From cb3f82a66bec51f8e99687412e73eca70e7dcfe1 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 31 Oct 2024 19:37:40 +0300 Subject: [PATCH] add anope --- {services => anope}/.env | 0 {services => anope}/.gitignore | 0 anope/Dockerfile | 56 + anope/anope.conf | 1534 +++++++++++++++++++++ {services => anope}/config.env.example | 0 anope/docker-compose.yml | 21 + anope/include.default.conf | 106 ++ atheme/.env | 1 + atheme/.gitignore | 2 + {services => atheme}/Dockerfile | 0 {services => atheme}/README.md | 0 {services => atheme}/atheme.conf | 116 +- atheme/config.env.example | 1 + {services => atheme}/docker-compose.yml | 0 {services => atheme}/include.default.conf | 0 config.env.example | 2 + 16 files changed, 1770 insertions(+), 69 deletions(-) rename {services => anope}/.env (100%) rename {services => anope}/.gitignore (100%) create mode 100644 anope/Dockerfile create mode 100644 anope/anope.conf rename {services => anope}/config.env.example (100%) create mode 100644 anope/docker-compose.yml create mode 100644 anope/include.default.conf create mode 120000 atheme/.env create mode 100644 atheme/.gitignore rename {services => atheme}/Dockerfile (100%) rename {services => atheme}/README.md (100%) rename {services => atheme}/atheme.conf (86%) create mode 100644 atheme/config.env.example rename {services => atheme}/docker-compose.yml (100%) rename {services => atheme}/include.default.conf (100%) diff --git a/services/.env b/anope/.env similarity index 100% rename from services/.env rename to anope/.env diff --git a/services/.gitignore b/anope/.gitignore similarity index 100% rename from services/.gitignore rename to anope/.gitignore diff --git a/anope/Dockerfile b/anope/Dockerfile new file mode 100644 index 0000000..fe585b4 --- /dev/null +++ b/anope/Dockerfile @@ -0,0 +1,56 @@ +FROM ubuntu:latest + +ARG BUILD_SERVER_NAME="services.lame-network.local" + +RUN apt -y update + +RUN apt -y install coreutils cmake perl git automake autoconf build-essential libpcre2-dev rapidjson-dev libcurl4-gnutls-dev libargon2-dev libmaxminddb-dev libldap2-dev rapidjson-dev libmysqlclient-dev libmysqlclient-dev default-libmysqlclient-dev libpq-dev libre2-dev gnutls-dev libsqlite3-dev libmbedtls-dev libqrencode-dev libpcre3-dev libtre-dev pkg-config libwww-perl libidn-dev libpasswdqc-dev libcrack2-dev libperl-dev libsodium-dev cracklib-runtime libcrypt-cracklib-perl sendmail + +RUN groupadd anope + +RUN useradd --system --shell /bin/bash anope -g anope + +WORKDIR /tmp + +RUN git clone https://github.com/anope/anope.git + +WORKDIR /tmp/anope/modules + +RUN ls -1 extra/*.cpp | xargs -i ln -s {} + +WORKDIR /tmp/anope + +RUN cmake -DINSTDIR:STRING=/usr/local -DRUNGROUP:STRING=anope -DDEFUMASK:STRING=007 -DCMAKE_BUILD_TYPE:STRING=RELEASE -B /tmp/anope/build /tmp/anope + +WORKDIR /tmp/anope/build + +RUN make -j$(nproc) + +RUN make install + +RUN mkdir -p /etc/anope -p /etc/ssl/anope -p /var/log/anope -p /var/lib/anope + +ADD anope.conf /etc/anope + +ADD include.default.conf /etc/anope/include.conf + +RUN openssl genrsa -out /etc/ssl/anope/server.key + +RUN openssl req -new -key /etc/ssl/anope/server.key -out /etc/ssl/anope/server.csr \ + -subj "/C=US/ST=Washington/L=Seattle/O=LameNetwork/OU=IT Department/CN=$BUILD_SERVER_NAME" + +RUN openssl x509 -req -days 365 -in /etc/ssl/anope/server.csr -signkey /etc/ssl/anope/server.key -out /etc/ssl/anope/server.crt + +RUN chown -R anope:anope /etc/anope /etc/ssl/anope /var/log/anope /var/lib/anope + +WORKDIR / + +VOLUME /var/lib/anope + +VOLUME /etc/ssl/anope + +VOLUME /var/log/anope + +USER anope + +ENTRYPOINT ["/usr/local/bin/anope", "--nofork", "--config=/etc/anope/anope.conf", "--dbdir=/var/lib/anope", "--logdir=/var/log/anope", "--moduledir=/usr/local/modules"] diff --git a/anope/anope.conf b/anope/anope.conf new file mode 100644 index 0000000..4b906fe --- /dev/null +++ b/anope/anope.conf @@ -0,0 +1,1534 @@ +include +{ + type = "file" + name = "/etc/anope/include.conf" +} + +module { name = "inspircd" } + +options +{ + user = "anope" + group = "anope" + casemap = "ascii" + badpasslimit = 5 + badpasstimeout = 1h + updatetimeout = 2m + expiretimeout = 30m + readtimeout = 5s + timeoutcheck = 3s + servicealias = yes + hidestatso = no + retrywait = 60s + hideprivilegedcommands = yes + hideregisteredcommands = yes + didyoumeandifference = 4 + regexengine = "regex/stdlib" + languages = "de_DE.UTF-8 el_GR.UTF-8 es_ES.UTF-8 fr_FR.UTF-8 it_IT.UTF-8 nl_NL.UTF-8 pl_PL.UTF-8 pt_PT.UTF-8 tr_TR.UTF-8" + defaultlanguage = "en_US.UTF-8" +} + +log +{ + target = "/var/log/anope/services.log #services" + bot = "GLOBAL" + logage = 7 + admin = "*" + override = "chanserv/* nickserv/* memoserv/set ~botserv/set botserv/*" + commands = "~operserv/* *" + servers = "*" + channels = "~mode *" + users = "connect disconnect nick" + other = "*" + rawio = no + debug = no +} + +log +{ + bot = "GLOBAL" + target = "globops" + admin = "global/* operserv/chankill operserv/mode operserv/kick operserv/akill operserv/s*line operserv/noop operserv/jupe operserv/set operserv/svsnick operserv/svsjoin operserv/svspart nickserv/getpass */drop" + servers = "squit" + users = "oper" + other = "expire/* bados akill/*" +} + +opertype +{ + name = "Helper" + commands = "hostserv/*" +} + +opertype +{ + name = "Services Operator" + inherits = "Helper, Another Helper" + commands = "chanserv/list chanserv/suspend chanserv/topic memoserv/staff nickserv/list nickserv/suspend operserv/mode operserv/chankill operserv/akill operserv/session operserv/modinfo operserv/sqline operserv/oper operserv/kick operserv/ignore operserv/snline" + privs = "chanserv/auspex chanserv/no-register-limit memoserv/* nickserv/auspex nickserv/confirm" +} + +opertype +{ + name = "Services Administrator" + inherits = "Services Operator" + commands = "botserv/* chanserv/access/list chanserv/drop chanserv/getkey chanserv/saset/noexpire memoserv/sendall nickserv/saset/* nickserv/getemail operserv/news operserv/jupe operserv/svs operserv/stats operserv/noop operserv/forbid global/*" + privs = "*" +} + +opertype +{ + name = "Services Root" + commands = "*" + privs = "*" +} + +module +{ + name = "enc_sha2" +} + +module +{ + name = "enc_argon2" +} + +module +{ + name = "enc_bcrypt" +} + +module { name = "enc_posix" } + +module { name = "help" } + +module +{ + ip = 127.53.127.53 + port = 53 + name = "dns" + nameserver = "/etc/resolv.conf" + timeout = 2 +} + +module +{ + name = "dnsbl" + check_on_connect = yes + check_on_netburst = yes + add_to_akill = yes + + blacklist + { + name = "rbl.efnetrbl.org" + time = 4h + reason = "You are listed in the EFnet RBL, visit https://rbl.efnetrbl.org/?i=%i for info" + + reply + { + code = 1 + reason = "Open Proxy" + } + + reply + { + code = 2 + reason = "spamtrap666" + } + + reply + { + code = 3 + reason = "spamtrap50" + } + + reply + { + code = 4 + reason = "TOR" + allow_account = yes + } + + reply + { + code = 5 + reason = "Drones / Flooding" + } + } + + blacklist + { + name = "dnsbl.dronebl.org" + time = 4h + reason = "You have a host listed in the DroneBL. For more information, visit https://dronebl.org/lookup_branded?ip=%i&network=%N" + } + + exempt { ip = "127.0.0.0/8" } +} + +module +{ + name = "helpchan" + helpchannel = "#help" +} + +module { name = "regex_posix" } + +module +{ + name = "regex_stdlib" + syntax = "ecmascript" +} + +module { name = "regex_tre" } + +module { name = "rewrite" } + +command +{ + service = "CHANSERV"; + name = "CLEAR"; + command = "rewrite" + rewrite = true + rewrite_source = "CLEAR $ USERS" + rewrite_target = "KICK $1 *" + rewrite_description = "Clears all users from a channel" +} + +module { name = "sasl" } + +module +{ + name = "ssl_gnutls" + cert = "/etc/ssl/anope/server.crt" + key = "/etc/ssl/anope/server.key" +} + +service +{ + nick = "BOTSERV" + user = "_" + host = "services/_" + gecos = "Bot Service" + channels = "@#services" + alias = "BS" +} + +module +{ + name = "botserv" + client = "BOTSERV" + defaults = "greet fantasy" + minusers = 0 + smartjoin = yes + botmodes = "ao" +} + +command { service = "BOTSERV"; name = "HELP"; command = "generic/help"; } + +module { name = "bs_assign" } + +command { service = "BOTSERV"; name = "ASSIGN"; command = "botserv/assign"; } +command { service = "BOTSERV"; name = "UNASSIGN"; command = "botserv/unassign"; } +command { service = "BOTSERV"; name = "SET NOBOT"; command = "botserv/set/nobot"; permission = "botserv/set/nobot"; } + +module +{ + name = "bs_autoassign" + bot = "CHANSERV" +} + +module +{ + name = "bs_badwords" + badwordsmax = 1024 + casesensitive = yes +} + +command { service = "BOTSERV"; name = "BADWORDS"; command = "botserv/badwords"; } + +module { name = "bs_bot" } +command { service = "BOTSERV"; name = "BOT"; command = "botserv/bot"; permission = "botserv/bot"; } + +module { name = "bs_botlist" } +command { service = "BOTSERV"; name = "BOTLIST"; command = "botserv/botlist"; } + +module { name = "bs_control" } +command { service = "BOTSERV"; name = "ACT"; command = "botserv/act"; } +command { service = "BOTSERV"; name = "SAY"; command = "botserv/say"; } + +module { name = "bs_info" } +command { service = "BOTSERV"; name = "INFO"; command = "botserv/info"; } + +module +{ + name = "bs_kick" + keepdata = 10m + gentlebadwordreason = yes +} + +command { service = "BOTSERV"; name = "KICK"; command = "botserv/kick"; } +command { service = "BOTSERV"; name = "KICK AMSG"; command = "botserv/kick/amsg"; } +command { service = "BOTSERV"; name = "KICK BADWORDS"; command = "botserv/kick/badwords"; } +command { service = "BOTSERV"; name = "KICK BOLDS"; command = "botserv/kick/bolds"; } +command { service = "BOTSERV"; name = "KICK CAPS"; command = "botserv/kick/caps"; } +command { service = "BOTSERV"; name = "KICK COLORS"; command = "botserv/kick/colors"; } +command { service = "BOTSERV"; name = "KICK FLOOD"; command = "botserv/kick/flood"; } +command { service = "BOTSERV"; name = "KICK ITALICS"; command = "botserv/kick/italics"; } +command { service = "BOTSERV"; name = "KICK REPEAT"; command = "botserv/kick/repeat"; } +command { service = "BOTSERV"; name = "KICK REVERSES"; command = "botserv/kick/reverses"; } +command { service = "BOTSERV"; name = "KICK UNDERLINES"; command = "botserv/kick/underlines"; } + +command { service = "BOTSERV"; name = "SET DONTKICKOPS"; command = "botserv/set/dontkickops"; } +command { service = "BOTSERV"; name = "SET DONTKICKVOICES"; command = "botserv/set/dontkickvoices"; } + + +module { name = "bs_set" } +command { service = "BOTSERV"; name = "SET"; command = "botserv/set"; } +command { service = "BOTSERV"; name = "SET BANEXPIRE"; command = "botserv/set/banexpire"; } +command { service = "BOTSERV"; name = "SET PRIVATE"; command = "botserv/set/private"; permission = "botserv/set/private"; } + +module { name = "greet" } +command { service = "BOTSERV"; name = "SET GREET"; command = "botserv/set/greet"; } +command { service = "NICKSERV"; name = "SET GREET"; command = "nickserv/set/greet"; } +command { service = "NICKSERV"; name = "SASET GREET"; command = "nickserv/saset/greet"; permission = "nickserv/saset/greet"; } + +privilege +{ + name = "GREET" + desc = _("Greet message displayed on join") + rank = 40 + level = 5 + flag = "g" + xop = "AOP" +} + + +module +{ + name = "fantasy" + fantasycharacter = "?" +} + +command { service = "BOTSERV"; name = "SET FANTASY"; command = "botserv/set/fantasy"; } + +fantasy { name = "ACCESS"; command = "chanserv/access"; } +fantasy { name = "AKICK"; command = "chanserv/akick"; } +fantasy { name = "AOP"; command = "chanserv/xop"; } +fantasy { name = "BAN"; command = "chanserv/ban"; } +fantasy { name = "CLONE"; command = "chanserv/clone"; } +fantasy { name = "DEHALFOP"; command = "chanserv/modes"; } +fantasy { name = "DEOP"; command = "chanserv/modes"; } +fantasy { name = "DEOWNER"; command = "chanserv/modes"; } +fantasy { name = "DEPROTECT"; command = "chanserv/modes"; } +fantasy { name = "DEVOICE"; command = "chanserv/modes"; } +fantasy { name = "DOWN"; command = "chanserv/down"; } +fantasy { name = "ENFORCE"; command = "chanserv/enforce"; } +fantasy { name = "ENTRYMSG"; command = "chanserv/entrymsg"; } +fantasy { name = "FLAGS"; command = "chanserv/flags"; } +fantasy { name = "HALFOP"; command = "chanserv/modes"; } +fantasy { name = "HELP"; command = "generic/help"; prepend_channel = false; } +fantasy { name = "HOP"; command = "chanserv/xop"; } +fantasy { name = "INFO"; command = "chanserv/info"; prepend_channel = false; } +fantasy { name = "INVITE"; command = "chanserv/invite"; } +fantasy { name = "K"; command = "chanserv/kick"; } +fantasy { name = "KB"; command = "chanserv/ban"; } +fantasy { name = "KICK"; command = "chanserv/kick"; } +fantasy { name = "LEVELS"; command = "chanserv/levels"; } +fantasy { name = "LIST"; command = "chanserv/list"; prepend_channel = false; } +fantasy { name = "LOG"; command = "chanserv/log"; } +fantasy { name = "MODE"; command = "chanserv/mode"; } +fantasy { name = "MUTE"; command = "chanserv/ban"; kick = no; mode = "QUIET"; } +fantasy { name = "OP"; command = "chanserv/modes"; } +fantasy { name = "OWNER"; command = "chanserv/modes"; } +fantasy { name = "PROTECT"; command = "chanserv/modes"; } +fantasy { name = "QOP"; command = "chanserv/xop"; } +fantasy { name = "SEEN"; command = "chanserv/seen"; prepend_channel = false; } +fantasy { name = "SOP"; command = "chanserv/xop"; } +fantasy { name = "STATUS"; command = "chanserv/status"; } +fantasy { name = "SUSPEND"; command = "chanserv/suspend"; permission = "chanserv/suspend"; } +fantasy { name = "SYNC"; command = "chanserv/sync"; } +fantasy { name = "TOPIC"; command = "chanserv/topic"; } +fantasy { name = "UNBAN"; command = "chanserv/unban"; } +fantasy { name = "UNSUSPEND"; command = "chanserv/unsuspend"; permission = "chanserv/suspend"; } +fantasy { name = "UP"; command = "chanserv/up"; } +fantasy { name = "VOICE"; command = "chanserv/modes"; } +fantasy { name = "VOP"; command = "chanserv/xop"; } + +service +{ + nick = "CHANSERV" + user = "_" + host = "services/_" + gecos = "Channel Registration Service" + channels = "@#services" +} + +module +{ + name = "chanserv" + client = "CHANSERV" + defaults = "keeptopic peace securefounder signkick" + maxregistered = 20 + expire = 32y + accessmax = 1000 + inhabit = 1m + opersonly = no + nomlock = "P" + require = "r" + reasonmax = 200 + signkickformat = "%m (%n)" + disallow_hostmask_access = false + disallow_channel_access = false + always_lower_ts = false +} + +privilege +{ + name = "ACCESS_CHANGE" + desc = _("Allowed to modify the access list") + rank = 0 + level = 10 + flag = "f" + xop = "SOP" +} + +privilege +{ + name = "ACCESS_LIST" + desc = _("Allowed to view the access list") + rank = 10 + level = 3 + flag = "f" + xop = "VOP" +} + +privilege +{ + name = "AKICK" + desc = _("Allowed to use the AKICK command") + rank = 250 + level = 10 + flag = "K" + xop = "SOP" +} + +privilege +{ + name = "ASSIGN" + desc = _("Allowed to assign/unassign a bot") + rank = 270 + level = "founder" + flag = "s" + xop = "QOP" +} + +privilege +{ + name = "AUTOHALFOP" + desc = _("Automatic halfop upon join") + rank = 100 + level = 4 + flag = "H" + xop = "HOP" +} + +privilege +{ + name = "AUTOOP" + desc = _("Automatic channel operator status upon join") + rank = 210 + level = 5 + flag = "O" + xop = "AOP" +} + +privilege +{ + name = "AUTOOWNER" + desc = _("Automatic owner upon join") + rank = 330 + level = 9999 + flag = "Q" + xop = "QOP" +} + +privilege +{ + name = "AUTOPROTECT" + desc = _("Automatic protect upon join") + rank = 240 + level = 10 + flag = "A" + xop = "SOP" +} + +privilege +{ + name = "AUTOVOICE" + desc = _("Automatic voice on join") + rank = 50 + level = 3 + flag = "V" + xop = "VOP" +} + +privilege +{ + name = "BADWORDS" + desc = _("Allowed to modify channel badwords list") + rank = 260 + level = 10 + flag = "K" + xop = "SOP" +} + +privilege +{ + name = "BAN" + desc = _("Allowed to ban users") + rank = 150 + level = 4 + flag = "b" + xop = "HOP" +} + +privilege +{ + name = "FANTASY" + desc = _("Allowed to use fantasy commands") + rank = 30 + level = 3 + flag = "c" + xop = "VOP" +} + +privilege +{ + name = "FOUNDER" + desc = _("Allowed to issue commands restricted to channel founders") + rank = 360 + level = 10000 + flag = "F" + xop = "QOP" +} + +privilege +{ + name = "GETKEY" + desc = _("Allowed to use GETKEY command") + rank = 180 + level = 5 + flag = "G" + xop = "AOP" +} + +privilege +{ + name = "HALFOP" + desc = _("Allowed to (de)halfop users") + rank = 120 + level = 5 + flag = "h" + xop = "AOP" +} + +privilege +{ + name = "HALFOPME" + desc = _("Allowed to (de)halfop themself") + rank = 110 + level = 4 + flag = "h" + xop = "HOP" +} + +privilege +{ + name = "INFO" + desc = _("Allowed to get full INFO output") + rank = 80 + level = 9999 + flag = "I" + xop = "QOP" +} + +privilege +{ + name = "INVITE" + desc = _("Allowed to use the INVITE command") + rank = 190 + level = 5 + flag = "i" + xop = "AOP" +} + +privilege +{ + name = "KICK" + desc = _("Allowed to use the KICK command") + rank = 130 + level = 4 + flag = "k" + xop = "HOP" +} + +privilege +{ + name = "MEMO" + desc = _("Allowed to read channel memos") + rank = 280 + level = 10 + flag = "m" + xop = "SOP" +} + +privilege +{ + name = "MODE" + desc = _("Allowed to use the MODE command") + rank = 170 + level = 9999 + flag = "s" + xop = "QOP" +} + +privilege +{ + name = "NOKICK" + desc = _("Prevents users being kicked by services") + rank = 20 + level = 1 + flag = "N" + xop = "VOP" +} + +privilege +{ + name = "OP" + desc = _("Allowed to (de)op users") + rank = 230 + level = 5 + flag = "o" + xop = "SOP" +} + +privilege +{ + name = "OPME" + desc = _("Allowed to (de)op themself") + rank = 220 + level = 5 + flag = "o" + xop = "AOP" +} + +privilege +{ + name = "OWNER" + desc = _("Allowed to (de)owner users") + rank = 350 + level = "founder" + flag = "q" + xop = "QOP" +} + +privilege +{ + name = "OWNERME" + desc = _("Allowed to (de)owner themself") + rank = 340 + level = 9999 + flag = "q" + xop = "QOP" +} + +privilege +{ + name = "PROTECT" + desc = _("Allowed to (de)protect users") + rank = 310 + level = 9999 + flag = "a" + xop = "QOP" +} + +privilege +{ + name = "PROTECTME" + desc = _("Allowed to (de)protect themself") + rank = 300 + level = 10 + flag = "a" + xop = "SOP" +} + +privilege +{ + name = "SAY" + desc = _("Allowed to use SAY and ACT commands") + rank = 90 + level = 5 + flag = "B" + xop = "AOP" +} + +privilege +{ + name = "SET" + desc = _("Allowed to set channel settings") + rank = 320 + level = 9999 + flag = "s" + xop = "QOP" +} + +privilege +{ + name = "SIGNKICK" + desc = _("No signed kick when SIGNKICK LEVEL is used") + rank = 140 + level = 9999 + flag = "K" + xop = "QOP" +} + +privilege +{ + name = "TOPIC" + desc = _("Allowed to change channel topics") + rank = 160 + level = 5 + flag = "t" + xop = "AOP" +} + +privilege +{ + name = "UNBAN" + desc = _("Allowed to unban users") + rank = 200 + level = 4 + flag = "u" + xop = "HOP" +} + +privilege +{ + name = "UNBANME" + desc = _("Allowed to unban themself") + rank = 200 + level = 4 + flag = "U" + xop = "HOP" +} + +privilege +{ + name = "VOICE" + desc = _("Allowed to (de)voice users") + rank = 70 + level = 4 + flag = "v" + xop = "HOP" +} + +privilege +{ + name = "VOICEME" + desc = _("Allowed to (de)voice themself") + rank = 60 + level = 3 + flag = "v" + xop = "VOP" +} + +command_group +{ + name = "chanserv/access" + description = _("Used to manage the list of privileged users") +} + +command_group +{ + name = "chanserv/status" + description = _("Used to modify the channel status of you or other users") +} + +command_group +{ + name = "chanserv/management" + description = _("Used to manage channels") +} + +command_group +{ + name = "chanserv/admin" + description = _("Services Operator commands") +} + +command { service = "CHANSERV"; name = "HELP"; command = "generic/help"; } + +module { name = "cs_access" } +command { service = "CHANSERV"; name = "ACCESS"; command = "chanserv/access"; group = "chanserv/access"; } +command { service = "CHANSERV"; name = "LEVELS"; command = "chanserv/levels"; group = "chanserv/access"; } + +module +{ + name = "cs_akick" + autokickmax = 50 + autokickreason = "User has been banned from the channel" +} + +command { service = "CHANSERV"; name = "AKICK"; command = "chanserv/akick"; group = "chanserv/management"; } + +module { name = "cs_ban" } +command { service = "CHANSERV"; name = "BAN"; command = "chanserv/ban"; } + +module { name = "cs_clone" } +command { service = "CHANSERV"; name = "CLONE"; command = "chanserv/clone"; group = "chanserv/management"; } + +module { name = "cs_drop" } +command { service = "CHANSERV"; name = "DROP"; command = "chanserv/drop"; } + + +module { name = "cs_enforce" } +command { service = "CHANSERV"; name = "ENFORCE"; command = "chanserv/enforce"; group = "chanserv/management"; } + +module +{ + name = "cs_entrymsg" + maxentries = 32 +} +command { service = "CHANSERV"; name = "ENTRYMSG"; command = "chanserv/entrymsg"; group = "chanserv/management"; } + +module { name = "cs_flags" } +command { service = "CHANSERV"; name = "FLAGS"; command = "chanserv/flags"; group = "chanserv/access"; } + +module { name = "cs_getkey" } +command { service = "CHANSERV"; name = "GETKEY"; command = "chanserv/getkey"; } + +module { name = "cs_info" } +command { service = "CHANSERV"; name = "INFO"; command = "chanserv/info"; } + +module { name = "cs_invite" } +command { service = "CHANSERV"; name = "INVITE"; command = "chanserv/invite"; } + +module { name = "cs_kick" } +command { service = "CHANSERV"; name = "KICK"; command = "chanserv/kick"; } + +module +{ + name = "cs_list" + listmax = 50 +} + +command { service = "CHANSERV"; name = "LIST"; command = "chanserv/list"; } + +command { service = "CHANSERV"; name = "SET PRIVATE"; command = "chanserv/set/private"; } + + +module +{ + name = "cs_log" + default + { + command = "chanserv/modes" + method = "MESSAGE @" + } + + default + { + service = "CHANSERV" + command = "ACCESS" + method = "MESSAGE @" + } + + default + { + command = "chanserv/xop" + method = "MESSAGE @" + } + + default + { + service = "CHANSERV" + command = "FLAGS" + method = "MESSAGE @" + } +} + +command { service = "CHANSERV"; name = "LOG"; command = "chanserv/log"; group = "chanserv/management"; } + +module +{ + name = "cs_mode" + mlock = "+nt" + max = 50 +} + +command { service = "CHANSERV"; name = "MODE"; command = "chanserv/mode"; group = "chanserv/management"; } + +command { service = "CHANSERV"; name = "OWNER"; command = "chanserv/modes"; group = "chanserv/status"; set = "OWNER" } +command { service = "CHANSERV"; name = "DEOWNER"; command = "chanserv/modes"; group = "chanserv/status"; unset = "OWNER" } + +command { service = "CHANSERV"; name = "PROTECT"; command = "chanserv/modes"; group = "chanserv/status"; set = "PROTECT" } +command { service = "CHANSERV"; name = "DEPROTECT"; command = "chanserv/modes"; group = "chanserv/status"; unset = "PROTECT" } + +command { service = "CHANSERV"; name = "OP"; command = "chanserv/modes"; group = "chanserv/status"; set = "OP" } +command { service = "CHANSERV"; name = "DEOP"; command = "chanserv/modes"; group = "chanserv/status"; unset = "OP" } + +command { service = "CHANSERV"; name = "HALFOP"; command = "chanserv/modes"; group = "chanserv/status"; set = "HALFOP" } +command { service = "CHANSERV"; name = "DEHALFOP"; command = "chanserv/modes"; group = "chanserv/status"; unset = "HALFOP" } + +command { service = "CHANSERV"; name = "VOICE"; command = "chanserv/modes"; group = "chanserv/status"; set = "VOICE" } +command { service = "CHANSERV"; name = "DEVOICE"; command = "chanserv/modes"; group = "chanserv/status"; unset = "VOICE" } + + +module { name = "cs_register" } +command { service = "CHANSERV"; name = "REGISTER"; command = "chanserv/register"; } + +module +{ + name = "cs_seen" + simple = false + purgetime = "30d" +} + +command { service = "OPERSERV"; name = "SEEN"; command = "operserv/seen"; permission = "operserv/seen"; } +fantasy { name = "SEEN"; command = "operserv/seen"; prepend_channel = false; } + +module +{ + name = "cs_set" + defbantype = 2 + persist_lower_ts = true +} + +command { service = "CHANSERV"; name = "SET"; command = "chanserv/set"; group = "chanserv/management"; } +command { service = "CHANSERV"; name = "SET AUTOOP"; command = "chanserv/set/autoop"; } +command { service = "CHANSERV"; name = "SET BANTYPE"; command = "chanserv/set/bantype"; } +command { service = "CHANSERV"; name = "SET DESCRIPTION"; command = "chanserv/set/description"; } +command { service = "CHANSERV"; name = "SET DESC"; command = "chanserv/set/description"; hide = yes; } +command { service = "CHANSERV"; name = "SET FOUNDER"; command = "chanserv/set/founder"; } +command { service = "CHANSERV"; name = "SET KEEPMODES"; command = "chanserv/set/keepmodes"; } +command { service = "CHANSERV"; name = "SET PEACE"; command = "chanserv/set/peace"; } +command { service = "CHANSERV"; name = "SET PERSIST"; command = "chanserv/set/persist"; } +command { service = "CHANSERV"; name = "SET RESTRICTED"; command = "chanserv/set/restricted"; } +command { service = "CHANSERV"; name = "SET SECURE"; command = "chanserv/set/secure"; } +command { service = "CHANSERV"; name = "SET SECUREFOUNDER"; command = "chanserv/set/securefounder"; } +command { service = "CHANSERV"; name = "SET SECUREOPS"; command = "chanserv/set/secureops"; } +command { service = "CHANSERV"; name = "SET SIGNKICK"; command = "chanserv/set/signkick"; } +command { service = "CHANSERV"; name = "SET SUCCESSOR"; command = "chanserv/set/successor"; } +command { service = "CHANSERV"; name = "SET NOEXPIRE"; command = "chanserv/saset/noexpire"; permission = "chanserv/saset/noexpire"; } + +module { name = "cs_set_misc" } +command { service = "CHANSERV"; name = "SET URL"; command = "chanserv/set/misc"; misc_description = _("Associate a URL with the channel"); } +command { service = "CHANSERV"; name = "SET EMAIL"; command = "chanserv/set/misc"; misc_description = _("Associate an email address with the channel"); } + +module { name = "cs_status" } +command { service = "CHANSERV"; name = "STATUS"; command = "chanserv/status"; } +command { service = "CHANSERV"; name = "WHY"; command = "chanserv/status"; hide = true; } + +module +{ + name = "cs_suspend" + suspendexpire = 90d + show = "suspended, by, reason, on, expires" +} + +command { service = "CHANSERV"; name = "SUSPEND"; command = "chanserv/suspend"; permission = "chanserv/suspend"; group = "chanserv/admin"; } +command { service = "CHANSERV"; name = "UNSUSPEND"; command = "chanserv/unsuspend"; permission = "chanserv/suspend"; group = "chanserv/admin"; } + +module { name = "cs_sync" } +command { service = "CHANSERV"; name = "SYNC"; command = "chanserv/sync"; group = "chanserv/management"; } + +module { name = "cs_topic" } + +command { service = "CHANSERV"; name = "TOPIC"; command = "chanserv/topic"; group = "chanserv/management"; } +command { service = "CHANSERV"; name = "SET KEEPTOPIC"; command = "chanserv/set/keeptopic"; } + +module { name = "cs_unban" } +command { service = "CHANSERV"; name = "UNBAN"; command = "chanserv/unban"; } + +module { name = "cs_updown" } +command { service = "CHANSERV"; name = "DOWN"; command = "chanserv/down"; group = "chanserv/status"; } +command { service = "CHANSERV"; name = "UP"; command = "chanserv/up"; group = "chanserv/status"; } + +module { name = "cs_xop" } +command { service = "CHANSERV"; name = "QOP"; command = "chanserv/xop"; group = "chanserv/access"; } +command { service = "CHANSERV"; name = "SOP"; command = "chanserv/xop"; group = "chanserv/access"; } +command { service = "CHANSERV"; name = "AOP"; command = "chanserv/xop"; group = "chanserv/access"; } +command { service = "CHANSERV"; name = "HOP"; command = "chanserv/xop"; group = "chanserv/access"; } +command { service = "CHANSERV"; name = "VOP"; command = "chanserv/xop"; group = "chanserv/access"; } + +module { name = "cs_statusupdate" } + +service +{ + nick = "GLOBAL" + user = "_" + host = "services/_" + gecos = "Global Noticer" + channels = "@#services" +} + +module +{ + name = "global" + client = "GLOBAL" + globaloncycledown = "Services are restarting, they will be back shortly - please be good while they're gone" + globaloncycleup = "Services are now back online - have a nice day" + anonymousglobal = no +} + +command { service = "GLOBAL"; name = "HELP"; command = "generic/help"; } + +module { name = "gl_global" } +command { service = "GLOBAL"; name = "GLOBAL"; command = "global/global"; permission = "global/global"; } +fantasy { name = "GLOBAL"; command = "global/global"; prepend_channel = false; } + +module +{ + name = "gl_queue" + maxqueue = 10 +} + +command { service = "GLOBAL"; name = "QUEUE"; command = "global/queue"; permission = "global/queue"; } + +module { name = "gl_server" } +command { service = "GLOBAL"; name = "SERVER"; command = "global/server"; permission = "global/server"; } + +service +{ + nick = "HOSTSERV" + user = "_" + host = "services/_" + gecos = "vHost Service" + channels = "@#services" +} + +module +{ + name = "hostserv" + client = "HOSTSERV" + activate_on_set = false +} + +command { service = "HOSTSERV"; name = "HELP"; command = "generic/help"; } + +module { name = "hs_del" } +command { service = "HOSTSERV"; name = "DEL"; command = "hostserv/del"; permission = "hostserv/del"; } +command { service = "HOSTSERV"; name = "DELALL"; command = "hostserv/delall"; permission = "hostserv/del"; } + +module +{ + name = "hs_group" + syncongroup = true + synconset = true +} + +command { service = "HOSTSERV"; name = "GROUP"; command = "hostserv/group"; } + +module { name = "hs_list" } +command { service = "HOSTSERV"; name = "LIST"; command = "hostserv/list"; permission = "hostserv/list"; } + +module { name = "hs_off" } +command { service = "HOSTSERV"; name = "OFF"; command = "hostserv/off"; } + +module { name = "hs_on" } +command { service = "HOSTSERV"; name = "ON"; command = "hostserv/on"; } + +module +{ + name = "hs_request" + memouser = yes + memooper = yes +} + +command { service = "HOSTSERV"; name = "REQUEST"; command = "hostserv/request"; } +command { service = "HOSTSERV"; name = "ACTIVATE"; command = "hostserv/activate"; permission = "hostserv/set"; } +command { service = "HOSTSERV"; name = "REJECT"; command = "hostserv/reject"; permission = "hostserv/set"; } +command { service = "HOSTSERV"; name = "WAITING"; command = "hostserv/waiting"; permission = "hostserv/set"; } + +module { name = "hs_set" } +command { service = "HOSTSERV"; name = "SET"; command = "hostserv/set"; permission = "hostserv/set"; } +command { service = "HOSTSERV"; name = "SETALL"; command = "hostserv/setall"; permission = "hostserv/set"; } + +service +{ + nick = "MEMOSERV" + user = "_" + host = "services/_" + gecos = "Memo Service" + channels = "@#services" +} + +module +{ + name = "memoserv" + client = "MEMOSERV" + maxmemos = 20 + senddelay = 30s +} + +command { service = "MEMOSERV"; name = "HELP"; command = "generic/help"; } + +module { name = "ms_cancel" } +command { service = "MEMOSERV"; name = "CANCEL"; command = "memoserv/cancel"; } + +module { name = "ms_check" } +command { service = "MEMOSERV"; name = "CHECK"; command = "memoserv/check"; } + +module { name = "ms_del" } +command { service = "MEMOSERV"; name = "DEL"; command = "memoserv/del"; } + +module +{ + name = "ms_ignore" + max = 50 +} + +command { service = "MEMOSERV"; name = "IGNORE"; command = "memoserv/ignore"; } + +module { name = "ms_info" } +command { service = "MEMOSERV"; name = "INFO"; command = "memoserv/info"; } + +module { name = "ms_list" } +command { service = "MEMOSERV"; name = "LIST"; command = "memoserv/list"; } + +module { name = "ms_read" } +command { service = "MEMOSERV"; name = "READ"; command = "memoserv/read"; } + +module +{ + name = "ms_rsend" + operonly = false +} + +command { service = "MEMOSERV"; name = "RSEND"; command = "memoserv/rsend"; } + +module { name = "ms_send" } +command { service = "MEMOSERV"; name = "SEND"; command = "memoserv/send"; } + +module { name = "ms_sendall" } +command { service = "MEMOSERV"; name = "SENDALL"; command = "memoserv/sendall"; permission = "memoserv/sendall"; } + +module { name = "ms_set" } +command { service = "MEMOSERV"; name = "SET"; command = "memoserv/set"; } + +module { name = "ms_staff" } +command { service = "MEMOSERV"; name = "STAFF"; command = "memoserv/staff"; permission = "memoserv/staff"; } + +service +{ + nick = "NICKSERV" + user = "_" + host = "services/_" + gecos = "Nickname Registration Service" + channels = "@#services" +} + +module +{ + name = "nickserv" + client = "NICKSERV" + forceemail = no + confirmemailchanges = no + unregistered_notice = "Your nickname is not registered. To register it, use: /msg NickServ HELP REGISTER" + defaults = "killprotect ns_private hide_email hide_mask memo_signon memo_receive autoop" + regdelay = 5m + expire = 32y + secureadmins = yes + modeonid = yes + hidenetsplitquit = no + killquick = 20s + kill = 60s + restrictopernicks = yes + enforceruser = "OPERSERV" + enforcerhost = "services/_" + releasetimeout = 1m + guestnickprefix = "`" + nonicknameownership = no + minpasslen = 4 + maxpasslen = 50 + preservedisplay = no +} + +command_group +{ + name = "nickserv/admin" + description = _("Services Operator commands") +} + +command { service = "NICKSERV"; name = "HELP"; command = "generic/help"; } + +module +{ + name = "ns_ajoin" + ajoinmax = 10 +} + +command { service = "NICKSERV"; name = "AJOIN"; command = "nickserv/ajoin"; } + +module { name = "ns_alist" } +command { service = "NICKSERV"; name = "ALIST"; command = "nickserv/alist"; } +command { service = "NICKSERV"; name = "ACCESS"; command = "nickserv/alist"; hide = true; } + +module +{ + name = "ns_cert" + automatic = yes + max = 5 +} + +command { service = "NICKSERV"; name = "CERT"; command = "nickserv/cert"; } + +module { name = "ns_drop" } +command { service = "NICKSERV"; name = "DROP"; command = "nickserv/drop"; } + +module { name = "ns_getemail" } +command { service = "NICKSERV"; name = "GETEMAIL"; command = "nickserv/getemail"; permission = "nickserv/getemail"; group = "nickserv/admin"; } + +module +{ + name = "ns_group" + maxaliases = 10 + nogroupchange = yes +} + +command { service = "NICKSERV"; name = "GLIST"; command = "nickserv/glist"; } +command { service = "NICKSERV"; name = "GROUP"; command = "nickserv/group"; } +command { service = "NICKSERV"; name = "UNGROUP"; command = "nickserv/ungroup"; } + +module +{ + name = "ns_identify" + maxlogins = 10 +} + +command { service = "NICKSERV"; name = "ID"; command = "nickserv/identify"; hide = true; } +command { service = "NICKSERV"; name = "IDENTIFY"; command = "nickserv/identify"; } + +module { name = "ns_info" } +command { service = "NICKSERV"; name = "INFO"; command = "nickserv/info"; } + +command { service = "NICKSERV"; name = "SET HIDE"; command = "nickserv/set/hide"; } +command { service = "NICKSERV"; name = "SASET HIDE"; command = "nickserv/saset/hide"; permission = "nickserv/saset/hide"; } + + +module +{ + name = "ns_list" + listmax = 50 +} + +command { service = "NICKSERV"; name = "LIST"; command = "nickserv/list"; } + +command { service = "NICKSERV"; name = "SET PRIVATE"; command = "nickserv/set/private"; } +command { service = "NICKSERV"; name = "SASET PRIVATE"; command = "nickserv/saset/private"; permission = "nickserv/saset/private"; } + +module { name = "ns_logout" } +command { service = "NICKSERV"; name = "LOGOUT"; command = "nickserv/logout"; } + +module +{ + name = "ns_recover" + restoreonrecover = yes +} + +command { service = "NICKSERV"; name = "RECOVER"; command = "nickserv/recover"; } + +command { service = "NICKSERV"; name = "GHOST"; command = "nickserv/recover"; hide = true; } +command { service = "NICKSERV"; name = "RELEASE"; command = "nickserv/recover"; hide = true; } + +module +{ + name = "ns_register" + registration = "none" + resenddelay = 90s + nickregdelay = 15s + unconfirmedexpire = 8m +} + +command { service = "NICKSERV"; name = "CONFIRM"; command = "nickserv/confirm"; } +command { service = "NICKSERV"; name = "REGISTER"; command = "nickserv/register"; } +command { service = "NICKSERV"; name = "RESEND"; command = "nickserv/resend"; } + +module { name = "ns_resetpass" } +command { service = "NICKSERV"; name = "RESETPASS"; command = "nickserv/resetpass"; } + +module +{ + name = "ns_set" + allowkillimmed = yes +} + +command { service = "NICKSERV"; name = "SET"; command = "nickserv/set"; } +command { service = "NICKSERV"; name = "SASET"; command = "nickserv/saset"; permission = "nickserv/saset/"; group = "nickserv/admin"; } + +command { service = "NICKSERV"; name = "SET AUTOOP"; command = "nickserv/set/autoop"; } +command { service = "NICKSERV"; name = "SASET AUTOOP"; command = "nickserv/saset/autoop"; permission = "nickserv/saset/autoop"; } + +command { service = "NICKSERV"; name = "SET DISPLAY"; command = "nickserv/set/display"; } +command { service = "NICKSERV"; name = "SASET DISPLAY"; command = "nickserv/saset/display"; permission = "nickserv/saset/display"; } + +command { service = "NICKSERV"; name = "SET EMAIL"; command = "nickserv/set/email"; } +command { service = "NICKSERV"; name = "SASET EMAIL"; command = "nickserv/saset/email"; permission = "nickserv/saset/email"; } + +command { service = "NICKSERV"; name = "SET KEEPMODES"; command = "nickserv/set/keepmodes"; } +command { service = "NICKSERV"; name = "SASET KEEPMODES"; command = "nickserv/saset/keepmodes"; permission = "nickserv/saset/keepmodes"; } + +command { service = "NICKSERV"; name = "SET KILL"; command = "nickserv/set/kill"; } +command { service = "NICKSERV"; name = "SASET KILL"; command = "nickserv/saset/kill"; permission = "nickserv/saset/kill"; } + +command { service = "NICKSERV"; name = "SET PASSWORD"; command = "nickserv/set/password"; } +command { service = "NICKSERV"; name = "SASET PASSWORD"; command = "nickserv/saset/password"; permission = "nickserv/saset/password"; } + +command { service = "NICKSERV"; name = "SET NEVEROP"; command = "nickserv/set/neverop"; } +command { service = "NICKSERV"; name = "SASET NEVEROP"; command = "nickserv/saset/neverop"; permission = "nickserv/saset/neverop"; } + +command { service = "NICKSERV"; name = "SASET NOEXPIRE"; command = "nickserv/saset/noexpire"; permission = "nickserv/saset/noexpire"; } + +module { name = "ns_set_language" } +command { service = "NICKSERV"; name = "SET LANGUAGE"; command = "nickserv/set/language"; } +command { service = "NICKSERV"; name = "SASET LANGUAGE"; command = "nickserv/saset/language"; permission = "nickserv/saset/language"; } + +module { name = "ns_set_message" } +command { service = "NICKSERV"; name = "SET MESSAGE"; command = "nickserv/set/message"; } +command { service = "NICKSERV"; name = "SASET MESSAGE"; command = "nickserv/saset/message"; permission = "nickserv/saset/message"; } + +module { name = "ns_set_misc" } +command { service = "NICKSERV"; name = "SET URL"; command = "nickserv/set/misc"; misc_description = _("Associate a URL with your account"); } +command { service = "NICKSERV"; name = "SASET URL"; command = "nickserv/saset/misc"; misc_description = _("Associate a URL with this account"); permission = "nickserv/saset/url"; group = "nickserv/admin"; } +command { service = "NICKSERV"; name = "SET DISCORD"; command = "nickserv/set/misc"; misc_description = _("Associate a Discord account with your account"); } +command { service = "NICKSERV"; name = "SASET DISCORD"; command = "nickserv/saset/misc"; misc_description = _("Associate a Discord account with this account"); permission = "nickserv/saset/discord"; group = "nickserv/admin"; } +command { service = "NICKSERV"; name = "SET MASTODON"; command = "nickserv/set/misc"; misc_description = _("Associate a Mastodon account with your account"); } +command { service = "NICKSERV"; name = "SASET MASTODON"; command = "nickserv/saset/misc"; misc_description = _("Associate a Mastodon account with this account"); permission = "nickserv/saset/mastodon"; group = "nickserv/admin"; } +command { service = "NICKSERV"; name = "SET TIMEZONE"; command = "nickserv/set/misc"; misc_description = _("Associate a time zone with your account"); } +command { service = "NICKSERV"; name = "SASET TIMEZONE"; command = "nickserv/saset/misc"; misc_description = _("Associate a time zone with this account"); permission = "nickserv/saset/timezone"; group = "nickserv/admin"; } + +module +{ + name = "ns_suspend" + suspendexpire = 90d + show = "suspended, by, reason, on, expires" +} + +command { service = "NICKSERV"; name = "SUSPEND"; command = "nickserv/suspend"; permission = "nickserv/suspend"; group = "nickserv/admin"; } +command { service = "NICKSERV"; name = "UNSUSPEND"; command = "nickserv/unsuspend"; permission = "nickserv/suspend"; group = "nickserv/admin"; } + +module { name = "ns_update" } +command { service = "NICKSERV"; name = "UPDATE"; command = "nickserv/update"; } + +module +{ + name = "ns_maxemail" + maxemails = 1 +} + +service +{ + nick = "OPERSERV" + user = "_" + host = "services/_" + gecos = "Operator Service" + channels = "@#services" +} + +module +{ + name = "operserv" + client = "OPERSERV" + autokillexpiry = 30d + chankillexpiry = 30d + snlineexpiry = 30d + sqlineexpiry = 30d + akillonadd = yes + killonsnline = yes + killonsqline = yes + addakiller = yes + akillids = yes + opersonly = yes +} + +command { service = "OPERSERV"; name = "HELP"; command = "generic/help"; } + +module { name = "os_akill" } +command { service = "OPERSERV"; name = "AKILL"; command = "operserv/akill"; permission = "operserv/akill"; } +fantasy { name = "AKILL"; command = "operserv/akill"; prepend_channel = false; } + +module { name = "os_chankill" } +command { service = "OPERSERV"; name = "CHANKILL"; command = "operserv/chankill"; permission = "operserv/chankill"; } + +module +{ + name = "os_defcon" + defaultlevel = 5 + level4 = "nonewchannels nonewnicks nomlockchanges reducedsessions" + level3 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions" + level2 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly" + level1 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly akillnewclients" + sessionlimit = 1024 + akillexpire = 8m + chanmodes = "+R" + timeout = 86400s + globalondefcon = yes + globalondefconmore = yes + message = "Server locking down" + offmessage = "Services are now back to normal, sorry for any inconvenience" + akillreason = "This network is currently not accepting connections, please try again later." +} + +command { service = "OPERSERV"; name = "DEFCON"; command = "operserv/defcon"; permission = "operserv/defcon"; } +fantasy { name = "DEFCON"; command = "operserv/defcon"; prepend_channel = false; } + +module +{ + name = "os_dns" + ttl = 1m + user_drop_mark = 50 + user_drop_time = 1m + user_drop_readd_time = 5m + remove_split_servers = yes + readd_connected_servers = no +} + +command { service = "OPERSERV"; name = "DNS"; command = "operserv/dns"; permission = "operserv/dns"; } + +module { name = "os_config" } +command { service = "OPERSERV"; name = "CONFIG"; command = "operserv/config"; permission = "operserv/config"; } + +module { name = "os_forbid" } +command { service = "OPERSERV"; name = "FORBID"; command = "operserv/forbid"; permission = "operserv/forbid"; } + +module { name = "os_ignore" } +command { service = "OPERSERV"; name = "IGNORE"; command = "operserv/ignore"; permission = "operserv/ignore"; } + +module { name = "os_info" } +command { service = "OPERSERV"; name = "INFO"; command = "operserv/info"; permission = "operserv/info"; } + +module { name = "os_jupe" } +command { service = "OPERSERV"; name = "JUPE"; command = "operserv/jupe"; permission = "operserv/jupe"; } +fantasy { name = "JUPE"; command = "operserv/jupe"; prepend_channel = false; } + +module { name = "os_kick" } +command { service = "OPERSERV"; name = "KICK"; command = "operserv/kick"; permission = "operserv/kick"; } + +module { name = "os_kill" } +command { service = "OPERSERV"; name = "KILL"; command = "operserv/kill"; permission = "operserv/kill"; } + +module { name = "os_list" } +command { service = "OPERSERV"; name = "CHANLIST"; command = "operserv/chanlist"; permission = "operserv/chanlist"; } +command { service = "OPERSERV"; name = "USERLIST"; command = "operserv/userlist"; permission = "operserv/userlist"; } + +module { name = "os_login" } +command { service = "OPERSERV"; name = "LOGIN"; command = "operserv/login"; } +command { service = "OPERSERV"; name = "LOGOUT"; command = "operserv/logout"; } + +module +{ + name = "os_logsearch" + logname = "/var/log/anope/services.log" +} + +command { service = "OPERSERV"; name = "LOGSEARCH"; command = "operserv/logsearch"; permission = "operserv/logsearch"; } +fantasy { name = "LOGSEARCH"; command = "operserv/LOGSEARCH"; prepend_channel = false; } + +module { name = "os_mode" } + +command { service = "OPERSERV"; name = "UMODE"; command = "operserv/umode"; permission = "operserv/umode"; } +command { service = "OPERSERV"; name = "MODE"; command = "operserv/mode"; permission = "operserv/mode"; } +fantasy { name = "MODESET"; command = "operserv/mode"; prepend_channel = false; } + +module { name = "os_modinfo" } + +command { service = "OPERSERV"; name = "MODINFO"; command = "operserv/modinfo"; permission = "operserv/modinfo"; } +command { service = "OPERSERV"; name = "MODLIST"; command = "operserv/modlist"; permission = "operserv/modinfo"; } + +module { name = "os_module" } + +command { service = "OPERSERV"; name = "MODLOAD"; command = "operserv/modload"; permission = "operserv/modload"; } +command { service = "OPERSERV"; name = "MODRELOAD"; command = "operserv/modreload"; permission = "operserv/modload"; } +command { service = "OPERSERV"; name = "MODUNLOAD"; command = "operserv/modunload"; permission = "operserv/modload"; } + +module +{ + name = "os_news" + announcer = "GLOBAL" + oper_announcer = "OPERSERV" + newscount = 8 +} + +command { service = "OPERSERV"; name = "LOGONNEWS"; command = "operserv/logonnews"; permission = "operserv/news"; } +fantasy { name = "LOGONNEWS"; command = "operserv/logonnews"; prepend_channel = false; } +command { service = "OPERSERV"; name = "OPERNEWS"; command = "operserv/opernews"; permission = "operserv/news"; } +fantasy { name = "OPERNEWS"; command = "operserv/opernews"; prepend_channel = false; } +command { service = "OPERSERV"; name = "RANDOMNEWS"; command = "operserv/randomnews"; permission = "operserv/news"; } +fantasy { name = "RANDOMNEWS"; command = "operserv/randomnews"; prepend_channel = false; } + +module { name = "os_noop" } +command { service = "OPERSERV"; name = "NOOP"; command = "operserv/noop"; permission = "operserv/noop"; } +fantasy { name = "NOOP"; command = "operserv/noop"; prepend_channel = false; } + +module { name = "os_oper" } +command { service = "OPERSERV"; name = "OPER"; command = "operserv/oper"; permission = "operserv/oper"; } + +module { name = "os_reload" } +command { service = "OPERSERV"; name = "RELOAD"; command = "operserv/reload"; permission = "operserv/reload"; } + +module +{ + name = "os_session" + defaultsessionlimit = 5 + maxsessionlimit = 100 + exceptionexpiry = 1d + sessionlimitexceeded = "The session limit for your IP %IP% has been exceeded." + sessionlimitdetailsloc = "Contact admin about session limits." + maxsessionkill = 15 + sessionautokillexpiry = 30m + session_ipv4_cidr = 32 + session_ipv6_cidr = 128 +} + +command { service = "OPERSERV"; name = "EXCEPTION"; command = "operserv/exception"; permission = "operserv/exception"; } +fantasy { name = "EXCEPTION"; command = "operserv/exception"; prepend_channel = false; } +command { service = "OPERSERV"; name = "SESSION"; command = "operserv/session"; permission = "operserv/session"; } +fantasy { name = "SESSION"; command = "operserv/session"; prepend_channel = false; } + +module +{ + name = "os_set" + superadmin = yes +} + +command { service = "OPERSERV"; name = "SET"; command = "operserv/set"; permission = "operserv/set"; } +fantasy { name = "SET"; command = "operserv/set"; prepend_channel = false; } + +module { name = "os_shutdown" } + +command { service = "OPERSERV"; name = "QUIT"; command = "operserv/quit"; permission = "operserv/quit"; } +command { service = "OPERSERV"; name = "RESTART"; command = "operserv/restart"; permission = "operserv/restart"; } +command { service = "OPERSERV"; name = "SHUTDOWN"; command = "operserv/shutdown"; permission = "operserv/shutdown"; } + +module { name = "os_stats" } +command { service = "OPERSERV"; name = "STATS"; command = "operserv/stats"; permission = "operserv/stats"; } +fantasy { name = "AKILL"; command = "operserv/akill"; prepend_channel = false; } + +module { name = "os_svs" } +command { service = "OPERSERV"; name = "SVSNICK"; command = "operserv/svsnick"; permission = "operserv/svs"; } +fantasy { name = "SVSNICK"; command = "operserv/svsnick"; prepend_channel = false; } +command { service = "OPERSERV"; name = "SVSJOIN"; command = "operserv/svsjoin"; permission = "operserv/svs"; } +fantasy { name = "SVSJOIN"; command = "operserv/svsjoin"; prepend_channel = false; } +command { service = "OPERSERV"; name = "SVSPART"; command = "operserv/svspart"; permission = "operserv/svs"; } +fantasy { name = "SVSPART"; command = "operserv/svspart"; prepend_channel = false; } + +module { name = "os_sxline" } +command { service = "OPERSERV"; name = "SNLINE"; command = "operserv/snline"; permission = "operserv/snline"; } +fantasy { name = "SNLINE"; command = "operserv/snline"; prepend_channel = false; } +command { service = "OPERSERV"; name = "SQLINE"; command = "operserv/sqline"; permission = "operserv/sqline"; } +fantasy { name = "SQLINE"; command = "operserv/sqline"; prepend_channel = false; } + + +module { name = "os_update" } +command { service = "OPERSERV"; name = "UPDATE"; command = "operserv/update"; permission = "operserv/update"; } diff --git a/services/config.env.example b/anope/config.env.example similarity index 100% rename from services/config.env.example rename to anope/config.env.example diff --git a/anope/docker-compose.yml b/anope/docker-compose.yml new file mode 100644 index 0000000..97a6638 --- /dev/null +++ b/anope/docker-compose.yml @@ -0,0 +1,21 @@ +services: + anope: + build: + context: . + args: + BUILD_SERVER_NAME: ${SERVER_NAME} + image: anope + network_mode: "host" + env_file: "config.env" + volumes: + - data:/var/lib/anope + - ./include.conf:/etc/anope/include.conf:ro + - ssl:/etc/ssl/anope + - log:/var/log/anope +volumes: + data: + name: anope_data + ssl: + name: anope_ssl + log: + name: anope_log diff --git a/anope/include.default.conf b/anope/include.default.conf new file mode 100644 index 0000000..9b4ff07 --- /dev/null +++ b/anope/include.default.conf @@ -0,0 +1,106 @@ +uplink +{ + host = 127.0.0.1 + protocol = "ipv4" + ssl = yes + port = "7000" + password = changeme +} + +serverinfo +{ + name = services.lame-network.local + description = "IRC Services" + localhost = 127.0.0.1 + id = 10X + pid = "/tmp/anope.pid" + motd = "/etc/anope/motd.txt" +} + +networkinfo +{ + networkname = "NetcraveIRC" + nicklen = 31 + userlen = 10 + hostlen = 64 + chanlen = 32 + modelistsize = 256 + nick_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" + vhost_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-" + allow_undotted_vhosts = true + disallow_start_or_end = ".