# #
########################################################################
+#-#-#-#-#-#-#-#-#-# CONFIGURATION FORMAT #-#-#-#-#-#-#-#-#-#-#-#-#-#-
+# #
+# In order to maintain compatibility with older configuration files, #
+# you can change the configuration parser to parse as it did in #
+# previous releases. When using the "compat" format, you need to use #
+# C++ escape sequences (e.g. \n) instead of XML ones (e.g. &nl;) and #
+# can not use <define> to create macros. #
+#<config format="compat">
+
#-#-#-#-#-#-#-#-#-# INCLUDE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# This optional tag allows you to include another config file #
# file you include will be treated as part of the configuration file #
# which includes it, in simple terms the inclusion is transparent. #
# #
-# All paths to config files are relative to the directory that the #
-# process runs in. #
+# All paths to config files are relative to the config directory. #
# #
# You may also include an executable file, in which case if you do so #
# the output of the executable on the standard output will be added #
# #
# Syntax is as follows: #
#<include file="file.conf"> #
+#<include directory="modules"> #
#<include executable="/path/to/executable parameters"> #
# #
# Executable include example: #
-#<include executable="/usr/bin/wget -q -O - http://example.com/inspircd.conf">
+#<include executable="/usr/bin/wget -q -O - https://example.com/inspircd.conf">
# #
# #
# Variables may be redefined and may reference other variables. #
# Value expansion happens at the time the tag is read. #
-# #
-# Using variable definitions REQUIRES that the config format be #
-# changed to "xml" from the default "compat" that uses escape #
-# sequences such as "\"" and "\n", and does not support <define> #
-<config format="xml">
<define name="bindip" value="1.2.2.3">
<define name="localips" value="&bindip;/24">
#id="97K"
# network: Network name given on connect to clients.
- # Should be the same on all servers on the network and
- # not contain spaces.
+ # Should be the same on all servers on the network.
network="Omega">
#-#-#-#-#-#-#-#-#-#-#-#- PORT CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
# #
-# Enter the port and address bindings here. #
-# #
-# #
-# ____ _ _____ _ _ ____ _ _ _ #
-# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
-# | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | #
-# | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| #
-# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
+# Configure the port and address bindings here. #
# #
-# If you want to link servers to InspIRCd you must load the #
-# m_spanningtree.so module! Please see the modules list for #
-# information on how to load this module! If you do not load this #
-# module, server ports will NOT work! #
+# TLS (SSL) listener that binds on a TCP/IP endpoint:
<bind
# address: IP address to bind to if the box that you are hosting
# on has more than one IP, else the ircd will try to bind to all
# to this bind section.
type="clients"
- # ssl: If you want the port(s) in this bind tag to use SSL, set this
- # to either "gnutls" or "openssl". The appropriate SSL module must be
- # loaded for SSL to work. If you do not want the port(s) in this bind
- # tag to support SSL, just remove or comment out this option.
- ssl="gnutls"
->
-
-<bind address="" port="6660-6669" type="clients">
-
-# When linking servers, the OpenSSL and GnuTLS implementations are completely
-# link-compatible and can be used alongside each other
-# on each end of the link without any significant issues.
-# Supported SSL types are: "openssl" and "gnutls".
-# You must load m_ssl_openssl for OpenSSL or m_ssl_gnutls for GnuTLS.
-
-<bind address="" port="7000,7001" type="servers">
-<bind address="1.2.3.4" port="7005" type="servers" ssl="openssl">
-
-
-#-#-#-#-#-#-#-#-#-#- DIE/RESTART CONFIGURATION -#-#-#-#-#-#-#-#-#-#-
-# #
-# You can configure the passwords here which you wish to use for #
-# the /DIE and /RESTART commands. Only trusted ircops who will #
-# need this ability should know the die and restart password. #
-# #
-
-<power
- # hash: what hash these passwords are hashed with.
- # Requires the module for selected hash (m_md5.so, m_sha256.so
- # or m_ripemd160.so) be loaded and the password hashing module
- # (m_password_hash.so) loaded.
- # Options here are: "md5", "sha256" and "ripemd160", or one of
- # these prefixed with "hmac-", e.g.: "hmac-sha256".
- # Optional, but recommended. Create hashed passwords with:
- # /mkpasswd <hash> <password>
- #hash="sha256"
-
- # diepass: Password for opers to use if they need to shutdown (die)
- # a server.
- diepass=""
-
- # restartpass: Password for opers to use if they need to restart
- # a server.
- restartpass="">
+ # sslprofile: If you want the port(s) in this bind tag to use TLS (SSL), set this
+ # to the name of a custom <sslprofile> tag that you have defined. See the
+ # docs page for the TLS (SSL) module you are using for more details:
+ #
+ # GnuTLS: https://docs.inspircd.org/3/modules/ssl_gnutls#sslprofile
+ # mbedTLS: https://docs.inspircd.org/3/modules/ssl_mbedtls#sslprofile
+ # OpenSSL: https://docs.inspircd.org/3/modules/ssl_openssl#sslprofile
+ #
+ # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls
+ # for GnuTLS and ssl_mbedtls for mbedTLS.
+ sslprofile="Clients"
+
+ # defer: When this is non-zero, connections will not be handed over to
+ # the daemon from the operating system before data is ready.
+ # In Linux, the value indicates the time period we'll wait for a
+ # connection to come up with data. Don't set it too low!
