ngircd/templates/ngircd.conf.j2
changeset 113 d843011c249d
equal deleted inserted replaced
112:22c06d6916bf 113:d843011c249d
       
     1 #
       
     2 # This is a sample configuration file for the ngIRCd IRC daemon, which must
       
     3 # be customized to the local preferences and needs.
       
     4 #
       
     5 # Comments are started with "#" or ";".
       
     6 #
       
     7 # A lot of configuration options in this file start with a ";". You have
       
     8 # to remove the ";" in front of each variable to actually set a value!
       
     9 # The disabled variables are shown with example values for completeness only
       
    10 # and the daemon is using compiled-in default settings.
       
    11 #
       
    12 # Use "ngircd --configtest" (see manual page ngircd(8)) to validate that the
       
    13 # server interprets the configuration file as expected!
       
    14 #
       
    15 # Please see ngircd.conf(5) for a complete list of configuration options
       
    16 # and their descriptions.
       
    17 #
       
    18 # The original can be found at:
       
    19 # /usr/share/doc/ngircd/sample-ngircd.conf.gz
       
    20 
       
    21 [Global]
       
    22         # The [Global] section of this file is used to define the main
       
    23         # configuration of the server, like the server name and the ports
       
    24         # on which the server should be listening.
       
    25         # These settings depend on your personal preferences, so you should
       
    26         # make sure that they correspond to your installation and setup!
       
    27 
       
    28         # Server name in the IRC network, must contain at least one dot
       
    29         # (".") and be unique in the IRC network. Required!
       
    30         Name = {{ngircd_name}}
       
    31 
       
    32         # Information about the server and the administrator, used by the
       
    33         # ADMIN command. Not required by server but by RFC!
       
    34         AdminInfo1 = {{ngircd_admin_name}}
       
    35         ;AdminInfo2 = Debian City
       
    36         AdminEMail = {{ngircd_admin_email}}
       
    37 
       
    38         # Text file which contains the ngIRCd help text. This file is required
       
    39         # to display help texts when using the "HELP <cmd>" command.
       
    40         ;HelpFile = /usr/share/doc/ngircd/Commands.txt
       
    41 
       
    42         # Info text of the server. This will be shown by WHOIS and
       
    43         # LINKS requests for example.
       
    44         Info = {{ngircd_name}}
       
    45 
       
    46         # Comma separated list of IP addresses on which the server should
       
    47         # listen. Default values are:
       
    48         # "0.0.0.0" or (if compiled with IPv6 support) "::,0.0.0.0"
       
    49         # so the server listens on all IP addresses of the system by default.
       
    50         Listen = 127.0.0.1
       
    51 
       
    52         # Text file with the "message of the day" (MOTD). This message will
       
    53         # be shown to all users connecting to the server:
       
    54         MotdFile = /etc/ngircd/ngircd.motd
       
    55 
       
    56         # A simple Phrase (<127 chars) if you don't want to use a motd file.
       
    57         ;MotdPhrase = "Hello. This is the Debian default MOTD sentence"
       
    58 
       
    59         # The name of the IRC network to which this server belongs. This name
       
    60         # is optional, should only contain ASCII characters, and can't contain
       
    61         # spaces. It is only used to inform clients. The default is empty,
       
    62         # so no network name is announced to clients.
       
    63         ;Network = aIRCnetwork
       
    64 
       
    65         # Global password for all users needed to connect to the server.
       
    66         # (Default: not set)
       
    67         ;Password = wealllikedebian
       
    68 
       
    69         # This tells ngIRCd to write its current process ID to a file.
       
    70         # Note that the pidfile is written AFTER chroot and switching the
       
    71         # user ID, e.g. the directory the pidfile resides in must be
       
    72         # writable by the ngIRCd user and exist in the chroot directory.
       
    73         # Keep this setting in sync with PIDFILE in /etc/init.d/ngircd
       
    74         PidFile = /var/run/ngircd/ngircd.pid
       
    75 
       
    76         # Ports on which the server should listen. There may be more than
       
    77         # one port, separated with ",". (Default: 6667)
       
    78         ;Ports = 6667, 6668, 6669
       
    79 
       
    80         # Group ID under which the ngIRCd should run; you can use the name
       
    81         # of the group or the numerical ID. ATTENTION: For this to work the
       
    82         # server must have been started with root privileges!
       
