path: root/data/example.conf

/*
 * Example configuration file for Services. After making the appropriate
 * changes to this file, place it in the Services data directory (as
 * specified in the "configure" script, default /home/username/services/data)
 * under the name "services.conf".
 *
 * The format of this file is fairly simple: three types of comments are supported:
 *  - All text after a '#' on a line is ignored, as in shell scripting
 *  - All text after '//' on a line is ignored, as in C++
 *  - A block of text like this one is ignored, as in C
 *
 * Outside of comments, there are three structures: blocks, keys, and values.
 *
 * A block is a named container, which contains a number of key to value pairs
 * - you may think of this as an array.
 *
 * A block is created like so:
 * foobar
 * {
 *    moo = "cow"
 *    foo = bar
 * }
 *
 * Keys are case insensitive. Values depend on what key - generally, information is
 * given in the key comment. The quoting of values (and most other syntax) is quite
 * flexible, however, please do not forget to quote your strings:
 *
 *   "This is a parameter string with spaces in it"
 *
 * If you need to include a double quote inside a quoted string, precede it
 * by a backslash:
 *
 *   "This string has \"double quotes\" in it"
 *
 * Time parameters can be specified either as an integer representing a
 * number of seconds (e.g. "3600" = 1 hour), or as an integer with a unit
 * specifier: "s" = seconds, "m" = minutes, "h" = hours, "d" = days.
 * Combinations (such as "1h30m") are not permitted. Examples (all of which
 * represent the same length of time, one day):
 *
 *   "86400", "86400s", "1440m", "24h", "1d"
 *
 * CAUTION:
 * Please note that your services might _CRASH_ if you add more format-
 * strings (%s, %d, etc.) to custom messages than Anope needs. Use the
 * default messages to see how many format-strings are needed.
 *
 * In the documentation for each directive, one of the following will be
 * included to indicate whether an option is required:
 *
 * [REQUIRED]
 *     Indicates a directive which must be given. Without it, Services will
 *     not start.
 *
 * [RECOMMENDED]
 *     Indicates a directive which may be omitted, but omitting it may cause
 *     undesirable side effects.
 *
 * [OPTIONAL]
 *     Indicates a directive which is optional. If not given, the feature
 *     will typically be disabled. If this is not the case, more
 *     information will be given in the documentation.
 *
 * [DISCOURAGED]
 *     Indicates a directive which may cause undesirable side effects if
 *     specified.
 *
 * [DEPRECATED]
 *     Indicates a directive which will disappear in a future version of
 *     Services, usually because its functionality has been either
 *     superseded by that of other directives or incorporated into the main
 *     program.
 */


/*
 * [REQUIRED] IRCd Config
 *
 * This section is used to set up Anope to connect to your IRC network.
 * This section can be included multiple times, and Anope will attempt to
 * connect to each server until it finally connects.
 */
uplink
{
	/*
	 * The IP or hostname of the IRC server you wish to connect Services to.
	 * Usually, you will want to connect Services over 127.0.0.1 (aka localhost).
	 *
	 * NOTE: On some shell providers, this will not be an option.
	 */
	host = "localhost"

	/*
	 * Enable if Services should connect using IPv6.
	 */
	ipv6 = no

	/*
	 * Enable if Services should connect using SSL.
	 * You must have m_ssl loaded for this to work.
	 */
	ssl = no

	/*
	 * The port to connect to.
	 * The IRCd *MUST* be configured to listen on this port, and to accept
	 * server connections.
	 *
	 * Refer to your IRCd documentation for how this is to be done.
	 */
	port = 6667

	/*
	 * The password to send to the IRC server for authentication.
	 * This must match the link block on your IRCd.
	 *
	 * Refer to your IRCd documentation for more information on link blocks.
	 */
	password = "mypassword"
}

/*
 * [REQUIRED] Server Information
 *
 * This section contains information about the Services server.
 */
serverinfo
{
	/*
	 * The hostname that Services will be seen as, it must have no conflicts with any
	 * other server names on the rest of your IRC network. Note that it does not have
	 * to be an existing hostname, just one that isn't on your network already.
	 */
	name = "services.localhost.net"

	/*
	 * The text which should appear as the server's information in /whois and similar
	 * queries.
	 */
	description = "Services for IRC Networks"

	/*
	 * The local address that Services will bind to before connecting to the remote
	 * server. This may be useful for multihomed hosts. If ommited, Services will let
	 * the Operating System choose the local address. This directive is optional.
	 *
	 * If you don't know what this means or don't need to use it, just leave this
	 * directives commented out.
	 */
	#localhost = "nowhere."

	/*
	 * This directive instructs Anope which IRCd Protocol to speak when connecting.
	 * You MUST modify this to match the IRCd you run.
	 *
	 * Supported:
	 *  - inspircd11
	 *  - inspircd12
	 *  - inspircd20
	 *  - ratbox
	 *  - bahamut
	 *  - unreal32
	 *  - plexus
	 */
	type = "inspircd12"

	/*
	 * What Server ID to use for this connection?
	 * Note: This should *ONLY* be used for TS6/P10 IRCds. Refer to your IRCd documentation
	 * to see if this is needed.
	 */
	#id = "00A"

	/*
	 * These identify the ident@hostname which will be used by the Services pesudoclients.
	 */
	ident = "services"
	hostname = "localhost.net"

	/*
	 * The filename containing the Services process ID. The path is relative to the
	 * services executable. If not given, defaults to "services.pid".
	 */
	pid = "services.pid"

	/*
	 * The filename containing the Message of the Day. The path is relative to the
	 * services executable. If not given, defaults to "services.motd".
	 */
	motd = "services.motd"
}

/*
 * [REQUIRED] Network Information
 *
 * This section contains information about the IRC network that Services will be
 * connecting to.
 */
networkinfo
{
	/*
	 * This is the name of the network that Services will be running on.
	 */
	networkname = "LocalNet"

	/*
	 * Set this to the maximum allowed nick length on your network.
	 * Be sure to set this correctly, as setting this wrong can result in
	 * Services being disconnected from the network. This directive is optional,
	 * but recommended.
	 */
	nicklen = 31

	/* Set this to the maximum allowed ident length on your network.
	 * Be sure to set this correctly, as setting this wrong can result in
	 * Services being disconnected from the network. This directive is optional,
	 * but recommended.
	 */
	userlen = 10

	/* Set this to the maximum allowed hostname length on your network.
	 * Be sure to set this correctly, as setting this wrong can result in
	 * Services being disconnected from the network. This directive is optional,
	 * but recommended.
	 */
	hostlen = 64
}

/*
 * [REQUIRED] Services Options
 *
 * This section contains various options which determine how Services will operate.
 */
options
{
	/*
	 * The encryption modules are used when dealing with passwords. This determines how
	 * the passwords are stored in the databases, and does not add any security as
	 * far as transmitting passwords over the network goes.
	 * 
	 * When using enc_none, passwords will be stored without encryption in plain
	 * text, allowing for passwords to be recovered later but isn't secure therefore
	 * is not recommended. 
	 * 
	 * The other encryption modules use one-way encryption, so the passwords can not 
	 * be recovered later if those are used.
	 *
	 * NOTE: enc_old is Anope's previous (broken) MD5 implementation, if your databases
	 * were made using that module, continue to use it and do not use enc_md5.
	 *
	 * NOTE: enc_sha1 relies on how the OS stores 2+ byte data internally, and is
	 * potentially broken when moving between 2 different OSes, such as moving from
	 * Linux to Windows. It is recommended that you use enc_sha256 instead if you want
	 * to use an SHA-based encryption. If you choose to do so, it is also recommended
	 * that you first try to get everyone's passwords converted to enc_sha256 before
	 * switching OSes by placing enc_sha256 at the beginning of the list.
	 *
	 * Supported:
	 *  - enc_none (plain text, no encryption)
	 *  - enc_old (old, broken MD5 encryption)
	 *  - enc_md5 (working MD5 encryption)
	 *  - enc_sha1 (SHA1 encryption)
	 *  - enc_sha256 (SHA256 encryption with random salts)
	 *
	 * The first module in this list is the active encryption module. All new passwords are
	 * encrypted by this module. Old passwords stored in another encryption method are
	 * automatically re-encrypted by the active encryption module on next identify.
	 * Changing the order of the modules requires the services to restart.
	 */
	encryption = "enc_md5 enc_none enc_sha1 enc_sha256 enc_old"