+ # In BSD the value is ignored; only zero and non-zero is possible.
+ # Windows ignores this parameter completely.
+ # Note: This does not take effect on rehash.
+ # To change it on a running bind, you'll have to comment it out,
+ # rehash, comment it in and rehash again.
+ defer="0"
+
+ # free: When this is enabled the listener will be created regardless of
+ # whether the interface that provides the bind address is available. This
+ # is useful for if you are starting InspIRCd on boot when the server may
+ # not have brought the network interfaces up yet.
+ free="no">
+
+# Plaintext listener that binds on a TCP/IP endpoint:
+<bind address="" port="6667" type="clients">
+
+
+# Listener that binds on a UNIX endpoint (not supported on Windows):
+#<bind
+
+ # path: The location to store the UNIX socket
+ #path="/tmp/inspircd.sock"
+
+ # type: Type of bind block this is. It can either be clients or
+ # servers. Whichever you select will be the only type able to connect
+ # to this bind section.
+ #type="clients"
+
+ # permissions: The octal permissions to set on the UNIX socket after it has
+ # been created. If you are not familiar with octal permissions you should
+ # not define this or refer to http://permissions-calculator.org for help.
+ # Note: This does not take effect on rehash.
+ # To change it on a running bind, you'll have to comment it out,
+ # rehash, comment it in and rehash again.
+ #permissions=""
+
+ # replace: if the UNIX socket path already exists then remove it before
+ # attempting to create the new one. This is strongly recommended as it
+ # allows InspIRCd to create sockets in cases where it previously did not
+ # shut down cleanly and left a zombie socket behind.
+ #replace="yes">
+
+
+# Listener accepting HTML5 WebSocket connections.
+# Requires the websocket module and SHA-1 hashing support (provided by the sha1
+# module).
+#<bind address="" port="7002" type="clients" hook="websocket">
+
+
+# You can define a custom <sslprofile> tag which defines the TLS (SSL) configuration
+# for these listeners. See the docs page for the TLS (SSL) module you are using for
+# more details.
+#
+# Alternatively, you can use one of the default TLS (SSL) profiles which are created
+# when you have not defined any:
+# "openssl" (requires the ssl_openssl module)
+# "gnutls" (requires the ssl_gnutls module)
+# "mbedtls" (requires the ssl_mbedtls module)
+#
+# When linking servers, the OpenSSL, GnuTLS, and mbedTLS implementations are
+# completely link-compatible and can be used alongside each other on each end
+# of the link without any significant issues.
#-#-#-#-#-#-#-#-#-#- CONNECTIONS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# -- It is important to note that connect tags are read from the -- #
# TOP DOWN. This means that you should have more specific deny #
# and allow tags at the top, progressively more general, followed #
-# by a <connect allow="*" (should you wish to have one). #
+# by a <connect allow="*"> (should you wish to have one). #
# #
# Connect blocks are searched twice for each user - once when the TCP #
# connection is accepted, and once when the user completes their #
# registration. Most of the information (hostname, ident response, #
-# password, SSL when using STARTTLS, etc) is only available during #
-# the second search, so if you are trying to make a closed server, #
+# password, TLS (SSL) when using STARTTLS, etc) is only available #
+# during the second search. If you are trying to make a closed server #
# you will probably need a connect block just for user registration. #
# This can be done by using <connect registered="no"> #
+# To enable IRCCloud on your network uncomment this:
+#<include file="examples/providers/irccloud.conf.example">
+
+# A connect class with <connect:deny> set denies connections from the specified host/IP range.
<connect
# deny: Will not let people connect if they have specified host/IP.
- deny="192.0.2.*">
+ deny="3ffe::0/32"
-# connect:reason is the message that users will see if they match a deny block
-<connect deny="3ffe::0/32" reason="The 6bone address space is deprecated">
+ # reason: The message that users will see if they match a deny block.
+ reason="The 6bone address space is deprecated">
+# A connect class with <connect:allow> set allows c from the specified host/IP range.
<connect
# name: Name to use for this connect block. Mainly used for
# connect class inheriting.
# you only want to adjust sendq and a password
parent="main"
- # allow: What IP addresses/hosts to allow for this block.
+ # allow: The IP address or hostname of clients that can use this
+ # class. You can specify either an exact match, a glob match, or
+ # a CIDR range here.
allow="203.0.113.*"
- # hash: what hash this password is hashed with. requires the module
- # for selected hash (m_md5.so, m_sha256.so or m_ripemd160.so) be
- # loaded and the password hashing module (m_password_hash.so)
- # loaded. Options here are: "md5", "sha256" and "ripemd160".
- # Optional, but recommended. Create hashed passwords with:
- # /mkpasswd <hash> <password>
- #hash="sha256"
+ # hash: the hash function this password is hashed with. Requires the
+ # module for the selected function (bcrypt, md5, sha1, or sha256) and
+ # the password hashing module (password_hash) to be loaded.
+ #
+ # You may also use any of the above other than bcrypt prefixed with
+ # either "hmac-" or "pbkdf2-hmac-" (requires the pbkdf2 module).
+ # Create hashed passwords with: /MKPASSWD <hashtype> <plaintext>
+ #hash="bcrypt"
# password: Password to use for this block/user(s)
password="secret"
# maxchans: Maximum number of channels a user in this class
- # be in at one time. This overrides every other maxchans setting.
