ngIRCd - Next Generation IRC Server
+ http://ngircd.barton.de/
- (c)2001-2009 Alexander Barton,
- alex@barton.de, http://www.barton.de/
-
+ (c)2001-2011 Alexander Barton and Contributors.
ngIRCd is free software and published under the
terms of the GNU General Public License.
ngIRCd - Next Generation IRC Server
+ http://ngircd.barton.de/
- (c)2001-2010 Alexander Barton,
- alex@barton.de, http://www.barton.de/
-
+ (c)2001-2011 Alexander Barton and Contributors.
ngIRCd is free software and published under the
terms of the GNU General Public License.
-- ChangeLog --
+ngIRCd Release 18
+
+ ngIRCd 18~rc1 (2011-06-27)
+ - PAM warning message: make clear which "Password" config option is ignored.
+ - New configuration opion "MorePrivacy" to "censor" some user information.
+ When enabled, signon time and idle time is censored. Part and quit
+ messages are made to look the same. WHOWAS requests are silently dropped.
+ All of this is useful if one wish to conceal users that access the ngircd
+ servers from TOR or I2P.
+ - New configuration option "ScrubCTCP" to scrub incoming CTCP commands. If
+ activated, the server silently drops incomming CTCP requests from both
+ other servers and from users. The server that scrubs CTCP will not forward
+ the CTCP requests to other servers in the network either, which can spell
+ trouble if not every oper knows about the CTCP-scrubbing. Scrubbing CTCP
+ commands also means that it is not possible to send files between users.
+ There is one exception to the CTCP scrubbing performed: ACTION ("/me
+ commands") requests are not scrubbed.
+ - Display configuration errors more prominent on "--configtest".
+ - Restructure ngIRCd configuration file: introduce new [Limits], [Options],
+ and [SSL] sections. The intention of this restructuring is to make the
+ [Global] section much cleaner, so that it only contains variables that
+ most installations must adjust to the local requirements. All the optional
+ variables are moved to [Limits], for configurable limits and timers of
+ ngIRCd, and [Options], for optional features. All SSL-related variables
+ are moved to [SSL] and the "SSL"-prefix is stripped. The old variables in
+ the [Global] section are deprecated now, but are still recognized.
+ => Don't forget to check your configuration, use "ngircd --configtest"!
+ - New documentation "how to contribute": doc/Contributing.txt.
+ - Slightly fix error handling when connecting to remote servers.
+ - GnuTLS: bump DH-bitsize to 2048: this solves the problem that some clients
+ refuse to connect to severs that only offer 1024. For interoperability it
+ would be best to just use 4096 bits, but that takes minutes, even on
+ current hardware ...
+ - contrib/platformtest.sh: fix gcc version detection.
+ - Avoid needlesly scary 'buffer overflow' messages: When the write buffer
+ space grows too large, ngIRCd has to disconnect the client to avoid
+ wasting too much memory, which is logged with a scary 'write buffer
+ overflow' message. Change this to a more descriptive wording.
+ - Require server prefixes for most commands on RFC2812 links. RFC1459 links
+ (often used by services, for example) are not affected.
+ - Mac OS X: update installer functionality, texts, and add our logo :-)
+ - New configuration option "RequireAuthPing": PING-PONG on login. When
+ enabled, this configuration option lets ngIRCd send a PING with an numeric
+ "token" to clients logging in; and it will not become registered in the
+ network until the client responds with the correct PONG.
+ - New configuration option "NoticeAuth": send NOTICE AUTH on connect. When
+ active, ngircd will send "NOTICE AUTH" messages on client connect time
+ like e.g. snircd (QuakeNet) does.
+ - Generate WALLOPS message on SQUIT from IRC operators; so SQUIT now behaves
+ like CONNECT and DISCONNECT commands, when called by an IRC operator.
+ - Allow servers to send more commands in the first 10 secods ("burst"). This
+ helps to speed up server login and network synchronisation.
+ - Add support for up to 3 targets in WHOIS queries, also allow up to one
+ wildcard query from local hosts. Follows ircd 2.10 implementation rather
+ than RFC 2812. At most 10 entries are returned per wildcard expansion.
+ - ngircd.conf(5) manual page: describe types of configuration variables
+ (booleans, text strings, integer numbers) and add type information to each
+ variable description.
