2024-11-16 13:21:37 +00:00
|
|
|
<include file="/etc/inspircd/codepages/rfc1459.conf">
|
|
|
|
|
2024-11-19 02:22:28 +00:00
|
|
|
<options allowmismatch="&env.ALLOW_MISMATCH;"
|
|
|
|
allowzerolimit="&env.ALLOW_ZERO_LIMIT;"
|
|
|
|
announcets="&env.ANNOUNCE_TS;"
|
|
|
|
cyclehosts="&env.CYCLE_HOST_TS;"
|
|
|
|
cyclehostsfromuser="&env.CYCLE_HOST_FROM_USER;"
|
|
|
|
defaultbind="auto"
|
|
|
|
exemptchanops="censor:o filter:o nickflood:o nonick:v regmoderated:o"
|
|
|
|
defaultmodes="npst"
|
|
|
|
fixedpart=""
|
|
|
|
fixedquit=""
|
|
|
|
hostintopic="&env.HOST_IN_TOPIC;"
|
|
|
|
invitebypassmodes="&env.INVITE_BYPASS_MODES;"
|
|
|
|
modesinlist="&env.MODES_IN_LIST;"
|
|
|
|
nosnoticestack="&env.NO_SNOTICE_STACK;"
|
|
|
|
pingwarning="&env.PING_WARNING;"
|
|
|
|
prefixpart="&env.PREFIX_PART;"
|
|
|
|
prefixquit="&env.PREFIX_QUIT;"
|
|
|
|
serverpingfreq="&env.SERVER_PING_FREQ;"
|
|
|
|
splitwhois="&env.SPLIT_WHOIS;"
|
|
|
|
suffixpart="&env.SUFFIX_PART;"
|
|
|
|
suffixquit="&env.SUFFIX_QUIT;"
|
|
|
|
syntaxhints="&env.SYNTAX_HINTS;"
|
|
|
|
xlinemessage="&env.XLINE_MESSAGE;">
|
|
|
|
|
2024-11-16 13:21:37 +00:00
|
|
|
<sslprofile certfile="/etc/inspircd/custom/server.crt"
|
|
|
|
keyfile="/etc/inspircd/custom/server.key"
|
|
|
|
cafile="/etc/inspircd/custom/ca.crt"
|
|
|
|
crlfile="/etc/inspircd/custom/crl.pem"
|
|
|
|
dhfile="/etc/inspircd/custom/dh.pem"
|
|
|
|
name="defaultssl"
|
|
|
|
tlsv11="no"
|
|
|
|
tlsv12="yes"
|
|
|
|
tlsv13="yes"
|
|
|
|
renegotiation="yes"
|
|
|
|
requestclientcert="yes"
|
|
|
|
provider="gnutls">
|
|
|
|
|
|
|
|
<sslprofile certfile="/etc/inspircd/custom/irc.crt"
|
|
|
|
keyfile="/etc/inspircd/custom/irc.key"
|
|
|
|
cafile="/etc/inspircd/custom/irc.ca.crt"
|
|
|
|
name="supernets_ssl"
|
|
|
|
tlsv11="no"
|
|
|
|
tlsv12="yes"
|
|
|
|
tlsv13="yes"
|
|
|
|
renegotiation="yes"
|
|
|
|
requestclientcert="yes"
|
|
|
|
provider="gnutls">
|
|
|
|
|
|
|
|
<exception host="*@100.64.0.0/10"
|
|
|
|
reason="tailscale network">
|
|
|
|
|
|
|
|
<exception host="*@127.0.0.1/32"
|
|
|
|
reason="localhost">
|
|
|
|
|
|
|
|
<exception host="*@fc00:dead:beef:4dad::/64"
|
|
|
|
reason="Tor ULA addresses (represents circuit ID)">
|
|
|
|
|
|
|
|
<eventexec command="/bin/true"
|
|
|
|
event="rehash">
|
|
|
|
|
|
|
|
<showfile endtext="End of uptime"
|
|
|
|
file="/proc/uptime"
|
|
|
|
introtext="server uptime:"
|
|
|
|
name="UPTIME">
|
|
|
|
|
|
|
|
<showfile endtext="End of loadavg"
|
|
|
|