- #maxchans="30"
+ # can be in at one time.
+ maxchans="20"
- # timeout: How long (in seconds) the server will wait before
- # disconnecting a user if they do not do anything on connect.
+ # timeout: How long the server will wait before disconnecting
+ # a user if they do not do anything on connect.
# (Note, this is a client-side thing, if the client does not
- # send /nick, /user or /pass)
- timeout="10"
+ # send /NICK, /USER or /PASS)
+ timeout="20"
# localmax: Maximum local connections per IP (or CIDR mask, see below).
localmax="3"
# globalmax: Maximum global (network-wide) connections per IP (or CIDR mask, see below).
globalmax="3"
- # maxconnwarn: Enable warnings when localmax or globalmax are reached (defaults to on)
- maxconnwarn="off"
+ # maxconnwarn: Enable warnings when localmax or globalmax are reached (defaults to yes)
+ maxconnwarn="no"
+
+ # resolvehostnames: If disabled, no DNS lookups will be performed on connecting users
+ # in this class. This can save a lot of resources on very busy servers.
+ resolvehostnames="yes"
+
+ # useconnectban: Defines if users in this class should be exempt from connectban limits.
+ # This setting only has effect when the connectban module is loaded.
+ #useconnectban="yes"
+
+ # useconnflood: Defines if users in this class should be exempt from connflood limits.
+ # This setting only has effect when the connflood module is loaded.
+ #useconnflood="yes"
# usednsbl: Defines whether or not users in this class are subject to DNSBL. Default is yes.
- # This setting only has effect when m_dnsbl is loaded.
+ # This setting only has effect when the dnsbl module is loaded.
#usednsbl="yes"
# useident: Defines if users in this class MUST respond to a ident query or not.
useident="no"
+ # usests: Whether a STS policy should be advertised to users in this class.
+ # This setting only has effect when the ircv3_sts module is loaded.
+ #usests="no"
+
+ # webirc: Restricts usage of this class to the specified WebIRC gateway.
+ # This setting only has effect when the cgiirc module is loaded.
+ #webirc="name"
+
# limit: How many users are allowed in this class
limit="5000"
- # modes: Usermodes that are set on users in this block on connect.
- # Enabling this option requires that the m_conn_umodes module be loaded.
- # This entry is highly recommended to use for/with IP Cloaking/masking.
- # For the example to work, this also requires that the m_cloaking
+ # modes: User modes that are set on users in this block on connect.
+ # Enabling this option requires that the conn_umodes module be loaded.
+ # This entry is highly recommended to use for/with IP cloaking/masking.
+ # For the example to work, this also requires that the cloaking
# module be loaded as well.
modes="+x"
- # requireident, requiressl, requireaccount: require that users of this
- # block have a valid ident response, use SSL, or have authenticated.
- # Requires m_ident, m_sslinfo, or m_services_account respectively.
- requiressl="on"
- # NOTE: For requireaccount, you must complete the signon prior to full
- # connection. Currently, this is only possible by using SASL
- # authentication; passforward and PRIVMSG NickServ happen after
- # your final connect block has been found.
+ # requireident: Require that users of this block have a valid ident response.
+ # Requires the ident module to be loaded.
+ #requireident="yes"
+
+ # requiressl: Require that users of this block use a TLS (SSL) connection.
+ # This can also be set to "trusted", as to only accept client certificates
+ # issued by a certificate authority that you can configure in the
+ # settings of the TLS (SSL) module that you're using.
+ # Requires the sslinfo module to be loaded.
+ #requiressl="yes"
+
+ # requireaccount: Require that users of this block have authenticated to a
+ # services account.
+ # NOTE: You must complete the signon prior to full connection. Currently,
+ # this is only possible by using SASL authentication; passforward
+ # and PRIVMSG NickServ happen after your final connect block has been found.
+ # Requires the services_account module to be loaded.
+ #requireaccount="yes"
# Alternate MOTD file for this connect class. The contents of this file are
# specified using <files secretmotd="filename"> or <execfiles ...>
+ #
+ # NOTE: the following escape sequences for IRC formatting characters can be
+ # used in your MOTD:
+ # Bold: \b
+ # Color: \c<fg>[,<bg>]
+ # Italic: \i
+ # Monospace: \m (not widely supported)
+ # Reset: \x
+ # Reverse: \r
+ # Strikethrough: \s (not widely supported)
+ # Underline: \u
+ # See https://defs.ircdocs.horse/info/formatting.html for more information
+ # on client support for formatting characters.
motd="secretmotd"
- # Allow color codes to be processed in the message of the day file.
- # the following characters are valid color code escapes:
- # \002 or \b = Bold
- # \037 or \u = Underline
- # \003 or \c = Color (with a code postfixed to this char)
- # \017 or \x = Stop all color sequences
- allowmotdcolors="false"
-
- # port: What port this user is allowed to connect on. (optional)
- # The port MUST be set to listen in the bind blocks above.
- port="6697">
+ # port: What port range this user is allowed to connect on. (optional)
+ # The ports MUST be set to listen in the bind blocks above.
+ port="6697,9999">
<connect
# name: Name to use for this connect block. Mainly used for
# connect class inheriting.
name="main"
- # allow: What IP addresses/hosts to allow for this block.
