Compare commits

..

No commits in common. "7506dcbe0aac6d0337c1cc9909d3ec932293ec7e" and "0633eecb54b76b0ca2f3b97039e006da294ed3c5" have entirely different histories.

7 changed files with 65 additions and 57 deletions

1
.gitignore vendored
View File

@ -1 +0,0 @@
config.env

View File

@ -18,23 +18,23 @@ ENV SASL_TARGET="service.lame-network.local"
ENV ADMIN_PASSWORD="changeme" ENV ADMIN_PASSWORD="changeme"
ENV COMMAND_RATE="1000" ENV COMMAND_RATE="128000"
ENV FAKE_LAG="off" ENV FAKE_LAG="off"
ENV HARD_SENDQ="1048576" ENV HARD_SENDQ="1M"
ENV MAX_CHANS="256" ENV MAX_CHANS="256"
ENV PING_FREQ="64" ENV PING_FREQ="64"
ENV RECVQ="4096" ENV RECVQ="8K"
ENV SOFT_SENDQ="4096" ENV SOFT_SENDQ="8192"
ENV COMMAND_RATE_THRESHOLD="10" ENV COMMAND_RATE_THRESHOLD="128"
ENV PARTIAL_CONNECT_TIMEOUT="16s" ENV COMMAND_RATE_THRESHOLD_TIMEOUT="16"
ENV USE_CONN_FLOOD="no" ENV USE_CONN_FLOOD="no"
@ -412,24 +412,6 @@ ENV AUDITORIUM_OPER_CAN_SEE="yes"
ENV AUDITORIUM_OP_VISIBLE="no" ENV AUDITORIUM_OP_VISIBLE="no"
ENV IPV4_CLONE="32"
ENV IPV6_CLONE="64"
ENV ROTATE_LOG_PERIOD="86400"
ENV REGEX_TYPE="ecmascript"
ENV ALLOW_CORE_UNLOAD="no"
ENV ANNOUNCE_INVITES="dynamic"
ENV XLINEDB_SAVE_PERIOD="128s"
ENV PERMCHAN_LIST_MODES="yes"
ENV PERMCHANDB_SAVE_PERIOD="128s"
RUN apt -y update RUN apt -y update
RUN apt -y install coreutils perl git automake autoconf build-essential libpcre2-dev rapidjson-dev libcurl4-gnutls-dev libargon2-dev libmaxminddb-dev libldap2-dev rapidjson-dev libmysqlclient-dev libmysqlclient-dev default-libmysqlclient-dev libpq-dev libre2-dev gnutls-dev libsqlite3-dev libmbedtls-dev libqrencode-dev libpcre3-dev libtre-dev pkg-config libwww-perl RUN apt -y install coreutils perl git automake autoconf build-essential libpcre2-dev rapidjson-dev libcurl4-gnutls-dev libargon2-dev libmaxminddb-dev libldap2-dev rapidjson-dev libmysqlclient-dev libmysqlclient-dev default-libmysqlclient-dev libpq-dev libre2-dev gnutls-dev libsqlite3-dev libmbedtls-dev libqrencode-dev libpcre3-dev libtre-dev pkg-config libwww-perl
@ -489,8 +471,6 @@ RUN openssl x509 -req -days 365 -in /etc/ssl/inspircd/server.csr -signkey /etc/s
RUN chown -R inspircd:inspircd /etc/inspircd /etc/ssl/inspircd /var/lib/inspircd /var/log/inspircd RUN chown -R inspircd:inspircd /etc/inspircd /etc/ssl/inspircd /var/lib/inspircd /var/log/inspircd
VOLUME /etc/inspircd/custom
VOLUME /etc/ssl/inspircd VOLUME /etc/ssl/inspircd
VOLUME /var/lib/inspircd VOLUME /var/lib/inspircd
@ -501,4 +481,4 @@ USER inspircd
WORKDIR / WORKDIR /
ENTRYPOINT ["/usr/local/bin/inspircd", "-c", "/etc/inspircd/inspircd.conf", "-F"] CMD /usr/local/bin/inspircd -c /etc/inspircd/inspircd.conf -F

