# ################################################ ### Managed by someone's ansible provisioner ### ################################################ # Part of: https://git.somenet.org/root/pub/somesible.git # 2017-2024 by someone # #-#-#-#-#-#-#-#-#-#-#-#-#- MODULE OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-# # # # These tags define which modules will be loaded on startup by your # # server. Add modules without any paths. When you make your ircd # # using the 'make' command, all compiled modules will be moved into # # the folder you specified when you ran ./configure. The module tag # # automatically looks for modules in this location. # # If you attempt to load a module outside of this location, either # # in the config, or via /LOADMODULE, you will receive an error. # # # # By default, ALL modules are commented out. You must uncomment them # # or add lines to your config to load modules. Please refer to # # https://docs.inspircd.org/3/modules for a list of modules and # # each modules link for any additional conf tags they require. # # # # ____ _ _____ _ _ ____ _ _ _ # # | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | # # | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | # # | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| # # |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) # # # # To link servers to InspIRCd, you MUST load the spanningtree module. # # If you don't do this, server links will NOT work at all. # # This is by design, to allow for the implementation of other linking # # protocols in modules in the future. This module is at the bottom of # # this file. # # # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # MD5 module: Allows other modules to generate MD5 hashes, usually for # cryptographic uses and security. # # IMPORTANT: # Other modules such as cloaking and password_hash may rely on # this module being loaded to function. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SHA256 module: Allows other modules to generate SHA256 hashes, # usually for cryptographic uses and security. # # IMPORTANT: # Other modules such as password_hash may rely on this module being # loaded to function. Certain modules such as spanningtree will # function without this module but when it is loaded their features will # be enhanced (for example the addition of HMAC authentication). # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Abbreviation module: Provides the ability to abbreviate commands a-la # BBC BASIC keywords. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Alias module: Allows you to define server-side command aliases. # # Set the 'prefix' for in-channel aliases (fantasy commands) to the # specified character. If not set, the default is "!". # If 'allowbots' is disabled, +B clients will not be able to use # fantasy commands. If not set, the default is no. # # #-#-#-#-#-#-#-#-#-#-#- ALIAS DEFINITIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-# # # # If you have the alias module loaded, you may also define aliases as # # shown below. They are commonly used to provide shortcut commands to # # services, however they are not limited to just this use. # # An alias tag requires the following values to be defined in it: # # # # text - The text to detect as the actual command line. # # Can't contain spaces, but case insensitive. # # You may have multiple aliases with the same # # command name (text="" value), however the first # # found will be executed if its format value is # # matched, or it has no format value. Aliases are # # read from the top of the file to the bottom. # # # # usercommand - If this is true, the alias can be run simply as # # /ALIASNAME. Defaults to true. # # # # channelcommand - If this is true, the alias can be used as an # # in-channel alias or 'fantasy command', prefixed # # by the fantasy prefix character, !aliasname by # # default. Defaults to false. # # # # format - If this is defined, the parameters of the alias # # must match this glob pattern. For example if you # # want the first parameter to start with a # for # # the alias to be executed, set format="#*" in the # # alias definition. Note that the :'s which are # # part of IRC formatted lines will be preserved # # for matching of this text. This value is # # optional. # # # # replace - The text to replace 'text' with. Usually this # # will be "PRIVMSG ServiceName :$2-" or similar. # # You may use the variables $1 through $9 in the # # replace string, which refer to the first through # # ninth word in the original string typed by the # # user. You may also use $1- through $9- which # # refer to the first word onwards, through to the # # ninth word onwards, e.g. if the user types the # # command "foo bar baz qux quz" then $3- will hold # # "baz qux quz" and $2 will contain "bar". You may # # also use the special variables: $nick, $ident, # # $host and $vhost, and you may separate multiple # # commands with a newline (which can be written in # # the file literally, or encoded as &nl; or \n # # depending on the config format setting). # # # # requires - If you provide a value for 'requires' this means # # the given nickname MUST be online for the alias # # to successfully trigger. If they are not, then # # the user receives a 'no such nick' 401 numeric. # # # # stripcolor - If this is true, the text from the user will be # # stripped of color and format codes before # # matching against 'text'. # # # # uline - Setting this to true will ensure that the user # # given in 'requires' is also on a U-lined server, # # as well as actually being on the network. If the # # user is online, but not on a U-lined server, # # then an oper alert is sent out as this is # # possibly a sign of a user trying to impersonate # # a service. # # # # operonly - If true, this will make the alias oper only. # # If a non-oper attempts to use the alias, it will # # appear to not exist. # # # # # Long hand aliases for services pseudoclients. # Short hand aliases for services pseudoclients. # /ID [account] # Identifies to a services account. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Allowinvite module: Gives channel mode +A to allow all users to use # /INVITE, and extban A to deny invite from specific masks. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Alltime module: Shows time on all connected servers at once. # This module is oper-only and provides /ALLTIME. # To use, ALLTIME must be in one of your oper class blocks. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Anticaps module: Adds channel mode +B which allows you to punish # users that send overly capitalised messages to channels. Unlike the # blockcaps module this module is more flexible as it has more options # for punishment and allows channels to configure their own punishment # policies. # # You may also configure the characters which anticaps considers to be # lower case and upper case. Any characters not listed here are assumed # to be punctuation and will be ignored when counting: #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Argon2 module: Allows other modules to generate Argon2 hashes, # usually for cryptographic uses and security. # This module makes the algorithms argon2i, argon2d and argon2id # available for use. # Note that this module is extra, and must be enabled explicitly # to build. It depends on libargon2. # # # memory: Memory hardness, in KiB. E.g. 131072 KiB = 128 MiB. # iterations: Time hardness in iterations. (def. 3) # lanes: How many parallel chains can be run. (def. 1) # threads: Maximum amount of threads each invocation can spawn. (def. 1) # length: Output length in bytes. (def. 32) # saltlength: Salt length in bytes. (def. 16) # version: Algorithm version, 10 or 13. (def. 13) # The parameters can be customized as follows: # # Defines the parameters that are common for all the variants (i/d/id). # Can be overridden on individual basis, e.g. # # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Auditorium module: Adds channel mode +u which makes everyone else # except you in the channel invisible, used for large meetings etc. # # Auditorium settings: # # # opvisible (auditorium-vis in exemptchanops): # Show channel ops to all users # opcansee (auditorium-see in exemptchanops): # Allow ops to see all joins/parts/kicks in the channel # opercansee: # Allow opers (channels/auspex) to see see all joins/parts/kicks in the channel # # Exemptchanops can be used to adjust the level at which users become visible or # the level at which they can see the full member list of the channel. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Autoop module: Adds basic channel access controls via the +w listmode. # For example +w o:*!Attila@127.0.0.1 will op anyone matching that mask # on join. This can be combined with extbans, for example +w o:R:Brain # will op anyone identified to the account "Brain". # Another useful combination is with TLS (SSL) client certificate # fingerprints: +w h:z:72db600734bb9546c1bdd02377bc21d2a9690d48 will # give halfop to the user(s) having the given certificate. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Ban except module: Adds support for channel ban exceptions (+e). #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Ban redirection module: Allows bans which redirect to a specified # channel. e.g. +b nick!ident@host#channelbanneduserissentto #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # bcrypt module: Allows other modules to generate bcrypt hashes, # usually for cryptographic uses and security. # # rounds: Defines how many rounds the bcrypt function will run when # generating new hashes. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Block amsg module: Attempt to block all usage of /amsg and /ame. # #-#-#-#-#-#-#-#-#-#-#- BLOCKAMSG CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # # If you have the blockamsg module loaded, you can configure it with # # the tag: # # # # delay - How much time between two messages to force them # # to be recognised as unrelated. # # action - Any of 'notice', 'noticeopers', 'silent', 'kill' # # or 'killopers'. Define how to take action when # # a user uses /amsg or /ame. # # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Block CAPS module: Adds channel mode +B, blocks all-CAPS messages. # # NOTE: This module is deprecated and will be removed in a future version # of InspIRCd. You should use the anticaps module shown above instead. # # #-#-#-#-#-#-#-#-#-#-#- BLOCKCAPS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # # percent - The percentage of a message which must be upper # # case before it will be blocked. # # # # minlen - The minimum length a message must be before it # # will be blocked. # # # # lowercase - The characters which will be considered lower # # case. # # # # uppercase - The characters which will be considered upper # # case. # # # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Block color module: Blocking color-coded messages with chan mode +c. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Botmode module: Adds the user mode +B. If set on a user, it will # show that the user is a bot in /WHOIS. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CallerID module: Adds user mode +g which activates hybrid-style # callerid: block all private messages unless you /ACCEPT first. # #-#-#-#-#-#-#-#-#-#-#- CALLERID CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # maxaccepts - Maximum number of entries a user can add to their # # /ACCEPT list. Default is 30 entries. # # tracknick - Preserve /ACCEPT entries when a user changes nick? # # If no (the default), the user is removed from # # everyone's accept list if their nickname changes. # # cooldown - Amount of time that must pass since the last # # notification sent to a user before they can be # # sent another. Default is 1 minute. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CAP module: Provides the CAP negotiation mechanism required by the # sasl, namesx, uhnames, and ircv3 modules. # It is also recommended for STARTTLS support in the starttls module. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CBAN module: Lets you disallow channels from being used at runtime. # This module is oper-only and provides /CBAN. # To use, CBAN must be in one of your oper class blocks. # CBAN does not allow glob channelmasks by default for compatibility # reasons. You can enable glob support by uncommenting the next line. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Censor module: Adds channel and user mode +G which block phrases that # are listed in the server bad words list. # # #-#-#-#-#-#-#-#-#-#-#- CENSOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # If you have the censor module loaded you should specify one or more # # phrases to replace/block in user messages. The config for this is # # formatted as follows: # # # # Replaces "eggplant" with "aubergine" within messages: # # # # # # Blocks messages that contain "fluffy capybaras": # # # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CGI:IRC module: Enables forwarding the real IP address of a user from # a gateway to the IRC server. # #-#-#-#-#-#-#-#-#-#-#-# CGIIRC CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-# # # If you use the cgiirc module then you must specify the gateways which # are authorised to forward IP/host information to your server. There # are currently two ways to do this: # # The webirc method is the recommended way to allow gateways to forward # IP/host information. When using this method the gateway sends a WEBIRC # message to the server on connection. For more details please read the # IRCv3 WebIRC specification at: https://ircv3.net/specs/extensions/webirc.html # # When using this method you must specify a wildcard mask or CIDR range # to allow gateway connections from and at least one of either a TLS (SSL) # client certificate fingerprint for the gateway or a password to be # sent in the WEBIRC command. # # # # # Alternatively if your gateway does not support sending the WEBIRC # message then you can configure InspIRCd to look for the client IP # address in the ident sent by the user. This is not recommended as it # only works with IPv4 connections. # # When using this method you must specify a wildcard mask or CIDR range to allow # gateway connections from. You can also optionally configure the static value # that replaces the IP in the ident to avoid leaking the real IP address of # gateway clients (defaults to "gateway" if not set). # # # # # By default gateway connections are logged to the +w snomask. If you # do not want this to happen then you can uncomment this to disable it. # # IMPORTANT NOTE: # --------------- # # When you connect gateway clients, there are two connect classes which # apply to these clients. When the client initially connects, the connect # class which matches the gateway site's host is checked. Therefore you # must raise the maximum local/global clients for this IP as high as you # want to allow gateway clients. After the client has connected and is # determined to be a gateway client, the class which matches the client's # real IP is then checked. You may set this class to a lower value, so that # the real IP of the client can still be restricted to, for example, 3 # sessions maximum. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel create module: Adds snomask +j, which will notify opers of # any new channels that are created. # This module is oper-only. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel filter module: Allows channel-op defined message filtering # using simple string matches (channel mode +g). # # If hidemask is set to yes, the user will not be shown the mask when # their message is blocked. # # If maxlen is set then it defines the maximum length of a filter entry. # # If notifyuser is set to no, the user will not be notified when # their message is blocked. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel history module: Displays the last 'X' lines of chat to a user # joining a channel with +H 'X:T' set; 'T' is the maximum time to keep # lines in the history buffer. Designed so that the new user knows what # the current topic of conversation is when joining the channel. # # Set the maximum number of lines allowed to be stored per channel below. # This is the hard limit for 'X'. # If prefixmsg is set to yes, joining users without batch support will get # a NOTICE before playback telling them about the following lines being # the pre-join history. # If bots is set to yes, it will also send to users marked with +B #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel logging module: Used to send snotice output to channels, to # allow staff to centrally monitor and discuss network activity. # # The "channel" field is where you want the messages to go, "snomasks" # is what snomasks you want to be sent to that channel. Multiple tags # are allowed. # # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel names module: Allows disabling channels which have certain # characters in the channel name such as bold, colorcodes, etc. which # can be quite annoying and allow users to on occasion have a channel # that looks like the name of another channel on the network. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channelban: Implements extended ban j:, which stops anyone already # in a channel matching a ban like +b j:#channel from joining. # It is also possible to ban based on their status in that channel, # like so: +b j:@#channel, this example prevents the ops from joining. # Note that by default wildcard characters * and ? are allowed in # channel names. To disallow them, load the channames module and # add characters 42 and 63 to denyrange (see above). #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Check module: Adds the /CHECK command. # Check is useful for looking up information on channels, users, # IP addresses and hosts. # This module is oper-only. # To use, CHECK must be in one of your oper class blocks. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CHGHOST module: Adds the /CHGHOST command. # This module is oper-only. # To use, CHGHOST must be in one of your oper class blocks. # NOTE: Services will not be able to set vhosts on users if this module # isn't loaded. If you're planning on running services, you probably # want to load this. # #-#-#-#-#-#-#-#-# /CHGHOST - /SETHOST CONFIGURATION #-#-#-#-#-#-#-#-# # Optional - If you want to use special chars for hostnames you can # # specify your own custom list of chars with the tag: # # # # charmap - A list of chars accepted as valid by the /CHGHOST # # and /SETHOST commands. Also note that the list is # # case-sensitive. # # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CHGIDENT module: Adds the /CHGIDENT command. # This module is oper-only. # To use, CHGIDENT must be in one of your oper class blocks. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CHGNAME module: Adds the /CHGNAME command. # This module is oper-only. # To use, CHGNAME must be in one of your oper class blocks. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Connection class ban module: Adds support for extban 'n' which # matches against the class name of the user's connection. # This module assumes that connection classes are named in a uniform # way on all servers of the network. Wildcards are accepted. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Clear chan module: Allows opers to masskick, masskill or # mass G/Z-line all users on a channel using /CLEARCHAN. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Cloaking module: Adds user mode +x and cloaking support. # Relies on the md5 module being loaded. # To cloak users when they connect, load the conn_umodes module and set # to include the +x mode. The example tag # shows this. See the conn_umodes module for more information. # #-#-#-#-#-#-#-#-#-#-#- CLOAKING CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # To use cloaking, you must define a cloak key, and optionally a # # cloak prefix as shown below. The cloak key must be shared across # # the network for consistent cloaking and must be at least thirty # # characters long. # # # # There are two methods of cloaking: # # # # half Cloak only the "unique" portion of a host; by # # default show the last 2 parts of the domain, # # /16 subnet of IPv4 or /48 subnet of the IPv6 # # address. # # To change the number of shown parts, modify the # # domainparts option. # # # # full Cloak the users completely, using three slices for # # common CIDR bans (IPv4: /16, /24; IPv6: /48, /64). # # # # The methods use a single key that can be any length of text. # # An optional prefix may be specified to mark cloaked hosts. # # # # IMPORTANT: Changing these details will break all of your existing # # bans. If you do not want this to happen you can define multiple # # cloak tags. The first will be used for cloaking and the rest will # # be used for checking if a user is banned in a channel. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # # # # # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Clones module: Adds an oper command /CLONES for detecting cloned # users. Warning: This command may be resource intensive when it is # issued, use with care. # This module is oper-only. # To use, CLONES must be in one of your oper class blocks. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Codepage module: Allows using a custom 8-bit codepage for nicknames # and case mapping. # # You should include one of the following files to set your codepage: # # # # # # You can also define a custom codepage. For details on how to do this # please refer to the docs site: # https://docs.inspircd.org/3/modules/codepage #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Common channels module: Adds user mode +c, which, when set, requires # that users must share a common channel with you to PRIVMSG or NOTICE # you. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Auto join on connect module: Allows you to force users to join one # or more channels automatically upon connecting to the server, or # join them in case they aren't on any channels after being online # for X seconds. # #-#-#-#-#-#-#-#-#-#-#-#- CONNJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # If you have the conn_join module loaded, you can configure it below # or set autojoin="#chat,#help" in blocks. # # Join users immediately after connection to #one #two and #three. # # Join users to #chat after 15 seconds if they aren't on any channels. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Set modes on connect module: When this module is loaded # blocks may have an optional modes="" value, which contains modes to # add or remove from users when they connect to the server. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Wait for PONG on connect module: Send a PING to all connecting users # and don't let them connect until they reply with a PONG. # This is useful to stop certain kinds of bots and proxies. # # #-#-#-#-#-#-#-#-#-#-#- WAITPONG CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # # If you have the conn_waitpong module loaded, configure it with the # # tag: # # # # sendsnotice - Whether to send a helpful notice to users on # # connect telling them how to connect, should # # their client not reply PONG automatically. # # # # killonbadreply - Whether to kill the user if they send the wrong # # PONG reply. # # # # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel cycle module: Adds the /CYCLE command which is a server-side # /HOP that bypasses restrictive modes. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Connectban: Provides IP connection throttling. Any IP range that # connects too many times (configurable) in an hour is Z-lined for a # (configurable) duration, and their count resets to 0. # # # ipv4cidr and ipv6cidr allow you to turn the comparison from # individual IP addresses (32 and 128 bits) into CIDR masks, to allow # for throttling over whole ISPs/blocks of IPs, which may be needed to # prevent attacks. # # This allows for 10 connections in an hour with a 10 minute ban if # that is exceeded. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Connection throttle module. # # #-#-#-#-#-#-#-#-#-#-#- CONNTHROTTLE CONFIGURATION -#-#-#-#-#-#-#-#-#-# # period, maxconns - Amount of connections per . # # timeout - Time to wait after the throttle was activated # before deactivating it. Be aware that the time # is seconds + timeout. # # quitmsg - The message that users get if they attempt to # connect while the throttle is active. # # bootwait - Amount of time in seconds to wait before enforcing # the throttling when the server just booted. # # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Custom prefixes: Allows for channel prefixes to be configured. # # name The name of the mode, must be unique from other modes. # letter The letter used for this mode. Required. # prefix The prefix used for nicks with this mode. Not required. # rank A numeric rank for this prefix, defining what permissions it gives. # The rank of voice, halfop and op is 10000, 20000, and 30000, # respectively. # ranktoset The numeric rank required to set this mode. Defaults to rank. # ranktounset The numeric rank required to unset this mode. Defaults to ranktoset. # depriv Can you remove the mode from yourself? Defaults to yes. # # You can also override the configuration of prefix modes added by both the core # and other modules by adding a customprefix tag with change="yes" specified. # # # # Do /RELOADMODULE customprefix after changing the settings of this module. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Custom title module: Adds the /TITLE command which allows for trusted # users to gain a custom whois line and an optional vhost can be # specified. # # #-#-#-#-#-#-#-#-#-#- CUSTOM TITLE CONFIGURATION -#-#-#-#-#-#-#-#-#-# # name - The username used to identify. # password - The password used to identify. # hash - The hash for the specific user's password (optional). # password_hash and a hashing module must be loaded # for this to work. # host - Allowed hostmask (optional). # title - Title shown in whois. # vhost - Displayed host (optional). # # #<title name="bar" password="foo" host="ident@test.org" title="Official Chat Helper" vhost="helper.test.org"> #<title name="foo" password="$2a$10$UYZ4OcO8NNTCCGyCdY9SK.2GHiqGgxZfHFPOPmWuxEVWVQTtoDC7C" hash="bcrypt" title="Official Chat Helper"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # DCCALLOW module: Adds the /DCCALLOW command. #<module name="dccallow"> # #-#-#-#-#-#-#-#-#-#-#- DCCALLOW CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # blockchat - Whether to block DCC CHAT as well as DCC SEND. # length - Default duration of entries in DCCALLOW list. # action - Default action to take if no action is # specified, can be 'block' or 'allow'. # maxentries - Max number of nicks to allow on a DCCALLOW list. # # File configuration: # pattern - The glob pattern to match against. # action - Action to take if a user attempts to send a file # that matches this pattern, can be 'block' or # 'allow'. # #<dccallow blockchat="yes" length="5m" action="block" maxentries="20"> #<banfile pattern="*.exe" action="block"> #<banfile pattern="*.txt" action="allow"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Deaf module: Adds support for user modes +d and +D: # d - deaf to channel messages and notices. # D - deaf to user messages and notices. # The +D user mode is not enabled by default to enable link compatibility # with 2.0 servers. <module name="deaf"> # #-#-#-#-#-#-#-#-#-#-#-#- DEAF CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # bypasschars - Characters that bypass deaf to a regular user. # bypasscharsuline - Characters that bypass deaf to a U-lined user (services). # Both of these take a list of characters that must match # the starting character of a message. # If 'bypasscharsuline' is empty, then 'bypasschars' will # match for both regular and U-lined users. # enableprivdeaf - Whether to enable user mode +D (privdeaf). # privdeafuline - Whether U-lined users bypass user mode +D (privdeaf). # <deaf bypasschars="" bypasscharsuline="!" enableprivdeaf="no" privdeafuline="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Delay join module: Adds the channel mode +D which delays all JOIN # messages from users until they speak. If they quit or part before # speaking, their quit or part message will not be shown to the channel # which helps cut down noise on large channels in a more friendly way # than the auditorium mode. Only channel ops may set the +D mode. <module name="delayjoin"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Delay message module: Adds the channel mode +d which disallows a user # from talking in the channel unless they've been joined for X seconds. # Settable using /MODE #chan +d 30 <module name="delaymsg"> # Set allownotice to no to disallow NOTICEs too. Defaults to yes. <delaymsg allownotice="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Deny channels module: Deny channels from being used by users. #<module name="denychans"> # #-#-#-#-#-#-#-#-#-#-#- DENYCHAN DEFINITIONS -#-#-#-#-#-#-#-#-#-#-#-# # # # If you have the denychans module loaded, you need to specify the # # channels to deny: # # # # name - The channel name to deny (glob masks are ok). # # allowopers - If operators are allowed to override the deny. # # reason - Reason given for the deny. # # redirect - Redirect the user to a different channel. # # # #<badchan name="#gods*" allowopers="yes" reason="Tortoises!"> # #<badchan name="#chan1" redirect="#chan2" reason="Chan1 is closed"> # # # # Redirects will not work if the target channel is set +L. # # # # Additionally, you may specify channels which are allowed, even if # # a badchan tag specifies it would be denied: # #<goodchan name="#funtimes"> # # Glob masks are accepted here also. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Disable module: Provides support for disabling commands and modes. # #<module name="disable"> # #-#-#-#-#-#-#-#-#-#-#-#- DISABLE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # If you have the disable module loaded then you need to specify the # # commands and modes that you want disabled. Users who have not fully # # connected yet are exempt from this module so you can e.g. disable # # the NICK command but still allow users to connect to the server. # # # # commands - A space-delimited list of commands that can not be used # # by users. You can exempt server operators from this with # # the servers/use-disabled-commands privilege. # # # # chanmodes - One or more channel modes that can not be added/removed # # by users. You can exempt server operators from this # # with the servers/use-disabled-modes privilege. # # # # usermodes - One or more user modes that can not be added/removed by # # users. You can exempt server operators from this with # # the servers/use-disabled-modes privilege. # # # # fakenonexistent - Whether to pretend that a disabled command/mode # # does not exist when executed/changed by a user. # # Defaults to no. # # # # notifyopers - Whether to send a notice to snomask `a` when a user # # is prevented from using a disabled command/mode. # # Defaults to no. # # # #<disabled commands="KICK TOPIC" # # chanmodes="kp" # # usermodes="iw" # # fakenonexistent="yes" # # notifyopers="no"> # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # DNS blacklist module: Provides support for looking up IPs on one or # # more blacklists. # #<module name="dnsbl"> # # # For configuration options please see the docs page for dnsbl at # # https://docs.inspircd.org/3/modules/dnsbl # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Exempt channel operators module: Provides support for allowing # # users of a specified channel status to be exempt from some channel # # restriction modes. Supported restrictions are: # # anticaps, auditorium-see, auditorium-vis, blockcaps, blockcolor, # # censor, filter, flood, nickflood, noctcp, nonick, nonotice, # # regmoderated, stripcolor, and topiclock. # # See <options:exemptchanops> in inspircd.conf.example for a more # # detailed list of the restriction modes that can be exempted. # # These are settable using: /MODE #chan +X <restriction>:<status> # #<module name="exemptchanops"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Filter module: Provides message filtering, similar to SPAMFILTER. # <module name="filter"> # # # This module depends upon a regex provider such as regex_pcre or # # regex_glob to function. You must specify which of these you want # # the filter module to use via the tag below. # # # # Valid engines are: # # # # glob - Glob patterns, provided via regex_glob. # # pcre - PCRE regexps, provided via regex_pcre, needs libpcre. # # tre - TRE regexps, provided via regex_tre, requires libtre. # # posix - POSIX regexps, provided via regex_posix, not available # # on Windows, no dependencies on other operating systems. # # stdlib - stdlib regexps, provided via regex_stdlib, see comment # # at the <module> tag for info on availability. # # # # If notifyuser is set to no, the user will not be notified when # # their message is blocked. # # # # If warnonselfmsg is set to yes when a user sends a message to # # themself that matches a filter the filter will be ignored and a # # warning will be sent to opers instead. This stops spambots which # # send their spam message to themselves first to check if it is being # # filtered by the server. # <filteropts engine="posix" notifyuser="no" warnonselfmsg="no"> # # # Your choice of regex engine must match on all servers network-wide. # # # # To learn more about the configuration of this module, read # # examples/filter.conf.example, which covers the various types of # # filters and shows how to add exemptions. # # # #-#-#-#-#-#-#-#-#-#-#- FILTER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # Optional - If you specify to use the filter module, then # # specify below the path to the filter.conf file, or define some # # <keyword> tags. # # # this is inside global.secrets now. #<include file="/etc/inspircd/global.filter.conf"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Flash Policy Daemon module: Allows Flash IRC clients (e.g. LightIRC)# # to connect. If no file is specified, it'll serve a default policy # # allowing all IPs to connect to all plaintext IRC ports # #<bind address="" port="8430" type="flashpolicyd"> # #<flashpolicyd timeout="5" file=""> # #<module name="flashpolicyd"> # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Real name ban: Implements two extended bans: # # 'a', which matches a n!u@h+realname mask like +b a:*!