    83         # Keep this setting in sync with DAEMONUSER in the init script and/or
       
    84         # the Group= setting in service file.
       
    85         ServerGID = irc
       
    86 
       
    87         # User ID under which the server should run; you can use the name
       
    88         # of the user or the numerical ID. ATTENTION: For this to work the
       
    89         # server must have been started with root privileges! In addition,
       
    90         # the configuration and MOTD files must be readable by this user,
       
    91         # otherwise RESTART and REHASH won't work!
       
    92         # Keep this setting in sync with DAEMONUSER in the init script and/or
       
    93         # the User= setting in service file.
       
    94         ServerUID = irc
       
    95 
       
    96 [Limits]
       
    97         # Define some limits and timeouts for this ngIRCd instance. Default
       
    98         # values should be safe, but it is wise to double-check :-)
       
    99 
       
   100         # The server tries every <ConnectRetry> seconds to establish a link
       
   101         # to not yet (or no longer) connected servers.
       
   102         ConnectRetry = 60
       
   103 
       
   104         # Number of seconds after which the whole daemon should shutdown when
       
   105         # no connections are left active after handling at least one client
       
   106         # (0: never, which is the default).
       
   107         # This can be useful for testing or when ngIRCd is started using
       
   108         # "socket activation" with systemd(8), for example.
       
   109         ;IdleTimeout = 0
       
   110 
       
   111         # Maximum number of simultaneous in- and outbound connections the
       
   112         # server is allowed to accept (0: unlimited):
       
   113         MaxConnections = 500
       
   114 
       
   115         # Maximum number of simultaneous connections from a single IP address
       
   116         # the server will accept (0: unlimited):
       
   117         MaxConnectionsIP = 10
       
   118 
       
   119         # Maximum number of channels a user can be member of (0: no limit):
       
   120         MaxJoins = 10
       
   121 
       
   122         # Maximum length of an user nickname (Default: 9, as in RFC 2812).
       
   123         # Please note that all servers in an IRC network MUST use the same
       
   124         # maximum nickname length!
       
   125         ;MaxNickLength = 9
       
   126 
       
   127         # Maximum penalty time increase in seconds, per penalty event. Set to -1
       
   128         # for no limit (the default), 0 to disable penalties altogether. The
       
   129         # daemon doesn't use penalty increases higher than 2 seconds during
       
   130         # normal operation, so values greater than 1 rarely make sense.
       
   131         ;MaxPenaltyTime = -1
       
   132 
       
   133         # Maximum number of channels returned in response to a /list
       
   134         # command (0: unlimited):
       
   135         ;MaxListSize = 100
       
   136 
       
   137         # After <PingTimeout> seconds of inactivity the server will send a
       
   138         # PING to the peer to test whether it is alive or not.
       
   139         PingTimeout = 120
       
   140 
       
   141         # If a client fails to answer a PING with a PONG within <PongTimeout>
       
   142         # seconds, it will be disconnected by the server.
       
   143         PongTimeout = 20
       
   144 
       
   145 [Options]
       
   146         # Optional features and configuration options to further tweak the
       
   147         # behavior of ngIRCd. If you want to get started quickly, you most
       
   148         # probably don't have to make changes here -- they are all optional.
       
   149 
       
   150         # List of allowed channel types (channel prefixes) for newly created
       
   151         # channels on the local server. By default, all supported channel
       
   152         # types are allowed. Set this variable to the empty string to disallow
       
   153         # creation of new channels by local clients at all.
       
   154         ;AllowedChannelTypes = #&+
       
   155 
       
   156         # Are remote IRC operators allowed to control this server, e.g.
       
   157         # use commands like CONNECT, SQUIT, DIE, ...?
       
   158         ;AllowRemoteOper = no
       
   159 
       
   160         # A directory to chroot in when everything is initialized. It
       
   161         # doesn't need to be populated if ngIRCd is compiled as a static
       
   162         # binary. By default ngIRCd won't use the chroot() feature.
       