+ # allow: The IP address or hostname of clients that can use this
+ # class. You can specify either an exact match, a glob match, or
+ # a CIDR range here.
allow="*"
# maxchans: Maximum number of channels a user in this class
- # be in at one time. This overrides every other maxchans setting.
- #maxchans="30"
+ # can be in at one time.
+ maxchans="20"
- # timeout: How long (in seconds) the server will wait before
- # disconnecting a user if they do not do anything on connect.
+ # timeout: How long the server will wait before disconnecting
+ # a user if they do not do anything on connect.
# (Note, this is a client-side thing, if the client does not
- # send /nick, /user or /pass)
- timeout="10"
+ # send /NICK, /USER or /PASS)
+ timeout="20"
- # pingfreq: How often (in seconds) the server tries to ping connecting clients.
- pingfreq="120"
+ # pingfreq: How often the server tries to ping connecting clients.
+ pingfreq="2m"
# hardsendq: maximum amount of data allowed in a client's send queue
# before they are dropped. Keep this value higher than the length of
# softsendq: amount of data in a client's send queue before the server
# begins delaying their commands in order to allow the sendq to drain
- softsendq="8192"
+ softsendq="10240"
# recvq: amount of data allowed in a client's queue before they are dropped.
- # Entering "8K" is equivalent to "8192", see above.
- recvq="8K"
+ # Entering "10K" is equivalent to "10240", see above.
+ recvq="10K"
# threshold: This specifies the amount of command penalty a user is allowed to have
# before being quit or fakelagged due to flood. Normal commands have a penalty of 1,
# immediately killing them; their commands are held in the recvq and processed later
# as the user's command penalty drops. Note that if this is enabled, flooders will
# quit with "RecvQ exceeded" rather than "Excess Flood".
- fakelag="on"
+ fakelag="yes"
# localmax: Maximum local connections per IP.
localmax="3"
# globalmax: Maximum global (network-wide) connections per IP.
globalmax="3"
+ # resolvehostnames: If disabled, no DNS lookups will be performed on connecting users
+ # in this class. This can save a lot of resources on very busy servers.
+ resolvehostnames="yes"
+
# useident: Defines if users in this class must respond to a ident query or not.
useident="no"
+ # usests: Whether a STS policy should be advertised to users in this class.
+ # This setting only has effect when the ircv3_sts module is loaded.
+ #usests="no"
+
# limit: How many users are allowed in this class
limit="5000"
- # modes: Usermodes that are set on users in this block on connect.
- # Enabling this option requires that the m_conn_umodes module be loaded.
- # This entry is highly recommended to use for/with IP Cloaking/masking.
- # For the example to work, this also requires that the m_cloaking
+ # modes: User modes that are set on users in this block on connect.
+ # Enabling this option requires that the conn_umodes module be loaded.
+ # This entry is highly recommended to use for/with IP cloaking/masking.
+ # For the example to work, this also requires that the cloaking
# module be loaded as well.
modes="+x">
+
#-#-#-#-#-#-#-#-#-#-#-#- CIDR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
# #
# CIDR configuration allows detection of clones and applying of #
# This file has all the information about oper classes, types and o:lines.
# You *MUST* edit it.
-<include file="conf/examples/opers.conf.example">
+#<include file="examples/opers.conf.example">
# This file has all the information about server links and ulined servers.
# You *MUST* edit it if you intend to link servers.
-<include file="conf/examples/links.conf.example">
+#<include file="examples/links.conf.example">
#-#-#-#-#-#-#-#-#-#- MISCELLANEOUS CONFIGURATION -#-#-#-#-#-#-#-#-#-#
# #
# Files block - contains files whose contents are used by the ircd
#
# motd - displayed on connect and when a user executes /MOTD
-# rules - displayed when the user executes /RULES
# Modules can also define their own files
-<files motd="conf/examples/motd.txt.example" rules="conf/examples/rules.txt.example">
+<files motd="examples/motd.txt.example">
# Example of an executable file include. Note this will be read on rehash,
# not when the command is run.
-#<execfiles rules="wget -O - http://www.example.com/rules.txt">
-
-#-#-#-#-#-#-#-#-#-#-#-# MAXIMUM CHANNELS -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-
-<channels
- # users: Maximum number of channels a user can be in at once.
- users="20"
-
- # opers: Maximum number of channels an oper can be in at once.
- opers="60">
+#<execfiles motd="wget -O - https://www.example.com/motd.txt">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-# DNS SERVER -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# If these values are not defined, InspIRCd uses the default DNS resolver
#
# server="127.0.0.1"
- # timeout: seconds to wait to try to resolve DNS/hostname.
