#<include executable="/path/to/executable parameters"> #
# #
# Executable include example: #
-#<include executable="/usr/bin/wget -q -O - http://example.com/inspircd.conf">
+#<include executable="/usr/bin/wget -q -O - https://example.com/inspircd.conf">
# #
#id="97K"
# network: Network name given on connect to clients.
- # Should be the same on all servers on the network and
- # not contain spaces.
+ # Should be the same on all servers on the network.
network="Omega">
# to this bind section.
type="clients"
- # ssl: If you want the port(s) in this bind tag to use SSL, set this
- # to either "gnutls" or "openssl". The appropriate SSL module must be
- # loaded for SSL to work. If you do not want the port(s) in this bind
- # tag to support SSL, just remove or comment out this option.
+ # ssl: If you want the port(s) in this bind tag to use SSL, set this to
+ # the name of a custom <sslprofile> tag that you have defined or one
+ # of "openssl", "gnutls", "mbedtls" if you have not defined any. See the
+ # wiki page for the SSL module you are using for more details.
+ #
+ # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls
+ # for GnuTLS and ssl_mbedtls for mbedTLS.
ssl="gnutls"
# defer: When this is non-zero, connections will not be handed over to
# the daemon from the operating system before data is ready.
- # In Linux, the value indicates the number of seconds we'll wait for a
+ # In Linux, the value indicates the time period we'll wait for a
# connection to come up with data. Don't set it too low!
# In BSD the value is ignored; only zero and non-zero is possible.
# Windows ignores this parameter completely.
# To change it on a running bind, you'll have to comment it out,
# rehash, comment it in and rehash again.
defer="0"
+
+ # free: When this is enabled the listener will be created regardless of
+ # whether the interface that provides the bind address is available. This
+ # is useful for if you are starting InspIRCd on boot when the server may
+ # not have brought the network interfaces up yet.
+ free="no"
>
<bind address="" port="6660-6669" type="clients">
# module).
#<bind address="" port="7002" type="clients" hook="websocket">
-# When linking servers, the OpenSSL and GnuTLS implementations are completely
-# link-compatible and can be used alongside each other
-# on each end of the link without any significant issues.
-# Supported SSL types are: "openssl" and "gnutls".
-# You must load the ssl_openssl module for OpenSSL or ssl_gnutls for GnuTLS.
+# EXPERIMENTAL: Listener that binds on a UNIX endpoint instead of a TCP/IP endpoint:
+#<bind path="/tmp/inspircd.sock" type="clients">
+
+# You can define a custom <sslprofile> tag which defines the SSL configuration
+# for this listener. See the wiki page for the SSL module you are using for
+# more details.
+#
+# Alternatively, you can use one of the default SSL profiles which are created
+# when you have not defined any:
+# "openssl" (requires the ssl_openssl module)
+# "gnutls" (requires the ssl_gnutls module)
+# "mbedtls" (requires the ssl_mbedtls module)
+#
+# When linking servers, the OpenSSL, GnuTLS, and mbedTLS implementations are
+# completely link-compatible and can be used alongside each other on each end
+# of the link without any significant issues.
<bind address="" port="7000,7001" type="servers">
<bind address="1.2.3.4" port="7005" type="servers" ssl="openssl">
-#-#-#-#-#-#-#-#-#-#- DIE/RESTART CONFIGURATION -#-#-#-#-#-#-#-#-#-#-
-# #
-# You can configure the passwords here which you wish to use for #
-# the /DIE and /RESTART commands. Only trusted ircops who will #
-# need this ability should know the die and restart password. #
-# #
-
-<power
- # hash: what hash these passwords are hashed with.
- # Requires the module for selected hash (md5, sha256, or
- # ripemd160) be loaded and the password hashing module
- # (password_hash) loaded.
- # Options here are: "md5", "sha256" and "ripemd160", or one of
- # these prefixed with "hmac-", e.g.: "hmac-sha256".
