X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=docs%2Fconf%2Fmodules.conf.example;h=0b149775bc480cc9d422f77ac8f7d15995233262;hb=e0dc7691c4cff3a38bc12adf10b3709d8c4901ba;hp=a538ea879fe6618f936768ded4a7cfcf844744cd;hpb=584cbe80152ed3bb8cdbedc41c43d63cd10ca799;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example index a538ea879..0b149775b 100644 --- a/docs/conf/modules.conf.example +++ b/docs/conf/modules.conf.example @@ -10,7 +10,7 @@ # # # By default, ALL modules are commented out. You must uncomment them # # or add lines to your config to load modules. Please refer to # -# https://wiki.inspircd.org/2.0/Modules for a list of modules and # +# https://docs.inspircd.org/3/modules for a list of modules and # # each modules link for any additional conf tags they require. # # # # ____ _ _____ _ _ ____ _ _ _ # @@ -19,8 +19,8 @@ # | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| # # |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) # # # -# To link servers to InspIRCd, you MUST load the m_spanningtree # -# module. If you don't do this, server links will NOT work at all. # +# To link servers to InspIRCd, you MUST load the spanningtree module. # +# If you don't do this, server links will NOT work at all. # # This is by design, to allow for the implementation of other linking # # protocols in modules in the future. This module is at the bottom of # # this file. # @@ -31,38 +31,31 @@ # cryptographic uses and security. # # IMPORTANT: -# Other modules such as m_cloaking.so and m_password_hash.so may rely on +# Other modules such as cloaking and password_hash may rely on # this module being loaded to function. # -# -# +# + #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SHA256 module: Allows other modules to generate SHA256 hashes, # usually for cryptographic uses and security. # # IMPORTANT: -# Other modules such as m_password_hash.so may rely on this module being -# loaded to function. Certain modules such as m_spanningtree.so will +# Other modules such as password_hash may rely on this module being +# loaded to function. Certain modules such as spanningtree will # function without this module but when it is loaded their features will # be enhanced (for example the addition of HMAC authentication). # -# -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# RIPEMD160 module: Allows other modules to generate RIPEMD160 hashes, -# usually for cryptographic uses and security. -# -# IMPORTANT: -# Other modules may rely on this module being loaded to function. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Abbreviation module: Provides the ability to abbreviate commands a-la # BBC BASIC keywords. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Alias module: Allows you to define server-side command aliases. -# +# # # Set the 'prefix' for in-channel aliases (fantasy commands) to the # specified character. If not set, the default is "!". @@ -72,9 +65,9 @@ # #-#-#-#-#-#-#-#-#-#-#- ALIAS DEFINITIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-# # # -# If you have the m_alias.so module loaded, you may also define # -# aliases as shown below. They are commonly used to provide shortcut # -# commands to services, however they are not limited to just this use.# +# If you have the alias module loaded, you may also define aliases as # +# shown below. They are commonly used to provide shortcut commands to # +# services, however they are not limited to just this use. # # An alias tag requires the following values to be defined in it: # # # # text - The text to detect as the actual command line. # @@ -85,13 +78,13 @@ # matched, or it has no format value. Aliases are # # read from the top of the file to the bottom. # # # -# usercommand - If this is true, the alias can be run simply as # -# /aliasname. Defaults to true. # +# usercommand - If set to yes, the alias can be run simply as # +# /ALIASNAME. Defaults to yes. # # # -# channelcommand - If this is true, the alias can be used as an # +# channelcommand - If set to yes, the alias can be used as an # # in-channel alias or 'fantasy command', prefixed # # by the fantasy prefix character, !aliasname by # -# default. Defaults to false. # +# default. Defaults to no. # # # # format - If this is defined, the parameters of the alias # # must match this glob pattern. For example if you # @@ -123,46 +116,37 @@ # to successfully trigger. If they are not, then # # the user receives a 'no such nick' 401 numeric. # # # -# uline - Setting this to true will ensure that the user # -# given in 'requires' is also on a u-lined server, # +# stripcolor - If set to yes, the text from the user will be # +# stripped of color and format codes before # +# matching against 'text'. # +# # +# uline - Setting this to yes will ensure that the user # +# given in 'requires' is also on a U-lined server, # # as well as actually being on the network. If the # -# user is online, but not on a u-lined server, # +# user is online, but not on a U-lined server, # # then an oper alert is sent out as this is # # possibly a sign of a user trying to impersonate # # a service. # # # -# operonly - If true, this will make the alias oper only. # +# operonly - If yes, this will make the alias oper only. # # If a non-oper attempts to use the alias, it will # # appear to not exist. # # # -# -# -# -# -# -# -# -# -# -# -# -# # # An example of using the format value to create an alias with two # different behaviours depending on the format of the parameters. # -# # -# # # This alias fixes a glitch in xchat 2.6.x and above and the way it # assumes IDENTIFY must be prefixed by a colon (:) character. It should -# be placed ABOVE the default NICKSERV alias (the first example) listed -# above. +# be placed ABOVE the default NICKSERV alias. # -# # # You may also add aliases to trigger based on something said in a @@ -171,7 +155,7 @@ # command must be preceded by the fantasy prefix when used. # # +# replace="SQUERY ChanServ :$1 $chan $2-" requires="ChanServ" uline="yes"> # # This would be used as "!cs ", with the channel # being automatically inserted after the command in the message to @@ -180,18 +164,56 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Allowinvite module: Gives channel mode +A to allow all users to use # /INVITE, and extban A to deny invite from specific masks. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Alltime module: Shows time on all connected servers at once. # This module is oper-only and provides /ALLTIME. # To use, ALLTIME must be in one of your oper class blocks. -# +# + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Anticaps module: Adds channel mode +B which allows you to punish +# users that send overly capitalised messages to channels. Unlike the +# blockcaps module this module is more flexible as it has more options +# for punishment and allows channels to configure their own punishment +# policies. +# +# +# You may also configure the characters which anticaps considers to be +# lower case and upper case. Any characters not listed here are assumed +# to be punctuation and will be ignored when counting: +# + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Argon2 module: Allows other modules to generate Argon2 hashes, +# usually for cryptographic uses and security. +# This module makes the algorithms argon2i, argon2d and argon2id +# available for use. +# Note that this module is extra, and must be enabled explicitly +# to build. It depends on libargon2. +# +# +# memory: Memory hardness, in KiB. E.g. 131072 KiB = 128 MiB. +# iterations: Time hardness in iterations. (def. 3) +# lanes: How many parallel chains can be run. (def. 1) +# threads: Maximum amount of threads each invocation can spawn. (def. 1) +# length: Output length in bytes. (def. 32) +# saltlength: Salt length in bytes. (def. 16) +# version: Algorithm version, 10 or 13. (def. 13) +# The parameters can be customized as follows: +# +# Defines the parameters that are common for all the variants (i/d/id). +# Can be overridden on individual basis, e.g. +# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Auditorium module: Adds channel mode +u which makes everyone else # except you in the channel invisible, used for large meetings etc. -# +# # # Auditorium settings: # @@ -212,31 +234,40 @@ # For example +w o:*!Attila@127.0.0.1 will op anyone matching that mask # on join. This can be combined with extbans, for example +w o:R:Brain # will op anyone identified to the account "Brain". -# Another useful combination is with SSL client certificate +# Another useful combination is with TLS (SSL) client certificate # fingerprints: +w h:z:72db600734bb9546c1bdd02377bc21d2a9690d48 will # give halfop to the user(s) having the given certificate. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Ban except module: Adds support for channel ban exceptions (+e). -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Ban redirection module: Allows bans which redirect to a specified # channel. e.g. +b nick!ident@host#channelbanneduserissentto -# +# + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# bcrypt module: Allows other modules to generate bcrypt hashes, +# usually for cryptographic uses and security. +# +# +# rounds: Defines how many rounds the bcrypt function will run when +# generating new hashes. +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Block amsg module: Attempt to block all usage of /amsg and /ame. -# +# # #-#-#-#-#-#-#-#-#-#-#- BLOCKAMSG CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# If you have the m_blockamsg.so module loaded, you can configure it # -# with the tag: # +# If you have the blockamsg module loaded, you can configure it with # +# the tag: # # # -# delay - How many seconds between two messages to force # -# them to be recognised as unrelated. # +# delay - How much time between two messages to force them # +# to be recognised as unrelated. # # action - Any of 'notice', 'noticeopers', 'silent', 'kill' # # or 'killopers'. Define how to take action when # # a user uses /amsg or /ame. # @@ -245,114 +276,149 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Block CAPS module: Adds channel mode +B, blocks all-CAPS messages. -# +# +# NOTE: This module is deprecated and will be removed in a future version +# of InspIRCd. You should use the anticaps module shown above instead. +# # #-#-#-#-#-#-#-#-#-#-#- BLOCKCAPS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# percent - How many percent of text must be caps before text # +# percent - The percentage of a message which must be upper # +# case before it will be blocked. # +# # +# minlen - The minimum length a message must be before it # # will be blocked. # # # -# minlen - The minimum length a line must be for the block # -# percent to have any effect. # +# lowercase - The characters which will be considered lower # +# case. # # # -# capsmap - A list of chars to be considered CAPS. Can be used # -# to add CAPS characters for your language. Also you # -# can add things like ! and space to further lock # -# down on caps usage. # +# uppercase - The characters which will be considered upper # +# case. # +# # +# lowercase="abcdefghijklmnopqrstuvwxyz" +# uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Block color module: Blocking color-coded messages with chan mode +c. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Botmode module: Adds the user mode +B. If set on a user, it will # show that the user is a bot in /WHOIS. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# CallerID module: Adds usermode +g which activates hybrid-style +# CallerID module: Adds user mode +g which activates hybrid-style # callerid: block all private messages unless you /ACCEPT first. -# +# # #-#-#-#-#-#-#-#-#-#-#- CALLERID CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# -# maxaccepts - Maximum number of entries a user can add to his # -# /ACCEPT list. Default is 16 entries. # -# operoverride - Can opers (note: ALL opers) override callerid? # -# Default is no. # -# tracknick - Preserve /accept entries when a user changes nick? # +# maxaccepts - Maximum number of entries a user can add to their # +# /ACCEPT list. Default is 30 entries. # +# tracknick - Preserve /ACCEPT entries when a user changes nick? # # If no (the default), the user is removed from # -# everyone's accept list if he changes nickname. # -# cooldown - Amount of time (in seconds) that must pass since # -# the last notification sent to a user before he can # -# be sent another. Default is 60 (1 minute). # -# +# cooldown="1m"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CAP module: Provides the CAP negotiation mechanism required by the -# m_sasl, m_namesx, m_uhnames, and m_ircv3 modules. -# It is also recommended for the STARTTLS support in m_ssl_gnutls. -# +# sasl, namesx, uhnames, and ircv3 modules. +# It is also recommended for STARTTLS support in the starttls module. +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CBAN module: Lets you disallow channels from being used at runtime. # This module is oper-only and provides /CBAN. # To use, CBAN must be in one of your oper class blocks. -# +# +# CBAN does not allow glob channelmasks by default for compatibility +# reasons. You can enable glob support by uncommenting the next line. +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Censor module: Adds channel and user mode +G. -# +# Censor module: Adds channel and user mode +G which block phrases that +# are listed in the server bad words list. +# # #-#-#-#-#-#-#-#-#-#-#- CENSOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# Optional - If you specify to use the m_censor module, then you must # -# specify some censor tags. See also: # -# https://wiki.inspircd.org/Modules/2.0/censor # -# -# +# If you have the censor module loaded you should specify one or more # +# phrases to replace/block in user messages. The config for this is # +# formatted as follows: # +# # +# Replaces "eggplant" with "aubergine" within messages: # +# # +# # +# Blocks messages that contain "fluffy capybaras": # +# # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# CGI:IRC module: Adds support for automatic host changing in CGI:IRC -# (http://cgiirc.sourceforge.net). -# +# CGI:IRC module: Enables forwarding the real IP address of a user from +# a gateway to the IRC server. +# # #-#-#-#-#-#-#-#-#-#-#-# CGIIRC CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-# # -# Optional - If you specify to use m_cgiirc, then you must specify one -# or more cgihost tags which indicate authorised CGI:IRC servers which -# will be connecting to your network, and an optional cgiirc tag. -# For more information see: https://wiki.inspircd.org/Modules/2.0/cgiirc -# -# Set to yes if you want to notice opers when CGI:IRC clients connect. +# If you use the cgiirc module then you must specify the gateways which +# are authorised to forward