+ # timeout: time to wait to try to resolve DNS/hostname.
timeout="5">
# An example of using an IPv6 nameserver
# rehash the ircd from the shell or to terminate the ircd from the #
# shell using shell scripts, perl scripts, etc... and to monitor the #
# ircd's state via cron jobs. If this is a relative path, it will be #
-# relative to the configuration directory, and if it is not defined, #
-# the default of 'inspircd.pid' is used. #
+# relative to the runtime directory, and if it is not defined, the #
+# default of 'inspircd.pid' is used. #
# #
#<pid file="/path/to/inspircd.pid">
-#-#-#-#-#-#-#-#-#-#-#-#-#- BANLIST LIMITS #-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+#-#-#-#-#-#-#-#-#-#-#-#-#- LIST MODE LIMITS #-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# Use these tags to customise the ban limits on a per channel basis. #
-# The tags are read from top to bottom, and any tag found which #
-# matches the channels name applies the banlimit to that channel. #
+# The <maxlist> tag is used customise the maximum number of each list #
+# mode that can be set on a channel. #
+# The tags are read from top to bottom and the list mode limit from #
+# the first tag found which matches the channel name and mode type is #
+# applied to that channel. #
# It is advisable to put an entry with the channel as '*' at the #
-# bottom of the list. If none are specified or no maxbans tag is #
-# matched, the banlist size defaults to 64 entries. #
+# bottom of the list. If none are specified or no maxlist tag is #
+# matched, the banlist size defaults to 100 entries. #
# #
-<banlist chan="#largechan" limit="128">
-<banlist chan="*" limit="69">
-
-#-#-#-#-#-#-#-#-#-#-#- DISABLED FEATURES -#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# This tag is optional, and specifies one or more features which are #
-# not available to non-operators. #
-# #
-# For example you may wish to disable NICK and prevent non-opers from #
-# changing their nicknames. #
-# Note that any disabled commands take effect only after the user has #
-# 'registered' (e.g. after the initial USER/NICK/PASS on connection) #
-# so for example disabling NICK will not cripple your network. #
-# #
-# You can also define if you want to disable any channelmodes #
-# or usermodes from your users. #
-# #
-# `fakenonexistant' will make the ircd pretend that nonexistant #
-# commands simply don't exist to non-opers ("no such command"). #
-# #
-#<disabled commands="TOPIC MODE" usermodes="" chanmodes="" fakenonexistant="yes">
-
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#- RTFM LINE -#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# Just remove this... Its here to make you read ALL of the config #
-# file options ;) #
-
-<die value="You should probably edit your config *PROPERLY* and try again.">
+# Allows #largechan to have up to 200 ban entries.
+#<maxlist mode="ban" chan="#largechan" limit="200">
+# Allows #largechan to have up to 200 ban exception entries.
+#<maxlist mode="e" chan="#largechan" limit="200">
+# Allows all channels and list modes not previously matched to have
+# up to 100 entries.
+<maxlist chan="*" limit="100">
#-#-#-#-#-#-#-#-#-#-#-#-#- SERVER OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# the correct parameters are.
syntaxhints="no"
- # cyclehosts: If enabled, when a user gets a host set, it will cycle
- # them in all their channels. If not, it will simply change their host
- # without cycling them.
- cyclehosts="yes"
+ # casemapping: This sets the case mapping method to be used by the
+ # server. This MUST be the same on all servers. Possible values are:
+ # "ascii" (recommended)
+ # "rfc1459" (default, required for linking to 2.0 servers)
+ # NOTE: if you are using the nationalchars module this setting will be
+ # ignored. You should use <nationalchars:casemapping> instead.
+ casemapping="ascii"
# cyclehostsfromuser: If enabled, the source of the mode change for
# cyclehosts will be the user who cycled. This can look nicer, but
# triggers anti-takeover mechanisms of some obsolete bots.
cyclehostsfromuser="no"
- # ircumsgprefix: Use undernet-style message prefixing for NOTICE and
- # PRIVMSG. If enabled, it will add users' prefix to the line, if not,
- # it will just message the user normally.
- ircumsgprefix="no"
-
# announcets: If set to yes, when the timestamp on a channel changes, all users
# in the channel will be sent a NOTICE about it.
announcets="yes"
# in the topic. If set to no, it will only show the nick of the topic setter.
hostintopic="yes"
- # pingwarning: If a server does not respond to a ping within x seconds,
+ # pingwarning: If a server does not respond to a ping within this period,
# it will send a notice to opers with snomask +l informing that the server
# is about to ping timeout.
pingwarning="15"
- # serverpingfreq: How often pings are sent between servers (in seconds).
- serverpingfreq="60"
+ # serverpingfreq: How often pings are sent between servers.
+ serverpingfreq="1m"
+
+ # splitwhois: Whether to split private/secret channels from normal channels
+ # in WHOIS responses. Possible values for this are:
+ # 'no' - list all channels together in the WHOIS response regardless of type.
+ # 'split' - split private/secret channels to a separate WHOIS response numeric.
+ # 'splitmsg' - the same as split but also send a message explaining the split.
+ splitwhois="no"
# defaultmodes: What modes are set on a empty channel when a user
# joins it and it is unregistered.
- defaultmodes="nt"
+ defaultmodes="not"
- # moronbanner: This is the text that is sent to a user when they are
+ # xlinemessage: This is the text that is sent to a user when they are
# banned from the server.
- moronbanner="You're banned! Email abuse@example.com with the ERROR line below for help."
-
- # exemptchanops: exemptions for channel access restrictions based on prefix.
- exemptchanops="nonick:v flood:o"
-
- # invitebypassmodes: This allows /invite to bypass other channel modes.
+ xlinemessage="You're banned! Email irc@example.com with the ERROR line below for help."
+
+ # allowzerolimit: If enabled then allow a limit of 0 to be set on channels.
+ # This is non-standard behaviour and should only be enabled if you need to
+ # link with servers running 2.0. Defaults to yes.
+ allowzerolimit="no"
+
+ # modesinlist: If enabled then the current channel modes will be shown
+ # in the /LIST response. Defaults to yes.