	/*
	 * The database modules are used for saving and loading databases for Anope.
	 *
	 * Supported:
	 *  - db_plain
	 *  - db_mysql
	 *  - db_mysql_live
	 *
	 * You may have more than one loaded at once!
	 *
	 * The db_mysql_live module is an extension to db_mysql, and should only be used if
	 * db_mysql is being used. This module pulls data in real time from SQL as it is
	 * requested by the core as a result of someone executing commands.
	 *
	 * This effectively allows you to edit your database and have it be immediately
	 * reflected back in Anope.
	 *
	 * For information on how to make db_mysql_live use asynchronous queries see
	 * m_async_commands.
	 *
	 * At this time db_mysql_live only supports pulling data in real time from the three
	 * main tables: anope_cs_info, anope_ns_alias, and anope_ns_core.
	 *
	 */
	database = "db_plain"

	/*
	 * The socket engine modules are used for managing connections to and from Anope
	 * 
	 * Supported:
	 *  - m_socketengine_select
	 *  - m_socketengine_poll
	 *  - m_socketengine_epoll
	 *
	 * We recommend using epoll if your operating system supports it (Linux 2.6+).
	 */
	socketengine = "m_socketengine_poll"
	
	/*
	 * The maximum length of passwords
	 */
	passlen = 32

	/*
	 * These keys are used to initiate the random number generator. These numbers
	 * MUST be random as you want your passcodes to be random. Don't give these
	 * keys to anyone! Keep them private!
	 *
	 * NOTE: If you don't uncomment these or keep their default values, any talented
	 * programmer would be able to easily "guess" random strings used to mask
	 * information. Be safe, and come up with three different 7-digit numbers.
	 *
	 * These directives are optional, but highly recommended.
	 */
	#userkey1 = 9866235
	#userkey2 = 8362013
	#userkey3 = 2362899

	/*
	 * Allows Services to continue file write operations (i.e. database saving)
	 * even if the original file cannot be backed up. Enabling this option may
	 * allow Services to continue operation under conditions where it might
	 * otherwise fail, such as a nearly-full disk.
	 *
	 * NOTE: Enabling this option can cause irrecoverable data loss under some
	 * conditions, so make CERTAIN you know what you're doing when you enable it!
	 *
	 * This directive is optional, and you are discouraged against enabling it.
	 */
	#nobackupokay = yes

	/*
	 * If set, Services will perform more stringent checks on passwords. If this
	 * isn't set, Services will only disallow a password if it is the same as the
	 * entity (nickname name) with which it is associated. When set, however,
	 * Services will also check that the password is at least five
	 * characters long, and in the future will probably check other things
	 * as well. 
	 * 
	 * This directive is optional, but recommended.
	 */
	strictpasswords = yes

	/*
	 * Sets the number of invalid password tries before Services removes a user
	 * from the network. If a user enters a number of invalid passwords equal to
	 * the given amount for any Services function or combination of functions
	 * during a single IRC session (subject to badpasstimeout, below), Services
	 * will issues a /KILL for the user. If not given, Services will ignore
	 * failed password attempts (though they will be logged in any case).
	 * 
	 * This directive is optional, but recommended.
	 */
	badpasslimit = 5

	/*
	 * Sets the time after which invalid passwords are forgotten about. If a user
	 * does not enter any incorrect passwords in this amount of time, the incorrect
	 * password count will reset to zero. If not given, the timeout will be
	 * disabled, and the incorrect password count will never be reset until the user
	 * disconnects.
	 *
	 * This directive is optional.
	 */
	badpasstimeout = 1h

	/*
	 * Sets the delay between automatic database updates. This time is reset by
	 * the OperServ UPDATE command.
	 */
	updatetimeout = 5m

	/*
	 * Sets the delay between checks for expired nicknames and channels. The
	 * OperServ UPDATE command will also cause a check for expiration and reset
	 * this timer.
	 */
	expiretimeout = 30m

	/*
	 * Sets the timout period for reading from the uplink.
	 */
	readtimeout = 5s

	/*
	 * Sets the interval between sending warning messages for program errors via
	 * WALLOPS/GLOBOPS.
	 */
	warningtimeout = 4h

	/*
	 * Sets the (maximum) frequency at which the timeout list is checked. This,
	 * combined with readtimeout above, determine how accurately timed events,
	 * such as nick kills, occur; it also determines how much CPU time Services
	 * will use doing this. Higher values will cause less accurate timing but
	 * less CPU usage.
	 *
	 * This shouldn't be set any higher than 10 seconds, and 1 second is best
	 * if your system is powerful enough (or your network small enough) to
	 * handle it. 0 will cause the timeout list to be checked every time
	 * through the main loop, which will probably slow down Services too much
	 * to be useful on most networks.
	 *
	 * Note that this value is not an absolute limit on the period between
	 * checks of the timeout list; the previous may be as great as readtimeout
	 * (above) during periods of inactivity.
	 *
	 * If this directive is not given, it will default to 0. See the 2nd paragraph
	 * above for performance impacts if you do this.
	 */
	timeoutcheck = 3s

	/*
	 * Sets the number of days backups of databases are kept. If you don't give it,
	 * or if you set it to 0, Services won't backup the databases.
	 *
	 * NOTE: Services must run 24 hours a day for this feature to work.
	 *
	 * This directive is optional, but recommended.
	 */
	keepbackups = 3

	/*
	 * If set, Services will require a reason when a FORBID is added, else the
	 * reason is optional. This directive also applies to SUSPENDed channels as
	 * well.
	 *
	 * This directive is optional.
	 */
	forceforbidreason = yes

	/*
	 * If set, this will allow users to let Services send PRIVMSGs to them
	 * instead of NOTICEs. Also see the defmsg option of nickserv:defaults,
	 * which also toggles the default communication (PRIVMSG or NOTICE) to
	 * use for unregistered users.
	 *
	 * This is a feature that is against the IRC RFC and should be used ONLY
	 * if absolutely necessary.
	 *
	 * This directive is optional, and not recommended.
	 */
	#useprivmsg = yes

	/*
	 * If set, will force Services to only respond to PRIVMSGs addresses to
	 * Nick@ServerName - e.g. NickServ@localhost.net. This should be used in
	 * conjunction with IRCd aliases. This directive is optional.
	 *
	 * When using Bahamut, this option will NOT work if the uplink server is
	 * configured as a services hub. The serviceshub option is not designed to
	 * be used with Anope.
	 */
	#usestrictprivmsg = yes

	/*
	 * If set, Services will only show /stats o to IRC Operators. This directive
	 * is optional.
	 */
	#hidestatso = yes

	/*
	 * If set, Services will send global messages on starting up and shutting
	 * down/restarting.
	 *
	 * This directive is optional.
	 */
	#globaloncycle = yes

	/*
	 * This is the global message that will be sent when Services are being
	 * shutdown/restarted. This directive is only required if you enable
	 * globaloncycle above.
	 */
	globaloncycledown = "Services are restarting, they will be back shortly - please be good while we're gone"

	/*
	 * This is the global message that will be sent when Services (re)join the
	 * network. This directive is only required if you enable globaloncycle above.
	 */
	globaloncycleup = "Services are now back online - have a nice day"

	/*
	 * If set, Services will hide the IRC operator's nick in a global
	 * message/notice.
	 *
	 * This directive is optional.
	 */
	#anonymousglobal = yes

	/*
	 * Prevents users from registering their nick if they are not connected
	 * for at least the given number of seconds.
	 *
	 * This directive is optional.
	 */
	#nickregdelay = 30

	/*
	 * If set, forbids the registration of nicks that contain an existing
	 * nick with Services access. For example, if Tester is a Services Oper,
	 * you can't register NewTester or Tester123 unless you are an IRC
	 * Operator.
	 *
	 * NOTE: If you enable this, you will have to be logged in as an IRC
	 * operator in order to register a Services Root nick when setting up
	 * Anope for the first time.
	 *
	 * This directive is optional.
	 */
	#restrictopernicks = yes

	/*
	 * The number of LOGON/OPER news items to display when a user logs on.
	 * 
	 * This directive is optional, if no set it will default to 3.
	 */
	#newscount = 3

	/*
	 * A space-separated list of ulined servers on your network, it is assumed that
	 * the servers in this list are allowed to set channel modes and Services will
	 * not attempt to reverse their mode changes.
	 *
	 * WARNING: Do NOT put your normal IRC user servers in this directive.
	 *
	 * This directive is optional.
	 */
	#ulineservers = "stats.your.network"

	/*
	 * Default modes for mode lock, these are set on newly registered channels.
	 */
	mlock = "+nrt"

	/*
	 * Modes that will not be allowed to be locked. Oper only modes such as +O
	 * are always restricted from regular users and are not affected by this.
	 * Leave blank for no restrictions.
	 */
	nomlock = "z"