*@host+*real* # # 'r', which matches a realname mask like +b r:*realname?here* # #<module name="gecosban"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Geolocation ban module: Adds support for extban 'G' which matches # # against the ISO 3166-1 alpha-2 codes for the countries that users # # are connecting from. Users connecting from unknown origins such as # # internal networks can be matched against using the XX alpha-2 code. # # A full list of ISO 3166-1 alpha-2 codes can be found at # # https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 # #<module name="geoban"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Geolocation connect class module: Adds support for limiting connect # # classes to users from specific countries. With this module you can # # specify a space-delimited list of two character the ISO 3166-1 # # alpha-2 codes in the "country" field of a connect class. e.g. to # # deny connections from users in Russia or Turkey: # # # # <connect deny="*" country="TR RU"> # # # # Users connecting from unknown origins such as internal networks can # # be matched against using the XX alpha-2 code. A full list of ISO # # 3166-1 alpha-2 codes can be found at # # https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 # #<module name="geoclass"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # MaxMindDB geolocation module: Provides geolocation information for # # other modules that need it using the libMaxMindDB library. # # # # This module is in extras. Re-run configure with: # # ./configure --enable-extras geo_maxmind # and run make install, then uncomment this module to enable it. # # # # This module requires libMaxMindDB to be installed on your system. # # Use your package manager to find the appropriate packages or check # # the InspIRCd documentation page for this module. # #<module name="geo_maxmind"> # # # If you use the geo_maxmind module you MUST provide a database file # # to look up geolocation information in. You can either purchase this # # from MaxMind at https://www.maxmind.com/en/geoip2-country-database # # or use the free CC-BY-SA licensed GeoLite2 Country database which # # can be downloaded at https://dev.maxmind.com/geoip/geoip2/geolite2/ # #<maxmind file="GeoLite2-Country.mmdb"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Globops module: Provides the /GLOBOPS command and snomask +g. # This module is oper-only. # To use, GLOBOPS must be in one of your oper class blocks. <module name="globops"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Global load module: Allows loading and unloading of modules network- # wide (USE WITH EXTREME CAUTION!) # This module is oper-only and provides /GLOADMODULE, /GUNLOADMODULE # and /GRELOADMODULE. # To use, GLOADMODULE, GUNLOADMODULE and GRELOADMODULE # must be in one of your oper class blocks. #<module name="globalload"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # HAProxy module: Adds support for the HAProxy PROXY v2 protocol. To # use this module specify hook="haproxy" in the <bind> tag that HAProxy # has been configured to connect to. #<module name="haproxy"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # HELPOP module: Provides the /HELPOP command <module name="helpop"> # #-#-#-#-#-#-#-#-#-#-#-#- HELPOP CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # # If you specify to use the helpop module, then specify below the # # path to the helpop.conf file. # # # <include file="/etc/inspircd/global.helpop.conf"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Hide chans module: Allows users to hide their channels list from non- # opers by setting user mode +I on themselves. <module name="hidechans"> # # This mode can optionally prevent opers from seeing channels on a +I # user, for more privacy if set to true. # This setting is not recommended for most mainstream networks. <hidechans affectsopers="false"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Hide list module: Allows for hiding the list of listmodes from users # who do not have sufficient channel rank. <module name="hidelist"> # # Each <hidelist> tag configures one listmode to hide. # mode: Name of the listmode to hide. # rank: Minimum rank required to view the list. If set to 0, all # members of the channel may view the list, but non-members may not. # The rank of the built-in op and voice mode is 30000 and 10000, # respectively; the rank of other prefix modes is configurable. # Defaults to 20000. # # Hiding the ban list is not recommended because it may break some # clients. # # Hide filter (+g) list: <hidelist mode="filter" rank="30000"> # Only show invite exceptions (+I) to channel members: <hidelist mode="invex" rank="0"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Hide mode module: Allows for hiding mode changes from users who do not # have sufficient channel privileges. <module name="hidemode"> # # Hide bans (+b) from people who are not voiced: <hidemode mode="ban" rank="10000"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Hide oper module: Allows opers to hide their oper status from non- # opers by setting user mode +H on themselves. # This module is oper-only. <module name="hideoper"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Hostchange module: Allows a different style of cloaking. #<module name="hostchange"> # #-#-#-#-#-#-#-#-#-#-#- HOSTCHANGE CONFIGURATION -#-#-#-#-#-#-#-#-#-# # # # See https://docs.inspircd.org/3/modules/hostchange for help. # # # #<hostchange mask="*@42.theanswer.example.org" action="addaccount" suffix=".users.example.com"> #<hostchange mask="*root@*" action="addnick" prefix="example/users/"> #<hostchange mask="a@example.com" action="set" value="foo.bar.baz"> #<hostchange mask="*@localhost" ports="7000,7001,7005-7007" action="set" value="blahblah.foo"> # hostcycle: If loaded, when a user gets a host or ident set, it will # cycle them in all their channels. If not loaded it will simply change # their host/ident without cycling them. # This module is compatible with the ircv3_chghost module. Clients # supporting the chghost extension will get the chghost message instead # of seeing a host cycle. #<module name="hostcycle"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # httpd module: Provides HTTP server support for InspIRCd. #<module name="httpd"> # #-#-#-#-#-#-#-#-#-#-#-#- HTTPD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # If you choose to use the httpd module, then you will need to add # a <bind> tag with type "httpd", and load at least one of the other # httpd_* modules to provide pages to display. # <bind address="127.0.0.1" port="8067" type="httpd"> # <bind address="127.0.0.1" port="8097" type="httpd" ssl="gnutls"> # # You can adjust the timeout for HTTP connections below. All HTTP # connections will be closed after (roughly) this time period. #<httpd timeout="20"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # HTTP ACL module: Provides access control lists for httpd dependent # modules. Use this module to restrict pages by IP address and by # password. #<module name="httpd_acl"> # #-#-#-#-#-#-#-#-#-#-#-#- HTTPD ACL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # Restrict access to the httpd_stats module to all but the local # network and when the correct password is specified: # <httpdacl path="/stats*" types="password,whitelist" # username="secrets" password="mypasshere" whitelist="127.0.0.*,10.*"> # # Deny all connections to all but the main index page: # <httpdacl path="/*" types="blacklist" blacklist="*"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # HTTP config module: Allows the server configuration to be viewed over # HTTP via the /config path. Requires the httpd module to be loaded for # it to function. # # IMPORTANT: This module exposes extremely sensitive information about # your server and users so you *MUST* protect it using a local-only # <bind> tag and/or the httpd_acl module. See above for details. #<module name="httpd_config"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # HTTP stats module: Provides server statistics over HTTP via the /stats # path. Requires the httpd module to be loaded for it to function. # # IMPORTANT: This module exposes extremely sensitive information about # your server and users so you *MUST* protect it using a local-only # <bind> tag and/or the httpd_acl module. See above for details. #<module name="httpd_stats"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Ident: Provides RFC 1413 ident lookup support. # When this module is loaded <connect:allow> tags may have an optional # useident="yes|no" boolean value, determining whether or not to lookup # ident on users matching that connect tag. #<module name="ident"> # #-#-#-#-#-#-#-#-#-#-#-#- IDENT CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # # Optional - If you are using the ident module, then you can specify # # the timeout for ident lookups here. If not defined, it will default # # to 5 seconds. This is a non-blocking timeout which holds the user # # in a 'connecting' state until the lookup is complete. # # prefixunqueried: If on, the idents of users being in a connect class# # with ident lookups disabled (i.e. <connect useident="off">) will be # # prefixed with a "~". If off, the ident of those users will not be # # prefixed. Default is off. # # #<ident timeout="5" prefixunqueried="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Invite exception module: Adds support for channel invite exceptions # (+I). #<module name="inviteexception"> # bypasskey: If this is enabled, exceptions will bypass +k as well as +i <inviteexception bypasskey="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 module: Provides the following IRCv3 extensions: # extended-join, away-notify and account-notify. These are optional # enhancements to the client-to-server protocol. An extension is only # active for a client when the client specifically requests it, so this # module needs the cap module to work. # # Further information on these extensions can be found at the IRCv3 # working group website: # https://ircv3.net/irc/ # <module name="ircv3"> # The following block can be used to control which extensions are # enabled. Note that extended-join can be incompatible with delayjoin # and host cycling. <ircv3 accountnotify="on" awaynotify="on" extendedjoin="on"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 account-tag module. Adds the 'account' tag which contains the # services account name of the message sender. <module name="ircv3_accounttag"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 batch module: Provides the batch IRCv3 extension which allows # the server to inform a client that a group of messages are related to # each other. <module name="ircv3_batch"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 cap-notify module: Provides the cap-notify IRCv3 extension. # Required for IRCv3 conformance. <module name="ircv3_capnotify"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 chghost module: Provides the chghost IRCv3 extension which # allows capable clients to learn when the host/ident of another user # changes without cycling the user. This module is compatible with the # hostcycle module. If both are loaded, clients supporting the chghost # extension will get the chghost message and won't see host cycling. <module name="ircv3_chghost"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 client-to-client tags module: Provides the message-tags IRCv3 # extension which allows clients to add extra data to their messages. # This is used to support new IRCv3 features such as replies and ids. <module name="ircv3_ctctags"> # # If you want to only allow client tags that are intended for processing # by the server you can disable the following setting. Doing this is not # recommended though as it may break clients. <ctctags allowclientonlytags="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 echo-message module: Provides the echo-message IRCv3 # extension which allows capable clients to get an acknowledgement when # their messages are delivered and learn what modifications, if any, # were applied to them. <module name="ircv3_echomessage"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 invite-notify module: Provides the invite-notify IRCv3 # extension which notifies supporting clients when a user invites # another user into a channel. This respects <options:announceinvites>. <module name="ircv3_invitenotify"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 labeled-response module: Provides the labeled-response IRCv3 # extension which allows server responses to be associated with the # client message which caused them to be sent. <module name="ircv3_labeledresponse"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 message id module: Provides the msgid IRCv3 extension which # adds a unique identifier to each message when the message-tags cap # has been requested. This enables support for modern features such as # reactions and replies. <module name="ircv3_msgid"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 server-time module. Adds the 'time' tag which adds a timestamp # to all messages received from the server. <module name="ircv3_servertime"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # IRCv3 Strict Transport Security module: Provides the sts IRCv3 # extension which allows clients connecting insecurely to upgrade their # connections to TLS. #<module name="ircv3_sts"> # # If using the ircv3_sts module you MUST define a STS policy to send # to clients using the <sts> tag. This tag takes the following # attributes: # # host - A glob match for the SNI hostname to apply this policy to. # duration - The amount of time that the policy lasts for. Defaults to # five minutes by default. You should raise this to a month # or two once you know that your config is valid. # port - The port on which TLS connections to the server are being # accepted. You MUST have a CA-verified certificate on this # port. Self signed certificates are not acceptable. # preload - Whether client developers can include your certificate in # preload lists. # # <sts host="*.example.com" duration="5m" port="6697" preload="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Join flood module: Adds support for join flood protection +j X:Y. # Closes the channel for N seconds if X users join in Y seconds. <module name="joinflood"> # # duration: The number of seconds to close a channel for when it is # being flooded with joins. # # bootwait: The number of seconds to disengage joinflood for after # a server boots. This allows users to reconnect without # being throttled by joinflood. # # splitwait: The number of seconds to disengage joinflood for after # a server splits. This allows users to reconnect without # being throttled by joinflood. # <joinflood duration="1m" bootwait="30s" splitwait="30s"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Anti auto rejoin: Adds support for prevention of auto-rejoin (+J). <module name="kicknorejoin"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Knock module: Adds the /KNOCK command and channel mode +K. <module name="knock"> # # This setting specifies what to do when someone successfully /KNOCKs. # If set to "notice", then a NOTICE will be sent to the channel. # This is the default and the compatible setting, as it requires no # special support from the clients. # If set to "numeric" then a 710 numeric will be sent to the channel. # This allows easier scripting but not all clients support it. # If set to "both" then (surprise!) both will be sent. <knock notify="notice"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # LDAP module: Allows other SQL modules to access a LDAP database # through a unified API. # This modules is in extras. Re-run configure with: # ./configure --enable-extras ldap # and run make install, then uncomment this module to enable it. # #<module name="ldap"> #<database module="ldap" id="ldapdb" server="ldap://localhost" binddn="cn=Manager,dc=inspircd,dc=org" bindauth="mysecretpass" searchscope="subtree"> # The server parameter indicates the LDAP server to connect to. The # # ldap:// style scheme before the hostname proper is MANDATORY. # # # # The binddn and bindauth indicate the DN to bind to for searching, # # and the password for the distinguished name. Some LDAP servers will # # allow anonymous searching in which case these two values do not # # need defining, otherwise they should be set similar to the examples # # above. # # # # The searchscope value indicates the subtree to search under. On our # # test system this is 'subtree'. Your mileage may vary. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # LDAP authentication module: Adds the ability to authenticate users # # via LDAP. # #<module name="ldapauth"> # # # Configuration: # # # # <ldapauth dbid="ldapdb" # # baserdn="ou=People,dc=brainbox,dc=cc" # # attribute="uid" # # allowpattern="Guest* Bot*" # # killreason="Access denied" # # verbose="yes" # # host="$uid.$ou.inspircd.org" # # useusername="no"> # # # # <ldapwhitelist cidr="10.42.0.0/16"> # # # # <ldaprequire attribute="attr" value="val"> # # # # The baserdn indicates the base DN to search in for users. Usually # # this is 'ou=People,dc=yourdomain,dc=yourtld'. # # # # The attribute value indicates the attribute which is used to locate # # a user account by name. On POSIX systems this is usually 'uid'. # # # # The allowpattern value allows you to specify a space separated list # # of wildcard masks which will always be allowed to connect # # regardless of if they have an account, for example guest and bot # # users. # # # # The useusername setting chooses whether the user's username or # # nickname is used when locating a user account, if a username isn't # # provided in PASS. # # # # Killreason indicates the QUIT reason to give to users if they fail # # to authenticate. # # # # Setting the verbose value causes an oper notice to be sent out for # # every failed authentication to the server, with an error string. # # # # ldapwhitelist indicates that clients connecting from an IP in the # # provided CIDR do not need to authenticate against LDAP. It can be # # repeated to whitelist multiple CIDRs. # # # # ldaprequire allows further filtering on the LDAP user, by requiring # # certain LDAP attributes to have a given value. It can be repeated, # # in which case the list will act as an OR list, that is, the # # authentication will succeed if any of the requirements in the list # # is satisfied. # # # # host allows you to change the displayed host of users connecting # # from ldap. The string supplied takes formatters which are replaced # # from the DN. For instance, if your DN looks like: # # uid=w00t,ou=people,dc=inspircd,dc=org, then the formatters uid, ou # # and dc will be available to you. If a key is given multiple times # # in the DN, the last appearance will take precedence. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # LDAP oper configuration module: Adds the ability to authenticate # # opers via LDAP. # #<module name="ldapoper"> # # # Configuration: # # # # <ldapoper dbid="ldapdb" # baserdn="ou=People,dc=brainbox,dc=cc" # attribute="uid"> # # # Available configuration items are identical to the same items in # # ldapauth above (except for the verbose setting, that is only # # supported in ldapauth). # # Please always specify a password in your <oper> tags even if the # # opers are to be authenticated via LDAP, so in case this module is # # not loaded the oper accounts are still protected by a password. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Lock server module: Adds /LOCKSERV and /UNLOCKSERV commands that # # are used to temporarily close/open the server for new connections. # # These commands require that the /LOCKSERV and /UNLOCKSERV commands # # are specified in a <class> tag that the oper is part of. This is so # # you can control who has access to this possible dangerous command. # # If your server is locked and you get disconnected, do a REHASH from # # shell to open up again. # # This module is oper-only. #<module name="lockserv"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Map hiding module: replaces /MAP and /LINKS output to users with a # # message to see a website, set by maphide="https://test.org/map" in # # the <security> tag, instead. # #<module name="maphide"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Message flood module: Adds message/notice flood protection via # channel mode +f. <module name="messageflood"> # # The weight to give each message type. TAGMSGs are considered to be # 1/5 of a NOTICE or PRIVMSG to avoid users being accidentally flooded # out of a channel by automatic client features such as typing # notifications. <messageflood notice="1.0" privmsg="1.0" tagmsg="0.2"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # MLOCK module: Adds support for server-side enforcement of services # side MLOCKs. Basically, this module suppresses any mode change that # would likely be immediately bounced by services. <module name="mlock"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Modenotice module: Adds the /MODENOTICE command that allows opers to # send notices to all users having the given user mode(s) set. <module name="modenotice"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Monitor module: Adds support for MONITOR which is used by clients to # maintain notify lists. <module name="monitor"> # # Set the maximum number of entries on a user's monitor list below. <monitor maxentries="64"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # MySQL module: Allows other SQL modules to access MySQL databases # through a unified API. # This module is in extras. Re-run configure with: # ./configure --enable-extras mysql # and run make install, then uncomment this module to enable it. #<module name="mysql"> # #-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # # mysql is more complex than described here, see the docs for more # # info: https://docs.inspircd.org/3/modules/mysql # # #<database module="mysql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database2"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Named modes module: Allows for the display and set/unset of channel # modes via long-form mode names via +Z and the /PROP command. # For example, to set a ban, do /MODE #channel +Z ban=foo!bar@baz or # /PROP #channel ban=foo!bar@baz <module name="namedmodes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # NAMESX module: Provides support for the NAMESX extension which allows # clients to see all the prefixes set on a user without getting confused. # This is supported by mIRC, x-chat, klient, and maybe more. <module name="namesx"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # National characters module: # 1) Allows using national characters in nicknames. # 2) Allows using custom (national) casemapping over the network. # # This module is incredibly poorly written and documented. You should # probably use the codepage module instead for 8-bit codepages. <module name="nationalchars"> # # file - Location of the file which contains casemapping rules. If this # is a relative path then it is relative to "<PWD>/../locales" # on UNIX and "<PWD>/locales" on Windows. # casemapping - The name of the casemapping sent to clients in the 005 # numeric. If this is not set then it defaults to the name # of the casemapping file unless the file name contains a # space in which case you will have to specify it manually. <nationalchars file="/etc/inspircd/global.cjk-utf8" casemapping="utf8"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Nickchange flood protection module: Provides channel mode +F X:Y # which allows up to X nick changes in Y seconds. <module name="nickflood"> # # The number of seconds to prevent nick changes for: <nickflood duration="1m"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Nicklock module: Let opers change a user's nick and then stop that # user from changing their nick again until unlocked. # This module is oper-only. # To use, NICKLOCK and NICKUNLOCK must be in one of your oper class blocks. <module name="nicklock"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No CTCP module: Adds the channel mode +C and user mode +T to block # CTCPs and extban 'C' to block CTCPs sent by specific users. <module name="noctcp"> # # The +T user mode is not enabled by default to enable link compatibility # with 2.0 servers. You can enable it by uncommenting this: <noctcp enableumode="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No kicks module: Adds the +Q channel mode and the Q: extban to deny # certain users from kicking. <module name="nokicks"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No nicks module: Adds the +N channel mode, as well as the 'N' extban. # +N stops all users from changing their nick, the N extban stops # anyone from matching a +b N:nick!user@host mask from changing their # nick. <module name="nonicks"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No part message module: Adds extban 'p' to block part messages from # # matching users. # <module name="nopartmsg"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No notice module: Adds the channel mode +T and the extban 'T' to # block specific users from noticing the channel. <module name="nonotice"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Network business join module: # Allows an oper to join a channel using /OJOIN, giving them +Y on the # channel which makes them immune to kicks. <module name="ojoin"> # # Specify the prefix that +Y will grant here. # Leave 'prefix' empty if you do not wish +Y to grant a prefix. # If 'notice' is set to on, upon /OJOIN, the server will notice the # channel saying that the oper is joining on network business. # If 'op' is set to on, it will give them +o along with +Y. <ojoin prefix="!" notice="yes" op="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper channels mode: Adds the +O