+ - Don't use "the.net" in sample-ngircd.conf, use "example.net".
+ - Terminate incoming connections on HTTP commands "GET" and "POST".
+ - New configuration option "CloakHost": when set, this hostname is used for
+ every client instead of the real DNS hostname (or IP address).
+ - New configuration option "CloakUserToNick": when enabled, ngIRCd sets
+ every clients' user name to their nick name and hides the user name
+ supplied by the IRC client.
+ - doc/Protocol.txt: Update description of the CHANINFO and WEBIRC commands.
+ - Doxygen'ify (document) much more source files; code cleanup ...
+ - Make write buffers bigger, but flush early. Before this change, a client
+ got disconnected if the buffer flushing at 4k failed, now regular clients
+ can store up to 32k and servers up 64k even if flushing is not possible at
+ the moment. This enhances reliability on slow links.
+ - Don't access possibly free'd CLIENT structure. Ooops.
+ - Allow "Port = 0" in [Server] blocks. Port number 0 marks remote servers
+ that try to connect to this daemon, but where this daemon never tries to
+ establis a connection on its own: only incoming connections are allowed.
+ - Configuration: fix 'Value of "..." is not a number!' for negative values.
+ - Enable WHOIS command to return information about services.
+ - Implement channel mode 'O': "IRC operators only". This channel mode is
+ used on DALnet (bahamut), for example.
+ - Remove support for ZeroConf/Bonjour/Rendezvous service registration
+ including the "[No]ZeroConf" configuration option.
+ - TOPIC command: test for channel admin rights correctly: this enables other
+ servers, services and IRC operators to change channel topics, even when
+ the client is not joined to this channel.
+ - Deprecate NoXX-Options in ngircd.conf and move new variants into our new
+ [Options] section: 'NoDNS=no' => 'DNS=yes', 'NoIdent=no' => 'Ident=yes',
+ 'NoPAM=no' => 'PAM=yes', and 'NoZeroConf=no' => 'ZeroConf=yes' (and
+ vice-versa). The defaults are adjusted accordingly and the old variables
+ in [Global] are still accepted, so there is no functional change.
+ - Fix confusing "adding to invite list" debug messages: adding entries to
+ ban list produced 'invite list' debug output ...
+ - Don't throttle services and servers beeing registered.
+ - Xcode: correctly sort files :-)
+ - Don't assert() when serching a client for an invalid server token (this is
+ only relevant when a trusted server on a server-server link sends invalid
+ commands).
+
ngIRCd Release 17.1 (2010-12-19)
- --configtest: remember if MOTD is configured by file or phrase
--- /dev/null
+
+ ngIRCd - Next Generation IRC Server
+ http://ngircd.barton.de/
+
+ (c)2001-2011 Alexander Barton and Contributors.
+ ngIRCd is free software and published under the
+ terms of the GNU General Public License.
+
+ -- Contributing.txt --
+
+
+If you want to contribute to ngIRCd, please read the following paragraphs to
+get an idea of how to do it the best :-)
+
+ - Use GIT
+
+ The source code of ngIRCd is maintained using GIT, see doc/GIT.txt. So if
+ remotely possible, use GIT for your work, too. It makes your and our lifes
+ much easier ;-)
+
+ - Don't forget to include documentation
+
+ When adding features and new configuration options, don't forget to not
+ only code the features but to describe them in doc/sample-ngircd.conf,
+ man/ngircd.8.tmp and/or man/ngircd.conf.5.tmpl as well!
+
+ - Be present on IRC
+
+ If you intend to code some new features or do some code cleanups or better
+ documentation, please be present on <irc://irc.barton.de/#ngircd> and
+ discuss your plans early! So other developers have an idea on what others
+ are working on, can offer help, and can synchronize their own work.
+
+ - Check and validate your work!
+
+ Use "make check" to validate your work, and use "make distcheck" to
+ validate the resulting archives, especially when adding/removing files!
+
+ - Send patches in "unified diff" format
+
+ Please send patches in "unified" format, that is, use "diff -u".
+ Or even better: use GIT ("git diff"), see above.