+ modesinlist="no"
+
+ # exemptchanops: Allows users with with a status mode to be exempt
+ # from various channel restrictions. Possible restrictions are:
+ # - anticaps Channel mode +B - blocks messages with too many capital
+ # letters (requires the anticaps module).
+ # - auditorium-see Permission required to see the full user list of
+ # a +u channel (requires the auditorium module).
+ # - auditorium-vis Permission required to be visible in a +u channel
+ # (requires the auditorium module).
+ # - blockcaps Channel mode +B - blocks messages with too many capital
+ # letters (requires the blockcaps module).
+ # - blockcolor Channel mode +c - blocks messages with formatting codes
+ # (requires the blockcolor module).
+ # - censor Channel mode +G - censors messages based on the network
+ # configuration (requires the censor module).
+ # - filter Channel mode +g - blocks messages containing the given
+ # glob mask (requires the chanfilter module).
+ # - flood Channel mode +f - kicks (and bans) on text flood of a
+ # specified rate (requires the messageflood module).
+ # - nickflood Channel mode +F - blocks nick changes after a specified
+ # rate (requires the nickflood module).
+ # - noctcp Channel mode +C - blocks any CTCPs to the channel
+ # (requires the noctcp module).
+ # - nonick Channel mode +N - prevents users on the channel from
+ # changing nicks (requires the nonicks module).
+ # - nonotice Channel mode +T - blocks /NOTICEs to the channel
+ # (requires the nonotice module).
+ # - regmoderated Channel mode +M - blocks unregistered users from
+ # speaking (requires the services account module).
+ # - stripcolor Channel mode +S - strips formatting codes from
+ # messages (requires the stripcolor module).
+ # - topiclock Channel mode +t - limits changing the topic to (half)ops
+ # You can also configure this on a per-channel basis with a channel mode and
+ # even negate the configured exemptions below.
+ # See exemptchanops in modules.conf.example for more details.
+ exemptchanops="censor:o filter:o nickflood:o nonick:v regmoderated:o"
+
+ # invitebypassmodes: This allows /INVITE to bypass other channel modes.
# (Such as +k, +j, +l, etc.)
invitebypassmodes="yes"
# nosnoticestack: This prevents snotices from 'stacking' and giving you
# the message saying '(last message repeated X times)'. Defaults to no.
- nosnoticestack="no"
-
- # welcomenotice: When turned on, this sends a NOTICE to connecting users
- # with the text Welcome to <networkname>! after successful registration.
- # Defaults to yes.
- welcomenotice="yes">
+ nosnoticestack="no">
#-#-#-#-#-#-#-#-#-#-#-# PERFORMANCE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#
# in the accept queue. This is *NOT* the total maximum number of
# connections per server. Some systems may only allow this to be up
# to 5, while others (such as Linux and *BSD) default to 128.
+ # Setting this above the limit imposed by your OS can have undesired
+ # effects.
somaxconn="128"
- # limitsomaxconn: By default, somaxconn (see above) is limited to a
- # safe maximum value in the 2.0 branch for compatibility reasons.
- # This setting can be used to disable this limit, forcing InspIRCd
- # to use the value specified above.
- limitsomaxconn="true"
-
# softlimit: This optional feature allows a defined softlimit for
# connections. If defined, it sets a soft max connections value.
softlimit="12800"
+ # clonesonconnect: If this is set to no, we won't check for clones
+ # on initial connection, but only after the DNS check is done.
+ # This can be useful where your main class is more restrictive
+ # than some other class a user can be assigned after DNS lookup is complete.
+ # Turning this option off will make the server spend more time on users we may
+ # potentially not want. Normally this should be negligible, though.
+ # Default value is yes
+ clonesonconnect="yes"
+
+ # timeskipwarn: The time period that a server clock can jump by before
+ # operators will be warned that the server is having performance issues.
+ timeskipwarn="2s"
+
# quietbursts: When syncing or splitting from a network, a server
# can generate a lot of connect and quit messages to opers with
# +C and +Q snomasks. Setting this to yes squelches those messages,
# which makes it easier for opers, but degrades the functionality of
# bots like BOPM during netsplits.
- quietbursts="yes"
-
- # nouserdns: If enabled, no DNS lookups will be performed on
- # connecting users. This can save a lot of resources on very busy servers.
- nouserdns="no">
+ quietbursts="yes">
#-#-#-#-#-#-#-#-#-#-#-# SECURITY CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
# #
<security
+ # allowcoreunload: If this value is set to yes, Opers will be able to
+ # unload core modules (e.g. core_privmsg).
+ allowcoreunload="no"
# announceinvites: This option controls which members of the channel
# receive an announcement when someone is INVITEd. Available values:
# higher ranked users. This is the recommended setting.
announceinvites="dynamic"
- # hidemodes: If enabled, then the listmodes given will be hidden
- # from users below halfop. This is not recommended to be set on +b
- # as it may break some functionality in popular clients such as mIRC.
- hidemodes="eI"
-
# hideulines: If this value is set to yes, U-lined servers will
- # be hidden from non-opers in /links and /map.
+ # be hidden from non-opers in /LINKS and /MAP.
hideulines="no"
- # flatlinks: If this value is set to yes, /map and /links will
+ # flatlinks: If this value is set to yes, /MAP and /LINKS will
# be flattened when shown to non-opers.
flatlinks="no"
- # hidewhois: When defined, the given text will be used in place
- # of the server a user is on when whoised by a non-oper. Most
- # networks will want to set this to something like "*.netname.net"
- # to conceal the actual server a user is on.
