last minute fixes

Dockerfile

@@ -18,23 +18,23 @@ ENV SASL_TARGET="service.lame-network.local"
 
 ENV ADMIN_PASSWORD="changeme"
 
-ENV COMMAND_RATE="128000"
+ENV COMMAND_RATE="1000"
 
 ENV FAKE_LAG="off"
 
-ENV HARD_SENDQ="1M"
+ENV HARD_SENDQ="1048576"
 
 ENV MAX_CHANS="256"
 
 ENV PING_FREQ="64"
 
-ENV RECVQ="8K"
+ENV RECVQ="4096"
 
-ENV SOFT_SENDQ="8192"
+ENV SOFT_SENDQ="4096"
 
-ENV COMMAND_RATE_THRESHOLD="128"
+ENV COMMAND_RATE_THRESHOLD="10"
 
-ENV COMMAND_RATE_THRESHOLD_TIMEOUT="16"
+ENV PARTIAL_CONNECT_TIMEOUT="16s"
 
 ENV USE_CONN_FLOOD="no"
 
@@ -412,6 +412,24 @@ ENV AUDITORIUM_OPER_CAN_SEE="yes"
 
 ENV AUDITORIUM_OP_VISIBLE="no"
 
+ENV IPV4_CLONE="32"
+
+ENV IPV6_CLONE="64"
+
+ENV ROTATE_LOG_PERIOD="86400"
+
+ENV REGEX_TYPE="ecmascript"
+
+ENV ALLOW_CORE_UNLOAD="no"
+
+ENV ANNOUNCE_INVITES="dynamic"
+
+ENV XLINEDB_SAVE_PERIOD="128s"
+
+ENV PERMCHAN_LIST_MODES="yes"
+
+ENV PERMCHANDB_SAVE_PERIOD="128s"
+
 RUN apt -y update
 
 RUN apt -y install coreutils perl git automake autoconf build-essential libpcre2-dev rapidjson-dev libcurl4-gnutls-dev libargon2-dev libmaxminddb-dev libldap2-dev rapidjson-dev libmysqlclient-dev libmysqlclient-dev default-libmysqlclient-dev libpq-dev libre2-dev gnutls-dev libsqlite3-dev libmbedtls-dev libqrencode-dev libpcre3-dev libtre-dev pkg-config libwww-perl
@@ -471,6 +489,8 @@ RUN openssl x509 -req -days 365 -in /etc/ssl/inspircd/server.csr -signkey /etc/s
 
 RUN chown -R inspircd:inspircd /etc/inspircd /etc/ssl/inspircd /var/lib/inspircd /var/log/inspircd
 
+VOLUME /etc/inspircd/custom
+
 VOLUME /etc/ssl/inspircd
 
 VOLUME /var/lib/inspircd
@@ -481,4 +501,4 @@ USER inspircd
 
 WORKDIR /
 
-CMD /usr/local/bin/inspircd -c /etc/inspircd/inspircd.conf -F
+ENTRYPOINT ["/usr/local/bin/inspircd", "-c", "/etc/inspircd/inspircd.conf", "-F"]

config.env

@@ -1,26 +0,0 @@
-ADMIN_EMAIL="no-reply@supernets.org"
-SID="01B"
-SERVER_NAME="lux.supernets.org"
-NETWORK_NAME="SuperNETs"
-STS_HOST="irc.supernets.org"
-SASL_TARGET="services.supernets.org"
-ADMIN_PASSWORD="YzUzZmVmYjA0YjQwZjA5MjViYmNmYTFkOTQ0YzVmMzE3ODM3ZjI1MWYxZmY3ZGM3"
-PORT="6667"
-SSL_PORT="6697"
-SERVER_SSL_PORT="7000"
-HTTP_ACL_PASSWORD="MTU3OTI1MDgyNzczYzZlNTkyOTZlZjY2MGFlNjU4YmI0OGEwNmU5Nzk4YmJlOWYz"
-HTTP_ACL_USERNAME="supernets"
-ROLE_PLAY_VHOST="roleplay/supernets.org"
-CUSTOM_VERSION="c l a n d e s t i n  e"
-NET_ADMIN_VHOST="admin/supernets.org"
-GLOBAL_OP_VHOST="oper/supernets.org"
-HELPER_VHOST="helper/supernets.org"
-SERVICES_ULINE="services.supernets.org"
-WS_ORIGIN_ALLOW="lux.supernets.org"
-LINK_RECV_PASSWORD="MTg4ZDNjNTE5ZDU2MTQxZDdmZWNmNjU1ZjUzY2NkMWM3M2ZmMTY2NmFmYWJhOWIw"
-LINK_SEND_PASSWORD="MTg4ZDNjNTE5ZDU2MTQxZDdmZWNmNjU1ZjUzY2NkMWM3M2ZmMTY2NmFmYWJhOWIw"
-LINK_TIMEOUT="32"
-CLOAK_KEY="NzY2NDM5NTkyOTVmOTdmZDkzODA2NDk5MWRmNjVjZjRhMzcyOGZjMTgwY2YwMGIz"
-TOR_PREFIX="tor/"
-DEFAULT_USER_MODES="x"
-SSL_USER_MODES="x"