channel mode and extban O:<mask> # to ban, except, etc. specific oper types. For example # /MODE #channel +iI O:* is equivalent to channel mode +O, but you # may also set +iI O:AdminTypeOnly to only allow admins. # Modes +I and +e work in a similar fashion. #<module name="operchans"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper join module: Auto-joins opers to a channel upon oper-up. # This module is oper-only. For the user equivalent, see the conn_join # module. #<module name="operjoin"> # #-#-#-#-#-#-#-#-#-#-# OPERJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # # If you are using the operjoin module, specify options here: # # # # channel - The channel name to join, can also be a comma # # separated list e.g. "#channel1,#channel2". # # # # override - If on, lets the oper join walking thru any modes # # that might be set, even bans. # # # #<operjoin channel="#channel" override="no"> # # Alternatively you can use the autojoin="channellist" in a <type> # # tag to set specific autojoins for a type of oper, for example: # # #<type name="Helper" autojoin="#help" classes="..."> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper log module: Logs all oper commands to the server log (with log # type "m_operlog" at default loglevel), and optionally to the 'r' # snomask. # This module is oper-only. <module name="operlog"> # # If the following option is on then all oper commands will be sent to # the snomask 'r'. The default is off. <operlog tosnomask="off"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper prefixing module: Adds a channel prefix mode +y which is given # to all server operators automatically on all channels they are in. # This prefix mode is more powerful than channel op and other regular # prefix modes. # # Load this module if you want all your server operators to have # channel operator powers. #<module name="operprefix"> # # You may additionally customise the prefix character. #<operprefix prefix="!"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper MOTD module: Provides support for a separate message of the day # on oper-up. # This module is oper-only. <module name="opermotd"> # #-#-#-#-#-#-#-#-#-#-# OPERMOTD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # # If you are using the opermotd module, specify the motd file here. # # # # onoper - If on, the message is sent on /OPER, otherwise it's # # only sent when /OPERMOTD is used. # # # <opermotd file="/etc/inspircd/global.opermotd.txt" onoper="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Override module: Adds support for oper override. # This module is oper-only. #<module name="override"> # #-#-#-#-#-#-#-#-#-#-# OVERRIDE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # # Much of override's configuration relates to your oper blocks. # # For more information on how to allow opers to override, see: # # https://docs.inspircd.org/3/modules/override # # # # noisy - If enabled, all oper overrides will be announced # # via channel notice. # # # # requirekey - If enabled, overriding on join requires a channel # # key of "override" to be specified. # # # # enableumode - If enabled, user mode +O is required for override. # # # #<override noisy="yes" requirekey="no" enableumode="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper levels module: Gives each oper a level and prevents actions # being taken by lower level opers against higher level opers. # Specify the level as the 'level' parameter of the <type> tag. # This module is oper-only. #<module name="operlevels"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper modes module: Allows you to specify modes to add/remove on oper. # Specify the modes as the 'modes' parameter of the <type> tag # and/or as the 'modes' parameter of the <oper> tag. # This module is oper-only. For the user equivalent, see the # conn_umodes module. <module name="opermodes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Password forwarding module: Forwards a password users can send on # connect to the specified client below. The client is usually NickServ # and this module is usually used to authenticate users with NickServ # using their connect password. <module name="passforward"> <passforward # nick: nick to forward connect passwords to. nick="NickServ" # forwardmsg: Message to send to users using a connect password. # $nick will be the users' nick, $nickrequired will be the nick # of where the password is going (the nick above). # You can also use $user for the user ident string. forwardmsg="NOTICE $nick :*** Forwarding PASS to $nickrequired" # cmd: Command for the user to run when it receives a connect # password. cmd="SQUERY $nickrequired :IDENTIFY $pass"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Password hash module: Allows hashed passwords to be used. # To be useful, a hashing module like bcrypt also needs to be loaded. <module name="password_hash"> # #-#-#-#-#-#-#-#-#-# PASSWORD HASH CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-# # # To use this module, you must define a hash type for each oper's # password you want to hash. For example: # # <oper name="Brain" # host="ident@dialup15.isp.test.com" # hash="bcrypt" # password="$2a$10$Mss9AtHHslZTLBrXqM0FB.JBwD.UTSu8A48SfrY9exrpxbsRiRTbO" # type="NetAdmin"> # # If you are using a hash algorithm which does not perform salting you can use # HMAC to salt your passwords in order to prevent them from being looked up in # a rainbow table. # # hash="hmac-sha256" password="lkS1Nbtp$CyLd/WPQXizsbxFUTqFRoMvaC+zhOULEeZaQkUJj+Gg" # # Generate hashes using the /MKPASSWD command on the server. # Don't run it on a server you don't trust with your password. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # PBKDF2 module: Allows other modules to generate PBKDF2 hashes, # usually for cryptographic uses and security. # This module relies on other hash providers (e.g. SHA256). <module name="pbkdf2"> # # iterations: Iterations the hashing function runs when generating new # hashes. # length: Length in bytes of the derived key. <pbkdf2 iterations="12288" length="32"> # You can override these values with specific values # for specific providers if you want to. Example given for SHA256. <pbkdf2prov hash="sha256" iterations="24576"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Permanent channels module: Channels with the permanent channel mode # will remain open even after everyone else has left the channel, and # therefore keep things like modes, ban lists and topic. Permanent # channels -may- need support from your Services package to function # properly with them. This adds channel mode +P. # This module is oper-only. #<module name="permchannels"> # # If you like, this module can write a config file of permanent channels # whenever +P is set, unset, or the topic/modes on a +P channel is changed. # If you want to do this, set the filename below, and uncomment the include. # # If 'listmodes' is true then all list modes (+b, +I, +e, +g...) will be # saved. Defaults to false. # # 'saveperiod' determines how often to check if the database needs to be # saved to disk. Defaults to every five seconds. #<permchanneldb filename="permchannels.conf" # listmodes="yes" # saveperiod="5s"> #<include file="permchannels.conf"> # # You may also create channels on startup by using the <permchannels> block. #<permchannels channel="#opers" modes="isP" topic="Opers only."> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # PostgreSQL module: Allows other SQL modules to access PgSQL databases # through a unified API. # This module is in extras. Re-run configure with: # ./configure --enable-extras pgsql # and run make install, then uncomment this module to enable it. #<module name="pgsql"> # #-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # # pgsql is more complex than described here, see the docs for # # more: https://docs.inspircd.org/3/modules/pgsql # # #<database module="pgsql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database" ssl="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Muteban: Implements extended ban 'm', which stops anyone matching # a mask like +b m:nick!user@host from speaking on channel. #<module name="muteban"> # # If notifyuser is set to no, the user will not be notified when # their message is blocked. #<muteban notifyuser="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Random quote module: Provides a random quote on connect. # NOTE: Some of these may mimic fatal errors and confuse users and # opers alike - BEWARE! #<module name="randquote"> # #-#-#-#-#-#-#-#-#-#- RANDOMQUOTES CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # # Optional - If you specify to use the randquote module, then specify # # below the path to the quotes file. # # # #<randquote file="quotes.txt"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Redirect module: Adds channel mode +L which redirects users to # # another channel when the channel has reached its user limit and # # user mode +L which stops redirection. # #<module name="redirect"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for glob or wildcard (?/*) matching. # You must have at least 1 provider loaded to use the filter or R-line # modules. This module has no additional requirements, as it uses the # matching already present in InspIRCd core. <module name="regex_glob"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for PCRE (Perl-Compatible Regular # Expressions). You need libpcre installed to compile and load this # module. You must have at least 1 provider loaded to use the filter or # R-line modules. #<module name="regex_pcre"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular Expression Provider for RE2 Regular Expressions. # You need libre2 installed and in your include/library paths in order # to compile and load this module. #<module name="regex_re2"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for POSIX regular expressions. # You shouldn't need any additional libraries on a POSIX-compatible # system (i.e.: any Linux, BSD, but not Windows). You must have at # least 1 provider loaded to use the filter or R-line modules. # On POSIX-compliant systems, regex syntax can be found by using the # command: 'man 7 regex'. <module name="regex_posix"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for C++11 std::regex regular expressions. # This module works on any fully compliant implementation of the C++11 # std::regex container. Examples for such are Visual C++ 2010 and newer # but not libstdc++ (which GCC uses). # You should verify that std::regex is supported by your setup before # using this module, as it may compile normally but won't do anything # on some implementations. #<module name="regex_stdlib"> # # Specify the regular expression engine to use here. Valid settings are # bre, ere, awk, grep, egrep, ecmascript (default if not specified). #<stdregex type="ecmascript"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for TRE regular expressions. # This is the same regular expression engine used by UnrealIRCd, so # if you are most familiar with the syntax of /SPAMFILTER from there, # this is the provider you want. You need libtre installed in order # to compile and load this module. #<module name="regex_tre"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Remove module: Adds the /REMOVE command which is a peaceful # alternative to /KICK. It also provides the /FPART command which works # in the same way as /REMOVE. <module name="remove"> # # supportnokicks: If true, /REMOVE is not allowed on channels where the # nokicks (+Q) mode is set. Defaults to false. # protectedrank: Members having this rank or above may not be /REMOVE'd # by anyone. Set to 0 to disable this feature. Defaults to 50000. <remove supportnokicks="yes" protectedrank="50000"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Repeat module: Allows to block, kick or ban upon similar messages # being uttered several times. Provides channel mode +E. # # Syntax: [~|*]<lines>:<sec>[:<difference>][:<backlog>] # ~ is to block, * is to ban, default is kick. # lines - In mode 1, the amount of lines that has to match consecutively. # In mode 2, the size of the backlog to keep for matching. # seconds - How old the message has to be before it's invalidated. # difference - Edit distance, in percent, between two strings to trigger on. # backlog - When set, the function goes into mode 2. In this mode the # function will trigger if this many of the last <lines> matches. # # As this module can be rather CPU-intensive, it comes with some options. # maxbacklog - Maximum size that can be specified for backlog. 