	/*
	 * Modes to set on service bots when they join channels, comment this out for no modes
	 *
	 * This directive is optional.
	 */
	botmodes = "ao"

	/*
 	 * How many times services should attempt to reconnect to the uplink before giving up
	 * Comment this out to never give up.
	 *
	 * This directive is optional.
	 */
	maxretries = 10

	/*
	 * How long to wait between connection retries, in seconds.
	 */
	retrywait = 60

	/*
	 * If set, Services will hide commands that users doesn't have the privileges to execute
	 * from HELP output.
	 */
	hideprivilegedcommands = no
}

/*
 * [RECOMMENDED] Logging Configuration 
 *
 * This section is used for configuring what is logged and where it is logged to.
 * You may have multiple log blocks if you wish. Remember to properly secure any
 * channels you choose to have Anope log to!
 */
log
{
	/*
	 * Target(s) to log to, which may be one of the following:
	 *   - a channel name
	 *   - globops
	 *   - filename
	 */
	target = "services.log"
	/* Log to both services.log and the channel #services */
	#target = "services.log #services"

	/*
	 * The source(s) to only accept log messages from. Leave commented to allow all sources.
	 * This can be a users name, a channel name, one of our clients (eg, OperServ), or a server name.
	 */
	#source = ""

	/*
	 * The number of days to keep logfiles, only useful if you are logging to a file.
	 * Set to 0 to never delete old logfiles.
	 *
	 * Note that Anope must run 24 hours a day for this feature to work correctly.
	 */
	logage = 7

	/*
	 * Enable to have the core services clients join and stay in the log channel(s) when logging.
	 * Note: on some IRCds this is not optional, and is enforced on.
	 */
	inhabitlogchannel = yes

	/*
	 * What types of log messages should be logged by this block. There are nine general categories:
	 *
	 *  admin      - Execution of admin commands (OperServ, etc).
	 *  override   - A services operator using their powers to execute a command they couldn't normally.
	 *  commands   - Execution of general commands.
	 *  servers    - Server actions, linking, squitting, etc.
	 *  channels   - Actions in channels such as joins, parts, kicks, etc.
	 *  users      - User actions such as connecting, disconnecting, changing name, etc.
	 *  other      - All other messages without a category.
	 *  rawio      - Logs raw input and output from services
	 *  debug      - Debug messages (log files can become VERY large from this).
	 *
	 * These options determine what messages from the categories should be logged. Wildcards are accepted, and
	 * you can also negate values with a ~. For example, "~operserv/akill operserv/*" would log all operserv
	 * messages except for operserv/akill. Note that processing stops at the first matching option, which
	 * means "* ~operserv/*" would log everything because * matches everything.
	 *
	 * Valid admin, override, and command options are:
	 *    pesudo-serv/commandname (eg, operserv/akill, chanserv/set)
	 *
	 * Valid server options are:
	 *    connect, quit, sync
	 *
	 * Valid channel options are:
	 *    create, destroy, join, part, kick, leave, mode
	 *
	 * Valid user options are:
	 *    connect, disconnect, quit, nick, ident, host, mode, maxusers
	 *
	 * Rawio and debug are simple yes/no answers, there are no types for them.
	 *
	 * Note that modules may add their own values to these options.
	 */
	admin = "operserv/*"
	override = "chanserv/* nickserv/* memoserv/set botserv/* ~botserv/set"
	commands = "~operserv/* *"
	servers = "*"
	#channels = "~mode *"
	users = "connect disconnect nick"
	other = "*"
	rawio = no
	debug = no
}

/*
 * A log block to globops some useful things.
 */
log
{
	target = "globops"
	admin = "operserv/global operserv/mode operserv/kick opeserv/akill operserv/s*line operserv/noop operserv/jupe */forbid nickserv/getpass */drop"
}

/*
 * [RECOMMENDED] Oper Access Config
 *
 * This section is used to set up staff access to restricted oper only commands.
 * You may define groups of commands and privileges, as well as who may use them.
 *
 * This block is recommended, as without it you will be unable to access most oper commands.
 * It replaces the old ServicesRoot directive amongst others.
 *
 * Note that third party modules may add additional commands and privileges to this list.
 *
 * Available privileges:
 *  botserv/administration        - Can perform certain BotServ administrative tasks
 *  chanserv/access/modify        - Can modify channel access and akick lists
 *  chanserv/auspex               - Can see any information with /chanserv info
 *  chanserv/no-register-limit    - May register an unlimited number of channels and nicknames
 *  chanserv/set                  - Can modify the settings of any channel (incl. changing of the owner and password!)
 *  memoserv/info                 - Can see any information with /memoserv info
 *  memoserv/set-limit            - Can set the limit of max stored memos on any user and channel
 *  nickserv/auspex               - Can see any information with /nickserv info
 *  nickserv/confirm              - Can confirm other users nicknames
 *  nickserv/drop                 - Can drop other users nicks
 *
 * Available commands:
 *   botserv/bot/del       botserv/bot/add       botserv/bot/change  botserv/assign/private
 *   botserv/botlist       botserv/set/private   botserv/set/nobot
 *
 *   chanserv/access/list     chanserv/drop                 chanserv/forbid           chanserv/getkey
 *   chanserv/list            chanserv/suspend              chanserv/topic            chanserv/status
 *   chanserv/mode
 *
 *   chanserv/saset/bantype   chanserv/saset/description    chanserv/saset/email      chanserv/saset/entrymsg
 *   chanserv/saset/founder   chanserv/saset/keeptopic      chanserv/saset/opnotice
 *   chanserv/saset/peace     chanserv/saset/persist        chanserv/saset/private     chanserv/saset/restricted
 *   chanserv/saset/secure    chanserv/saset/securefounder  chanserv/saset/secureops
 *   chanserv/saset/signkick  chanserv/saset/successor      chanserv/saset/topiclock
 *   chanserv/saset/url       chanserv/saset/xop
 *
 *   memoserv/sendall        memoserv/staff
 *
 *   nickserv/getpass        nickserv/sendpass      nickserv/getemail   nickserv/suspend
 *   nickserv/resetpass
 *
 *   nickserv/saset/autoop   nickserv/saset/email   nickserv/saset/greet
 *   nickserv/saset/icq      nickserv/saset/kill    nickserv/saset/language nickserv/saset/message
 *   nickserv/saset/private  nickserv/saset/secure  nickserv/saset/url      nickserv/saset/noexpire
 *
 *   hostserv/set            hostserv/del
 *
 *   operserv/global       operserv/news         operserv/stats      operserv/kick
 *   operserv/mode         operserv/session      operserv/modlist    operserv/ignore
 *   operserv/chankill     operserv/akill        operserv/sqline     operserv/snline
 *   operserv/szline       operserv/staff        operserv/defcon     operserv/config
 *   operserv/modload      operserv/jupe         operserv/set        operserv/noop
 *   operserv/quit         operserv/update       operserv/reload     operserv/restart
 *   operserv/shutdown     operserv/svsnick      operserv/oline
 *
 * Firstly, we define 'opertypes' which are named whatever we want ('Network Administrator', etc).
 * These can contain commands for oper-only strings (see above) which grants access to that specific command,
 * and privileges (which grant access to more general permissions for the named area).
 * Wildcard entries are permitted for both, e.g. 'commands = "operserv/*"' for all OperServ commands.
 *
 * Below are some default example types, but this is by no means exhaustive,
 * and it is recommended that you configure them to your needs.
 */

opertype
{
	/* The name of this opertype */
	name = "Helper"

	/* What commands (see above) this opertype has */
	commands = "hostserv/*"
}

opertype
{
	/* The name of this opertype */
	name = "Services Operator"

	/* What opertype(s) this inherits from. Seperate with a comma. */
	inherits = "Helper, Another Helper"

	/* What commands (see above) this opertype may use */
	commands = "chanserv/list chanserv/suspend chanserv/status chanserv/topic memoserv/staff nickserv/sendpass nickserv/resetpass nickserv/suspend operserv/mode operserv/chankill operserv/szline operserv/akill operserv/session operserv/modlist operserv/sqline operserv/staff operserv/kick operserv/ignore operserv/snline"

