2 ################################################
3 ### Managed by someone's ansible provisioner ###
4 ################################################
5 # Part of: https://git.somenet.org/root/pub/somesible.git
6 # 2017-2024 by someone <someone@somenet.org>
8 ########################################################################
10 # ___ ___ ____ ____ _ #
11 # |_ _|_ __ ___ _ __|_ _| _ \ / ___|__| | #
12 # | || '_ \/ __| '_ \| || |_) | | / _` | #
13 # | || | | \__ \ |_) | || _ <| |__| (_| | #
14 # |___|_| |_|___/ .__/___|_| \_\\____\__,_| #
17 # / ___|___ _ __ / _(_) __ _ _ _ _ __ __ _| |_(_) ___ _ __ #
18 # | | / _ \| '_ \| |_| |/ _` | | | | '__/ _` | __| |/ _ \| '_ \ #
19 # | |__| (_) | | | | _| | (_| | |_| | | | (_| | |_| | (_) | | | | #
20 # \____\___/|_| |_|_| |_|\__, |\__,_|_| \__,_|\__|_|\___/|_| |_| #
23 ########################################################################
25 # Unalphabeticalise the modules list at your own risk #
27 ########################################################################
29 #-#-#-#-#-#-#-#-#-#- CONNECTIONS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
31 # This is where you can configure which connections are allowed #
32 # and denied access onto your server. The password is optional. #
33 # You may have as many of these as you require. To allow/deny all #
34 # connections, use a '*' or 0.0.0.0/0. #
36 # -- It is important to note that connect tags are read from the -- #
37 # TOP DOWN. This means that you should have more specific deny #
38 # and allow tags at the top, progressively more general, followed #
39 # by a <connect allow="*" (should you wish to have one). #
41 # Connect blocks are searched twice for each user - once when the TCP #
42 # connection is accepted, and once when the user completes their #
43 # registration. Most of the information (hostname, ident response, #
44 # password, SSL when using STARTTLS, etc) is only available during #
45 # the second search, so if you are trying to make a closed server, #
46 # you will probably need a connect block just for user registration. #
47 # This can be done by using <connect registered="no"> #
50 # name: Name to use for this connect block. Mainly used for
51 # connect class inheriting.
54 # allow: The IP address or hostname of clients that can use this
55 # class. You can specify either an exact match, a glob match, or
59 # maxchans: Maximum number of channels a user in this class
60 # can be in at one time.
63 # timeout: How long the server will wait before disconnecting
64 # a user if they do not do anything on connect.
65 # (Note, this is a client-side thing, if the client does not
66 # send /NICK, /USER or /PASS)
69 # pingfreq: How often the server tries to ping connecting clients.
72 # hardsendq: maximum amount of data allowed in a client's send queue
73 # before they are dropped. Keep this value higher than the length of
74 # your network's /LIST or /WHO output, or you will have lots of
75 # disconnects from sendq overruns!
76 # Setting this to "1M" is equivalent to "1048576", "8K" is 8192, etc.
79 # softsendq: amount of data in a client's send queue before the server
80 # begins delaying their commands in order to allow the sendq to drain
83 # recvq: amount of data allowed in a client's queue before they are dropped.
84 # Entering "10K" is equivalent to "10240", see above.
87 # threshold: This specifies the amount of command penalty a user is allowed to have
88 # before being quit or fakelagged due to flood. Normal commands have a penalty of 1,
89 # ones such as /OPER have penalties up to 10.
91 # If you are not using fakelag, this should be at least 20 to avoid excess flood kills
92 # from processing some commands.
95 # commandrate: This specifies the maximum rate that commands can be processed.
96 # If commands are sent more rapidly, the user's penalty will increase and they will
97 # either be fakelagged or killed when they reach the threshold
99 # Units are millicommands per second, so 1000 means one line per second.
102 # fakelag: Use fakelag instead of killing users for excessive flood
104 # Fake lag stops command processing for a user when a flood is detected rather than
105 # immediately killing them; their commands are held in the recvq and processed later
106 # as the user's command penalty drops. Note that if this is enabled, flooders will
107 # quit with "RecvQ exceeded" rather than "Excess Flood".
110 # localmax: Maximum local connections per IP.
113 # globalmax: Maximum global (network-wide) connections per IP.
116 # resolvehostnames: If disabled, no DNS lookups will be performed on connecting users
117 # in this class. This can save a lot of resources on very busy servers.
118 resolvehostnames="yes"
120 # useident: Defines if users in this class must respond to a ident query or not.