0 disables # multiline matching. # maxdistance - Max percentage of difference between two lines we'll allow # to match. Set to 0 to disable edit-distance matching. # maxlines - Max lines of backlog to match against. # maxtime - Maximum period of time a user can set. 0 to allow any. # size - Maximum number of characters to check for, can be used to # truncate messages before they are checked, resulting in # less CPU usage. Increasing this beyond 512 doesn't have # any effect, as the maximum length of a message on IRC # cannot exceed that. #<repeat maxbacklog="20" maxdistance="50" maxlines="20" maxtime="0" size="512"> #<module name="repeat"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Restricted channels module: Allows only opers with the # channels/restricted-create priv and/or registered users to # create channels. # # You probably *DO NOT* want to load this module on a public network. # #<module name="restrictchans"> # # allowregistered: should registered users be allowed to bypass the restrictions? #<restrictchans allowregistered="no"> # # Allow any channel matching #user-* to be created, bypassing restrictchans checks #<allowchannel name="#user-*"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Restrict message module: Allows users to only message opers. # # You probably *DO NOT* want to load this module on a public network. # #<module name="restrictmsg"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # R-line module: Ban users through regular expression patterns. <module name="rline"> # #-#-#-#-#-#-#-#-#-#-#-#- RLINE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # If you wish to re-check a user when they change nickname (can be # useful under some situations, but *can* also use CPU with more users # on a server) then set 'matchonnickchange' to yes. # If you additionally want Z-lines to be added on matches, then # set 'zlineonmatch' to yes. # Also, this is where you set what Regular Expression engine is to be # used. If you ever change it while running, all of your R-lines will # be wiped. This is the regex engine used by all R-lines set, and # regex_<engine> must be loaded, or rline will be non-functional # until you load it or change the engine to one that is loaded. # <rline matchonnickchange="yes" zlineonmatch="no" engine="posix"> # # Generally, you will NOT want to use 'glob' here, as this turns an # R-line into just another G-line. The exceptions are that R-lines will # always use the full "nick!user@host realname" string, rather than only # user@host, but beware that only the ? and * wildcards are available, # and are the only way to specify where the space can occur if you do # use glob. For this reason, is recommended to use a real regex engine # so that at least \s or [[:space:]] is available. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # RMODE module: Adds the /RMODE command. # Allows channel operators to remove list modes en masse, optionally # matching a glob-based pattern. # Syntax: /RMODE <channel> <mode> [<pattern>] # E.g. '/RMODE #channel b m:*' will remove all mute extbans on the channel. <module name="rmode"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAJOIN module: Adds the /SAJOIN command which forcibly joins a user # to the given channel. # This module is oper-only. # To use, SAJOIN must be in one of your oper class blocks. # Opers need the users/sajoin-others priv to be able to /SAJOIN users # other than themselves. <module name="sajoin"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAKICK module: Adds the /SAKICK command which kicks a user from the # given channel. # This module is oper-only. # To use, SAKICK must be in one of your oper class blocks. <module name="sakick"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAMODE module: Adds the /SAMODE command which allows server operators # to change modes on a channel without requiring them to have any # channel privileges. Also allows changing user modes for any user. # This module is oper-only. # To use, SAMODE must be in one of your oper class blocks. <module name="samode"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SANICK module: Adds the /SANICK command which allows opers to change # users' nicks. # This module is oper-only. # To use, SANICK must be in one of your oper class blocks. <module name="sanick"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAPART module: Adds the /SAPART command which forcibly parts a user # from a channel. # This module is oper-only. # To use, SAPART must be in one of your oper class blocks. <module name="sapart"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAQUIT module: Adds the /SAQUIT command which forcibly quits a user. # This module is oper-only. # To use, SAQUIT must be in one of your oper class blocks. <module name="saquit"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SATOPIC module: Adds the /SATOPIC command which allows changing the # topic on a channel without requiring any channel privileges. # This module is oper-only. # To use, SATOPIC must be in one of your oper class blocks. <module name="satopic"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SASL authentication module: Provides support for IRC Authentication # Layer via AUTHENTICATE. Note: You also need to have cap loaded # for SASL to work. <module name="sasl"> # You must define <sasl:target> to the name of your services server so # that InspIRCd knows where to send SASL authentication messages and # when it should enable the SASL capability. # You can also define <sasl:requiressl> to require users to use TLS (SSL) # in order to be able to use SASL. <sasl target="services.somenet.org" requiressl="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Secure list module: Prevent /LIST in the first minute of connection, # crippling most spambots and trojan spreader bots. #<module name="securelist"> # #-#-#-#-#-#-#-#-#-# SECURELIST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # # Securelist can be harmful to some IRC search engines. To prevent # # securelist blocking these sites from listing, define exception tags # # as shown below: # #<securehost exception="*@*.netsplit.de"> #<securehost exception="*@*.ircdriven.com"> #<securehost exception="*@*.ircs.me"> # # # exemptregistered - Whether the waiting period applies to users who # # are logged in to a services account. # # Defaults to no. # # # # showmsg - Whether to tell users that they need to wait for a while # # before they can use the /LIST command. # # Defaults to no. # # # # waittime - The time period that a user must be connected for before # # they can use the /LIST command. # # Defaults to 1 minute. # # # #<securelist exemptregistered="yes" # showmsg="yes" # waittime="1m"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Servprotect module: Provides support for Austhex style +k / # UnrealIRCD +S services mode. <module name="servprotect"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # See nicks module: Adds snomask +n and +N which show local and remote # nick changes. # This module is oper-only. #<module name="seenicks"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Set idle module: Adds a command for opers to change their idle time. # This module is oper-only. # To use, SETIDLE must be in one of your oper class blocks. #<module name="setidle"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Services support module: Adds several user modes such as +R and +M. # This module implements the 'identified' state via account names, # and is similar in operation to the way asuka and ircu handle services. # # At the same time, this offers +r for users and channels to mark them # as identified separately from the idea of a master account, which # can be useful for services which are heavily nick-as-account centric. # # Also of note is that this module implements two extbans: # +b R: (stop matching account names from joining) # +b U:n!u@h (blocks matching unregistered users) # <module name="services_account"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Sethost module: Adds the /SETHOST command. # This module is oper-only. # To use, SETHOST must be in one of your oper class blocks. # See the chghost module for how to customise valid chars for hostnames. <module name="sethost"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Setident module: Adds the /SETIDENT command. # This module is oper-only. # To use, SETIDENT must be in one of your oper class blocks. <module name="setident"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SETNAME module: Adds the /SETNAME command. <module name="setname"> # #-#-#-#-#-#-#-#-#-#-#-#- SETNAME CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # operonly - Whether the SETNAME command should only be usable by # # server operators. Defaults to no. # # # # notifyopers - Whether to send a snotice to snomask `a` when a user # # changes their real name. Defaults to to yes if # # oper-only and no if usable by everyone. # # # #<setname notifyopers="yes" # operonly="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Serverban: Implements extended ban 's', which stops anyone connected # to a server matching a mask like +b s:server.mask.here from joining. # Wildcards are accepted. <module name="serverban"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SHA1 module: Allows other modules to generate SHA1 hashes. # Required by the WebSocket module. #<module name="sha1"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Showfile: Provides support for showing a text file to users when # # they enter a command. # # This module adds one command for each <showfile> tag that shows the # # given file to the user as a series of messages or numerics. # #<module name="showfile"> # # #-#-#-#-#-#-#-#-#-#-# SHOWFILE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # # name - The name of the command which displays this file. This is # # the only mandatory setting, all others are optional. # # file - The text file to be shown to the user. # # By default same as the command name. # # method - How should the file be shown? # # * numeric: Send contents using a numeric # # (similar to /MOTD; the default). # # * notice: Send contents as a series of notices. # # * msg: Send contents as a series of private messages. # # # # When using the method "numeric", the following extra settings are # # available: # # # # introtext - Introductory line, "Showing <name>" by default. # # intronumeric - Numeric used for the introductory line. # # numeric - Numeric used for sending the text itself. # # endtext - Ending line, "End of <name>" by default. # # endnumeric - Numeric used for the ending line. # # # #<showfile name="RULES" # file="rules.txt" # introtext="Server rules:" # endtext="End of server rules."> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Show whois module: Adds the +W user mode which allows opers to see # when they are /WHOIS'd. # This module is oper-only by default. <module name="showwhois"> # # If you wish, you may also let users set this mode. Only opers with the # users/auspex priv will see real hosts of people, though. <showwhois opersonly="no" # # You may also set whether or not users should receive whois notices, # should they be /WHOIS'd by an oper. showfromopers="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Shun module: Provides the /SHUN command, which stops a user from # executing all except configured commands. # This module is oper-only. # To use, SHUN must be in one of your oper class blocks. #<module name="shun"> # # Configuration: # # affectopers: Whether server operators are exempt from shuns. This # option is deprecated; you should instead give exempt # server operators