	/* What privs (see above) this opertype has */
	privs = "chanserv/auspex chanserv/no-register-limit memoserv/* nickserv/auxpex nickserv/confirm"
}

opertype
{
	name = "Services Administrator"

	inherits = "Services Operator"

	commands = "chanserv/access/list chanserv/drop chanserv/forbid chanserv/getkey chanserv/set/noexpire memoserv/sendall nickserv/saset/* nickserv/getemail operserv/global operserv/news operserv/jupe operserv/svsnick operserv/stats operserv/oline operserv/defcon operserv/noop"

	privs = "*"
}

opertype
{
	name = "Services Root"

	commands = "*"

	privs = "*"
}

/*
 * After defining different types of operators in the above opertype section, we now define who is in these groups
 * through 'oper' blocks, similar to ircd access.
 *
 * The default is to comment these out (so NOBODY will have Services access).
 * You probably want to add yourself and a few other people at minimum.
 *
 * As with all permissions, make sure to only give trustworthy people access to Services.
 */

oper
{
	/* The nickname of this services oper */
	#name = "nick1"

	/* The opertype this person will have */
	type = "Services Root"

	/* An optional password. If defined the user must login using /operserv login first */
	#password = "secret"

	/* An optional SSL fingerprint. If defined is required to use this opertype. */
	#certfp = "ed3383b3f7d74e89433ddaa4a6e5b2d7"
}

oper
{
	#name = "nick2"
	type = "Services Administrator"
}

oper
{
	#name = "nick3"
	type = "Helper"
}

/*
 * [OPTIONAL] Mail Config
 *
 * This section contains settings related to the use of e-mail from Services.
 * If the usemail directive is set to yes, unless specified otherwise, all other
 * directives are required.
 */
mail
{
	/*
	 * If set, this option enables the mail commands in Services. You may choose
	 * to disable it if you have no Sendmail-compatible mailer installed. Whilst
	 * this directive (and entire block) is optional, it is required if the
	 * nickserv:emailregistration is set to yes.
	 */
	usemail = yes

	/*
	 * This is the command-line that will be used to call the mailer to send an
	 * e-mail. It must be called with all the parameters needed to make it
	 * scan the mail input to find the mail recipient; consult your mailer
	 * documentation.
	 *
	 * Postfix users must use the compatible sendmail utility provided with
	 * it. This one usually needs no parameters on the command-line. Most
	 * sendmail applications (or replacements of it) require the -t option
	 * to be used.
	 */
	sendmailpath = "/usr/sbin/sendmail -t"

	/*
	 * This is the e-mail address from which all the e-mails are to be sent from.
	 * It should really exist.
	 */
	sendfrom = "services@localhost.net"

	/*
	 * If set, SENDPASS and RESETPASS will be restricted to IRC operators.
	 * This directive is optional.
	 *
	 * WARNING: If you choose to not enable this option, you should limit the
	 * number of processes that the services user can have at a time (you can
	 * create a special user for this; remember to NEVER launch Services as
	 * root).
	 */
	restrict = yes

	/*
	 * This controls the minimum amount of time a user must wait before sending
	 * another e-mail after they have sent one. It also controls the minimum time
	 * a user must wait before they can receive another e-mail.
	 *
	 * This feature prevents users from being mail bombed using Services and
	 * it is highly recommended that it be used.
	 *
	 * This directive is optional, but highly recommended.
	 */
	delay = 5m

	/*
	 * If set, Services will not attempt to put quotes around the TO: fields
	 * in e-mails.
	 *
	 * This directive is optional, and as far as we know, it's only needed
	 * if you are using ESMTP or QMail to send out e-mails.
	 */
	#dontquoteaddresses = yes
}

/*
 * [OPTIONAL] DNS Config
 *
 * This section is used to configure DNS.
 * At this time DNS is only used by a few modules (m_dnsbl)
 * and is not required by the core to function.
 */
dns
{
	/* 
	 * The nameserver to use for resolving hostnames, must be an IP or a resolver configuration file.
	 * The below should work fine on all unix like systems. Windows users will have to find their nameservers
	 * from ipconfig /all and put the IP here
	 */
	nameserver = "/etc/resolv.conf"
	#nameserver = "127.0.0.1"

	/*
	 * How long to wait in seconds before a DNS query has timed out
	 */
	timeout = 5
}

/*
 * [REQUIRED] NickServ Config
 *
 * This section is used to set up the Nickname Registration Service pseudo-client.
 * Unless specified otherwise, all directives are required.
 */
nickserv
{
	/*
	 * The nickname of the NickServ client.
	 */
	nick = "NickServ"

	/*
	 * The description of the NickServ client, which will be used as the GECOS 
	 * (real name) of the client.
	 */
	description = "Nickname Registration Service"

	/*
	 * The core modules to load for NickServ. This is a space separated list that corresponds
	 * to the base names of the modules for NickServ.
	 *
	 * This directive is optional, but highly recommended.
	 */
	modules = "ns_help ns_register ns_group ns_identify ns_access ns_cert ns_set ns_saset ns_set_autoop ns_set_email ns_set_greet ns_set_hide ns_set_kill ns_set_language ns_set_message ns_set_private ns_set_secure ns_saset_noexpire ns_drop ns_recover ns_release ns_sendpass ns_ghost ns_alist ns_info ns_list ns_logout ns_status ns_update ns_getpass ns_getemail ns_forbid ns_suspend ns_resetpass ns_ajoin"

	/*
	 * Force users to give an e-mail address when they register a nick.
	 * 
	 * This directive is recommended to be enabled, and required if e-mail registration is enabled.
	 */
	forceemail = yes

	/*
	 * Require users who change their email address to confirm they
	 * own it.
	 */
	confirmemailchanges = no

	/*
	 * Require an e-mail to be sent to the user before they can register their nick.
	 */
	#emailregistration = yes

	/*
	 * The default options for newly registered nicks. Note that changing these options
	 * will have no effect on nicks which are already registered. The list must be separated
	 * by spaces.
	 *
	 * The options are:
	 * -         kill: Kill nick if not identified within 60 seconds
	 * -    killquick: Kill nick if not identified within 20 seconds, this one overrides the above
	 *                   option and the above must be specified with this one
	 * -       secure: Enable nickname security, requiring the nick's password before any operations
	 *                   can be done on it
	 * -      private: Hide the nick from NickServ's LIST command
	 * -    hideemail: Hide's the nick's e-mail address from NickServ's INFO command
	 * - hideusermask: Hide's the nick's last or current user@host from NickServ's INFO command
	 * -     hidequit: Hide's the nick's last quit message
	 * -   memosignon: Notify user if they have a new memo when they sign into the nick
	 * -  memoreceive: Notify user if they have a new memo as soon as it's received
	 * -       autoop: User will be automatically opped in channels they enter and have access to
	 * -          msg: Services messages will be sent as PRIVMSGs instead of NOTICEs, requires UsePrivmsg
	 *                   to be enabled as well
	 *
	 * This directive is optional, if left blank, the options will default to secure, memosignon, and
	 * memoreceive. If you really want no defaults, use "none" by itself as the option.
	 */
	defaults="secure private hideemail hideusermask memosignon memoreceive autoop"

	/*
	 * A list of languages to load on startup that will be available in /nickserv set language.
	 * Useful if you translate Anope to your language. (Explained further in docs/LANGUAGE).
	 * Note that english should not be listed here because it is the base language.
	 */
	languages = "ca_ES de_DE el_GR es_ES fr_FR hu_HU it_IT nl_NL pl_PL pt_PT ru_RU tr_TR"

	/*
	 * Default language that non- and newly-registered nicks will receive messages in.
	 * Leave empty to default to English.
	 */
	#defaultlanguage = "es_ES"

	/*
	 * The minimum length of time between consecutive uses of NickServ's REGISTER command. This
	 * directive is optional, but recommended. If not set, this restriction will be disabled.
	 */
	regdelay = 30s

	/*
	 * The minimum length of time between consecutive uses of NickServ's RESEND command.
	 *
	 * This directive is optional, but recommended. If not set, this restriction will be disabled.
	 */
	resenddelay = 90s

	/*
	 * The length of time before a nick registration expires.
	 *
	 * This directive is optional, but recommended. If not set, the default is 21 days.
	 */
	expire = 21d

	/*
	 * The length of time before a suspended nick becomes unsuspended.
	 *
	 * This directive is optional. If not set, the default is to never.
	 */
	#suspendexpire = 90d

	/*
	 * The lenth of time before a forbidden nick drops.
	 *
	 * This directive is optional. If not set, the default is to never.
	 */
	#forbidexpire = 90d

	/*
	 * The length of time a user using an unconfirmed account has
	 * before the account will be released for general use again.
	 *
	 * This directive is only required if the e-mail registration option is enabled.
	 */
	#unconfirmedexpire = 1d

	/*
	 * The maximum number of nicks allowed in a group.
	 *
	 * This directive is optional, but recommended. If not set or set to 0, no limits will be applied.
	 */
	maxaliases = 16

