# this module being loaded to function.
#
#<module name="md5">
-#
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SHA256 module: Allows other modules to generate SHA256 hashes,
# usually for cryptographic uses and security.
# be enhanced (for example the addition of HMAC authentication).
#
#<module name="sha256">
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# RIPEMD160 module: Allows other modules to generate RIPEMD160 hashes,
-# usually for cryptographic uses and security.
-#
-# IMPORTANT:
-# Other modules may rely on this module being loaded to function.
-#<module name="ripemd160">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Abbreviation module: Provides the ability to abbreviate commands a-la
#<module name="callerid">
#
#-#-#-#-#-#-#-#-#-#-#- CALLERID CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
-# maxaccepts - Maximum number of entries a user can add to his #
-# /ACCEPT list. Default is 16 entries. #
-# tracknick - Preserve /accept entries when a user changes nick? #
+# maxaccepts - Maximum number of entries a user can add to their #
+# /ACCEPT list. Default is 30 entries. #
+# tracknick - Preserve /ACCEPT entries when a user changes nick? #
# If no (the default), the user is removed from #
-# everyone's accept list if he changes nickname. #
+# everyone's accept list if their nickname changes. #
# cooldown - Amount of time that must pass since the last #
-# notification sent to a user before he can be sent #
-# another. Default is 1 minute. #
-#<callerid maxaccepts="16"
+# notification sent to a user before they can be #
+# sent another. Default is 1 minute. #
+#<callerid maxaccepts="30"
# tracknick="no"
# cooldown="1m">
# address in the ident sent by the user. This is not recommended as it
# only works with IPv4 connections.
#
-# When using this method you must specify a wildcard mask or CIDR range to
-# allow gateway connections from.
+# When using this method you must specify a wildcard mask or CIDR range to allow
+# gateway connections from. You can also optionally configure the static value
+# that replaces the IP in the ident to avoid leaking the real IP address of
+# gateway clients (defaults to "gateway" if not set).
#
-# <cgihost type="ident" mask="198.51.100.0/24">
-# <cgihost type="ident" mask="*.ident.gateway.example.com">
+# <cgihost type="ident"
+# mask="198.51.100.0/24"
+# newident="wibble">
+# <cgihost type="ident"
+# mask="*.ident.gateway.example.com"
+# newident="wobble">
#
# By default gateway connections are logged to the +w snomask. If you
# do not want this to happen then you can uncomment this to disable it.
# that looks like the name of another channel on the network.
#<module name="channames">
-<channames
+#<channames
# denyrange: characters or range of characters to deny in channel
# names.
- denyrange="2,3"
+ #denyrange="2,3"
# allowrange: characters or range of characters to specifically allow
# in channel names.
- allowrange="">
+ #allowrange="">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channelban: Implements extended ban j:, which stops anyone already
# #
# To use cloaking, you must define a cloak key, and optionally a #
# cloak prefix as shown below. The cloak key must be shared across #
-# the network for correct cloaking. #
+# the network for consistent cloaking and must be at least thirty #
+# characters long. #
# #
# There are two methods of cloaking: #
# #
# #
# The methods use a single key that can be any length of text. #
# An optional prefix may be specified to mark cloaked hosts. #
+# #
+# IMPORTANT: Changing these details will break all of your existing #
+# bans. If you do not want this to happen you can define multiple #
+# cloak tags. The first will be used for cloaking and the rest will #
+# be used for checking if a user is banned in a channel. #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#
#<cloak mode="half"
-# key="secret"
+# key="changeme"
# domainparts="3"
# prefix="net-">
+#
+#<cloak mode="full"
+# key="changeme"
+# prefix="net-">
#-#-#-#-#-#-#-#-#-#-#-#- CLOSE MODULE #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Close module: Allows an oper to close all unregistered connections.
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Exempt channel operators module: Provides support for allowing #
-# channel operators to be exempt from some channel modes. Supported #
-# modes are blockcaps, noctcp, blockcolor, nickflood, flood, censor, #
-# filter, regmoderated, nonick, nonotice, and stripcolor. #
+# users of a specified channel status to be exempt from some channel #
+# restriction modes. Supported restrictions are #
+# blockcaps, blockcolor, censor, filter, flood, nickflood, noctcp, #
+# nonick, nonotice, regmoderated, stripcolor, and topiclock. #
+# See <options:exemptchanops> in inspircd.conf.example for a more #
+# detailed list of the restriction modes that can be exempted. #
+# These are settable using /mode #chan +X <restriction>:<status> #
#<module name="exemptchanops"> #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#<module name="flashpolicyd"> #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Gecos (real name) ban: Implements extended ban 'r', which stops anyone
-# matching a mask like +b r:*realname?here* from joining a channel.