IP/host information to your server. There +# are currently two ways to do this: +# +# The webirc method is the recommended way to allow gateways to forward +# IP/host information. When using this method the gateway sends a WEBIRC +# message to the server on connection. For more details please read the +# IRCv3 WebIRC specification at: https://ircv3.net/specs/extensions/webirc.html +# +# When using this method you must specify one or more wildcard masks +# or CIDR ranges to allow gateway connections from and at least one of +# either a TLS (SSL) client certificate fingerprint for the gateway or +# a password to be sent in the WEBIRC command. +# +# +# +# +# Alternatively if your gateway does not support sending the WEBIRC +# message then you can configure InspIRCd to look for the client IP +# address in the ident sent by the user. This is not recommended as it +# only works with IPv4 connections. +# +# When using this method you must specify one or more wildcard masks +# or CIDR ranges to allow gateway connections from. You can also +# optionally configure the static value that replaces the IP in the +# ident to avoid leaking the real IP address of gateway clients +# (defaults to "gateway" if not set). +# +# +# +# +# By default gateway connections are logged to the +w snomask. If you +# do not want this to happen then you can uncomment this to disable it. # -# -# The type field indicates where the module should get the real -# client's IP address from, for further information, please see the -# CGI:IRC documentation. -# -# Old style: -# # Get IP from PASS -# # Get IP from ident -# # See the docs -# New style: -# # Get IP from WEBIRC -# + # IMPORTANT NOTE: # --------------- # -# When you connect CGI:IRC clients, there are two connect classes which +# When you connect gateway clients, there are two connect classes which # apply to these clients. When the client initially connects, the connect -# class which matches the CGI:IRC site's host is checked. Therefore you -# must raise the maximum local/global clients for this ip as high as you -# want to allow cgi clients. After the client has connected and is -# determined to be a cgi:irc client, the class which matches the client's +# class which matches the gateway site's host is checked. Therefore you +# must raise the maximum local/global clients for this IP as high as you +# want to allow gateway clients. After the client has connected and is +# determined to be a gateway client, the class which matches the client's # real IP is then checked. You may set this class to a lower value, so that # the real IP of the client can still be restricted to, for example, 3 # sessions maximum. @@ -361,30 +427,48 @@ # Channel create module: Adds snomask +j, which will notify opers of # any new channels that are created. # This module is oper-only. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel filter module: Allows channel-op defined message filtering # using simple string matches (channel mode +g). -# +# # # If hidemask is set to yes, the user will not be shown the mask when -# his/her message is blocked. -# +# their message is blocked. +# +# If maxlen is set then it defines the maximum length of a filter entry. +# +# If notifyuser is set to no, the user will not be notified when +# their message is blocked. +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel history module: Displays the last 'X' lines of chat to a user # joining a channel with +H 'X:T' set; 'T' is the maximum time to keep # lines in the history buffer. Designed so that the new user knows what # the current topic of conversation is when joining the channel. -# +# # -# Set the maximum number of lines allowed to be stored per channel below. -# This is the hard limit for 'X'. -# If notice is set to yes, joining users will get a NOTICE before playback -# telling them about the following lines being the pre-join history. -# If bots is set to yes, it will also send to users marked with +B -# +#-#-#-#-#-#-#-#-#-#-#- CHANHISTORY CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# +# # +# bots - Whether to send channel history to bots. Defaults to yes. # +# # +# enableumode - Whether to enable the +N user mode which allows users # +# to opt-out of receiving channel history. Defaults to # +# no. # +# # +# maxlines - The maximum number of lines of chat history to send to a # +# joining users. Defaults to 50. # +# # +# prefixmsg - Whether to send an explanatory message to clients that # +# don't support the chathistory batch type. Defaults to # +# yes. # +# # +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel logging module: Used to send snotice output to channels, to @@ -393,7 +477,7 @@ # The "channel" field is where you want the messages to go, "snomasks" # is what snomasks you want to be sent to that channel. Multiple tags # are allowed. -# +# # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# @@ -401,7 +485,7 @@ # characters in the channel name such as bold, colorcodes, etc. which # can be quite annoying and allow users to on occasion have a channel # that looks like the name of another channel on the network. -# +# # - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Chanprotect module: Gives +q and +a channel modes. -# -# IMPORTANT: This module has been removed in the next major version of -# InspIRCd. You should use m_customprefix instead. -# - -# - +# channel names. To disallow them, load the channames module and +# add characters 42 and 63 to denyrange (see above). +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Check module: Adds the /CHECK command. @@ -455,7 +512,7 @@ # IP addresses and hosts. # This module is oper-only. # To use, CHECK must be in one of your oper class blocks. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CHGHOST module: Adds the /CHGHOST command. @@ -464,7 +521,7 @@ # NOTE: Services will not be able to set vhosts on users if this module # isn't loaded. If you're planning on running services, you probably # want to load this. -# +# # #-#-#-#-#-#-#-#-# /CHGHOST - /SETHOST CONFIGURATION #-#-#-#-#-#-#-#-# # Optional - If you want to use special chars for hostnames you can # @@ -479,64 +536,72 @@ # CHGIDENT module: Adds the /CHGIDENT command. # This module is oper-only. # To use, CHGIDENT must be in one of your oper class blocks. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CHGNAME module: Adds the /CHGNAME command. # This module is oper-only. # To use, CHGNAME must be in one of your oper class blocks. -# +# +# +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Connection class ban module: Adds support for extban 'n' which +# matches against the class name of the user's connection. +# This module assumes that connection classes are named in a uniform +# way on all servers of the network. Wildcards are accepted. +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Cloaking module: Adds usermode +x and cloaking support. -# Relies on the module m_md5.so being loaded. -# To cloak users when they connect, load m_conn_umodes and set +# Clear chan module: Allows opers to masskick, masskill or +# mass G/Z-line all users on a channel using /CLEARCHAN. +# + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Cloaking module: Adds user mode +x and cloaking support. +# Relies on the md5 module being loaded. +# To cloak users when they connect, load the conn_umodes module and set # to include the +x mode. The example tag -# shows this. See the m_conn_umodes module for more information. -# +# shows this. See the conn_umodes module for more information. +# # #-#-#-#-#-#-#-#-#-#-#- CLOAKING CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# To use m_cloaking, you must define a cloak key, and optionally a # +# To use cloaking, you must define a cloak key, and optionally a # # cloak prefix as shown below. The cloak key must be shared across # -# the network for correct cloaking. # +# the network for consistent cloaking and must be at least thirty # +# characters long. # # # -# There are four methods of cloaking: # +# There are two methods of cloaking: # # # -# half Cloak only the "unique" portion of a host; show # -# the last 2 parts of the domain, /16 subnet of IPv4 # -# or /48 subnet of the IPv6 address. # +# half Cloak only the "unique" portion of a host; by # +# default show the last 2 parts of the domain, # +# /16 subnet of IPv4 or /48 subnet of the IPv6 # +# address. # +# To change the number of shown parts, modify the # +# domainparts option. # # # # full Cloak the users completely, using three slices for # # common CIDR bans (IPv4: /16, /24; IPv6: /48, /64). # # # -# These methods use a single key that can be any length of text. # +# The methods use a single key that can be any length of text. # # An optional prefix may be specified to mark cloaked hosts. # # # -# The following methods are maintained for backwards compatibility; # -# they are slightly less secure, and always hide unresolved IPs. # -# # -# compat-host InspIRCd 1.2-compatible host-based cloaking. # -# compat-ip InspIRCd 1.2-compatible ip-always cloaking. # -# # -# If you use a compat cloaking mode then you must specify key1, key2, # -# key3, key4; the values must be less than 0x80000000 and should be # -# picked at random. Prefix is mandatory, will default to network name # -# if not specified, and will always have a "-" appended. # -# # -# IMPORTANT: The compat-host and compat-ip modes have been removed in # -# the next major version of InspIRCd. You should ONLY use them if you # -# need backwards compatibility with InspIRCd 1.2. # +# IMPORTANT: Changing these details will break all of your existing # +# bans. If you do not want this to happen you can define multiple # +# cloak tags. The first will be used for cloaking and the rest will # +# be used for checking if a user is banned in a channel. # +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # # - -#-#-#-#-#-#-#-#-#-#-#-#- CLOSE MODULE #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Close module: Allows an oper to close all unregistered connections. -# This module is oper-only and provides the /CLOSE command. -# To use, CLOSE must be in one of your oper class blocks. -# +# key="changeme" +# domainparts="3" +# prefix="net-" +# ignorecase="no"> +# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Clones module: Adds an oper command /CLONES for detecting cloned @@ -544,42 +609,62 @@ # issued, use with care. # This module is oper-only. # To use, CLONES must be in one of your oper class blocks. -# +# + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Codepage module: Allows using a custom 8-bit codepage for nicknames +# and case mapping. +# +# +# You should include one of the following files to set your codepage: +# +# +# +# +# +# You can also define a custom codepage. For details on how to do this +# please refer to the docs site: +# https://docs.inspircd.org/3/modules/codepage #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Common channels module: Adds user mode +c, which, when set, requires # that users must share a common channel with you to PRIVMSG or NOTICE # you. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Auto join on connect module: Allows you to force users to join one -# or more channels automatically upon connecting to the server. -# +# or more channels automatically upon connecting to the server, or +# join them in case they aren't on any channels after being online +# for X seconds. +# # #-#-#-#-#-#-#-#-#-#-#-#- CONNJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # -# If you have m_conn_join.so loaded, you can configure it using the -# following values, or set autojoin="#chat,#help" in blocks. +# If you have the conn_join module loaded, you can configure it below +# or set autojoin="#chat,#help" in blocks. # +# Join users immediately after connection to #one #two and #three. # +# Join users to #chat after 15 seconds if they aren't on any channels. +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Set modes on connect module: When this module is loaded # blocks may have an optional modes="" value, which contains modes to # add or remove from users when they connect to the server. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Wait for PONG on connect module: Send a PING to all connecting users # and don't let them connect until they reply with a PONG. # This is useful to stop certain kinds of bots and proxies. -# +# # #-#-#-#-#-#-#-#-#-#-#- WAITPONG CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# If you have the m_conn_waitpong.so module loaded, configure it with # -# the tag: # +# If you have the conn_waitpong module loaded, configure it with the # +# tag: # # # # sendsnotice - Whether to send a helpful notice to users on # # connect telling them how to connect, should # @@ -588,18 +673,18 @@ # killonbadreply - Whether to kill the user if they send the wrong # # PONG reply. # # # -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel cycle module: Adds the /CYCLE command which is a server-side # /HOP that bypasses restrictive modes. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Connectban: Provides IP connection throttling. Any IP range that -# connects too many times (configurable) in an hour is Z-Lined for a +# connects too many times (configurable) in an hour is Z-lined for a # (configurable) duration, and their count resets to 0. -# +# # # ipv4cidr and ipv6cidr allow you to turn the comparison from # individual IP addresses (32 and 128 bits) into CIDR masks, to allow @@ -608,14 +693,16 @@ # # This allows for 10 connections in an hour with a 10 minute ban if # that is exceeded. -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Connection throttle module. -# +# # #-#-#-#-#-#-#-#-#-#-#- CONNTHROTTLE CONFIGURATION -#-#-#-#-#-#-#-#-#-# -# seconds, maxconns - Amount of connections per . +# period, maxconns - Amount of connections per . # # timeout - Time to wait after the throttle was activated # before deactivating it. Be aware that the time @@ -627,13 +714,12 @@ # bootwait - Amount of time in seconds to wait before enforcing # the throttling when the server just booted. # -# +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Custom prefixes: Allows for channel prefixes to be added. -# This replaces m_chanprotect and m_halfop. -# +# Custom prefixes: Allows for channel prefixes to be configured. +# # # name The name of the mode, must be unique from other modes. # letter The letter used for this mode. Required. @@ -641,26 +727,31 @@ # rank A numeric rank for this prefix, defining what permissions it gives. # The rank of voice, halfop and op is 10000, 20000, and 30000, # respectively. -# ranktoset The numeric rank required to set/unset this mode. Defaults to rank. +# ranktoset The numeric rank required to set this mode. Defaults to rank. +# ranktounset The numeric rank required to unset this mode. Defaults to ranktoset. # depriv Can you remove the mode from yourself? Defaults to yes. # # # -# # -# Do /RELOADMODULE m_customprefix.so after changing the settings of this module. +# You can also override the configuration of prefix modes added by both the core +# and other modules by adding a customprefix tag with change="yes" specified. +# +# +# +# Do /RELOADMODULE customprefix after changing the settings of this module. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Custom title module: Adds the /TITLE command which allows for trusted # users to gain a custom whois line and an optional vhost can be # specified. -# +# # #-#-#-#-#-#-#-#-#-#- CUSTOM TITLE CONFIGURATION -#-#-#-#-#-#-#-#-#-# # name - The username used to identify. # password - The password used to identify. # hash - The hash for the specific user's password (optional). -# m_password_hash.so and a hashing module must be loaded +# password_hash and a hashing module must be loaded # for this to work. # host - Allowed hostmask (optional). # title - Title shown in whois. @@ -668,11 +759,11 @@ # # #<title name="bar" password="foo" host="ident@test.org" title="Official Chat Helper" vhost="helper.test.org"> -#<title name="foo" password="fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9" hash="sha256" title="Official Chat Helper"> +#<title name="foo" password="$2a$10$UYZ4OcO8NNTCCGyCdY9SK.2GHiqGgxZfHFPOPmWuxEVWVQTtoDC7C" hash="bcrypt" title="Official Chat Helper"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # DCCALLOW module: Adds the /DCCALLOW command. -#<module name="m_dccallow.so"> +#<module name="dccallow"> # #-#-#-#-#-#-#-#-#-#-#- DCCALLOW CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # blockchat - Whether to block DCC CHAT as well as DCC SEND. @@ -692,9 +783,24 @@ #<banfile pattern="*.txt" action="allow"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Deaf module: Adds support for the usermode +d - deaf to channel -# messages and channel notices. -#<module name="m_deaf.so"> +# Deaf module: Adds support for user modes +d and +D: +# d - deaf to channel messages and notices. +# D - deaf to user messages and notices. +# The +D user mode is not enabled by default to enable link compatibility +# with 2.0 servers. +#<module name="deaf"> +# +#-#-#-#-#-#-#-#-#-#-#-#- DEAF CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# +# bypasschars - Characters that bypass deaf to a regular user. +# bypasscharsuline - Characters that bypass deaf to a U-lined user (services). +# Both of these take a list of characters that must match +# the starting character of a message. +# If 'bypasscharsuline' is empty, then 'bypasschars' will +# match for both regular and U-lined users. +# enableprivdeaf - Whether to enable user mode +D (privdeaf). +# privdeafuline - Whether U-lined users bypass user mode +D (privdeaf). +# +#<deaf bypasschars="" bypasscharsuline="!" enableprivdeaf="no" privdeafuline="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Delay join module: Adds the channel mode +D which delays all JOIN @@ -702,24 +808,24 @@ # speaking, their quit or part message will not be shown to the channel # which helps cut down noise on large channels in a more friendly way # than the auditorium mode. Only channel ops may set the +D mode. -#<module name="m_delayjoin.so"> +#<module name="delayjoin"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Delay message module: Adds the channel mode +d which disallows a user # from talking in the channel unless they've been joined for X seconds. # Settable using /MODE #chan +d 30 -#<module name="m_delaymsg.so"> +#<module name="delaymsg"> # Set allownotice to no to disallow NOTICEs too. Defaults to yes. #<delaymsg allownotice="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Deny channels module: Deny channels from being used by users. -#<module name="m_denychans.so"> +#<module name="denychans"> # #-#-#-#-#-#-#-#-#-#-#- DENYCHAN DEFINITIONS -#-#-#-#-#-#-#-#-#-#-#-# # # -# If you have the m_denychans.so module loaded, you need to specify # -# the channels to deny: # +# If you have the denychans module loaded, you need to specify the # +# channels to deny: # # # # name - The channel name to deny (glob masks are ok). # # allowopers - If operators are allowed to override the deny. # @@ -737,93 +843,179 @@ # Glob masks are accepted here also. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Devoice module: Let users devoice themselves using /DEVOICE #chan. -#<module name="m_devoice.so"> +# Disable module: Provides support for disabling commands and modes. # +#<module name="disable"> +# +#-#-#-#-#-#-#-#-#-#-#-#- DISABLE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# +# # +# If you have the disable module loaded then you need to specify the # +# commands and modes that you want disabled. Users who have not fully # +# connected yet are exempt from this module so you can e.g. disable # +# the NICK command but still allow users to connect to the server. # +# # +# commands - A space-delimited list of commands that can not be used # +# by users. You can exempt server operators from this with # +# the servers/use-disabled-commands privilege. # +# # +# chanmodes - One or more channel modes that can not be added/removed # +# by users. You can exempt server operators from this # +# with the servers/use-disabled-modes privilege. # +# # +# usermodes - One or more user modes that can not be added/removed by # +# users. You can exempt server operators from this with # +# the servers/use-disabled-modes privilege. # +# # +# fakenonexistent - Whether to pretend that a disabled command/mode # +# does not exist when executed/changed by a user. # +# Defaults to no. # +# # +# notifyopers - Whether to send a notice to snomask `a` when a user # +# is prevented from using a disabled command/mode. # +# Defaults to no. # +# # +#<disabled commands="KICK TOPIC" # +# chanmodes="kp" # +# usermodes="iw" # +# fakenonexistent="yes" # +# notifyopers="no"> # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # DNS blacklist module: Provides support for looking up IPs on one or # # more blacklists. # -#<module name="m_dnsbl.so"> # +#<module name="dnsbl"> +# # +# For configuration options please see the docs page for dnsbl at # +# https://docs.inspircd.org/3/modules/dnsbl. You can also use one or # +# more of the following example configs for popular DNSBLs: # # # -# For configuration options please see the wiki page for m_dnsbl at # -# https://wiki.inspircd.org/Modules/2.0/dnsbl # +# DroneBL (https://dronebl.org) # +#<include file="examples/providers/dronebl.conf.example"> +# # +# EFnet RBL (https://rbl.efnetrbl.org) # +#<include file="examples/providers/efnet-rbl.conf.example"> +# # +# dan.me.uk Tor exit node DNSBL (https://www.dan.me.uk/dnsbl) # +#<include file="examples/providers/torexit.conf.example"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Exempt channel operators module: Provides support for allowing # # users of a specified channel status to be exempt from some channel # -# restriction modes. Supported restrictions are # -# blockcaps, blockcolor, censor, filter, flood, nickflood, noctcp, # -# nonick, nonotice, regmoderated, stripcolor, and topiclock. # +# restriction modes. Supported restrictions are: # +# anticaps, auditorium-see, auditorium-vis, blockcaps, blockcolor, # +# censor, filter, flood, nickflood, noctcp, nonick, nonotice, # +# regmoderated, stripcolor, and topiclock. # # See <options:exemptchanops> in inspircd.conf.example for a more # # detailed list of the restriction modes that can be exempted. # -# These are settable using /mode #chan +X <restriction>:<status> # -#<module name="m_exemptchanops.so"> # +# These are settable using: /MODE #chan +X <restriction>:<status> # +# Furthermore, the exemptions configured in <options:exemptchanops> # +# can also be negated by using: /MODE #chan +X <restriction>:* # +#<module name="exemptchanops"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Filter module: Provides message filtering, similar to SPAMFILTER. # -#<module name="m_filter.so"> +#<module name="filter"> # # -# This module depends upon a regex provider such as m_regex_pcre or # -# m_regex_glob to function. You must specify which of these you want # -# m_filter to use via the tag below. # +# This module depends upon a regex provider such as regex_pcre or # +# regex_glob to function. You must specify which of these you want # +# the filter module to use via the tag below. # # # # Valid engines are: # # # -# glob - Glob patterns, provided via m_regex_glob. # -# pcre - PCRE regexps, provided via m_regex_pcre, needs libpcre. # -# tre - TRE regexps, provided via m_regex_tre, requires libtre. # -# posix - POSIX regexps, provided via m_regex_posix, not available # +# glob - Glob patterns, provided via regex_glob. # +# pcre - PCRE regexps, provided via regex_pcre, needs libpcre. # +# tre - TRE regexps, provided via regex_tre, requires libtre. # +# posix - POSIX regexps, provided via regex_posix, not available # # on Windows, no dependencies on other operating systems. # -# stdlib - stdlib regexps, provided via m_regex_stdlib, see comment # +# stdlib - stdlib regexps, provided via regex_stdlib, see comment # # at the <module> tag for info on availability. # # # -#<filteropts engine="glob"> # +# If notifyuser is set to no, the user will not be notified when # +# their message is blocked. # +# # +# If warnonselfmsg is set to yes when a user sends a message to # +# themself that matches a filter the filter will be ignored and a # +# warning will be sent to opers instead. This stops spambots which # +# send their spam message to themselves first to check if it is being # +# filtered by the server. # +#<filteropts engine="glob" notifyuser="yes" warnonselfmsg="no"> +# # +# Your choice of regex engine must match on all servers network-wide. # +# # +# To learn more about the configuration of this module, read # +# examples/filter.conf.example, which covers the various types of # +# filters and shows how to add exemptions. # # # -# Your choice of regex engine must match on all servers network-wide. -# -# You may specify specific channels that are exempt from being filtered: -#<exemptfromfilter channel="#blah"> -# #-#-#-#-#-#-#-#-#-#-#- FILTER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# Optional - If you specify to use the m_filter module, then # +# Optional - If you specify to use the filter module, then # # specify below the path to the filter.conf file, or define some # -# <filter> tags. # +# <keyword> tags. # # # -#<include file="conf/examples/filter.conf.example"> +#<include file="examples/filter.conf.example"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Gecos ban: Implements extended ban 'r', which stops anyone matching -# a mask like +b r:*realname?here* from joining a channel. -#<module name="m_gecosban.so"> +# Flash Policy Daemon module: Allows Flash IRC clients (e.g. LightIRC)# +# to connect. If no file is specified, it'll serve a default policy # +# allowing all IPs to connect to all plaintext IRC ports # +#<bind address="" port="8430" type="flashpolicyd"> # +#<flashpolicyd timeout="5" file=""> # +#<module name="flashpolicyd"> # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# GeoIP module: Allows the server admin to match users by country code. -# This module is in extras. Re-run configure with: -# ./configure --enable-extras=m_geoip.cpp -# and run make install, then uncomment this module to enable it. -# This module requires GeoIP to be installed on your system, -# use your package manager to find the appropriate packages -# or check the InspIRCd wiki page for this module. -#<module name="m_geoip.so"> -# -# The actual allow/ban actions are done by connect classes, not by the -# GeoIP module. An example connect class to ban people from russia or -# turkey: -# -# <connect deny="*" geoip="TR,RU"> -# -# The country code must be in capitals and should be an ISO country -# code such as TR, GB, or US. Unknown IPs (localhost, LAN IPs, etc) -# will be assigned the country code "UNK". Since connect classes are -# matched from top down, your deny classes must be above your allow -# classes for them to match. +# Real name ban: Implements two extended bans: # +# 'a', which matches a n!u@h+realname mask like +b a:*!*@host+*real* # +# 'r', which matches a realname mask like +b r:*realname?here* # +#<module name="gecosban"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Geolocation ban module: Adds support for extban 'G' which matches # +# against the ISO 3166-1 alpha-2 codes for the countries that users # +# are connecting from. Users connecting from unknown origins such as # +# internal networks can be matched against using the XX alpha-2 code. # +# A full list of ISO 3166-1 alpha-2 codes can be found at # +# https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 # +#<module name="geoban"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Geolocation connect class module: Adds support for limiting connect # +# classes to users from specific countries. With this module you can # +# specify a space-delimited list of two character the ISO 3166-1 # +# alpha-2 codes in the "country" field of a connect class. e.g. to # +# deny connections from users in Russia or Turkey: # +# # +# <connect deny="*" country="TR RU"> # +# # +# Users connecting from unknown origins such as internal networks can # +# be matched against using the XX alpha-2 code. A full list of ISO # +# 3166-1 alpha-2 codes can be found at # +# https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 # +#<module name="geoclass"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# MaxMindDB geolocation module: Provides geolocation information for # +# other modules that need it using the libMaxMindDB library. # +# # +# This module is in extras. Re-run configure with: # +# ./configure --enable-extras geo_maxmind +# and run make install, then uncomment this module to enable it. # +# # +# This module requires libMaxMindDB to be installed on your system. # +# Use your package manager to find the appropriate packages or check # +# the InspIRCd documentation page for this module. # +#<module name="geo_maxmind"> +# # +# If you use the geo_maxmind module you MUST provide a database file # +# to look up geolocation information in. You can either purchase this # +# from MaxMind at https://www.maxmind.com/en/geoip2-country-database # +# or use the free CC-BY-SA licensed GeoLite2 Country database which # +# can be downloaded at https://dev.maxmind.com/geoip/geoip2/geolite2/ # +#<maxmind file="GeoLite2-Country.mmdb"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Globops module: Provides the /GLOBOPS command and snomask +g. # This module is oper-only. # To use, GLOBOPS must be in one of your oper class blocks. -#<module name="m_globops.so"> +#<module name="globops"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Global