	/*
	 * The maximum number of entries allowed on a nickname's access list.
	 */
	accessmax = 32

	/*
	 * The username (and possibly hostname) used for the fake user created when NickServ collides
	 * a user. Should be in the user@host format. If the host is not given, the one from ServicesUser
	 * is used.
	 */
	enforceruser = "enforcer"
	#enforceruser = "enforcer@localhost.net"

	/*
	 * The delay before a NickServ collided nick is released.
	 */
	releasetimeout = 1m

	/*
	 * Allow the use of the IMMED option in the NickServ SET KILL command.
	 *
	 * This directive is optional.
	 */
	#allowkillimmed = yes

	/*
	 * If set, the NickServ GROUP command won't allow any group change. This is recommended for
	 * better performance and to protect against nick stealing, however users will have less
	 * flexibility.
	 *
	 * This directive is optional, but recommended.
	 */
	#nogroupchange = yes

	/*
	 * Limits the use of the NickServ LIST command to IRC operators.
	 *
	 * This directive is optional.
	 */
	#listopersonly = yes

	/*
	 * The maximum number of nicks to be returned for a NickServ LIST command.
	 */
	listmax = 50

	/*
	 * When a user's nick is forcibly changed to enforce a "nick kill", their new nick will start
	 * with this value. The rest will be made up of 6 or 7 digits.
	 */
	guestnickprefix = "Guest"

	/*
	 * Prevents the use of the DROP, FORBID, GETPASS, and SET PASSWORD commands by Services Admins
	 * on other Services Admins or the Services Root(s).
	 *
	 * This directive is optional, but recommended.
	 */
	secureadmins = yes

	/*
	 * If set, any user wanting to use the privileges of Services Root, Services Admin, or Services
	 * Operator must have been logged as an IRC Operator with the /oper command.
	 *
	 * This directive is optional, but recommended.
	 */
	strictprivileges = yes

	/*
	 * If set, Services will set the channel modes a user has access to upon identifying, assuming
	 * they are not already set.
	 *
	 * This directive is optional.
	 */
	modeonid = yes

	/*
	 * If set, Services will add the usermask of registering users to the access list of their
	 * newly created account. If not set, users will always have to identify to NickServ before
	 * being recognized, unless they manually add an address to the access list of their account.
	 * This directive is optional.
	 */
	addaccessonreg = yes

	/*
	 * The maximum number of channels a user can have on NickServ's AJOIN command.
	 */
	ajoinmax = 10
}

/*
 * [RECOMMENDED] ChanServ Config
 *
 * This section is used to set up the Channel Registration Service pseudo-client.
 * Unless specified otherwise, all directives are required if you wish to use ChanServ.
 */
chanserv
{
	/*
	 * The nickname of the ChanServ client.
	 */
	nick = "ChanServ"

	/*
	 * The description of the ChanServ client, which will be used as the GECOS 
	 * (real name) of the client.
	 */
	description = "Channel Registration Service"

	/*
	 * The core modules to load for ChanServ. This is a space separated list that corresponds
	 * to the base names of the modules for ChanServ.
	 *
	 * This directive is optional, but highly recommended.
	 */
	modules = "cs_help cs_register cs_set cs_saset cs_saset_noexpire cs_set_bantype cs_set_description cs_set_entrymsg cs_set_founder cs_set_keeptopic cs_set_opnotice cs_set_peace cs_set_persist cs_set_private cs_set_restricted cs_set_secure cs_set_securefounder cs_set_secureops cs_set_signkick cs_set_successor cs_set_topiclock cs_set_xop cs_xop cs_access cs_akick cs_drop cs_ban cs_clearusers cs_modes cs_getkey cs_invite cs_kick cs_list cs_topic cs_info cs_forbid cs_suspend cs_status cs_unban cs_clone cs_mode"

	/*
	 * The default options for newly registered channels. Note that changing these options
	 * will have no effect on channels which are already registered. The list must be separated
	 * by spaces.
	 *
	 * The options are:
	 * -     keeptopic: Retain topic when the channel is not in use
	 * -      opnotice: Send a notice when OP/DEOP commands are used
	 * -         peace: Disallow users from kicking or removing modes from others who are of the same
	 *                    access level or superior
	 * -       private: Hide the channel from ChanServ's LIST command
	 * -    restricted: Kick/ban users who are restricted from the channel
	 * -        secure: Enable channel security, requiring the user to be identified with NickServ in
	 *                    order to be considered for being on the access list of the channel
	 * -     secureops: Only allow operator status to be given if the user is on the access list
	 * - securefounder: Only allow the real founder of the channel to drop the channel, change it's
	 *                    password, or change the founder or successor
	 * -      signkick: Use of ChanServ's KICK command will cause the user's nick to be signed to the kick.
	 * - signkicklevel: Same as above, but the kick will not be signed if the user is at the same access
	 *                    level or superior to the target
	 * -     topiclock: Disallow the topic to be changed except with ChanServ's TOPIC command
	 * -           xop: Enable use of the xOP system
	 * -       persist: Keep the channel open at all times
	 * -          none: No defaults
	 *
	 * This directive is optional, if left blank, the options will default to keetopic, secure, securefounder,
	 * and signkick. If you really want no defaults, use "none" by itself as the option.
	 */
	defaults="keeptopic peace secure securefounder signkick xop"

	/*
	 * The maximum number of channels which may be registered to a single nickname.
	 *
	 * This directive is optional, but recommended.
	 * If not set, there will be no restriction on the numbers of channels a single nickname can have registered.
	 */
	maxregistered = 20

	/*
	 * The length of time before a channel registration expires.
	 *
	 * This directive is optional, but recommended.
	 * If not set, the default is 14 days.
	 */
	expire = 14d

	/*
	 * The length of time before a suspended channel becomes unsuspended.
	 *
	 * This directive is optional.
	 * If not set, the default is to never.
	 */
	#suspendexpire = 90d

	/*
	 * The lenth of time before a forbidden channel drops.
	 *
	 * This directive is optional.
	 * If not set, the default is to never.
	 */
	#forbidexpire = 90d

	/*
	 * The default ban type for newly registered channels (and when importing old databases).
	 *
	 * defbantype can be:
	 *
	 * 0: ban in the form of *!user@host
	 * 1: ban in the form of *!*user@host
	 * 2: ban in the form of *!*@host
	 * 3: ban in the form of *!*user@*.domain
	 */
	defbantype = 2

	/*
	 * The maximum number of entries on a channel's access list.
	 */
	accessmax = 1024

	/*
	 * The maximum number of entries on a channel's autokick list.
	 */
	autokickmax = 32

	/*
	 * The default reason for an autokick if none is given.
	 */
	autokickreason = "User has been banned from the channel"

	/*
	 * The length of time ChanServ stays in a channel after kicking a user from a channel they are not
	 * permitted to be in. This only occurs when the user is the only one in the channel.
	 */
	inhabit = 15s

	/*
	 * Limits the use of the ChanServ LIST command to IRC operators.
	 *
	 * This directive is optional.
	 */
	#listopersonly = yes

	/*
	 * The maximum number of channels to be returned for a ChanServ LIST command.
	 */
	listmax = 50

	/*
	 * Allow only IRC Operators to use ChanServ.
	 *
	 * This directive is optional.
	 */
	#opersonly = yes
}

/*
 * [OPTIONAL] MemoServ Config
 *
 * This section is used to set up the Memo Service pseudo-client. Unless specified otherwise,
 * all directives are required if you wish to use MemoServ.
 */
memoserv
{
	/*
	 * The nickname of the MemoServ client.
	 */
	nick = "MemoServ"

	/*
	 * The description of the MemoServ client, which will be used as the GECOS
	 * (real name) of the client.
	 */
	description = "Memo Service"

	/*
	 * The core modules to load for MemoServ. This is a space separated list that corresponds
	 * to the base names of the modules for MemoServ.
	 * 
	 * This directive is optional, but highly recommended.
	 */
	modules = "ms_send ms_cancel ms_list ms_read ms_del ms_set ms_info ms_rsend ms_check ms_staff ms_sendall ms_ignore ms_help"

	/*
	 * The maximum number of memos a user is allowed to keep by default. Normal users may set the
	 * limit anywhere between 0 and this value. Services Admins can change it to any value or
	 * disable it.
	 *
	 * This directive is optional, but recommended. If not set, the limit is disabled
	 * by default, and normal users can set any limit they want.
	 */
	maxmemos = 20