123 # usests: Whether a STS policy should be advertised to users in this class.
124 # This setting only has effect when the ircv3_sts module is loaded.
127 # limit: How many users are allowed in this class
130 # modes: User modes that are set on users in this block on connect.
131 # Enabling this option requires that the conn_umodes module be loaded.
132 # This entry is highly recommended to use for/with IP cloaking/masking.
133 # For the example to work, this also requires that the cloaking
134 # module be loaded as well.
138 <cidr ipv4clone="32" ipv6clone="128">
140 # MOVED TO global.secret.conf
141 # <include file="/etc/inspircd/global.opers.conf">
142 # MOVED TO inspircd.secret.conf
143 # <include file="/etc/inspircd/inspircd.links.conf">
144 <files motd="/etc/inspircd/inspircd.motd">
146 <channels users="60" opers="64">
147 <banlist chan="*" limit="128">
149 #<disabled commands="TOPIC MODE" usermodes="" chanmodes="" fakenonexistant="yes">
152 # prefixquit: What (if anything) users' quit messages
153 # should be prefixed with.
156 # suffixquit: What (if anything) users' quit messages
157 # should be suffixed with.
160 # prefixpart: What (if anything) users' part messages
161 # should be prefixed with.
163 # NOTE: Use "\"" instead of """ if not using <config format="xml">
165 # suffixpart: What (if anything) users' part message
166 # should be suffixed with.
169 # fixedquit: Set all users' quit messages to this value.
172 # fixedpart: Set all users' part messages in all channels
176 # syntaxhints: If enabled, if a user fails to send the correct parameters
177 # for a command, the ircd will give back some help text of what
178 # the correct parameters are.
181 # casemapping: This sets the case mapping method to be used by the
182 # server. This MUST be the same on all servers. Possible values are:
183 # "ascii" (recommended)
184 # "rfc1459" (default, required for linking to 2.0 servers)
185 # NOTE: if you are using the nationalchars module this setting will be
186 # ignored. You should use <nationalchars:casemapping> instead.
189 # cyclehostsfromuser: If enabled, the source of the mode change for
190 # cyclehosts will be the user who cycled. This can look nicer, but
191 # triggers anti-takeover mechanisms of some obsolete bots.
192 cyclehostsfromuser="no"
194 # announcets: If set to yes, when the timestamp on a channel changes, all users
195 # in the channel will be sent a NOTICE about it.
198 # allowmismatch: Setting this option to yes will allow servers to link even
199 # if they don't have the same "optionally common" modules loaded. Setting this to
200 # yes may introduce some desyncs and unwanted behaviour.
203 # defaultbind: Sets the default for <bind> tags without an address. Choices are
204 # ipv4 or ipv6; if not specified, IPv6 will be used if your system has support,
205 # falling back to IPv4 otherwise.
208 # hostintopic: If enabled, channels will show the host of the topic setter
209 # in the topic. If set to no, it will only show the nick of the topic setter.
212 # pingwarning: If a server does not respond to a ping within this period,
213 # it will send a notice to opers with snomask +l informing that the server
214 # is about to ping timeout.
217 # serverpingfreq: How often pings are sent between servers.
220 # splitwhois: Whether to split private/secret channels from normal channels
221 # in WHOIS responses. Possible values for this are:
222 # 'no' - list all channels together in the WHOIS response regardless of type.
223 # 'split' - split private/secret channels to a separate WHOIS response numeric.
224 # 'splitmsg' - the same as split but also send a message explaining the split.
227 # defaultmodes: What modes are set on a empty channel when a user
228 # joins it and it is unregistered.
231 # xlinemessage: This is the text that is sent to a user when they are
232 # banned from the server.
233 xlinemessage="You're banned! Email irc@example.com with the ERROR line below for help."
235 # allowzerolimit: If enabled then allow a limit of 0 to be set on channels.
236 # This is non-standard behaviour and should only be enabled if you need to
237 # link with servers running 2.0. Defaults to yes.
240 # modesinlist: If enabled then the current channel modes will be shown
241 # in the /LIST response. Defaults to yes.
244 # exemptchanops: Allows users with with a status mode to be exempt
245 # from various channel restrictions. Possible restrictions are:
246 # - anticaps Channel mode +B - blocks messages with too many capital
247 # letters (requires the anticaps module).
248 # - auditorium-see Permission required to see the full user list of
249 # a +u channel (requires the auditorium module).
250 # - auditorium-vis Permission required to be visible in a +u channel
251 # (requires the auditorium module).