load module: Allows loading and unloading of modules network- @@ -832,80 +1024,116 @@ # and /GRELOADMODULE. # To use, GLOADMODULE, GUNLOADMODULE and GRELOADMODULE # must be in one of your oper class blocks. -#<module name="m_globalload.so"> +#<module name="globalload"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Halfop module: Provides the +h (halfops) channel status mode. -# -# IMPORTANT: This module has been removed in the next major version of -# InspIRCd. You should use m_customprefix instead. -#<module name="m_halfop.so"> +# HAProxy module: Adds support for the HAProxy PROXY v2 protocol. To +# use this module specify hook="haproxy" in the <bind> tag that HAProxy +# has been configured to connect to. +#<module name="haproxy"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# HELPOP module: Provides the /HELPOP command. -#<module name="m_helpop.so"> +# HELPOP module: Provides the /HELPOP command +#<module name="helpop"> # #-#-#-#-#-#-#-#-#-#-#-#- HELPOP CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# If you specify to use the m_helpop.so module, then specify below # -# the path to the helpop.conf file. # -#<include file="conf/examples/helpop-full.conf.example"> +# If you specify to use the helpop module, then specify below the # +# path to the helpop.conf file. # +# # +#<include file="examples/helpop.conf.example"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Hide chans module: Allows users to hide their channels list from non- # opers by setting user mode +I on themselves. -#<module name="m_hidechans.so"> +#<module name="hidechans"> # # This mode can optionally prevent opers from seeing channels on a +I -# user, for more privacy if set to true. +# user, for more privacy if set to yes. # This setting is not recommended for most mainstream networks. -#<hidechans affectsopers="false"> +#<hidechans affectsopers="no"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Hide list module: Allows for hiding the list of listmodes from users +# who do not have sufficient channel rank. +#<module name="hidelist"> +# +# Each <hidelist> tag configures one listmode to hide. +# mode: Name of the listmode to hide. +# rank: Minimum rank required to view the list. If set to 0, all +# members of the channel may view the list, but non-members may not. +# The rank of the built-in op and voice mode is 30000 and 10000, +# respectively; the rank of other prefix modes is configurable. +# Defaults to 20000. +# +# Hiding the ban list is not recommended because it may break some +# clients. +# +# Hide filter (+g) list: +#<hidelist mode="filter" rank="30000"> +# Only show invite exceptions (+I) to channel members: +#<hidelist mode="invex" rank="0"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Hide mode module: Allows for hiding mode changes from users who do not +# have sufficient channel privileges. +#<module name="hidemode"> +# +# Hide bans (+b) from people who are not voiced: +#<hidemode mode="ban" rank="10000"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Hide oper module: Allows opers to hide their oper status from non- # opers by setting user mode +H on themselves. # This module is oper-only. -#<module name="m_hideoper.so"> +#<module name="hideoper"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Hostchange module: Allows a different style of cloaking. -#<module name="m_hostchange.so"> +#<module name="hostchange"> # #-#-#-#-#-#-#-#-#-#-#- HOSTCHANGE CONFIGURATION -#-#-#-#-#-#-#-#-#-# # # -# See https://wiki.inspircd.org/Modules/2.0/hostchange for help. # +# See https://docs.inspircd.org/3/modules/hostchange for help. # # # -#<host suffix="invalid.org" separator="." prefix=""> -#<hostchange mask="*@42.theanswer.example.org" action="addnick"> -#<hostchange mask="*root@*" action="suffix"> +#<hostchange mask="*@42.theanswer.example.org" action="addaccount" suffix=".users.example.com"> +#<hostchange mask="*root@*" action="addnick" prefix="example/users/"> #<hostchange mask="a@example.com" action="set" value="foo.bar.baz"> -#<hostchange mask="localhost" ports="7000,7001,7005-7007" action="set" value="blahblah.foo"> +#<hostchange mask="*@localhost" ports="7000,7001,7005-7007" action="set" value="blahblah.foo"> + +# hostcycle: If loaded, when a user gets a host or ident set, it will +# cycle them in all their channels. If not loaded it will simply change +# their host/ident without cycling them. +# This module is compatible with the ircv3_chghost module. Clients +# supporting the chghost extension will get the chghost message instead +# of seeing a host cycle. +#<module name="hostcycle"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # httpd module: Provides HTTP server support for InspIRCd. -#<module name="m_httpd.so"> +#<module name="httpd"> # #-#-#-#-#-#-#-#-#-#-#-#- HTTPD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # -# If you choose to use the m_httpd.so module, then you will need to add +# If you choose to use the httpd module, then you will need to add # a <bind> tag with type "httpd", and load at least one of the other -# m_httpd_* modules to provide pages to display. +# httpd_* modules to provide pages to display. # <bind address="127.0.0.1" port="8067" type="httpd"> -# <bind address="127.0.0.1" port="8097" type="httpd" ssl="gnutls"> +# <bind address="127.0.0.1" port="8097" type="httpd" sslprofile="Clients"> # # You can adjust the timeout for HTTP connections below. All HTTP -# connections will be closed after (roughly) this many seconds. +# connections will be closed after (roughly) this time period. #<httpd timeout="20"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# HTTP ACL module: Provides access control lists for m_httpd dependent +# HTTP ACL module: Provides access control lists for httpd dependent # modules. Use this module to restrict pages by IP address and by # password. -#<module name="m_httpd_acl.so"> +#<module name="httpd_acl"> # #-#-#-#-#-#-#-#-#-#-#-#- HTTPD ACL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # -# Restrict access to the m_httpd_stats module to all but the local +# Restrict access to the httpd_stats module to all but the local # network and when the correct password is specified: # <httpdacl path="/stats*" types="password,whitelist" # username="secrets" password="mypasshere" whitelist="127.0.0.*,10.*"> @@ -915,44 +1143,47 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # HTTP config module: Allows the server configuration to be viewed over -# HTTP via the /config path. Requires m_httpd.so to be loaded for it to -# function. +# HTTP via the /config path. Requires the httpd module to be loaded for +# it to function. # # IMPORTANT: This module exposes extremely sensitive information about # your server and users so you *MUST* protect it using a local-only -# <bind> tag and/or the m_httpd_acl.so module. See above for details. -#<module name="m_httpd_config.so"> +# <bind> tag and/or the httpd_acl module. See above for details. +#<module name="httpd_config"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # HTTP stats module: Provides server statistics over HTTP via the /stats -# path. Requires m_httpd.so to be loaded for it to function. +# path. Requires the httpd module to be loaded for it to function. # # IMPORTANT: This module exposes extremely sensitive information about # your server and users so you *MUST* protect it using a local-only -# <bind> tag and/or the m_httpd_acl.so module. See above for details. -#<module name="m_httpd_stats.so"> +# <bind> tag and/or the httpd_acl module. See above for details. +#<module name="httpd_stats"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Ident: Provides RFC 1413 ident lookup support. # When this module is loaded <connect:allow> tags may have an optional # useident="yes|no" boolean value, determining whether or not to lookup # ident on users matching that connect tag. -#<module name="m_ident.so"> +#<module name="ident"> # #-#-#-#-#-#-#-#-#-#-#-#- IDENT CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# Optional - If you are using the m_ident.so module, then you can # -# specify the timeout for ident lookups here. If not defined, it will # -# default to 5 seconds. This is a non-blocking timeout which holds # -# the user in a 'connecting' state until the lookup is complete. # -# The bind value indicates which IP to bind outbound requests to. # +# Optional - If you are using the ident module, then you can specify # +# the timeout for ident lookups here. If not defined, it will default # +# to 5 seconds. This is a non-blocking timeout which holds the user # +# in a 'connecting' state until the lookup is complete. # +# prefixunqueried: If yes, the idents of users in a connect class # +# with ident lookups disabled (i.e. <connect useident="no">) will be # +# prefixed with a "~". If no, the ident of those users will not be # +# prefixed. Default is no. # # -#<ident timeout="5"> +#<ident timeout="5" prefixunqueried="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Invite exception module: Adds support for channel invite exceptions # (+I). -#<module name="m_inviteexception.so"> +#<module name="inviteexception"> # bypasskey: If this is enabled, exceptions will bypass +k as well as +i #<inviteexception bypasskey="yes"> @@ -961,40 +1192,133 @@ # extended-join, away-notify and account-notify. These are optional # enhancements to the client-to-server protocol. An extension is only # active for a client when the client specifically requests it, so this -# module needs m_cap to work. +# module needs the cap module to work. # # Further information on these extensions can be found at the IRCv3 # working group website: -# http://ircv3.net/irc/ +# https://ircv3.net/irc/ # -#<module name="m_ircv3.so"> +#<module name="ircv3"> # The following block can be used to control which extensions are -# enabled. Note that extended-join can be incompatible with m_delayjoin +# enabled. Note that extended-join can be incompatible with delayjoin # and host cycling. -#<ircv3 accountnotify="on" awaynotify="on" extendedjoin="on"> +#<ircv3 accountnotify="yes" awaynotify="yes" extendedjoin="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Join flood module: Adds support for join flood protection +j X:Y. -# Closes the channel for 60 seconds if X users join in Y seconds. -#<module name="m_joinflood.so"> +# IRCv3 account-tag module. Adds the 'account' tag which contains the +# services account name of the message sender. +#<module name="ircv3_accounttag"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Jump server module: Adds support for the RPL_REDIR numeric. -# This module is oper-only. -# To use, JUMPSERVER must be in one of your oper class blocks. -# If your server is redirecting new clients and you get disconnected, -# do a REHASH from shell to open up again. -#<module name="m_jumpserver.so"> +# IRCv3 batch module: Provides the batch IRCv3 extension which allows +# the server to inform a client that a group of messages are related to +# each other. +#<module name="ircv3_batch"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 cap-notify module: Provides the cap-notify IRCv3 extension. +# Required for IRCv3 conformance. +#<module name="ircv3_capnotify"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 chghost module: Provides the chghost IRCv3 extension which +# allows capable clients to learn when the host/ident of another user +# changes without cycling the user. This module is compatible with the +# hostcycle module. If both are loaded, clients supporting the chghost +# extension will get the chghost message and won't see host cycling. +#<module name="ircv3_chghost"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 client-to-client tags module: Provides the message-tags IRCv3 +# extension which allows clients to add extra data to their messages. +# This is used to support new IRCv3 features such as replies and ids. +#<module name="ircv3_ctctags"> +# +# If you want to only allow client tags that are intended for processing +# by the server you can disable the following setting. Doing this is not +# recommended though as it may break clients. +#<ctctags allowclientonlytags="yes"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 echo-message module: Provides the echo-message IRCv3 +# extension which allows capable clients to get an acknowledgement when +# their messages are delivered and learn what modifications, if any, +# were applied to them. +#<module name="ircv3_echomessage"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 invite-notify module: Provides the invite-notify IRCv3 +# extension which notifies supporting clients when a user invites +# another user into a channel. This respects <options:announceinvites>. +#<module name="ircv3_invitenotify"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 labeled-response module: Provides the labeled-response IRCv3 +# extension which allows server responses to be associated with the +# client message which caused them to be sent. +#<module name="ircv3_labeledresponse"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 message id module: Provides the msgid IRCv3 extension which +# adds a unique identifier to each message when the message-tags cap +# has been requested. This enables support for modern features such as +# reactions and replies. +#<module name="ircv3_msgid"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 server-time module. Adds the 'time' tag which adds a timestamp +# to all messages received from the server. +#<module name="ircv3_servertime"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 Strict Transport Security module: Provides the sts IRCv3 +# extension which allows clients connecting insecurely to upgrade their +# connections to TLS. +#<module name="ircv3_sts"> +# +# If using the ircv3_sts module you MUST define a STS policy to send +# to clients using the <sts> tag. This tag takes the following +# attributes: +# +# host - A glob match for the SNI hostname to apply this policy to. +# duration - The amount of time that the policy lasts for. Defaults to +# five minutes by default. You should raise this to a month +# or two once you know that your config is valid. +# port - The port on which TLS connections to the server are being +# accepted. You MUST have a CA-verified certificate on this +# port. Self signed certificates are not acceptable. +# preload - Whether client developers can include your certificate in +# preload lists. +# +# <sts host="*.example.com" duration="5m" port="6697" preload="yes"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Join flood module: Adds support for join flood protection +j X:Y. +# Closes the channel for N seconds if X users join in Y seconds. +#<module name="joinflood"> +# +# duration: The number of seconds to close a channel for when it is +# being flooded with joins. +# +# bootwait: The