	/*
	 * The delay between consecutive uses of the MemoServ SEND command. This can help prevent spam
	 * as well as denial-of-service attacks from sending large numbers of memos and filling up disk
	 * space (and memory). The default 3-second wait means a maximum average of 150 bytes of memo
	 * per second per user under the current IRC protocol.
	 *
	 * This directive is optional, but recommended.
	 */
	senddelay = 3s

	/*
	 * Should we notify all appropriate users of a new memo? This applies in cases where a memo is
	 * sent to a nick which is in the group of another nick. Note that, unlike before, it is currently
	 * more efficient to enable this.
	 *
	 * This directive is optional.
	 */
	notifyall = yes

	/*
	 * Allow the use of memo receipts for the following groups:
	 *
	 * 1 - Opers Only
	 * 2 - Everybody
	 *
	 * This directive is optional.
	 */
	#memoreceipt = 1
}

/*
 * [OPTIONAL] BotServ Config
 *
 * This section is used to set up the Bot Service pseudo-client. The block is optional and can be
 * removed if you do not wish to have BotServ on your network. Unless specified otherwise,
 * all directives are required if you do wish to use BotServ.
 */
botserv
{
	/*
	 * The nickname of the BotServ client.
	 */
	nick = "BotServ"

	/*
	 * The description of the BotServ client, which will be used as the GECOS
	 * (real name) of the client.
	 */
	description = "Bot Service"

	/*
	 * The core modules to load for BotServ. This is a space separated list that corresponds
	 * to the base names of the modules for BotServ. 
	 *
	 * This directive is optional, but highly recommended.
	 */
	modules = "bs_help bs_botlist bs_assign bs_set bs_kick bs_badwords bs_act bs_info bs_say bs_unassign bs_bot"

	/*
	 * The default bot options for newly registered channels. Note that changing these options
	 * will have no effect on channels which are already registered. The list must be separated
	 * by spaces.
	 *
	 * The options are:
	 * -    dontkickops: Channel operators will be protected against BotServ kicks
	 * - dontkickvoices: Voiced users will be protected against BotServ kicks
	 * -          greet: The channel's BotServ bot will greet incoming users that have set a greet
	 *                     in their NickServ settings
	 * -        fantasy: Enables the use of BotServ fantasy commands in the channel
	 * -      symbiosis: Causes the BotServ bot to do all actions that would normally have been
	 *                     done by ChanServ
	 *
	 * This directive is optional, if left blank, there will be no defaults.
	 */
	defaults="greet fantasy symbiosis"

	/*
	 * The minimum number of users there must be in a channel before the bot joins it. The best
	 * value for this setting is 1 or 2. This can be 0, the service bots will not part unless
	 * specifically unassigned, and will keep the channel open.
	 */
	minusers = 1

	/*
	 * The maximum number of entries a single bad words list can have. Setting it too high can
	 * reduce performance slightly.
	 */
	badwordsmax = 32

	/*
	 * The amount of time that data for a user is valid in BotServ. If the data exceeds this time,
	 * it is reset or deleted depending on the case. Do not set it too high, otherwise your
	 * resources will be slightly affected.
	 */
	keepdata = 10m

	/*
	 * The bots are currently not affected by any modes or bans when they try to join a channel.
	 * But some people may want to make it act like a real bot, that is, for example, remove all
	 * the bans affecting the bot before joining the channel, remove a ban that affects the bot
	 * set by a user when it is in the channel, and so on. Since it consumes a bit more CPU
	 * time, you should not enable this on larger networks.
	 *
	 * This directive is optional.
	 */
	#smartjoin = yes

	/*
	 * If set, the bots will use a kick reason that does not state the word when it is kicking.
	 * This is especially useful if you have young people on your network.
	 *
	 * This directive is optional.
	 */
	gentlebadwordreason = yes

	/*
	 * If set, BotServ will use case sensitive checking for badwords.
	 *
	 * This directive is optional.
	 */
	#casesensitive = yes

	/*
	 * Defines the prefix for fantasy commands in channels. This character will have to be prepended
	 * to all fantasy commands. If you choose "!", for example, fantasy commands will be "!kick",
	 * "!op", etc. This directive is optional, if left out, the default fantasy character is "!".
	 */
	#fantasycharacter = "!"
}

/*
 * [OPTIONAL] HostServ Config
 *
 * This section is used to set up the vHost Service pseudo-client.
 *
 * The block is optional and can be removed if you do not wish to have HostServ on your network.
 *
 * Unless specified otherwise, all directives are required if you do wish to use HostServ.
 */
hostserv
{
	/*
	 * The nickname of the HostServ client.
	 */
	nick = "HostServ"

	/*
	 * The description of the HostServ client, which will be used as the GECOS
	 * (real name) of the client.
	 */
	description = "vHost Service"

	/*
	 * The core modules to load for HostServ. This is a space separated list that corresponds
	 * to the base names of the modules for HostServ.
	 *
	 * This directive is optional, but highly recommended.
	 */
	modules = "hs_help hs_on hs_off hs_group hs_list hs_set hs_setall hs_del hs_delall"
}

/*
 * [RECOMMENDED] OperServ Config
 *
 * This section is used to set up the Operator Service pseudo-client. Unless specified otherwise,
 * all directives are required if you wish to use OperServ.
 */
operserv
{
	/*
	 * The nickname of the OperServ client.
	 */
	nick = "OperServ"

	/*
	 * The description of the OperServ client, which will be used as the GECOS
	 * (real name) of the client.
	 */
	description = "Operator Service"

	/*
	 * The core modules to load for OperServ. This is a space separated list that corresponds
	 * to the base names of the modules for OperServ.
	 *
	 * This directive is optional, but highly recommended.
	 */
	modules = "os_help os_global os_stats os_staff os_mode os_kick os_akill os_snline os_sqline os_szline os_chanlist os_userlist os_news os_session os_noop os_jupe os_ignore os_set os_reload os_update os_restart os_quit os_shutdown os_defcon os_chankill os_svsnick os_oline os_modload os_modunload os_modreload os_modlist os_modinfo os_config os_login"

	/*
	 * If set, Services Admins will be able to use SUPERADMIN [ON|OFF] which will temporarily grant
	 * them extra privileges such as being a founder on ALL channels, ability to adjust another
	 * users' modes, etc.
	 *
	 * This directive is optional.
	 */
	#superadmin = yes

	/*
	 * These define the default expiration times for, respectively, AKILLs, CHANKILLs, SNLINEs,
	 * SQLINEs, and SZLINEs.
	 */
	autokillexpiry = 30d
	chankillexpiry = 30d
	snlineexpiry = 30d
	sqlineexpiry = 30d
	szlineexpiry = 30d

	/*
	 * If set, this option will make Services send an AKILL command immediately after it has been
	 * added with AKILL ADD. This eliminates the need for killing the user after the AKILL has
	 * been added.
	 *
	 * This directive is optional, but recommended.
	 */
	akillonadd = yes

	/*
	 * If set, this option will make Services send an (SVS)KILL command immediately after SNLINE ADD.
	 * This eliminates the need for killingthe user after the SNLINE has been added.
	 *
	 *This directive is optional.
	 */
	#killonsnline = yes

	/*
	 * If set, this option will make Services send an (SVS)KILL command immediately after SQLINE ADD.
	 * This eliminates the need for killingthe user after the SQLINE has been added.
	 *
	 * This directive is optional.
	 */
	#killonsqline = yes

	/*
	 * Defines what actions should trigger notifications. The list must be separated by spaces.
	 *
	 * The notifications are:
	 * -            oper: A user has become an IRC operator
	 * -           bados: A non-IRCop attempts to use OperServ
	 * -     akillexpire: An AKILL has expired
	 * -    snlineexpire: An SNLINE has expired
	 * -    sqlineexpire: An SQLINE has expired
	 * -    szlineexpire: An SZLINE has expired
	 * - exceptionexpire: A session exception has expired
	 *
	 * This directive is optional, if left blank, there will be no notifications.
	 */
	notifications="oper"

	/*
	 * Enables session limiting. Session limiting prevents users from connecting more than a certain
	 * number of times from the same host at the same time - thus preventing most types of cloning.
	 * Once a host reaches it's session limit, all clients attempting to connect from that host will
	 * be killed. Exceptions to the default session limit can be defined via the exception list. It
	 * should be noted that session limiting, along with a large exception list, can degrade Services'
	 * performance.
	 *
	 * See the source and comments in sessions.c and the online help for more information about
	 * session limiting.
	 *
	 * This directive is optional.
	 */
	limitsessions = yes

	/*
	 * Default session limit per host. Once a host reaches it's session limit, all clients attempting
	 * to connect from that host will be killed. A value of zero means an unlimited session limit.
	 *
	 * This directive is optional.
	 * If not given and session limiting is enabled, it will default to no limit.
	 */
	defaultsessionlimit = 3

	/*
	 * The maximum session limit that may be set for a host in an exception.
	 *
	 * This directive is only required if session limiting is enabled.
	 */
	maxsessionlimit = 100

	/*
	 * Sets the default expiry time for session exceptions.
	 *
	 * This directive is only required if session limiting is enabled.
	 */
	exceptionexpiry = 1d

	/*
	 * The message that will be NOTICE'd to a user just before they are removed from the network because
	 * their host's session limit has been exceeded. It may be used to give a slightly more descriptive
	 * reason for the impending kill as opposed to simply "Session limit exceeded".
	 *
	 * This directive is optional, if not set, nothing will be sent.
	 */
	sessionlimitexceeded = "The session limit for your host %s has been exceeded."