config.env.example

@@ -22,6 +22,5 @@ LINK_SEND_PASSWORD="changeme"
 LINK_TIMEOUT="32"
 CLOAK_KEY="changemechangemechangemechangeme"
 CLOAK_SUFFIX=".hidden"
-TOR_PREFIX="tor/"
 DEFAULT_USER_MODES="x"
 SSL_USER_MODES="x"

docker-compose.yml

@@ -7,7 +7,6 @@ services:
     image: inspi4
     network_mode: "host"
     env_file: "config.env"
-    command: /usr/local/bin/inspircd -c /etc/inspircd/inspircd.conf -F
     volumes:
       - ./custom:/etc/inspircd/custom:ro
       - ssl:/etc/ssl/inspircd

include.conf.example

@@ -86,7 +86,7 @@
 #          recvq="&env.RECVQ;"
 #          softsendq="&env.SOFT_SENDQ;"
 #          threshold="&env.COMMAND_RATE_THRESHOLD;"
-#          timeout="&env.COMMAND_RATE_THRESHOLD_TIMEOUT;"
+#          timeout="&env.PARTIAL_CONNECT_TIMEOUT;"
 #          usecloak="yes"
 #          useconnflood="&env.USE_CONN_FLOOD;"
 #          usednsbl="no"
@@ -122,7 +122,7 @@
 #          recvq="&env.RECVQ;"
 #          softsendq="&env.SOFT_SENDQ;"
 #          threshold="&env.COMMAND_RATE_THRESHOLD;"
-#          timeout="&env.COMMAND_RATE_THRESHOLD_TIMEOUT;"
+#          timeout="&env.PARTIAL_CONNECT_TIMEOUT;"
 #          usecloak="yes"
 #          useconnflood="&env.USE_CONN_FLOOD;"
 #          usednsbl="no"
@@ -182,7 +182,7 @@
          recvq="&env.RECVQ;"
          softsendq="&env.SOFT_SENDQ;"
          threshold="&env.COMMAND_RATE_THRESHOLD;"
-         timeout="&env.COMMAND_RATE_THRESHOLD_TIMEOUT;"
+         timeout="&env.PARTIAL_CONNECT_TIMEOUT;"
          useconnflood="&env.USE_CONN_FLOOD;"
          usednsbl="&env.USE_DNSBL;"
          useident="&env.USE_IDENT;"
@@ -252,6 +252,16 @@
              forwardmsg="NOTICE $nick :*** Forwarding PASS to $nickrequired"
              nick="NICKSERV">
 
+#<strictsasl reason="Fix your SASL authentication settings and try again">
+
+<allowchannel name="*">
+
+#<autojoinident chan="#blackhole"
+#              ident="*">
+
+#<anticaps lowercase="abcdefghijklmnopqrstuvwxyz"
+#          uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ">
+
 #<module name="account">
 
 #<module name="blockhighlight">

inspircd.conf

@@ -52,7 +52,7 @@
 <badnick nick="SASLSERV"  reason="Reserved For Services">
 <badnick nick="STATSERV"  reason="Reserved For Services">
 
