add anope
This commit is contained in:
parent
9a8cc7765e
commit
cb3f82a66b
0
services/.gitignore → anope/.gitignore
vendored
0
services/.gitignore → anope/.gitignore
vendored
56
anope/Dockerfile
Normal file
56
anope/Dockerfile
Normal file
@ -0,0 +1,56 @@
|
|||||||
|
FROM ubuntu:latest
|
||||||
|
|
||||||
|
ARG BUILD_SERVER_NAME="services.lame-network.local"
|
||||||
|
|
||||||
|
RUN apt -y update
|
||||||
|
|
||||||
|
RUN apt -y install coreutils cmake perl git automake autoconf build-essential libpcre2-dev rapidjson-dev libcurl4-gnutls-dev libargon2-dev libmaxminddb-dev libldap2-dev rapidjson-dev libmysqlclient-dev libmysqlclient-dev default-libmysqlclient-dev libpq-dev libre2-dev gnutls-dev libsqlite3-dev libmbedtls-dev libqrencode-dev libpcre3-dev libtre-dev pkg-config libwww-perl libidn-dev libpasswdqc-dev libcrack2-dev libperl-dev libsodium-dev cracklib-runtime libcrypt-cracklib-perl sendmail
|
||||||
|
|
||||||
|
RUN groupadd anope
|
||||||
|
|
||||||
|
RUN useradd --system --shell /bin/bash anope -g anope
|
||||||
|
|
||||||
|
WORKDIR /tmp
|
||||||
|
|
||||||
|
RUN git clone https://github.com/anope/anope.git
|
||||||
|
|
||||||
|
WORKDIR /tmp/anope/modules
|
||||||
|
|
||||||
|
RUN ls -1 extra/*.cpp | xargs -i ln -s {}
|
||||||
|
|
||||||
|
WORKDIR /tmp/anope
|
||||||
|
|
||||||
|
RUN cmake -DINSTDIR:STRING=/usr/local -DRUNGROUP:STRING=anope -DDEFUMASK:STRING=007 -DCMAKE_BUILD_TYPE:STRING=RELEASE -B /tmp/anope/build /tmp/anope
|
||||||
|
|
||||||
|
WORKDIR /tmp/anope/build
|
||||||
|
|
||||||
|
RUN make -j$(nproc)
|
||||||
|
|
||||||
|
RUN make install
|
||||||
|
|
||||||
|
RUN mkdir -p /etc/anope -p /etc/ssl/anope -p /var/log/anope -p /var/lib/anope
|
||||||
|
|
||||||
|
ADD anope.conf /etc/anope
|
||||||
|
|
||||||
|
ADD include.default.conf /etc/anope/include.conf
|
||||||
|
|
||||||
|
RUN openssl genrsa -out /etc/ssl/anope/server.key
|
||||||
|
|
||||||
|
RUN openssl req -new -key /etc/ssl/anope/server.key -out /etc/ssl/anope/server.csr \
|
||||||
|
-subj "/C=US/ST=Washington/L=Seattle/O=LameNetwork/OU=IT Department/CN=$BUILD_SERVER_NAME"
|
||||||
|
|
||||||
|
RUN openssl x509 -req -days 365 -in /etc/ssl/anope/server.csr -signkey /etc/ssl/anope/server.key -out /etc/ssl/anope/server.crt
|
||||||
|
|
||||||
|
RUN chown -R anope:anope /etc/anope /etc/ssl/anope /var/log/anope /var/lib/anope
|
||||||
|
|
||||||
|
WORKDIR /
|
||||||
|
|
||||||
|
VOLUME /var/lib/anope
|
||||||
|
|
||||||
|
VOLUME /etc/ssl/anope
|
||||||
|
|
||||||
|
VOLUME /var/log/anope
|
||||||
|
|
||||||
|
USER anope
|
||||||
|
|
||||||
|
ENTRYPOINT ["/usr/local/bin/anope", "--nofork", "--config=/etc/anope/anope.conf", "--dbdir=/var/lib/anope", "--logdir=/var/log/anope", "--moduledir=/usr/local/modules"]
|
1534
anope/anope.conf
Normal file
1534
anope/anope.conf
Normal file
File diff suppressed because it is too large
Load Diff
21
anope/docker-compose.yml
Normal file
21
anope/docker-compose.yml
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
services:
|
||||||
|
anope:
|
||||||
|
build:
|
||||||
|
context: .
