X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=doc%2Fsample-ngircd.conf.tmpl;h=997a983d2bc08fbeb9bc9b2250bd487c631e779d;hp=b4a498d456575f5880043a812f1074e2ee7593d7;hb=48326e061aacd954e24f76c53ded10448cbc28eb;hpb=eba14d937d7d8980a1d178ca0066c577bf66c806 diff --git a/doc/sample-ngircd.conf.tmpl b/doc/sample-ngircd.conf.tmpl index b4a498d4..997a983d 100644 --- a/doc/sample-ngircd.conf.tmpl +++ b/doc/sample-ngircd.conf.tmpl @@ -12,7 +12,8 @@ # Use "ngircd --configtest" (see manual page ngircd(8)) to validate that the # server interprets the configuration file as expected! # -# Please see ngircd.conf(5) for a complete list of configuration options. +# Please see ngircd.conf(5) for a complete list of configuration options +# and their descriptions. # [Global] @@ -56,7 +57,7 @@ # This tells ngIRCd to write its current process ID to a file. # Note that the pidfile is written AFTER chroot and switching the # user ID, e.g. the directory the pidfile resides in must be - # writeable by the ngIRCd user and exist in the chroot directory. + # writable by the ngIRCd user and exist in the chroot directory. ;PidFile = /var/run/ngircd/ngircd.pid # Ports on which the server should listen. There may be more than @@ -94,11 +95,15 @@ # Maximum number of channels a user can be member of (0: no limit): ;MaxJoins = 10 - # Maximum length of an user nick name (Default: 9, as in RFC 2812). + # Maximum length of an user nickname (Default: 9, as in RFC 2812). # Please note that all servers in an IRC network MUST use the same - # maximum nick name length! + # maximum nickname length! ;MaxNickLength = 9 + # Maximum number of channels returned in response to a /list + # command (0: unlimited): + ;MaxListSize = 100 + # After seconds of inactivity the server will send a # PING to the peer to test whether it is alive or not. ;PingTimeout = 120 @@ -109,7 +114,7 @@ [Options] # Optional features and configuration options to further tweak the - # behavior of ngIRCd. If you wan't to get started quickly, you most + # behavior of ngIRCd. If you want to get started quickly, you most # probably don't have to make changes here -- they are all optional. # Are remote IRC operators allowed to control this server, e.g. @@ -124,11 +129,19 @@ ;ChrootDir = /var/empty # Set this hostname for every client instead of the real one. - # Please note: don't use the percentage sign ("%"), it is reserved for - # future extensions! - ;CloakHost = irc.example.net + # Use %x to add the hashed value of the original hostname. + ;CloakHost = cloaked.host + + # Use this hostname for hostname cloaking on clients that have the + # user mode "+x" set, instead of the name of the server. + # Use %x to add the hashed value of the original hostname. + ;CloakHostModeX = cloaked.user - # Set every clients' user name to their nick name + # The Salt for cloaked hostname hashing. When undefined a random + # hash is generated after each server start. + ;CloakHostSalt = abcdefghijklmnopqrstuvwxyz + + # Set every clients' user name to their nickname ;CloakUserToNick = yes # Try to connect to other IRC servers using IPv4 and IPv6, if possible. @@ -139,8 +152,14 @@ ;DNS = yes # Do IDENT lookups if ngIRCd has been compiled with support for it. + # Users identified using IDENT are registered without the "~" character + # prepended to their user name. ;Ident = yes + # Enhance user privacy slightly (useful for IRC server on TOR or I2P) + # by censoring some information like idle time, logon time, etc. + ;MorePrivacy = no + # Normally ngIRCd doesn't send any messages to a client until it is # registered. Enable this option to let the daemon send "NOTICE AUTH" # messages to clients while connecting. @@ -150,12 +169,30 @@ # they are not(!) channel-operators? ;OperCanUseMode = no + # Should IRC Operators get AutoOp (+o) in persistent (+P) channels? + ;OperChanPAutoOp = yes + # Mask IRC Operator mode requests as if they were coming from the # server? (This is a compatibility hack for ircd-irc2 servers) ;OperServerMode = no # Use PAM if ngIRCd has been compiled with support for it. - ;PAM = no + # Users identified using PAM are registered without the "~" character + # prepended to their user name. + ;PAM = yes + + # When PAM is enabled, all clients are required to be authenticated + # using PAM; connecting to the server without successful PAM + # authentication isn't possible. + # If this option is set, clients not sending a password are still + # allowed to connect: they won't become "identified" and keep the "~" + # character prepended to their supplied user name. + # Please note: To make some use of this behavior, it most probably + # isn't useful to enable "Ident", "PAM" and "PAMIsOptional" at the + # same time, because you wouldn't be able to distinguish between + # Ident'ified and PAM-authenticated users: both don't have a "~" + # character prepended to their respective user names! + ;PAMIsOptional = no # Allow Pre-Defined Channels only (see Section [Channels]) ;PredefChannelsOnly = no @@ -165,38 +202,46 @@ # "PONG" reply. ;RequireAuthPing = no - # SSL Server Key Certificate - ;SSLCertFile = :ETCDIR:/ssl/server-cert.pem - - # Diffie-Hellman parameters - ;SSLDHFile = :ETCDIR:/ssl/dhparams.pem - - # SSL Server Key - ;SSLKeyFile = :ETCDIR:/ssl/server-key.pem - - # password to decrypt SSLKeyFile (OpenSSL only) - ;SSLKeyFilePassword = secret - - # Additional Listen Ports that expect SSL/TLS encrypted connections - ;SSLPorts = 6697, 9999 + # Silently drop all incoming CTCP requests. + ;ScrubCTCP = no # Syslog "facility" to which ngIRCd should send log messages. # Possible values are system dependent, but most probably auth, daemon, # user and local1 through local7 are possible values; see syslog(3). # Default is "local5" for historical reasons, you probably want to # change this to "daemon", for example. - SyslogFacility = local1 + ;SyslogFacility = local1 # Password required for using the WEBIRC command used by some # Web-to-IRC gateways. If not set/empty, the WEBIRC command can't # be used. (Default: not set) ;WebircPassword = xyz +;[SSL] + # SSL-related configuration options. Please note that this section + # is only available when ngIRCd is compiled with support for SSL! + # So don't forget to remove the ";" above if this is the case ... + + # SSL Server Key Certificate + ;CertFile = :ETCDIR:/ssl/server-cert.pem + + # Diffie-Hellman parameters + ;DHFile = :ETCDIR:/ssl/dhparams.pem + + # SSL Server Key + ;KeyFile = :ETCDIR:/ssl/server-key.pem + + # password to decrypt SSLKeyFile (OpenSSL only) + ;KeyFilePassword = secret + + # Additional Listen Ports that expect SSL/TLS encrypted connections + ;Ports = 6697, 9999 + [Operator] # [Operator] sections are used to define IRC Operators. There may be # more than one [Operator] block, one for each local operator. - # ID of the operator (may be different of the nick name) + # ID of the operator (may be different of the nickname) ;Name = TheOper # Password of the IRC operator @@ -259,15 +304,16 @@ # Connect to the remote server using TLS/SSL (Default: false) ;SSLConnect = yes - # Define a (case insensitive) mask matching nick names that should be - # treated as IRC services when introduced via this remote server. + # Define a (case insensitive) list of masks matching nicknames that + # should be treated as IRC services when introduced via this remote + # server, separated by commas (","). # REGULAR SERVERS DON'T NEED this parameter, so leave it empty # (which is the default). # When you are connecting IRC services which mask as a IRC server # and which use "virtual users" to communicate with, for example # "NickServ" and "ChanServ", you should set this parameter to - # something like "*Serv". - ;ServiceMask = *Serv + # something like "*Serv" or "NickServ,ChanServ,XyzServ". + ;ServiceMask = *Serv,Global [Server] # More [Server] sections, if you like ...