/* * Example configuration file for Services. After making the appropriate * changes to this file, place it in the Services data directory (as * specified in the "configure" script, default /home/username/services/data) * under the name "services.conf". * * The format of this file is fairly simple: three types of comments are supported: * - All text after a '#' on a line is ignored, as in shell scripting * - All text after '//' on a line is ignored, as in C++ * - A block of text like this one is ignored, as in C * * Outside of comments, there are three structures: blocks, keys, and values. * * A block is a named container, which contains a number of key to value pairs * - you may think of this as an array. * * A block is created like so: * foobar * { * moo = "cow" * foo = bar * } * * Keys are case insensitive. Values depend on what key - generally, information is * given in the key comment. The quoting of values (and most other syntax) is quite * flexible, however, please do not forget to quote your strings: * * "This is a parameter string with spaces in it" * * If you need to include a double quote inside a quoted string, precede it * by a backslash: * * "This string has \"double quotes\" in it" * * Time parameters can be specified either as an integer representing a * number of seconds (e.g. "3600" = 1 hour), or as an integer with a unit * specifier: "s" = seconds, "m" = minutes, "h" = hours, "d" = days. * Combinations (such as "1h30m") are not permitted. Examples (all of which * represent the same length of time, one day): * * "86400", "86400s", "1440m", "24h", "1d" * * CAUTION: * Please note that your services might _CRASH_ if you add more format- * strings (%s, %d, etc.) to custom messages than Anope needs. Use the * default messages to see how many format-strings are needed. * * In the documentation for each directive, one of the following will be * included to indicate whether an option is required: * * [REQUIRED] * Indicates a directive which must be given. Without it, Services will * not start. * * [RECOMMENDED] * Indicates a directive which may be omitted, but omitting it may cause * undesirable side effects. * * [OPTIONAL] * Indicates a directive which is optional. If not given, the feature * will typically be disabled. If this is not the case, more * information will be given in the documentation. * * [DISCOURAGED] * Indicates a directive which may cause undesirable side effects if * specified. * * [DEPRECATED] * Indicates a directive which will disappear in a future version of * Services, usually because its functionality has been either * superseded by that of other directives or incorporated into the main * program. */ /* * [REQUIRED] IRCd Config * * This section is used to set up Anope to connect to your IRC network. * This section can be included multiple times, and Anope will attempt to * connect to each server until it finally connects. */ uplink { /* * The IP or hostname of the IRC server you wish to connect Services to. * Usually, you will want to connect Services over 127.0.0.1 (aka localhost). * * NOTE: On some shell providers, this will not be an option. */ host = "localhost" /* * Enable if Services should connect using IPv6. */ ipv6 = no /* * Enable if Services should connect using SSL. * You must have m_ssl loaded for this to work. */ ssl = no /* * The port to connect to. * The IRCd *MUST* be configured to listen on this port, and to accept * server connections. * * Refer to your IRCd documentation for how this is to be done. */ port = 6667 /* * The password to send to the IRC server for authentication. * This must match the link block on your IRCd. * * Refer to your IRCd documentation for more information on link blocks. */ password = "mypassword" } /* * [REQUIRED] Server Information * * This section contains information about the Services server. */ serverinfo { /* * The hostname that Services will be seen as, it must have no conflicts with any * other server names on the rest of your IRC network. Note that it does not have * to be an existing hostname, just one that isn't on your network already. */ name = "services.localhost.net" /* * The text which should appear as the server's information in /whois and similar * queries. */ description = "Services for IRC Networks" /* * The local address that Services will bind to before connecting to the remote * server. This may be useful for multihomed hosts. If ommited, Services will let * the Operating System choose the local address. This directive is optional. * * If you don't know what this means or don't need to use it, just leave this * directives commented out. */ #localhost = "nowhere." /* * This directive instructs Anope which IRCd Protocol to speak when connecting. * You MUST modify this to match the IRCd you run. * * Supported: * - inspircd11 * - inspircd12 * - inspircd20 * - ratbox * - bahamut * - unreal32 * - plexus */ type = "inspircd12" /* * What Server ID to use for this connection? * Note: This should *ONLY* be used for TS6/P10 IRCds. Refer to your IRCd documentation * to see if this is needed. */ #id = "00A" /* * These identify the ident@hostname which will be used by the Services pesudoclients. */ ident = "services" hostname = "localhost.net" /* * The filename containing the Services process ID. The path is relative to the * services executable. If not given, defaults to "services.pid". */ pid = "services.pid" /* * The filename containing the Message of the Day. The path is relative to the * services executable. If not given, defaults to "services.motd". */ motd = "services.motd" } /* * [REQUIRED] Network Information * * This section contains information about the IRC network that Services will be * connecting to. */ networkinfo { /* * This is the name of the network that Services will be running on. */ networkname = "LocalNet" /* * Set this to the maximum allowed nick length on your network. * Be sure to set this correctly, as setting this wrong can result in * Services being disconnected from the network. This directive is optional, * but recommended. */ nicklen = 31 /* Set this to the maximum allowed ident length on your network. * Be sure to set this correctly, as setting this wrong can result in * Services being disconnected from the network. This directive is optional, * but recommended. */ userlen = 10 /* Set this to the maximum allowed hostname length on your network. * Be sure to set this correctly, as setting this wrong can result in * Services being disconnected from the network. This directive is optional, * but recommended. */ hostlen = 64 } /* * [REQUIRED] Services Options * * This section contains various options which determine how Services will operate. */ options { /* * The encryption modules are used when dealing with passwords. This determines how * the passwords are stored in the databases, and does not add any security as * far as transmitting passwords over the network goes. * * When using enc_none, passwords will be stored without encryption in plain * text, allowing for passwords to be recovered later but isn't secure therefore * is not recommended. * * The other encryption modules use one-way encryption, so the passwords can not * be recovered later if those are used. * * NOTE: enc_old is Anope's previous (broken) MD5 implementation, if your databases * were made using that module, continue to use it and do not use enc_md5. * * NOTE: enc_sha1 relies on how the OS stores 2+ byte data internally, and is * potentially broken when moving between 2 different OSes, such as moving from * Linux to Windows. It is recommended that you use enc_sha256 instead if you want * to use an SHA-based encryption. If you choose to do so, it is also recommended * that you first try to get everyone's passwords converted to enc_sha256 before * switching OSes by placing enc_sha256 at the beginning of the list. * * Supported: * - enc_none (plain text, no encryption) * - enc_old (old, broken MD5 encryption) * - enc_md5 (working MD5 encryption) * - enc_sha1 (SHA1 encryption) * - enc_sha256 (SHA256 encryption with random salts) * * The first module in this list is the active encryption module. All new passwords are * encrypted by this module. Old passwords stored in another encryption method are * automatically re-encrypted by the active encryption module