|
||||||
|
args:
|
||||||
|
BUILD_SERVER_NAME: ${SERVER_NAME}
|
||||||
|
image: anope
|
||||||
|
network_mode: "host"
|
||||||
|
env_file: "config.env"
|
||||||
|
volumes:
|
||||||
|
- data:/var/lib/anope
|
||||||
|
- ./include.conf:/etc/anope/include.conf:ro
|
||||||
|
- ssl:/etc/ssl/anope
|
||||||
|
- log:/var/log/anope
|
||||||
|
volumes:
|
||||||
|
data:
|
||||||
|
name: anope_data
|
||||||
|
ssl:
|
||||||
|
name: anope_ssl
|
||||||
|
log:
|
||||||
|
name: anope_log
|
106
anope/include.default.conf
Normal file
106
anope/include.default.conf
Normal file
@ -0,0 +1,106 @@
|
|||||||
|
uplink
|
||||||
|
{
|
||||||
|
host = 127.0.0.1
|
||||||
|
protocol = "ipv4"
|
||||||
|
ssl = yes
|
||||||
|
port = "7000"
|
||||||
|
password = changeme
|
||||||
|
}
|
||||||
|
|
||||||
|
serverinfo
|
||||||
|
{
|
||||||
|
name = services.lame-network.local
|
||||||
|
description = "IRC Services"
|
||||||
|
localhost = 127.0.0.1
|
||||||
|
id = 10X
|
||||||
|
pid = "/tmp/anope.pid"
|
||||||
|
motd = "/etc/anope/motd.txt"
|
||||||
|
}
|
||||||
|
|
||||||
|
networkinfo
|
||||||
|
{
|
||||||
|
networkname = "NetcraveIRC"
|
||||||
|
nicklen = 31
|
||||||
|
userlen = 10
|
||||||
|
hostlen = 64
|
||||||
|
chanlen = 32
|
||||||
|
modelistsize = 256
|
||||||
|
nick_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
|
||||||
|
vhost_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-"
|
||||||
|
allow_undotted_vhosts = true
|
||||||
|
disallow_start_or_end = ".-"
|
||||||
|
}
|
||||||
|
|
||||||
|
mail
|
||||||
|
{
|
||||||
|
usemail = no
|
||||||
|
sendmailpath = "/usr/sbin/sendmail -it"
|
||||||
|
sendfrom = "no-reply@lame-network.local"
|
||||||
|
delay = 5m
|
||||||
|
dontquoteaddresses = no
|
||||||
|
content_type = "text/plain; charset=UTF-8"
|
||||||
|
registration_subject = "Nickname registration for %n"
|
||||||
|
registration_message = "Hi,
|
||||||
|
|
||||||
|
You have requested to register the nickname %n on %N.
|
||||||
|
Please type \" /msg NickServ CONFIRM %c \" to complete registration.
|
||||||
|
|
||||||
|
If you don't know why this mail was sent to you, please ignore it silently.
|
||||||
|
|
||||||
|
%N administrators."
|
||||||
|
|
||||||
|
reset_subject = "Reset password request for %n"
|
||||||
|
reset_message = "Hi,
|
||||||
|
|
||||||
|
You have requested to have the password for %n reset.
|
||||||
|
To reset your password, type \" /msg NickServ CONFIRM %n %c \"
|
||||||
|
|
||||||
|
If you don't know why this mail was sent to you, please ignore it silently.
