diff --git a/Dockerfile b/Dockerfile index a681442..78d3223 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,12 @@ -FROM ubuntu:latest +ARG UBUNTU_VERSION="noble" + +FROM ubuntu:${UBUNTU_VERSION} ARG BUILD_SERVER_NAME="services.lame-network.local" RUN apt -y update -RUN apt -y install coreutils perl git automake autoconf build-essential libpcre2-dev rapidjson-dev libcurl4-gnutls-dev libargon2-dev libmaxminddb-dev libldap2-dev rapidjson-dev libmysqlclient-dev libmysqlclient-dev default-libmysqlclient-dev libpq-dev libre2-dev gnutls-dev libsqlite3-dev libmbedtls-dev libqrencode-dev libpcre3-dev libtre-dev pkg-config libwww-perl libidn-dev libpasswdqc-dev libcrack2-dev libperl-dev libsodium-dev cracklib-runtime libcrypt-cracklib-perl sendmail +RUN apt -y install coreutils perl git automake autoconf build-essential libpcre2-dev rapidjson-dev libcurl4-gnutls-dev libargon2-dev libmaxminddb-dev libldap2-dev rapidjson-dev libmysqlclient-dev libmysqlclient-dev default-libmysqlclient-dev libpq-dev libre2-dev gnutls-dev libsqlite3-dev libmbedtls-dev libqrencode-dev libpcre3-dev libtre-dev pkg-config libwww-perl libidn-dev libpasswdqc-dev libcrack2-dev libperl-dev libsodium-dev cracklib-runtime libcrypt-cracklib-perl sendmail gettext RUN groupadd atheme @@ -12,7 +14,7 @@ RUN useradd --system --shell /bin/bash atheme -g atheme WORKDIR /tmp -RUN git clone https://github.com/paigeadelethompson/atheme.git -b inspircd +RUN git clone https://github.com/atheme/atheme.git -b master WORKDIR /tmp/atheme @@ -34,13 +36,6 @@ ADD atheme.conf /etc/atheme ADD include.default.conf /etc/atheme/include.conf -RUN openssl genrsa -out /etc/ssl/atheme/server.key - -RUN openssl req -new -key /etc/ssl/atheme/server.key -out /etc/ssl/atheme/server.csr \ - -subj "/C=US/ST=Washington/L=Seattle/O=LameNetwork/OU=IT Department/CN=$BUILD_SERVER_NAME" - -RUN openssl x509 -req -days 365 -in /etc/ssl/atheme/server.csr -signkey /etc/ssl/atheme/server.key -out /etc/ssl/atheme/server.crt - RUN chown -R atheme:atheme /etc/atheme /etc/ssl/atheme /var/log/atheme WORKDIR / diff --git a/atheme.conf b/atheme.conf index 878967b..56973d6 100644 --- a/atheme.conf +++ b/atheme.conf @@ -1,264 +1,264 @@ -include "/etc/atheme/include.conf"; +loadmodule "/usr/local/modules/protocol/inspircd"; +include "/usr/local/etc/include.conf"; -#loadmodule "security/cmdperm"; -loadmodule "protocol/inspircd"; -#loadmodule "protocol/mixin_nohalfops"; -#loadmodule "protocol/mixin_noholdnick"; -#loadmodule "protocol/mixin_noprotect"; -#loadmodule "protocol/mixin_noowner"; -loadmodule "backend/opensex"; -#loadmodule "crypto/argon2"; -#loadmodule "crypto/scrypt"; -#loadmodule "crypto/pbkdf2v2"; -#loadmodule "crypto/bcrypt"; -#loadmodule "crypto/pbkdf2"; -#loadmodule "crypto/crypt3-sha2-512"; -#loadmodule "crypto/crypt3-sha2-256"; -#loadmodule "crypto/crypt3-md5"; -#loadmodule "crypto/rawsha2-512"; -#loadmodule "crypto/rawsha2-256"; -#loadmodule "crypto/anope-enc-sha256"; -#loadmodule "crypto/rawsha1"; -#loadmodule "crypto/rawmd5"; -#loadmodule "crypto/ircservices"; -#loadmodule "crypto/crypt3-des"; -#loadmodule "crypto/base64"; -#loadmodule "auth/ldap"; -loadmodule "nickserv/main"; -#loadmodule "nickserv/access"; -loadmodule "nickserv/badmail"; -loadmodule "nickserv/cert"; -loadmodule "nickserv/drop"; -loadmodule "nickserv/enforce"; -loadmodule "nickserv/ghost"; -loadmodule "nickserv/group"; -loadmodule "nickserv/help"; -loadmodule "nickserv/hold"; -loadmodule "nickserv/identify"; -loadmodule "nickserv/info"; -loadmodule "nickserv/info_lastquit"; -loadmodule "nickserv/list"; -loadmodule "nickserv/listlogins"; -loadmodule "nickserv/listmail"; -loadmodule "nickserv/listownmail"; -loadmodule "nickserv/login"; -loadmodule "nickserv/loginnolimit"; -loadmodule "nickserv/logout"; -loadmodule "nickserv/mark"; -loadmodule "nickserv/pwquality"; -loadmodule "nickserv/freeze"; -loadmodule "nickserv/listchans"; -loadmodule "nickserv/listgroups"; -loadmodule "nickserv/register"; -loadmodule "nickserv/regnolimit"; -loadmodule "nickserv/resetpass"; -loadmodule "nickserv/restrict"; -loadmodule "nickserv/return"; -loadmodule "nickserv/setpass"; -loadmodule "nickserv/sendpass"; -loadmodule "nickserv/sendpass_user"; -loadmodule "nickserv/set_accountname"; -loadmodule "nickserv/set_badpasswdmsg"; -loadmodule "nickserv/set_email"; -loadmodule "nickserv/set_emailmemos"; -loadmodule "nickserv/set_enforcetime"; -loadmodule "nickserv/set_hidemail"; -loadmodule "nickserv/set_language"; -loadmodule "nickserv/set_nevergroup"; -loadmodule "nickserv/set_neverop"; -loadmodule "nickserv/set_nogreet"; -loadmodule "nickserv/set_nomemo"; -loadmodule "nickserv/set_noop"; -loadmodule "nickserv/set_nopassword"; -loadmodule "nickserv/set_password"; -loadmodule "nickserv/set_privmsg"; -loadmodule "nickserv/set_private"; -loadmodule "nickserv/set_property"; -loadmodule "nickserv/set_pubkey"; -loadmodule "nickserv/set_quietchg"; -loadmodule "nickserv/status"; -loadmodule "nickserv/taxonomy"; -loadmodule "nickserv/vacation"; -loadmodule "nickserv/verify"; -loadmodule "nickserv/vhost"; -loadmodule "nickserv/waitreg"; -loadmodule "chanserv/main"; -loadmodule "chanserv/access"; -loadmodule "chanserv/akick"; -loadmodule "chanserv/ban"; -loadmodule "chanserv/unban_self"; -loadmodule "chanserv/bansearch"; -loadmodule "chanserv/clone"; -loadmodule "chanserv/close"; -loadmodule "chanserv/clear"; -loadmodule "chanserv/clear_akicks"; -loadmodule "chanserv/clear_bans"; -loadmodule "chanserv/clear_flags"; -loadmodule "chanserv/clear_users"; -loadmodule "chanserv/count"; -loadmodule "chanserv/drop"; -loadmodule "chanserv/fflags"; -loadmodule "chanserv/flags"; -loadmodule "chanserv/ftransfer"; -loadmodule "chanserv/getkey"; -loadmodule "chanserv/halfop"; -loadmodule "chanserv/help"; -loadmodule "chanserv/hold"; -loadmodule "chanserv/info"; -loadmodule "chanserv/invite"; -loadmodule "chanserv/kick"; -loadmodule "chanserv/list"; -loadmodule "chanserv/mark"; -loadmodule "chanserv/moderate"; -loadmodule "chanserv/op"; -loadmodule "chanserv/owner"; -loadmodule "chanserv/protect"; -loadmodule "chanserv/quiet"; -loadmodule "chanserv/recover"; -loadmodule "chanserv/register"; -loadmodule "chanserv/set_email"; -loadmodule "chanserv/set_entrymsg"; -loadmodule "chanserv/set_fantasy"; -loadmodule "chanserv/set_gameserv"; -loadmodule "chanserv/set_guard"; -loadmodule "chanserv/set_keeptopic"; -loadmodule "chanserv/set_limitflags"; -loadmodule "chanserv/set_mlock"; -loadmodule "chanserv/set_prefix"; -loadmodule "chanserv/set_private"; -loadmodule "chanserv/set_property"; -loadmodule "chanserv/set_pubacl"; -loadmodule "chanserv/set_restricted"; -loadmodule "chanserv/set_secure"; -loadmodule "chanserv/set_topiclock"; -loadmodule "chanserv/set_url"; -loadmodule "chanserv/set_verbose"; -loadmodule "chanserv/status"; -loadmodule "chanserv/sync"; -loadmodule "chanserv/successor_acl"; -loadmodule "chanserv/taxonomy"; -loadmodule "chanserv/template"; -loadmodule "chanserv/topic"; -loadmodule "chanserv/voice"; -loadmodule "chanserv/why"; -loadmodule "chanserv/xop"; -loadmodule "chanserv/antiflood"; -loadmodule "chanfix/main"; -loadmodule "operserv/akill"; -loadmodule "operserv/clearchan"; -loadmodule "operserv/clones"; -loadmodule "operserv/compare"; -loadmodule "operserv/genhash"; -loadmodule "operserv/greplog"; -loadmodule "operserv/help"; -loadmodule "operserv/identify"; -loadmodule "operserv/ignore"; -loadmodule "operserv/info"; -loadmodule "operserv/joinrate"; -loadmodule "operserv/jupe"; -loadmodule "operserv/mode"; -loadmodule "operserv/modlist"; -loadmodule "operserv/modmanager"; -loadmodule "operserv/noop"; -loadmodule "operserv/rakill"; -loadmodule "operserv/readonly"; -loadmodule "operserv/rehash"; -loadmodule "operserv/restart"; -loadmodule "operserv/rmatch"; -loadmodule "operserv/rnc"; -loadmodule "operserv/rwatch"; -loadmodule "operserv/set"; -loadmodule "operserv/sgline"; -loadmodule "operserv/shutdown"; -loadmodule "operserv/soper"; -loadmodule "operserv/specs"; -loadmodule "operserv/sqline"; -loadmodule "operserv/update"; -loadmodule "operserv/uptime"; -loadmodule "memoserv/help"; -loadmodule "memoserv/send"; -loadmodule "memoserv/sendops"; -loadmodule "memoserv/sendgroup"; -loadmodule "memoserv/list"; -loadmodule "memoserv/read"; -loadmodule "memoserv/forward"; -loadmodule "memoserv/delete"; -loadmodule "memoserv/ignore"; -loadmodule "global/main"; -loadmodule "infoserv/main"; -loadmodule "saslserv/authcookie"; -loadmodule "saslserv/ecdh-x25519-challenge"; -loadmodule "saslserv/ecdsa-nist256p-challenge"; -loadmodule "saslserv/external"; -loadmodule "saslserv/plain"; -loadmodule "saslserv/scram"; -loadmodule "gameserv/dice"; -loadmodule "gameserv/eightball"; -loadmodule "gameserv/gamecalc"; -loadmodule "gameserv/help"; -loadmodule "gameserv/lottery"; -loadmodule "gameserv/namegen"; -loadmodule "gameserv/rps"; -loadmodule "rpgserv/enable"; -loadmodule "rpgserv/help"; -loadmodule "rpgserv/info"; -loadmodule "rpgserv/list"; -loadmodule "rpgserv/search"; -loadmodule "rpgserv/set"; -loadmodule "botserv/main"; -loadmodule "botserv/help"; -loadmodule "botserv/info"; -loadmodule "botserv/bottalk"; -loadmodule "botserv/set_fantasy"; -loadmodule "botserv/set_nobot"; -loadmodule "botserv/set_private"; -loadmodule "botserv/set_saycaller"; -loadmodule "hostserv/help"; -loadmodule "hostserv/onoff"; -loadmodule "hostserv/offer"; -loadmodule "hostserv/request"; -loadmodule "hostserv/vhost"; -loadmodule "hostserv/vhostnick"; -loadmodule "hostserv/group"; -loadmodule "hostserv/drop"; -loadmodule "helpserv/helpme"; -loadmodule "helpserv/ticket"; -loadmodule "helpserv/services"; -loadmodule "alis/main"; -loadmodule "statserv/channel"; -loadmodule "statserv/netsplit"; -loadmodule "statserv/server"; -loadmodule "groupserv/main"; -loadmodule "groupserv/acsnolimit"; -loadmodule "groupserv/drop"; -loadmodule "groupserv/fflags"; -loadmodule "groupserv/flags"; -loadmodule "groupserv/help"; -loadmodule "groupserv/info"; -loadmodule "groupserv/join"; -loadmodule "groupserv/list"; -loadmodule "groupserv/listchans"; -loadmodule "groupserv/register"; -loadmodule "groupserv/regnolimit"; -loadmodule "groupserv/invite"; -loadmodule "groupserv/set"; -loadmodule "groupserv/set_channel"; -loadmodule "groupserv/set_description"; -loadmodule "groupserv/set_email"; -loadmodule "groupserv/set_groupname"; -loadmodule "groupserv/set_joinflags"; -loadmodule "groupserv/set_open"; -loadmodule "groupserv/set_public"; -loadmodule "groupserv/set_url"; -#loadmodule "misc/httpd"; -#loadmodule "misc/login_throttling"; -#loadmodule "transport/xmlrpc"; -#loadmodule "exttarget/oper"; -#loadmodule "exttarget/registered"; -#loadmodule "exttarget/channel"; -#loadmodule "exttarget/chanacs"; -#loadmodule "exttarget/server"; -#loadmodule "proxyscan/dnsbl"; +#loadmodule "/usr/local/modules/security/cmdperm"; +#loadmodule "/usr/local/modules/protocol/mixin_nohalfops"; +#loadmodule "/usr/local/modules/protocol/mixin_noholdnick"; +#loadmodule "/usr/local/modules/protocol/mixin_noprotect"; +#loadmodule "/usr/local/modules/protocol/mixin_noowner"; +loadmodule "/usr/local/modules/backend/opensex"; +#loadmodule "/usr/local/modules/crypto/argon2"; +#loadmodule "/usr/local/modules/crypto/scrypt"; +#loadmodule "/usr/local/modules/crypto/pbkdf2v2"; +#loadmodule "/usr/local/modules/crypto/bcrypt"; +#loadmodule "/usr/local/modules/crypto/pbkdf2"; +#loadmodule "/usr/local/modules/crypto/crypt3-sha2-512"; +#loadmodule "/usr/local/modules/crypto/crypt3-sha2-256"; +#loadmodule "/usr/local/modules/crypto/crypt3-md5"; +#loadmodule "/usr/local/modules/crypto/rawsha2-512"; +#loadmodule "/usr/local/modules/crypto/rawsha2-256"; +#loadmodule "/usr/local/modules/crypto/anope-enc-sha256"; +#loadmodule "/usr/local/modules/crypto/rawsha1"; +#loadmodule "/usr/local/modules/crypto/rawmd5"; +#loadmodule "/usr/local/modules/crypto/ircservices"; +#loadmodule "/usr/local/modules/crypto/crypt3-des"; +#loadmodule "/usr/local/modules/crypto/base64"; +#loadmodule "/usr/local/modules/auth/ldap"; +loadmodule "/usr/local/modules/nickserv/main"; +#loadmodule "/usr/local/modules/nickserv/access"; +loadmodule "/usr/local/modules/nickserv/badmail"; +loadmodule "/usr/local/modules/nickserv/cert"; +loadmodule "/usr/local/modules/nickserv/drop"; +loadmodule "/usr/local/modules/nickserv/enforce"; +loadmodule "/usr/local/modules/nickserv/ghost"; +loadmodule "/usr/local/modules/nickserv/group"; +loadmodule "/usr/local/modules/nickserv/help"; +loadmodule "/usr/local/modules/nickserv/hold"; +loadmodule "/usr/local/modules/nickserv/identify"; +loadmodule "/usr/local/modules/nickserv/info"; +loadmodule "/usr/local/modules/nickserv/info_lastquit"; +loadmodule "/usr/local/modules/nickserv/list"; +loadmodule "/usr/local/modules/nickserv/listlogins"; +loadmodule "/usr/local/modules/nickserv/listmail"; +loadmodule "/usr/local/modules/nickserv/listownmail"; +loadmodule "/usr/local/modules/nickserv/login"; +loadmodule "/usr/local/modules/nickserv/loginnolimit"; +loadmodule "/usr/local/modules/nickserv/logout"; +loadmodule "/usr/local/modules/nickserv/mark"; +loadmodule "/usr/local/modules/nickserv/pwquality"; +loadmodule "/usr/local/modules/nickserv/freeze"; +loadmodule "/usr/local/modules/nickserv/listchans"; +loadmodule "/usr/local/modules/nickserv/listgroups"; +loadmodule "/usr/local/modules/nickserv/register"; +loadmodule "/usr/local/modules/nickserv/regnolimit"; +loadmodule "/usr/local/modules/nickserv/resetpass"; +loadmodule "/usr/local/modules/nickserv/restrict"; +loadmodule "/usr/local/modules/nickserv/return"; +loadmodule "/usr/local/modules/nickserv/setpass"; +loadmodule "/usr/local/modules/nickserv/sendpass"; +loadmodule "/usr/local/modules/nickserv/sendpass_user"; +loadmodule "/usr/local/modules/nickserv/set_accountname"; +loadmodule "/usr/local/modules/nickserv/set_badpasswdmsg"; +loadmodule "/usr/local/modules/nickserv/set_email"; +loadmodule "/usr/local/modules/nickserv/set_emailmemos"; +loadmodule "/usr/local/modules/nickserv/set_enforcetime"; +loadmodule "/usr/local/modules/nickserv/set_hidemail"; +loadmodule "/usr/local/modules/nickserv/set_language"; +loadmodule "/usr/local/modules/nickserv/set_nevergroup"; +loadmodule "/usr/local/modules/nickserv/set_neverop"; +loadmodule "/usr/local/modules/nickserv/set_nogreet"; +loadmodule "/usr/local/modules/nickserv/set_nomemo"; +loadmodule "/usr/local/modules/nickserv/set_noop"; +loadmodule "/usr/local/modules/nickserv/set_nopassword"; +loadmodule "/usr/local/modules/nickserv/set_password"; +loadmodule "/usr/local/modules/nickserv/set_privmsg"; +loadmodule "/usr/local/modules/nickserv/set_private"; +loadmodule "/usr/local/modules/nickserv/set_property"; +loadmodule "/usr/local/modules/nickserv/set_pubkey"; +loadmodule "/usr/local/modules/nickserv/set_quietchg"; +loadmodule "/usr/local/modules/nickserv/status"; +loadmodule "/usr/local/modules/nickserv/taxonomy"; +loadmodule "/usr/local/modules/nickserv/vacation"; +loadmodule "/usr/local/modules/nickserv/verify"; +loadmodule "/usr/local/modules/nickserv/vhost"; +loadmodule "/usr/local/modules/nickserv/waitreg"; +loadmodule "/usr/local/modules/chanserv/main"; +loadmodule "/usr/local/modules/chanserv/access"; +loadmodule "/usr/local/modules/chanserv/akick"; +loadmodule "/usr/local/modules/chanserv/ban"; +loadmodule "/usr/local/modules/chanserv/unban_self"; +loadmodule "/usr/local/modules/chanserv/bansearch"; +loadmodule "/usr/local/modules/chanserv/clone"; +loadmodule "/usr/local/modules/chanserv/close"; +loadmodule "/usr/local/modules/chanserv/clear"; +loadmodule "/usr/local/modules/chanserv/clear_akicks"; +loadmodule "/usr/local/modules/chanserv/clear_bans"; +loadmodule "/usr/local/modules/chanserv/clear_flags"; +loadmodule "/usr/local/modules/chanserv/clear_users"; +loadmodule "/usr/local/modules/chanserv/count"; +loadmodule "/usr/local/modules/chanserv/drop"; +loadmodule "/usr/local/modules/chanserv/fflags"; +loadmodule "/usr/local/modules/chanserv/flags"; +loadmodule "/usr/local/modules/chanserv/ftransfer"; +loadmodule "/usr/local/modules/chanserv/getkey"; +loadmodule "/usr/local/modules/chanserv/halfop"; +loadmodule "/usr/local/modules/chanserv/help"; +loadmodule "/usr/local/modules/chanserv/hold"; +loadmodule "/usr/local/modules/chanserv/info"; +loadmodule "/usr/local/modules/chanserv/invite"; +loadmodule "/usr/local/modules/chanserv/kick"; +loadmodule "/usr/local/modules/chanserv/list"; +loadmodule "/usr/local/modules/chanserv/mark"; +loadmodule "/usr/local/modules/chanserv/moderate"; +loadmodule "/usr/local/modules/chanserv/op"; +loadmodule "/usr/local/modules/chanserv/owner"; +loadmodule "/usr/local/modules/chanserv/protect"; +loadmodule "/usr/local/modules/chanserv/quiet"; +loadmodule "/usr/local/modules/chanserv/recover"; +loadmodule "/usr/local/modules/chanserv/register"; +loadmodule "/usr/local/modules/chanserv/set_email"; +loadmodule "/usr/local/modules/chanserv/set_entrymsg"; +loadmodule "/usr/local/modules/chanserv/set_fantasy"; +loadmodule "/usr/local/modules/chanserv/set_gameserv"; +loadmodule "/usr/local/modules/chanserv/set_guard"; +loadmodule "/usr/local/modules/chanserv/set_keeptopic"; +loadmodule "/usr/local/modules/chanserv/set_limitflags"; +loadmodule "/usr/local/modules/chanserv/set_mlock"; +loadmodule "/usr/local/modules/chanserv/set_prefix"; +loadmodule "/usr/local/modules/chanserv/set_private"; +loadmodule "/usr/local/modules/chanserv/set_property"; +loadmodule "/usr/local/modules/chanserv/set_pubacl"; +loadmodule "/usr/local/modules/chanserv/set_restricted"; +loadmodule "/usr/local/modules/chanserv/set_secure"; +loadmodule "/usr/local/modules/chanserv/set_topiclock"; +loadmodule "/usr/local/modules/chanserv/set_url"; +loadmodule "/usr/local/modules/chanserv/set_verbose"; +loadmodule "/usr/local/modules/chanserv/status"; +loadmodule "/usr/local/modules/chanserv/sync"; +loadmodule "/usr/local/modules/chanserv/successor_acl"; +loadmodule "/usr/local/modules/chanserv/taxonomy"; +loadmodule "/usr/local/modules/chanserv/template"; +loadmodule "/usr/local/modules/chanserv/topic"; +loadmodule "/usr/local/modules/chanserv/voice"; +loadmodule "/usr/local/modules/chanserv/why"; +loadmodule "/usr/local/modules/chanserv/xop"; +loadmodule "/usr/local/modules/chanserv/antiflood"; +loadmodule "/usr/local/modules/chanfix/main"; +loadmodule "/usr/local/modules/operserv/akill"; +loadmodule "/usr/local/modules/operserv/clearchan"; +loadmodule "/usr/local/modules/operserv/clones"; +loadmodule "/usr/local/modules/operserv/compare"; +loadmodule "/usr/local/modules/operserv/genhash"; +loadmodule "/usr/local/modules/operserv/greplog"; +loadmodule "/usr/local/modules/operserv/help"; +loadmodule "/usr/local/modules/operserv/identify"; +loadmodule "/usr/local/modules/operserv/ignore"; +loadmodule "/usr/local/modules/operserv/info"; +loadmodule "/usr/local/modules/operserv/joinrate"; +loadmodule "/usr/local/modules/operserv/jupe"; +loadmodule "/usr/local/modules/operserv/mode"; +loadmodule "/usr/local/modules/operserv/modlist"; +loadmodule "/usr/local/modules/operserv/modmanager"; +loadmodule "/usr/local/modules/operserv/noop"; +loadmodule "/usr/local/modules/operserv/rakill"; +loadmodule "/usr/local/modules/operserv/readonly"; +loadmodule "/usr/local/modules/operserv/rehash"; +loadmodule "/usr/local/modules/operserv/restart"; +loadmodule "/usr/local/modules/operserv/rmatch"; +loadmodule "/usr/local/modules/operserv/rnc"; +loadmodule "/usr/local/modules/operserv/rwatch"; +loadmodule "/usr/local/modules/operserv/set"; +loadmodule "/usr/local/modules/operserv/sgline"; +loadmodule "/usr/local/modules/operserv/shutdown"; +loadmodule "/usr/local/modules/operserv/soper"; +loadmodule "/usr/local/modules/operserv/specs"; +loadmodule "/usr/local/modules/operserv/sqline"; +loadmodule "/usr/local/modules/operserv/update"; +loadmodule "/usr/local/modules/operserv/uptime"; +loadmodule "/usr/local/modules/memoserv/help"; +loadmodule "/usr/local/modules/memoserv/send"; +loadmodule "/usr/local/modules/memoserv/sendops"; +loadmodule "/usr/local/modules/memoserv/sendgroup"; +loadmodule "/usr/local/modules/memoserv/list"; +loadmodule "/usr/local/modules/memoserv/read"; +loadmodule "/usr/local/modules/memoserv/forward"; +loadmodule "/usr/local/modules/memoserv/delete"; +loadmodule "/usr/local/modules/memoserv/ignore"; +loadmodule "/usr/local/modules/global/main"; +loadmodule "/usr/local/modules/infoserv/main"; +loadmodule "/usr/local/modules/saslserv/authcookie"; +loadmodule "/usr/local/modules/saslserv/ecdh-x25519-challenge"; +loadmodule "/usr/local/modules/saslserv/ecdsa-nist256p-challenge"; +loadmodule "/usr/local/modules/saslserv/external"; +loadmodule "/usr/local/modules/saslserv/plain"; +loadmodule "/usr/local/modules/saslserv/scram"; +loadmodule "/usr/local/modules/gameserv/dice"; +loadmodule "/usr/local/modules/gameserv/eightball"; +loadmodule "/usr/local/modules/gameserv/gamecalc"; +loadmodule "/usr/local/modules/gameserv/help"; +loadmodule "/usr/local/modules/gameserv/lottery"; +loadmodule "/usr/local/modules/gameserv/namegen"; +loadmodule "/usr/local/modules/gameserv/rps"; +loadmodule "/usr/local/modules/rpgserv/enable"; +loadmodule "/usr/local/modules/rpgserv/help"; +loadmodule "/usr/local/modules/rpgserv/info"; +loadmodule "/usr/local/modules/rpgserv/list"; +loadmodule "/usr/local/modules/rpgserv/search"; +loadmodule "/usr/local/modules/rpgserv/set"; +loadmodule "/usr/local/modules/botserv/main"; +loadmodule "/usr/local/modules/botserv/help"; +loadmodule "/usr/local/modules/botserv/info"; +loadmodule "/usr/local/modules/botserv/bottalk"; +loadmodule "/usr/local/modules/botserv/set_fantasy"; +loadmodule "/usr/local/modules/botserv/set_nobot"; +loadmodule "/usr/local/modules/botserv/set_private"; +loadmodule "/usr/local/modules/botserv/set_saycaller"; +loadmodule "/usr/local/modules/hostserv/help"; +loadmodule "/usr/local/modules/hostserv/onoff"; +loadmodule "/usr/local/modules/hostserv/offer"; +loadmodule "/usr/local/modules/hostserv/request"; +loadmodule "/usr/local/modules/hostserv/vhost"; +loadmodule "/usr/local/modules/hostserv/vhostnick"; +loadmodule "/usr/local/modules/hostserv/group"; +loadmodule "/usr/local/modules/hostserv/drop"; +loadmodule "/usr/local/modules/helpserv/helpme"; +loadmodule "/usr/local/modules/helpserv/ticket"; +loadmodule "/usr/local/modules/helpserv/services"; +loadmodule "/usr/local/modules/alis/main"; +loadmodule "/usr/local/modules/statserv/channel"; +loadmodule "/usr/local/modules/statserv/netsplit"; +loadmodule "/usr/local/modules/statserv/server"; +loadmodule "/usr/local/modules/groupserv/main"; +loadmodule "/usr/local/modules/groupserv/acsnolimit"; +loadmodule "/usr/local/modules/groupserv/drop"; +loadmodule "/usr/local/modules/groupserv/fflags"; +loadmodule "/usr/local/modules/groupserv/flags"; +loadmodule "/usr/local/modules/groupserv/help"; +loadmodule "/usr/local/modules/groupserv/info"; +loadmodule "/usr/local/modules/groupserv/join"; +loadmodule "/usr/local/modules/groupserv/list"; +loadmodule "/usr/local/modules/groupserv/listchans"; +loadmodule "/usr/local/modules/groupserv/register"; +loadmodule "/usr/local/modules/groupserv/regnolimit"; +loadmodule "/usr/local/modules/groupserv/invite"; +loadmodule "/usr/local/modules/groupserv/set"; +loadmodule "/usr/local/modules/groupserv/set_channel"; +loadmodule "/usr/local/modules/groupserv/set_description"; +loadmodule "/usr/local/modules/groupserv/set_email"; +loadmodule "/usr/local/modules/groupserv/set_groupname"; +loadmodule "/usr/local/modules/groupserv/set_joinflags"; +loadmodule "/usr/local/modules/groupserv/set_open"; +loadmodule "/usr/local/modules/groupserv/set_public"; +loadmodule "/usr/local/modules/groupserv/set_url"; +#loadmodule "/usr/local/modules/misc/httpd"; +#loadmodule "/usr/local/modules/misc/login_throttling"; +#loadmodule "/usr/local/modules/transport/xmlrpc"; +#loadmodule "/usr/local/modules/exttarget/oper"; +#loadmodule "/usr/local/modules/exttarget/registered"; +#loadmodule "/usr/local/modules/exttarget/channel"; +#loadmodule "/usr/local/modules/exttarget/chanacs"; +#loadmodule "/usr/local/modules/exttarget/server"; +#loadmodule "/usr/local/modules/proxyscan/dnsbl"; crypto { # argon2_type = "argon2id"; @@ -281,8 +281,8 @@ crypto { nickserv { nick = "NICKSERV"; - user = "NICKSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Nickname Services"; spam; no_nick_ownership; @@ -302,8 +302,8 @@ nickserv { chanserv { nick = "CHANSERV"; - user = "CHANSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Channel Services"; aliases { @@ -346,8 +346,8 @@ chanserv { chanfix { nick = "CHANFIX"; - user = "CHANFIX"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Channel Fixing Service"; aliases { @@ -362,8 +362,8 @@ chanfix { global { nick = "GLOBAL"; - user = "GLOBAL"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Network Announcements"; aliases { @@ -376,8 +376,8 @@ global { infoserv { nick = "INFOSERV"; - user = "INFOSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Information Service"; aliases { @@ -394,8 +394,8 @@ infoserv { operserv { nick = "OPERSERV"; - user = "OPERSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Operator Services"; aliases { @@ -410,8 +410,8 @@ operserv { saslserv { nick = "SASLSERV"; - user = "SASLSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "SASL Authentication Agent"; hide_server_names; }; @@ -419,8 +419,8 @@ saslserv { memoserv { nick = "MEMOSERV"; - user = "MEMOSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Memo Services"; aliases { @@ -435,8 +435,8 @@ memoserv { gameserv { nick = "GAMESERV"; - user = "GAMESERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Game Services"; aliases { @@ -449,8 +449,8 @@ gameserv { rpgserv { nick = "RPGSERV"; - user = "RPGSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "RPG Finding Services"; aliases { @@ -463,8 +463,8 @@ rpgserv { botserv { nick = "BOTSERV"; - user = "BOTSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Bot Services"; aliases { @@ -479,8 +479,8 @@ botserv { groupserv { nick = "GROUPSERV"; - user = "GROUPSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Group Management Services"; aliases { @@ -498,8 +498,8 @@ groupserv { hostserv { nick = "HOSTSERV"; - user = "HOSTSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Host Management Services"; aliases { @@ -518,8 +518,8 @@ hostserv { helpserv { nick = "HELPSERV"; - user = "HELPSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Help Services"; aliases { @@ -532,8 +532,8 @@ helpserv { statserv { nick = "STATSERV"; - user = "STATSERV"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Statistics Services"; aliases { @@ -546,8 +546,8 @@ statserv { alis { nick = "ALIS"; - user = "ALIS"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Channel Directory"; aliases { @@ -562,8 +562,8 @@ alis { proxyscan { nick = "PROXYSCAN"; - user = "PROXYSCAN"; - host = "services/-"; + user = "_"; + host = "services/SuperNETs"; real = "Proxyscan Service"; aliases { diff --git a/config.env.example b/config.env.example deleted file mode 100644 index 3321caf..0000000 --- a/config.env.example +++ /dev/null @@ -1 +0,0 @@ -SERVER_NAME="services.lame-network.local" diff --git a/docker-compose.yml b/docker-compose.yml index d7a6431..0f9d5b3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,8 +9,8 @@ services: env_file: "config.env" volumes: - data:/etc/atheme - - ./include.conf:/etc/atheme/include.conf:ro - - ./atheme.conf:/etc/atheme/atheme.conf:ro + - ./include.conf:/usr/local/etc/include.conf:ro + - ./atheme.conf:/usr/local/etc/atheme.conf:ro - ssl:/etc/ssl/atheme - log:/var/log/atheme volumes: diff --git a/stunnel/.gitignore b/stunnel/.gitignore new file mode 100644 index 0000000..7a596ed --- /dev/null +++ b/stunnel/.gitignore @@ -0,0 +1 @@ +stunnel.conf diff --git a/stunnel/Dockerfile b/stunnel/Dockerfile new file mode 100644 index 0000000..59fa152 --- /dev/null +++ b/stunnel/Dockerfile @@ -0,0 +1,11 @@ +ARG UBUNTU_VERSION="noble" + +FROM ubuntu:${UBUNTU_VERSION} + +RUN apt -y update + +RUN apt -y install stunnel + +ADD stunnel.conf /etc/stunnel/stunnel.conf + +CMD stunnel diff --git a/stunnel/docker-compose.yml b/stunnel/docker-compose.yml new file mode 100644 index 0000000..5e539d9 --- /dev/null +++ b/stunnel/docker-compose.yml @@ -0,0 +1,20 @@ +services: + stunnel: + restart: on-failure:3 + build: + context: . + image: stunnel + network_mode: "host" + volumes: + - ../custom/ca.crt:/ca.crt:ro + - ../custom/server.crt:/server.crt:ro + - ../custom/server.key:/server.key:ro + - ./stunnel.conf:/etc/stunnel/stunnel.conf:ro + ulimits: + nofile: + soft: "102400" + hard: "102400" + logging: + driver: "json-file" + options: + max-size: "64k" diff --git a/stunnel/stunnel.conf.example b/stunnel/stunnel.conf.example new file mode 100644 index 0000000..6fd35c4 --- /dev/null +++ b/stunnel/stunnel.conf.example @@ -0,0 +1,11 @@ +foreground = yes + +[PKI client] +client = yes +accept = 127.0.0.1:6000 +connect = 1.2.3.4:7777 +verifyChain = yes +CAfile = /ca.crt +cert = /server.crt +key = /server.key +checkHost = hub.lame-network.local