number of seconds to disengage joinflood for after +# a server boots. This allows users to reconnect without +# being throttled by joinflood. +# +# splitwait: The number of seconds to disengage joinflood for after +# a server splits. This allows users to reconnect without +# being throttled by joinflood. +# +#<joinflood duration="1m" +# bootwait="30s" +# splitwait="30s"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Anti auto rejoin: Adds support for prevention of auto-rejoin (+J). -#<module name="m_kicknorejoin.so"> -# Set the maximum time that is accepted as a parameter for +J here. -#<kicknorejoin maxtime="1m"> +#<module name="kicknorejoin"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Knock module: Adds the /KNOCK command and channel mode +K. -#<module name="m_knock.so"> +#<module name="knock"> # # This setting specifies what to do when someone successfully /KNOCKs. # If set to "notice", then a NOTICE will be sent to the channel. @@ -1005,25 +1329,39 @@ # If set to "both" then (surprise!) both will be sent. #<knock notify="notice"> +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# LDAP module: Allows other SQL modules to access a LDAP database +# through a unified API. +# This modules is in extras. Re-run configure with: +# ./configure --enable-extras ldap +# and run make install, then uncomment this module to enable it. +# +#<module name="ldap"> +#<database module="ldap" id="ldapdb" server="ldap://localhost" binddn="cn=Manager,dc=inspircd,dc=org" bindauth="mysecretpass" searchscope="subtree"> +# The server parameter indicates the LDAP server to connect to. The # +# ldap:// style scheme before the hostname proper is MANDATORY. # +# # +# The binddn and bindauth indicate the DN to bind to for searching, # +# and the password for the distinguished name. Some LDAP servers will # +# allow anonymous searching in which case these two values do not # +# need defining, otherwise they should be set similar to the examples # +# above. # +# # +# The searchscope value indicates the subtree to search under. On our # +# test system this is 'subtree'. Your mileage may vary. # + #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # LDAP authentication module: Adds the ability to authenticate users # -# via LDAP. This is an extra module which must be enabled explicitly # -# by symlinking it from modules/extra, and requires the OpenLDAP libs # -# This module is in extras. To enable it, Re-run configure with: # -# ./configure --enable-extras=m_ldapauth.cpp # -# and run make install, then uncomment this module. # -#<module name="m_ldapauth.so"> +# via LDAP. # +#<module name="ldapauth"> # # # Configuration: # # # -# <ldapauth baserdn="ou=People,dc=brainbox,dc=cc" # +# <ldapauth dbid="ldapdb" # +# baserdn="ou=People,dc=brainbox,dc=cc" # # attribute="uid" # -# server="ldap://brainwave.brainbox.cc" # -# allowpattern="Guest*" # +# allowpattern="Guest* Bot*" # # killreason="Access denied" # -# searchscope="subtree" # -# binddn="cn=Manager,dc=brainbox,dc=cc" # -# bindauth="mysecretpass" # # verbose="yes" # # host="$uid.$ou.inspircd.org" # # useusername="no"> # @@ -1038,38 +1376,27 @@ # The attribute value indicates the attribute which is used to locate # # a user account by name. On POSIX systems this is usually 'uid'. # # # +# The allowpattern value allows you to specify a space separated list # +# of wildcard masks which will always be allowed to connect # +# regardless of if they have an account, for example guest and bot # +# users. # +# # # The useusername setting chooses whether the user's username or # # nickname is used when locating a user account, if a username isn't # # provided in PASS. # # # -# The server parameter indicates the LDAP server to connect to. The # -# ldap:// style scheme before the hostname proper is MANDATORY. # -# # -# The allowpattern value allows you to specify a wildcard mask which # -# will always be allowed to connect regardless of if they have an # -# account, for example guest users. # -# # # Killreason indicates the QUIT reason to give to users if they fail # # to authenticate. # # # -# The searchscope value indicates the subtree to search under. On our # -# test system this is 'subtree'. Your mileage may vary. # -# # # Setting the verbose value causes an oper notice to be sent out for # # every failed authentication to the server, with an error string. # # # -# The binddn and bindauth indicate the DN to bind to for searching, # -# and the password for the distinguished name. Some LDAP servers will # -# allow anonymous searching in which case these two values do not # -# need defining, otherwise they should be set similar to the examples # -# above. # -# # # ldapwhitelist indicates that clients connecting from an IP in the # # provided CIDR do not need to authenticate against LDAP. It can be # # repeated to whitelist multiple CIDRs. # # # # ldaprequire allows further filtering on the LDAP user, by requiring # -# certain LDAP attibutes to have a given value. It can be repeated, # +# certain LDAP attributes to have a given value. It can be repeated, # # in which case the list will act as an OR list, that is, the # # authentication will succeed if any of the requirements in the list # # is satisfied. # @@ -1083,25 +1410,18 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # LDAP oper configuration module: Adds the ability to authenticate # -# opers via LDAP. This is an extra module which must be enabled # -# explicitly by symlinking it from modules/extra, and requires the # -# OpenLDAP libs. Re-run configure with: # -# ./configure --enable-extras=m_ldapoper.cpp -# and run make install, then uncomment this module to enable it. # -#<module name="m_ldapoper.so"> +# opers via LDAP. # +#<module name="ldapoper"> # # # Configuration: # # # -# <ldapoper baserdn="ou=People,dc=brainbox,dc=cc" -# server="ldap://brainwave.brainbox.cc" -# searchscope="subtree" -# binddn="cn=Manager,dc=brainbox,dc=cc" -# bindauth="mysecretpass" +# <ldapoper dbid="ldapdb" +# baserdn="ou=People,dc=brainbox,dc=cc" # attribute="uid"> # # # Available configuration items are identical to the same items in # -# m_ldapauth above (except for the verbose setting, that is only # -# supported in m_ldapauth). # +# ldapauth above (except for the verbose setting, that is only # +# supported in ldapauth). # # Please always specify a password in your <oper> tags even if the # # opers are to be authenticated via LDAP, so in case this module is # # not loaded the oper accounts are still protected by a password. # @@ -1115,73 +1435,80 @@ # If your server is locked and you get disconnected, do a REHASH from # # shell to open up again. # # This module is oper-only. -#<module name="m_lockserv.so"> +#<module name="lockserv"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Map hiding module: replaces /MAP and /LINKS output to users with a # -# message to see a website, set by maphide="http://test.org/map" in # +# message to see a website, set by maphide="https://test.org/map" in # # the <security> tag, instead. # -#<module name="m_maphide.so"> +#<module name="maphide"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Message flood module: Adds message/notice flood protection via # channel mode +f. -#<module name="m_messageflood.so"> +#<module name="messageflood"> +# +# The weight to give each message type. TAGMSGs are considered to be +# 1/5 of a NOTICE or PRIVMSG to avoid users being accidentally flooded +# out of a channel by automatic client features such as typing +# notifications. +#<messageflood notice="1.0" privmsg="1.0" tagmsg="0.2"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # MLOCK module: Adds support for server-side enforcement of services # side MLOCKs. Basically, this module suppresses any mode change that # would likely be immediately bounced by services. -#<module name="m_mlock.so"> +#<module name="mlock"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# MsSQL module: Allows other SQL modules to access MS SQL Server -# through a unified API. -# This module is in extras. Re-run configure with: -# ./configure --enable-extras=m_mssql.cpp -# and run make install, then uncomment this module to enable it. -#<module name="m_mssql.so"> -# -#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# -# # -# m_mssql.so is more complex than described here, see wiki for more # -# info https://wiki.inspircd.org/Modules/2.0/mssql # +# Modenotice module: Adds the /MODENOTICE command that allows opers to +# send notices to all users having the given user mode(s) set. +#<module name="modenotice"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Monitor module: Adds support for MONITOR which is used by clients to +# maintain notify lists. +#<module name="monitor"> # -#<database module="mssql" name="db" user="user" pass="pass" host="localhost" id="db1"> +# Set the maximum number of entries on a user's monitor list below. +#<monitor maxentries="30"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # MySQL module: Allows other SQL modules to access MySQL databases # through a unified API. # This module is in extras. Re-run configure with: -# ./configure --enable-extras=m_mysql.cpp +# ./configure --enable-extras mysql # and run make install, then uncomment this module to enable it. -#<module name="m_mysql.so"> +#<module name="mysql"> # #-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # -# m_mysql.so is more complex than described here, see the wiki for # -# more: https://wiki.inspircd.org/Modules/2.0/mysql # +# mysql is more complex than described here, see the docs for more # +# info: https://docs.inspircd.org/3/modules/mysql # # #<database module="mysql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database2"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Named modes module: Allows for the display and set/unset of channel # modes via long-form mode names via +Z and the /PROP command. -# For example, to set a ban, do /mode #channel +Z ban=foo!bar@baz or +# For example, to set a ban, do /MODE #channel +Z ban=foo!bar@baz or # /PROP #channel ban=foo!bar@baz -#<module name="m_namedmodes.so"> +#<module name="namedmodes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# NAMESX module: Provides support for the NAMESX extension which allows -# clients to see all the prefixes set on a user without getting confused. -# This is supported by mIRC, x-chat, klient, and maybe more. -#<module name="m_namesx.so"> +# NAMESX module: Provides support for the IRCv3 multi-prefix capability +# and legacy NAMESX extension which allow clients to see all the prefix +# modes set on a user. +#<module name="namesx"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # National characters module: # 1) Allows using national characters in nicknames. # 2) Allows using custom (national) casemapping over the network. -#<module name="m_nationalchars.so"> +# +# This module is incredibly poorly written and documented. You should +# probably use the codepage module instead for 8-bit codepages. +#<module name="nationalchars"> # # file - Location of the file which contains casemapping rules. If this # is a relative path then it is relative to "<PWD>/../locales" @@ -1195,47 +1522,54 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Nickchange flood protection module: Provides channel mode +F X:Y # which allows up to X nick changes in Y seconds. -#<module name="m_nickflood.so"> +#<module name="nickflood"> +# +# The time period to prevent nick changes for: +#<nickflood duration="1m"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Nicklock module: Let opers change a user's nick and then stop that # user from changing their nick again until unlocked. # This module is oper-only. # To use, NICKLOCK and NICKUNLOCK must be in one of your oper class blocks. -#<module name="m_nicklock.so"> +#<module name="nicklock"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# No CTCP module: Adds the channel mode +C to block CTCPs and extban -# 'C' to block CTCPs sent by specific users. -#<module name="m_noctcp.so"> +# No CTCP module: Adds the channel mode +C and user mode +T to block +# CTCPs and extban 'C' to block CTCPs sent by specific users. +#<module name="noctcp"> +# +# The +T user mode is not enabled by default to enable link compatibility +# with 2.0 servers. You can enable it by uncommenting this: +#<noctcp enableumode="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No kicks module: Adds the +Q channel mode and the Q: extban to deny # certain users from kicking. -#<module name="m_nokicks.so"> +#<module name="nokicks"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No nicks module: Adds the +N channel mode, as well as the 'N' extban. # +N stops all users from changing their nick, the N extban stops # anyone from matching a +b N:nick!user@host mask from changing their # nick. -#<module name="m_nonicks.so"> +#<module name="nonicks"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No part message module: Adds extban 'p' to block part messages from # # matching users. # -#<module name="m_nopartmsg.so"> +#<module name="nopartmsg"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No notice module: Adds the channel mode +T and the extban 'T' to # block specific users from noticing the channel. -#<module name="m_nonotice.so"> +#<module name="nonotice"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Network business join module: # Allows an oper to join a channel using /OJOIN, giving them +Y on the -# channel which makes them immune to kick/deop/etc. -#<module name="m_ojoin.so"> +# channel which makes them immune to kicks. +#<module name="ojoin"> # # Specify the prefix that +Y will grant here. # Leave 'prefix' empty if you do not wish +Y to grant a prefix. @@ -1247,19 +1581,20 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper channels mode: Adds the +O channel mode and extban O:<mask> # to ban, except, etc. specific oper types. For example -# /mode #channel +iI O:* is equivalent to channel mode +O, but you +# /MODE #channel +iI O:* is equivalent to channel mode +O, but you # may also set +iI O:AdminTypeOnly to only allow admins. # Modes +I and +e work in a similar fashion. -#<module name="m_operchans.so"> +#<module name="operchans"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper join module: Auto-joins opers to a channel upon oper-up. -# This module is oper-only. For the user equivalent, see m_conn_join. -#<module name="m_operjoin.so"> +# This module is oper-only. For the user equivalent, see the conn_join +# module. +#<module name="operjoin"> # #-#-#-#-#-#-#-#-#-#-# OPERJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# If you are using the m_operjoin.so module, specify options here: # +# If you are using the operjoin module, specify options here: # # # # channel - The channel name to join, can also be a comma # # separated list e.g. "#channel1,#channel2". # @@ -1279,74 +1614,82 @@ # type "m_operlog" at default loglevel), and optionally to the 'r' # snomask. # This module is oper-only. -#<module name="m_operlog.so"> +#<module name="operlog"> # # If the following option is on then all oper commands will be sent to -# the snomask 'r'. The default is off. -#<operlog tosnomask="off"> +# the snomask 'r'. The default is no. +#<operlog tosnomask="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper prefixing module: Adds a channel prefix mode +y which is given -# to all IRC operators automatically on all channels they are in. +# to all server operators automatically on all channels they are in. # This prefix mode is more powerful than channel op and other regular # prefix modes. # -# Load this module if you want all your IRC operators to have channel -# operator powers. -#<module name="m_operprefix.so"> +# Load this module if you want all your server operators to have +# channel operator powers. +#<module name="operprefix"> # # You may additionally customise the prefix character. #<operprefix prefix="!"