26
config.env Normal file
View File

@ -0,0 +1,26 @@
ADMIN_EMAIL="no-reply@supernets.org"
SID="01B"
SERVER_NAME="lux.supernets.org"
NETWORK_NAME="SuperNETs"
STS_HOST="irc.supernets.org"
SASL_TARGET="services.supernets.org"
ADMIN_PASSWORD="YzUzZmVmYjA0YjQwZjA5MjViYmNmYTFkOTQ0YzVmMzE3ODM3ZjI1MWYxZmY3ZGM3"
PORT="6667"
SSL_PORT="6697"
SERVER_SSL_PORT="7000"
HTTP_ACL_PASSWORD="MTU3OTI1MDgyNzczYzZlNTkyOTZlZjY2MGFlNjU4YmI0OGEwNmU5Nzk4YmJlOWYz"
HTTP_ACL_USERNAME="supernets"
ROLE_PLAY_VHOST="roleplay/supernets.org"
CUSTOM_VERSION="c l a n d e s t i n e"
NET_ADMIN_VHOST="admin/supernets.org"
GLOBAL_OP_VHOST="oper/supernets.org"
HELPER_VHOST="helper/supernets.org"
SERVICES_ULINE="services.supernets.org"
WS_ORIGIN_ALLOW="lux.supernets.org"
LINK_RECV_PASSWORD="MTg4ZDNjNTE5ZDU2MTQxZDdmZWNmNjU1ZjUzY2NkMWM3M2ZmMTY2NmFmYWJhOWIw"
LINK_SEND_PASSWORD="MTg4ZDNjNTE5ZDU2MTQxZDdmZWNmNjU1ZjUzY2NkMWM3M2ZmMTY2NmFmYWJhOWIw"
LINK_TIMEOUT="32"
CLOAK_KEY="NzY2NDM5NTkyOTVmOTdmZDkzODA2NDk5MWRmNjVjZjRhMzcyOGZjMTgwY2YwMGIz"
TOR_PREFIX="tor/"
DEFAULT_USER_MODES="x"
SSL_USER_MODES="x"

View File

@ -22,13 +22,6 @@ LINK_SEND_PASSWORD="changeme"
LINK_TIMEOUT="32" LINK_TIMEOUT="32"
CLOAK_KEY="changemechangemechangemechangeme" CLOAK_KEY="changemechangemechangemechangeme"
CLOAK_SUFFIX=".hidden" CLOAK_SUFFIX=".hidden"
TOR_PREFIX="tor/"
DEFAULT_USER_MODES="x" DEFAULT_USER_MODES="x"
SSL_USER_MODES="x" SSL_USER_MODES="x"
COMMAND_RATE="1024000"
FAKE_LAG="off"
HARD_SENDQ="1048576"
MAX_CHANS="256"
PING_FREQ="64"
RECVQ="4096"
SOFT_SENDQ="4096"
COMMAND_RATE_THRESHOLD="128"

View File

@ -7,6 +7,7 @@ services:
image: inspi4 image: inspi4
network_mode: "host" network_mode: "host"
env_file: "config.env" env_file: "config.env"
command: /usr/local/bin/inspircd -c /etc/inspircd/inspircd.conf -F
volumes: volumes:
- ./custom:/etc/inspircd/custom:ro - ./custom:/etc/inspircd/custom:ro
- ssl:/etc/ssl/inspircd - ssl:/etc/ssl/inspircd

