├── .dockerignore ├── .github ├── dependabot.yml └── workflows │ └── build-container.yml ├── .gitignore ├── Dockerfile ├── README.md ├── conf ├── config.sh ├── database.sh ├── serverinfo.conf ├── services.conf └── uplink.sh ├── examples ├── .gitignore ├── README.md ├── docker-compose.yml └── inspircd.conf └── tests └── release.sh /.dockerignore: -------------------------------------------------------------------------------- 1 | .git 2 | examples 3 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: docker 4 | directory: / 5 | schedule: 6 | interval: monthly 7 | - package-ecosystem: github-actions 8 | directory: / 9 | schedule: 10 | interval: monthly 11 | -------------------------------------------------------------------------------- /.github/workflows/build-container.yml: -------------------------------------------------------------------------------- 1 | name: Build container 2 | on: 3 | pull_request: 4 | push: 5 | schedule: 6 | - cron: '0 0 * * 1' 7 | workflow_dispatch: 8 | 9 | jobs: 10 | build: 11 | runs-on: ubuntu-22.04 12 | env: 13 | ANOPE_VERSION: 2.0.18 14 | DOCKER_REPO: anope/anope 15 | GITHUB_BRANCH: master 16 | GITHUB_REPO: anope/docker 17 | steps: 18 | - 19 | uses: actions/checkout@v4 20 | - 21 | name: Test base image and code version 22 | run: | 23 | ls tests/*.sh | parallel --joblog /tmp/joblog 24 | cat /tmp/joblog 25 | env: 26 | VERSION: ${{ env.ANOPE_VERSION }} 27 | - 28 | name: Pipeline variables 29 | id: pipeline_vars 30 | run: | 31 | EXPECTED="$GITHUB_REPO $GITHUB_BRANCH" 32 | echo "Expected: $EXPECTED" 33 | 34 | ACTUAL="${{ github.repository }} ${{ github.ref_name }}" 35 | echo "Actual: $ACTUAL" 36 | 37 | if [ "$EXPECTED" == "$ACTUAL" ] 38 | then 39 | echo "On $GITHUB_REPO repo, $GITHUB_BRANCH branch - building all architectures and pushing to Docker Hub" 40 | echo "push=true" >> $GITHUB_OUTPUT 41 | echo "platforms=linux/amd64,linux/arm64" >> $GITHUB_OUTPUT 42 | else 43 | echo "Not on $GITHUB_REPO repo and $GITHUB_BRANCH branch - only building amd64 architecture and not pushing to Docker Hub" 44 | echo "push=false" >> $GITHUB_OUTPUT 45 | echo "platforms=linux/amd64" >> $GITHUB_OUTPUT 46 | fi 47 | - 48 | name: Docker meta 49 | id: meta 50 | uses: docker/metadata-action@v5 51 | with: 52 | images: ${{ env.DOCKER_REPO }} 53 | tags: | 54 | type=semver,pattern={{version}},value=${{ env.ANOPE_VERSION }} 55 | type=semver,pattern={{major}}.{{minor}},value=${{ env.ANOPE_VERSION }} 56 | type=semver,pattern={{major}},value=${{ env.ANOPE_VERSION }} 57 | - 58 | name: Set up QEMU 59 | uses: docker/setup-qemu-action@v3 60 | - 61 | name: Set up Docker Buildx 62 | uses: docker/setup-buildx-action@v3 63 | - 64 | name: Log in to Docker Hub 65 | if: github.repository == env.GITHUB_REPO && github.ref_name == env.GITHUB_BRANCH 66 | uses: docker/login-action@v3 67 | with: 68 | username: ${{ secrets.DOCKER_USERNAME }} 69 | password: ${{ secrets.DOCKER_PASSWORD }} 70 | - 71 | name: Build and push 72 | uses: docker/build-push-action@v6 73 | with: 74 | context: . 75 | build-args: VERSION=${{ env.ANOPE_VERSION }} 76 | platforms: ${{ steps.pipeline_vars.outputs.platforms }} 77 | push: ${{ steps.pipeline_vars.outputs.push }} 78 | tags: ${{ steps.meta.outputs.tags }} 79 | - 80 | name: Update description on Docker Hub 81 | if: github.repository == env.GITHUB_REPO && github.ref_name == env.GITHUB_BRANCH 82 | uses: peter-evans/dockerhub-description@v4 83 | with: 84 | username: ${{ secrets.DOCKER_USERNAME }} 85 | password: ${{ secrets.DOCKER_PASSWORD }} 86 | repository: ${{ env.DOCKER_REPO }} 87 | short-description: Anope IRC Services https://anope.org 88 | readme-filepath: README.md 89 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | examples/db 