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Oper MOTD module: Provides support for separate message of the day +# Oper MOTD module: Provides support for a separate message of the day # on oper-up. # This module is oper-only. -#<module name="m_opermotd.so"> +#<module name="opermotd"> # #-#-#-#-#-#-#-#-#-#-# OPERMOTD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# If you are using the m_opermotd.so module, specify the motd here. # +# If you are using the opermotd module, specify the motd file here. # # # # onoper - If on, the message is sent on /OPER, otherwise it's # # only sent when /OPERMOTD is used. # # # -# processcolors - Allow color codes to be processed in the opermotd. # -# Read the comment above <connect:allowmotdcolors> in # -# inspircd.conf.example for details. # -# # -#<opermotd file="conf/examples/opermotd.txt.example" onoper="yes" processcolors="false"> +#<opermotd file="examples/opermotd.txt.example" onoper="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Override module: Adds support for oper override. # This module is oper-only. -#<module name="m_override.so"> +#<module name="override"> # #-#-#-#-#-#-#-#-#-#-# OVERRIDE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# m_override.so is too complex it describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/override # +# Much of override's configuration relates to your oper blocks. # +# For more information on how to allow opers to override, see: # +# https://docs.inspircd.org/3/modules/override # +# # +# noisy - If enabled, all oper overrides will be announced # +# via channel notice. # +# # +# requirekey - If enabled, overriding on join requires a channel # +# key of "override" to be specified. # +# # +# enableumode - If enabled, user mode +O is required for override. # +# # +#<override noisy="yes" requirekey="no" enableumode="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper levels module: Gives each oper a level and prevents actions # being taken by lower level opers against higher level opers. # Specify the level as the 'level' parameter of the <type> tag. # This module is oper-only. -#<module name="m_operlevels.so"> +#<module name="operlevels"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper modes module: Allows you to specify modes to add/remove on oper. # Specify the modes as the 'modes' parameter of the <type> tag # and/or as the 'modes' parameter of the <oper> tag. -# This module is oper-only. For the user equivalent, see m_conn_umodes. -#<module name="m_opermodes.so"> +# This module is oper-only. For the user equivalent, see the +# conn_umodes module. +#<module name="opermodes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Password forwarding module: Forwards a password users can send on # connect to the specified client below. The client is usually NickServ # and this module is usually used to authenticate users with NickServ # using their connect password. -#<module name="m_passforward.so"> +#<module name="passforward"> <passforward # nick: nick to forward connect passwords to. @@ -1360,12 +1703,12 @@ # cmd: Command for the user to run when it receives a connect # password. - cmd="PRIVMSG $nickrequired :IDENTIFY $pass"> + cmd="SQUERY $nickrequired :IDENTIFY $pass"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Password hash module: Allows hashed passwords to be used. -# To be useful, a hashing module like m_sha256.so also needs to be loaded. -#<module name="m_password_hash.so"> +# To be useful, a hashing module like bcrypt also needs to be loaded. +#<module name="password_hash"> # #-#-#-#-#-#-#-#-#-# PASSWORD HASH CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-# # @@ -1374,17 +1717,33 @@ # # <oper name="Brain" # host="ident@dialup15.isp.test.com" -# hash="sha256" -# password="01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b" +# hash="bcrypt" +# password="$2a$10$Mss9AtHHslZTLBrXqM0FB.JBwD.UTSu8A48SfrY9exrpxbsRiRTbO" # type="NetAdmin"> # -# Starting from 2.0, you can use a more secure salted hash that prevents simply -# looking up the hash's value in a rainbow table built for the hash. +# If you are using a hash algorithm which does not perform salting you can use +# HMAC to salt your passwords in order to prevent them from being looked up in +# a rainbow table. +# # hash="hmac-sha256" password="lkS1Nbtp$CyLd/WPQXizsbxFUTqFRoMvaC+zhOULEeZaQkUJj+Gg" # # Generate hashes using the /MKPASSWD command on the server. # Don't run it on a server you don't trust with your password. +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# PBKDF2 module: Allows other modules to generate PBKDF2 hashes, +# usually for cryptographic uses and security. +# This module relies on other hash providers (e.g. SHA256). +#<module name="pbkdf2"> +# +# iterations: Iterations the hashing function runs when generating new +# hashes. +# length: Length in bytes of the derived key. +#<pbkdf2 iterations="12288" length="32"> +# You can override these values with specific values +# for specific providers if you want to. Example given for SHA256. +#<pbkdf2prov hash="sha256" iterations="24576"> + #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Permanent channels module: Channels with the permanent channel mode # will remain open even after everyone else has left the channel, and @@ -1392,89 +1751,96 @@ # channels -may- need support from your Services package to function # properly with them. This adds channel mode +P. # This module is oper-only. -#<module name="m_permchannels.so"> +#<module name="permchannels"> # -# If you like, m_permchannels can write a config file of permanent channels +# If you like, this module can write a config file of permanent channels # whenever +P is set, unset, or the topic/modes on a +P channel is changed. # If you want to do this, set the filename below, and uncomment the include. # -# If 'listmodes' is true then all list modes (+b, +I, +e, +g...) will be -# saved. Defaults to false. -#<permchanneldb filename="data/permchannels.conf" listmodes="true"> -#<include file="data/permchannels.conf"> +# If 'listmodes' is yes then all list modes (+b, +I, +e, +g...) will be +# saved. Defaults to no. +# +# 'saveperiod' determines how often to check if the database needs to be +# saved to disk. Defaults to every five seconds. +#<permchanneldb filename="permchannels.conf" +# listmodes="yes" +# saveperiod="5s"> +#<include file="permchannels.conf"> # # You may also create channels on startup by using the <permchannels> block. -# Don't forget to set them +P in the modes, or they won't stay permanent. #<permchannels channel="#opers" modes="isP" topic="Opers only."> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # PostgreSQL module: Allows other SQL modules to access PgSQL databases # through a unified API. # This module is in extras. Re-run configure with: -# ./configure --enable-extras=m_pgsql.cpp +# ./configure --enable-extras pgsql # and run make install, then uncomment this module to enable it. -#<module name="m_pgsql.so"> +#<module name="pgsql"> # #-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # -# m_pgsql.so is more complex than described here, see the wiki for # -# more: https://wiki.inspircd.org/Modules/2.0/pgsql # +# pgsql is more complex than described here, see the docs for # +# more: https://docs.inspircd.org/3/modules/pgsql # # #<database module="pgsql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database" ssl="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Muteban: Implements extended ban 'm', which stops anyone matching # a mask like +b m:nick!user@host from speaking on channel. -#<module name="m_muteban.so"> +#<module name="muteban"> +# +# If notifyuser is set to no, the user will not be notified when +# their message is blocked. +#<muteban notifyuser="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Random quote module: Provides a random quote on connect. # NOTE: Some of these may mimic fatal errors and confuse users and # opers alike - BEWARE! -#<module name="m_randquote.so"> +#<module name="randquote"> # #-#-#-#-#-#-#-#-#-#- RANDOMQUOTES CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# Optional - If you specify to use the m_randquote.so module, then # -# specify below the path to the quotes file. # +# Optional - If you specify to use the randquote module, then specify # +# below the path to the quotes file. # # # #<randquote file="quotes.txt"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Redirect module: Adds channel redirection mode +L. # -# Optional: <redirect:antiredirect> to add usermode +L to stop forced # -# redirection and instead print an error. # -# # -# Note: You can not update this with a simple rehash, it requires # -# reloading the module for it to take effect. # -# This also breaks linking to servers that do not have the option. # -# This defaults to false for the 2.0 version, it will be enabled in # -# all the future versions. # -#<module name="m_redirect.so"> -#<redirect antiredirect="true"> +# Redirect module: Adds channel mode +L which redirects users to # +# another channel when the channel has reached its user limit and # +# user mode +L which stops redirection. # +#<module name="redirect"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for glob or wildcard (?/*) matching. -# You must have at least 1 provider loaded to use m_filter or m_rline +# You must have at least 1 provider loaded to use the filter or R-line # modules. This module has no additional requirements, as it uses the # matching already present in InspIRCd core. -#<module name="m_regex_glob.so"> +#<module name="regex_glob"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for PCRE (Perl-Compatible Regular # Expressions). You need libpcre installed to compile and load this -# module. You must have at least 1 provider loaded to use m_filter or -# m_rline. -#<module name="m_regex_pcre.so"> +# module. You must have at least 1 provider loaded to use the filter or +# R-line modules. +#<module name="regex_pcre"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Regular Expression Provider for RE2 Regular Expressions. +# You need libre2 installed and in your include/library paths in order +# to compile and load this module. +#<module name="regex_re2"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for POSIX regular expressions. # You shouldn't need any additional libraries on a POSIX-compatible # system (i.e.: any Linux, BSD, but not Windows). You must have at -# least 1 provider loaded to use m_filter or m_rline. +# least 1 provider loaded to use the filter or R-line modules. # On POSIX-compliant systems, regex syntax can be found by using the # command: 'man 7 regex'. -#<module name="m_regex_posix.so"> +#<module name="regex_posix"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for C++11 std::regex regular expressions. @@ -1484,7 +1850,7 @@ # You should verify that std::regex is supported by your setup before # using this module, as it may compile normally but won't do anything # on some implementations. -#<module name="m_regex_stdlib.so"> +#<module name="regex_stdlib"> # # Specify the regular expression engine to use here. Valid settings are # bre, ere, awk, grep, egrep, ecmascript (default if not specified). @@ -1496,127 +1862,180 @@ # if you are most familiar with the syntax of /SPAMFILTER from there, # this is the provider you want. You need libtre installed in order # to compile and load this module. -#<module name="m_regex_tre.so"> +#<module name="regex_tre"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Registered users only channel creation module. If enabled, only -# registered users and opers can create new channels. +# Remove module: Adds the /REMOVE command which is a peaceful +# alternative to /KICK. It also provides the /FPART command which works +# in the same way as /REMOVE. +#<module name="remove"> +# +# supportnokicks: If yes, /REMOVE is not allowed on channels where the +# nokicks (+Q) mode is set. Defaults to no. +# protectedrank: Members having this rank or above may not be /REMOVE'd +# by anyone. Set to 0 to disable this feature. Defaults to 50000. +#<remove supportnokicks="yes" protectedrank="50000"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Repeat module: Allows to block, kick or ban upon similar messages +# being uttered several times. Provides channel mode +E. +# +# Syntax: [~|*]<lines>:<sec>[:<difference>][:<backlog>] +# ~ is to block, * is to ban, default is kick. +# lines - In mode 1, the amount of lines that has to match consecutively. +# In mode 2, the size of the backlog to keep for matching. +# seconds - How old the message has to be before it's invalidated. +# difference - Edit distance, in percent, between two strings to trigger on. +# backlog - When set, the function goes into mode 2. In this mode the +# function will trigger if this many of the last <lines> matches. +# +# As this module can be rather CPU-intensive, it comes with some options. +# maxbacklog - Maximum size that can be specified for backlog. 0 disables +# multiline matching. +# maxdistance - Max percentage of difference between two lines we'll allow +# to match. Set to 0 to disable edit-distance matching. +# maxlines - Max lines of backlog to match against. +# maxtime - Maximum period of time a user can set. 0 to allow any. +# size - Maximum number of characters to check for, can be used to +# truncate messages before they are checked, resulting in +# less CPU usage. Increasing this beyond 512 doesn't have +# any effect, as the maximum length of a message on IRC +# cannot exceed that. +# kickmessage - Kick message when * is specified +#<repeat maxbacklog="20" +# maxdistance="50" +# maxlines="20" +# maxtime="0s" +# size="512" +# kickmessage="Repeat flood"> +#<module name="repeat"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Restricted channels module: Allows only opers with the +# channels/restricted-create priv and/or registered users to +# create channels. # # You probably *DO NOT* want to load this module on a public network. # -#<module name="m_regonlycreate.