252 # - blockcaps Channel mode +B - blocks messages with too many capital
253 # letters (requires the blockcaps module).
254 # - blockcolor Channel mode +c - blocks messages with formatting codes
255 # (requires the blockcolor module).
256 # - censor Channel mode +G - censors messages based on the network
257 # configuration (requires the censor module).
258 # - filter Channel mode +g - blocks messages containing the given
259 # glob mask (requires the chanfilter module).
260 # - flood Channel mode +f - kicks (and bans) on text flood of a
261 # specified rate (requires the messageflood module).
262 # - nickflood Channel mode +F - blocks nick changes after a specified
263 # rate (requires the nickflood module).
264 # - noctcp Channel mode +C - blocks any CTCPs to the channel
265 # (requires the noctcp module).
266 # - nonick Channel mode +N - prevents users on the channel from
267 # changing nicks (requires the nonicks module).
268 # - nonotice Channel mode +T - blocks /NOTICEs to the channel
269 # (requires the nonotice module).
270 # - regmoderated Channel mode +M - blocks unregistered users from
271 # speaking (requires the services account module).
272 # - stripcolor Channel mode +S - strips formatting codes from
273 # messages (requires the stripcolor module).
274 # - topiclock Channel mode +t - limits changing the topic to (half)ops
275 # You can also configure this on a per-channel basis with a channel mode.
276 # See m_exemptchanops in modules.conf.example for more details.
277 exemptchanops="censor:o filter:o nickflood:o nonick:v regmoderated:o"
279 # invitebypassmodes: This allows /INVITE to bypass other channel modes.
280 # (Such as +k, +j, +l, etc.)
281 invitebypassmodes="yes"
283 # nosnoticestack: This prevents snotices from 'stacking' and giving you
284 # the message saying '(last message repeated X times)'. Defaults to no.
289 # allowcoreunload: If this value is set to yes, Opers will be able to
290 # unload core modules (e.g. core_privmsg).
293 # announceinvites: This option controls which members of the channel
294 # receive an announcement when someone is INVITEd. Available values:
295 # 'none' - don't send invite announcements
296 # 'all' - send invite announcements to all members
297 # 'ops' - send invite announcements to ops and higher ranked users
298 # 'dynamic' - send invite announcements to halfops (if available) and
299 # higher ranked users. This is the recommended setting.
300 announceinvites="dynamic"
302 # hideulines: If this value is set to yes, U-lined servers will
303 # be hidden from non-opers in /LINKS and /MAP.
306 # flatlinks: If this value is set to yes, /MAP and /LINKS will
307 # be flattened when shown to non-opers.
310 # hideserver: When defined, the given text will be used in place
311 # of the server name in public messages. As with <server:name> this
312 # does not need to resolve but does need to be a valid hostname.
314 # NOTE: enabling this will cause users' idle times to only be shown
315 # when a remote whois (/WHOIS <nick> <nick>) is used.
316 #hideserver="*.example.com"
318 # hidebans: If this value is set to yes, when a user is banned ([KGZ]-lined)
319 # only opers will see the ban message when the user is removed
323 # hidekills: If defined, replaces who executed a /KILL with a custom string.
326 # hideulinekills: Hide kills from clients of ulined servers from server notices.
329 # hidesplits: If enabled, non-opers will not be able to see which
330 # servers split in a netsplit, they will only be able to see that one
331 # occurred (If their client has netsplit detection).
334 # maxtargets: Maximum number of targets per command.
335 # (Commands like /NOTICE, /PRIVMSG, /KICK, etc)
338 # customversion: A custom message to be displayed in the comments field
339 # of the VERSION command response. This does not hide the InspIRCd version.
342 # runasuser: If this is set, InspIRCd will attempt to switch
343 # to run as this user, which allows binding of ports under 1024.
344 # You should NOT set this unless you are starting as root.
345 # NOT SUPPORTED/NEEDED UNDER WINDOWS.
348 # runasgroup: If this is set, InspIRCd will attempt to switch
349 # to run as this group, which allows binding of ports under 1024.
350 # You should NOT set this unless you are starting as root.
351 # NOT SUPPORTED/NEEDED UNDER WINDOWS.
354 # restrictbannedusers: If this is set to yes, InspIRCd will not allow users
355 # banned on a channel to change nickname or message channels they are
356 # banned on. This can also be set to silent to restrict the user but not
358 restrictbannedusers="yes"
360 # genericoper: Setting this value to yes makes all opers on this server
361 # appear as 'is a server operator' in their WHOIS, regardless of their
362 # oper type, however oper types are still used internally. This only
363 # affects the display in WHOIS.
