supernets/inspircd
supernets/inspircd
4
Fork 1
Code Issues 3 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Compare commits

base: supernets:3c7b8c3aaea7929a841cb4dadeaf86a23a5aed45
Branches Tags
supernets:master
..
compare: supernets:16ac2c59f1ad339a11358d6541e948e97bd1e615
Branches Tags
supernets:master

10 Commits
3c7b8c3aae ... 16ac2c59f1

Author SHA1 Message Date
Paige Thompson
16ac2c59f1
moving atheme and anope to their own repo 2024-11-01 21:44:06 -07:00
root
dbf008095d fix default include 2024-11-01 00:49:56 +03:00
root
9f95e2a517 update config env example 2024-10-31 20:53:04 +03:00
root
fdf0ddbd06 fix env 2024-10-31 20:37:23 +03:00
root
71bb1209e0 update example 2024-10-31 20:35:43 +03:00
root
b9113c4fc8 fix anope config 2024-10-31 20:24:46 +03:00
root
cb3f82a66b add anope 2024-10-31 19:37:40 +03:00
root
9a8cc7765e update config env example 2024-10-31 13:23:32 +03:00
root
038e7b4bbc gitignore motd 2024-10-31 13:21:58 +03:00
root
0a394bb3eb updates 2024-10-31 13:21:32 +03:00
16 changed files with 554 additions and 1385 deletions
Show Stats Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1,2 +1,4 @@
config.env config.env
include.conf include.conf
motd.txt
oper.motd.txt

246
Dockerfile
View File

@ -182,6 +182,248 @@ ENV LINK_SEND_PASSWORD="changeme"
ENV LINK_TIMEOUT=3600 ENV LINK_TIMEOUT=3600
ENV CLOAK_KEY="changeme"
ENV CLOAK_IGNORE_CASE="no"
ENV CLOAK_MODE="full"
ENV CLOAK_PREFIX="cloak/"
ENV CLOAK_SUFFIX=".hidden"
ENV BLOCK_AMSG_ACTION="killopers"
ENV BLOCK_AMSG_DELAY="3"
ENV BLOCK_HL_IGNORE_EXT_MESSAGE="yes"
ENV BLOCK_HL_MIN_LEN="50"
ENV BLOCK_HL_MIN_USER_NUM="10"
ENV BLOCK_HL_STRIP_COLOR="yes"
ENV BOT_MODE_FORCE_NOTICE="no"
ENV CHAN_FILTER_HIDE_MASK="yes"
ENV CHAN_FILTER_MAX_LEN="512"
ENV CHAN_FILTER_NOTIFY_USER="yes"
ENV CALLER_ID_COOL_DOWN="4m"
ENV CALLER_ID_MAX_ACCEPTS="256"
ENV CALLER_ID_TRACK_NICK="yes"
ENV CBAN_GLOB="yes"
ENV CHAN_HISTORY_BOTS="yes"
ENV CHAN_HISTORY_ENABLE_UMODE="yes"
ENV CHAN_HISTORY_MAX_LINES="64"
ENV CHAN_HISTORY_PREFIX_MSG="yes"
ENV OPER_CHANNEL_SNOMASK="DdRrtXxLlkKvgfFoO"
ENV CHAN_NAMES_ALLOW_RANGE="35,45-46"
ENV CHAN_NAMES_DENY_RANGE="1-47,58-64,91-96,123-255"
ENV CHANNELS_OPERS="4294967295"
ENV CHANNELS_USERS="4294967295"
ENV CODE_PAGE="ascii"
ENV CONNECT_BAN_BOOT_WAIT="128"
ENV CONNECT_BAN_DURATION="64"
ENV CONNECT_BAN_V4_PREFIX_LEN="32"
ENV CONNECT_BAN_v6_PREFIX_LEN="128"
ENV CONNECT_BAN_SPLIT_WAIT="128"
ENV CONNECT_BAN_THRESHOLD="32"
ENV CTC_TAGS_ALLOW_CLIENT_ONLY_TAGS="no"
ENV DEAF_BYPASS_CHARS=""
ENV DEAF_BYPASS_CHARS_ULINE="!"
ENV DEAF_ENABLE_PRIV_DEAF=""
ENV DEAF_PRIV_DEAF_ULINE=""
ENV DELAY_MSG_ALLOW_NOTICE="yes"
ENV DISABLE_CHMODES=""
ENV DISABLE_COMMANDS=""
ENV DISABLE_FAKENONEXISTANT="no"
ENV DISABLE_USERMODES="w"
ENV HIDECHANS_AFFECTS_OPERS="yes"
ENV HOSTNAME_CHAR_MAP="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.-_/0123456789,"
ENV HTTPD_TIMEOUT="8s"
ENV IDENT_PREFIX_UNQUERIED="yes"
ENV IDENT_TIMEOUT="2s"
ENV INSANE_HOSTMASKS="no"
ENV INSANE_IPMASKS="no"
ENV INSANE_NICKMASKS="no"
ENV INSANE_TRIGGER="95.5"
ENV INVITE_EXCEPTION_BYPASS_KEY="yes"
ENV IRCV3_ACCOUNT_NOTIFY="yes"
ENV IRCV3_AWAY_NOTIFY="yes"
ENV IRCV3_EXTENDED_JOIN="yes"
ENV JOIN_FLOOD_BOOT_WAIT="32s"
ENV JOIN_FLOOD_DURATION="2m"
ENV JOIN_FLOOD_SPLIT_WAIT="32s"
ENV KNOCK_NOTIFY="both"
ENV LIST_MAX_SIZE="512"
ENV LIST_NORMAL_SIZE="256"
ENV MESSAGE_FLOOD_NOTICE="1.0"
ENV MESSAGE_FLOOD_PRIVMSG="1.0"
ENV MESSAGE_FLOOD_TAG_MSG="0.2"
ENV MONITOR_MAX_ENTRIES="256"
ENV MUTE_BAN_NOTIFY_USER="yes"
ENV NICK_DELAY="4s"
ENV NICK_DELAY_HINT="yes"
ENV NICK_FLOOD_DURATION="64s"
ENV NO_CTCP_ENABLE_UMODE="yes"
ENV OJOIN_NOTICE="yes"
ENV OJOIN_OP="yes"
ENV OJOIN_PREFIX="!"
ENV OPER_PREFIX="*"
ENV OPER_TO_SNOMASK="on"
ENV OVERRIDE_ENABLE_UMODE="yes"
ENV OVERRIDE_NOISY="yes"
ENV OVERRIDE_REQUIRE_KEY="yes"
ENV REMOVE_SUPPORT_NO_KICKS="yes"
ENV REPEAT_MAX_BACK_LOG="20"
ENV REPEAT_MAX_DISTANCE="50"
ENV REPEAT_MAX_LINES="20"
ENV REPEAT_MAX_TIME="0"
ENV REPEAT_MAX_SIZE="512"
ENV RLINE_ENGINE="pcre"
ENV RLINE_MATCH_ON_NICK_CHANGE="yes"
ENV RLINE_ZLINE_ON_MATCH="no"
ENV RESTRICT_CHANS_ALLOW_REGISTERED="no"
ENV SECURE_LIST_EXEMPT_REGISTERED="yes"
ENV SECURE_LIST_SHOW_MSG="yes"
ENV SECURE_LIST_WAIT_TIME="8s"
ENV SHOW_WHOIS_OPER_ONLY="no"
ENV SHOW_WHOIS_FROM_OPERS="yes"
ENV SHUN_AFFECT_OPERS="no"
ENV SHUN_ALLOW_CONNECT="no"
ENV SHUN_ALLOW_TAGS="no"
ENV SHUN_CLEANED_COMMANDS="AWAY PART QUIT"
ENV SHUN_ENABLED_COMMANDS="ADMIN OPER PING PONG QUIT PART JOIN"
ENV SHUN_NOTIFY_USER="yes"
ENV SILENCE_EXEMPT_ULINE="yes"
ENV SILENCE_MAX_ENTRIES="256"
ENV SSL_INFO_OPER_ONLY=""
ENV SSL_ENABLE_UMODE="no"
ENV SVS_HOLD_SILENT="no"
ENV TIMED_BANS_SEND_NOTICE="yes"
ENV WAIT_PONG_KILL_ON_BAD_REPLY="yes"
ENV WAIT_PONG_SEND_NOTICE="yes"
ENV WATCH_MAX="256"
ENV WHOWAS_GROUP_SIZE="10"
ENV WHOWAS_MAX_GROUPS="10000"
ENV WHOWAS_MAX_KEEP="32y"
ENV ZOMBIE_CLEAN_SPLIT="no"
ENV ZOMBIE_DIRTY_SPLIT="yes"
ENV ZOMBIE_MAX="100"
ENV ZOMBIE_SERVER_TIME="5m"
ENV AUDITORIUM_OP_CAN_SEE="no"
ENV AUDITORIUM_OPER_CAN_SEE="yes"
ENV AUDITORIUM_OP_VISIBLE="no"
RUN apt -y update RUN apt -y update
RUN apt -y install coreutils perl git automake autoconf build-essential libpcre2-dev rapidjson-dev libcurl4-gnutls-dev libargon2-dev libmaxminddb-dev libldap2-dev rapidjson-dev libmysqlclient-dev libmysqlclient-dev default-libmysqlclient-dev libpq-dev libre2-dev gnutls-dev libsqlite3-dev libmbedtls-dev libqrencode-dev libpcre3-dev libtre-dev pkg-config libwww-perl RUN apt -y install coreutils perl git automake autoconf build-essential libpcre2-dev rapidjson-dev libcurl4-gnutls-dev libargon2-dev libmaxminddb-dev libldap2-dev rapidjson-dev libmysqlclient-dev libmysqlclient-dev default-libmysqlclient-dev libpq-dev libre2-dev gnutls-dev libsqlite3-dev libmbedtls-dev libqrencode-dev libpcre3-dev libtre-dev pkg-config libwww-perl
@ -210,9 +452,9 @@ ADD include.default.conf /etc/inspircd/include.conf
ADD GeoLite2-Country.mmdb /etc/inspircd ADD GeoLite2-Country.mmdb /etc/inspircd
RUN touch /etc/inspircd/motd.txt ADD motd.txt /etc/inspircd/motd.txt
RUN touch /etc/inspircd/oper.motd.txt ADD oper.motd.txt /etc/inspircd/oper.motd.txt
RUN openssl genrsa -out /etc/ssl/inspircd/server.key RUN openssl genrsa -out /etc/ssl/inspircd/server.key