- # Note that enabling this will cause users' idle times to only be
- # shown when the format /WHOIS <nick> <nick> is used.
- hidewhois=""
+ # hideserver: When defined, the given text will be used in place
+ # of the server name in public messages. As with <server:name> this
+ # does not need to resolve but does need to be a valid hostname.
+ #
+ # NOTE: enabling this will cause users' idle times to only be shown
+ # when a remote whois (/WHOIS <nick> <nick>) is used.
+ #hideserver="*.example.com"
- # hidebans: If this value is set to yes, when a user is banned ([gkz]lined)
+ # hidebans: If this value is set to yes, when a user is banned ([KGZ]-lined)
# only opers will see the ban message when the user is removed
# from the server.
hidebans="no"
- # hidekills: If defined, replaces who set a /kill with a custom string.
+ # hidekills: If defined, replaces who executed a /KILL with a custom string.
hidekills=""
# hideulinekills: Hide kills from clients of ulined servers from server notices.
hidesplits="no"
# maxtargets: Maximum number of targets per command.
- # (Commands like /notice, /privmsg, /kick, etc)
+ # (Commands like /NOTICE, /PRIVMSG, /KICK, etc)
maxtargets="20"
- # customversion: Displays a custom string when a user /version's
- # the ircd. This may be set for security reasons or vanity reasons.
+ # customversion: A custom message to be displayed in the comments field
+ # of the VERSION command response. This does not hide the InspIRCd version.
customversion=""
- # operspywhois: show opers (users/auspex) the +s channels a user is in. Values:
- # splitmsg Split with an explanatory message
- # yes Split with no explanatory message
- # no Do not show
- operspywhois="no"
-
# runasuser: If this is set, InspIRCd will attempt to switch
# to run as this user, which allows binding of ports under 1024.
# You should NOT set this unless you are starting as root.
# restrictbannedusers: If this is set to yes, InspIRCd will not allow users
# banned on a channel to change nickname or message channels they are
- # banned on.
+ # banned on. This can also be set to silent to restrict the user but not
+ # notify them.
restrictbannedusers="yes"
# genericoper: Setting this value to yes makes all opers on this server
- # appear as 'is an IRC operator' in their WHOIS, regardless of their
+ # appear as 'is a server operator' in their WHOIS, regardless of their
# oper type, however oper types are still used internally. This only
# affects the display in WHOIS.
genericoper="no"
- # userstats: /stats commands that users can run (opers can run all).
+ # userstats: /STATS commands that users can run (opers can run all).
userstats="Pu">
#-#-#-#-#-#-#-#-#-#-#-#-# LIMITS CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
# #
# This configuration tag defines the maximum sizes of various types #
# on IRC, such as the maximum length of a channel name, and the #
-# maximum length of a channel. Note that with the exception of the #
-# identmax value all values given here are the exact values you would #
-# expect to see on IRC. This contrasts with the older InspIRCd #
-# releases where these values would be one character shorter than #
-# defined to account for a null terminator on the end of the text. #
-# #
-# These values should match network-wide otherwise issues will occur. #
+# maximum length of a channel. These values should match network-wide #
+# otherwise issues will occur. #
# #
# The highest safe value you can set any of these options to is 500, #
# but it is recommended that you keep them somewhat #
<limits
# maxnick: Maximum length of a nickname.
- maxnick="31"
+ maxnick="30"
# maxchan: Maximum length of a channel name.
maxchan="64"
maxmodes="20"
# maxident: Maximum length of a ident/username.
- maxident="11"
+ maxident="10"
+
+ # maxhost: Maximum length of a hostname.
+ maxhost="64"
# maxquit: Maximum length of a quit message.
maxquit="255"
# maxkick: Maximum length of a kick message.
maxkick="255"
- # maxgecos: Maximum length of a GECOS (realname).
- maxgecos="128"
+ # maxreal: Maximum length of a real name.
+ maxreal="128"
# maxaway: Maximum length of an away message.
maxaway="200">
+#-#-#-#-#-#-#-#-#-#-#-#-# PATHS CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# This configuration tag defines the location that InspIRCd stores #
+# various types of files such as configuration files, log files and #
+# modules. You will probably not need to change these from the values #
+# set when InspIRCd was built unless you are using a binary package #
+# where you do not have the ability to set build time configuration. #
+#<path configdir="conf" datadir="data" logdir="logs" moduledir="modules">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Logging
# Logging is covered with the <log> tag, which you may use to change
# the behaviour of the logging of the IRCd.
#
-# In InspIRCd as of 1.2, logging is pluggable and very extensible.
-# Different files can log the same thing, different 'types' of log can
-# go to different places, and modules can even extend the log tag
-# to do what they want.