+
+ - Send patches to the mailing list
+
+ If you have some code to present, send the patch(es) and/or pointers to
+ your GIT repository to the official ngIRCd mailing list for review, not
+ only to #ngircd: so it becomes archived and more people have a chance to
+ review your patch.
+
+ Sure it is a good idea to post some notes to #ngircd, too! :-)
+
+ And this is open source, your work must not be 100% finished and perfect,
+ work in progress is interesting, too: "release early, release often"!
+
ngIRCd - Next Generation IRC Server
+ http://ngircd.barton.de/
+
+ (c)2001-2011 Alexander Barton and Contributors.
+ ngIRCd is free software and published under the
+ terms of the GNU General Public License.
-- GIT.txt --
+
The source code of ngIRCd is maintained using git, the stupid content
tracker.
+
I. Getting the source code
~~~~~~~~~~~~~~~~~~~~~~~~~~
To access the source tree anonymously, run:
Please note: When checking out a fresh copy of ngIRCd using git, the
configure script doesn't exist; you have to run the autogen.sh shell script
(which is included in the source tree) to generate it. This requires you to
-have GNU automake and GNU autoconf installed on your system.
+have GNU automake and GNU autoconf installed on your system. Please see the
+file INSTALL for details!
To update the git tree:
This retrieves all changes and merges them into the current branch.
+
II. Contributing
~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~
If you want to contribute a couple of patches and write access to the git
repository would be handy, please contact Alex Barton, <alex@barton.de>.
-
ngIRCd - Next Generation IRC Server
+ http://ngircd.barton.de/
- (c)2001-2010 Alexander Barton,
- alex@barton.de, http://www.barton.de/
-
+ (c)2001-2011 Alexander Barton and Contributors.
ngIRCd is free software and published under the
terms of the GNU General Public License.
I. Upgrade Information
~~~~~~~~~~~~~~~~~~~~~~
+Differences to version 17
+
+- Support for ZeroConf/Bonjour/Rendezvous service registration has been
+ removed. The configuration option "NoZeroconf" is no longer available.
+
+- The structure of ngircd.conf has been cleaned up and three new configuration
+ sections have been introduced: [Limits], [Options], and [SSL].
+ Lots of configuration variables stored in the [Global] section are now
+ deprecated there and should be stored in one of these new sections (but
+ still work in [Global]):
+ "AllowRemoteOper" -> [Options]
+ "ChrootDir" -> [Options]
+ "ConnectIPv4" -> [Options]
+ "ConnectIPv6" -> [Options]
+ "ConnectRetry" -> [Limits]
+ "MaxConnections" -> [Limits]
+ "MaxConnectionsIP" -> [Limits]
+ "MaxJoins" -> [Limits]
+ "MaxNickLength" -> [Limits]
+ "NoDNS" -> [Options], and renamed to "DNS"
+ "NoIdent" -> [Options], and renamed to "Ident"
+ "NoPAM" -> [Options], and renamed to "PAM"
+ "OperCanUseMode" -> [Options]
+ "OperServerMode" -> [Options]
+ "PingTimeout" -> [Limits]
+ "PongTimeout" -> [Limits]
+ "PredefChannelsOnly" -> [Options]
+ "SSLCertFile" -> [SSL], and renamed to "CertFile"
+ "SSLDHFile" -> [SSL], and renamed to "DHFile"
+ "SSLKeyFile" -> [SSL], and renamed to "KeyFile"
+ "SSLKeyFilePassword" -> [SSL], and renamed to "KeyFilePassword"
+ "SSLPorts" -> [SSL], and renamed to "Ports"
+ "SyslogFacility" -> [Options]
+ "WebircPassword" -> [Options]
+ You should adjust your ngircd.conf and run "ngircd --configtest" to make
+ sure that your settings are correct and up to date!
+
Differences to version 16
- Changes to the "MotdFile" specified in ngircd.conf now require a ngircd
The next step is to configure and afterwards starting the daemon. Please
have a look at the ngircd(8) and ngircd.conf(5) manual pages for details
-and all possible options.
+and all possible options -- and don't forget to run "ngircd --configtest"
+to validate your configuration file!
If no previous version of the configuration file exists (the standard name
is /usr/local/etc/ngircd.conf), a sample configuration file containing all
step. If there is already an older configuration file present, it won't be
overwritten.