96
config.env.example
View File

@ -1,90 +1,30 @@
ADMIN_EMAIL="no-reply@netcrave.network" ADMIN_EMAIL="no-reply@lame-network.local"
SID="01A" SID="01A"
SERVER_NAME="irc.netcrave.network" SERVER_NAME="irc.lame-network.local"
NETWORK_NAME="NetcraveIRC" NETWORK_NAME="NetcraveIRC"
STS_HOST="irc.netcrave.network" STS_HOST="irc.lame-network.local"
SASL_TARGET="service.netcrave.network" SASL_TARGET="services.lame-network.local"
ADMIN_PASSWORD="changeme" ADMIN_PASSWORD="changeme"
COMMAND_RATE="128000"
FAKE_LAG="on"
HARD_SENDQ="1M"
MAX_CHANS="256"
PING_FREQ="64"
RECVQ="8K"
SOFT_SENDQ="8192"
COMMAND_RATE_THRESHOLD="128"
COMMAND_RATE_THRESHOLD_TIMEOUT="16"
USE_CONN_FLOOD="yes"
USE_DNSBL="yes"
USE_IDENT="no"
GLOBAL_MAX="32"
LOCAL_MAX="16"
MAX_CONN_WARN="yes"
DEFAULT_USER_MODES="+xWz"
PORT="6667" PORT="6667"
RESOLVE_HOST_NAMES="yes"
USE_CONNECT_BAN="yes"
SSL_USER_MODES="+xWz"
SSL_PORT="6697" SSL_PORT="6697"
AUTHENTICATED_USER_MODES="+xwWz"
SERVER_SSL_PORT="7000" SERVER_SSL_PORT="7000"
OPER_CHANNEL="#oper"
HTTP_ACL_PASSWORD="changeme" HTTP_ACL_PASSWORD="changeme"
HTTP_ACL_USERNAME="netcrave" HTTP_ACL_USERNAME="netcrave"
SERVICE_CHANNEL="#services" ROLE_PLAY_VHOST="roleplay/lame-network.local"
HELP_CHANNEL="#help"
MAX_AWAY="256"
MAX_CHAN="31"
MAX_GECOS="256"
MAX_HOST="64"
MAX_IDENT="16"
MAX_KICK="256"
MAX_MODES="32"
MAX_NICK="31"
MAX_QUIT="256"
MAX_TOPIC="256"
ALLOW_MISMATCH="yes"
ALLOW_ZERO_LIMIT="yes"
ANNOUNCE_TS="yes"
CYCLE_HOST_TS="yes"
CYCLE_HOST_FROM_USER="no"
HOST_IN_TOPIC="yes"
INVITE_BYPASS_MODES="yes"
MODES_IN_LIST="yes"
NO_SNOTICE_STACK="yes"
PING_WARNING="8"
PREFIX_PART="""
PREFIX_QUIT="QUIT: ""
SERVER_PING_FREQ="8"
SPLIT_WHOIS="no"
SUFFIX_PART="""
SUFFIX_QUIT="""
SYNTAX_HINTS="yes"
XLINE_MESSAGE="DEAUTHORIZED"
CLONES_ON_CONNECT="yes"
NET_BUFFER_SIZE="10240"
QUIET_BURSTS="yes"
SOFT_LIMIT="102400"
SO_MAX_CONN="1024"
TIME_SKIP_WARN="2s"
ROLE_PLAY_VHOST="rp.netcrave.network"
CUSTOM_VERSION="NetcraveIRC" CUSTOM_VERSION="NetcraveIRC"
FLAT_LINKS="no" NET_ADMIN_VHOST="admin/lame-network.local"
GENERIC_OPER="yes" GLOBAL_OP_VHOST="oper/lame-network.local"
HIDE_BANS="no" HOPM_VHOST="hopm/lame-network.local"
HIDE_MODES="no" HELPER_VHOST="helper/lame-network.local"
HIDE_SPLITS="yes" SERVICES_ULINE="services.lame-network.local"
HIDE_ULINES="no" WS_ORIGIN_ALLOW="irc.lame-network.local"
MAX_TARGETS="16"
RESTRICT_BANNED_USERS="yes"
USER_STATS="Pu"
NET_ADMIN_VHOST="oper/admin.netcrave.network"
GLOBAL_OP_VHOST="oper/op.netcrave.network"
HOPM_VHOST="oper/hopm.netcrave.network"
HELPER_VHOST="oper/helper.netcrave.network"
SERVICES_ULINE="services.netcrave.network"
WS_ORIGIN_ALLOW="irc.netcrave.network"
DEFAULT_BLOCK_HOST_MASK="nothing" DEFAULT_BLOCK_HOST_MASK="nothing"
LINK_RECV_PASSWORD="changeme" LINK_RECV_PASSWORD="changeme"
LINK_SEND_PASSWORD="changeme" LINK_SEND_PASSWORD="changeme"
LINK_TIMEOUT=32 LINK_TIMEOUT="32"
CLOAK_KEY="changeme"
CLOAK_PREFIX="cloak/"
CLOAK_SUFFIX=".hidden"
DEFAULT_USER_MODES="xW"
SSL_USER_MODES="xW"
USE_DNSBL="no"

4
docker-compose.linked.yml
View File

@ -7,8 +7,10 @@ services:
image: inspi4 image: inspi4
network_mode: "host" network_mode: "host"
env_file: "config.env" env_file: "config.env"
command: /usr/local/bin/inspircd -c /etc/inspircd/inspircd.conf -F -d command: /usr/local/bin/inspircd -c /etc/inspircd/inspircd.conf -F
volumes: volumes:
- ./motd.txt:/etc/inspircd/motd.txt:ro
- ./oper.motd.txt:/etc/inspircd/oper.motd.txt:ro
- ./include.conf:/etc/inspircd/include.conf:ro - ./include.conf:/etc/inspircd/include.conf:ro
- ssl:/etc/ssl/inspircd - ssl:/etc/ssl/inspircd
- data:/var/lib/inspircd - data:/var/lib/inspircd