366 # userstats: /STATS commands that users can run (opers can run all).
383 #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
384 #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
388 # Logging is covered with the <log> tag, which you may use to change
389 # the behaviour of the logging of the IRCd.
391 # An example log tag would be:
392 # <log method="file" type="OPER" level="default" target="opers.log">
393 # which would log all information on /OPER (failed and successful) to
394 # a file called opers.log.
396 # There are many different types which may be used, and modules may
397 # generate their own. A list of useful types:
398 # - USERS - information relating to user connection and disconnection
399 # - OPER - successful and failed oper attempts
400 # - KILL - kill related messages
401 # - FILTER - messages related to filter matches (filter module)
402 # - CONFIG - configuration related messages
403 # - COMMAND - die and restart messages, and messages related to unknown user types
404 # - SOCKET - socket engine informational/error messages
405 # - MODULE - module related messages
406 # - STARTUP - messages related to starting up the server
408 # You may also log *everything* by using a type of *, and subtract things out
409 # of that by using -TYPE - for example "* -USERINPUT -USEROUTPUT".
412 # - default (general messages, including errors)
413 # - sparse (misc error messages)
414 # - debug (debug messages)
416 # Some types only produce output in the debug level, those are:
417 # - BANCACHE - ban cache debug messages
418 # - CHANNELS - information relating to joining/creating channels
419 # - CULLLIST - debug messages related to issues with removing users
420 # - RESOLVER - DNS related debug messages
421 # - CONNECTCLASS - Connection class debug messages
425 # If your server is producing a high levels of log messages you can also set the
426 # flush="[positive number]" attribute to specify how many log messages should be
427 # buffered before flushing to disk. You should probably not specify this unless
428 # you are having problems.
430 # The following log tag is highly default and uncustomised. It is recommended you
431 # sort out your own log tags. This is just here so you get some output.
432 #<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="/tmp/ircd.log">
434 <whowas groupsize="100" maxgroups="100000" maxkeep="90d">
436 <badnick nick="BotServ" reason="Reserved for a network service">
437 <badnick nick="ChanServ" reason="Reserved for a network service">
438 <badnick nick="Global" reason="Reserved for a network service">
439 <badnick nick="HostServ" reason="Reserved for a network service">
440 <badnick nick="MemoServ" reason="Reserved for a network service">
441 <badnick nick="NickServ" reason="Reserved for a network service">
442 <badnick nick="OperServ" reason="Reserved for a network service">
443 <badnick nick="StatServ" reason="Reserved for a network service">
445 <exemptfromfilter target="BotServ">
446 <exemptfromfilter target="ChanServ">
447 <exemptfromfilter target="Global">
448 <exemptfromfilter target="HostServ">
449 <exemptfromfilter target="MemoServ">
450 <exemptfromfilter target="NickServ">
451 <exemptfromfilter target="OperServ">
452 <exemptfromfilter target="StatServ">
454 <badhost host="root@*" reason="Don't irc as root!">
455 #<badhost host="*@172.32.0.0/16" reason="This subnet is bad.">
457 <exception host="*@localhost" reason="Never block localhost.">
458 <exception host="*@127.0.0.1" reason="Never block localhost.">
460 #-#-#-#-#-#-#-#-#-#-#- INSANE BAN OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-#
462 # This optional tag allows you to specify how wide a gline, eline, #
463 # kline, zline or qline can be before it is forbidden from being #
464 # set. By setting hostmasks="yes", you can allow all G, K, E lines, #
465 # no matter how many users the ban would cover. This is not #
466 # recommended! By setting ipmasks="yes", you can allow all Z lines, #
467 # no matter how many users these cover too. Needless to say we #
468 # don't recommend you do this, or, set nickmasks="yes", which will #
473 # hostmasks: Allow bans with insane hostmasks. (over-reaching bans)
476 # ipmasks: Allow bans with insane ipmasks. (over-reaching bans)
479 # nickmasks: Allow bans with insane nickmasks. (over-reaching bans)
482 # trigger: What percentage of users on the network to trigger
483 # specifying an insane ban as. The default is 95.5%, which means
484 # if you have a 1000 user network, a ban will not be allowed if it
485 # will be banning 955 or more users.
489 <include file="/etc/inspircd/global.modules.conf">
490 <include file="/etc/inspircd/global.secret.conf">
SomeNet / public repos / root / pub / somesible.git / blob