on next identify. * Changing the order of the modules requires the services to restart. */ encryption = "enc_md5 enc_none enc_sha1 enc_sha256 enc_old" /* * The database modules are used for saving and loading databases for Anope. * * Supported: * - db_plain * - db_mysql * - db_mysql_live * * You may have more than one loaded at once! * * The db_mysql_live module is an extension to db_mysql, and should only be used if * db_mysql is being used. This module pulls data in real time from SQL as it is * requested by the core as a result of someone executing commands. * * This effectively allows you to edit your database and have it be immediately * reflected back in Anope. * * For information on how to make db_mysql_live use asynchronous queries see * m_async_commands. * * At this time db_mysql_live only supports pulling data in real time from the three * main tables: anope_cs_info, anope_ns_alias, and anope_ns_core. * */ database = "db_plain" /* * The socket engine modules are used for managing connections to and from Anope * * Supported: * - m_socketengine_select * - m_socketengine_poll * - m_socketengine_epoll * * We recommend using epoll if your operating system supports it (Linux 2.6+). */ socketengine = "m_socketengine_poll" /* * The maximum length of passwords */ passlen = 32 /* * These keys are used to initiate the random number generator. These numbers * MUST be random as you want your passcodes to be random. Don't give these * keys to anyone! Keep them private! * * NOTE: If you don't uncomment these or keep their default values, any talented * programmer would be able to easily "guess" random strings used to mask * information. Be safe, and come up with three different 7-digit numbers. * * These directives are optional, but highly recommended. */ #userkey1 = 9866235 #userkey2 = 8362013 #userkey3 = 2362899 /* * Allows Services to continue file write operations (i.e. database saving) * even if the original file cannot be backed up. Enabling this option may * allow Services to continue operation under conditions where it might * otherwise fail, such as a nearly-full disk. * * NOTE: Enabling this option can cause irrecoverable data loss under some * conditions, so make CERTAIN you know what you're doing when you enable it! * * This directive is optional, and you are discouraged against enabling it. */ #nobackupokay = yes /* * If set, Services will perform more stringent checks on passwords. If this * isn't set, Services will only disallow a password if it is the same as the * entity (nickname name) with which it is associated. When set, however, * Services will also check that the password is at least five * characters long, and in the future will probably check other things * as well. * * This directive is optional, but recommended. */ strictpasswords = yes /* * Sets the number of invalid password tries before Services removes a user * from the network. If a user enters a number of invalid passwords equal to * the given amount for any Services function or combination of functions * during a single IRC session (subject to badpasstimeout, below), Services * will issues a /KILL for the user. If not given, Services will ignore * failed password attempts (though they will be logged in any case). * * This directive is optional, but recommended. */ badpasslimit = 5 /* * Sets the time after which invalid passwords are forgotten about. If a user * does not enter any incorrect passwords in this amount of time, the incorrect * password count will reset to zero. If not given, the timeout will be * disabled, and the incorrect password count will never be reset until the user * disconnects. * * This directive is optional. */ badpasstimeout = 1h /* * Sets the delay between automatic database updates. This time is reset by * the OperServ UPDATE command. */ updatetimeout = 5m /* * Sets the delay between checks for expired nicknames and channels. The * OperServ UPDATE command will also cause a check for expiration and reset * this timer. */ expiretimeout = 30m /* * Sets the timout period for reading from the uplink. */ readtimeout = 5s /* * Sets the interval between sending warning messages for program errors via * WALLOPS/GLOBOPS. */ warningtimeout = 4h /* * Sets the (maximum) frequency at which the timeout list is checked. This, * combined with readtimeout above, determine how accurately timed events, * such as nick kills, occur; it also determines how much CPU time Services * will use doing this. Higher values will cause less accurate timing but * less CPU usage. * * This shouldn't be set any higher than 10 seconds, and 1 second is best * if your system is powerful enough (or your network small enough) to * handle it. 0 will cause the timeout list to be checked every time * through the main loop, which will probably slow down Services too much * to be useful on most networks. * * Note that this value is not an absolute limit on the period between * checks of the timeout list; the previous may be as great as readtimeout * (above) during periods of inactivity. * * If this directive is not given, it will default to 0. See the 2nd paragraph * above for performance impacts if you do this. */ timeoutcheck = 3s /* * Sets the number of days backups of databases are kept. If you don't give it, * or if you set it to 0, Services won't backup the databases. * * NOTE: Services must run 24 hours a day for this feature to work. * * This directive is optional, but recommended. */ keepbackups = 3 /* * If set, Services will require a reason when a FORBID is added, else the * reason is optional. This directive also applies to SUSPENDed channels as * well. * * This directive is optional. */ forceforbidreason = yes /* * If set, this will allow users to let Services send PRIVMSGs to them * instead of NOTICEs. Also see the defmsg option of nickserv:defaults, * which also toggles the default communication (PRIVMSG or NOTICE) to * use for unregistered users. * * This is a feature that is against the IRC RFC and should be used ONLY * if absolutely necessary. * * This directive is optional, and not recommended. */ #useprivmsg = yes /* * If set, will force Services to only respond to PRIVMSGs addresses to * Nick@ServerName - e.g. NickServ@localhost.net. This should be used in * conjunction with IRCd aliases. This directive is optional. * * When using Bahamut, this option will NOT work if the uplink server is * configured as a services hub. The serviceshub option is not designed to * be used with Anope. */ #usestrictprivmsg = yes /* * If set, Services will only show /stats o to IRC Operators. This directive * is optional. */ #hidestatso = yes /* * If set, Services will send global messages on starting up and shutting * down/restarting. * * This directive is optional. */ #globaloncycle = yes /* * This is the global message that will be sent when Services are being * shutdown/restarted. This directive is only required if you enable * globaloncycle above. */ globaloncycledown = "Services are restarting, they will be back shortly - please be good while we're gone" /* * This is the global message that will be sent when Services (re)join the * network. This directive is only required if you enable globaloncycle above. */ globaloncycleup = "Services are now back online - have a nice day" /* * If set, Services will hide the IRC operator's nick in a global * message/notice. * * This directive is optional. */ #anonymousglobal = yes /* * Prevents users from registering their nick if they are not connected * for at least the given number of seconds. * * This directive is optional. */ #nickregdelay = 30 /* * If set, forbids the registration of nicks that contain an existing * nick with Services access. For example, if Tester is a Services Oper, * you can't register NewTester or Tester123 unless you are an IRC * Operator. * * NOTE: If you enable this, you will have to be logged in as an IRC * operator in order to register a Services Root nick when setting up * Anope for the first time. * * This directive is optional. */ #restrictopernicks = yes /* * The number of LOGON/OPER news items to display when a user logs on. * * This directive is optional, if no set it will default to 3. */ #newscount = 3 /* * A space-separated list of ulined servers on your network, it is assumed that * the servers