-#
# An example log tag would be:
-# <log method="file" type="OPER" level="default" target="logs/opers.log">
-# which would log all information on /oper (failed and successful) to
+# <log method="file" type="OPER" level="default" target="opers.log">
+# which would log all information on /OPER (failed and successful) to
# a file called opers.log.
#
# There are many different types which may be used, and modules may
# generate their own. A list of useful types:
# - USERS - information relating to user connection and disconnection
-# - OPER - succesful and failed oper attempts
+# - OPER - successful and failed oper attempts
# - KILL - kill related messages
-# - snomask - server notices (*all* snomasks will be logged)
-# - FILTER - messages related to filter matches (m_filter)
+# - FILTER - messages related to filter matches (filter module)
# - CONFIG - configuration related messages
# - COMMAND - die and restart messages, and messages related to unknown user types
# - SOCKET - socket engine informational/error messages
# - USERINPUT
# - USEROUTPUT
#
+# If your server is producing a high levels of log messages you can also set the
+# flush="[positive number]" attribute to specify how many log messages should be
+# buffered before flushing to disk. You should probably not specify this unless
+# you are having problems.
+#
# The following log tag is highly default and uncustomised. It is recommended you
# sort out your own log tags. This is just here so you get some output.
-<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="logs/ircd.log">
+<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="ircd.log">
#-#-#-#-#-#-#-#-#-#-#-#-#- WHOWAS OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# This tag lets you define the behaviour of the /whowas command of #
+# This tag lets you define the behaviour of the /WHOWAS command of #
# your server. #
# #
<whowas
# groupsize: Maximum entries per nick shown when performing
- # a /whowas nick.
+ # a /WHOWAS <nick>.
groupsize="10"
# maxgroups: Maximum number of nickgroups that can be added to
- # the list so that /whowas does not use a lot of resources on
+ # the list so that /WHOWAS does not use a lot of resources on
# large networks.
maxgroups="100000"
<badnick
# nick: Nick to disallow. Wildcards are supported.
- nick="ChanServ"
+ nick="Tr0ll123"
- # reason: Reason to display on /nick.
- reason="Reserved For Services">
-
-<badnick nick="NickServ" reason="Reserved For Services">
-<badnick nick="OperServ" reason="Reserved For Services">
-<badnick nick="MemoServ" reason="Reserved For Services">
+ # reason: Reason to display on /NICK.
+ reason="Don't use this nick.">
<badhost
# host: ident@hostname to ban.
<badhost host="root@*" reason="Don't IRC as root!">
<badhost host="*@198.51.100.0/24" reason="This subnet is bad.">
-# exception: Hosts that are exempt from [kgz]lines.
+# exception: Hosts that are exempt from [KGZ]-lines.
<exception
# host: ident@hostname to exempt.
# Wildcards and CIDR (if you specify an IP) can be used.
- host="*@ircop.example.com"
+ host="*@serverop.example.com"
- # reason: Reason for exception. Only shown in /stats e
+ # reason: Reason for exception. Only shown in /STATS e.
reason="Oper's hostname">
#-#-#-#-#-#-#-#-#-#-#- INSANE BAN OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# This optional tag allows you to specify how wide a gline, eline, #
-# kline, zline or qline can be before it is forbidden from being #
-# set. By setting hostmasks="yes", you can allow all G, K, E lines, #
+# This optional tag allows you to specify how wide a G-line, E-line, #
+# K-line, Z-line or Q-line can be before it is forbidden from being #
+# set. By setting hostmasks="yes", you can allow all G-, K-, E-lines, #
# no matter how many users the ban would cover. This is not #
-# recommended! By setting ipmasks="yes", you can allow all Z lines, #
+# recommended! By setting ipmasks="yes", you can allow all Z-lines, #
# no matter how many users these cover too. Needless to say we #
# don't recommend you do this, or, set nickmasks="yes", which will #
-# allow any qline. #
+# allow any Q-line. #
# #
<insane
# will be banning 955 or more users.
trigger="95.5">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#- YAWN -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# You should already know what to do here :) #
-
-<die value="User error. You didn't edit your config properly. Go back and try again.">
-
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# MODULES #-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# ____ _ _____ _ _ ____ _ _ _ #
# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
# provide almost all the features of InspIRCd. :) #
# #
# The default does nothing -- we include it for simplicity for you. #
-<include file="conf/examples/modules.conf.example">
+#<include file="examples/modules.conf.example">
-# Here are some pre-built modules.conf files that closely match the
-# default configurations of some popular IRCd's. You still may want to
-# look over them and make sure if everything is correct for you and setup
-# the proper SSL information.
+#-#-#-#-#-#-#-#-#-#-#-# SERVICES CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
+# #
+# If you use services you will probably want to include one of the #
+# following files which set up aliases, nick reservations and filter #
+# exemptions for services pseudoclients: #
#
-# *NOTE*: These files have no comments for what the modules do. If you
-# are interested in that, please read the modules.conf.example. It is also
-# recommended that you make your own modules file based on modules.conf.example.
-
-# Settings similar to UnrealIRCd defaults.
-#<include file="conf/examples/modules/unrealircd.conf.example">
-
-# Settings similar to Charybdis IRCd defaults.
-#<include file="conf/examples/modules/charybdis.conf.example">
-
+# Anope users should uncomment this:
+#<include file="examples/services/anope.conf.example">
+#
+# Atheme users should uncomment this:
+#<include file="examples/services/atheme.conf.example">
+#
+# Users of other services should uncomment this:
+#<include file="examples/services/generic.conf.example">
#########################################################################
# #
# - InspIRCd Development Team - #
-# http://www.inspircd.org #
+# https://www.inspircd.org #
# #
#########################################################################
projects / user / henk / code / inspircd.git / blobdiff