117
include.default.conf
View File

@ -15,12 +15,6 @@
<exception host="*@127.0.0.1/32" <exception host="*@127.0.0.1/32"
reason="Local IRC client"> reason="Local IRC client">
<badword text="vxp"
replace="larry">
<badword text="lol"
replace="%%">
<eventexec command="/bin/true" <eventexec command="/bin/true"
event="rehash"> event="rehash">
@ -28,3 +22,114 @@
name="admin" name="admin"
password="&env.ADMIN_PASSWORD;" password="&env.ADMIN_PASSWORD;"
type="NetAdmin"> type="NetAdmin">
<showfile endtext="End of uptime"
file="/proc/uptime"
introtext="server uptime:"
name="UPTIME">
<showfile endtext="End of loadavg"
file="/proc/loadavg"
introtext="server loadavg:"
name="LOADAVG">
<bind address="*"
port="8000"
type="httpd">
<bind address="*"
port="&env.SSL_PORT;"
sslprofile="defaultssl"
type="clients">
<bind address="*"
port="&env.PORT;"
type="clients">
<bind address="*"
port="7001"
type="servers">
<bind address="*"
port="&env.SERVER_SSL_PORT;"
sslprofile="defaultssl"
type="servers">
<admin email="&env.ADMIN_EMAIL;"
name="admin"
nick="admin">
<server description="internet relay chat network"
id="&env.SID;"
name="&env.SERVER_NAME;"
network="&env.NETWORK_NAME;">
<connect commandrate="&env.COMMAND_RATE;"
fakelag="&env.FAKE_LAG;"
hardsendq="&env.HARD_SENDQ;"
maxchans="&env.MAX_CHANS;"
motd="defaultmotd"
name="all"
pingfreq="&env.PING_FREQ;"
recvq="&env.RECVQ;"
softsendq="&env.SOFT_SENDQ;"
threshold="&env.COMMAND_RATE_THRESHOLD;"
timeout="&env.COMMAND_RATE_THRESHOLD_TIMEOUT;"
useconnflood="&env.USE_CONN_FLOOD;"
usednsbl="&env.USE_DNSBL;"
useident="&env.USE_IDENT;"
resolvehostnames="&env.RESOLVE_HOST_NAMES;"
useconnectban="&env.USE_CONNECT_BAN;">
<connect allow="*"
autojoin="#blackhole"
globalmax="&env.GLOBAL_MAX;"
localmax="&env.LOCAL_MAX;"
maxconnwarn="&env.MAX_CONN_WARN;"
modes="&env.DEFAULT_USER_MODES;"
name="default"
parent="all"
port="&env.PORT;">
<connect allow="*"
autojoin="#blackhole"
globalmax="&env.GLOBAL_MAX;"
localmax="&env.LOCAL_MAX;"
maxconnwarn="&env.MAX_CONN_WARN;"
modes="&env.SSL_USER_MODES;"
name="ssl"
parent="all"
port="&env.SSL_PORT;">
<connect allow="*"
name="authenticated"
globalmax="&env.GLOBAL_MAX;"
localmax="&env.LOCAL_MAX;"
maxconnwarn="&env.MAX_CONN_WARN;"
modes="&env.SSL_USER_MODES;"
parent="all"
port="&env.SSL_PORT;"
requireaccount="yes">
<operjoin channel="&env.OPER_CHANNEL;"
override="no">
<httpdacl password="&env.HTTP_ACL_PASSWORD;"
path="/*"
types="password"
username="&env.HTTP_ACL_USERNAME;">
<autoconnect period="8s"
server="vps-1.lame-network.local">
<link allowmask="*"
bind="1.2.3.4"
hidden="no"
sslprofile="defaultssl"
ipaddr="4.2.3.1"
name="vps-1.lame-network.local"
port="&env.SERVER_SSL_PORT;"
recvpass="&env.LINK_RECV_PASSWORD;"
sendpass="&env.LINK_SEND_PASSWORD;"
statshidden="no"
timeout="&env.LINK_TIMEOUT;">