2 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.22 2 | 3 | LABEL org.opencontainers.image.authors="Anope Team " 4 | 5 | ARG VERSION=2.0 6 | ARG RUN_DEPENDENCIES="gnutls gnutls-utils mariadb-client mariadb-connector-c sqlite-libs" 7 | ARG BUILD_DEPENDENCIES="gnutls-dev mariadb-dev sqlite-dev" 8 | ARG EXTRA_MODULES="m_mysql m_sqlite m_ssl_gnutls" 9 | 10 | RUN apk add --no-cache --virtual .build-utils gcc g++ ninja git cmake $BUILD_DEPENDENCIES && \ 11 | apk add --no-cache --virtual .dependencies libgcc libstdc++ $RUN_DEPENDENCIES && \ 12 | # Create a user to run anope later 13 | adduser -u 10000 -h /anope/ -D -S anope && \ 14 | mkdir -p /src && \ 15 | cd /src && \ 16 | # Clone the requested version 17 | git clone --depth 1 https://github.com/anope/anope.git anope -b $VERSION && \ 18 | cd /src/anope && \ 19 | # Add and overwrite modules 20 | for module in $EXTRA_MODULES; do ln -s /src/anope/modules/extra/$module.cpp modules; done && \ 21 | mkdir build && \ 22 | cd /src/anope/build && \ 23 | cmake -DINSTDIR=/anope/ -DDEFUMASK=077 -DCMAKE_BUILD_TYPE=RELEASE -GNinja .. && \ 24 | # Run build multi-threaded 25 | ninja install && \ 26 | # Uninstall all unnecessary tools after build process 27 | apk del .build-utils && \ 28 | rm -rf /src && \ 29 | # Provide a data location 30 | mkdir -p /data && \ 31 | touch /data/anope.db && \ 32 | ln -s /data/anope.db /anope/data/anope.db && \ 33 | # Make sure everything is owned by anope 34 | chown -R anope /anope/ && \ 35 | chown -R anope /data/ 36 | 37 | COPY ./conf/ /anope/conf/ 38 | 39 | RUN chown -R anope /anope/conf/ 40 | 41 | WORKDIR /anope/ 42 | 43 | VOLUME /data/ 44 | 45 | USER anope 46 | 47 | CMD ["/anope/bin/services", "-n"] 48 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Anope 2 | ===== 3 | 4 | Anope is a set of IRC Services designed for flexibility and ease of use. 5 | 6 | Anope is a set of Services for IRC networks that allows users to manage their nicks and channels in a secure and efficient way, and administrators to manage their network with powerful tools. 7 | 8 | 9 | # How to use this image 10 | 11 | This image is not usable as stand alone image. You need some kind of IRCd. 12 | 13 | For example you can use [InspIRCd](https://hub.docker.com/r/inspircd/inspircd-docker) like in the [example](https://github.com/anope/docker/blob/master/examples/docker-compose.yml). 14 | 15 | The minimal configuration looks like this: 16 | 17 | ```console 18 | $ docker run --name anope -e "ANOPE_UPLINK_IP=irc.example.org" -e "ANOPE_UPLINK_PASSWORD=password" anope/anope 19 | ``` 20 | 21 | You can use your own configs in this container by mounting them to `/anope/conf/`: 22 | 23 | ```console 24 | $ docker run --name anope -v /path/to/your/config:/anope/conf/ anope/anope 25 | ``` 26 | 27 | 28 | ## Generated configuration 29 | 30 | This image provides various options to configure it by environment variables. 31 | 32 | Use the following environment variables to configure your container: 33 | 34 | |Available variables |Default value |Description | 35 | |-------------------------|--------------------------------|--------------------------------------------| 36 | |`ANOPE_SERVICES_NAME` |`services.localhost.net` |Name of the services. *Important for uplink*| 37 | |`ANOPE_SERVICES_VHOST` |`services.localhost.net` |Host used by services pseudo clients | 38 | |`ANOPE_UPLINK_IP` |no default |DNS name or IP of the uplink host | 39 | |`ANOPE_UPLINK_PORT` |`7000` |Port used to connect to uplink host | 40 | |`ANOPE_UPLINK_PASSWORD` |no default |Password used to authenticate against uplink| 41 | 42 | 43 | ## Database configuration 44 | 45 | This image provides two way to configure database handling. You can use sqlite inside a volume or an external mysqldb. 