View File

@ -86,7 +86,7 @@
# recvq="&env.RECVQ;" # recvq="&env.RECVQ;"
# softsendq="&env.SOFT_SENDQ;" # softsendq="&env.SOFT_SENDQ;"
# threshold="&env.COMMAND_RATE_THRESHOLD;" # threshold="&env.COMMAND_RATE_THRESHOLD;"
# timeout="&env.PARTIAL_CONNECT_TIMEOUT;" # timeout="&env.COMMAND_RATE_THRESHOLD_TIMEOUT;"
# usecloak="yes" # usecloak="yes"
# useconnflood="&env.USE_CONN_FLOOD;" # useconnflood="&env.USE_CONN_FLOOD;"
# usednsbl="no" # usednsbl="no"
@ -122,7 +122,7 @@
# recvq="&env.RECVQ;" # recvq="&env.RECVQ;"
# softsendq="&env.SOFT_SENDQ;" # softsendq="&env.SOFT_SENDQ;"
# threshold="&env.COMMAND_RATE_THRESHOLD;" # threshold="&env.COMMAND_RATE_THRESHOLD;"
# timeout="&env.PARTIAL_CONNECT_TIMEOUT;" # timeout="&env.COMMAND_RATE_THRESHOLD_TIMEOUT;"
# usecloak="yes" # usecloak="yes"
# useconnflood="&env.USE_CONN_FLOOD;" # useconnflood="&env.USE_CONN_FLOOD;"
# usednsbl="no" # usednsbl="no"
@ -182,7 +182,7 @@
recvq="&env.RECVQ;" recvq="&env.RECVQ;"
softsendq="&env.SOFT_SENDQ;" softsendq="&env.SOFT_SENDQ;"
threshold="&env.COMMAND_RATE_THRESHOLD;" threshold="&env.COMMAND_RATE_THRESHOLD;"
timeout="&env.PARTIAL_CONNECT_TIMEOUT;" timeout="&env.COMMAND_RATE_THRESHOLD_TIMEOUT;"
useconnflood="&env.USE_CONN_FLOOD;" useconnflood="&env.USE_CONN_FLOOD;"
usednsbl="&env.USE_DNSBL;" usednsbl="&env.USE_DNSBL;"
useident="&env.USE_IDENT;" useident="&env.USE_IDENT;"
@ -252,16 +252,6 @@
forwardmsg="NOTICE $nick :*** Forwarding PASS to $nickrequired" forwardmsg="NOTICE $nick :*** Forwarding PASS to $nickrequired"
nick="NICKSERV"> nick="NICKSERV">
#<strictsasl reason="Fix your SASL authentication settings and try again">
<allowchannel name="*">
#<autojoinident chan="#blackhole"
# ident="*">
#<anticaps lowercase="abcdefghijklmnopqrstuvwxyz"
# uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ">
#<module name="account"> #<module name="account">
#<module name="blockhighlight"> #<module name="blockhighlight">