533
inspircd.conf
View File

@ -1,6 +1,9 @@
<include file="/etc/inspircd/include.conf" <include file="/etc/inspircd/include.conf"
missingokay="yes"> missingokay="yes">
<files motd="/etc/inspircd/motd.txt"
opermotd="/etc/inspircd/oper.motd.txt">
<path datadir="/var/lib/inspircd" <path datadir="/var/lib/inspircd"
configdir="/etc/inspircd" configdir="/etc/inspircd"
runtimedir="/tmp" runtimedir="/tmp"
@ -9,33 +12,6 @@
<maxmind file="/etc/inspircd/GeoLite2-Country.mmdb"> <maxmind file="/etc/inspircd/GeoLite2-Country.mmdb">
<bind address="*"
port="8000"
type="httpd">
<bind address="*"
port="&env.SSL_PORT;"
sslprofile="defaultssl"
type="clients">
<bind address="*"
port="&env.PORT;"
type="clients">
<bind address="*"
port="&env.SERVER_SSL_PORT;"
sslprofile="defaultssl"
type="servers">
<admin email="&env.ADMIN_EMAIL;"
name="admin"
nick="admin">
<server description="General-purpose internet relay chat network"
id="&env.SID;"
name="&env.SERVER_NAME;"
network="&env.NETWORK_NAME;">
<sts duration="5m" <sts duration="5m"
host="&env.STS_HOST;" host="&env.STS_HOST;"
port="&env.SSL_PORT;" port="&env.SSL_PORT;"
@ -44,53 +20,6 @@
<sasl requiressl="yes" <sasl requiressl="yes"
target="&env.SASL_TARGET;"> target="&env.SASL_TARGET;">
<connect commandrate="&env.COMMAND_RATE;"
fakelag="&env.FAKE_LAG;"
hardsendq="&env.HARD_SENDQ;"
maxchans="&env.MAX_CHANS;"
motd="defaultmotd"
name="All"
pingfreq="&env.PING_FREQ;"
recvq="&env.RECVQ;"
softsendq="&env.SOFT_SENDQ;"
threshold="&env.COMMAND_RATE_THRESHOLD;"
timeout="&env.COMMAND_RATE_THRESHOLD_TIMEOUT;"
useconnflood="&env.USE_CONN_FLOOD;"
usednsbl="&env.USE_DNSBL;"
useident="&env.USE_IDENT;"
resolvehostnames="&env.RESOLVE_HOST_NAMES;"
useconnectban="&env.USE_CONNECT_BAN;">
<connect allow="*"
autojoin="#blackhole"
globalmax="&env.GLOBAL_MAX;"
localmax="&env.LOCAL_MAX;"
maxconnwarn="&env.MAX_CONN_WARN;"
modes="&env.DEFAULT_USER_MODES;"
name="default"
port="&env.PORT;">
<connect allow="*"
modes="&env.SSL_USER_MODES;"
name="ssl"
parent="default"
port="&env.SSL_PORT;">
<connect allow="*"
modes="&env.AUTHENTICATED_USER_MODES;"
name="authenticated"
parent="ssl"
registered="yes"
requireaccount="yes">
<operjoin channel="&env.OPER_CHANNEL;"
override="no">
<httpdacl password="&env.HTTP_ACL_PASSWORD;"
path="/*"
types="password"
username="&env.HTTP_ACL_USERNAME;">
<alias format="*" <alias format="*"
replace="SQUERY ChanServ :IDENTIFY $2 $3" replace="SQUERY ChanServ :IDENTIFY $2 $3"
requires="CHANSERV" requires="CHANSERV"
@ -225,9 +154,9 @@
memory="262144" memory="262144"
saltlength="32"> saltlength="32">
<auditorium opcansee="no" <auditorium opcansee="&env.AUDITORIUM_OP_CAN_SEE;"
opercansee="yes" opercansee="&env.AUDITORIUM_OPER_CAN_SEE;"
opvisible="no"> opvisible="&env.AUDITORIUM_OP_VISIBLE;">
<autodrop commands="CONNECT DELETE GET HEAD OPTIONS PATCH POST PUT TRACE"> <autodrop commands="CONNECT DELETE GET HEAD OPTIONS PATCH POST PUT TRACE">
@ -333,114 +262,93 @@
<badnick nick="root" <badnick nick="root"
reason="Don't IRC as root"> reason="Don't IRC as root">
<badnick nick="LINKSERV" <badnick nick="ALIS"
reason="Reserved For Services">
<badnick nick="SPAMSERV"
reason="Reserved For Services">
<badnick nick="GAMESERV"
reason="Reserved For Services">
<badnick nick="MODESERV"
reason="Reserved For Services"> reason="Reserved For Services">
<badnick nick="BOTSERV" <badnick nick="BOTSERV"
reason="Reserved for a network service"> reason="Reserved For Services">
<badnick nick="CHANSERV"
reason="Reserved for a network service">
<badnick nick="GLOBAL"
reason="Reserved for a network service">
<badnick nick="HOSTSERV"
reason="Reserved for a network service">
<badnick nick="MEMOSERV"
reason="Reserved for a network service">
<badnick nick="NICKSERV"
reason="Reserved for a network service">
<badnick nick="OPERSERV"
reason="Reserved for a network service">
<badnick nick="STATSERV"
reason="Reserved for a network service">
<badnick nick="CHANFIX" <badnick nick="CHANFIX"
reason="Reserved for a network service"> reason="Reserved For Services">
<badnick nick="ALIS" <badnick nick="CHANSERV"
reason="Reserved for a network service"> reason="Reserved For Services">
<badnick nick="GAMESERV" <badnick nick="GAMESERV"
reason="Reserved for a network service"> reason="Reserved For Services">
<badnick nick="GLOBAL"
reason="Reserved For Services">
<badnick nick="GROUPSERV"
reason="Reserved For Services">
<badnick nick="HELPSERV" <badnick nick="HELPSERV"
reason="Reserved for a network service"> reason="Reserved For Services">
<badnick nick="HOSTSERV"
reason="Reserved For Services">
<badnick nick="INFOSERV" <badnick nick="INFOSERV"
reason="Reserved for a network service"> reason="Reserved For Services">
<badnick nick="MEMOSERV"
reason="Reserved For Services">
<badnick nick="NICKSERV"
reason="Reserved For Services">
<badnick nick="OPERSERV"
reason="Reserved For Services">
<badnick nick="PROXYSCAN" <badnick nick="PROXYSCAN"
reason="Reserved for a network service"> reason="Reserved For Services">
<badnick nick="RPGSERV" <badnick nick="RPGSERV"
reason="Reserved for a network service"> reason="Reserved For Services">
<badnick nick="SASLSERV" <badnick nick="SASLSERV"
reason="Reserved for a network service"> reason="Reserved For Services">
<banmissing cap="yes" <badnick nick="STATSERV"
duration="4m" reason="Reserved For Services">
reason="CAP required, please upgrade your client"
version="yes">
<banmissing ctcp="yes"
duration="1m"
reason="Enable CTCP or adjust your CTCP flood settings and try again">
<bcrypt rounds="16"> <bcrypt rounds="16">
<blockamsg action="killopers" <blockamsg action="&env.BLOCK_AMSG_ACTION;"
delay="3"> delay="&env.BLOCK_AMSG_DELAY;">
<blockhighlight ignoreextmsg="yes" <blockhighlight ignoreextmsg="&env.BLOCK_HL_IGNORE_EXT_MESSAGE;"
minlen="50" minlen="&env.BLOCK_HL_MIN_LEN;"
minusernum="10" minusernum="&env.BLOCK_HL_MIN_USER_NUM;"
reason="highlighting has been blocked (exceeded limits)" reason="highlighting has been blocked (exceeded limits)"
stripcolor="yes"> stripcolor="&env.BLOCK_HL_STRIP_COLOR;">
<blockinvite modechar="V" <botmode forcenotice="&env.BOT_MODE_FORCE_NOTICE;">
reply="Can't invite, +V">
<botmode forcenotice="no"> <callerid cooldown="&env.CALLER_ID_COOL_DOWN;"
maxaccepts="&env.CALLER_ID_MAX_ACCEPTS;"
tracknick="&env.CALLER_ID_TRACK_NICK;">
<callerid cooldown="4m" <cban glob="&env.CBAN_GLOB;">
maxaccepts="256"
tracknick="yes">
<cban glob="yes"> <chanfilter hidemask="&env.CHAN_FILTER_HIDE_MASK;"
maxlen="&env.CHAN_FILTER_MAX_LEN;"
notifyuser="&env.CHAN_FILTER_NOTIFY_USER;">
<chanfilter hidemask="yes" <chanhistory bots="&env.CHAN_HISTORY_BOTS;"
maxlen="512" enableumode="&env.CHAN_HISTORY_ENABLE_UMODE;"
notifyuser="yes"> maxlines="&env.CHAN_HISTORY_MAX_LINES;"
prefixmsg="&env.CHAN_HISTORY_PREFIX_MSG;">
<chanhistory bots="yes"
enableumode="yes"
maxlines="64"
prefixmsg="yes">
<chanlog channel="&env.OPER_CHANNEL;" <chanlog channel="&env.OPER_CHANNEL;"
snomasks="DdRrtXxLlkKvgfFoO"> snomasks="&env.OPER_CHANNEL_SNOMASK;">
<channames allowrange="35,45-46" <channames allowrange="&env.CHAN_NAMES_ALLOW_RANGE;"
denyrange="1-47,58-64,91-96,123-255"> denyrange="CHAN_NAMES_DENY_RANGE;">
<channels opers="4294967295" <channels opers="&env.CHANNELS_OPERS;"
users="4294967295"> users="&env.CHANNELS_USERS;">
<class chanmodes="*" <class chanmodes="*"
commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOADMODULE GLOADMODULE GUNLOADMODULE GRELOADMODULE" commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOADMODULE GLOADMODULE GUNLOADMODULE GRELOADMODULE"
@ -482,31 +390,21 @@
<class name="RolePlay" <class name="RolePlay"
priv="channels/roleplay channels/roleplay-override"> priv="channels/roleplay channels/roleplay-override">
<cloak ignorecase="no" <cloak ignorecase="&env.CLOAK_IGNORE_CASE;"
key="BP4qa616oRTJLnUMYZfdcllopx1mere0OlyyLtsicNh2NRyywd529cmvtZnlbNLCbsIkY7Efk6Dp170u" key="&env.CLOAK_KEY;"
mode="full" mode="&env.CLOAK_MODE;"
prefix="cloak/" prefix="&env.CLOAK_PREFIX;"
suffix=".hidden"> suffix="&env.CLOAK_SUFFIX;">
<codepage name="ascii"> <codepage name="&env.CODE_PAGE;">
<connectban banmessage="filtered for connection hammering; wait 64 seconds to retry" <connectban banmessage="filtered for connection hammering; wait 64 seconds to retry"
bootwait="128" bootwait="&env.CONNECT_BAN_BOOT_WAIT;"
duration="64" duration="&env.CONNECT_BAN_DURATION;"
ipv4cidr="32" ipv4cidr="&env.CONNECT_BAN_V4_PREFIX_LEN;"
ipv6cidr="128" ipv6cidr="&env.CONNECT_BAN_v6_PREFIX_LEN;"
splitwait="128" splitwait="&env.CONNECT_BAN_SPLIT_WAIT;"
threshold="32"> threshold="&env.CONNECT_BAN_THRESHOLD;">
<connflood bootwait="2m"
maxconns="8"
period="32s"
quitmsg="This module isn't used, use connban instead"
timeout="32s">
<connrequire blockmessage="Enable CTCP or adjust your CTCP flood settings and try again in 1 minute"
ctcpstring="TIME"
timeout="5">
<cpcase lower="97" <cpcase lower="97"
upper="65"> upper="65">
@ -610,7 +508,7 @@
<cpchars front="no" <cpchars front="no"
index="47"> index="47">
<ctctags allowclientonlytags="no"> <ctctags allowclientonlytags="&env.CTC_TAGS_ALLOW_CLIENT_ONLY_TAGS;">
<customprefix letter="q" <customprefix letter="q"
name="founder" name="founder"
@ -641,20 +539,17 @@
rank="10000" rank="10000"
ranktoset="20000"> ranktoset="20000">
<dccblock channels="no" <deaf bypasschars="&env.DEAF_BYPASS_CHARS;"
users="no"> bypasscharsuline="&env.DEAF_BYPASS_CHARS_ULINE;"
enableprivdeaf="&env.DEAF_ENABLE_PRIV_DEAF;"
privdeafuline="&env.DEAF_PRIV_DEAF_ULINE;">
<deaf bypasschars="" <delaymsg allownotice="&env.DELAY_MSG_ALLOW_NOTICE;">
bypasscharsuline="!"
enableprivdeaf="yes"
privdeafuline="yes">
<delaymsg allownotice="yes"> <disabled chanmodes="&env.DISABLE_CHMODES;"
commands="&env.DISABLE_COMMANDS;"
<disabled chanmodes="" fakenonexistant="&env.DISABLE_FAKENONEXISTANT;"
commands="" usermodes="&env.DISABLE_USERMODES;">
fakenonexistant="no"
usermodes="w">
<dnsbl action="zline" <dnsbl action="zline"
domain="dnsbl.dronebl.org" domain="dnsbl.dronebl.org"
@ -683,57 +578,47 @@
timeout="5s" timeout="5s"
type="record"> type="record">
<dualversion active="yes"
ban="yes"
duration="1m"
reason="Enable CTCP or adjust your CTCP flood settings and try again in 1 minute"
show="yes">
<exception host="*@127.0.0.1/32"
reason="Local IRC client">
<exemptfromfilter target="&env.OPER_CHANNEL;"> <exemptfromfilter target="&env.OPER_CHANNEL;">
<exemptfromfilter target="&env.SERVICE_CHANNEL;"> <exemptfromfilter target="&env.SERVICE_CHANNEL;">
<exemptfromfilter target="&env.HELP_CHANNEL;"> <exemptfromfilter target="&env.HELP_CHANNEL;">
<exemptfromfilter target="ALIS">