	/*
	 * Same as above, but should be used to provide a website address where users can find out more
	 * about session limits and how to go about applying for an exception.
	 *
	 * Note: This directive has been intentionally commented out in an effort to remind you to change
	 * the URL it contains. It is recommended that you supply an address/URL where people can get help
	 * regarding session limits.
	 *
	 * This directive is optional, if not set, nothing will be sent.
	 */
	#sessionlimitdetailsloc = "Please visit http://your.website.url/ for more information about session limits."

	/*
	 * If set and is not 0, this directive tells Services to add an AKILL the number of subsequent kills
	 * for the same host exceeds this value, preventing the network from experiencing KILL floods.
	 *
	 * This directive is optional.
	 */
	maxsessionkill = 15

	/*
	 * Sets the expiry time for AKILLs set for hosts exceeding the maxsessionkill directive limit.
	 *
	 * This directive is optional, if not set, defaults to 30 minutes.
	 */
	sessionautokillexpiry = 30m

	/*
	 * Adds the nickname of the IRC Operator issuing an AKILL to the kill reason.
	 *
	 * This directive is optional.
	 */
	addakiller = yes

	/*
	 * If set, only IRC Operators will be permitted to use OperServ, regardless of module-based command
	 * access restrictions.
	 *
	 * This directive is optional, but recommended.
	 */
	opersonly = yes
}

/*
 * [RECOMMENDED] Global Config
 *
 * This section is used to set up the Global pseudo-client. Unless specified otherwise,
 * all directives are required if you wish to use Global.
 *
 * Globals two main functions are for sending globals and for logging miscellaneous data to
 * the log channel(s). If disabled, many logs will NOT be sent to the log channel(s).
 */
global
{
	/*
	 * The nickname of the Global client.
	 */
	nick = "Global"

	/*
	 * The description of the Global client, which will be used as the GECOS
	 * (real name) of the client.
	 */
	description = "Global Noticer"
}

/*
 * [OPTIONAL] DefCon Config
 *
 * This section is used to set up the DefCon system of OperServ. The block is optional and can be
 * removed if you wish to disable DefCon in it's entirety. Unless specified otherwise, all directives
 * are required if you do wish to use DefCon.
 */
defcon
{
	/*
	 * Default DefCon level (1-5) to use when starting Services up. Level 5 constitutes normal operation
	 * while level 1 constitutes the most restrictive operation. If this setting is left out or set to
	 * 0, DefCon will be disabled and the rest of this block will be ignored.
	 */
	#defaultlevel = 5

	/*
	 * The following 4 directives define what operations will take place when DefCon is set to levels
	 * 1 through 4. Each level is a list that must be separated by spaces.
	 *
	 * The following operations can be defined at each level:
	 * - nonewchannels: Disables registering new channels
	 * - nonewnicks: Disables registering new nicks
	 * - nomlockchanges: Disables changing MLOCK on registered channels
	 * - forcechanmodes: Forces all channels to have the modes given in the later chanmodes directive
	 * - reducedsessions: Reduces the session limit to the value given in the later sessionlimit directive
	 * - nonewclients: KILL any new clients trying to connect
	 * - operonly: Services will ignore all non-IRCops
	 * - silentoperonly: Services will silently ignore all non-IRCops
	 * - akillnewclients: AKILL any new clients trying to connect
	 * - nonewmemos: No new memos will be sent to block MemoServ attacks
	 */
	level4 = "nonewchannels nonewnicks nomlockchanges reducedsessions"
	level3 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions"
	level2 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly"
	level1 = "nonewchannels nonewnicks nomlockchanges forcechanmodes reducedsessions silentoperonly akillnewclients"

	/*
	 * New session limit to use when a DefCon level is using "reduced" session limiting.
	 */
	#sessionlimit = 2

	/*
	 * Length of time to add an AKILL for when DefCon is preventing new clients from connecting to the
	 * network.
	 */
	#akillexpire = 5m

	/*
	 * The channel modes to set on all channels when the DefCon channel mode system is in use.
	 *
	 * Note 1: Choose these modes carefully, because when DefCon switches to a level which does NOT have
	 * the mode setting selected, Services will set the reverse on all channels, e.g. if this setting
	 * is +RN when DefCon is used, all channels will be set to +RN, when DefCon is removed, all
	 * channels will be set to -RN. You don't want to set this to +k for example, because when DefCon
	 * is removed all channels with -k.
	 *
	 * Note 2: MLOCKed modes will not be lost.
	 */
	#chanmodes = "+R"

	/*
	 * This value can be used to automatically return the network to DefCon level 5 after the specified
	 * time period, just in case any IRC Operator forgets to remove a DefCon setting.
	 *
	 * This directive is optional.
	 */
	#timeout = 15m

	/*
	 * If set, Services will send a global message on DefCon level changes.
	 *
	 * This directive is optional.
	 */
	#globalondefcon = yes

	/*
	 * If set, Services will send the global message defined in the message directive on DefCon level
	 * changes.
	 *
	 * This directive is optional.
	 */
	#globalondefconmore = yes

	/*
	 * Defines the message that will be sent on DefCon level changes when globalondefconmore is set.
	 *
	 * This directive is required only when globalondefconmore is set.
	 */
	#message = "Put your message to send your users here. Dont forget to uncomment globalondefconmore"

	/*
	 * Defines the message that will be sent when DefCon is returned to level 5. This directive is optional,
	 * and will also override globalondefcon and globalondefconmore when set.
	 */
	#offmessage = "Services are now back to normal, sorry for any inconvenience"

	/*
	 * Defines the reason to use when clients are KILLed or AKILLed from the network while the proper
	 * DefCon operation is in effect.
	 */
	#akillreason = "This network is currently not accepting connections, please try again later"
}

/*
 * [OPTIONAL] Additional includes
 *
 * You can include additional configuration files here.
 * You may also include executable files, which will be executed and
 * the output from it will be included into your configuration.
 */
include
{
	#type = "file"
	#name = "some_other.conf"	
}
include
{
	#type = "executable"
	#name = "/usr/bin/wget -q -O - http://some.miconfigured.network.com/services.conf"
}

/*
 * [OPTIONAL] Non-Core Modules
 *
 * The following blocks are used to load all non-core modules, including 3rd-party modules.
 * Modules can be prevented from loading by commenting out the line, other modules can be added by
 * adding a module block. These modules will be loaded prior to Services connecting to your network.
 */

/*
 * cs_appendtopic
 *
 * Adds the APPENDTOPIC command to ChanServ, which allows users to easially append text to
 * the end of existing channel topics.
 */
module { name = "cs_appendtopic" }

/*
 * cs_enforce
 *
 * Adds the ENFORCE commad to ChanServ, which allows enforcing various channel settings like
 * SECUREOPS and RESTRICTED.
 */
module { name = "cs_enforce" }

/*
 * cs_entrymsg
 *
 * Allows you to set entry messages on your channel, which are shown to anyone
 * who joins.
 */
module { name = "cs_entrymsg" }
cs_entrymsg
{
	/* The maximum number of entrymsgs allowed per channel. If not set, defaults to 5. */
	maxentries = 5
}

/*
 * cs_set_misc
 *
 * Allows you to create misc /chanserv set commands, and have the data
 * show up in /chanserv info
 */
module { name = "cs_set_misc" }
cs_set_misc
{
	/* The name of the command */
	name = "OINFO"
	/* A short description of the command */
	desc = "Associate oper only information to this channel"
	/* Set to yes if only opers and privileged users can set it and see it */
	privileged = yes
}
cs_set_misc
{
	name = "URL"
	desc = "Associate a URL with the channel"
}
cs_set_misc
{
	name = "EMAIL"
	desc = "Associate an EMail with the channel"
}