in this list are allowed to set channel modes and Services will * not attempt to reverse their mode changes. * * WARNING: Do NOT put your normal IRC user servers in this directive. * * This directive is optional. */ #ulineservers = "stats.your.network" /* * Default modes for mode lock, these are set on newly registered channels. */ mlock = "+nrt" /* * Modes that will not be allowed to be locked. Oper only modes such as +O * are always restricted from regular users and are not affected by this. * Leave blank for no restrictions. */ nomlock = "z" /* * Modes to set on service bots when they join channels, comment this out for no modes * * This directive is optional. */ botmodes = "ao" /* * How many times services should attempt to reconnect to the uplink before giving up * Comment this out to never give up. * * This directive is optional. */ maxretries = 10 /* * How long to wait between connection retries, in seconds. */ retrywait = 60 /* * If set, Services will hide commands that users doesn't have the privileges to execute * from HELP output. */ hideprivilegedcommands = no } /* * [RECOMMENDED] Logging Configuration * * This section is used for configuring what is logged and where it is logged to. * You may have multiple log blocks if you wish. Remember to properly secure any * channels you choose to have Anope log to! */ log { /* * Target(s) to log to, which may be one of the following: * - a channel name * - globops * - filename */ target = "services.log" /* Log to both services.log and the channel #services */ #target = "services.log #services" /* * The source(s) to only accept log messages from. Leave commented to allow all sources. * This can be a users name, a channel name, one of our clients (eg, OperServ), or a server name. */ #source = "" /* * The number of days to keep logfiles, only useful if you are logging to a file. * Set to 0 to never delete old logfiles. * * Note that Anope must run 24 hours a day for this feature to work correctly. */ logage = 7 /* * Enable to have the core services clients join and stay in the log channel(s) when logging. * Note: on some IRCds this is not optional, and is enforced on. */ inhabitlogchannel = yes /* * What types of log messages should be logged by this block. There are nine general categories: * * admin - Execution of admin commands (OperServ, etc). * override - A services operator using their powers to execute a command they couldn't normally. * commands - Execution of general commands. * servers - Server actions, linking, squitting, etc. * channels - Actions in channels such as joins, parts, kicks, etc. * users - User actions such as connecting, disconnecting, changing name, etc. * other - All other messages without a category. * rawio - Logs raw input and output from services * debug - Debug messages (log files can become VERY large from this). * * These options determine what messages from the categories should be logged. Wildcards are accepted, and * you can also negate values with a ~. For example, "~operserv/akill operserv/*" would log all operserv * messages except for operserv/akill. Note that processing stops at the first matching option, which * means "* ~operserv/*" would log everything because * matches everything. * * Valid admin, override, and command options are: * pesudo-serv/commandname (eg, operserv/akill, chanserv/set) * * Valid server options are: * connect, quit, sync * * Valid channel options are: * create, destroy, join, part, kick, leave, mode * * Valid user options are: * connect, disconnect, quit, nick, ident, host, mode, maxusers * * Rawio and debug are simple yes/no answers, there are no types for them. * * Note that modules may add their own values to these options. */ admin = "operserv/*" override = "chanserv/* nickserv/* memoserv/set botserv/* ~botserv/set" commands = "~operserv/* *" servers = "*" #channels = "~mode *" users = "connect disconnect nick" other = "*" rawio = no debug = no } /* * A log block to globops some useful things. */ log { target = "globops" admin = "operserv/global operserv/mode operserv/kick opeserv/akill operserv/s*line operserv/noop operserv/jupe */forbid nickserv/getpass */drop" } /* * [RECOMMENDED] Oper Access Config * * This section is used to set up staff access to restricted oper only commands. * You may define groups of commands and privileges, as well as who may use them. * * This block is recommended, as without it you will be unable to access most oper commands. * It replaces the old ServicesRoot directive amongst others. * * Note that third party modules may add additional commands and privileges to this list. * * Available privileges: * botserv/administration - Can perform certain BotServ administrative tasks * chanserv/access/modify - Can modify channel access and akick lists * chanserv/auspex - Can see any information with /chanserv info * chanserv/no-register-limit - May register an unlimited number of channels and nicknames * chanserv/set - Can modify the settings of any channel (incl. changing of the owner and password!) * memoserv/info - Can see any information with /memoserv info * memoserv/set-limit - Can set the limit of max stored memos on any user and channel * nickserv/auspex - Can see any information with /nickserv info * nickserv/confirm - Can confirm other users nicknames * nickserv/drop - Can drop other users nicks * * Available commands: * botserv/bot/del botserv/bot/add botserv/bot/change botserv/assign/private * botserv/botlist botserv/set/private botserv/set/nobot * * chanserv/access/list chanserv/drop chanserv/forbid chanserv/getkey * chanserv/list chanserv/suspend chanserv/topic chanserv/status * chanserv/mode * * chanserv/saset/bantype chanserv/saset/description chanserv/saset/email chanserv/saset/entrymsg * chanserv/saset/founder chanserv/saset/keeptopic chanserv/saset/opnotice * chanserv/saset/peace chanserv/saset/persist chanserv/saset/private chanserv/saset/restricted * chanserv/saset/secure chanserv/saset/securefounder chanserv/saset/secureops * chanserv/saset/signkick chanserv/saset/successor chanserv/saset/topiclock * chanserv/saset/url chanserv/saset/xop * * memoserv/sendall memoserv/staff * * nickserv/getpass nickserv/sendpass nickserv/getemail nickserv/suspend * nickserv/resetpass * * nickserv/saset/autoop nickserv/saset/email nickserv/saset/greet * nickserv/saset/icq nickserv/saset/kill nickserv/saset/language nickserv/saset/message * nickserv/saset/private nickserv/saset/secure nickserv/saset/url nickserv/saset/noexpire * * hostserv/set hostserv/del * * operserv/global operserv/news operserv/stats operserv/kick * operserv/mode operserv/session operserv/modlist operserv/ignore * operserv/chankill operserv/akill operserv/sqline operserv/snline * operserv/szline operserv/staff operserv/defcon operserv/config * operserv/modload operserv/jupe operserv/set operserv/noop * operserv/quit operserv/update operserv/reload operserv/restart * operserv/shutdown operserv/svsnick operserv/oline * * Firstly, we define 'opertypes' which are named whatever we want ('Network Administrator', etc). * These can contain commands for oper-only strings (see above) which grants access to that specific command, * and privileges (which grant access to more general permissions for the named area). * Wildcard entries are permitted for both, e.g. 