file="/proc/loadavg"
|
|
|
|
introtext="server loadavg:"
|
|
|
|
name="LOADAVG">
|
|
|
|
|
|
|
|
<bind address="127.0.0.1"
|
|
|
|
port="7001"
|
|
|
|
hook="haproxy">
|
|
|
|
|
|
|
|
<connect commandrate="&env.COMMAND_RATE;"
|
|
|
|
fakelag="&env.FAKE_LAG;"
|
|
|
|
allow="127.0.0.1/32"
|
|
|
|
hardsendq="&env.HARD_SENDQ;"
|
|
|
|
maxchans="&env.MAX_CHANS;"
|
|
|
|
pingfreq="&env.PING_FREQ;"
|
|
|
|
recvq="&env.RECVQ;"
|
|
|
|
softsendq="&env.SOFT_SENDQ;"
|
|
|
|
threshold="&env.COMMAND_RATE_THRESHOLD;"
|
|
|
|
timeout="&env.PARTIAL_CONNECT_TIMEOUT;"
|
|
|
|
usecloak="yes"
|
|
|
|
useconnflood="&env.USE_CONN_FLOOD;"
|
|
|
|
usednsbl="no"
|
|
|
|
useident="no"
|
|
|
|
resolvehostnames="no"
|
|
|
|
useconnectban="no"
|
|
|
|
globalmax="&env.GLOBAL_MAX;"
|
|
|
|
localmax="&env.LOCAL_MAX;"
|
|
|
|
maxconnwarn="&env.MAX_CONN_WARN;"
|
|
|
|
modes="&env.DEFAULT_USER_MODES;"
|
|
|
|
name="tor_haproxy_shim"
|
|
|
|
port="7001">
|
|
|
|
|
|
|
|
<connect commandrate="&env.COMMAND_RATE;"
|
|
|
|
fakelag="&env.FAKE_LAG;"
|
|
|
|
allow="fc00:dead:beef:4dad::/64"
|
|
|
|
hardsendq="&env.HARD_SENDQ;"
|
|
|
|
maxchans="&env.MAX_CHANS;"
|
|
|
|
pingfreq="&env.PING_FREQ;"
|
|
|
|
recvq="&env.RECVQ;"
|
|
|
|
softsendq="&env.SOFT_SENDQ;"
|
|
|
|
threshold="&env.COMMAND_RATE_THRESHOLD;"
|
|
|
|
timeout="&env.PARTIAL_CONNECT_TIMEOUT;"
|
|
|
|
usecloak="yes"
|
|
|
|
useconnflood="&env.USE_CONN_FLOOD;"
|
|
|
|
usednsbl="no"
|
|
|
|
useident="no"
|
|
|
|
resolvehostnames="no"
|
|
|
|
useconnectban="no"
|
|
|
|
autojoin="#tor"
|
|
|
|
globalmax="&env.GLOBAL_MAX;"
|
|
|
|
localmax="&env.LOCAL_MAX;"
|
|
|
|
maxconnwarn="&env.MAX_CONN_WARN;"
|
|
|
|
modes="&env.DEFAULT_USER_MODES;"
|
|
|
|
name="tor"
|
|
|
|
port="6668">
|
|
|
|
|
|
|
|
<bind address="127.0.0.1"
|
|
|
|
port="8000"
|
|
|
|
type="httpd">
|
|
|
|
|
|
|
|
<bind address="*"
|
|
|
|
port="&env.SSL_PORT;"
|
|
|
|
sslprofile="supernets_ssl"
|
|
|
|
type="clients">
|
|
|
|
|
|
|
|
<bind address="*"
|
|
|
|
port="&env.PORT;"
|
|
|
|
type="clients">
|
|
|
|
|
|
|
|
<bind address="*"
|
|
|
|
port="&env.SERVER_SSL_PORT;"
|
|
|
|
sslprofile="defaultssl"
|
|
|
|
type="servers">
|
|
|
|
|
|
|
|
<admin email="&env.ADMIN_EMAIL;"
|
|
|
|
name="admin"
|
|
|
|
nick="admin">
|
|
|
|
|
|
|
|
<server description="internet relay chat network"
|
|
|
|
id="&env.SID;"
|
|
|
|
name="&env.SERVER_NAME;"
|
|
|
|
network="&env.NETWORK_NAME;">
|
|
|
|
|
|
|
|
<connect commandrate="&env.COMMAND_RATE;"