<exemptfromfilter target="BOTSERV"> <exemptfromfilter target="BOTSERV">
<exemptfromfilter target="CHANFIX">
<exemptfromfilter target="CHANSERV"> <exemptfromfilter target="CHANSERV">
<exemptfromfilter target="GAMESERV">
<exemptfromfilter target="GLOBAL"> <exemptfromfilter target="GLOBAL">
<exemptfromfilter target="GROUPSERV">
<exemptfromfilter target="HELPSERV">
<exemptfromfilter target="HOSTSERV"> <exemptfromfilter target="HOSTSERV">
<exemptfromfilter target="INFOSERV">
<exemptfromfilter target="MEMOSERV"> <exemptfromfilter target="MEMOSERV">
<exemptfromfilter target="NICKSERV"> <exemptfromfilter target="NICKSERV">
<exemptfromfilter target="OPERSERV"> <exemptfromfilter target="OPERSERV">
<exemptfromfilter target="PROXYSCAN">
<exemptfromfilter target="RPGSERV">
<exemptfromfilter target="SASLSERV">
<exemptfromfilter target="STATSERV"> <exemptfromfilter target="STATSERV">
<extbanredirect char="d"> <hidechans affectsopers="&env.HIDECHANS_AFFECTS_OPERS;">
<extbanregex engine="pcre"
opersonly="yes">
<fakelist killonjoin="false"
maxusers="50"
minusers="20"
reason="User hit a spam trap"
target="#spamtrap"
topic="SPAM TRAP: DO NOT JOIN, wait 30 seconds for real channel list"
waittime="1s">
<filteropts engine="glob"
notifyuser="yes"
warnonselfmsg="yes">
<hidechans affectsopers="true">
<hideidle modechar="a">
<hidelist mode="filter" <hidelist mode="filter"
rank="30000"> rank="30000">
@ -744,48 +629,29 @@
<hidemode mode="ban" <hidemode mode="ban"
rank="10000"> rank="10000">
<hostname charmap="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.-_/0123456789,"> <hostname charmap="&env.HOSTNAME_CHAR_MAP;">
<httpd timeout="8s"> <httpd timeout="&env.HTTPD_TIMEOUT;">
<httpstats enableparams="yes"> <ident prefixunqueried="&env.IDENT_PREFIX_UNQUERIED;"
timeout="&env.IDENT_TIMEOUT;">
<ident prefixunqueried="yes" <insane hostmasks="&env.INSANE_HOSTMASKS;"
timeout="2"> ipmasks="&env.INSANE_IPMASKS;"
nickmasks="&env.INSANE_NICKMASKS;"
trigger="&env.INSANE_TRIGGER;">
<idleprofile away="only" <inviteexception bypasskey="&env.INVITE_EXCEPTION_BYPASS_KEY;">
idletime="7200"
ignoreloggedin="no"
name="example"
nochans="true"
reason="Disconnected for inactivity">
<insane hostmasks="no" <ircv3 accountnotify="&env.IRCV3_ACCOUNT_NOTIFY;"
ipmasks="no" awaynotify="&env.IRCV3_AWAY_NOTIFY;"
nickmasks="no" extendedjoin="&env.IRCV3_EXTENDED_JOIN;">
trigger="95.5">
<inviteexception bypasskey="yes"> <joinflood bootwait="&env.JOIN_FLOOD_BOOT_WAIT;"
duration="&env.JOIN_FLOOD_DURATION;"
splitwait="&env.JOIN_FLOOD_SPLIT_WAIT;">
<ircv3 accountnotify="yes" <knock notify="&env.KNOCK_NOTIFY;">
awaynotify="yes"
extendedjoin="yes">
<joinflood bootwait="32s"
duration="2m"
splitwait="32s">
<joinpartspam allowredirect="no"
freeredirect="no"
modechar="x">
<keyword action="gline"
duration="5m"
flags="*"
pattern="*startkeylogger*"
reason="keylogger failed to start">
<knock notify="both">
<limits maxaway="&env.MAX_AWAY;" <limits maxaway="&env.MAX_AWAY;"
maxchan="&env.MAX_CHAN;" maxchan="&env.MAX_CHAN;"
@ -809,21 +675,21 @@
type="* -USERINPUT -USEROUTPUT"> type="* -USERINPUT -USEROUTPUT">
<maxlist chan="largechan" <maxlist chan="largechan"
limit="512" limit="&env.LIST_MAX_SIZE;"
mode="ban"> mode="ban">
<maxlist chan="largechan" <maxlist chan="largechan"
limit="512" limit="&env.LIST_MAX_SIZE;"
mode="e"> mode="e">
<maxlist chan="*" <maxlist chan="*"
limit="256"> limit="&env.LIST_NORMAL_SIZE;">
<maxmind file="/etc/inspircd/geolite2.mmdb"> <maxmind file="/etc/inspircd/geolite2.mmdb">
<messageflood notice="1.0" <messageflood notice="&env.MESSAGE_FLOOD_NOTICE;"
privmsg="1.0" privmsg="&env.MESSAGE_FLOOD_PRIVMSG;"
tagmsg="0.2"> tagmsg="&env.MESSAGE_FLOOD_TAG_MSG;">
<module name="geo_maxmind"> <module name="geo_maxmind">
@ -839,8 +705,6 @@
<module name="anticaps"> <module name="anticaps">
<module name="anticaps">
<module name="argon2"> <module name="argon2">
<module name="auditorium"> <module name="auditorium">
@ -899,8 +763,6 @@
<module name="connectban"> <module name="connectban">
<module name="connflood">
<module name="conn_join"> <module name="conn_join">
<module name="conn_umodes"> <module name="conn_umodes">
@ -1217,8 +1079,6 @@
<module name="regex_tre"> <module name="regex_tre">
<module name="solvemsg">
<module name="stats_unlinked"> <module name="stats_unlinked">
<module name="teams"> <module name="teams">
@ -1227,31 +1087,27 @@
<module name="userip"> <module name="userip">
<monitor maxentries="256"> <monitor maxentries="&env.MONITOR_MAX_ENTRIES;">
<muteban notifyuser="yes"> <muteban notifyuser="&env.MUTE_BAN_NOTIFY_USER;">
<nickdelay delay="5" <nickdelay delay="&env.NICK_DELAY;"
hint="true"> hint="&env.NICK_DELAY_HINT;">
<nickflood duration="60s"> <nickflood duration="&env.NICK_FLOOD_DURATION;">
<nocreate noisy="yes" <noctcp enableumode="&env.NO_CTCP_ENABLE_UMODE;">
reason="You are not allowed to create channels"
telluser="yes">
<noctcp enableumode="yes"> <ojoin notice="&env.OJOIN_NOTICE;"
op="&env.OJOIN_OP;"
prefix="&env.OJOIN_PREFIX;">
<ojoin notice="yes" <operlog tosnomask="&env.OPER_TO_SNOMASK;">
op="yes"
prefix="!">
<operlog tosnomask="on">
<opermotd file="/etc/inspircd/oper.motd.txt" <opermotd file="/etc/inspircd/oper.motd.txt"
onoper="yes"> onoper="yes">
<operprefix prefix="*"> <operprefix prefix="&env.OPER_PREFIX;">
<options allowmismatch="&env.ALLOW_MISMATCH;" <options allowmismatch="&env.ALLOW_MISMATCH;"
allowzerolimit="&env.ALLOW_ZERO_LIMIT;" allowzerolimit="&env.ALLOW_ZERO_LIMIT;"
@ -1277,9 +1133,9 @@
syntaxhints="&env.SYNTAX_HINTS;" syntaxhints="&env.SYNTAX_HINTS;"
xlinemessage="&env.XLINE_MESSAGE;"> xlinemessage="&env.XLINE_MESSAGE;">
<override enableumode="yes" <override enableumode="&env.OVERRIDE_ENABLE_UMODE;"
noisy="yes" noisy="&env.OVERRIDE_NOISY;"
requirekey="yes"> requirekey="&env.OVERRIDE_REQUIRE_KEY;">
<passforward cmd="SQUERY $nickrequired :IDENTIFY $nick $pass" <passforward cmd="SQUERY $nickrequired :IDENTIFY $nick $pass"
forwardmsg="NOTICE $nick :*** Forwarding PASS to $nickrequired" forwardmsg="NOTICE $nick :*** Forwarding PASS to $nickrequired"
@ -1323,42 +1179,26 @@
darkcolour="black" darkcolour="black"
lightcolour="white"> lightcolour="white">
<randquote file="quotes"
prefix="❦ "
suffix="">
<remove protectedrank="50000" <remove protectedrank="50000"
supportnokicks="yes"> supportnokicks="&env.REMOVE_SUPPORT_NO_KICKS;">
<repeat maxbacklog="20" <repeat maxbacklog="&env.REPEAT_MAX_BACK_LOG;"
maxdistance="50" maxdistance="&env.REPEAT_MAX_DISTANCE;"
maxlines="20" maxlines="&env.REPEAT_MAX_LINES;"
maxtime="0" maxtime="&env.REPEAT_MAX_TIME;"
size="512"> size="&env.REPEAT_MAX_SIZE;">
<restrictchans allowregistered="no"> <restrictchans allowregistered="&env.RESTRICT_CHANS_ALLOW_REGISTERED;">
<restrictmsg_duration duration="1s" <rline engine="&env.RLINE_ENGINE;"
exemptoper="yes" matchonnickchange="&env.RLINE_MATCH_ON_NICK_CHANGE;"
exemptregistered="yes" zlineonmatch="&env.RLINE_ZLINE_ON_MATCH;">
exemptuline="yes"
notify="no"
target="both">
<rline engine="pcre"
matchonnickchange="yes"
zlineonmatch="no">
<roleplay mode="U"
needchanmode="true"
needop="false"
npchost="&env.ROLE_PLAY_VHOST;">
<rotatelog period="86400"> <rotatelog period="86400">
<securelist exemptregistered="yes" <securelist exemptregistered="&env.SECURE_LIST_EXEMPT_REGISTERED;"
showmsg="yes" showmsg="&env.SECURE_LIST_SHOW_MSG;"
waittime="8s"> waittime="&env.SECURE_LIST_WAIT_TIME;">
<security allowcoreunload="no" <security allowcoreunload="no"
announceinvites="dynamic" announceinvites="dynamic"
@ -1373,55 +1213,30 @@
restrictbannedusers="&env.RESTRICT_BANNED_USERS;" restrictbannedusers="&env.RESTRICT_BANNED_USERS;"
userstats="&env.USER_STATS;"> userstats="&env.USER_STATS;">
<shedusers blockconnect="yes" <showwhois opersonly="&env.SHOW_WHOIS_OPER_ONLY;"
blockmessage="This server is in maintenance mode." showfromopers="&env.SHOW_WHOIS_FROM_OPERS;">
kill="no"
maxusers="0"
message="This server has entered maintenance mode."
minidle="3600"
shedopers="no"
shutdown="no">
<showfile endtext="End of uptime" <shun affectopers="&env.SHUN_AFFECT_OPERS;"
file="/proc/uptime" allowconnect="&env.SHUN_ALLOW_CONNECT;"
introtext="server uptime:" allowtags="&env.SHUN_ALLOW_TAGS;"
name="UPTIME"> cleanedcommands="&env.SHUN_CLEANED_COMMANDS;"
enabledcommands="&env.SHUN_ENABLED_COMMANDS;"
notifyuser="&env.SHUN_NOTIFY_USER;">
<showfile endtext="End of loadavg" <silence exemptuline="&env.SILENCE_EXEMPT_ULINE;"
file="/proc/loadavg" maxentries="&env.SILENCE_MAX_ENTRIES;">
introtext="server loadavg:"
name="LOADAVG">
<showwhois opersonly="no" <sslinfo operonly="&env.SSL_INFO_OPER_ONLY;">
showfromopers="yes">
<shun affectopers="no" <sslmodes enableumode="&env.SSL_ENABLE_UMODE;">
allowconnect="no"
allowtags="no"
cleanedcommands="AWAY PART QUIT"
enabledcommands="ADMIN OPER PING PONG QUIT PART JOIN"
notifyuser="yes">
<silence exemptuline="yes"
maxentries="256">
<sslinfo operonly="no">
<sslmodes enableumode="yes">
<stdregex type="ecmascript"> <stdregex type="ecmascript">
<strictsasl reason="Fix your SASL authentication settings and try again"> <strictsasl reason="Fix your SASL authentication settings and try again">
<svshold silent="false"> <svshold silent="&env.SVS_HOLD_SILENT;">
<timedbans sendnotice="yes"> <timedbans sendnotice="&env.TIMED_BANS_SEND_NOTICE;">
<timedstaticquit mintime="8m"
quitmsg="client quit within first 8 minutes">
<totp hash="sha256"
window="5">
<type classes="SACommands OperChat BanControl HostCloak Shutdown ServerLink" <type classes="SACommands OperChat BanControl HostCloak Shutdown ServerLink"
modes="+s +cCqQ" modes="+s +cCqQ"
@ -1443,24 +1258,24 @@
<uline server="&env.SERVICES_ULINE;" <uline server="&env.SERVICES_ULINE;"
silent="no"> silent="no">
<waitpong killonbadreply="yes" <waitpong killonbadreply="&env.WAIT_PONG_KILL_ON_BAD_REPLY;"
sendsnotice="yes"> sendsnotice="&env.WAIT_PONG_SEND_NOTICE;">
<watch maxwatch="256"> <watch maxwatch="&env.WATCH_MAX;">
<whowas groupsize="10" <whowas groupsize="&env.WHOWAS_GROUP_SIZE;"
maxgroups="100000" maxgroups="&env.WHOWAS_MAX_GROUPS;"
maxkeep="32y"> maxkeep="&env.WHOWAS_MAX_KEEP;">
<wsorigin allow="&env.WS_ORIGIN_ALLOW;"> <wsorigin allow="&env.WS_ORIGIN_ALLOW;">
<xlinedb filename="/var/lib/inspircd/xline.db" <xlinedb filename="/var/lib/inspircd/xline.db"
saveperiod="128s"> saveperiod="128s">
<zombie cleansplit="no" <zombie cleansplit="&env.ZOMBIE_CLEAN_SPLIT;"
dirtysplit="yes" dirtysplit="&env.ZOMBIE_DIRTY_SPLIT;"
maxzombies="100" maxzombies="&env.ZOMBIE_MAX;"
serverzombietime="5m"> serverzombietime="&env.ZOMBIE_SERVER_TIME;">
<alias text="HELPOP" replace="HELP $2-"> <alias text="HELPOP" replace="HELP $2-">