|
||||||
|
|
||||||
|
%N administrators."
|
||||||
|
|
||||||
|
emailchange_subject = "Email confirmation"
|
||||||
|
emailchange_message = "Hi,
|
||||||
|
|
||||||
|
You have requested to change your email address from %e to %E.
|
||||||
|
Please type \" /msg NickServ CONFIRM %c \" to confirm this change.
|
||||||
|
|
||||||
|
If you don't know why this mail was sent to you, please ignore it silently.
|
||||||
|
|
||||||
|
%N administrators."
|
||||||
|
|
||||||
|
memo_subject = "New memo"
|
||||||
|
memo_message = "Hi %n,
|
||||||
|
|
||||||
|
You've just received a new memo from %s. This is memo number %d.
|
||||||
|
|
||||||
|
Memo text:
|
||||||
|
|
||||||
|
%t"
|
||||||
|
}
|
||||||
|
|
||||||
|
oper
|
||||||
|
{
|
||||||
|
name = "admin"
|
||||||
|
type = "Services Root"
|
||||||
|
require_oper = yes
|
||||||
|
}
|
||||||
|
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "sqlite"
|
||||||
|
sqlite
|
||||||
|
{
|
||||||
|
name = "sqlite/main"
|
||||||
|
database = "/var/lib/anope/anope.db"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
module
|
||||||
|
{
|
||||||
|
name = "db_flatfile"
|
||||||
|
database = "anope.db"
|
||||||
|
keepbackups = 32
|
||||||
|
nobackupokay = no
|
||||||
|
fork = no
|
||||||
|
}
|
1
atheme/.env
Symbolic link
1
atheme/.env
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
config.env
|
2
atheme/.gitignore
vendored
Normal file
2
atheme/.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
include.conf
|
||||||
|
config.env
|
@ -1,28 +1,28 @@
|
|||||||
include "/etc/atheme/include.conf";
|
include "/etc/atheme/include.conf";
|
||||||
|
|
||||||
loadmodule "security/cmdperm";
|
#loadmodule "security/cmdperm";
|
||||||
loadmodule "protocol/inspircd";
|
loadmodule "protocol/inspircd";
|
||||||
loadmodule "protocol/mixin_nohalfops";
|
#loadmodule "protocol/mixin_nohalfops";
|
||||||
loadmodule "protocol/mixin_noholdnick";
|
#loadmodule "protocol/mixin_noholdnick";
|
||||||
loadmodule "protocol/mixin_noprotect";
|
#loadmodule "protocol/mixin_noprotect";
|
||||||
loadmodule "protocol/mixin_noowner";
|
#loadmodule "protocol/mixin_noowner";
|
||||||
loadmodule "backend/opensex";
|
loadmodule "backend/opensex";
|
||||||
loadmodule "crypto/argon2";
|
#loadmodule "crypto/argon2";
|
||||||
loadmodule "crypto/scrypt";
|
#loadmodule "crypto/scrypt";
|
||||||
loadmodule "crypto/pbkdf2v2";
|
#loadmodule "crypto/pbkdf2v2";
|
||||||
loadmodule "crypto/bcrypt";
|
#loadmodule "crypto/bcrypt";
|
||||||
loadmodule "crypto/pbkdf2";
|
#loadmodule "crypto/pbkdf2";
|
||||||
loadmodule "crypto/crypt3-sha2-512";
|
#loadmodule "crypto/crypt3-sha2-512";
|
||||||
loadmodule "crypto/crypt3-sha2-256";
|