   163         # ATTENTION: For this to work the server must have been started
       
   164         # with root privileges!
       
   165         ;ChrootDir = /var/empty
       
   166 
       
   167         # Set this hostname for every client instead of the real one.
       
   168         # Use %x to add the hashed value of the original hostname.
       
   169         {% if ngircd_cloak is defined %}
       
   170         CloakHost = {{ngircd_cloak}}
       
   171         {% endif %}
       
   172 
       
   173         # Use this hostname for hostname cloaking on clients that have the
       
   174         # user mode "+x" set, instead of the name of the server.
       
   175         # Use %x to add the hashed value of the original hostname.
       
   176         ;CloakHostModeX = cloaked.user
       
   177 
       
   178         # The Salt for cloaked hostname hashing. When undefined a random
       
   179         # hash is generated after each server start.
       
   180         ;CloakHostSalt = abcdefghijklmnopqrstuvwxyz
       
   181 
       
   182         # Set every clients' user name to their nickname
       
   183         ;CloakUserToNick = yes
       
   184 
       
   185         # Try to connect to other IRC servers using IPv4 and IPv6, if possible.
       
   186         ;ConnectIPv6 = yes
       
   187         ;ConnectIPv4 = yes
       
   188 
       
   189         # Default user mode(s) to set on new local clients. Please note that
       
   190         # only modes can be set that the client could set using regular MODE
       
   191         # commands, you can't set "a" (away) for example! Default: none.
       
   192         ;DefaultUserModes = i
       
   193 
       
   194         # Do DNS lookups when a client connects to the server.
       
   195         ;DNS = yes
       
   196 
       
   197         # Do IDENT lookups if ngIRCd has been compiled with support for it.
       
   198         # Users identified using IDENT are registered without the "~" character
       
   199         # prepended to their user name.
       
   200         ;Ident = yes
       
   201 
       
   202         # Directory containing configuration snippets (*.conf), that should
       
   203         # be read in after parsing this configuration file.
       
   204         ;IncludeDir = /etc/ngircd/conf.d
       
   205 
       
   206         # Enhance user privacy slightly (useful for IRC server on TOR or I2P)
       
   207         # by censoring some information like idle time, logon time, etc.
       
   208         ;MorePrivacy = no
       
   209 
       
   210         # Normally ngIRCd doesn't send any messages to a client until it is
       
   211         # registered. Enable this option to let the daemon send "NOTICE *"
       
   212         # messages to clients while connecting.
       
   213         ;NoticeBeforeRegistration = no
       
   214 
       
   215         # Should IRC Operators be allowed to use the MODE command even if
       
   216         # they are not(!) channel-operators?
       
   217         OperCanUseMode = yes
       
   218 
       
   219         # Should IRC Operators get AutoOp (+o) in persistent (+P) channels?
       
   220         ;OperChanPAutoOp = yes
       
   221 
       
   222         # Mask IRC Operator mode requests as if they were coming from the
       
   223         # server? (This is a compatibility hack for ircd-irc2 servers)
       
   224         ;OperServerMode = no
       
   225 
       
   226         # Use PAM if ngIRCd has been compiled with support for it.
       
   227         # Users identified using PAM are registered without the "~" character
       
   228         # prepended to their user name.
       
   229         PAM = no
       
   230 
       
   231         # When PAM is enabled, all clients are required to be authenticated
       
   232         # using PAM; connecting to the server without successful PAM
       
   233         # authentication isn't possible.
       
   234         # If this option is set, clients not sending a password are still
       
   235         # allowed to connect: they won't become "identified" and keep the "~"
       
   236         # character prepended to their supplied user name.
       
   237         # Please note: To make some use of this behavior, it most probably
       
   238         # isn't useful to enable "Ident", "PAM" and "PAMIsOptional" at the
       
   239         # same time, because you wouldn't be able to distinguish between
       
   240         # Ident'ified and PAM-authenticated users: both don't have a "~"
       
   241         # character prepended to their respective user names!
       
   242         ;PAMIsOptional = no
       
   243 
       
   244         # When PAM is enabled, this value determines the used PAM
       
   245         # configuration.
       