1
motd.txt Normal file
View File

@ -0,0 +1 @@
-

1
oper.motd.txt Normal file
View File

@ -0,0 +1 @@
-

1
services/.env
View File

@ -1 +0,0 @@
config.env

2
services/.gitignore vendored
View File

@ -1,2 +0,0 @@
include.conf
config.env

58
services/Dockerfile
View File

@ -1,58 +0,0 @@
FROM ubuntu:latest
ARG BUILD_SERVER_NAME="services.lame-network.local"
RUN apt -y update
RUN apt -y install coreutils perl git automake autoconf build-essential libpcre2-dev rapidjson-dev libcurl4-gnutls-dev libargon2-dev libmaxminddb-dev libldap2-dev rapidjson-dev libmysqlclient-dev libmysqlclient-dev default-libmysqlclient-dev libpq-dev libre2-dev gnutls-dev libsqlite3-dev libmbedtls-dev libqrencode-dev libpcre3-dev libtre-dev pkg-config libwww-perl libidn-dev libpasswdqc-dev libcrack2-dev libperl-dev libsodium-dev cracklib-runtime libcrypt-cracklib-perl sendmail
RUN groupadd atheme
RUN useradd --system --shell /bin/bash atheme -g atheme
WORKDIR /tmp
RUN git clone https://github.com/paigeadelethompson/atheme.git -b inspircd
WORKDIR /tmp/atheme
RUN git submodule update --init --recursive
RUN ./configure --prefix=/usr/local --enable-large-net --enable-contrib --enable-legacy-pwcrypto
RUN make -j$(nproc)
RUN make install
RUN mkdir -p /etc/atheme -p /etc/ssl/atheme -p /var/log/atheme
RUN mv /usr/local/etc /usr/local/etc_old
RUN ln -sf /etc/atheme /usr/local/etc
ADD atheme.conf /etc/atheme
ADD include.default.conf /etc/atheme/include.conf
RUN openssl genrsa -out /etc/ssl/atheme/server.key
RUN openssl req -new -key /etc/ssl/atheme/server.key -out /etc/ssl/atheme/server.csr \
-subj "/C=US/ST=Washington/L=Seattle/O=LameNetwork/OU=IT Department/CN=$BUILD_SERVER_NAME"
RUN openssl x509 -req -days 365 -in /etc/ssl/atheme/server.csr -signkey /etc/ssl/atheme/server.key -out /etc/ssl/atheme/server.crt
RUN chown -R atheme:atheme /etc/atheme /etc/ssl/atheme /var/log/atheme
WORKDIR /
USER atheme
RUN /usr/local/bin/atheme-services -b ; true
VOLUME /etc/atheme
VOLUME /etc/ssl/atheme
VOLUME /var/log/atheme
ENTRYPOINT ["/usr/local/bin/atheme-services", "-p", "/tmp/atheme.pid", "-n", "-d"]

89
services/README.md
View File

@ -1,89 +0,0 @@
# Instructions
## docker-compose
- Copy `config.env.example` to `config.env` and edit
- Copy `include.default.conf` to `include.conf` and edit
- `docker-compose up -d`
## include.conf
```
serverinfo {
name = "services.netcrave.network";
desc = "IRC Services";
numeric = "00A";
recontime = 10;
netname = "LameNet";
hidehostsuffix = "users.misconfigured";
adminname = "admin";
adminemail = "no-reply@services.netcrave.network";
registeremail = "no-reply@services.netcrave.network";
hidden;
mta = "/usr/sbin/sendmail";
loglevel = { admin; error; info; network; wallops; };
maxcertfp = 0;
maxlogins = 5;
maxusers = 5;
mdlimit = 30;
emaillimit = 10;
emailtime = 300;
auth = none;
casemapping = rfc1459;
};
uplink "irc.netcrave.network" {
host = "127.0.0.1";
port = 7001;
send_password = "changeme";
receive_password = "changeme";
};
operator "admin" {
operclass = "sra";
password = "changeme";
};
general {
permissive_mode;
helpchan = "#help";
helpurl = "https://www.netcrave.network";
verbose_wallops;
join_chans;
leave_chans;
secure;
uflags = { hidemail; };
cflags = { guard; verbose; };
raw;
flood_msgs = 7;
flood_time = 10;
ratelimit_uses = 5;
ratelimit_period = 60;
vhost_change = 30;
kline_time = 7;
kline_with_ident;
kline_verified_ident;
clone_time = 0;
commit_interval = 5;
db_save_blocking;
operstring = "is an IRC Operator";
servicestring = "is a Network Service";
default_clone_allowed = 5;
default_clone_warn = 4;
clone_identified_increase_limit;
uplink_sendq_limit = 1048576;
language = "en";
exempts {
};
allow_taint;
immune_level = immune;
show_entity_id;
load_database_mdeps;
hide_opers;
match_masks_through_vhost;
default_password_length = 16;
};
```