+# Real name ban: Implements two extended bans: #
+# 'a', which matches a n!u@h+realname mask like +b a:*!*@host+*real* #
+# 'r', which matches a realname mask like +b r:*realname?here* #
#<module name="gecosban">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# must be in one of your oper class blocks.
#<module name="globalload">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# HAProxy module: Adds support for the HAProxy PROXY v2 protocol. To
+# use this module specify hook="haproxy" in the <bind> tag that HAProxy
+# has been configured to connect to.
+#<module name="haproxy">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# HELPOP module: Provides the /HELPOP command
#<module name="helpop">
# If you specify to use the helpop module, then specify below the #
# path to the helpop.conf file. #
# #
-#<include file="examples/inspircd.helpop-full.example">
+#<include file="examples/helpop-full.conf.example">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Hide chans module: Allows users to hide their channels list from non-
# Only show invite exceptions (+I) to channel members:
#<hidelist mode="invex" rank="0">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Hide mode module: Allows for hiding mode changes from users who do not
+# have sufficient channel privileges.
+#<module name="hidemode">
+#
+# Hide bans (+b) from people who are not voiced:
+#<hidemode mode="ban" rank="10000">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Hide oper module: Allows opers to hide their oper status from non-
# opers by setting user mode +H on themselves.
# #
# See https://wiki.inspircd.org/Modules/3.0/hostchange for help. #
# #
-#<host suffix="invalid.org" separator="." prefix="">
-#<hostchange mask="*@42.theanswer.example.org" action="addnick">
-#<hostchange mask="*root@*" action="suffix">
+#<hostchange mask="*@42.theanswer.example.org" action="addaccount" suffix=".users.example.com">
+#<hostchange mask="*root@*" action="addnick" prefix="example/users/">
#<hostchange mask="a@example.com" action="set" value="foo.bar.baz">
-#<hostchange mask="localhost" ports="7000,7001,7005-7007" action="set" value="blahblah.foo">
+#<hostchange mask="*@localhost" ports="7000,7001,7005-7007" action="set" value="blahblah.foo">
# hostcycle: If loaded, when a user gets a host or ident set, it will
# cycle them in all their channels. If not loaded it will simply change
# If you choose to use the httpd module, then you will need to add
# a <bind> tag with type "httpd", and load at least one of the other
# httpd_* modules to provide pages to display.
+# <bind address="127.0.0.1" port="8067" type="httpd">
+# <bind address="127.0.0.1" port="8097" type="httpd" ssl="gnutls">
#
# You can adjust the timeout for HTTP connections below. All HTTP
# connections will be closed after (roughly) this time period.
# <httpdacl path="/*" types="blacklist" blacklist="*">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# HTTP config module: Allows the configuration of the server to be
-# viewed over HTTP. Requires httpd to be loaded for it to function.
+# HTTP config module: Allows the server configuration to be viewed over
+# HTTP via the /config path. Requires the httpd module to be loaded for
+# it to function.
+#
+# IMPORTANT: This module exposes extremely sensitive information about
+# your server and users so you *MUST* protect it using a local-only
+# <bind> tag and/or the httpd_acl module. See above for details.
#<module name="httpd_config">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# HTTP stats module: Provides basic stats pages over HTTP.
-# Requires httpd to be loaded for it to function.
+# HTTP stats module: Provides server statistics over HTTP via the /stats
+# path. Requires the httpd module to be loaded for it to function.
+#
+# IMPORTANT: This module exposes extremely sensitive information about
+# your server and users so you *MUST* protect it using a local-only
+# <bind> tag and/or the httpd_acl module. See above for details.
#<module name="httpd_stats">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#<ircv3 accountnotify="on" awaynotify="on" extendedjoin="on">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# IRCv3 cap-notify module: Provides the cap-notify IRCv3.2 extension.
-# Required for IRCv3.2 conformance.
+# IRCv3 account-tag module. Adds the 'account' tag which contains the
+# services account name of the message sender.
+#<module name="ircv3_accounttag">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 batch module: Provides the batch IRCv3 extension which allows
+# the server to inform a client that a group of messages are related to
+# each other.
+#<module name="ircv3_batch">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 cap-notify module: Provides the cap-notify IRCv3 extension.
+# Required for IRCv3 conformance.