-This files will be installed by default:
+These files and folders will be installed by default:
- /usr/local/sbin/ngircd: executable server
- /usr/local/etc/ngircd.conf: sample configuration (if not already present)
- /usr/local/share/doc/ngircd/: documentation
+- /usr/local/share/man/: manual pages
III. Additional features
Include support for IDENT ("AUTH") lookups. The "ident" library is
required for this option.
-* ZeroConf Support:
- --with-zeroconf[=<path>]
-
- Compile ngIRCd with support for ZeroConf multicast DNS service registration.
- Either the Apple ZeroConf implementation (e. g. Mac OS X) or the Howl
- library is required. Which one is available is autodetected.
-
* TCP-Wrappers:
--with-tcp-wrappers[=<path>]
In the sample configuration file, there are comments beginning with "#" OR
";" -- this is only for the better understanding of the file.
-The file is separated in four blocks: [Global], [Operator], [Server], and
-[Channel].
+The file is separated in five blocks: [Global], [Features], [Operator],
+[Server], and [Channel].
In the [Global] section, there is the main configuration like the server
-name and the ports, on which the server should be listening. IRC operators
-of this server are defined in [Operator] blocks. [Server] is the section
-where server links are configured. And [Channel] blocks are used to
-configure pre-defined ("persistent") IRC channels.
+name and the ports, on which the server should be listening. Options in
+the [Features] section enable or disable functionality in the daemon.
+IRC operators of this server are defined in [Operator] blocks, remote
+servers are configured in [Server] sections, and [Channel] blocks are
+used to configure pre-defined ("persistent") IRC channels.
The meaning of the variables in the configuration file is explained in the
"doc/sample-ngircd.conf", which is used as sample configuration file in
/usr/local/etc after running "make install" (if you don't already have one)
-and in the "ngircd.conf" manual page.
+and in the ngircd.conf(5) manual page.
VI. Command line options
Use "--help" to see a short help text describing all available parameters
the server understands, with "--version" the ngIRCd shows its version
number. In both cases the server exits after the output.
+
+Please see the ngircd(8) manual page for complete details!
ngIRCd - Next Generation IRC Server
+ http://ngircd.barton.de/
- (c)2001-2010 Alexander Barton,
- alex@barton.de, http://www.barton.de/
-
+ (c)2001-2011 Alexander Barton and Contributors.
ngIRCd is free software and published under the
terms of the GNU General Public License.
-- NEWS --
+ngIRCd Release 18
+
+ ngIRCd 18~rc1 (2011-06-27)
+ - New configuration opion "MorePrivacy" to "censor" some user information.
+ When enabled, signon time and idle time is censored. Part and quit
+ messages are made to look the same. WHOWAS requests are silently dropped.
+ All of this is useful if one wish to conceal users that access the ngircd
+ servers from TOR or I2P.
+ - New configuration option "ScrubCTCP" to scrub incoming CTCP commands. If
+ activated, the server silently drops incomming CTCP requests from both
+ other servers and from users. The server that scrubs CTCP will not forward
+ the CTCP requests to other servers in the network either, which can spell
+ trouble if not every oper knows about the CTCP-scrubbing. Scrubbing CTCP
+ commands also means that it is not possible to send files between users.
+ There is one exception to the CTCP scrubbing performed: ACTION ("/me
+ commands") requests are not scrubbed.
+ - Restructure ngIRCd configuration file: introduce new [Limits], [Options],
+ and [SSL] sections. The intention of this restructuring is to make the
+ [Global] section much cleaner, so that it only contains variables that
+ most installations must adjust to the local requirements. All the optional
+ variables are moved to [Limits], for configurable limits and timers of
+ ngIRCd, and [Options], for optional features. All SSL-related variables
+ are moved to [SSL] and the "SSL"-prefix is stripped. The old variables in
+ the [Global] section are deprecated now, but are still recognized.
+ => Don't forget to check your configuration, use "ngircd --configtest"!
+ - New documentation "how to contribute": doc/Contributing.txt.
+ - Avoid needlesly scary 'buffer overflow' messages: When the write buffer
+ space grows too large, ngIRCd has to disconnect the client to avoid
+ wasting too much memory, which is logged with a scary 'write buffer
+ overflow' message. Change this to a more descriptive wording.
