forked from supernets/inspircd
add anope
This commit is contained in:
root
parent
9a8cc7765e
commit
cb3f82a66b
0
services/.gitignore → anope/.gitignore
vendored
0
services/.gitignore → anope/.gitignore
vendored
56
anope/Dockerfile
Normal file
56
anope/Dockerfile
Normal file
@ -0,0 +1,56 @@
|
||||
FROM ubuntu:latest
|
||||
|
||||
ARG BUILD_SERVER_NAME="services.lame-network.local"
|
||||
|
||||
RUN apt -y update
|
||||
|
||||
RUN apt -y install coreutils cmake perl git automake autoconf build-essential libpcre2-dev rapidjson-dev libcurl4-gnutls-dev libargon2-dev libmaxminddb-dev libldap2-dev rapidjson-dev libmysqlclient-dev libmysqlclient-dev default-libmysqlclient-dev libpq-dev libre2-dev gnutls-dev libsqlite3-dev libmbedtls-dev libqrencode-dev libpcre3-dev libtre-dev pkg-config libwww-perl libidn-dev libpasswdqc-dev libcrack2-dev libperl-dev libsodium-dev cracklib-runtime libcrypt-cracklib-perl sendmail
|
||||
|
||||
RUN groupadd anope
|
||||
|
||||
RUN useradd --system --shell /bin/bash anope -g anope
|
||||
|
||||
WORKDIR /tmp
|
||||
|
||||
RUN git clone https://github.com/anope/anope.git
|
||||
|
||||
WORKDIR /tmp/anope/modules
|
||||
|
||||
RUN ls -1 extra/*.cpp | xargs -i ln -s {}
|
||||
|
||||
WORKDIR /tmp/anope
|
||||
|
||||
RUN cmake -DINSTDIR:STRING=/usr/local -DRUNGROUP:STRING=anope -DDEFUMASK:STRING=007 -DCMAKE_BUILD_TYPE:STRING=RELEASE -B /tmp/anope/build /tmp/anope
|
||||
|
||||
WORKDIR /tmp/anope/build
|
||||
|
||||
RUN make -j$(nproc)
|
||||
|
||||
RUN make install
|
||||
|
||||
RUN mkdir -p /etc/anope -p /etc/ssl/anope -p /var/log/anope -p /var/lib/anope
|
||||
|
||||
ADD anope.conf /etc/anope
|
||||
|
||||
ADD include.default.conf /etc/anope/include.conf
|
||||
|
||||
RUN openssl genrsa -out /etc/ssl/anope/server.key
|
||||
|
||||
RUN openssl req -new -key /etc/ssl/anope/server.key -out /etc/ssl/anope/server.csr \
|
||||
-subj "/C=US/ST=Washington/L=Seattle/O=LameNetwork/OU=IT Department/CN=$BUILD_SERVER_NAME"
|
||||
|
||||
RUN openssl x509 -req -days 365 -in /etc/ssl/anope/server.csr -signkey /etc/ssl/anope/server.key -out /etc/ssl/anope/server.crt
|
||||
|
||||
RUN chown -R anope:anope /etc/anope /etc/ssl/anope /var/log/anope /var/lib/anope
|
||||
|
||||
WORKDIR /
|
||||
|
||||
VOLUME /var/lib/anope
|
||||
|
||||
VOLUME /etc/ssl/anope
|
||||
|
||||
VOLUME /var/log/anope
|
||||
|
||||
USER anope
|
||||
|
||||
ENTRYPOINT ["/usr/local/bin/anope", "--nofork", "--config=/etc/anope/anope.conf", "--dbdir=/var/lib/anope", "--logdir=/var/log/anope", "--moduledir=/usr/local/modules"]
|
||||
1534
anope/anope.conf
Normal file
1534
anope/anope.conf
Normal file
File diff suppressed because it is too large
Load Diff
21
anope/docker-compose.yml
Normal file
21
anope/docker-compose.yml
Normal file
@ -0,0 +1,21 @@
|
||||
services:
|
||||
anope:
|
||||
build:
|
||||
context: .
