diff options
Diffstat (limited to 'data/modules.example.conf')
| -rw-r--r-- | data/modules.example.conf | 211 |
1 files changed, 116 insertions, 95 deletions
diff --git a/data/modules.example.conf b/data/modules.example.conf index b8ae09357..917f72c61 100644 --- a/data/modules.example.conf +++ b/data/modules.example.conf @@ -3,7 +3,7 @@ * * The following blocks are used to load all non-core modules, including 3rd-party modules. * Modules can be prevented from loading by commenting out the line, other modules can be added by - * adding a module block. These modules will be loaded prior to Services connecting to your network. + * adding a module block. These modules will be loaded prior to Anope connecting to your network. * * Note that some of these modules are labeled EXTRA, and must be enabled prior to compiling by * running the 'extras' script on Linux and UNIX. @@ -19,14 +19,14 @@ module { name = "help" } /* - * m_dns + * dns * * Adds support for the DNS protocol. By itself this module does nothing useful, - * but other modules such as m_dnsbl and os_dns require this. + * but other modules such as dnsbl and os_dns require this. */ #module { - name = "m_dns" + name = "dns" /* * The nameserver to use for resolving hostnames, must be an IP or a resolver configuration file. @@ -59,7 +59,7 @@ module { name = "help" } * SOA record information. */ - /* E-mail address of the DNS administrator. */ + /* Email address of the DNS administrator. */ admin = "admin@example.com" /* This should be the names of the public facing nameservers serving the records. */ @@ -80,7 +80,7 @@ module { name = "help" } } /* - * m_dnsbl + * dnsbl * * Allows configurable DNS blacklists to check connecting users against. If a user * is found on the blacklist they will be immediately banned. This is a crucial module @@ -88,17 +88,17 @@ module { name = "help" } */ #module { - name = "m_dnsbl" + name = "dnsbl" /* - * If set, Services will check clients against the DNSBLs when services connect to its uplink. + * If set, Anope will check clients against the DNSBLs when services connect to its uplink. * This is not recommended, and on large networks will open a very large amount of DNS queries. * Whilst services are not drastically affected by this, your nameserver/DNSBL might care. */ check_on_connect = no /* - * If set, Services will check clients when coming back from a netsplit. This can cause a large number + * If set, Anope will check clients when coming back from a netsplit. This can cause a large number * of DNS queries open at once. Whilst services are not drastically affected by this, your nameserver/DNSBL * might care. */ @@ -179,19 +179,19 @@ module { name = "help" } } /* - * m_helpchan + * helpchan * * Gives users who are op in the specified help channel usermode +h (helpop). */ #module { - name = "m_helpchan" + name = "helpchan" helpchannel = "#help" } /* - * m_httpd + * httpd * * Allows services to serve web pages. By itself, this module does nothing useful. * @@ -200,7 +200,7 @@ module { name = "help" } */ #module { - name = "m_httpd" + name = "httpd" httpd { @@ -233,13 +233,13 @@ module { name = "help" } } /* - * m_ldap [EXTRA] + * ldap [EXTRA] * * This module allows other modules to use LDAP. By itself, this module does nothing useful. */ #module { - name = "m_ldap" + name = "ldap" ldap { @@ -254,14 +254,14 @@ module { name = "help" } } /* - * m_ldap_authentication [EXTRA] + * ldap_authentication * * This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use - * LDAP to authenticate users. Requires m_ldap. + * LDAP to authenticate users. Requires ldap. */ #module { - name = "m_ldap_authentication" + name = "ldap_authentication" /* * The distinguished name used for searching for users's accounts. @@ -314,16 +314,16 @@ module { name = "help" } } /* - * m_ldap_oper [EXTRA] + * ldap_oper * * This module dynamically ties users to Anope opertypes when they identify - * via LDAP group membership. Requires m_ldap. + * via LDAP group membership. Requires ldap. * - * Note that this doesn't give the user privileges on the IRCd, only in Services. + * Note that this doesn't give the user privileges on the IRCd, only in Anope. */ #module { - name = "m_ldap_oper" + name = "ldap_oper" /* * An optional binddn to use when searching for groups. @@ -355,13 +355,13 @@ module { name = "help" } } /* - * m_mysql [EXTRA] + * mysql [EXTRA] * * This module allows other modules to use MySQL. */ #module { - name = "m_mysql" + name = "mysql" mysql { @@ -372,17 +372,18 @@ module { name = "help" } username = "anope" password = "mypassword" port = 3306 + socket = "" } } /* - * m_redis + * redis * * This module allows other modules to use Redis. */ #module { - name = "m_redis" + name = "redis" /* A redis database */ redis @@ -401,47 +402,61 @@ module { name = "help" } } /* - * m_regex_pcre [EXTRA] + * regex_pcre2 [EXTRA] * - * Provides the regex engine regex/pcre, which uses version 1 of the