46 | 47 | SQLite is used by default to prevent failing of the container, but mysql is recommended. 48 | 49 | 50 | ### SQLite 51 | 52 | For very small setup, development and testing SQLite setup should be enough. Simply make sure you mount a volume to `/data`. 53 | 54 | ```console 55 | $ docker run --name anope -v "/path/to/datastore:/data" -e "ANOPE_UPLINK_IP=irc.example.org" -e "ANOPE_UPLINK_PASSWORD=password" anope/anope 56 | ``` 57 | 58 | ### MySQL 59 | 60 | For a production setup MySQL is the recommended way to set this image up. Checkout the [example](https://github.com/anope/docker/blob/master/examples/docker-compose.yml) if you want to test it. 61 | 62 | |Available variables |Default value |Description | 63 | |-------------------------|--------------------------------|--------------------------------------------| 64 | |`ANOPE_SQL_ENGINE` |`sqlite` |Set it to `mysql` to enable `mysql` backend | 65 | |`ANOPE_MYSQL_DB` |`anope` |Database name for the data | 66 | |`ANOPE_MYSQL_HOST` |`database` |Hostname of the database host or container | 67 | |`ANOPE_MYSQL_PORT` |`3306` |Port used to access the mysql database | 68 | |`ANOPE_MYSQL_USER` |`anope` |Username for the MySQL database | 69 | |`ANOPE_MYSQL_PASSWORD` |no default |Password for the `ANOPE_MYSQL_USER` | 70 | |`ANOPE_SQL_LIVE` |`no` |Enable Anope SQL-DB live feature | 71 | 72 | 73 | # Updates and updating 74 | 75 | To update your setup simply pull the newest image version from docker hub and run it. 76 | 77 | ```console 78 | $ docker pull anope/anope 79 | ``` 80 | 81 | Considering to update your docker setup regularly. 82 | 83 | 84 | # License 85 | 86 | View [license information](https://github.com/anope/anope) for the software contained in this image. 87 | 88 | 89 | # Supported Docker versions 90 | 91 | This image is officially supported on Docker version 17.03.1-CE. 92 | 93 | Support for older versions (down to 1.12) is provided on a best-effort basis. 94 | 95 | Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. 96 | 97 | 98 | # User Feedback 99 | 100 | ## Issues 101 | 102 | If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/anope/docker/issues). 103 | 104 | You can also reach many of the project maintainers via the `#anope` IRC channel on [Teranova](http://www.teranova.net/). 105 | 106 | 107 | ## Contributing 108 | 109 | You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. 110 | 111 | -------------------------------------------------------------------------------- /conf/config.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cat < 143 | * 144 | * 145 | * 146 | * An example configuration for UnrealIRCd that is compatible with the below uplink 147 | * and serverinfo configuration would look like: 148 | * 149 | * link services.localhost.net 150 | * { 151 | * username *; 152 | * hostname *; 153 | * bind-ip "127.0.0.1"; 154 | * port 7000; 155 | * hub *; 156 | * password-connect "mypassword"; 157 | * password-receive "mypassword"; 158 | * class servers; 159 | * }; 160 | * ulines { services.localhost.net; }; 161 | * listen 127.0.0.1:7000; 162 | */ 163 | 164 | include 165 | { 166 | type = "executable" 167 | name = "/anope/conf/uplink.sh" 168 | } 169 | 170 | /* 171 | * [DISABLED] Uplink configuration 172 | * 173 | *The uplink configuration is done by `/anope/conf/uplink.sh`. So the direct uplink settings are disabled 174 | */ 175 | //uplink 176 | { 177 | /* 178 | * The IP or hostname of the IRC server you wish to connect Services to. 179 | * Usually, you will want to connect Services over 127.0.0.1 (aka localhost). 