|
||||
args:
|
||||
BUILD_SERVER_NAME: ${SERVER_NAME}
|
||||
image: anope
|
||||
network_mode: "host"
|
||||
env_file: "config.env"
|
||||
volumes:
|
||||
- data:/var/lib/anope
|
||||
- ./include.conf:/etc/anope/include.conf:ro
|
||||
- ssl:/etc/ssl/anope
|
||||
- log:/var/log/anope
|
||||
volumes:
|
||||
data:
|
||||
name: anope_data
|
||||
ssl:
|
||||
name: anope_ssl
|
||||
log:
|
||||
name: anope_log
|
||||
106
anope/include.default.conf
Normal file
106
anope/include.default.conf
Normal file
@ -0,0 +1,106 @@
|
||||
uplink
|
||||
{
|
||||
host = 127.0.0.1
|
||||
protocol = "ipv4"
|
||||
ssl = yes
|
||||
port = "7000"
|
||||
password = changeme
|
||||
}
|
||||
|
||||
serverinfo
|
||||
{
|
||||
name = services.lame-network.local
|
||||
description = "IRC Services"
|
||||
localhost = 127.0.0.1
|
||||
id = 10X
|
||||
pid = "/tmp/anope.pid"
|
||||
motd = "/etc/anope/motd.txt"
|
||||
}
|
||||
|
||||
networkinfo
|
||||
{
|
||||
networkname = "NetcraveIRC"
|
||||
nicklen = 31
|
||||
userlen = 10
|
||||
hostlen = 64
|
||||
chanlen = 32
|
||||
modelistsize = 256
|
||||
nick_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
|
||||
vhost_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-"
|
||||
allow_undotted_vhosts = true
|
||||
disallow_start_or_end = ".-"
|
||||
}
|
||||
|
||||
mail
|
||||
{
|
||||
usemail = no
|
||||
sendmailpath = "/usr/sbin/sendmail -it"
|
||||
sendfrom = "no-reply@lame-network.local"
|
||||
delay = 5m
|
||||
dontquoteaddresses = no
|
||||
content_type = "text/plain; charset=UTF-8"
|
||||
registration_subject = "Nickname registration for %n"
|
||||
registration_message = "Hi,
|
||||
|
||||
You have requested to register the nickname %n on %N.
|
||||
Please type \" /msg NickServ CONFIRM %c \" to complete registration.
|
||||
|
||||
If you don't know why this mail was sent to you, please ignore it silently.
|
||||
|
||||
%N administrators."
|
||||
|
||||
reset_subject = "Reset password request for %n"
|
||||
reset_message = "Hi,
|
||||
|
||||
You have requested to have the password for %n reset.
|
||||
To reset your password, type \" /msg NickServ CONFIRM %n %c \"
|
||||
|
||||
If you don't know why this mail was sent to you, please ignore it silently.
|
||||
|
||||
%N administrators."
|
||||
|
||||
emailchange_subject = "Email confirmation"
|
||||
emailchange_message = "Hi,
|
||||
|
||||
You have requested to change your email address from %e to %E.
|
||||
Please type \" /msg NickServ CONFIRM %c \" to confirm this change.
|
||||
|
||||
If you don't know why this mail was sent to you, please ignore it silently.
|
||||
|
||||
%N administrators."
|
||||
|
||||
memo_subject = "New memo"
|
||||
memo_message = "Hi %n,
|
||||
|
||||
You've just received a new memo from %s. This is memo number %d.