690
services/atheme.conf
View File

@ -1,690 +0,0 @@
include "/etc/atheme/include.conf";
loadmodule "security/cmdperm";
loadmodule "protocol/inspircd";
loadmodule "protocol/mixin_nohalfops";
loadmodule "protocol/mixin_noholdnick";
loadmodule "protocol/mixin_noprotect";
loadmodule "protocol/mixin_noowner";
loadmodule "backend/opensex";
loadmodule "crypto/argon2";
loadmodule "crypto/scrypt";
loadmodule "crypto/pbkdf2v2";
loadmodule "crypto/bcrypt";
loadmodule "crypto/pbkdf2";
loadmodule "crypto/crypt3-sha2-512";
loadmodule "crypto/crypt3-sha2-256";
loadmodule "crypto/crypt3-md5";
loadmodule "crypto/rawsha2-512";
loadmodule "crypto/rawsha2-256";
loadmodule "crypto/anope-enc-sha256";
loadmodule "crypto/rawsha1";
loadmodule "crypto/rawmd5";
loadmodule "crypto/ircservices";
loadmodule "crypto/crypt3-des";
loadmodule "crypto/base64";
loadmodule "auth/ldap";
loadmodule "nickserv/main";
loadmodule "nickserv/access";
loadmodule "nickserv/badmail";
loadmodule "nickserv/cert";
loadmodule "nickserv/drop";
loadmodule "nickserv/enforce";
loadmodule "nickserv/ghost";
loadmodule "nickserv/group";
loadmodule "nickserv/help";
loadmodule "nickserv/hold";
loadmodule "nickserv/identify";
loadmodule "nickserv/info";
loadmodule "nickserv/info_lastquit";
loadmodule "nickserv/list";
loadmodule "nickserv/listlogins";
loadmodule "nickserv/listmail";
loadmodule "nickserv/listownmail";
loadmodule "nickserv/login";
loadmodule "nickserv/loginnolimit";
loadmodule "nickserv/logout";
loadmodule "nickserv/mark";
loadmodule "nickserv/pwquality";
loadmodule "nickserv/freeze";
loadmodule "nickserv/listchans";
loadmodule "nickserv/listgroups";
loadmodule "nickserv/register";
loadmodule "nickserv/regnolimit";
loadmodule "nickserv/resetpass";
loadmodule "nickserv/restrict";
loadmodule "nickserv/return";
loadmodule "nickserv/setpass";
loadmodule "nickserv/sendpass";
loadmodule "nickserv/sendpass_user";
loadmodule "nickserv/set_accountname";
loadmodule "nickserv/set_badpasswdmsg";
loadmodule "nickserv/set_email";
loadmodule "nickserv/set_emailmemos";
loadmodule "nickserv/set_enforcetime";
loadmodule "nickserv/set_hidemail";
loadmodule "nickserv/set_language";
loadmodule "nickserv/set_nevergroup";
loadmodule "nickserv/set_neverop";
loadmodule "nickserv/set_nogreet";
loadmodule "nickserv/set_nomemo";
loadmodule "nickserv/set_noop";
loadmodule "nickserv/set_nopassword";
loadmodule "nickserv/set_password";
loadmodule "nickserv/set_privmsg";
loadmodule "nickserv/set_private";
loadmodule "nickserv/set_property";
loadmodule "nickserv/set_pubkey";
loadmodule "nickserv/set_quietchg";
loadmodule "nickserv/status";
loadmodule "nickserv/taxonomy";
loadmodule "nickserv/vacation";
loadmodule "nickserv/verify";
loadmodule "nickserv/vhost";
loadmodule "nickserv/waitreg";
loadmodule "chanserv/main";
loadmodule "chanserv/access";
loadmodule "chanserv/akick";
loadmodule "chanserv/ban";
loadmodule "chanserv/unban_self";
loadmodule "chanserv/bansearch";
loadmodule "chanserv/clone";
loadmodule "chanserv/close";
loadmodule "chanserv/clear";
loadmodule "chanserv/clear_akicks";
loadmodule "chanserv/clear_bans";
loadmodule "chanserv/clear_flags";
loadmodule "chanserv/clear_users";
loadmodule "chanserv/count";
loadmodule "chanserv/drop";
loadmodule "chanserv/fflags";
loadmodule "chanserv/flags";
loadmodule "chanserv/ftransfer";
loadmodule "chanserv/getkey";
loadmodule "chanserv/halfop";
loadmodule "chanserv/help";
loadmodule "chanserv/hold";
loadmodule "chanserv/info";
loadmodule "chanserv/invite";
loadmodule "chanserv/kick";
loadmodule "chanserv/list";
loadmodule "chanserv/mark";
loadmodule "chanserv/moderate";
loadmodule "chanserv/op";
loadmodule "chanserv/owner";
loadmodule "chanserv/protect";
loadmodule "chanserv/quiet";
loadmodule "chanserv/recover";
loadmodule "chanserv/register";
loadmodule "chanserv/set_email";
loadmodule "chanserv/set_entrymsg";
loadmodule "chanserv/set_fantasy";
loadmodule "chanserv/set_gameserv";
loadmodule "chanserv/set_guard";
loadmodule "chanserv/set_keeptopic";
loadmodule "chanserv/set_limitflags";
loadmodule "chanserv/set_mlock";
loadmodule "chanserv/set_prefix";
loadmodule "chanserv/set_private";
loadmodule "chanserv/set_property";
loadmodule "chanserv/set_pubacl";
loadmodule "chanserv/set_restricted";
loadmodule "chanserv/set_secure";
loadmodule "chanserv/set_topiclock";
loadmodule "chanserv/set_url";
loadmodule "chanserv/set_verbose";
loadmodule "chanserv/status";
loadmodule "chanserv/sync";
loadmodule "chanserv/successor_acl";
loadmodule "chanserv/taxonomy";
loadmodule "chanserv/template";
loadmodule "chanserv/topic";
loadmodule "chanserv/voice";
loadmodule "chanserv/why";
loadmodule "chanserv/xop";
loadmodule "chanserv/antiflood";
loadmodule "chanfix/main";
loadmodule "operserv/akill";
loadmodule "operserv/clearchan";
loadmodule "operserv/clones";
loadmodule "operserv/compare";
loadmodule "operserv/genhash";
loadmodule "operserv/greplog";
loadmodule "operserv/help";
loadmodule "operserv/identify";
loadmodule "operserv/ignore";
loadmodule "operserv/info";
#loadmodule "operserv/joinrate";
loadmodule "operserv/jupe";
loadmodule "operserv/mode";
loadmodule "operserv/modlist";
loadmodule "operserv/modmanager";
loadmodule "operserv/noop";
loadmodule "operserv/rakill";
loadmodule "operserv/readonly";
loadmodule "operserv/rehash";
loadmodule "operserv/restart";
loadmodule "operserv/rmatch";
loadmodule "operserv/rnc";
loadmodule "operserv/rwatch";
loadmodule "operserv/set";
loadmodule "operserv/sgline";
loadmodule "operserv/shutdown";
loadmodule "operserv/soper";
loadmodule "operserv/specs";
loadmodule "operserv/sqline";
loadmodule "operserv/update";
loadmodule "operserv/uptime";
loadmodule "memoserv/help";
loadmodule "memoserv/send";
loadmodule "memoserv/sendops";
loadmodule "memoserv/sendgroup";
loadmodule "memoserv/list";
loadmodule "memoserv/read";
loadmodule "memoserv/forward";
loadmodule "memoserv/delete";
loadmodule "memoserv/ignore";
loadmodule "global/main";
loadmodule "infoserv/main";
loadmodule "saslserv/authcookie";
loadmodule "saslserv/ecdh-x25519-challenge";
loadmodule "saslserv/ecdsa-nist256p-challenge";
loadmodule "saslserv/external";
loadmodule "saslserv/plain";
loadmodule "saslserv/scram";
loadmodule "gameserv/dice";
loadmodule "gameserv/eightball";
loadmodule "gameserv/gamecalc";
loadmodule "gameserv/help";
loadmodule "gameserv/lottery";
loadmodule "gameserv/namegen";
loadmodule "gameserv/rps";
loadmodule "rpgserv/enable";
loadmodule "rpgserv/help";
loadmodule "rpgserv/info";
loadmodule "rpgserv/list";
loadmodule "rpgserv/search";
loadmodule "rpgserv/set";
loadmodule "botserv/main";
loadmodule "botserv/help";
loadmodule "botserv/info";
loadmodule "botserv/bottalk";
loadmodule "botserv/set_fantasy";
loadmodule "botserv/set_nobot";
loadmodule "botserv/set_private";
loadmodule "botserv/set_saycaller";
loadmodule "hostserv/help";
loadmodule "hostserv/onoff";
loadmodule "hostserv/offer";
loadmodule "hostserv/request";
loadmodule "hostserv/vhost";
loadmodule "hostserv/vhostnick";
loadmodule "hostserv/group";
loadmodule "hostserv/drop";
loadmodule "helpserv/helpme";
loadmodule "helpserv/ticket";
loadmodule "helpserv/services";
loadmodule "alis/main";
loadmodule "statserv/channel";
loadmodule "statserv/netsplit";
loadmodule "statserv/server";
loadmodule "groupserv/main";
loadmodule "groupserv/acsnolimit";
loadmodule "groupserv/drop";
loadmodule "groupserv/fflags";
loadmodule "groupserv/flags";
loadmodule "groupserv/help";
loadmodule "groupserv/info";
loadmodule "groupserv/join";
loadmodule "groupserv/list";
loadmodule "groupserv/listchans";
loadmodule "groupserv/register";
loadmodule "groupserv/regnolimit";
loadmodule "groupserv/invite";
loadmodule "groupserv/set";
loadmodule "groupserv/set_channel";
loadmodule "groupserv/set_description";
loadmodule "groupserv/set_email";
loadmodule "groupserv/set_groupname";
loadmodule "groupserv/set_joinflags";
loadmodule "groupserv/set_open";
loadmodule "groupserv/set_public";
loadmodule "groupserv/set_url";
loadmodule "misc/httpd";
loadmodule "misc/login_throttling";
loadmodule "transport/xmlrpc";
loadmodule "exttarget/oper";
loadmodule "exttarget/registered";
loadmodule "exttarget/channel";
loadmodule "exttarget/chanacs";
loadmodule "exttarget/server";
loadmodule "proxyscan/dnsbl";
crypto {
argon2_type = "argon2id";
argon2_memcost = 16;
argon2_timecost = 3;
argon2_threads = 1;
argon2_saltlen = 16;
argon2_hashlen = 64;
scrypt_memlimit = 14;
scrypt_opslimit = 524288;
pbkdf2v2_digest = "SHA2-512";
pbkdf2v2_rounds = 64000;
pbkdf2v2_saltlen = 32;
scram_mechanisms = "SCRAM-SHA-1,SCRAM-SHA-256,SCRAM-SHA-512";
bcrypt_cost = 7;
crypt3_sha2_256_rounds = 5000;
crypt3_sha2_512_rounds = 5000;
};
nickserv {
nick = "NICKSERV";
user = "NICKSERV";
host = "services/-";
real = "Nickname Services";
aliases {
"ID" = "IDENTIFY";
"MYACCESS" = "LISTCHANS";
};
access {
};
spam;
no_nick_ownership;
maxnicks = 5;
expire = 30;
enforce_expire = 14;
enforce_delay = 30;
enforce_prefix = "G`";
waitreg_time = 0;
cracklib_dict = "/var/cache/cracklib/cracklib_dict";
passwdqc_max = 288;
passwdqc_min_n0 = 20;
passwdqc_min_n1 = 16;
passwdqc_min_n2 = 16;
passwdqc_min_n3 = 12;
passwdqc_min_n4 = 8;
passwdqc_words = 4;
pwquality_warn_only;
show_custom_metadata;
emailexempts {
};
shorthelp = "";
listownmail_canon;
bad_password_message;
};
chanserv {
nick = "CHANSERV";
user = "CHANSERV";
host = "services/-";
real = "Channel Services";
aliases {
};
access {
};
reggroup = "!Services-Team";
maxchans = 5;
fantasy;
hide_xop;
hide_flags_akicks;
hide_pubacl_akicks;
templates {
vop = "+AV";
hop = "+AHehitrv";
aop = "+AOehiortv";
sop = "+AOaefhiorstv";
founder = "+AFORaefhioqrstv";
member = "+Ai";
op = "+AOiortv";
};
deftemplates = "MEMBER=+Ai OP=+AOeiortv";
changets;
trigger = "!";
expire = 30;
maxchanacs = 0;
maxfounders = 4;
founder_flags = "AFORefiorstv";
default_mlock = "+nt";
akick_time = 10;
antiflood_enforce_method = quiet;
show_custom_metadata;
shorthelp = "";
};
chanfix {
nick = "CHANFIX";
user = "CHANFIX";
host = "services/-";
real = "Channel Fixing Service";
aliases {
};
access {
};
autofix;
};
global {
nick = "GLOBAL";
user = "GLOBAL";
host = "services/-";
real = "Network Announcements";
aliases {
};
access {
};
};
infoserv {
nick = "INFOSERV";
user = "INFOSERV";
host = "services/-";
real = "Information Service";
aliases {
};
access {
};
logoninfo_count = 3;
logoninfo_reverse;
logoninfo_show_metadata;
};
operserv {
nick = "OPERSERV";
user = "OPERSERV";
host = "services/-";
real = "Operator Services";
aliases {
};
access {
};
modinspect_use_colors;
};
saslserv {
nick = "SASLSERV";
user = "SASLSERV";
host = "services/-";
real = "SASL Authentication Agent";
hide_server_names;
};
memoserv {
nick = "MEMOSERV";
user = "MEMOSERV";
host = "services/-";
real = "Memo Services";
aliases {
};
access {
};
maxmemos = 30;
};
gameserv {
nick = "GAMESERV";
user = "GAMESERV";
host = "services/-";
real = "Game Services";
aliases {
};
access {
};
};
rpgserv {
nick = "RPGSERV";
user = "RPGSERV";
host = "services/-";
real = "RPG Finding Services";
aliases {
};
access {
};
};
botserv {
nick = "BOTSERV";
user = "BOTSERV";
host = "services/-";
real = "Bot Services";
aliases {
};
access {
};
min_users = 0;
};
groupserv {
nick = "GROYPSERV";
user = "GROYPSERV";
host = "services/-";
real = "Group Management Services";
aliases {
};
access {
};
maxgroups = 5;
maxgroupacs = 100;
enable_open_groups;
join_flags = "+";
};
hostserv {
nick = "HOSTSERV";
user = "HOSTSERV";
host = "services/-";
real = "Host Management Services";
aliases {
"APPROVE" = "ACTIVATE";
"DENY" = "REJECT";
};
access {
};
reggroup = "!Services-Team";
no_subsequent_requests;
request_per_nick;
};
helpserv {
nick = "HELPSERV";
user = "HELPSERV";
host = "services/-";
real = "Help Services";
aliases {
};
access {
};
};
statserv {
nick = "STATSERV";
user = "STATSERV";
host = "services/-";
real = "Statistics Services";
aliases {
};
access {
};
};
alis {
nick = "ALIS";
user = "ALIS";
host = "services/-";
real = "Channel Directory";
aliases {
};
access {
};
maxmatches = 64;
};
proxyscan {
nick = "PROXYSCAN";
user = "PROXYSCAN";
host = "services/-";
real = "Proxyscan Service";
aliases {
};
access {
};
blacklists {
"dnsbl.dronebl.org";
"rbl.efnetrbl.org";
"tor.efnet.org";
};
dnsbl_action = kline;
};
httpd {
host = "0.0.0.0";
host = "::";
www_root = "/var/www";
port = 8080;
};
throttle {
address_burst = 5;
address_replenish = 1;
address_account_burst = 2;
address_account_replenish = 2;
};
logfile "/var/log/atheme/account.log" { register; set; };
logfile "/var/log/atheme/commands.log" { commands; };
logfile "/var/log/atheme/audit.log" { denycmd; };
logfile "#services" { admin; denycmd; error; info; register; request; };
logfile "!snotices" { denycmd; error; info; request; };
operclass "user" { };
operclass "ircop" {
privs {
special:ircop;
};
privs {
user:auspex;
user:admin;
user:sendpass;
user:vhost;
user:mark;
};
privs {
chan:auspex;
chan:admin;
chan:cmodes;
chan:joinstaffonly;
};
privs {
general:auspex;
general:helper;
general:viewprivs;
general:flood;
};
privs {
operserv:omode;
operserv:akill;
operserv:jupe;
operserv:global;
};
privs {
group:auspex;
group:admin;
};
};
operclass "sra" {
extends "ircop";
privs {
user:exceedlimits;
user:hold;
user:regnolimit;
};
privs {
general:metadata;
general:admin;
};
privs {
#operserv:massakill;
#operserv:akill-anymask;
operserv:noop;
operserv:grant;
};
needoper;
};