-" +} + +mail +{ + usemail = no + sendmailpath = "/usr/sbin/sendmail -it" + sendfrom = "no-reply@lame-network.local" + delay = 5m + dontquoteaddresses = no + content_type = "text/plain; charset=UTF-8" + registration_subject = "Nickname registration for %n" + registration_message = "Hi, + + You have requested to register the nickname %n on %N. + Please type \" /msg NickServ CONFIRM %c \" to complete registration. + + If you don't know why this mail was sent to you, please ignore it silently. + + %N administrators." + + reset_subject = "Reset password request for %n" + reset_message = "Hi, + + You have requested to have the password for %n reset. + To reset your password, type \" /msg NickServ CONFIRM %n %c \" + + If you don't know why this mail was sent to you, please ignore it silently. + + %N administrators." + + emailchange_subject = "Email confirmation" + emailchange_message = "Hi, + + You have requested to change your email address from %e to %E. + Please type \" /msg NickServ CONFIRM %c \" to confirm this change. + + If you don't know why this mail was sent to you, please ignore it silently. + + %N administrators." + + memo_subject = "New memo" + memo_message = "Hi %n, + + You've just received a new memo from %s. This is memo number %d. + + Memo text: + + %t" +} + +oper +{ + name = "admin" + type = "Services Root" + require_oper = yes +} + +module +{ + name = "sqlite" + sqlite + { + name = "sqlite/main" + database = "/var/lib/anope/anope.db" + } +} + +module +{ + name = "db_flatfile" + database = "anope.db" + keepbackups = 32 + nobackupokay = no + fork = no +} diff --git a/atheme/.env b/atheme/.env new file mode 120000 index 0000000..bc48267 --- /dev/null +++ b/atheme/.env @@ -0,0 +1 @@ +config.env \ No newline at end of file diff --git a/atheme/.gitignore b/atheme/.gitignore new file mode 100644 index 0000000..0c11540 --- /dev/null +++ b/atheme/.gitignore @@ -0,0 +1,2 @@ +include.conf +config.env diff --git a/services/Dockerfile b/atheme/Dockerfile similarity index 100% rename from services/Dockerfile rename to atheme/Dockerfile diff --git a/services/README.md b/atheme/README.md similarity index 100% rename from services/README.md rename to atheme/README.md diff --git a/services/atheme.conf b/atheme/atheme.conf similarity index 86% rename from services/atheme.conf rename to atheme/atheme.conf index db80c94..878967b 100644 --- a/services/atheme.conf +++ b/atheme/atheme.conf @@ -1,28 +1,28 @@ include "/etc/atheme/include.conf"; -loadmodule "security/cmdperm"; +#loadmodule "security/cmdperm"; loadmodule "protocol/inspircd"; -loadmodule "protocol/mixin_nohalfops"; -loadmodule "protocol/mixin_noholdnick"; -loadmodule "protocol/mixin_noprotect"; -loadmodule "protocol/mixin_noowner"; +#loadmodule "protocol/mixin_nohalfops"; +#loadmodule "protocol/mixin_noholdnick"; +#loadmodule "protocol/mixin_noprotect"; +#loadmodule "protocol/mixin_noowner"; loadmodule "backend/opensex"; -loadmodule "crypto/argon2"; -loadmodule "crypto/scrypt"; -loadmodule "crypto/pbkdf2v2"; -loadmodule "crypto/bcrypt"; -loadmodule "crypto/pbkdf2"; -loadmodule "crypto/crypt3-sha2-512"; -loadmodule "crypto/crypt3-sha2-256"; -loadmodule "crypto/crypt3-md5"; -loadmodule "crypto/rawsha2-512"; -loadmodule "crypto/rawsha2-256"; -loadmodule "crypto/anope-enc-sha256"; -loadmodule "crypto/rawsha1"; -loadmodule "crypto/rawmd5"; -loadmodule "crypto/ircservices"; -loadmodule "crypto/crypt3-des"; -loadmodule "crypto/base64"; +#loadmodule "crypto/argon2"; +#loadmodule "crypto/scrypt"; +#loadmodule "crypto/pbkdf2v2"; +#loadmodule "crypto/bcrypt"; +#loadmodule "crypto/pbkdf2"; +#loadmodule "crypto/crypt3-sha2-512"; +#loadmodule "crypto/crypt3-sha2-256"; +#loadmodule "crypto/crypt3-md5"; +#loadmodule "crypto/rawsha2-512"; +#loadmodule "crypto/rawsha2-256"; +#loadmodule "crypto/anope-enc-sha256"; +#loadmodule "crypto/rawsha1"; +#loadmodule "crypto/rawmd5"; +#loadmodule "crypto/ircservices"; +#loadmodule "crypto/crypt3-des"; +#loadmodule "crypto/base64"; #loadmodule "auth/ldap"; loadmodule "nickserv/main"; #loadmodule "nickserv/access"; @@ -154,7 +154,7 @@ loadmodule "operserv/help"; loadmodule "operserv/identify"; loadmodule "operserv/ignore"; loadmodule "operserv/info"; -#loadmodule "operserv/joinrate"; +loadmodule "operserv/joinrate"; loadmodule "operserv/jupe"; loadmodule "operserv/mode"; loadmodule "operserv/modlist"; @@ -250,32 +250,32 @@ loadmodule "groupserv/set_joinflags"; loadmodule "groupserv/set_open"; loadmodule "groupserv/set_public"; loadmodule "groupserv/set_url"; -loadmodule "misc/httpd"; -loadmodule "misc/login_throttling"; -loadmodule "transport/xmlrpc"; -loadmodule "exttarget/oper"; -loadmodule "exttarget/registered"; -loadmodule "exttarget/channel"; -loadmodule "exttarget/chanacs"; -loadmodule "exttarget/server"; -loadmodule "proxyscan/dnsbl"; +#loadmodule "misc/httpd"; +#loadmodule "misc/login_throttling"; +#loadmodule "transport/xmlrpc"; +#loadmodule "exttarget/oper"; +#loadmodule "exttarget/registered"; +#loadmodule "exttarget/channel"; +#loadmodule "exttarget/chanacs"; +#loadmodule "exttarget/server"; +#loadmodule "proxyscan/dnsbl"; crypto { - argon2_type = "argon2id"; - argon2_memcost = 16; - argon2_timecost = 3; - argon2_threads = 1; - argon2_saltlen = 16; - argon2_hashlen = 64; - scrypt_memlimit = 14; - scrypt_opslimit = 524288; - pbkdf2v2_digest = "SHA2-512"; - pbkdf2v2_rounds = 64000; - pbkdf2v2_saltlen = 32; - scram_mechanisms = "SCRAM-SHA-1,SCRAM-SHA-256,SCRAM-SHA-512"; - bcrypt_cost = 7; - crypt3_sha2_256_rounds = 5000; - crypt3_sha2_512_rounds = 5000; +# argon2_type = "argon2id"; +# argon2_memcost = 16; +# argon2_timecost = 3; +# argon2_threads = 1; +# argon2_saltlen = 16; +# argon2_hashlen = 64; +# scrypt_memlimit = 14; +# scrypt_opslimit = 524288; +# pbkdf2v2_digest = "SHA2-512"; +# pbkdf2v2_rounds = 64000; +# pbkdf2v2_saltlen = 32; +# scram_mechanisms = "SCRAM-SHA-1,SCRAM-SHA-256,SCRAM-SHA-512"; +# bcrypt_cost = 7; +# crypt3_sha2_256_rounds = 5000; +# crypt3_sha2_512_rounds = 5000; }; nickserv { @@ -284,38 +284,16 @@ nickserv { user = "NICKSERV"; host = "services/-"; real = "Nickname Services"; - - aliases { - "ID" = "IDENTIFY"; - "MYACCESS" = "LISTCHANS"; - }; - - access { - }; - spam; - no_nick_ownership; maxnicks = 5; expire = 30; enforce_expire = 14; enforce_delay = 30; - enforce_prefix = "G`"; + enforce_prefix = "`"; waitreg_time = 0; - cracklib_dict = "/var/cache/cracklib/cracklib_dict"; - passwdqc_max = 288; - passwdqc_min_n0 = 20; - passwdqc_min_n1 = 16; - passwdqc_min_n2 = 16; - passwdqc_min_n3 = 12; - passwdqc_min_n4 = 8; - passwdqc_words = 4; pwquality_warn_only; show_custom_metadata; - - emailexempts { - }; - shorthelp = ""; listownmail_canon; bad_password_message; diff --git a/atheme/config.env.example b/atheme/config.env.example new file mode 100644 index 0000000..3321caf --- /dev/null +++ b/atheme/config.env.example @@ -0,0 +1 @@ +SERVER_NAME="services.lame-network.local" diff --git a/services/docker-compose.yml b/atheme/docker-compose.yml similarity index 100% rename from services/docker-compose.yml rename to atheme/docker-compose.yml diff --git a/services/include.default.conf b/atheme/include.default.conf similarity index 100% rename from services/include.default.conf rename to atheme/include.default.conf diff --git a/config.env.example b/config.env.example index f9855d0..47fdbab 100644 --- a/config.env.example +++ b/config.env.example @@ -25,3 +25,5 @@ LINK_TIMEOUT="32" CLOAK_KEY="changeme" CLOAK_PREFIX="cloak/" CLOAK_SUFFIX=".hidden" +DEFAULT_USER_MODES="xW" +SSL_USER_MODES="xW"