+ - New configuration option "RequireAuthPing": PING-PONG on login. When
+ enabled, this configuration option lets ngIRCd send a PING with an numeric
+ "token" to clients logging in; and it will not become registered in the
+ network until the client responds with the correct PONG.
+ - New configuration option "NoticeAuth": send NOTICE AUTH on connect. When
+ active, ngircd will send "NOTICE AUTH" messages on client connect time
+ like e.g. snircd (QuakeNet) does.
+ - Add support for up to 3 targets in WHOIS queries, also allow up to one
+ wildcard query from local hosts. Follows ircd 2.10 implementation rather
+ than RFC 2812. At most 10 entries are returned per wildcard expansion.
+ - ngircd.conf(5) manual page: describe types of configuration variables
+ (booleans, text strings, integer numbers) and add type information to each
+ variable description.
+ - Terminate incoming connections on HTTP commands "GET" and "POST".
+ - New configuration option "CloakHost": when set, this hostname is used for
+ every client instead of the real DNS hostname (or IP address).
+ - New configuration option "CloakUserToNick": when enabled, ngIRCd sets
+ every clients' user name to their nick name and hides the user name
+ supplied by the IRC client.
+ - Make write buffers bigger, but flush early. Before this change, a client
+ got disconnected if the buffer flushing at 4k failed, now regular clients
+ can store up to 32k and servers up 64k even if flushing is not possible at
+ the moment. This enhances reliability on slow links.
+ - Allow "Port = 0" in [Server] blocks. Port number 0 marks remote servers
+ that try to connect to this daemon, but where this daemon never tries to
+ establis a connection on its own: only incoming connections are allowed.
+ - Enable WHOIS command to return information about services.
+ - Implement channel mode 'O': "IRC operators only". This channel mode is
+ used on DALnet (bahamut), for example.
+ - Remove support for ZeroConf/Bonjour/Rendezvous service registration
+ including the "[No]ZeroConf" configuration option.
+ - Deprecate NoXX-Options in ngircd.conf and move new variants into our new
+ [Options] section: 'NoDNS=no' => 'DNS=yes', 'NoIdent=no' => 'Ident=yes',
+ 'NoPAM=no' => 'PAM=yes', and 'NoZeroConf=no' => 'ZeroConf=yes' (and
+ vice-versa). The defaults are adjusted accordingly and the old variables
+ in [Global] are still accepted, so there is no functional change.
ngIRCd Release 17.1 (2010-12-19)
ngIRCd - Next Generation IRC Server
+ http://ngircd.barton.de/
- (c)2001-2007 Alexander Barton,
- alex@barton.de, http://www.barton.de/
-
+ (c)2001-2011 Alexander Barton and Contributors.
ngIRCd is free software and published under the
terms of the GNU General Public License.
Implemented IRC-commands are:
-ADMIN, AWAY, CHANINFO, CONNECT, DIE, DISCONNECT, ERROR, HELP, INVITE, ISON,
-JOIN, KICK, KILL, LINKS, LIST, LUSERS, MODE, MOTD, NAMES, NICK, NJOIN, NOTICE,
-OPER, PART, PASS, PING, PONG, PRIVMSG, QUIT, REHASH, RESTART, SERVER, SQUIT,
-STATS, TIME, TOPIC, TRACE, USER, USERHOST, VERSION, WALLOPS, WHO, WHOIS,
-WHOWAS.
+ADMIN, AWAY, CHANINFO, CONNECT, DIE, DISCONNECT, ERROR, HELP, INFO, INVITE,
+ISON, JOIN, KICK, KILL, LINKS, LIST, LUSERS, MODE, MOTD, NAMES, NICK, NJOIN,
+NOTICE, OPER, PART, PASS, PING, PONG, PRIVMSG, QUIT, REHASH, RESTART, SERVER,
+SERVICE, SERVLIST, SQUERY, SQUIT, STATS, SUMMON, TIME, TOPIC, TRACE, USER,
+USERHOST, USERS, VERSION, WALLOPS, WEBIRC, WHO, WHOIS, WHOWAS.