1
services/config.env.example
View File

@ -1 +0,0 @@
SERVER_NAME="services.lame-network.local"

22
services/docker-compose.yml
View File

@ -1,22 +0,0 @@
services:
atheme:
build:
context: .
args:
BUILD_SERVER_NAME: ${SERVER_NAME}
image: atheme
network_mode: "host"
env_file: "config.env"
volumes:
- data:/etc/atheme
- ./include.conf:/etc/atheme/include.conf:ro
- ./atheme.conf:/etc/atheme/atheme.conf:ro
- ssl:/etc/ssl/atheme
- log:/var/log/atheme
volumes:
data:
name: atheme_data
ssl:
name: atheme_ssl
log:
name: atheme_log

76
services/include.default.conf
View File

@ -1,76 +0,0 @@
serverinfo {
name = "lame-network.local";
desc = "IRC Services";
numeric = "00A";
recontime = 10;
netname = "LameNet";
hidehostsuffix = "users.misconfigured";
adminname = "admin";
adminemail = "no-reply@lame-network.local";
registeremail = "no-reply@lame-network.local";
hidden;
mta = "/usr/sbin/sendmail";
loglevel = { admin; error; info; network; wallops; };
maxcertfp = 0;
maxlogins = 5;
maxusers = 5;
mdlimit = 30;
emaillimit = 10;
emailtime = 300;
auth = none;
casemapping = rfc1459;
};
uplink "irc.lame-network.local" {
host = "127.0.0.1";
port = 7001;
send_password = "changeme";
receive_password = "changeme";
};
operator "admin" {
operclass = "sra";
password = "changeme";
};
general {
permissive_mode;
helpchan = "#help";
helpurl = "https://www.lame-network.local";
verbose_wallops;
join_chans;
leave_chans;
secure;
uflags = { hidemail; };
cflags = { guard; verbose; };
raw;
flood_msgs = 7;
flood_time = 10;
ratelimit_uses = 5;
ratelimit_period = 60;
vhost_change = 30;
kline_time = 7;
kline_with_ident;
kline_verified_ident;
clone_time = 0;
commit_interval = 5;
db_save_blocking;
operstring = "is an IRC Operator";
servicestring = "is a Network Service";
default_clone_allowed = 5;
default_clone_warn = 4;
clone_identified_increase_limit;
uplink_sendq_limit = 1048576;
language = "en";
exempts {
};
allow_taint;
immune_level = immune;
show_entity_id;
load_database_mdeps;
hide_opers;
match_masks_through_vhost;
default_password_length = 16;
};