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Remove module: Adds the /REMOVE command which is a peaceful -# alternative to /KICK. -#<module name="m_remove.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Restricted channels module: Allows only opers to create channels. +#<module name="restrictchans"> # -# You probably *DO NOT* want to load this module on a public network. +# allowregistered: should registered users be allowed to bypass the restrictions? +#<restrictchans allowregistered="no"> # -#<module name="m_restrictchans.so"> +# Allow any channel matching #user-* to be created, bypassing restrictchans checks +#<allowchannel name="#user-*"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Restrict message module: Allows users to only message opers. # # You probably *DO NOT* want to load this module on a public network. # -#<module name="m_restrictmsg.so"> -# -# Uncomment this to allow users to message ulines (e.g. services): -#<restrictmsg uline="yes"> +#<module name="restrictmsg"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# R-Line module: Ban users through regular expression patterns. -#<module name="m_rline.so"> +# R-line module: Ban users through regular expression patterns. +#<module name="rline"> # #-#-#-#-#-#-#-#-#-#-#-#- RLINE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # If you wish to re-check a user when they change nickname (can be # useful under some situations, but *can* also use CPU with more users # on a server) then set 'matchonnickchange' to yes. +# If you additionally want Z-lines to be added on matches, then +# set 'zlineonmatch' to yes. # Also, this is where you set what Regular Expression engine is to be -# used. If you ever change it while running, all of your R-Lines will -# be wiped. This is the regex engine used by all R-Lines set, and -# m_regex_<engine>.so must be loaded, or rline will be non-functional +# used. If you ever change it while running, all of your R-lines will +# be wiped. This is the regex engine used by all R-lines set, and +# regex_<engine> must be loaded, or rline will be non-functional # until you load it or change the engine to one that is loaded. # -#<rline matchonnickchange="yes" engine="pcre"> +#<rline matchonnickchange="yes" zlineonmatch="no" engine="pcre"> # -# Generally, you will NOT want to use 'glob' here, as this turns -# rline into just another gline. The exceptions are that rline will +# Generally, you will NOT want to use 'glob' here, as this turns an +# R-line into just another G-line. The exceptions are that R-lines will # always use the full "nick!user@host realname" string, rather than only # user@host, but beware that only the ? and * wildcards are available, # and are the only way to specify where the space can occur if you do # use glob. For this reason, is recommended to use a real regex engine # so that at least \s or [[:space:]] is available. +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# RMODE module: Adds the /RMODE command. +# Allows channel operators to remove list modes en masse, optionally +# matching a glob-based pattern. +# Syntax: /RMODE <channel> <mode> [<pattern>] +# E.g. '/RMODE #channel b m:*' will remove all mute extbans on the channel. +#<module name="rmode"> + #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAJOIN module: Adds the /SAJOIN command which forcibly joins a user # to the given channel. # This module is oper-only. # To use, SAJOIN must be in one of your oper class blocks. -#<module name="m_sajoin.so"> +# Opers need the users/sajoin-others priv to be able to /SAJOIN users +# other than themselves. +#<module name="sajoin"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAKICK module: Adds the /SAKICK command which kicks a user from the # given channel. # This module is oper-only. # To use, SAKICK must be in one of your oper class blocks. -#<module name="m_sakick.so"> +#<module name="sakick"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAMODE module: Adds the /SAMODE command which allows server operators # to change modes on a channel without requiring them to have any -# channel priviliges. Also allows changing user modes for any user. +# channel privileges. Also allows changing user modes for any user. # This module is oper-only. # To use, SAMODE must be in one of your oper class blocks. -#<module name="m_samode.so"> +#<module name="samode"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SANICK module: Adds the /SANICK command which allows opers to change # users' nicks. # This module is oper-only. # To use, SANICK must be in one of your oper class blocks. -#<module name="m_sanick.so"> +#<module name="sanick"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAPART module: Adds the /SAPART command which forcibly parts a user # from a channel. # This module is oper-only. # To use, SAPART must be in one of your oper class blocks. -#<module name="m_sapart.so"> +#<module name="sapart"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAQUIT module: Adds the /SAQUIT command which forcibly quits a user. # This module is oper-only. # To use, SAQUIT must be in one of your oper class blocks. -#<module name="m_saquit.so"> +#<module name="saquit"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SATOPIC module: Adds the /SATOPIC command which allows changing the -# topic on a channel without requiring any channel priviliges. +# topic on a channel without requiring any channel privileges. # This module is oper-only. # To use, SATOPIC must be in one of your oper class blocks. -#<module name="m_satopic.so"> +#<module name="satopic"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SASL authentication module: Provides support for IRC Authentication -# Layer via AUTHENTICATE. Note: You also need to have m_cap.so loaded +# Layer via AUTHENTICATE. Note: You also need to have cap loaded # for SASL to work. -#<module name="m_sasl.so"> -# Define the following to your services server name to improve security -# by ensuring the SASL messages are only sent to the services server -# and not to all connected servers. This prevents a rogue server from -# capturing SASL messages. -#<sasl target="services.mynetwork.com"> +#<module name="sasl"> + +# You must define <sasl:target> to the name of your services server so +# that InspIRCd knows where to send SASL authentication messages and +# when it should enable the SASL capability. +# You can also define <sasl:requiressl> to require users to use TLS (SSL) +# in order to be able to use SASL. +#<sasl target="services.mynetwork.com" +# requiressl="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Secure list module: Prevent /LIST in the first minute of connection, # crippling most spambots and trojan spreader bots. -#<module name="m_securelist.so"> +#<module name="securelist"> # #-#-#-#-#-#-#-#-#-# SECURELIST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # @@ -1624,33 +2043,42 @@ # securelist blocking these sites from listing, define exception tags # # as shown below: # #<securehost exception="*@*.netsplit.de"> -#<securehost exception="*@*.ircdriven.com"> -#<securehost exception="*@*.ircs.me"> # # -# Define the following variable to change how long a user must wait # -# before issuing a LIST. If not defined, defaults to 60 seconds. # +# exemptregistered - Whether the waiting period applies to users who # +# are logged in to a services account. # +# Defaults to no. # +# # +# showmsg - Whether to tell users that they need to wait for a while # +# before they can use the /LIST command. # +# Defaults to no. # # # -#<securelist waittime="60"> # +# waittime - The time period that a user must be connected for before # +# they can use the /LIST command. # +# Defaults to 1 minute. # +# # +#<securelist exemptregistered="yes" +# showmsg="yes" +# waittime="1m"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Servprotect module: Provides support for Austhex style +k / # UnrealIRCD +S services mode. -#<module name="m_servprotect.so"> +#<module name="servprotect"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # See nicks module: Adds snomask +n and +N which show local and remote # nick changes. # This module is oper-only. -#<module name="m_seenicks.so"> +#<module name="seenicks"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Set idle module: Adds a command for opers to change their idle time. # This module is oper-only. # To use, SETIDLE must be in one of your oper class blocks. -#<module name="m_setidle.so"> +#<module name="setidle"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Services support module: Adds several usermodes such as +R and +M. +# Services support module: Adds several user modes such as +R and +M. # This module implements the 'identified' state via account names, # and is similar in operation to the way asuka and ircu handle services. # @@ -1662,39 +2090,89 @@ # +b R: (stop matching account names from joining) # +b U:n!u@h (blocks matching unregistered users) # -#<module name="m_services_account.so"> +#<module name="services_account"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Sethost module: Adds the /SETHOST command. # This module is oper-only. # To use, SETHOST must be in one of your oper class blocks. -# See m_chghost for how to customise valid chars for hostnames. -#<module name="m_sethost.so"> +# See the chghost module for how to customise valid chars for hostnames. +#<module name="sethost"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Setident module: Adds the /SETIDENT command. # This module is oper-only. # To use, SETIDENT must be in one of your oper class blocks. -#<module name="m_setident.so"> +#<module name="setident"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SETNAME module: Adds the /SETNAME command. -#<module name="m_setname.so"> +#<module name="setname"> +# +#-#-#-#-#-#-#-#-#-#-#-#- SETNAME CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# +# # +# operonly - Whether the SETNAME command should only be usable by # +# server operators. Defaults to no. # +# # +# notifyopers - Whether to send a snotice to snomask `a` when a user # +# changes their real name. Defaults to to yes if # +# oper-only and no if usable by everyone. # +# # +#<setname notifyopers="yes" +# operonly="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Serverban: Implements extended ban 's', which stops anyone connected # to a server matching a mask like +b s:server.mask.here from joining. -#<module name="m_serverban.so"> +# Wildcards are accepted. +#<module name="serverban"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# SHA1 module: Allows other modules to generate SHA1 hashes. +# Required by the WebSocket module. +#<module name="sha1"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Show whois module: Adds the +W usermode which allows opers to see +# Showfile: Provides support for showing a text file to users when # +# they enter a command. # +# This module adds one command for each <showfile> tag that shows the # +# given file to the user as a series of messages or numerics. # +#<module name="showfile"> +# # +#-#-#-#-#-#-#-#-#-#-# SHOWFILE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# +# # +# name - The name of the command which displays this file. This is # +# the only mandatory setting, all others are optional. # +# file - The text file to be shown to the user. # +# By default same as the command name. # +# method - How should the file be shown? # +# * numeric: Send contents using a numeric # +# (similar to /MOTD; the default). # +# * notice: Send contents as a series of notices. # +# * msg: Send contents as a series of private messages. # +# # +# When using the method "numeric", the following extra settings are # +# available: # +# # +# introtext - Introductory line, "Showing <name>" by default. # +# intronumeric - Numeric used for the introductory line. # +# numeric - Numeric used for sending the text itself. # +# endtext - Ending line, "End of <name>" by default. # +# endnumeric - Numeric used for the ending line. # +# # +#<showfile name="RULES" +# file="rules.txt" +# introtext="Server rules:" +# endtext="End of server rules."> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Show whois module: Adds the +W user mode which allows opers to see # when they are /WHOIS'd. # This module is oper-only by default. -#<module name="m_showwhois.so"> +#<module name="showwhois"> # # If you wish, you may also let users set this mode. Only opers with the -# users/auspex priv will see real hosts of people, though. This setting -# is not reloadable via /REHASH, changing it requires /RELOADMODULE. +# users/auspex priv will see real hosts of people, though. #<showwhois opersonly="yes" # # You may also set whether or not users should receive whois notices, @@ -1706,91 +2184,140 @@ # executing all except configured commands. # This module is oper-only. # To use, SHUN must be in one of your oper class blocks. -#<module name="m_shun.so"> +#<module name="shun"> +# +# Configuration: # -# You may also configure which commands you wish a user to be able to -# perform when shunned. It should be noted that if a shunned user -# issues QUIT or PART then their message will be removed, as if they -# did not issue one. +# affectopers: Whether server operators are exempt from shuns. This +# option is deprecated; you should instead give exempt +# server operators the servers/ignore-shun privilege. +# +# allowconnect: Whether to only apply shuns to users who are fully +# connected to the server. +# +# allowtags: Whether to allow client tags to be attached to enabled +# commands. +# +# cleanedcommands: The commands that, if enabled, should be cleaned +# of any message content if a shunned user tries to +# execute them. +# +# enabledcommands: The commands that a shunned user is allowed to +# execute. +# +# notifyuser: Whether to notify shunned users that a command they tried +# to execute has been blocked. +# +#<shun enabledcommands="ADMIN OPER PING PONG QUIT PART JOIN" +# cleanedcommands="AWAY PART QUIT" +# affectopers="no" +# allowconnect="no" +# allowtags="no" +# notifyuser="yes"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# SSL mode module: Adds support for TLS (SSL)-only channels via the '+z' +# channel mode, TLS (SSL)-only private messages via the '+z' user mode and +# the 'z:' extban which matches TLS (SSL) client certificate fingerprints. # -# You can optionally let the user know that their command was blocked. +# Does not do anything useful without a working TLS (SSL) module and the +# sslinfo module (see below). +#<module name="sslmodes"> # -# You may also let SHUN affect opers (defaults to no). -#<shun