   246         # This setting allows to run multiple ngIRCd instances with
       
   247         # different PAM configurations on each instance.
       
   248         # If you set it to "ngircd-foo", PAM will use
       
   249         # /etc/pam.d/ngircd-foo instead of the default
       
   250         # /etc/pam.d/ngircd.
       
   251         ;PAMServiceName = ngircd
       
   252 
       
   253         # Let ngIRCd send an "authentication PING" when a new client connects,
       
   254         # and register this client only after receiving the corresponding
       
   255         # "PONG" reply.
       
   256         ;RequireAuthPing = no
       
   257 
       
   258         # Silently drop all incoming CTCP requests.
       
   259         ;ScrubCTCP = no
       
   260 
       
   261         # Syslog "facility" to which ngIRCd should send log messages.
       
   262         # Possible values are system dependent, but most probably auth, daemon,
       
   263         # user and local1 through local7 are possible values; see syslog(3).
       
   264         # Default is "local5" for historical reasons, you probably want to
       
   265         # change this to "daemon", for example.
       
   266         SyslogFacility = local1
       
   267 
       
   268         # Password required for using the WEBIRC command used by some
       
   269         # Web-to-IRC gateways. If not set/empty, the WEBIRC command can't
       
   270         # be used. (Default: not set)
       
   271         ;WebircPassword = xyz
       
   272 
       
   273 [SSL]
       
   274         # SSL-related configuration options. Please note that this section
       
   275         # is only available when ngIRCd is compiled with support for SSL!
       
   276         # So don't forget to remove the ";" above if this is the case ...
       
   277 
       
   278         # SSL Server Key Certificate
       
   279         ;CertFile = /etc/ssl/certs/server.crt
       
   280 
       
   281         # Select cipher suites allowed for SSL/TLS connections. This defaults
       
   282         # to HIGH:!aNULL:@STRENGTH (OpenSSL) or SECURE128 (GnuTLS).
       
   283         # See 'man 1ssl ciphers' (OpenSSL) or 'man 3 gnutls_priority_init'
       
   284         # (GnuTLS) for details.
       
   285         # For OpenSSL:
       
   286         ;CipherList = HIGH:!aNULL:@STRENGTH:!SSLv3
       
   287         # For GnuTLS (this Debian package was linked against GnuTLS):
       
   288         CipherList = SECURE128:-VERS-SSL3.0
       
   289 
       
   290         # Diffie-Hellman parameters
       
   291         ;DHFile = /etc/ngircd/dhparams.pem
       
   292 
       
   293         # SSL Server Key
       
   294         ;KeyFile = /etc/ssl/private/server.key
       
   295 
       
   296         # password to decrypt SSLKeyFile (OpenSSL only)
       
   297         # Note that this Debian package is linked against GnuTLS so this
       
   298         # option has no effect.
       
   299         ;KeyFilePassword = secret
       
   300 
       
   301         # Additional Listen Ports that expect SSL/TLS encrypted connections
       
   302         ;Ports = 6697, 9999
       
   303 
       
   304 {% for op in ngircd_ops %}
       
   305 [Operator]
       
   306         # [Operator] sections are used to define IRC Operators. There may be
       
   307         # more than one [Operator] block, one for each local operator.
       
   308 
       
   309         # ID of the operator (may be different of the nickname)
       
   310         Name = {{op.name}}
       
   311 
       
   312         # Password of the IRC operator
       
   313         Password = {{op.pass}}
       
   314 
       
   315         # Optional Mask from which /OPER will be accepted
       
   316         # Mask = *[email protected]
       
   317         {% if op.mask is defined %}
       
   318         Mask = {{op.mask}}
       
   319         {% endif %}
       
   320 
       
   321 {% endfor %}
       
   322 [Server]
       
   323 {% for server in ngircd_servers %}
       
   324         # Other servers are configured in [Server] sections. If you
       
   325         # configure a port for the connection, then this ngircd tries to
       
   326         # connect to the other server on the given port; if not it waits
       
   327         # for the other server to connect.
       
   328         # There may be more than one server block, one for each server.
       