180 | * 181 | * NOTE: On some shell providers, this will not be an option. 182 | */ 183 | host = "127.0.0.1" 184 | 185 | /* 186 | * Enable if Services should connect using IPv6. 187 | */ 188 | ipv6 = no 189 | 190 | /* 191 | * Enable if Services should connect using SSL. 192 | * You must have an SSL module loaded for this to work. 193 | */ 194 | ssl = no 195 | 196 | /* 197 | * The port to connect to. 198 | * The IRCd *MUST* be configured to listen on this port, and to accept 199 | * server connections. 200 | * 201 | * Refer to your IRCd documentation for how this is to be done. 202 | */ 203 | port = 7000 204 | 205 | /* 206 | * The password to send to the IRC server for authentication. 207 | * This must match the link block on your IRCd. 208 | * 209 | * Refer to your IRCd documentation for more information on link blocks. 210 | */ 211 | password = "mypassword" 212 | } 213 | 214 | include 215 | { 216 | type = "file" 217 | name = "serverinfo.conf" 218 | } 219 | 220 | /* 221 | * [REQUIRED] Server Information 222 | * 223 | * This section contains information about the Services server. 224 | */ 225 | // serverinfo 226 | { 227 | /* 228 | * The hostname that Services will be seen as, it must have no conflicts with any 229 | * other server names on the rest of your IRC network. Note that it does not have 230 | * to be an existing hostname, just one that isn't on your network already. 231 | */ 232 | name = "services.name" 233 | 234 | /* 235 | * The text which should appear as the server's information in /whois and similar 236 | * queries. 237 | */ 238 | description = "Services for IRC Networks" 239 | 240 | /* 241 | * The local address that Services will bind to before connecting to the remote 242 | * server. This may be useful for multihomed hosts. If omitted, Services will let 243 | * the Operating System choose the local address. This directive is optional. 244 | * 245 | * If you don't know what this means or don't need to use it, just leave this 246 | * directive commented out. 247 | */ 248 | #localhost = "nowhere." 249 | 250 | /* 251 | * What Server ID to use for this connection? 252 | * Note: This should *ONLY* be used for TS6/P10 IRCds. Refer to your IRCd documentation 253 | * to see if this is needed. 254 | */ 255 | #id = "00A" 256 | 257 | /* 258 | * The filename containing the Services process ID. The path is relative to the 259 | * services root directory. 260 | */ 261 | pid = "/tmp/services.pid" 262 | 263 | /* 264 | * The filename containing the Message of the Day. The path is relative to the 265 | * services root directory. 266 | */ 267 | motd = "conf/services.motd" 268 | } 269 | 270 | /* 271 | * [REQUIRED] Protocol module 272 | * 273 | * This directive tells Anope which IRCd Protocol to speak when connecting. 274 | * You MUST modify this to match the IRCd you run. 275 | * 276 | * Supported: 277 | * - bahamut 278 | * - charybdis 279 | * - hybrid 280 | * - inspircd12 281 | * - inspircd20 282 | * - ngircd 283 | * - plexus 284 | * - ratbox 285 | * - unreal (for 3.2.x) 286 | * - unreal4 287 | */ 288 | module 289 | { 290 | name = "inspircd3" 291 | 292 | /* 293 | * Some protocol modules can enforce mode locks server-side. This reduces the spam caused by 294 | * services immediately reversing mode changes for locked modes. 295 | * 296 | * If the protocol module you have loaded does not support this, this setting will have no effect. 297 | */ 298 | use_server_side_mlock = yes 299 | 300 | /* 301 | * Some protocol modules can enforce topic locks server-side. This reduces the spam caused by 302 | * services immediately reversing topic changes. 303 | * 304 | * If the protocol module you have loaded does not support this, this setting will have no effect. 