|
||||
|
||||
Memo text:
|
||||
|
||||
%t"
|
||||
}
|
||||
|
||||
oper
|
||||
{
|
||||
name = "admin"
|
||||
type = "Services Root"
|
||||
require_oper = yes
|
||||
}
|
||||
|
||||
module
|
||||
{
|
||||
name = "sqlite"
|
||||
sqlite
|
||||
{
|
||||
name = "sqlite/main"
|
||||
database = "/var/lib/anope/anope.db"
|
||||
}
|
||||
}
|
||||
|
||||
module
|
||||
{
|
||||
name = "db_flatfile"
|
||||
database = "anope.db"
|
||||
keepbackups = 32
|
||||
nobackupokay = no
|
||||
fork = no
|
||||
}
|
||||
1
atheme/.env
Symbolic link
1
atheme/.env
Symbolic link
@ -0,0 +1 @@
|
||||
config.env
|
||||
2
atheme/.gitignore
vendored
Normal file
2
atheme/.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
include.conf
|
||||
config.env
|
||||
@ -1,28 +1,28 @@
|
||||
include "/etc/atheme/include.conf";
|
||||
|
||||
loadmodule "security/cmdperm";
|
||||
#loadmodule "security/cmdperm";
|
||||
loadmodule "protocol/inspircd";
|
||||
loadmodule "protocol/mixin_nohalfops";
|
||||
loadmodule "protocol/mixin_noholdnick";
|
||||
loadmodule "protocol/mixin_noprotect";
|
||||
loadmodule "protocol/mixin_noowner";
|
||||
#loadmodule "protocol/mixin_nohalfops";
|
||||
#loadmodule "protocol/mixin_noholdnick";
|
||||
#loadmodule "protocol/mixin_noprotect";
|
||||
#loadmodule "protocol/mixin_noowner";
|
||||
loadmodule "backend/opensex";
|
||||
loadmodule "crypto/argon2";
|
||||
loadmodule "crypto/scrypt";
|
||||
loadmodule "crypto/pbkdf2v2";
|
||||
loadmodule "crypto/bcrypt";
|
||||
loadmodule "crypto/pbkdf2";
|
||||
loadmodule "crypto/crypt3-sha2-512";
|
||||
loadmodule "crypto/crypt3-sha2-256";
|
||||
loadmodule "crypto/crypt3-md5";
|
||||
loadmodule "crypto/rawsha2-512";
|
||||
loadmodule "crypto/rawsha2-256";
|
||||
loadmodule "crypto/anope-enc-sha256";
|
||||
loadmodule "crypto/rawsha1";
|
||||
loadmodule "crypto/rawmd5";
|
||||
loadmodule "crypto/ircservices";
|
||||
loadmodule "crypto/crypt3-des";
|
||||
loadmodule "crypto/base64";
|
||||
#loadmodule "crypto/argon2";
|
||||
#loadmodule "crypto/scrypt";
|
||||
#loadmodule "crypto/pbkdf2v2";
|
||||
#loadmodule "crypto/bcrypt";
|
||||
#loadmodule "crypto/pbkdf2";
|
||||
#loadmodule "crypto/crypt3-sha2-512";
|
||||
#loadmodule "crypto/crypt3-sha2-256";
|
||||
#loadmodule "crypto/crypt3-md5";
|
||||
#loadmodule "crypto/rawsha2-512";
|
||||
#loadmodule "crypto/rawsha2-256";
|
||||
#loadmodule "crypto/anope-enc-sha256";
|
||||
#loadmodule "crypto/rawsha1";
|
||||
#loadmodule "crypto/rawmd5";
|
||||
#loadmodule "crypto/ircservices";
|
||||
#loadmodule "crypto/crypt3-des";
|
||||
#loadmodule "crypto/base64";
|
||||
#loadmodule "auth/ldap";
|
||||
loadmodule "nickserv/main";
|
||||
#loadmodule "nickserv/access";
|
||||
@ -154,7 +154,7 @@ loadmodule "operserv/help";
|
||||
loadmodule "operserv/identify";
|
||||
loadmodule "operserv/ignore";
|
||||
loadmodule "operserv/info";
|
||||
#loadmodule "operserv/joinrate";
|
||||
loadmodule "operserv/joinrate";
|
||||
loadmodule "operserv/jupe";
|
||||
loadmodule "operserv/mode";
|
||||
loadmodule "operserv/modlist";
|
||||
@ -250,32 +250,32 @@ loadmodule "groupserv/set_joinflags";
|
||||
loadmodule "groupserv/set_open";
|
||||
loadmodule "groupserv/set_public";