- # Optional, but recommended. Create hashed passwords with:
- # /mkpasswd <hash> <password>
- #hash="sha256"
-
- # diepass: Password for opers to use if they need to shutdown (die)
- # a server.
- diepass=""
-
- # restartpass: Password for opers to use if they need to restart
- # a server.
- restartpass="">
-
-
#-#-#-#-#-#-#-#-#-#- CONNECTIONS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
# This is where you can configure which connections are allowed #
# you only want to adjust sendq and a password
parent="main"
- # allow: What IP addresses/hosts to allow for this block.
+ # allow: The IP address or hostname of clients that can use this
+ # class. You can specify either an exact match, a glob match, or
+ # a CIDR range here.
allow="203.0.113.*"
- # hash: what hash this password is hashed with. requires the module
- # for selected hash (md5, sha256 or ripemd160) be loaded and the
- # password hashing module (password_hash) loaded.
- # Optional, but recommended. Create hashed passwords with:
- # /mkpasswd <hash> <password>
- #hash="sha256"
+ # hash: the hash function this password is hashed with. Requires the
+ # module for the selected function (bcrypt, md5, sha1, sha256, or
+ # ripemd160) and the password hashing module (password_hash) to be
+ # loaded.
+ # You may also use any of the above other than bcrypt prefixed with
+ # either "hmac-" or "pbkdf2-hmac-" (requires the pbkdf2 module).
+ # Create hashed passwords with: /mkpasswd <hash> <password>
+ #hash="bcrypt"
# password: Password to use for this block/user(s)
password="secret"
# be in at one time.
maxchans="20"
- # timeout: How long (in seconds) the server will wait before
- # disconnecting a user if they do not do anything on connect.
+ # timeout: How long the server will wait before disconnecting
+ # a user if they do not do anything on connect.
# (Note, this is a client-side thing, if the client does not
# send /nick, /user or /pass)
timeout="10"
# useident: Defines if users in this class MUST respond to a ident query or not.
useident="no"
+ # webirc: Restricts usage of this class to the specified WebIRC gateway.
+ # This setting only has effect when the cgiirc module is loaded.
+ #webirc="name"
+
# limit: How many users are allowed in this class
limit="5000"
# Alternate MOTD file for this connect class. The contents of this file are
# specified using <files secretmotd="filename"> or <execfiles ...>
+ #
+ # NOTE: the following escape sequences for IRC formatting characters can be
+ # used in your MOTD:
+ # Bold: \b
+ # Color: \c<fg>[,<bg>]
+ # Italic: \i
+ # Monospace: \m (not widely supported)
+ # Reset: \x
+ # Strikethrough: \s (not widely supported)
+ # Underline: \u
+ # See https://defs.ircdocs.horse/info/formatting.html for more information
+ # on client support for formatting characters.
motd="secretmotd"
- # Allow color codes to be processed in the message of the day file.
- # the following characters are valid color code escapes:
- # \002 or \b = Bold
- # \037 or \u = Underline
- # \003 or \c = Color (with a code postfixed to this char)
- # \017 or \x = Stop all color sequences
- allowmotdcolors="false"
-
- # port: What port this user is allowed to connect on. (optional)
- # The port MUST be set to listen in the bind blocks above.
- port="6697">
+ # port: What port range this user is allowed to connect on. (optional)
+ # The ports MUST be set to listen in the bind blocks above.
+ port="6697,9999">
<connect
# name: Name to use for this connect block. Mainly used for
# connect class inheriting.
name="main"
- # allow: What IP addresses/hosts to allow for this block.
+ # allow: The IP address or hostname of clients that can use this
+ # class. You can specify either an exact match, a glob match, or
+ # a CIDR range here.
allow="*"
# maxchans: Maximum number of channels a user in this class
# be in at one time.
maxchans="20"
- # timeout: How long (in seconds) the server will wait before
- # disconnecting a user if they do not do anything on connect.