#<module name="ircv3_capnotify">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# IRCv3 chghost module: Provides the chghost IRCv3.2 extension which
+# IRCv3 chghost module: Provides the chghost IRCv3 extension which
# allows capable clients to learn when the host/ident of another user
# changes without cycling the user. This module is compatible with the
# hostcycle module. If both are loaded, clients supporting the chghost
#<module name="ircv3_chghost">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# IRCv3 echo-message module: Provides the echo-message IRCv3.2
+# IRCv3 echo-message module: Provides the echo-message IRCv3
# extension which allows capable clients to get an acknowledgement when
# their messages are delivered and learn what modifications, if any,
# were applied to them.
#<module name="ircv3_echomessage">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# IRCv3 invite-notify module: Provides the invite-notify IRCv3.2
+# IRCv3 invite-notify module: Provides the invite-notify IRCv3
# extension which notifies supporting clients when a user invites
# another user into a channel. This respects <options:announceinvites>.
#<module name="ircv3_invitenotify">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# IRCv3 Strict Transport Security module: Provides the sts IRCv3.2
+# IRCv3 server-time module. Adds the 'time' tag which adds a timestamp
+# to all messages received from the server.
+#<module name="ircv3_servertime">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 Strict Transport Security module: Provides the sts IRCv3
# extension which allows clients connecting insecurely to upgrade their
# connections to TLS.
#<module name="ircv3_sts">
#<module name="nicklock">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# No CTCP module: Adds the channel mode +C to block CTCPs and extban
-# 'C' to block CTCPs sent by specific users.
+# No CTCP module: Adds the channel mode +C and user mode +T to block
+# CTCPs and extban 'C' to block CTCPs sent by specific users.
#<module name="noctcp">
+#
+# The +T user mode is not enabled by default to enable link compatibility
+# with 2.0 servers. You can enable it by uncommenting this:
+#<noctcp enableumode="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# No kicks module: Adds the +Q channel mode and the Q: extban to deny
# onoper - If on, the message is sent on /OPER, otherwise it's #
# only sent when /OPERMOTD is used. #
# #
-# processcolors - Allow color codes to be processed in the opermotd. #
-# Read the comment above <connect:allowmotdcolors> in #
-# inspircd.conf.example for details. #
-# #
-#<opermotd file="examples/opermotd.txt.example" onoper="yes" processcolors="false">
+#<opermotd file="examples/opermotd.txt.example" onoper="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Override module: Adds support for oper override.
# to compile and load this module.
#<module name="regex_tre">
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Registered users only channel creation module. If enabled, only
-# registered users and opers can create new channels.
-#
-# You probably *DO NOT* want to load this module on a public network.
-#
-#<module name="regonlycreate">
-
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Remove module: Adds the /REMOVE command which is a peaceful
# alternative to /KICK.
#<module name="repeat">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Restricted channels module: Allows only opers to create channels.
+# Restricted channels module: Allows only opers or registered users to
+# create channels.
#
# You probably *DO NOT* want to load this module on a public network.
#
#<module name="restrictchans">
+# Configure the restrictchans module
+# allowregistered: should registered users be allowed to bypass the restrictions?
+#<restrictchans allowregistered="no">
+
+# Allow any channel matching #user-* to be created, bypassing restrictchans checks
+#<allowchannel name="#user-*">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Restrict message module: Allows users to only message opers.
#
# (similar to /MOTD; the default). #
# * notice: Send contents as a series of notices. #
# * msg: Send contents as a series of private messages. #
-# colors - If true, color codes (\c, \b, \u, etc.) will be processed #
-# and sent as ANSI colors. If false (default) the file will #
-# be displayed as-is. #
# #
# When using the method "numeric", the following extra settings are #
# available: #
# #
#<showfile name="RULES"
# file="rules.txt"
-# colors="true"
# introtext="Server rules:"
# endtext="End of server rules.">
# WebSocket connections. Compatible with SSL/TLS.
# Requires SHA-1 hash support available in the sha1 module.
#<module name="websocket">
+#
+# Whether to re-encode messages as UTF-8 before sending to WebSocket
+# clients. This is recommended as the WebSocket protocol requires all
+# text frames to be sent as UTF-8. If you do not have this enabled
+# messages will be sent as binary frames instead.
+#<websocket sendastext="yes">
+#
+# If you use the websocket module you MUST specify one or more origins
+# which are allowed to connect to the server. You should set this as
+# strict as possible to prevent malicious webpages from connecting to
+# your server.
+# <wsorigin allow="https://webchat.example.com/*">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# XLine database: Stores all *Lines (G/Z/K/R/any added by other modules)