View File

@ -52,7 +52,7 @@
<badnick nick="SASLSERV" reason="Reserved For Services"> <badnick nick="SASLSERV" reason="Reserved For Services">
<badnick nick="STATSERV" reason="Reserved For Services"> <badnick nick="STATSERV" reason="Reserved For Services">
<cidr ipv4clone="&env.IPV4_CLONE;" ipv6clone="&env.IPV6_CLONE;"> <cidr ipv4clone="32" ipv6clone="64">
<class chanmodes="*" <class chanmodes="*"
commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOADMODULE GLOADMODULE GUNLOADMODULE GRELOADMODULE" commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOADMODULE GLOADMODULE GUNLOADMODULE GRELOADMODULE"
@ -114,6 +114,7 @@
<options allowmismatch="&env.ALLOW_MISMATCH;" <options allowmismatch="&env.ALLOW_MISMATCH;"
allowzerolimit="&env.ALLOW_ZERO_LIMIT;" allowzerolimit="&env.ALLOW_ZERO_LIMIT;"
announcets="&env.ANNOUNCE_TS;" announcets="&env.ANNOUNCE_TS;"
casemapping="ascii"
cyclehosts="&env.CYCLE_HOST_TS;" cyclehosts="&env.CYCLE_HOST_TS;"
cyclehostsfromuser="&env.CYCLE_HOST_FROM_USER;" cyclehostsfromuser="&env.CYCLE_HOST_FROM_USER;"
defaultbind="auto" defaultbind="auto"
@ -149,8 +150,8 @@
<pid file="/tmp/inspircd.pid"> <pid file="/tmp/inspircd.pid">
<security allowcoreunload="&env.ALLOW_CORE_UNLOAD;" <security allowcoreunload="no"
announceinvites="&env.ANNOUNCE_INVITES;" announceinvites="dynamic"
customversion="&env.CUSTOM_VERSION;" customversion="&env.CUSTOM_VERSION;"
flatlinks="&env.FLAT_LINKS;" flatlinks="&env.FLAT_LINKS;"
genericoper="&env.GENERIC_OPER;" genericoper="&env.GENERIC_OPER;"
@ -302,12 +303,22 @@
text="GLOBAL" text="GLOBAL"
uline="yes"> uline="yes">
<allowchannel name="*">
<anticaps lowercase="abcdefghijklmnopqrstuvwxyz"
uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ">
<auditorium opcansee="&env.AUDITORIUM_OP_CAN_SEE;" <auditorium opcansee="&env.AUDITORIUM_OP_CAN_SEE;"
opercansee="&env.AUDITORIUM_OPER_CAN_SEE;" opercansee="&env.AUDITORIUM_OPER_CAN_SEE;"
opvisible="&env.AUDITORIUM_OP_VISIBLE;"> opvisible="&env.AUDITORIUM_OP_VISIBLE;">
<autodrop commands="CONNECT DELETE GET HEAD OPTIONS PATCH POST PUT TRACE"> <autodrop commands="CONNECT DELETE GET HEAD OPTIONS PATCH POST PUT TRACE">
<autojoinident chan="#blackhole"
ident="*">
<bcrypt rounds="16">
<blockamsg action="&env.BLOCK_AMSG_ACTION;" <blockamsg action="&env.BLOCK_AMSG_ACTION;"
delay="&env.BLOCK_AMSG_DELAY;"> delay="&env.BLOCK_AMSG_DELAY;">
@ -516,12 +527,18 @@
noisy="&env.OVERRIDE_NOISY;" noisy="&env.OVERRIDE_NOISY;"
requirekey="&env.OVERRIDE_REQUIRE_KEY;"> requirekey="&env.OVERRIDE_REQUIRE_KEY;">
<pbkdf2 iterations="12288"
length="32">
<pbkdf2prov hash="sha256"
iterations="24576">
<penalty name="HELPOP" <penalty name="HELPOP"
value="60"> value="60">
<permchanneldb filename="/var/lib/inspircd/permchannels.db" <permchanneldb filename="/var/lib/inspircd/permchannels.db"
listmodes="&env.PERMCHAN_LIST_MODES;" listmodes="yes"
saveperiod="&env.PERMCHANDB_SAVE_PERIOD;"> saveperiod="1d">
<remove protectedrank="50000" <remove protectedrank="50000"
supportnokicks="&env.REMOVE_SUPPORT_NO_KICKS;"> supportnokicks="&env.REMOVE_SUPPORT_NO_KICKS;">
@ -538,7 +555,7 @@
matchonnickchange="&env.RLINE_MATCH_ON_NICK_CHANGE;" matchonnickchange="&env.RLINE_MATCH_ON_NICK_CHANGE;"
zlineonmatch="&env.RLINE_ZLINE_ON_MATCH;"> zlineonmatch="&env.RLINE_ZLINE_ON_MATCH;">
<rotatelog period="&env.ROTATE_LOG_PERIOD;"> <rotatelog period="86400">
<securelist exemptregistered="&env.SECURE_LIST_EXEMPT_REGISTERED;" <securelist exemptregistered="&env.SECURE_LIST_EXEMPT_REGISTERED;"
showmsg="&env.SECURE_LIST_SHOW_MSG;" showmsg="&env.SECURE_LIST_SHOW_MSG;"
@ -561,7 +578,9 @@
<sslmodes enableumode="&env.SSL_ENABLE_UMODE;"> <sslmodes enableumode="&env.SSL_ENABLE_UMODE;">
<stdregex type="&env.REGEX_TYPE;"> <stdregex type="ecmascript">
<strictsasl reason="Fix your SASL authentication settings and try again">
<svshold silent="&env.SVS_HOLD_SILENT;"> <svshold silent="&env.SVS_HOLD_SILENT;">
@ -578,7 +597,7 @@
<wsorigin allow="&env.WS_ORIGIN_ALLOW;"> <wsorigin allow="&env.WS_ORIGIN_ALLOW;">
<xlinedb filename="/var/lib/inspircd/xline.db" <xlinedb filename="/var/lib/inspircd/xline.db"
saveperiod="&env.XLINEDB_SAVE_PERIOD;"> saveperiod="128s">
<zombie cleansplit="&env.ZOMBIE_CLEAN_SPLIT;" <zombie cleansplit="&env.ZOMBIE_CLEAN_SPLIT;"
dirtysplit="&env.ZOMBIE_DIRTY_SPLIT;" dirtysplit="&env.ZOMBIE_DIRTY_SPLIT;"