+ # timeout: How long the server will wait before disconnecting
+ # a user if they do not do anything on connect.
# (Note, this is a client-side thing, if the client does not
# send /nick, /user or /pass)
timeout="10"
- # pingfreq: How often (in seconds) the server tries to ping connecting clients.
- pingfreq="120"
+ # pingfreq: How often the server tries to ping connecting clients.
+ pingfreq="2m"
# hardsendq: maximum amount of data allowed in a client's send queue
# before they are dropped. Keep this value higher than the length of
# represented as 192.168.1.0/24). This means that abuse across an ISP #
# is detected and curtailed much easier. Here is a good chart that #
# shows how many IPs the different CIDRs correspond to: #
-# http://en.wikipedia.org/wiki/CIDR#Prefix_aggregation #
+# https://en.wikipedia.org/wiki/IPv4_subnetting_reference #
+# https://en.wikipedia.org/wiki/IPv6_subnetting_reference #
# #
<cidr
# Example of an executable file include. Note this will be read on rehash,
# not when the command is run.
-#<execfiles motd="wget -O - http://www.example.com/motd.txt">
+#<execfiles motd="wget -O - https://www.example.com/motd.txt">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-# DNS SERVER -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# If these values are not defined, InspIRCd uses the default DNS resolver
#
# server="127.0.0.1"
- # timeout: seconds to wait to try to resolve DNS/hostname.
+ # timeout: time to wait to try to resolve DNS/hostname.
timeout="5">
# An example of using an IPv6 nameserver
# matches the channels name applies the banlimit to that channel. #
# It is advisable to put an entry with the channel as '*' at the #
# bottom of the list. If none are specified or no maxbans tag is #
-# matched, the banlist size defaults to 64 entries. #
+# matched, the banlist size defaults to 100 entries. #
# #
-<banlist chan="#largechan" limit="128">
-<banlist chan="*" limit="69">
+<banlist chan="#largechan" limit="200">
+<banlist chan="*" limit="100">
#-#-#-#-#-#-#-#-#-#-#- DISABLED FEATURES -#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# the correct parameters are.
syntaxhints="no"
+ # casemapping: This sets the case mapping method to be used by the
+ # server. This MUST be the same on all servers. Possible values are:
+ # "ascii" (recommended)
+ # "rfc1459" (default, required for linking to 2.0 servers)
+ # NOTE: if you are using the nationalchars module this setting will be
+ # ignored. You should use <nationalchars:casemapping> instead.
+ casemapping="ascii"
+
# cyclehostsfromuser: If enabled, the source of the mode change for
# cyclehosts will be the user who cycled. This can look nicer, but
# triggers anti-takeover mechanisms of some obsolete bots.
# in the topic. If set to no, it will only show the nick of the topic setter.
hostintopic="yes"
- # pingwarning: If a server does not respond to a ping within x seconds,
+ # pingwarning: If a server does not respond to a ping within this period,
# it will send a notice to opers with snomask +l informing that the server
# is about to ping timeout.
pingwarning="15"
- # serverpingfreq: How often pings are sent between servers (in seconds).
- serverpingfreq="60"
+ # serverpingfreq: How often pings are sent between servers.
+ serverpingfreq="1m"
+
+ # splitwhois: Whether to split private/secret channels from normal channels
+ # in WHOIS responses. Possible values for this are:
+ # 'no' - list all channels together in the WHOIS response regardless of type.
+ # 'split' - split private/secret channels to a separate WHOIS response numeric.
+ # 'splitmsg' - the same as split but also send a message explaining the split.
+ splitwhois="no"
# defaultmodes: What modes are set on a empty channel when a user
# joins it and it is unregistered.
# banned from the server.
xlinemessage="You're banned! Email irc@example.com with the ERROR line below for help."
- # exemptchanops: exemptions for channel access restrictions based on prefix.