'commands = "operserv/*"' for all OperServ commands. * * Below are some default example types, but this is by no means exhaustive, * and it is recommended that you configure them to your needs. */ opertype { /* The name of this opertype */ name = "Helper" /* What commands (see above) this opertype has */ commands = "hostserv/*" } opertype { /* The name of this opertype */ name = "Services Operator" /* What opertype(s) this inherits from. Seperate with a comma. */ inherits = "Helper, Another Helper" /* What commands (see above) this opertype may use */ commands = "chanserv/list chanserv/suspend chanserv/status chanserv/topic memoserv/staff nickserv/sendpass nickserv/resetpass nickserv/suspend operserv/mode operserv/chankill operserv/szline operserv/akill operserv/session operserv/modlist operserv/sqline operserv/staff operserv/kick operserv/ignore operserv/snline" /* What privs (see above) this opertype has */ privs = "chanserv/auspex chanserv/no-register-limit memoserv/* nickserv/auxpex nickserv/confirm" } opertype { name = "Services Administrator" inherits = "Services Operator" commands = "chanserv/access/list chanserv/drop chanserv/forbid chanserv/getkey chanserv/set/noexpire memoserv/sendall nickserv/saset/* nickserv/getemail operserv/global operserv/news operserv/jupe operserv/svsnick operserv/stats operserv/oline operserv/defcon operserv/noop" privs = "*" } opertype { name = "Services Root" commands = "*" privs = "*" } /* * After defining different types of operators in the above opertype section, we now define who is in these groups * through 'oper' blocks, similar to ircd access. * * The default is to comment these out (so NOBODY will have Services access). * You probably want to add yourself and a few other people at minimum. * * As with all permissions, make sure to only give trustworthy people access to Services. */ oper { /* The nickname of this services oper */ #name = "nick1" /* The opertype this person will have */ type = "Services Root" /* An optional password. If defined the user must login using /operserv login first */ #password = "secret" /* An optional SSL fingerprint. If defined is required to use this opertype. */ #certfp = "ed3383b3f7d74e89433ddaa4a6e5b2d7" } oper { #name = "nick2" type = "Services Administrator" } oper { #name = "nick3" type = "Helper" } /* * [OPTIONAL] Mail Config * * This section contains settings related to the use of e-mail from Services. * If the usemail directive is set to yes, unless specified otherwise, all other * directives are required. */ mail { /* * If set, this option enables the mail commands in Services. You may choose * to disable it if you have no Sendmail-compatible mailer installed. Whilst * this directive (and entire block) is optional, it is required if the * nickserv:emailregistration is set to yes. */ usemail = yes /* * This is the command-line that will be used to call the mailer to send an * e-mail. It must be called with all the parameters needed to make it * scan the mail input to find the mail recipient; consult your mailer * documentation. * * Postfix users must use the compatible sendmail utility provided with * it. This one usually needs no parameters on the command-line. Most * sendmail applications (or replacements of it) require the -t option * to be used. */ sendmailpath = "/usr/sbin/sendmail -t" /* * This is the e-mail address from which all the e-mails are to be sent from. * It should really exist. */ sendfrom = "services@localhost.net" /* * If set, SENDPASS and RESETPASS will be restricted to IRC operators. * This directive is optional. * * WARNING: If you choose to not enable this option, you should limit the * number of processes that the services user can have at a time (you can * create a special user for this; remember to NEVER launch Services as * root). */ restrict = yes /* * This controls the minimum amount of time a user must wait before sending * another e-mail after they have sent one. It also controls the minimum time * a user must wait before they can receive another e-mail. * * This feature prevents users from being mail bombed using Services and * it is highly recommended that it be used. * * This directive is optional, but highly recommended. */ delay = 5m /* * If set, Services will not attempt to put quotes around the TO: fields * in e-mails. * * This directive is optional, and as far as we know, it's only needed * if you are using ESMTP or QMail to send out e-mails. */ #dontquoteaddresses = yes } /* * [OPTIONAL] DNS Config * * This section is used to configure DNS. * At this time DNS is only used by a few modules (m_dnsbl) * and is not required by the core to function. */ dns { /* * The nameserver to use for resolving hostnames, must be an IP or a resolver configuration file. * The below should work fine on all unix like systems. Windows users will have to find their nameservers * from ipconfig /all and put the IP here */ nameserver = "/etc/resolv.conf" #nameserver = "127.0.0.1" /* * How long to wait in seconds before a DNS query has timed out */ timeout = 5 } /* * [REQUIRED] NickServ Config * * This section is used to set up the Nickname Registration Service pseudo-client. * Unless specified otherwise, all directives are required. */ nickserv { /* * The nickname of the NickServ client. */ nick = "NickServ" /* * The description of the NickServ client, which will be used as the GECOS * (real name) of the client. */ description = "Nickname Registration Service" /* * The core modules to load for NickServ. This is a space separated list that corresponds * to the base names of the modules for NickServ. * * This directive is optional, but highly recommended. */ modules = "ns_help ns_register ns_group ns_identify ns_access ns_cert ns_set ns_saset ns_set_autoop ns_set_email ns_set_greet ns_set_hide ns_set_kill ns_set_language ns_set_message ns_set_private ns_set_secure ns_saset_noexpire ns_drop ns_recover ns_release ns_sendpass ns_ghost ns_alist ns_info ns_list ns_logout ns_status ns_update ns_getpass ns_getemail ns_forbid ns_suspend ns_resetpass ns_ajoin" /* * Force users to give an e-mail address when they register a nick. * * This directive is recommended to be enabled, and required if e-mail registration is enabled. */ forceemail = yes /* * Require users who change their email address to confirm they * own it. */ confirmemailchanges = no /* * Require an e-mail to be sent to the user before they can register their nick. */ #emailregistration = yes /* * The default options for newly registered nicks. Note that changing these options * will have no effect on nicks which are already registered. The list must be separated * by spaces. * * The options are: * - kill: Kill nick if not identified within 60 seconds * - killquick: Kill nick if not identified within 20 seconds, this one overrides the above * option and the above must be specified with this one * - secure: Enable nickname security, requiring the nick's password before any operations * can be done on it * - private: Hide the nick from NickServ's LIST command * - hideemail: Hide's the nick's e-mail address from NickServ's INFO command * - hideusermask: Hide's the nick's last or current user@host from NickServ's INFO command * - hidequit: Hide's the nick's last quit message * - memosignon: Notify user if they have a new memo when they sign into the nick * - memoreceive: Notify user if they have a new memo as soon as it's received * - autoop: User will be automatically opped in channels they enter and have access to * - msg: Services messages will be sent as PRIVMSGs instead of NOTICEs, requires UsePrivmsg * to be enabled as well * * This directive is optional, if left blank, the options will default to secure, memosignon, and * memoreceive. If you really want no defaults, use "none" by itself as the option. */ defaults="secure private hideemail hideusermask memosignon memoreceive autoop" /* * A list of languages to load on startup that will be available in /nickserv set language. * Useful if you translate Anope to your language. (Explained further in docs/LANGUAGE). * Note that english should not be listed here because it is the base language. */ languages = "ca_ES de_DE el_GR es_ES fr_FR hu_HU it_IT nl_NL pl_PL pt_PT ru_RU tr_TR" /* * Default language that non- and newly-registered nicks will receive messages in. * Leave empty to default to English. */ #defaultlanguage = "es_ES" /* * The minimum length of time between consecutive uses of NickServ's REGISTER command. This * directive is optional, but recommended. If not set, this restriction will be disabled. */ regdelay = 30s /* * The minimum length of time between consecutive uses of NickServ's RESEND command. * * This directive is optional, but recommended. If not set, this restriction will be disabled. */ resenddelay = 90s /* * The length of time before a nick registration expires. * * This directive is optional, but recommended. If not set, the default is 21 days. */ expire = 21d /* * The length of time before a suspended nick becomes unsuspended. * * This directive is optional. If not set, the default is to never. */ #suspendexpire = 90d /* * The lenth of time before a forbidden nick drops. * * This directive is optional. If not set, the default is to never. */ #forbidexpire = 90d /* * The length of time a