-<cidr ipv4clone="32" ipv6clone="64">
+<cidr ipv4clone="&env.IPV4_CLONE;" ipv6clone="&env.IPV6_CLONE;">
 
 <class chanmodes="*"
        commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOADMODULE GLOADMODULE GUNLOADMODULE GRELOADMODULE"
@@ -114,7 +114,6 @@
 <options allowmismatch="&env.ALLOW_MISMATCH;"
          allowzerolimit="&env.ALLOW_ZERO_LIMIT;"
          announcets="&env.ANNOUNCE_TS;"
-         casemapping="ascii"
          cyclehosts="&env.CYCLE_HOST_TS;"
          cyclehostsfromuser="&env.CYCLE_HOST_FROM_USER;"
          defaultbind="auto"
@@ -150,8 +149,8 @@
 
 <pid file="/tmp/inspircd.pid">
 
-<security allowcoreunload="no"
+<security allowcoreunload="&env.ALLOW_CORE_UNLOAD;"
-          announceinvites="dynamic"
+          announceinvites="&env.ANNOUNCE_INVITES;"
           customversion="&env.CUSTOM_VERSION;"
           flatlinks="&env.FLAT_LINKS;"
           genericoper="&env.GENERIC_OPER;"
@@ -303,22 +302,12 @@
        text="GLOBAL"
        uline="yes">
 
-<allowchannel name="*">
-
-<anticaps lowercase="abcdefghijklmnopqrstuvwxyz"
-          uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ">
-
 <auditorium opcansee="&env.AUDITORIUM_OP_CAN_SEE;"
             opercansee="&env.AUDITORIUM_OPER_CAN_SEE;"
             opvisible="&env.AUDITORIUM_OP_VISIBLE;">
 
 <autodrop commands="CONNECT DELETE GET HEAD OPTIONS PATCH POST PUT TRACE">
 
-<autojoinident chan="#blackhole"
-               ident="*">
-
-<bcrypt rounds="16">
-
 <blockamsg action="&env.BLOCK_AMSG_ACTION;"
            delay="&env.BLOCK_AMSG_DELAY;">
 
@@ -527,18 +516,12 @@
           noisy="&env.OVERRIDE_NOISY;"
           requirekey="&env.OVERRIDE_REQUIRE_KEY;">
 
-<pbkdf2 iterations="12288"
-        length="32">
-
-<pbkdf2prov hash="sha256"
-            iterations="24576">
-
 <penalty name="HELPOP"
          value="60">
 
 <permchanneldb filename="/var/lib/inspircd/permchannels.db"
-               listmodes="yes"
+               listmodes="&env.PERMCHAN_LIST_MODES;"
-               saveperiod="1d">
+               saveperiod="&env.PERMCHANDB_SAVE_PERIOD;">
 
 <remove protectedrank="50000"
         supportnokicks="&env.REMOVE_SUPPORT_NO_KICKS;">
@@ -555,7 +538,7 @@
        matchonnickchange="&env.RLINE_MATCH_ON_NICK_CHANGE;"
        zlineonmatch="&env.RLINE_ZLINE_ON_MATCH;">
 
-<rotatelog period="86400">
+<rotatelog period="&env.ROTATE_LOG_PERIOD;">
 
 <securelist exemptregistered="&env.SECURE_LIST_EXEMPT_REGISTERED;"
             showmsg="&env.SECURE_LIST_SHOW_MSG;"
@@ -578,9 +561,7 @@
 
 <sslmodes enableumode="&env.SSL_ENABLE_UMODE;">
 
-<stdregex type="ecmascript">
+<stdregex type="&env.REGEX_TYPE;">
-
-<strictsasl reason="Fix your SASL authentication settings and try again">
 
 <svshold silent="&env.SVS_HOLD_SILENT;">
 
@@ -597,7 +578,7 @@
 <wsorigin allow="&env.WS_ORIGIN_ALLOW;">
 
 <xlinedb filename="/var/lib/inspircd/xline.db"
-         saveperiod="128s">
+         saveperiod="&env.XLINEDB_SAVE_PERIOD;">
 
 <zombie cleansplit="&env.ZOMBIE_CLEAN_SPLIT;"
         dirtysplit="&env.ZOMBIE_DIRTY_SPLIT;"