- exemptchanops="nonick:v flood:o"
+ # allowzerolimit: If enabled then allow a limit of 0 to be set on channels.
+ # This is non-standard behaviour and should only be enabled if you need to
+ # link with servers running 2.0. Defaults to yes.
+ allowzerolimit="no"
+
+ # exemptchanops: Allows users with with a status mode to be exempt
+ # from various channel restrictions. Possible restrictions are:
+ # - auditorium-see Permission required to see the full user list of
+ # a +u channel (requires the auditorium module).
+ # - auditorium-vis Permission required to be visible in a +u channel
+ # (requires the auditorium module).
+ # - blockcaps Channel mode +B - blocks messages with too many capital
+ # letters (requires the blockcaps module).
+ # - blockcolor Channel mode +c - blocks messages with formatting codes
+ # (requires the blockcolor module).
+ # - censor Channel mode +G - censors messages based on the network
+ # configuration (requires the censor module).
+ # - filter Channel mode +g - blocks messages containing the given
+ # glob mask (requires the chanfilter module).
+ # - flood Channel mode +f - kicks (and bans) on text flood of a
+ # specified rate (requires the messageflood module).
+ # - nickflood Channel mode +F - blocks nick changes after a specified
+ # rate (requires the nickflood module).
+ # - noctcp Channel mode +C - blocks any CTCPs to the channel
+ # (requires the noctcp module).
+ # - nonick Channel mode +N - prevents users on the channel from
+ # changing nicks (requires the nonicks module).
+ # - nonotice Channel mode +T - blocks /NOTICEs to the channel
+ # (requires the nonotice module).
+ # - regmoderated Channel mode +M - blocks unregistered users from
+ # speaking (requires the services account module).
+ # - stripcolor Channel mode +S - strips formatting codes from
+ # messages (requires the stripcolor module).
+ # - topiclock Channel mode +t - limits changing the topic to (half)ops
+ # You can also configure this on a per-channel basis with a channel mode.
+ # See m_exemptchanops in modules.conf.example for more details.
+ exemptchanops="censor:o filter:o nickflood:o nonick:v regmoderated:o"
# invitebypassmodes: This allows /invite to bypass other channel modes.
# (Such as +k, +j, +l, etc.)
<security
# allowcoreunload: If this value is set to yes, Opers will be able to
- # unload core modules (e.g. cmd_privmsg.so).
+ # unload core modules (e.g. core_privmsg).
allowcoreunload="no"
# announceinvites: This option controls which members of the channel
# be flattened when shown to non-opers.
flatlinks="no"
- # hidewhois: When defined, the given text will be used in place
- # of the server a user is on when whoised by a non-oper. Most
- # networks will want to set this to something like "*.netname.net"
- # to conceal the actual server a user is on.
- # Note that enabling this will cause users' idle times to only be
- # shown when the format /WHOIS <nick> <nick> is used.
- hidewhois=""
+ # hideserver: When defined, the given text will be used in place
+ # of the server name in public messages. As with <server:name> this
+ # does not need to resolve but does need to be a valid hostname.
+ #
+ # NOTE: enabling this will cause users' idle times to only be shown
+ # when a remote whois (/WHOIS <nick> <nick>) is used.
+ #hideserver="*.example.com"
# hidebans: If this value is set to yes, when a user is banned ([gkz]lined)
# only opers will see the ban message when the user is removed
# of the VERSION command response. This does not hide the InspIRCd version.
customversion=""
- # operspywhois: show opers (users/auspex) the +s channels a user is in. Values:
- # splitmsg Split with an explanatory message
- # yes Split with no explanatory message
- # no Do not show
- operspywhois="no"
-
# runasuser: If this is set, InspIRCd will attempt to switch
# to run as this user, which allows binding of ports under 1024.
# You should NOT set this unless you are starting as root.
# restrictbannedusers: If this is set to yes, InspIRCd will not allow users
# banned on a channel to change nickname or message channels they are
- # banned on.