#loadmodule "crypto/crypt3-sha2-256";
|
||||||
loadmodule "crypto/crypt3-md5";
|
#loadmodule "crypto/crypt3-md5";
|
||||||
loadmodule "crypto/rawsha2-512";
|
#loadmodule "crypto/rawsha2-512";
|
||||||
loadmodule "crypto/rawsha2-256";
|
#loadmodule "crypto/rawsha2-256";
|
||||||
loadmodule "crypto/anope-enc-sha256";
|
#loadmodule "crypto/anope-enc-sha256";
|
||||||
loadmodule "crypto/rawsha1";
|
#loadmodule "crypto/rawsha1";
|
||||||
loadmodule "crypto/rawmd5";
|
#loadmodule "crypto/rawmd5";
|
||||||
loadmodule "crypto/ircservices";
|
#loadmodule "crypto/ircservices";
|
||||||
loadmodule "crypto/crypt3-des";
|
#loadmodule "crypto/crypt3-des";
|
||||||
loadmodule "crypto/base64";
|
#loadmodule "crypto/base64";
|
||||||
#loadmodule "auth/ldap";
|
#loadmodule "auth/ldap";
|
||||||
loadmodule "nickserv/main";
|
loadmodule "nickserv/main";
|
||||||
#loadmodule "nickserv/access";
|
#loadmodule "nickserv/access";
|
||||||
@ -154,7 +154,7 @@ loadmodule "operserv/help";
|
|||||||
loadmodule "operserv/identify";
|
loadmodule "operserv/identify";
|
||||||
loadmodule "operserv/ignore";
|
loadmodule "operserv/ignore";
|
||||||
loadmodule "operserv/info";
|
loadmodule "operserv/info";
|
||||||
#loadmodule "operserv/joinrate";
|
loadmodule "operserv/joinrate";
|
||||||
loadmodule "operserv/jupe";
|
loadmodule "operserv/jupe";
|
||||||
loadmodule "operserv/mode";
|
loadmodule "operserv/mode";
|
||||||
loadmodule "operserv/modlist";
|
loadmodule "operserv/modlist";
|
||||||
@ -250,32 +250,32 @@ loadmodule "groupserv/set_joinflags";
|
|||||||
loadmodule "groupserv/set_open";
|
loadmodule "groupserv/set_open";
|
||||||
loadmodule "groupserv/set_public";
|
loadmodule "groupserv/set_public";
|
||||||
loadmodule "groupserv/set_url";
|
loadmodule "groupserv/set_url";
|
||||||
loadmodule "misc/httpd";
|
#loadmodule "misc/httpd";
|
||||||
loadmodule "misc/login_throttling";
|
#loadmodule "misc/login_throttling";
|
||||||
loadmodule "transport/xmlrpc";
|
#loadmodule "transport/xmlrpc";
|
||||||
loadmodule "exttarget/oper";
|
#loadmodule "exttarget/oper";
|
||||||
loadmodule "exttarget/registered";
|
#loadmodule "exttarget/registered";
|
||||||
loadmodule "exttarget/channel";
|
#loadmodule "exttarget/channel";
|
||||||
loadmodule "exttarget/chanacs";
|
#loadmodule "exttarget/chanacs";
|
||||||
loadmodule "exttarget/server";
|
#loadmodule "exttarget/server";
|
||||||
loadmodule "proxyscan/dnsbl";
|
#loadmodule "proxyscan/dnsbl";
|
||||||
|
|
||||||
crypto {
|
crypto {
|
||||||
argon2_type = "argon2id";
|
# argon2_type = "argon2id";
|
||||||
argon2_memcost = 16;
|
# argon2_memcost = 16;
|
||||||
argon2_timecost = 3;
|
# argon2_timecost = 3;
|
||||||
argon2_threads = 1;