   329         #
       
   330         # Server Groups:
       
   331         # The ngIRCd allows "server groups": You can assign an "ID" to every
       
   332         # server with which you want this ngIRCd to link. If a server of a
       
   333         # group won't answer, the ngIRCd tries to connect to the next server
       
   334         # in the given group. But the ngircd never tries to connect to two
       
   335         # servers with the same group ID.
       
   336 
       
   337         # IRC name of the remote server, must match the "Name" variable in
       
   338         # the [Global] section of the other server (when using ngIRCd).
       
   339         Name = {{server.name}}
       
   340 
       
   341         # Internet host name or IP address of the peer (only required when
       
   342         # this server should establish the connection).
       
   343         # Host = connect-to-host.example.net
       
   344         {% if server.host is defined %}
       
   345         Host = {{server.host}}
       
   346         {% endif %}
       
   347 
       
   348         # IP address to use as _source_ address for the connection. if
       
   349         # unspecified, ngircd will let the operating system pick an address.
       
   350         ;Bind = 10.0.0.1
       
   351 
       
   352         # Port of the server to which the ngIRCd should connect. If you
       
   353         # assign no port the ngIRCd waits for incoming connections.
       
   354         ;Port = 6667
       
   355 
       
   356         # Own password for the connection. This password has to be configured
       
   357         # as "PeerPassword" on the other server.
       
   358         MyPassword = {{server.pass}}
       
   359 
       
   360         # Foreign password for this connection. This password has to be
       
   361         # configured as "MyPassword" on the other server.
       
   362         PeerPassword = {{server.pass}}
       
   363 
       
   364         # Group of this server (optional)
       
   365         ;Group = 123
       
   366 
       
   367         # Set the "Passive" option to "yes" if you don't want this ngIRCd to
       
   368         # connect to the configured peer (same as leaving the "Port" variable
       
   369         # empty). The advantage of this option is that you can actually
       
   370         # configure a port an use the IRC command CONNECT more easily to
       
   371         # manually connect this specific server later.
       
   372         ;Passive = no
       
   373 
       
   374         # Connect to the remote server using TLS/SSL (Default: false)
       
   375         ;SSLConnect = yes
       
   376 
       
   377         # Define a (case insensitive) list of masks matching nicknames that
       
   378         # should be treated as IRC services when introduced via this remote
       
   379         # server, separated by commas (",").
       
   380         # REGULAR SERVERS DON'T NEED this parameter, so leave it empty
       
   381         # (which is the default).
       
   382         # When you are connecting IRC services which mask as a IRC server
       
   383         # and which use "virtual users" to communicate with, for example
       
   384         # "NickServ" and "ChanServ", you should set this parameter to
       
   385         # something like "*Serv" or "NickServ,ChanServ,XyzServ".
       
   386         {% if server.service_mask is defined %}
       
   387         ServiceMask = {{server.service_mask}}
       
   388         {% endif %}
       
   389 
       
   390 {% endfor %}
       
   391 
       
   392 [Channel]
       
   393         # Pre-defined channels can be configured in [Channel] sections.
       
   394         # Such channels are created by the server when starting up and even
       
   395         # persist when there are no more members left.
       
   396         # Persistent channels are marked with the mode 'P', which can be set
       
   397         # and unset by IRC operators like other modes on the fly.
       
   398         # There may be more than one [Channel] block, one for each channel.
       
   399 
       
   400         # Name of the channel
       
   401         ;Name = #ngircd
       
   402 
       
   403         # Topic for this channel
       
   404         ;Topic = Our ngircd testing channel
       
   405 
       
   406         # Initial channel modes
       
   407         ;Modes = tnk
       
   408 
       
   409         # initial channel password (mode k)
       
   410         ;Key = Secret
       
   411 
       
   412         # Key file, syntax for each line: "<user>:<nick>:<key>".
       
   413         # Default: none.
       
   414         ;KeyFile = /etc/ngircd/#chan.key
       
   415 
       
   416         # maximum users per channel (mode l)
       
   417         ;MaxUsers = 23
       
   418 
       
   419 [Channel]
       
   420         # More [Channel] sections, if you like ...
       
   421 
       
   422 # -eof-