+ # banned on. This can also be set to silent to restrict the user but not
+ # notify them.
restrictbannedusers="yes"
# genericoper: Setting this value to yes makes all opers on this server
<limits
# maxnick: Maximum length of a nickname.
- maxnick="31"
+ maxnick="30"
# maxchan: Maximum length of a channel name.
maxchan="64"
maxmodes="20"
# maxident: Maximum length of a ident/username.
- maxident="11"
+ maxident="10"
# maxhost: Maximum length of a hostname.
maxhost="64"
# maxkick: Maximum length of a kick message.
maxkick="255"
- # maxgecos: Maximum length of a GECOS (realname).
- maxgecos="128"
+ # maxreal: Maximum length of a real name.
+ maxreal="128"
# maxaway: Maximum length of an away message.
maxaway="200">
# Logging is covered with the <log> tag, which you may use to change
# the behaviour of the logging of the IRCd.
#
-# In InspIRCd as of 1.2, logging is pluggable and very extensible.
-# Different files can log the same thing, different 'types' of log can
-# go to different places, and modules can even extend the log tag
-# to do what they want.
-#
# An example log tag would be:
# <log method="file" type="OPER" level="default" target="opers.log">
# which would log all information on /oper (failed and successful) to
# - USERS - information relating to user connection and disconnection
# - OPER - succesful and failed oper attempts
# - KILL - kill related messages
-# - snomask - server notices (*all* snomasks will be logged)
# - FILTER - messages related to filter matches (filter module)
# - CONFIG - configuration related messages
# - COMMAND - die and restart messages, and messages related to unknown user types
# - USERINPUT
# - USEROUTPUT
#
+# If your server is producing a high levels of log messages you can also set the
+# flush="[positive number]" attribute to specify how many log messages should be
+# buffered before flushing to disk. You should probably not specify this unless
+# you are having problems.
+#
# The following log tag is highly default and uncustomised. It is recommended you
# sort out your own log tags. This is just here so you get some output.
nick="ChanServ"
# reason: Reason to display on /nick.
- reason="Reserved For Services">
-
-<badnick nick="NickServ" reason="Reserved For Services">
-<badnick nick="OperServ" reason="Reserved For Services">
-<badnick nick="MemoServ" reason="Reserved For Services">
+ reason="Reserved for a network service">
<badhost
# host: ident@hostname to ban.
# The default does nothing -- we include it for simplicity for you. #
<include file="examples/modules.conf.example">
-# Here are some pre-built modules.conf files that closely match the
-# default configurations of some popular IRCd's. You still may want to
-# look over them and make sure if everything is correct for you and setup
-# the proper SSL information.
+#-#-#-#-#-#-#-#-#-#-#-# SERVICES CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
+# #
+# If you use services you will probably want to include one of the #
+# following files which set up aliases, nick reservations and filter #
+# exemptions for services pseudoclients: #
#
-# *NOTE*: These files have no comments for what the modules do. If you
-# are interested in that, please read the modules.conf.example. It is also
-# recommended that you make your own modules file based on modules.conf.example.
-
-# Settings similar to UnrealIRCd defaults.
-#<include file="examples/modules/unrealircd.conf.example">
-
-# Settings similar to Charybdis IRCd defaults.
-#<include file="examples/modules/charybdis.conf.example">
-
+# Anope users should uncomment this:
+#<include file="examples/services/anope.conf.example">
+#
+# Atheme users should uncomment this:
+#<include file="examples/services/atheme.conf.example">
+#
+# Users of other services should uncomment this:
+#<include file="examples/services/generic.conf.example">
#########################################################################
# #
# - InspIRCd Development Team - #
-# http://www.inspircd.org #
+# https://www.inspircd.org #
# #
#########################################################################
projects / user / henk / code / inspircd.git / blobdiff