III. Features (or: why use ngIRCd?)
Creating a self-signed certificate and key:
$ openssl req -newkey rsa:2048 -x509 -keyout server-key.pem -out server-cert.pem -days 1461
Create DH parameters (optional):
- $ openssl dhparam -2 -out dhparams.pem 2048
+ $ openssl dhparam -2 -out dhparams.pem 4096
GnuTLS:
$ certtool --generate-privkey --bits 2048 --outfile server-key.pem
$ certtool --generate-self-signed --load-privkey server-key.pem --outfile server-cert.pem
Create DH parameters (optional):
- $ certtool --generate-dh-params --bits 2048 --outfile dhparams.pem
+ $ certtool --generate-dh-params --bits 4096 --outfile dhparams.pem
Alternate approach using stunnel(1)
# Use "ngircd --configtest" (see manual page ngircd(8)) to validate that the
# server interprets the configuration file as expected!
#
-# Please see ngircd.conf(5) for a complete list of configuration options.
+# Please see ngircd.conf(5) for a complete list of configuration options
+# and their descriptions.
#
[Global]
# The [Global] section of this file is used to define the main
# configuration of the server, like the server name and the ports
# on which the server should be listening.
+ # These settings depend on your personal preferences, so you should
+ # make sure that they correspond to your installation and setup!
# Server name in the IRC network, must contain at least one dot
# (".") and be unique in the IRC network. Required!
- Name = irc.the.net
-
- # Info text of the server. This will be shown by WHOIS and
- # LINKS requests for example.
- Info = Server Info Text
-
- # Global password for all users needed to connect to the server.
- # (Default: not set)
- ;Password = abc
-
- # Password required for using the WEBIRC command used by some
- # Web-to-IRC gateways. If not set/empty, the WEBIRC command can't
- # be used. (Default: not set)
- ;WebircPassword = xyz
+ Name = irc.example.net
# Information about the server and the administrator, used by the
# ADMIN command. Not required by server but by RFC!
;AdminInfo1 = Description
;AdminInfo2 = Location
;AdminEMail = admin@irc.server
-
- # Ports on which the server should listen. There may be more than
- # one port, separated with ",". (Default: 6667)
- ;Ports = 6667, 6668, 6669
- # Additional Listen Ports that expect SSL/TLS encrypted connections
- ;SSLPorts = 6697, 9999
-
- # SSL Server Key
- ;SSLKeyFile = /usr/local/etc/ngircd/ssl/server-key.pem
-
- # password to decrypt SSLKeyFile (OpenSSL only)
- ;SSLKeyFilePassword = secret
-
- # SSL Server Key Certificate
- ;SSLCertFile = /usr/local/etc/ngircd/ssl/server-cert.pem
-
- # Diffie-Hellman parameters
- ;SSLDHFile = /usr/local/etc/ngircd/ssl/dhparams.pem
+ # Info text of the server. This will be shown by WHOIS and
+ # LINKS requests for example.
+ Info = Server Info Text
- # comma separated list of IP addresses on which the server should
+ # Comma separated list of IP addresses on which the server should
# listen. Default values are:
# "0.0.0.0" or (if compiled with IPv6 support) "::,0.0.0.0"
# so the server listens on all IP addresses of the system by default.
;Listen = 127.0.0.1,192.168.0.1
- # Syslog "facility" to which ngIRCd should send log messages.
- # Possible values are system dependant, but most probably auth, daemon,
- # user and local1 through local7 are possible values; see syslog(3).
- # Default is "local5" for historical reasons, you probably want to
- # change this to "daemon", for example.
- SyslogFacility = local1
-
# Text file with the "message of the day" (MOTD). This message will
# be shown to all users connecting to the server:
- ;MotdFile = /usr/local/etc/ngircd.motd
+ ;MotdFile = /opt/ngircd/alex.git/etc/ngircd.motd
# A simple Phrase (<256 chars) if you don't want to use a motd file.
;MotdPhrase = "Hello world!"
+ # Global password for all users needed to connect to the server.
+ # (Default: not set)
+ ;Password = abc
+
+ # This tells ngIRCd to write its current process ID to a file.
+ # Note that the pidfile is written AFTER chroot and switching the
+ # user ID, e.g. the directory the pidfile resides in must be
+ # writeable by the ngIRCd user and exist in the chroot directory.