305 | */ 306 | use_server_side_topiclock = yes 307 | } 308 | 309 | /* 310 | * [REQUIRED] Network Information 311 | * 312 | * This section contains information about the IRC network that Services will be 313 | * connecting to. 314 | */ 315 | networkinfo 316 | { 317 | /* 318 | * This is the name of the network that Services will be running on. 319 | */ 320 | networkname = "LocalNet" 321 | 322 | /* 323 | * Set this to the maximum allowed nick length on your network. 324 | * Be sure to set this correctly, as setting this wrong can result in 325 | * Services being disconnected from the network. 326 | */ 327 | nicklen = 31 328 | 329 | /* Set this to the maximum allowed ident length on your network. 330 | * Be sure to set this correctly, as setting this wrong can result in 331 | * Services being disconnected from the network. 332 | */ 333 | userlen = 10 334 | 335 | /* Set this to the maximum allowed hostname length on your network. 336 | * Be sure to set this correctly, as setting this wrong can result in 337 | * Services being disconnected from the network. 338 | */ 339 | hostlen = 64 340 | 341 | /* Set this to the maximum allowed channel length on your network. 342 | */ 343 | chanlen = 32 344 | 345 | /* The maximum number of list modes settable on a channel (such as b, e, I). 346 | * Comment out or set to 0 to disable. 347 | */ 348 | modelistsize = 100 349 | 350 | /* 351 | * Characters allowed in nicknames. This always includes the characters described 352 | * in RFC1459, and so does not need to be set for normal behavior. Changing this to 353 | * include characters your IRCd doesn't support will cause your IRCd and/or Services 354 | * to break. Multibyte characters are not supported, nor are escape sequences. 355 | * 356 | * It is recommended you DON'T change this. 357 | */ 358 | #nick_chars = "" 359 | 360 | /* 361 | * The characters allowed in hostnames. This is used for validating hostnames given 362 | * to services, such as BotServ bot hostnames and user vhosts. Changing this is not 363 | * recommended unless you know for sure your IRCd supports whatever characters you are 364 | * wanting to use. Telling services to set a vHost containing characters your IRCd 365 | * disallows could potentially break the IRCd and/or Services. 366 | * 367 | * It is recommended you DON'T change this. 368 | */ 369 | vhost_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-" 370 | 371 | /* 372 | * If set to true, allows vHosts to not contain dots (.). 373 | * Newer IRCds generally do not have a problem with this, but the same warning as 374 | * vhost_chars applies. 375 | * 376 | * It is recommended you DON'T change this. 377 | */ 378 | allow_undotted_vhosts = false 379 | 380 | /* 381 | * The characters that are not allowed to be at the very beginning or very ending 382 | * of a vHost. The same warning as vhost_chars applies. 383 | * 384 | * It is recommended you DON'T change this. 385 | */ 386 | disallow_start_or_end = ".-" 387 | } 388 | 389 | /* 390 | * [REQUIRED] Services Options 391 | * 392 | * This section contains various options which determine how Services will operate. 393 | */ 394 | options 395 | { 396 | /* 397 | * On Linux/UNIX systems Anope can setuid and setgid to this user and group 398 | * after starting up. This is useful if Anope has to bind to privileged ports 399 | */ 400 | #user = "anope" 401 | #group = "anope" 402 | 403 | /* 404 | * The case mapping used by services. This must be set to a valid locale name 405 | * installed on your machine. Services use this case map to compare, with 406 | * case insensitivity, things such as nick names, channel names, etc. 407 | * 408 | * We provide two special casemaps shipped with Anope, ascii and rfc1459. 