|
# argon2_threads = 1;
|
||||||
argon2_saltlen = 16;
|
# argon2_saltlen = 16;
|
||||||
argon2_hashlen = 64;
|
# argon2_hashlen = 64;
|
||||||
scrypt_memlimit = 14;
|
# scrypt_memlimit = 14;
|
||||||
scrypt_opslimit = 524288;
|
# scrypt_opslimit = 524288;
|
||||||
pbkdf2v2_digest = "SHA2-512";
|
# pbkdf2v2_digest = "SHA2-512";
|
||||||
pbkdf2v2_rounds = 64000;
|
# pbkdf2v2_rounds = 64000;
|
||||||
pbkdf2v2_saltlen = 32;
|
# pbkdf2v2_saltlen = 32;
|
||||||
scram_mechanisms = "SCRAM-SHA-1,SCRAM-SHA-256,SCRAM-SHA-512";
|
# scram_mechanisms = "SCRAM-SHA-1,SCRAM-SHA-256,SCRAM-SHA-512";
|
||||||
bcrypt_cost = 7;
|
# bcrypt_cost = 7;
|
||||||
crypt3_sha2_256_rounds = 5000;
|
# crypt3_sha2_256_rounds = 5000;
|
||||||
crypt3_sha2_512_rounds = 5000;
|
# crypt3_sha2_512_rounds = 5000;
|
||||||
};
|
};
|
||||||
|
|
||||||
nickserv {
|
nickserv {
|
||||||
@ -284,38 +284,16 @@ nickserv {
|
|||||||
user = "NICKSERV";
|
user = "NICKSERV";
|
||||||
host = "services/-";
|
host = "services/-";
|
||||||
real = "Nickname Services";
|
real = "Nickname Services";
|
||||||
|
|
||||||
aliases {
|
|
||||||
"ID" = "IDENTIFY";
|
|
||||||
"MYACCESS" = "LISTCHANS";
|
|
||||||
};
|
|
||||||
|
|
||||||
access {
|
|
||||||
};
|
|
||||||
|
|
||||||
spam;
|
spam;
|
||||||
|
|
||||||
no_nick_ownership;
|
no_nick_ownership;
|
||||||
maxnicks = 5;
|
maxnicks = 5;
|
||||||
expire = 30;
|
expire = 30;
|
||||||
enforce_expire = 14;
|
enforce_expire = 14;
|
||||||
enforce_delay = 30;
|
enforce_delay = 30;
|
||||||
enforce_prefix = "G`";
|
enforce_prefix = "`";
|
||||||
waitreg_time = 0;
|
waitreg_time = 0;
|
||||||
cracklib_dict = "/var/cache/cracklib/cracklib_dict";
|
|
||||||
passwdqc_max = 288;
|
|
||||||
passwdqc_min_n0 = 20;
|
|
||||||
passwdqc_min_n1 = 16;
|
|
||||||
passwdqc_min_n2 = 16;
|
|
||||||
passwdqc_min_n3 = 12;
|
|
||||||
passwdqc_min_n4 = 8;
|
|
||||||
passwdqc_words = 4;
|
|
||||||
pwquality_warn_only;
|
pwquality_warn_only;
|
||||||
show_custom_metadata;
|
show_custom_metadata;
|
||||||
|
|
||||||
emailexempts {
|
|
||||||
};
|
|
||||||
|
|
||||||
shorthelp = "";
|
shorthelp = "";
|
||||||
listownmail_canon;
|
listownmail_canon;
|
||||||
bad_password_message;
|
bad_password_message;
|
1
atheme/config.env.example
Normal file
1
atheme/config.env.example
Normal file
@ -0,0 +1 @@
|
|||||||
|
SERVER_NAME="services.lame-network.local"
|
@ -25,3 +25,5 @@ LINK_TIMEOUT="32"
|
|||||||
CLOAK_KEY="changeme"
|
CLOAK_KEY="changeme"
|
||||||
CLOAK_PREFIX="cloak/"
|
CLOAK_PREFIX="cloak/"
|
||||||
CLOAK_SUFFIX=".hidden"
|
CLOAK_SUFFIX=".hidden"
|
||||||
|
DEFAULT_USER_MODES="xW"
|
||||||
|
SSL_USER_MODES="xW"
|
||||||
|
Loading…
Reference in New Issue
Block a user