#- GNUTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
# ssl_gnutls is too complex to describe here, see the wiki: #
-# http://wiki.inspircd.org/Modules/ssl_gnutls #
+# https://wiki.inspircd.org/Modules/3.0/ssl_gnutls #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SSL info module: Allows users to retrieve information about other
#-#-#-#-#-#-#-#-#-#-#- OPENSSL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
# ssl_openssl is too complex to describe here, see the wiki: #
-# http://wiki.inspircd.org/Modules/ssl_openssl #
+# https://wiki.inspircd.org/Modules/3.0/ssl_openssl #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Strip color module: Adds channel mode +S that strips color codes and
# SQLite3 module: Allows other SQL modules to access SQLite3 #
# databases through a unified API. #
# This module is in extras. Re-run configure with: #
-# ./configure --enable-extras=m_sqlite.cpp
+# ./configure --enable-extras=m_sqlite3.cpp
# and run make install, then uncomment this module to enable it. #
#
#<module name="sqlite3">
#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# sqlite is more complex than described here, see the wiki for more #
-# info: http://wiki.inspircd.org/Modules/sqlite3 #
+# info: https://wiki.inspircd.org/Modules/3.0/sqlite3 #
#
#<database module="sqlite" hostname="/full/path/to/database.db" id="anytext">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SQL authentication module: Allows IRCd connections to be tied into
# a database table (for example a forum).
-# This module is in extras. Re-run configure with:
-# ./configure --enable-extras=m_sqlauth.cpp
-# and run make install, then uncomment this module to enable it.
#
#<module name="sqlauth">
#
#-#-#-#-#-#-#-#-#-#-#- SQLAUTH CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
# sqlauth is too complex to describe here, see the wiki: #
-# http://wiki.inspircd.org/Modules/sqlauth #
+# https://wiki.inspircd.org/Modules/3.0/sqlauth #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# SQL oper module: Allows you to store oper credentials in an SQL table
-# This module is in extras. Re-run configure with:
-# ./configure --enable-extras=m_sqloper.cpp
-# and run make install, then uncomment this module to enable it.
+# SQL oper module: Allows you to store oper credentials in an SQL
+# table. You can add additional table columns like you would config
+# tags in opers.conf. Opers in opers.conf will override opers from
+# this module.
#
#<module name="sqloper">
#
#-#-#-#-#-#-#-#-#-#-#- SQLOPER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
# dbid - Database ID to use (see SQL modules). #
-# hash - Hashing provider to use for password hashing. #
# #
-# See also: http://wiki.inspircd.org/Modules/sqloper #
+# See also: https://wiki.inspircd.org/Modules/3.0/sqloper #
# #
-#<sqloper dbid="1" hash="bcrypt">
+#<sqloper dbid="1">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# StartTLS module: Implements STARTTLS, which allows clients #
#<module name="starttls">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# SVSHold module: Implements SVSHOLD. Like Q:Lines, but can only be #
+# SVSHold module: Implements SVSHOLD. Like Q-lines, but can only be #
# added/removed by Services. #
#<module name="svshold">
# SVSHOLD does not generate server notices by default, you can turn
# WebSocket connections. Compatible with SSL/TLS.
# Requires SHA-1 hash support available in the sha1 module.
#<module name="websocket">
+#
+# Whether to re-encode messages as UTF-8 before sending to WebSocket
+# clients. This is recommended as the WebSocket protocol requires all
+# text frames to be sent as UTF-8. If you do not have this enabled
+# messages will be sent as binary frames instead.
+#<websocket sendastext="yes">
+#
+# If you use the websocket module you MUST specify one or more origins
+# which are allowed to connect to the server. You should set this as
+# strict as possible to prevent malicious webpages from connecting to
+# your server.
+# <wsorigin allow="https://*.example.com/">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# XLine database: Stores all *Lines (G/Z/K/R/any added by other modules)
+# XLine database: Stores all *-lines (G/Z/K/R/any added by other modules)
# in a file which is re-loaded on restart. This is useful
# for two reasons: it keeps bans so users may not evade them, and on
# bigger networks, server connections will take less time as there will
#<module name="xline_db">
# Specify the filename for the xline database here.
-#<xlinedb filename="data/xline.db">
+#<xlinedb filename="xline.db">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# ____ _ _____ _ _ ____ _ _ _ #