user using an unconfirmed account has * before the account will be released for general use again. * * This directive is only required if the e-mail registration option is enabled. */ #unconfirmedexpire = 1d /* * The maximum number of nicks allowed in a group. * * This directive is optional, but recommended. If not set or set to 0, no limits will be applied. */ maxaliases = 16 /* * The maximum number of entries allowed on a nickname's access list. */ accessmax = 32 /* * The username (and possibly hostname) used for the fake user created when NickServ collides * a user. Should be in the user@host format. If the host is not given, the one from ServicesUser * is used. */ enforceruser = "enforcer" #enforceruser = "enforcer@localhost.net" /* * The delay before a NickServ collided nick is released. */ releasetimeout = 1m /* * Allow the use of the IMMED option in the NickServ SET KILL command. * * This directive is optional. */ #allowkillimmed = yes /* * If set, the NickServ GROUP command won't allow any group change. This is recommended for * better performance and to protect against nick stealing, however users will have less * flexibility. * * This directive is optional, but recommended. */ #nogroupchange = yes /* * Limits the use of the NickServ LIST command to IRC operators. * * This directive is optional. */ #listopersonly = yes /* * The maximum number of nicks to be returned for a NickServ LIST command. */ listmax = 50 /* * When a user's nick is forcibly changed to enforce a "nick kill", their new nick will start * with this value. The rest will be made up of 6 or 7 digits. */ guestnickprefix = "Guest" /* * Prevents the use of the DROP, FORBID, GETPASS, and SET PASSWORD commands by Services Admins * on other Services Admins or the Services Root(s). * * This directive is optional, but recommended. */ secureadmins = yes /* * If set, any user wanting to use the privileges of Services Root, Services Admin, or Services * Operator must have been logged as an IRC Operator with the /oper command. * * This directive is optional, but recommended. */ strictprivileges = yes /* * If set, Services will set the channel modes a user has access to upon identifying, assuming * they are not already set. * * This directive is optional. */ modeonid = yes /* * If set, Services will add the usermask of registering users to the access list of their * newly created account. If not set, users will always have to identify to NickServ before * being recognized, unless they manually add an address to the access list of their account. * This directive is optional. */ addaccessonreg = yes /* * The maximum number of channels a user can have on NickServ's AJOIN command. */ ajoinmax = 10 } /* * [RECOMMENDED] ChanServ Config * * This section is used to set up the Channel Registration Service pseudo-client. * Unless specified otherwise, all directives are required if you wish to use ChanServ. */ chanserv { /* * The nickname of the ChanServ client. */ nick = "ChanServ" /* * The description of the ChanServ client, which will be used as the GECOS * (real name) of the client. */ description = "Channel Registration Service" /* * The core modules to load for ChanServ. This is a space separated list that corresponds * to the base names of the modules for ChanServ. * * This directive is optional, but highly recommended. */ modules = "cs_help cs_register cs_set cs_saset cs_saset_noexpire cs_set_bantype cs_set_description cs_set_entrymsg cs_set_founder cs_set_keeptopic cs_set_opnotice cs_set_peace cs_set_persist cs_set_private cs_set_restricted cs_set_secure cs_set_securefounder cs_set_secureops cs_set_signkick cs_set_successor cs_set_topiclock cs_set_xop cs_xop cs_access cs_akick cs_drop cs_ban cs_clearusers cs_modes cs_getkey cs_invite cs_kick cs_list cs_topic cs_info cs_forbid cs_suspend cs_status cs_unban cs_clone cs_mode" /* * The default options for newly registered channels. Note that changing these options * will have no effect on channels which are already registered. The list must be separated * by spaces. * * The options are: * - keeptopic: Retain topic when the channel is not in use * - opnotice: Send a notice when OP/DEOP commands are used * - peace: Disallow users from kicking or removing modes from others who are of the same * access level or superior * - private: Hide the channel from ChanServ's LIST command * - restricted: Kick/ban users who are restricted from the channel * - secure: Enable channel security, requiring the user to be identified with NickServ in * order to be considered for being on the access list of the channel * - secureops: Only allow operator status to be given if the user is on the access list * - securefounder: Only allow the real founder of the channel to drop the channel, change it's * password, or change the founder or successor * - signkick: Use of ChanServ's KICK command will cause the user's nick to be signed to the kick. * - signkicklevel: Same as above, but the kick will not be signed if the user is at the same access * level or superior to the target * - topiclock: Disallow the topic to be changed except with ChanServ's TOPIC command * - xop: Enable use of the xOP system * - persist: Keep the channel open at all times * - none: No defaults * * This directive is optional, if left blank, the options will default to keetopic, secure, securefounder, * and signkick. If you really want no defaults, use "none" by itself as the option. */ defaults="keeptopic peace secure securefounder signkick xop" /* * The maximum number of channels which may be registered to a single nickname. * * This directive is optional, but recommended. * If not set, there will be no restriction on the numbers of channels a single nickname can have registered. */ maxregistered = 20 /* * The length of time before a channel registration expires. * * This directive is optional, but recommended. * If not set, the default is 14 days. */ expire = 14d /* * The length of time before a suspended channel becomes unsuspended. * * This directive is optional. * If not set, the default is to never. */ #suspendexpire = 90d /* * The lenth of time before a forbidden channel drops. * * This directive is optional. * If not set, the default is to never. */ #forbidexpire = 90d /* * The default ban type for newly registered channels (and when importing old databases). * * defbantype can be: * * 0: ban in the form of *!user@host * 1: ban in the form of *!*user@host * 2: ban in the form of *!*@host * 3: ban in the form of *!*user@*.domain */ defbantype = 2 /* * The maximum number of entries on a channel's access list. */ accessmax = 1024 /* * The maximum number of entries on a channel's autokick list. */ autokickmax = 32 /* * The default reason for an autokick if none is given. */ autokickreason = "User has been banned from the channel" /* * The length of time ChanServ stays in a channel after kicking a user from a channel they are not * permitted to be in. This only occurs when the user is the only one in the channel. */ inhabit = 15s /* * Limits the use of the ChanServ LIST command to IRC operators. * * This directive is optional. */ #listopersonly = yes /* * The maximum number of channels to be returned for a ChanServ LIST command. */ listmax = 50 /* * Allow only IRC Operators to use ChanServ. * * This directive is optional. */ #opersonly = yes } /* * [OPTIONAL] MemoServ Config * * This section is used to set up the Memo Service pseudo-client. Unless specified otherwise, * all directives are required if you wish to use MemoServ. */ memoserv { /* * The nickname of the MemoServ client. */ nick = "MemoServ" /* * The description of the MemoServ client, which will be used as the GECOS * (real name) of the client. */ description = "Memo Service" /* * The core modules to load for MemoServ. This is a space separated list that corresponds * to the base names of the modules for MemoServ. * * This directive is optional, but highly recommended. */ modules = "ms_send ms_cancel ms_list ms_read ms_del ms_set ms_info ms_rsend ms_check ms_staff ms_sendall ms_ignore ms_help" /* * The maximum number of memos a user is allowed to keep by default. Normal users may set the * limit anywhere between 0 and this value. Services Admins can change it to any value or * disable it. * * This directive is optional, but