|
||||
loadmodule "groupserv/set_url";
|
||||
loadmodule "misc/httpd";
|
||||
loadmodule "misc/login_throttling";
|
||||
loadmodule "transport/xmlrpc";
|
||||
loadmodule "exttarget/oper";
|
||||
loadmodule "exttarget/registered";
|
||||
loadmodule "exttarget/channel";
|
||||
loadmodule "exttarget/chanacs";
|
||||
loadmodule "exttarget/server";
|
||||
loadmodule "proxyscan/dnsbl";
|
||||
#loadmodule "misc/httpd";
|
||||
#loadmodule "misc/login_throttling";
|
||||
#loadmodule "transport/xmlrpc";
|
||||
#loadmodule "exttarget/oper";
|
||||
#loadmodule "exttarget/registered";
|
||||
#loadmodule "exttarget/channel";
|
||||
#loadmodule "exttarget/chanacs";
|
||||
#loadmodule "exttarget/server";
|
||||
#loadmodule "proxyscan/dnsbl";
|
||||
|
||||
crypto {
|
||||
argon2_type = "argon2id";
|
||||
argon2_memcost = 16;
|
||||
argon2_timecost = 3;
|
||||
argon2_threads = 1;
|
||||
argon2_saltlen = 16;
|
||||
argon2_hashlen = 64;
|
||||
scrypt_memlimit = 14;
|
||||
scrypt_opslimit = 524288;
|
||||
pbkdf2v2_digest = "SHA2-512";
|
||||
pbkdf2v2_rounds = 64000;
|
||||
pbkdf2v2_saltlen = 32;
|
||||
scram_mechanisms = "SCRAM-SHA-1,SCRAM-SHA-256,SCRAM-SHA-512";
|
||||
bcrypt_cost = 7;
|
||||
crypt3_sha2_256_rounds = 5000;
|
||||
crypt3_sha2_512_rounds = 5000;
|
||||
# argon2_type = "argon2id";
|
||||
# argon2_memcost = 16;
|
||||
# argon2_timecost = 3;
|
||||
# argon2_threads = 1;
|
||||
# argon2_saltlen = 16;
|
||||
# argon2_hashlen = 64;
|
||||
# scrypt_memlimit = 14;
|
||||
# scrypt_opslimit = 524288;
|
||||
# pbkdf2v2_digest = "SHA2-512";
|
||||
# pbkdf2v2_rounds = 64000;
|
||||
# pbkdf2v2_saltlen = 32;
|
||||
# scram_mechanisms = "SCRAM-SHA-1,SCRAM-SHA-256,SCRAM-SHA-512";
|
||||
# bcrypt_cost = 7;
|
||||
# crypt3_sha2_256_rounds = 5000;
|
||||
# crypt3_sha2_512_rounds = 5000;
|
||||
};
|
||||
|
||||
nickserv {
|
||||
@ -284,38 +284,16 @@ nickserv {
|
||||
user = "NICKSERV";
|
||||
host = "services/-";
|
||||
real = "Nickname Services";
|
||||
|
||||
aliases {
|
||||
"ID" = "IDENTIFY";
|
||||
"MYACCESS" = "LISTCHANS";
|
||||
};
|
||||
|
||||
access {
|
||||
};
|
||||
|
||||
spam;
|
||||
|
||||
no_nick_ownership;
|
||||
maxnicks = 5;
|
||||
expire = 30;
|
||||
enforce_expire = 14;
|
||||
enforce_delay = 30;
|
||||
enforce_prefix = "G`";
|
||||
enforce_prefix = "`";
|
||||
waitreg_time = 0;
|
||||
cracklib_dict = "/var/cache/cracklib/cracklib_dict";
|
||||
passwdqc_max = 288;
|
||||
passwdqc_min_n0 = 20;
|
||||
passwdqc_min_n1 = 16;
|
||||
passwdqc_min_n2 = 16;
|
||||
passwdqc_min_n3 = 12;
|
||||
passwdqc_min_n4 = 8;
|
||||
passwdqc_words = 4;
|
||||
pwquality_warn_only;
|
||||
show_custom_metadata;
|
||||
|
||||
emailexempts {
|
||||
};
|
||||
|
||||
shorthelp = "";
|
||||
listownmail_canon;
|
||||
bad_password_message;
|
||||
1
atheme/config.env.example
Normal file
1
atheme/config.env.example
Normal file
@ -0,0 +1 @@
|
||||
SERVER_NAME="services.lame-network.local"
|
||||
@ -25,3 +25,5 @@ LINK_TIMEOUT="32"
|
||||
CLOAK_KEY="changeme"
|
||||
CLOAK_PREFIX="cloak/"
|
||||
CLOAK_SUFFIX=".hidden"
|
||||
DEFAULT_USER_MODES="xW"
|
||||
SSL_USER_MODES="xW"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user