Perl Compatible Regular - * Expressions library. This can not be loaded at the same time as the m_regex_pcre2 module. + * Provides the regex engine regex/pcre, which uses version 2 of the Perl Compatible Regular + * Expressions library. */ -#module { name = "m_regex_pcre" } +#module { name = "regex_pcre2" } /* - * m_regex_pcre2 [EXTRA] + * regex_posix [EXTRA] * - * Provides the regex engine regex/pcre, which uses version 2 of the Perl Compatible Regular - * Expressions library. This can not be loaded at the same time as the m_regex_pcre module. + * Provides the regex engine regex/posix, which uses the POSIX compliant regular expressions. */ -#module { name = "m_regex_pcre2" } +#module { name = "regex_posix" } /* - * m_regex_posix [EXTRA] + * regex_stdlib * - * Provides the regex engine regex/posix, which uses the POSIX compliant regular expressions. - * This is likely the only regex module you will not need extra libraries for. + * Provides the regex engine regex/stdlib, which uses the regular expression library that is part of + * the C++ standard library. */ -#module { name = "m_regex_posix" } +module +{ + name = "regex_stdlib" + + /* + * The syntax scheme to use. Can be set to awk to use the regular expression grammar used by the + * awk utility in POSIX, basic to use the basic POSIX regular expression grammar, ecmascript to + * use the modified ECMAScript regular expression grammar, egrep to use the regular expression + * grammar used by the grep utility with the -E option in POSIX, extended to use the extended + * POSIX regular expression grammar, or grep to use the regular expression grammar used by the + * grep utility in POSIX. + * + * See https://en.cppreference.com/w/cpp/regex/syntax_option_type for more information. + */ + syntax = "ecmascript" +} /* - * m_regex_tre [EXTRA] + * regex_tre [EXTRA] * * Provides the regex engine regex/tre, which uses the TRE regex library. */ -#module { name = "m_regex_tre" } +#module { name = "regex_tre" } /* - * m_rewrite + * rewrite * * Allows rewriting commands sent to/from clients. */ -#module { name = "m_rewrite" } +#module { name = "rewrite" } #command { service = "ChanServ"; name = "CLEAR"; command = "rewrite" - /* Enable m_rewrite. */ + /* Enable rewrite. */ rewrite = true /* Source message to match. A $ can be used to match anything. */ @@ -462,7 +477,7 @@ module { name = "help" } } /* - * m_proxyscan + * proxyscan * * This module allows you to scan connecting clients for open proxies. * Note that using this will allow users to get the IP of your services. @@ -476,7 +491,7 @@ module { name = "help" } */ #module { - name = "m_proxyscan" + name = "proxyscan" /* * The target IP services tells the proxy to connect back to. This must be a publicly @@ -544,38 +559,39 @@ module { name = "help" } } /* - * m_sasl + * sasl * - * Some IRCds allow "SASL" authentication to let users identify to Services - * during the IRCd user registration process. If this module is loaded, Services will allow + * Some IRCds allow "SASL" authentication to let users identify to services + * during the IRCd user registration process. If this module is loaded, Anope will allow * authenticating users through this mechanism. Supported mechanisms are: * PLAIN, EXTERNAL. */ -module { name = "m_sasl" } +module { name = "sasl" } /* - * m_ssl_gnutls [EXTRA] + * ssl_gnutls [EXTRA] * * This module provides SSL services to Anope using GnuTLS, for example to * connect to the uplink server(s) via SSL. * - * You may only load either m_ssl_gnutls or m_ssl_openssl, but not both. + * You may only load either ssl_gnutls or ssl_openssl, but not both. */ #module { - name = "m_ssl_gnutls" + name = "ssl_gnutls" /* - * An optional certificate and key for m_ssl_gnutls to give to the uplink. + * An optional certificate and key for ssl_gnutls to give to the uplink. All + * paths are relative to the config directory. * * You can generate your own certificate and key pair by using: * - * certtool --generate-privkey --bits 2048 --outfile anope.key - * certtool --generate-self-signed --load-privkey anope.key --outfile anope.crt + * certtool --generate-privkey --bits 2048 --outfile privkey.pem + * certtool --generate-self-signed --load-privkey privkey.pem --outfile fullchain.pem * */ - cert = "data/anope.crt" - key = "data/anope.key" + cert = "fullchain.pem" + key = "privkey.pem" /* * Diffie-Hellman parameters to use when acting as a server. This is only @@ -588,53 +604,55 @@ module { name = "m_sasl" } * certtool --generate-dh-params --bits 2048 --outfile dhparams.pem * */ -# dhparams = "data/dhparams.pem" + #dhparams = "dhparams.pem" } /* - * m_ssl_openssl [EXTRA] + * ssl_openssl [EXTRA] * * This module provides SSL services to Anope using OpenSSL, for example to * connect to the uplink server(s) via SSL. * - * You may only load either m_ssl_openssl or m_ssl_gnutls, but not both. + * You may only load either ssl_openssl or ssl_gnutls, but not both. * */ #module { - name = "m_ssl_openssl" + name = "ssl_openssl" /* - * An optional certificate and key for m_ssl_openssl to give to the uplink. + * An optional certificate and key for ssl_openssl to give to the uplink. + * All paths are relative to the config directory. * * You can generate your own certificate and key pair by using: * - * openssl genrsa -out anope.key 2048 - * openssl req -new -x509 -key anope.key -out anope.crt -days 1095 + * openssl genrsa -out privkey.pem 2048 + * openssl req -new -x509 -key privkey.pem -out fullchain.pem -days 1095 */ - cert = "data/anope.crt" - key = "data/anope.key" + cert = "fullchain.pem" + key = "privkey.pem" /* - * As of 2014 SSL 3.0 is considered insecure, but it might be enabled - * on some systems by default for compatibility reasons. - * You can use the following option to enable or disable it explicitly. - * Leaving this option not set defaults to the default system behavior. + * If you wish to increase security you can disable support for older + * versions of TLS with no known vulnerabilities but that provide less + * security. For your security SSLv2 and SSLv3 are always disabled. */ - #sslv3 = no + #tlsv10 = no + #tlsv11 = no + #tlsv12 = yes } /* - * m_sql_authentication [EXTRA] + * sql_authentication * * This module allows authenticating users against an external SQL database using a custom * query. */ #module { - name = "m_sql_authentication" + name = "sql_authentication" - /* SQL engine to use. Should be configured elsewhere with m_mysql, m_sqlite, etc. */ + /* SQL engine to use. Should be configured elsewhere with mysql, sqlite, etc. */ engine = "mysql/main" /* Query to execute to authenticate. A non empty result from this query is considered a success, @@ -676,7 +694,7 @@ module { name = "m_sasl" } } /* - * m_sql_log [EXTRA] + * sql_log * * This module adds an additional target option to log{} blocks * that allows logging Service's logs to SQL. To log to SQL, add @@ -693,24 +711,24 @@ module { name = "m_sasl" } * it if it doesn't exist. This module does not create any indexes (keys) * on the table and it is recommended you add them yourself as necessary. */ -#module { name = "m_sql_log" } +#module { name = "sql_log" } /* - * m_sql_oper [EXTRA] + * sql_oper * * This module allows granting users services operator privileges and possibly IRC Operator * privileges based on an external SQL database using a custom query. */ #module { - name = "m_sql_oper" + name = "sql_oper" - /* SQL engine to use. Should be configured elsewhere with m_mysql, m_sqlite, etc. */ + /* SQL engine to use. Should be configured elsewhere with mysql, sqlite, etc. */ engine = "mysql/main" /* Query to execute to determine if a user should have operator privileges. * A field named opertype must be returned in order to link the user to their oper type. - * The oper types must be configured earlier in services.conf. + * The oper types must be configured earlier in anope.conf. * * If a field named modes is returned from this query then those modes are set on the user. * Without this, only a simple +o is sent. @@ -722,13 +740,13 @@ module { name = "m_sasl" } } /* - * m_sqlite [EXTRA] + * sqlite [EXTRA] * * This module allows other modules to use SQLite. */ #module { - name = "m_sqlite" + name = "sqlite" /* A SQLite database */ sqlite @@ -737,7 +755,7 @@ module { name = "m_sasl" } name = "sqlite/main" /* The database name, it will be created if it does not exist. */ - database = "anope.db" + database = "anope.sqlite" } } @@ -748,40 +766,43 @@ module { name = "m_sasl" } * as they could over IRC. If you are using the default configuration you should be able to access * this panel by visiting http://127.0.0.1:8080 in your web browser from the machine Anope is running on. * - * This module requires m_httpd. + * This module requires httpd. */ #module { name = "webcpanel" /* Web server to use. */ - server = "httpd/main"; + server = "httpd/main" - /* Template to use. */ - template = "default"; + /* + * The directory containing the webcpanel templates. This is relative to the + * data directory. + */ + template_dir = "webcpanel/templates/default" /* Page title. */ - title = "Anope IRC Services"; + title = "Anope IRC Services" } /* - * m_xmlrpc + * xmlrpc * * Allows remote applications (websites) to execute queries in real time to retrieve data from Anope. - * By itself this module does nothing, but allows other modules (m_xmlrpc_main) to receive and send XMLRPC queries. + * By itself this module does nothing, but allows other modules (xmlrpc_main) to receive and send XMLRPC queries. */ #module { - name = "m_xmlrpc" + name = "xmlrpc" - /* Web service to use. Requires m_httpd. */ + /* Web service to use. Requires httpd. */ server = "httpd/main" } /* - * m_xmlrpc_main + * xmlrpc_main * * Adds the main XMLRPC core functions. - * Requires m_xmlrpc. + * Requires xmlrpc. */ -#module { name = "m_xmlrpc_main" } +#module { name = "xmlrpc_main" } |