the servers/ignore-shun privilege. # # allowtags: Whether to allow client tags to be attached to enabled # commands. # # cleanedcommands: The commands that, if enabled, should be cleaned # of any message content if a shunned user tries to # execute them. # # enabledcommands: The commands that a shunned user is allowed to # execute. # # notifyuser: Whether to notify shunned users that a command they tried # to execute has been blocked. # #<shun enabledcommands="ADMIN OPER PING PONG QUIT PART JOIN" # cleanedcommands="AWAY PART QUIT" # affectopers="no" # allowtags="no" # notifyuser="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SSL mode module: Adds support for TLS (SSL)-only channels via the '+z' # channel mode, TLS (SSL)-only private messages via the '+z' user mode and # the 'z:' extban which matches TLS (SSL) client certificate fingerprints. # # Does not do anything useful without a working TLS (SSL) module and the # sslinfo module (see below). <module name="sslmodes"> # # The +z user mode is not enabled by default to enable link compatibility # with 2.0 servers. You can enable it by uncommenting this: <sslmodes enableumode="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SSL rehash signal module: Allows the TLS (SSL) modules to be rehashed by # sending SIGUSR1 to a running InspIRCd process. # This module is in extras. Re-run configure with: # ./configure --enable-extras sslrehashsignal # and run make install, then uncomment this module to enable it. <module name="sslrehashsignal"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # GnuTLS SSL module: Adds support for TLS (SSL) connections using GnuTLS, # if enabled. You must answer 'yes' in ./configure when asked or # manually symlink the source for this module from the directory # src/modules/extra, if you want to enable this, or it will not load. <module name="ssl_gnutls"> <gnutls onrehash="yes"> # #-#-#-#-#-#-#-#-#-#-#- GNUTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # ssl_gnutls is too complex to describe here, see the docs: # # https://docs.inspircd.org/3/modules/ssl_gnutls # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SSL info module: Allows users to retrieve information about other # users' peer TLS (SSL) certificates and keys via the SSLINFO command. # This can be used by client scripts to validate users. For this to # work, one of ssl_gnutls, ssl_mbedtls or ssl_openssl must be loaded. # This module also adds the "<user> is using a secure connection" # and "<user> has TLS (SSL) client certificate fingerprint <fingerprint>" # WHOIS lines, the ability for opers to use TLS (SSL) cert fingerprints to # verify their identity and the ability to force opers to use TLS (SSL) # connections in order to oper up. It is highly recommended to load # this module if you use TLS (SSL) on your network. # For how to use the oper features, please see the first # example <oper> tag in opers.conf.example. # <module name="sslinfo"> # # If you want to prevent users from viewing TLS (SSL) certificate information # and fingerprints of other users, set operonly to yes. <sslinfo operonly="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # mbedTLS TLS (SSL) module: Adds support for TLS (SSL) connections using mbedTLS. #<module name="ssl_mbedtls"> # #-#-#-#-#-#-#-#-#-#-#- MBEDTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # ssl_mbedtls is too complex to describe here, see the docs: # # https://docs.inspircd.org/3/modules/ssl_mbedtls # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # OpenSSL TLS (SSL) module: Adds support for TLS (SSL) connections using OpenSSL, # if enabled. You must answer 'yes' in ./configure when asked or symlink # the source for this module from the directory src/modules/extra, if # you want to enable this, or it will not load. #<module name="ssl_openssl"> # #-#-#-#-#-#-#-#-#-#-#- OPENSSL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # ssl_openssl is too complex to describe here, see the docs: # # https://docs.inspircd.org/3/modules/ssl_openssl # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Strip color module: Adds channel mode +S that strips color codes and # all control codes except CTCP from all messages sent to the channel. <module name="stripcolor"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Silence module: Adds support for the /SILENCE command, which allows # users to have a server-side ignore list for their client. <module name="silence"> # # Set the maximum number of entries allowed on a user's silence list. <silence maxentries="64" # # Whether messages from U-lined servers will bypass silence masks. exemptuline="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SQLite3 module: Allows other SQL modules to access SQLite3 # # databases through a unified API. # # This module is in extras. Re-run configure with: # # ./configure --enable-extras sqlite3 # and run make install, then uncomment this module to enable it. # # #<module name="sqlite3"> # #-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # # sqlite is more complex than described here, see the docs for more # # info: https://docs.inspircd.org/3/modules/sqlite3 # # #<database module="sqlite" hostname="/full/path/to/database.db" id="anytext"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SQL authentication module: Allows IRCd connections to be tied into # a database table (for example a forum). # #<module name="sqlauth"> # #-#-#-#-#-#-#-#-#-#-#- SQLAUTH CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # sqlauth is too complex to describe here, see the docs: # # https://docs.inspircd.org/3/modules/sqlauth # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SQL oper module: Allows you to store oper credentials in an SQL # table. You can add additional table columns like you would config # tags in opers.conf. Opers in opers.conf will override opers from # this module. # #<module name="sqloper"> # #-#-#-#-#-#-#-#-#-#-#- SQLOPER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # dbid - Database ID to use (see SQL modules). # # # # See also: https://docs.inspircd.org/3/modules/sqloper # # # #<sqloper dbid="1"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # StartTLS module: Implements STARTTLS, which allows clients # # connected to non TLS (SSL) enabled ports to enable TLS (SSL), if # # a proper TLS (SSL) module is loaded (either ssl_gnutls, # # ssl_mbedtls or ssl_openssl). # <module name="starttls"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SVSHold module: Implements SVSHOLD. Like Q-lines, but can only be # # added/removed by Services. # <module name="svshold"> # SVSHOLD does not generate server notices by default, you can turn # notices on by uncommenting the next line. <svshold silent="false"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SWHOIS module: Allows you to add arbitrary lines to user WHOIS. # This module is oper-only. # To use, SWHOIS must be in one of your oper class blocks. <module name="swhois"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Timed bans module: Adds timed channel bans with the /TBAN command. <module name="timedbans"> # By default, it sends a notice to channel operators when timed ban is # set and when it is removed by server. <timedbans sendnotice="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Test line module: Adds the /TLINE command, used to test how many # users a /GLINE or /ZLINE etc. would match. # This module is oper-only. # To use, TLINE must be in one of your oper class blocks. <module name="tline"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Topiclock module: implements server-side topic locking to achieve deeper # integration with services packages. <module name="topiclock"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # UHNAMES support module: Adds support for the IRCX style UHNAMES # extension, which displays ident and hostname in the names list for # each user, saving clients from doing a WHO on the channel. # If a client does not support UHNAMES it will not enable it, this will # not break incompatible clients. <module name="uhnames"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Uninvite module: Adds the /UNINVITE command which lets users remove # pending invites from channels without waiting for the user to join. <module name="uninvite"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Userip module: Adds the /USERIP command. # Allows users to query their own IP, also allows opers to query the IP # of anyone else. <module name="userip"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Vhost module: Adds the VHOST command which allows for adding virtual # hosts which are accessible using a username and password in the config. #<module name="vhost"> # #-#-#-#-#-#-#-#-#-#-#- VHOST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # # user - Username for the vhost. # # # # pass - Password for the vhost. # # # # hash - The hash for the specific user (optional) # # password_hash and a hashing module must be loaded for # # this to work. # # # # host - Vhost to set. # # #<vhost user="some_username" pass="some_password" host="some.host.test.cc"> #<vhost user="foo" password="$2a$10$iTuYLT6BRhRlOgzfsW9oPe62etW.oXwSpyKw5rJit64SGZanLXghO" hash="bcrypt" host="some.other.host.example.com"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Watch module: Adds the WATCH command, which is used by clients to # maintain notify lists. <module name="watch"> # # Set the maximum number of entries on a user's watch list below. <watch maxwatch="32"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # WebSocket module: Adds HTML5 WebSocket support. # Specify hook="websocket" in a <bind> tag to make that port accept # WebSocket connections. Compatible with TLS (SSL). # Requires SHA-1 hash support available in the sha1 module. #<module name="websocket"> # # proxyranges: A space-delimited list of glob or CIDR matches to trust # the X-Real-IP or X-Forwarded-For headers from. If enabled # the server will use the IP address specified by those HTTP # headers. You should NOT enable this unless you are using # a HTTP proxy like nginx as it will allow IP spoofing. # sendastext: Whether to re-encode messages as UTF-8 before sending to # WebSocket clients. This is recommended as the WebSocket # protocol requires all text frames to be sent as UTF-8. # If you do not have this enabled messages will be sent as # binary frames instead. #<websocket proxyranges="192.0.2.0/24 198.51.100.*" # sendastext="yes"> # # If you use the websocket module you MUST specify one or more origins # which are allowed to connect to the server. You should set this as # strict as possible to prevent malicious webpages from connecting to # your server. # <wsorigin allow="https://*.example.com"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # X-line database: Stores all *-lines (G/Z/K/R/any added by other modules) # in a file which is re-loaded on restart. This is useful # for two reasons: it keeps bans so users may not evade them, and on # bigger networks, server connections will take less time as there will # be a lot less bans to apply - as most of them will already be there. <module name="xline_db"> # Specify the filename for the xline database and how often to check whether # the database needs to be saved here. <xlinedb filename="xline.db" saveperiod="15s"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # ____ _ _____ _ _ ____ _ _ _ # # | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | # # | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | # # | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| # # |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) # # # # To link servers to InspIRCd, you MUST load the spanningtree module. # # If you don't do this, server links will NOT work at all. # # This is by design, to allow for the implementation of other linking # # protocols in modules in the future. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Spanning tree module: Allows linking of servers using the spanning # tree protocol (see the READ THIS BIT section above). # You will almost always want to load this. # <module name="spanningtree">