+ ;PidFile = /var/run/ngircd/ngircd.pid
+
+ # Ports on which the server should listen. There may be more than
+ # one port, separated with ",". (Default: 6667)
+ ;Ports = 6667, 6668, 6669
+
+ # Group ID under which the ngIRCd should run; you can use the name
+ # of the group or the numerical ID. ATTENTION: For this to work the
+ # server must have been started with root privileges!
+ ;ServerGID = 65534
+
# User ID under which the server should run; you can use the name
# of the user or the numerical ID. ATTENTION: For this to work the
# server must have been started with root privileges! In addition,
# otherwise RESTART and REHASH won't work!
;ServerUID = 65534
- # Group ID under which the ngircd should run; you can use the name
- # of the group or the numerical ID. ATTENTION: For this to work the
- # server must have been started with root privileges!
- ;ServerGID = 65534
+[Limits]
+ # Define some limits and timeouts for this ngIRCd instance. Default
+ # values should be safe, but it is wise to double-check :-)
- # A directory to chroot in when everything is initialized. It
- # doesn't need to be populated if ngIRCd is compiled as a static
- # binary. By default ngIRCd won't use the chroot() feature.
- # ATTENTION: For this to work the server must have been started
- # with root privileges!
- ;ChrootDir = /var/empty
+ # The server tries every <ConnectRetry> seconds to establish a link
+ # to not yet (or no longer) connected servers.
+ ;ConnectRetry = 60
- # This tells ngircd to write its current process id to a file.
- # Note that the pidfile is written AFTER chroot and switching uid,
- # i. e. the Directory the pidfile resides in must be writeable by
- # the ngircd user and exist in the chroot directory.
- ;PidFile = /var/run/ngircd/ngircd.pid
+ # Maximum number of simultaneous in- and outbound connections the
+ # server is allowed to accept (0: unlimited):
+ ;MaxConnections = 0
+
+ # Maximum number of simultaneous connections from a single IP address
+ # the server will accept (0: unlimited):
+ ;MaxConnectionsIP = 5
+
+ # Maximum number of channels a user can be member of (0: no limit):
+ ;MaxJoins = 10
+
+ # Maximum length of an user nick name (Default: 9, as in RFC 2812).
+ # Please note that all servers in an IRC network MUST use the same
+ # maximum nick name length!
+ ;MaxNickLength = 9
# After <PingTimeout> seconds of inactivity the server will send a
# PING to the peer to test whether it is alive or not.
# seconds, it will be disconnected by the server.
;PongTimeout = 20
- # The server tries every <ConnectRetry> seconds to establish a link
- # to not yet (or no longer) connected servers.
- ;ConnectRetry = 60
+[Options]
+ # Optional features and configuration options to further tweak the
+ # behavior of ngIRCd. If you wan't to get started quickly, you most
+ # probably don't have to make changes here -- they are all optional.
+
+ # Are remote IRC operators allowed to control this server, e.g.
+ # use commands like CONNECT, SQUIT, DIE, ...?
+ ;AllowRemoteOper = no
+
+ # A directory to chroot in when everything is initialized. It
+ # doesn't need to be populated if ngIRCd is compiled as a static
+ # binary. By default ngIRCd won't use the chroot() feature.
+ # ATTENTION: For this to work the server must have been started
+ # with root privileges!
+ ;ChrootDir = /var/empty
+
+ # Set this hostname for every client instead of the real one.
+ # Please note: don't use the percentage sign ("%"), it is reserved for
+ # future extensions!
+ ;CloakHost = irc.example.net
+
+ # Set every clients' user name to their nick name
+ ;CloakUserToNick = yes
+
+ # Try to connect to other IRC servers using IPv4 and IPv6, if possible.
+ ;ConnectIPv6 = yes
+ ;ConnectIPv4 = yes
+
+ # Do any DNS lookups when a client connects to the server.
+ ;DNS = yes
+
+ # Do IDENT lookups if ngIRCd has been compiled with support for it.
+ ;Ident = yes
+
+ # Enhance user privacy slightly (useful for IRC server on TOR or I2P)
+ # by censoring some information like idle time, logon time, etc.
+ ;MorePrivacy = no
+
+ # Normally ngIRCd doesn't send any messages to a client until it is
+ # registered. Enable this option to let the daemon send "NOTICE AUTH"
+ # messages to clients while connecting.