recommended. If not set, the limit is disabled * by default, and normal users can set any limit they want. */ maxmemos = 20 /* * The delay between consecutive uses of the MemoServ SEND command. This can help prevent spam * as well as denial-of-service attacks from sending large numbers of memos and filling up disk * space (and memory). The default 3-second wait means a maximum average of 150 bytes of memo * per second per user under the current IRC protocol. * * This directive is optional, but recommended. */ senddelay = 3s /* * Should we notify all appropriate users of a new memo? This applies in cases where a memo is * sent to a nick which is in the group of another nick. Note that, unlike before, it is currently * more efficient to enable this. * * This directive is optional. */ notifyall = yes /* * Allow the use of memo receipts for the following groups: * * 1 - Opers Only * 2 - Everybody * * This directive is optional. */ #memoreceipt = 1 } /* * [OPTIONAL] BotServ Config * * This section is used to set up the Bot Service pseudo-client. The block is optional and can be * removed if you do not wish to have BotServ on your network. Unless specified otherwise, * all directives are required if you do wish to use BotServ. */ botserv { /* * The nickname of the BotServ client. */ nick = "BotServ" /* * The description of the BotServ client, which will be used as the GECOS * (real name) of the client. */ description = "Bot Service" /* * The core modules to load for BotServ. This is a space separated list that corresponds * to the base names of the modules for BotServ. * * This directive is optional, but highly recommended. */ modules = "bs_help bs_botlist bs_assign bs_set bs_kick bs_badwords bs_act bs_info bs_say bs_unassign bs_bot" /* * The default bot options for newly registered channels. Note that changing these options * will have no effect on channels which are already registered. The list must be separated * by spaces. * * The options are: * - dontkickops: Channel operators will be protected against BotServ kicks * - dontkickvoices: Voiced users will be protected against BotServ kicks * - greet: The channel's BotServ bot will greet incoming users that have set a greet * in their NickServ settings * - fantasy: Enables the use of BotServ fantasy commands in the channel * - symbiosis: Causes the BotServ bot to do all actions that would normally have been * done by ChanServ * * This directive is optional, if left blank, there will be no defaults. */ defaults="greet fantasy symbiosis" /* * The minimum number of users there must be in a channel before the bot joins it. The best * value for this setting is 1 or 2. This can be 0, the service bots will not part unless * specifically unassigned, and will keep the channel open. */ minusers = 1 /* * The maximum number of entries a single bad words list can have. Setting it too high can * reduce performance slightly. */ badwordsmax = 32 /* * The amount of time that data for a user is valid in BotServ. If the data exceeds this time, * it is reset or deleted depending on the case. Do not set it too high, otherwise your * resources will be slightly affected. */ keepdata = 10m /* * The bots are currently not affected by any modes or bans when they try to join a channel. * But some people may want to make it act like a real bot, that is, for example, remove all * the bans affecting the bot before joining the channel, remove a ban that affects the bot * set by a user when it is in the channel, and so on. Since it consumes a bit more CPU * time, you should not enable this on larger networks. * * This directive is optional. */ #smartjoin = yes /* * If set, the bots will use a kick reason that does not state the word when it is kicking. * This is especially useful if you have young people on your network. * * This directive is optional. */ gentlebadwordreason = yes /* * If set, BotServ will use case sensitive checking for badwords. * * This directive is optional. */ #casesensitive = yes /* * Defines the prefix for fantasy commands in channels. This character will have to be prepended * to all fantasy commands. If you choose "!", for example, fantasy commands will be "!kick", * "!op", etc. This directive is optional, if left out, the default fantasy character is "!". */ #fantasycharacter = "!" } /* * [OPTIONAL] HostServ Config * * This section is used to set up the vHost Service pseudo-client. * * The block is optional and can be removed if you do not wish to have HostServ on your network. * * Unless specified otherwise, all directives are required if you do wish to use HostServ. */ hostserv { /* * The nickname of the HostServ client. */ nick = "HostServ" /* * The description of the HostServ client, which will be used as the GECOS * (real name) of the client. */ description = "vHost Service" /* * The core modules to load for HostServ. This is a space separated list that corresponds * to the base names of the modules for HostServ. * * This directive is optional, but highly recommended. */ modules = "hs_help hs_on hs_off hs_group hs_list hs_set hs_setall hs_del hs_delall" } /* * [RECOMMENDED] OperServ Config * * This section is used to set up the Operator Service pseudo-client. Unless specified otherwise, * all directives are required if you wish to use OperServ. */ operserv { /* * The nickname of the OperServ client. */ nick = "OperServ" /* * The description of the OperServ client, which will be used as the GECOS * (real name) of the client. */ description = "Operator Service" /* * The core modules to load for OperServ. This is a space separated list that corresponds * to the base names of the modules for OperServ. * * This directive is optional, but highly recommended. */ modules = "os_help os_global os_stats os_staff os_mode os_kick os_akill os_snline os_sqline os_szline os_chanlist os_userlist os_news os_session os_noop os_jupe os_ignore os_set os_reload os_update os_restart os_quit os_shutdown os_defcon os_chankill os_svsnick os_oline os_modload os_modunload os_modreload os_modlist os_modinfo os_config os_login" /* * If set, Services Admins will be able to use SUPERADMIN [ON|OFF] which will temporarily grant * them extra privileges such as being a founder on ALL channels, ability to adjust another * users' modes, etc. * * This directive is optional. */ #superadmin = yes /* * These define the default expiration times for, respectively, AKILLs, CHANKILLs, SNLINEs, * SQLINEs, and SZLINEs. */ autokillexpiry = 30d chankillexpiry = 30d snlineexpiry = 30d sqlineexpiry = 30d szlineexpiry = 30d /* * If set, this option will make Services send an AKILL command immediately after it has been * added with AKILL ADD. This eliminates the need for killing the user after the AKILL has * been added. * * This directive is optional, but recommended. */ akillonadd = yes /* * If set, this option will make Services send an (SVS)KILL command immediately after SNLINE ADD. * This eliminates the need for killingthe user after the SNLINE has been added. * *This directive is optional. */ #killonsnline = yes /* * If set, this option will make Services send an (SVS)KILL command immediately after SQLINE ADD. * This eliminates the need for killingthe user after the SQLINE has been added. * * This directive is optional. */ #killonsqline = yes /* * Defines what actions should trigger notifications. The list must be separated by spaces. * * The notifications are: * - oper: A user has become an IRC operator * - bados: A non-IRCop attempts to use OperServ * - akillexpire: An AKILL has expired * - snlineexpire: An SNLINE has expired * - sqlineexpire: An SQLINE has expired * - szlineexpire: An SZLINE has expired * - exceptionexpire: A session exception has expired * * This directive is optional, if left blank, there will be no notifications. */ notifications="oper" /* * Enables session limiting. Session limiting prevents users from connecting more than a certain * number of times from the same host at the same time - thus preventing most types of cloning. * Once a host reaches it's session limit, all clients attempting to connect from that host will * be killed. Exceptions to the default session limit can be defined via the exception list. It * should be noted that session limiting, along with a large exception list, can degrade Services' * performance. * * See