|
|
|
|
fakelag="&env.FAKE_LAG;"
|
|
|
|
hardsendq="&env.HARD_SENDQ;"
|
|
|
|
maxchans="&env.MAX_CHANS;"
|
|
|
|
name="all"
|
|
|
|
pingfreq="&env.PING_FREQ;"
|
|
|
|
recvq="&env.RECVQ;"
|
|
|
|
softsendq="&env.SOFT_SENDQ;"
|
|
|
|
threshold="&env.COMMAND_RATE_THRESHOLD;"
|
|
|
|
timeout="&env.PARTIAL_CONNECT_TIMEOUT;"
|
|
|
|
useconnflood="&env.USE_CONN_FLOOD;"
|
|
|
|
usednsbl="&env.USE_DNSBL;"
|
|
|
|
useident="&env.USE_IDENT;"
|
|
|
|
resolvehostnames="&env.RESOLVE_HOST_NAMES;"
|
|
|
|
useconnectban="&env.USE_CONNECT_BAN;">
|
|
|
|
|
|
|
|
<connect allow="*"
|
|
|
|
autojoin="#blackhole"
|
|
|
|
globalmax="&env.GLOBAL_MAX;"
|
|
|
|
localmax="&env.LOCAL_MAX;"
|
|
|
|
maxconnwarn="&env.MAX_CONN_WARN;"
|
|
|
|
modes="&env.DEFAULT_USER_MODES;"
|
|
|
|
name="default"
|
|
|
|
parent="all"
|
|
|
|
port="&env.PORT;">
|
|
|
|
|
|
|
|
<connect allow="*"
|
|
|
|
autojoin="#blackhole"
|
|
|
|
globalmax="&env.GLOBAL_MAX;"
|
|
|
|
localmax="&env.LOCAL_MAX;"
|
|
|
|
maxconnwarn="&env.MAX_CONN_WARN;"
|
|
|
|
modes="&env.SSL_USER_MODES;"
|
|
|
|
name="ssl"
|
|
|
|
parent="all"
|
|
|
|
port="&env.SSL_PORT;">
|
|
|
|
|
|
|
|
<connect allow="*"
|
|
|
|
name="authenticated"
|
|
|
|
globalmax="&env.GLOBAL_MAX;"
|
|
|
|
localmax="&env.LOCAL_MAX;"
|
|
|
|
maxconnwarn="&env.MAX_CONN_WARN;"
|
|
|
|
modes="&env.SSL_USER_MODES;"
|
|
|
|
parent="all"
|
|
|
|
port="&env.SSL_PORT;"
|
|
|
|
requireaccount="yes">
|
|
|
|
|
|
|
|
<operjoin channel="&env.OPER_CHANNEL;"
|
|
|
|
override="no">
|
|
|
|
|
|
|
|
<httpdacl password="&env.HTTP_ACL_PASSWORD;"
|
|
|
|
path="/*"
|
|
|
|
types="password"
|
|
|
|
username="&env.HTTP_ACL_USERNAME;">
|
|
|
|
|
|
|
|
<ident prefixunqueried="&env.IDENT_PREFIX_UNQUERIED;"
|
|
|
|
timeout="&env.IDENT_TIMEOUT;">
|
|
|
|
|
|
|
|
<permchannels channel="&env.OPER_CHANNEL;"
|
|
|
|
modes="npstOP"
|
|
|
|
topic="party line">
|
|
|
|
|
|
|
|
<permchannels channel="&env.SERVICE_CHANNEL;"
|
|
|
|
modes="npstOP"
|
|
|
|
topic="Service monitoring">
|
|
|
|
|
|
|
|
<permchannels channel="#blackhole"
|
|
|
|
modes="ntP"
|
|
|
|
topic="blackhole">
|
|
|
|
|
|
|
|
<exemptfromfilter target="&env.OPER_CHANNEL;">
|
|
|
|
|
|
|
|
<exemptfromfilter target="&env.SERVICE_CHANNEL;">
|
|
|
|
|
|
|
|
<exemptfromfilter target="&env.HELP_CHANNEL;">
|
|
|
|
|
|
|
|
<passforward cmd="SQUERY $nickrequired :IDENTIFY $nick $pass"
|
|
|
|
forwardmsg="NOTICE $nick :*** Forwarding PASS to $nickrequired"
|
|
|
|
nick="NICKSERV">
|