409 | * 410 | * This value should be set to what your IRCd uses, which is probably rfc1459, 411 | * however Anope has always used ascii for comparison, so the default is ascii. 412 | * 413 | * Changing this value once set is not recommended. 414 | */ 415 | casemap = "ascii" 416 | 417 | /* 418 | * This key is used to initiate the random number generator. This number 419 | * MUST be random as you want your passcodes to be random. Don't give this 420 | * key to anyone! Keep it private! 421 | * 422 | * NOTE: If you don't uncomment this or keep the default values, any talented 423 | * programmer would be able to easily "guess" random strings used to mask 424 | * information. Be safe, and come up with a 7-digit number. 425 | * 426 | * This directive is optional, but highly recommended. 427 | */ 428 | #seed = 9866235 429 | 430 | /* 431 | * If set, Services will perform more stringent checks on passwords. If this 432 | * isn't set, Services will only disallow a password if it is the same as the 433 | * entity (nickname name) with which it is associated. When set, however, 434 | * Services will also check that the password is at least five 435 | * characters long, and in the future will probably check other things 436 | * as well. 437 | * 438 | * This directive is optional, but recommended. 439 | */ 440 | strictpasswords = yes 441 | 442 | /* 443 | * Sets the number of invalid password tries before Services removes a user 444 | * from the network. If a user enters a number of invalid passwords equal to 445 | * the given amount for any Services function or combination of functions 446 | * during a single IRC session (subject to badpasstimeout, below), Services 447 | * will issues a /KILL for the user. If not given, Services will ignore 448 | * failed password attempts (though they will be logged in any case). 449 | * 450 | * This directive is optional, but recommended. 451 | */ 452 | badpasslimit = 5 453 | 454 | /* 455 | * Sets the time after which invalid passwords are forgotten about. If a user 456 | * does not enter any incorrect passwords in this amount of time, the incorrect 457 | * password count will reset to zero. If not given, the timeout will be 458 | * disabled, and the incorrect password count will never be reset until the user 459 | * disconnects. 460 | * 461 | * This directive is optional. 462 | */ 463 | badpasstimeout = 1h 464 | 465 | /* 466 | * Sets the delay between automatic database updates. 467 | */ 468 | updatetimeout = 5m 469 | 470 | /* 471 | * Sets the delay between checks for expired nicknames and channels. 472 | */ 473 | expiretimeout = 30m 474 | 475 | /* 476 | * Sets the timeout period for reading from the uplink. 477 | */ 478 | readtimeout = 5s 479 | 480 | /* 481 | * Sets the interval between sending warning messages for program errors via 482 | * WALLOPS/GLOBOPS. 483 | */ 484 | warningtimeout = 4h 485 | 486 | /* 487 | * Sets the (maximum) frequency at which the timeout list is checked. This, 488 | * combined with readtimeout above, determines how accurately timed events, 489 | * such as nick kills, occur; it also determines how much CPU time Services 490 | * will use doing this. Higher values will cause less accurate timing but 491 | * less CPU usage. 492 | * 493 | * Note that this value is not an absolute limit on the period between 494 | * checks of the timeout list; the previous may be as great as readtimeout 495 | * (above) during periods of inactivity. 496 | * 497 | * If this directive is not given, it will default to 0. 