the source and comments in sessions.c and the online help for more information about * session limiting. * * This directive is optional. */ limitsessions = yes /* * Default session limit per host. Once a host reaches it's session limit, all clients attempting * to connect from that host will be killed. A value of zero means an unlimited session limit. * * This directive is optional. * If not given and session limiting is enabled, it will default to no limit. */ defaultsessionlimit = 3 /* * The maximum session limit that may be set for a host in an exception. * * This directive is only required if session limiting is enabled. */ maxsessionlimit = 100 /* * Sets the default expiry time for session exceptions. * * This directive is only required if session limiting is enabled. */ exceptionexpiry = 1d /* * The message that will be NOTICE'd to a user just before they are removed from the network because * their host's session limit has been exceeded. It may be used to give a slightly more descriptive * reason for the impending kill as opposed to simply "Session limit exceeded". * * This directive is optional, if not set, nothing will be sent. */ sessionlimitexceeded = "The session limit for your host %s has been exceeded." /* * Same as above, but should be used to provide a website address where users can find out more * about session limits and how to go about applying for an exception. * * Note: This directive has been intentionally commented out in an effort to remind you to change * the URL it contains. It is recommended that you supply an address/URL where people can get help * regarding session limits. * * This directive is optional, if not set, nothing will be sent. */ #sessionlimitdetailsloc = "Please visit http://your.website.url/ for more information about session limits." /* * If set and is not 0, this directive tells Services to add an AKILL the number of subsequent kills * for the same host exceeds this value, preventing the network from experiencing KILL floods. * * This directive is optional. */ maxsessionkill = 15 /* * Sets the expiry time for AKILLs set for hosts exceeding the maxsessionkill directive limit. * * This directive is optional, if not set, defaults to 30 minutes. */ sessionautokillexpiry = 30m /* * Adds the nickname of the IRC Operator issuing an AKILL to the kill reason. * * This directive is optional. */ addakiller = yes /* * If set, only IRC Operators will be permitted to use OperServ, regardless of module-based command * access restrictions. * * This directive is optional, but recommended. */ opersonly = yes } /* * [RECOMMENDED] Global Config * * This section is used to set up the Global pseudo-client. Unless specified otherwise, * all directives are required if you wish to use Global. * * Globals two main functions are for sending globals and for logging miscellaneous data to * the log channel(s). If disabled, many logs will NOT be sent to the log channel(s). */ global { /* * The nickname of the Global client. */ nick = "Global" /* * The description of the Global client, which will be used as the GECOS * (real name) of the client. */ description = "Global Noticer" } /* * [OPTIONAL] DefCon Config * * This section is used to set up the DefCon system of OperServ. The block is optional and can be * removed if you wish to disable DefCon in it's entirety. Unless specified otherwise, all directives * are required if you do wish to use DefCon. */ defcon { /* * Default DefCon level (1-5) to use when starting Services up. Level 5 constitutes normal operation * while level 1 constitutes the most restrictive operation. If this setting is left out or set to * 0, DefCon will be disabled and the rest of this block will be ignored. */ #defaultlevel = 5 /* * The following 4 directives define what operations will take place when DefCon is set to levels * 1 through 4. Each level is a list that must be separated by spaces. * * The following operations can be defined at each level: * - nonewchannels: Disables registering new channels * - nonewnicks: Disables registering new nicks * - nomlockchanges: Disables changing MLOCK on registered channels * - forcechanmodes: Forces all channels to have the modes given in the later chanmodes directive * - reducedsessions: Reduces the session limit to the value given in the later sessionlimit directive * - nonewclients: KILL any new clients trying to connect * - operonly: Services will ignore all non-IRCops * - silentoperonly: Services will silently ignore all non-IRCops * - akillnewclients: AKILL any new clients trying to connect * - nonewmemos: No new memos will be sent to block MemoServ attacks */ level4 = "nonewchannels nonewnicks nomlockchanges reducedsessions" level3 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions" level2 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly" level1 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly akillnewclients" /* * New session limit to use when a DefCon level is using "reduced" session limiting. */ #sessionlimit = 2 /* * Length of time to add an AKILL for when DefCon is preventing new clients from connecting to the * network. */ #akillexpire = 5m /* * The channel modes to set on all channels when the DefCon channel mode system is in use. * * Note 1: Choose these modes carefully, because when DefCon switches to a level which does NOT have * the mode setting selected, Services will set the reverse on all channels, e.g. if this setting * is +RN when DefCon is used, all channels will be set to +RN, when DefCon is removed, all * channels will be set to -RN. You don't want to set this to +k for example, because when DefCon * is removed all channels with -k. * * Note 2: MLOCKed modes will not be lost. */ #chanmodes = "+R" /* * This value can be used to automatically return the network to DefCon level 5 after the specified * time period, just in case any IRC Operator forgets to remove a DefCon setting. * * This directive is optional. */ #timeout = 15m /* * If set, Services will send a global message on DefCon level changes. * * This directive is optional. */ #globalondefcon = yes /* * If set, Services will send the global message defined in the message directive on DefCon level * changes. * * This directive is optional. */ #globalondefconmore = yes /* * Defines the message that will be sent on DefCon level changes when globalondefconmore is set. * * This directive is required only when globalondefconmore is set. */ #message = "Put your message to send your users here. Dont forget to uncomment globalondefconmore" /* * Defines the message that will be sent when DefCon is returned to level 5. This directive is optional, * and will also override globalondefcon and globalondefconmore when set. */ #offmessage = "Services are now back to normal, sorry for any inconvenience" /* * Defines the reason to use when clients are KILLed or AKILLed from the network while the proper * DefCon operation is in effect. */ #akillreason = "This network is currently not accepting connections, please try again later" } /* * [OPTIONAL] Additional includes * * You can include additional configuration files here. * You may also include executable files, which will be executed and * the output from it will be included into your configuration. */ include { #type = "file" #name = "some_other.conf" } include { #type = "executable" #name = "/usr/bin/wget -q -O - http://some.miconfigured.network.com/services.conf" } /* * [OPTIONAL] Non-Core Modules * * The following blocks are used to load all non-core modules, including 3rd-party modules. * Modules can be prevented from loading by commenting out the line, other modules can be added by * adding a module block. These modules will be loaded prior to Services connecting to your network. */ /* * cs_appendtopic * * Adds the APPENDTOPIC command to ChanServ, which allows users to easially append text to * the end of existing channel topics. */ module { name = "cs_appendtopic" } /* * cs_enforce * * Adds the ENFORCE commad to ChanServ, which allows enforcing various channel settings like * SECUREOPS and RESTRICTED. */ module { name = "cs_enforce" } /* * cs_entrymsg * * Allows you to set entry messages on your channel, which are shown to anyone * who joins. */ module { name = "cs_entrymsg" } cs_entrymsg { /* The