+ ;NoticeAuth = no
# Should IRC Operators be allowed to use the MODE command even if
# they are not(!) channel-operators?
# server? (This is a compatibility hack for ircd-irc2 servers)
;OperServerMode = no
- # Are remote IRC operators allowed to control this server, e. g.
- # use commands like CONNECT, SQUIT, DIE, ...?
- ;AllowRemoteOper = no
+ # Use PAM if ngIRCd has been compiled with support for it.
+ ;PAM = no
# Allow Pre-Defined Channels only (see Section [Channels])
;PredefChannelsOnly = no
- # Don't do any DNS lookups when a client connects to the server.
- ;NoDNS = no
+ # Let ngIRCd send an "authentication PING" when a new client connects,
+ # and register this client only after receiving the corresponding
+ # "PONG" reply.
+ ;RequireAuthPing = no
- # Don't do any IDENT lookups, even if ngIRCd has been compiled
- # with support for it.
- ;NoIdent = no
+ # Silently drop all incomming CTCP requests.
+ ;ScrubCTCP = no
- # Don't use PAM, even if ngIRCd has been compiled with support for it.
- ;NoPAM = no
+ # Syslog "facility" to which ngIRCd should send log messages.
+ # Possible values are system dependent, but most probably auth, daemon,
+ # user and local1 through local7 are possible values; see syslog(3).
+ # Default is "local5" for historical reasons, you probably want to
+ # change this to "daemon", for example.
+ ;SyslogFacility = local1
- # Don't use ZeroConf service registration, even if ngIRCd has been
- # compiled with support for it (e.g. Howl, Avahi, Mac OS X).
- ;NoZeroConf = no
+ # Password required for using the WEBIRC command used by some
+ # Web-to-IRC gateways. If not set/empty, the WEBIRC command can't
+ # be used. (Default: not set)
+ ;WebircPassword = xyz
- # try to connect to other irc servers using ipv4 and ipv6, if possible
- ;ConnectIPv6 = yes
- ;ConnectIPv4 = yes
+;[SSL]
+ # SSL-related configuration options. Please note that this section
+ # is only available when ngIRCd is compiled with support for SSL!
+ # So don't forget to remove the ";" above if this is the case ...
- # Maximum number of simultaneous in- and outbound connections the
- # server is allowed to accept (0: unlimited):
- ;MaxConnections = 0
+ # SSL Server Key Certificate
+ ;CertFile = /opt/ngircd/alex.git/etc/ssl/server-cert.pem
- # Maximum number of simultaneous connections from a single IP address
- # the server will accept (0: unlimited):
- ;MaxConnectionsIP = 5
+ # Diffie-Hellman parameters
+ ;DHFile = /opt/ngircd/alex.git/etc/ssl/dhparams.pem
- # Maximum number of channels a user can be member of (0: no limit):
- ;MaxJoins = 10
+ # SSL Server Key
+ ;KeyFile = /opt/ngircd/alex.git/etc/ssl/server-key.pem
- # Maximum length of an user nick name (Default: 9, as in RFC 2812).
- # Please note that all servers in an IRC network MUST use the same
- # maximum nick name length!
- ;MaxNickLength = 9
+ # password to decrypt SSLKeyFile (OpenSSL only)
+ ;KeyFilePassword = secret
+
+ # Additional Listen Ports that expect SSL/TLS encrypted connections
+ ;Ports = 6697, 9999
[Operator]
# [Operator] sections are used to define IRC Operators. There may be
# IRC name of the remote server, must match the "Name" variable in
# the [Global] section of the other server (when using ngIRCd).
- ;Name = irc2.the.net
+ ;Name = irc2.example.net
# Internet host name or IP address of the peer (only required when
# this server should establish the connection).
- ;Host = connect-to-host.the.net
+ ;Host = connect-to-host.example.net
# IP address to use as _source_ address for the connection. if
# unspecified, ngircd will let the operating system pick an address.
# Key file, syntax for each line: "<user>:<nick>:<key>".
# Default: none.
- ;KeyFile = /etc/ngircd/#chan.key
+ ;KeyFile = /opt/ngircd/alex.git/etc/#chan.key
# maximum users per channel (mode l)
;MaxUsers = 23