enabledcommands="ADMIN PING PONG QUIT PART JOIN" notifyuser="yes" affectopers="no"> +# The +z user mode is not enabled by default to enable link compatibility +# with 2.0 servers. You can enable it by uncommenting this: +#<sslmodes enableumode="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# SSL channel mode module: Adds support for SSL-only channels via -# channel mode +z and the 'z' extban which matches SSL client -# certificate fingerprints. -# Does not do anything useful without a working SSL module and the -# m_sslinfo module (see below). -#<module name="m_sslmodes.so"> +# SSL rehash signal module: Allows the TLS (SSL) modules to be rehashed by +# sending SIGUSR1 to a running InspIRCd process. +# This module is in extras. Re-run configure with: +# ./configure --enable-extras sslrehashsignal +# and run make install, then uncomment this module to enable it. +#<module name="sslrehashsignal"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# GnuTLS SSL module: Adds support for SSL connections using GnuTLS, +# GnuTLS SSL module: Adds support for TLS (SSL) connections using GnuTLS, # if enabled. You must answer 'yes' in ./configure when asked or # manually symlink the source for this module from the directory # src/modules/extra, if you want to enable this, or it will not load. -#<module name="m_ssl_gnutls.so"> +#<module name="ssl_gnutls"> # #-#-#-#-#-#-#-#-#-#-#- GNUTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# m_ssl_gnutls.so is too complex to describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/ssl_gnutls # +# ssl_gnutls is too complex to describe here, see the docs: # +# https://docs.inspircd.org/3/modules/ssl_gnutls # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SSL info module: Allows users to retrieve information about other -# users' peer SSL certificates and keys. This can be used by client -# scripts to validate users. For this to work, one of m_ssl_gnutls.so -# or m_ssl_openssl.so must be loaded. This module also adds the -# "* <user> is using a secure connection" whois line, the ability for -# opers to use SSL fingerprints to verify their identity and the -# ability to force opers to use SSL connections in order to oper up. -# It is highly recommended to load this module if you use SSL on your -# network. -# For how to use the oper features, please see the first example <oper> tag -# in opers.conf.example. +# users' peer TLS (SSL) certificates and keys via the SSLINFO command. +# This can be used by client scripts to validate users. For this to +# work, one of ssl_gnutls, ssl_mbedtls or ssl_openssl must be loaded. +# This module also adds the "<user> is using a secure connection" +# and "<user> has TLS (SSL) client certificate fingerprint <fingerprint>" +# WHOIS lines, the ability for opers to use TLS (SSL) cert fingerprints to +# verify their identity and the ability to force opers to use TLS (SSL) +# connections in order to oper up. It is highly recommended to load +# this module if you use TLS (SSL) on your network. +# For how to use the oper features, please see the first +# example <oper> tag in opers.conf.example. +# +#<module name="sslinfo"> # -#<module name="m_sslinfo.so"> +# If you want to prevent users from viewing TLS (SSL) certificate information +# and fingerprints of other users, set operonly to yes. +#<sslinfo operonly="no"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# mbedTLS TLS (SSL) module: Adds support for TLS (SSL) connections using mbedTLS. +#<module name="ssl_mbedtls"> +# +#-#-#-#-#-#-#-#-#-#-#- MBEDTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# +# # +# ssl_mbedtls is too complex to describe here, see the docs: # +# https://docs.inspircd.org/3/modules/ssl_mbedtls # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# OpenSSL SSL module: Adds support for SSL connections using OpenSSL, +# OpenSSL TLS (SSL) module: Adds support for TLS (SSL) connections using OpenSSL, # if enabled. You must answer 'yes' in ./configure when asked or symlink # the source for this module from the directory src/modules/extra, if # you want to enable this, or it will not load. -#<module name="m_ssl_openssl.so"> +#<module name="ssl_openssl"> # #-#-#-#-#-#-#-#-#-#-#- OPENSSL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# m_ssl_openssl.so is too complex to describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/ssl_openssl # +# ssl_openssl is too complex to describe here, see the docs: # +# https://docs.inspircd.org/3/modules/ssl_openssl # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Strip color module: Adds channel mode +S that strips mIRC color -# codes from all messages sent to the channel. -#<module name="m_stripcolor.so"> +# Strip color module: Adds channel mode +S that strips color codes and +# all control codes except CTCP from all messages sent to the channel. +#<module name="stripcolor"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Silence module: Adds support for the /SILENCE command, which allows # users to have a server-side ignore list for their client. -#<module name="m_silence.so"> +#<module name="silence"> # # Set the maximum number of entries allowed on a user's silence list. -#<silence maxentries="32"> +#<silence maxentries="32" +# +# Whether messages from U-lined servers will bypass silence masks. +#exemptuline="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SQLite3 module: Allows other SQL modules to access SQLite3 # # databases through a unified API. # # This module is in extras. Re-run configure with: # -# ./configure --enable-extras=m_sqlite3.cpp +# ./configure --enable-extras sqlite3 # and run make install, then uncomment this module to enable it. # # -#<module name="m_sqlite3.so"> +#<module name="sqlite3"> # #-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # -# m_sqlite.so is more complex than described here, see the wiki for # -# more: https://wiki.inspircd.org/Modules/2.0/sqlite3 # +# sqlite is more complex than described here, see the docs for more # +# info: https://docs.inspircd.org/3/modules/sqlite3 # # #<database module="sqlite" hostname="/full/path/to/database.db" id="anytext"> @@ -1798,85 +2325,90 @@ # SQL authentication module: Allows IRCd connections to be tied into # a database table (for example a forum). # -#<module name="m_sqlauth.so"> +#<module name="sqlauth"> # #-#-#-#-#-#-#-#-#-#-#- SQLAUTH CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# m_sqlauth.so is too complex to describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/sqlauth # +# sqlauth is too complex to describe here, see the docs: # +# https://docs.inspircd.org/3/modules/sqlauth # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# SQL oper module: Allows you to store oper credentials in an SQL table +# SQL oper module: Allows you to store oper credentials in an SQL +# table. You can add additional table columns like you would config +# tags in opers.conf. Opers in opers.conf will override opers from +# this module. # -#<module name="m_sqloper.so"> +#<module name="sqloper"> # #-#-#-#-#-#-#-#-#-#-#- SQLOPER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # dbid - Database ID to use (see SQL modules). # -# hash - Hashing provider to use for password hashing. # # # -# See also: https://wiki.inspircd.org/Modules/2.0/sqloper # +# See also: https://docs.inspircd.org/3/modules/sqloper # # # -#<sqloper dbid="1" hash="md5"> +#<sqloper dbid="1"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# StartTLS module: Implements STARTTLS, which allows clients # +# connected to non TLS (SSL) enabled ports to enable TLS (SSL), if # +# a proper TLS (SSL) module is loaded (either ssl_gnutls, # +# ssl_mbedtls or ssl_openssl). # +#<module name="starttls"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# SVSHold module: Implements SVSHOLD. Like Q:Lines, but can only be # +# SVSHold module: Implements SVSHOLD. Like Q-lines, but can only be # # added/removed by Services. # -#<module name="m_svshold.so"> -# If silent is true no snotices will be generated by SVSHOLD. -#<svshold silent="false"> +#<module name="svshold"> +# SVSHOLD does not generate server notices by default, you can turn +# notices on by uncommenting the next line. +#<svshold silent="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SWHOIS module: Allows you to add arbitrary lines to user WHOIS. # This module is oper-only. # To use, SWHOIS must be in one of your oper class blocks. -#<module name="m_swhois.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Test module: Enable this to create a command useful in testing -# flood control. To avoid accidental use on live networks, the server -# name must contain ".test" to load the module -#<module name="m_testnet.so"> +#<module name="swhois"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Timed bans module: Adds timed channel bans with the /TBAN command. -#<module name="m_timedbans.so"> +#<module name="timedbans"> +# By default, it sends a notice to channel operators when timed ban is +# set and when it is removed by server. +#<timedbans sendnotice="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Test line module: Adds the /TLINE command, used to test how many # users a /GLINE or /ZLINE etc. would match. # This module is oper-only. # To use, TLINE must be in one of your oper class blocks. -#<module name="m_tline.so"> +#<module name="tline"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Topiclock module: implements server-side topic locking to achieve deeper # integration with services packages. -#<module name="m_topiclock.so"> +#<module name="topiclock"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# UHNAMES support module: Adds support for the IRCX style UHNAMES -# extension, which displays ident and hostname in the names list for -# each user, saving clients from doing a WHO on the channel. -# If a client does not support UHNAMES it will not enable it, this will -# not break incompatible clients. -#<module name="m_uhnames.so"> +# UHNAMES support module: Adds support for the IRCv3 userhost-in-names +# capability and legacy UHNAMES extension which display the ident and +# hostname of users in the NAMES list. +#<module name="uhnames"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Uninvite module: Adds the /UNINVITE command which lets users remove # pending invites from channels without waiting for the user to join. -#<module name="m_uninvite.so"> +#<module name="uninvite"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Userip module: Adds the /USERIP command. # Allows users to query their own IP, also allows opers to query the IP # of anyone else. -#<module name="m_userip.so"> +#<module name="userip"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Vhost module: Adds the VHOST command which allows for adding virtual # hosts which are accessible using a username and password in the config. -#<module name="m_vhost.so"> +#<module name="vhost"> # #-#-#-#-#-#-#-#-#-#-#- VHOST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # @@ -1885,32 +2417,59 @@ # pass - Password for the vhost. # # # # hash - The hash for the specific user (optional) # -# m_password_hash.so and a hashing module must be loaded # -# for this to work. # +# password_hash and a hashing module must be loaded for # +# this to work. # # # # host - Vhost to set. # # #<vhost user="some_username" pass="some_password" host="some.host.test.cc"> -#<vhost user="foo" password="fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9" hash="sha256" host="some.other.host.example.com"> +#<vhost user="foo" password="$2a$10$iTuYLT6BRhRlOgzfsW9oPe62etW.oXwSpyKw5rJit64SGZanLXghO" hash="bcrypt" host="some.other.host.example.com"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Watch module: Adds the WATCH command, which is used by clients to # maintain notify lists. -#<module name="m_watch.so"> +#<module name="watch"> # # Set the maximum number of entries on a user's watch list below. -#<watch maxentries="32"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# XLine database: Stores all *Lines (G/Z/K/R/any added by other modules) +#<watch maxwatch="32"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# WebSocket module: Adds HTML5 WebSocket support. +# Specify hook="websocket" in a <bind> tag to make that port accept +# WebSocket connections. Compatible with TLS (SSL). +# Requires SHA-1 hash support available in the sha1 module. +#<module name="websocket"> +# +# proxyranges: A space-delimited list of glob or CIDR matches to trust +# the X-Real-IP or X-Forwarded-For headers from. If enabled +# the server will use the IP address specified by those HTTP +# headers. You should NOT enable this unless you are using +# a HTTP proxy like nginx as it will allow IP spoofing. +# sendastext: Whether to re-encode messages as UTF-8 before sending to +# WebSocket clients. This is recommended as the WebSocket +# protocol requires all text frames to be sent as UTF-8. +# If you do not have this enabled messages will be sent as +# binary frames instead. +#<websocket proxyranges="192.0.2.0/24 198.51.100.*" +# sendastext="yes"> +# +# If you use the websocket module you MUST specify one or more origins +# which are allowed to connect to the server. You should set this as +# strict as possible to prevent malicious webpages from connecting to +# your server. +# <wsorigin allow="https://*.example.com"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# X-line database: Stores all *-lines (G/Z/K/R/any added by other modules) # in a file which is re-loaded on restart. This is useful # for two reasons: it keeps bans so users may not evade them, and on # bigger networks, server connections will take less time as there will # be a lot less bans to apply - as most of them will already be there. -#<module name="m_xline_db.so"> +#<module name="xline_db"> -# Specify the filename for the xline database here. -#<xlinedb filename="data/xline.db"> +# Specify the filename for the xline database and how often to check whether +# the database needs to be saved here. +#<xlinedb filename="xline.db" saveperiod="5s"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # ____ _ _____ _ _ ____ _ _ _ # @@ -1919,8 +2478,8 @@ # | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| # # |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) # # # -# To link servers to InspIRCd, you MUST load the m_spanningtree # -# module. If you don't do this, server links will NOT work at all. # +# To link servers to InspIRCd, you MUST load the spanningtree module. # +# If you don't do this, server links will NOT work at all. # # This is by design, to allow for the implementation of other linking # # protocols in modules in the future. # @@ -1929,4 +2488,4 @@ # tree protocol (see the READ THIS BIT section above). # You will almost always want to load this. # -#<module name="m_spanningtree.so"> +#<module name="spanningtree">