maximum number of entrymsgs allowed per channel. If not set, defaults to 5. */ maxentries = 5 } /* * cs_set_misc * * Allows you to create misc /chanserv set commands, and have the data * show up in /chanserv info */ module { name = "cs_set_misc" } cs_set_misc { /* The name of the command */ name = "OINFO" /* A short description of the command */ desc = "Associate oper only information to this channel" /* Set to yes if only opers and privileged users can set it and see it */ privileged = yes } cs_set_misc { name = "URL" desc = "Associate a URL with the channel" } cs_set_misc { name = "EMAIL" desc = "Associate an EMail with the channel" } /* * db_plain * * This is the default flatfile database format */ db_plain { /* * The database db_plain should use */ database = "anope.db" } /* * hs_request * * Allows users to request vhosts which opers may then view, accept or deny */ module { name = "hs_request" } hs_request { /* * If set, Services will send a memo to the user requesting a vHost when it's been * approved or rejected. */ #memouser = yes /* * If set, Services will send a memo to all Services staff when a new vHost is requested. */ #memooper = yes } /* * m_alias * * Allows you to create custom command aliases. */ module { name = "m_alias" } alias { /* Set to yes to make this alias triggerable by fantasy commands. */ fantasy = no /* Set to yes to make this alias oper only */ operonly = no /* Source client and command. */ source_client = "NickServ" source_command = "ID" /* Target client and command. */ target_client = "NickServ" target_command = "IDENTIFY" } /* Provides the !k fantasy command */ alias { fantasy = yes source_command = "K" target_client = "ChanServ" target_command = "KICK" } /* Provides the !kb fantasy command */ alias { fantasy = yes source_command = "KB" target_client = "ChanServ" target_command = "BAN" } /* * m_async_commands * * Threads for each command executed by users. You should * only load this if you are using a module designed to work with this. * * If this is loaded with db_mysql_live then Anope will support * processing multiple commands at once which will negate the "lag" * issues caused from the overhead of SQL queries by db_mysq_live. * * Note that this module is currently EXPERIMENTAL and you should report * any bugs you find. */ #module { name = "m_async_commands" } /* m_dnsbl * * Allows configurable DNS blacklists to check connecting users against. If a user * is found on the blacklist they will be immediately banned. This is a crucial module * to prevent bot attacks. */ module { name = "m_dnsbl" } m_dnsbl { /* * If set, Services will check clients against the DNSBLs when services connect to its uplink. * This is not recommended, and on large networks will open a very large amount of DNS queries. * Whilst services are not drastically affected by this, your nameserver/DNSBL might care. */ check_on_connect = no /* * If set, Services will check clients when coming back from a netsplit. This can cause a large number * of DNS queries open at once. Whilst services are not drastically affected by this, your nameserver/DNSBL * might care. */ check_on_netburst = no /* * If set, OperServ will add clients found in the DNSBL to the akill list. Without it, OperServ simply sends * a timed G/K-line to the IRCd and forgets about it. Can be useful if your akill list is being fill up by bots. */ add_to_akill = yes } blacklist { /* Name of the blacklist */ name = "rbl.efnetrbl.org" /* How long to set the ban for */ time = 4h /* Reason for akill. * %n is the nick of the user * %u is the ident/username of the user * %g is the realname of the user * %h is the hostname of the user * %i is the IP of the user * %r is the reason (configured below). Will be nothing if not configured. * %N is the network name set in networkinfo:networkname */ reason = "You are listed in the efnet RBL, visit http://rbl.efnetrbl.org/?i=%i for info" /* Replies to ban and their reason. If this is totally ommited all replies get banned */ 1 = "Open Proxy" /* Don't ban for result 2 or 3 */ #2 = "spamtrap666" #3 = "spamtrap50" 4 = "TOR" 5 = "Drones / Flooding" } blacklist { name = "dnsbl.dronebl.org" time = 4h reason = "You have a host listed in the DroneBL. For more information, visit http://dronebl.org/lookup_branded.do?ip=%i&network=%N" } /* m_helpchan * * Gives users who are op in the specified help channel usermode +h (helpop). */ #module { name = "m_helpchan" } m_helpchan { helpchannel = "#help" } /* * m_ldap * * This module allows other modules to use LDAP. By itself, this module does nothing useful. */ #module { name = "m_ldap" } ldap { server = "ldap://127.0.0.1" port = 389 } /* * m_ldap_authentication * * This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use * LDAP to authenticate users. Requires m_ldap. */ #module { name = "m_ldap_authentication" } m_ldap_authentication { /* * The distinguished name we should bind to when a user tries to identify. */ binddn = "ou=users,dc=anope,dc=org" /* * The attribute value used for account names. */ username_attribute = "uid" /* * The attribute value used for email addresses. * This directive is optional. */ email_attribute = "email" /* * Enable to have this module disable /nickserv register. */ disable_ns_register = true /* * The reason to give the users who try to /ns register. */ disable_reason = "Registration has been disabled." #disable_reason = "To register on this network visit http://some.misconfigured.site/register" } /* * m_ldap_oper * * This module dynamically ties users to Anope opertypes when they identify * via LDAP group membership. Requires m_ldap. * * Note that this doesn't give the user privileges on the IRCd, only in Services. */ #module { name = "m_ldap_oper" } m_ldap_oper { /* * An optional binddn to use when searching for groups. * %a is replaced with the account name of the user. */ #binddn = "cn=Manager,dc=anope,dc=org" /* * An optional password to bind with. */ #password = "secret" /* * The base DN where the groups are. */ basedn = "ou=groups,dc=anope,dc=org" /* * The filter to use when searching for users. * %a is replaced with the account name of the user. */ filter = "(member=uid=%a,ou=users,dc=anope,dc=org)" /* * The attribute of the group that is the name of the opertype. * The cn attribute should match a known opertype in the config. */ opertype_attribute = "cn" } /* * m_mysql * * This module allows other modules (db_mysql/db_mysql_live) to use MySQL. * Be sure you have imported the table schema with mydbgen before * trying to use MySQL */ #module { name = "m_mysql" } mysql { database = "anope" server = "127.0.0.1" username = "anope" password = "mypassword" port = 3306 } /* * m_ssl * * This module uses SSL to connect to the uplink server(s) */ module { name = "m_ssl" } /* * m_xmlrpc * * Allows remote applications (websites) to execute queries in real time to retrieve data from Anope. * By itself this module does nothing, but allows other modules (m_xmlrpc_main) to receive and send XMLRPC queries. */ #module { name = "m_xmlrpc" } m_xmlrpc { /* IP to listen on */ bindip = "127.0.0.1" /* Port to listen on */ port = 26673 /* Enable for IPv6 */ ipv6 = no /* If enabled, requires m_ssl to be loaded */ ssl = no /* IPs allowed to connect (separate with spaces), this should be secured. We also recommend you firewall this * with an outside program to increase security. */ allowed = "127.0.0.0/24" } /* * m_xmlrpc_main * * Adds the main XMLRPC core functions. * Requires m_xmlrpc. */ #module { name = "m_xmlrpc_main" } /* * ns_maxemail * * Limits how many times the same email address may be used in Anope * to register accounts. */ module { name = "ns_maxemail" } ns_maxemail { /* * The limit to how many registered nicks can use the same e-mail address. If set to 0 or left * commented, there will be no limit enforced when registering new accounts or using * /msg NickServ SET EMAIL. */ #maxemails = 1 } /* * ns_set_misc * * Allows you to create misc /nickserv set commands, and have the data * show up in /nickserv info */ module { name = "ns_set_misc" } ns_set_misc { name = "OINFO" desc = "Associate oper only information to this nick" privileged = yes } ns_set_misc { name = "URL" desc = "Associate a URL with the nick" } ns_set_misc { name = "ICQ" desc = "Associate an ICQ number with the nick" }