/*
 * db_plain
 *
 * This is the default flatfile database format
 */
db_plain
{
	/*
	 * The database db_plain should use
	 */
	database = "anope.db"
}

/*
 * hs_request
 *
 * Allows users to request vhosts which opers may then view, accept or deny
 */
module { name = "hs_request" }
hs_request
{
	/*
	 * If set, Services will send a memo to the user requesting a vHost when it's been
	 * approved or rejected.
	 */
	#memouser = yes

	/*
	 * If set, Services will send a memo to all Services staff when a new vHost is requested.
	 */
	#memooper = yes
}

/*
 * m_alias
 *
 * Allows you to create custom command aliases.
 */
module { name = "m_alias" }
alias
{
	/* Set to yes to make this alias triggerable by fantasy commands. */
	fantasy = no
	/* Set to yes to make this alias oper only */
	operonly = no

	/* Source client and command.
	 */
	source_client = "NickServ"
	source_command = "ID"

	/* Target client and command.
	 */
	target_client = "NickServ"
	target_command = "IDENTIFY"
}
/* Provides the !k fantasy command */
alias
{
	fantasy = yes
	source_command = "K"

	target_client = "ChanServ"
	target_command = "KICK"
	
}
/* Provides the !kb fantasy command */
alias
{
	fantasy = yes
	source_command = "KB"

	target_client = "ChanServ"
	target_command = "BAN"
}

/*
 * m_async_commands
 *
 * Threads for each command executed by users. You should
 * only load this if you are using a module designed to work with this.
 *
 * If this is loaded with db_mysql_live then Anope will support
 * processing multiple commands at once which will negate the "lag"
 * issues caused from the overhead of SQL queries by db_mysq_live.
 *
 * Note that this module is currently EXPERIMENTAL and you should report
 * any bugs you find.
 */
#module { name = "m_async_commands" }

/* m_dnsbl
 *
 * Allows configurable DNS blacklists to check connecting users against. If a user
 * is found on the blacklist they will be immediately banned. This is a crucial module
 * to prevent bot attacks.
 */
module { name = "m_dnsbl" }
m_dnsbl
{
	/*
	 * If set, Services will check clients against the DNSBLs when services connect to its uplink.
	 * This is not recommended, and on large networks will open a very large amount of DNS queries.
	 * Whilst services are not drastically affected by this, your nameserver/DNSBL might care.
	 */
	check_on_connect = no

	/*
	 * If set, Services will check clients when coming back from a netsplit. This can cause a large number
	 * of DNS queries open at once. Whilst services are not drastically affected by this, your nameserver/DNSBL
	 * might care.
	 */
	check_on_netburst = no

	/*
	 * If set, OperServ will add clients found in the DNSBL to the akill list. Without it, OperServ simply sends
	 * a timed G/K-line to the IRCd and forgets about it. Can be useful if your akill list is being fill up by bots.
	 */
	add_to_akill = yes
}
blacklist
{
	/* Name of the blacklist */
	name = "rbl.efnetrbl.org"

	/* How long to set the ban for */
	time = 4h

	/* Reason for akill.
	 * %n is the nick of the user
	 * %u is the ident/username of the user
	 * %g is the realname of the user
	 * %h is the hostname of the user
	 * %i is the IP of the user
	 * %r is the reason (configured below). Will be nothing if not configured.
	 * %N is the network name set in networkinfo:networkname
	 */
	reason = "You are listed in the efnet RBL, visit http://rbl.efnetrbl.org/?i=%i for info"

	/* Replies to ban and their reason. If this is totally ommited all replies get banned */
	1 = "Open Proxy"
	/* Don't ban for result 2 or 3 */
	#2 = "spamtrap666"
	#3 = "spamtrap50"
	4 = "TOR"
	5 = "Drones / Flooding"
}
blacklist
{
	name = "dnsbl.dronebl.org"
	time = 4h
	reason = "You have a host listed in the DroneBL. For more information, visit http://dronebl.org/lookup_branded.do?ip=%i&network=%N"
}

/* m_helpchan
 *
 * Gives users who are op in the specified help channel usermode +h (helpop).
 */
#module { name = "m_helpchan" }
m_helpchan
{
	helpchannel = "#help"
}

/*
 * m_ldap
 *
 * This module allows other modules to use LDAP. By itself, this module does nothing useful.
 */
#module { name = "m_ldap" }
ldap
{
	server = "ldap://127.0.0.1"
	port = 389
}

/*
 * m_ldap_authentication
 *
 * This module allows many commands such as IDENTIFY, RELEASE, RECOVER, GHOST, etc. use
 * LDAP to authenticate users. Requires m_ldap.
*/
#module { name = "m_ldap_authentication" }
m_ldap_authentication
{
	/*
	 * The distinguished name we should bind to when a user tries to identify.
	 */
	binddn = "ou=users,dc=anope,dc=org"

	/*
	 * The attribute value used for account names.
	 */
	username_attribute = "uid"

	/*
	 * The attribute value used for email addresses.
	 * This directive is optional.
	 */
	email_attribute = "email"

	/*
	 * Enable to have this module disable /nickserv register.
	 */
	disable_ns_register = true

	/*
	 * The reason to give the users who try to /ns register.
	 */
	disable_reason = "Registration has been disabled."
	#disable_reason = "To register on this network visit http://some.misconfigured.site/register"
}

/*
 * m_ldap_oper
 *
 * This module dynamically ties users to Anope opertypes when they identify
 * via LDAP group membership. Requires m_ldap.
 *
 * Note that this doesn't give the user privileges on the IRCd, only in Services.
 */
#module { name = "m_ldap_oper" }
m_ldap_oper
{
	/*
	 * An optional binddn to use when searching for groups.
	 * %a is replaced with the account name of the user.
	 */
	#binddn = "cn=Manager,dc=anope,dc=org"

	/*
	 * An optional password to bind with.
	 */
	#password = "secret"

	/*
	 * The base DN where the groups are.
	 */
	basedn = "ou=groups,dc=anope,dc=org"

	/*
	 * The filter to use when searching for users.
	 * %a is replaced with the account name of the user.
	 */
	filter = "(member=uid=%a,ou=users,dc=anope,dc=org)"

	/*
	 * The attribute of the group that is the name of the opertype.
	 * The cn attribute should match a known opertype in the config.
	 */
	opertype_attribute = "cn"
}

/*
 * m_mysql
 *
 * This module allows other modules (db_mysql/db_mysql_live) to use MySQL.
 * Be sure you have imported the table schema with mydbgen before
 * trying to use MySQL
 */
#module { name = "m_mysql" }
mysql
{
	database = "anope"
	server = "127.0.0.1"
	username = "anope"
	password = "mypassword"
	port = 3306
}

/*
 * m_ssl
 *
 * This module uses SSL to connect to the uplink server(s)
 */
module { name = "m_ssl" }

/* 
 * m_xmlrpc
 *
 * Allows remote applications (websites) to execute queries in real time to retrieve data from Anope.
 * By itself this module does nothing, but allows other modules (m_xmlrpc_main) to receive and send XMLRPC queries.
 */
#module { name = "m_xmlrpc" }
m_xmlrpc
{
	/* IP to listen on */
	bindip = "127.0.0.1"
	/* Port to listen on */
	port = 26673
	/* Enable for IPv6 */
	ipv6 = no
	/* If enabled, requires m_ssl to be loaded */
	ssl = no
        /* IPs allowed to connect (separate with spaces), this should be secured. We also recommend you firewall this
         * with an outside program to increase security.
         */
	allowed = "127.0.0.0/24"
}

/*
 * m_xmlrpc_main
 *
 * Adds the main XMLRPC core functions.
 * Requires m_xmlrpc.
 */
#module { name = "m_xmlrpc_main" }

/*
 * ns_maxemail
 *
 * Limits how many times the same email address may be used in Anope
 * to register accounts.
 */
module { name = "ns_maxemail" }
ns_maxemail
{
	/*
	 * The limit to how many registered nicks can use the same e-mail address. If set to 0 or left
	 * commented, there will be no limit enforced when registering new accounts or using
	 * /msg NickServ SET EMAIL.
	 */
	#maxemails = 1
}

/*
 * ns_set_misc
 *
 * Allows you to create misc /nickserv set commands, and have the data
 * show up in /nickserv info
 */
module { name = "ns_set_misc" }
ns_set_misc
{
	name = "OINFO"
	desc = "Associate oper only information to this nick"
	privileged = yes
}
ns_set_misc
{
	name = "URL"
	desc = "Associate a URL with the nick"
}
ns_set_misc
{
	name = "ICQ"
	desc = "Associate an ICQ number with the nick"
}