498 | */ 499 | timeoutcheck = 3s 500 | 501 | /* 502 | * If set, this will allow users to let Services send PRIVMSGs to them 503 | * instead of NOTICEs. Also see the "msg" option of nickserv:defaults, 504 | * which also toggles the default communication (PRIVMSG or NOTICE) to 505 | * use for unregistered users. 506 | * 507 | * This is a feature that is against the IRC RFC and should be used ONLY 508 | * if absolutely necessary. 509 | * 510 | * This directive is optional, and not recommended. 511 | */ 512 | #useprivmsg = yes 513 | 514 | /* 515 | * If set, will force Services to only respond to PRIVMSGs addresses to 516 | * Nick@ServerName - e.g. NickServ@localhost.net. This should be used in 517 | * conjunction with IRCd aliases. This directive is optional. 518 | * 519 | * This option will have no effect on some IRCds, such as TS6 IRCds. 520 | */ 521 | #usestrictprivmsg = yes 522 | 523 | /* 524 | * If set, Services will only show /stats o to IRC Operators. This directive 525 | * is optional. 526 | */ 527 | #hidestatso = yes 528 | 529 | /* 530 | * A space-separated list of ulined servers on your network, it is assumed that 531 | * the servers in this list are allowed to set channel modes and Services will 532 | * not attempt to reverse their mode changes. 533 | * 534 | * WARNING: Do NOT put your normal IRC user servers in this directive. 535 | * 536 | * This directive is optional. 537 | */ 538 | #ulineservers = "stats.your.network" 539 | 540 | /* 541 | * How long to wait between connection retries with the uplink(s). 542 | */ 543 | retrywait = 60s 544 | 545 | /* 546 | * If set, Services will hide commands that users don't have the privilege to execute 547 | * from HELP output. 548 | */ 549 | hideprivilegedcommands = yes 550 | 551 | /* 552 | * If set, Services will hide commands that users can't execute because they are not 553 | * logged in from HELP output. 554 | */ 555 | hideregisteredcommands = yes 556 | 557 | /* The regex engine to use, as provided by the regex modules. 558 | * Leave commented to disable regex matching. 559 | * 560 | * Note for this to work the regex module providing the regex engine must be loaded. 561 | */ 562 | #regexengine = "regex/pcre" 563 | 564 | /* 565 | * A list of languages to load on startup that will be available in /nickserv set language. 566 | * Useful if you translate Anope to your language. (Explained further in docs/LANGUAGE). 567 | * Note that english should not be listed here because it is the base language. 568 | * 569 | * Removing .UTF-8 will instead use the default encoding for the language, eg. iso-8859-1 for western European languages. 570 | */ 571 | languages = "ca_ES.UTF-8 de_DE.UTF-8 el_GR.UTF-8 es_ES.UTF-8 fr_FR.UTF-8 hu_HU.UTF-8 it_IT.UTF-8 nl_NL.UTF-8 pl_PL.UTF-8 pt_PT.UTF-8 ru_RU.UTF-8 tr_TR.UTF-8" 572 | 573 | /* 574 | * Default language that non- and newly-registered nicks will receive messages in. 575 | * Set to "en" to enable English. Defaults to the language the system uses. 576 | */ 577 | #defaultlanguage = "es_ES.UTF-8" 578 | } 579 | 580 | /* 581 | * [OPTIONAL] BotServ 582 | * 583 | * Includes botserv.example.conf, which is necessary for BotServ functionality. 584 | * 585 | * Remove this block to disable BotServ. 586 | */ 587 | include 588 | { 589 | type = "file" 590 | name = "botserv.example.conf" 591 | } 592 | 593 | /* 594 | * [RECOMMENDED] ChanServ 595 | * 596 | * Includes chanserv.example.conf, which is necessary for ChanServ functionality. 597 | * 598 | * Remove this block to disable ChanServ. 599 | */ 600 | include 601 | { 602 | type = "file" 603 | name = "chanserv.example.conf" 604 | } 605 | 606 | /* 607 | * [RECOMMENDED] Global 608 | * 609 | * Includes global.example.conf, which is necessary for Global functionality. 610 | * 611 | * Remove this block to disable Global. 612 | */ 613 | include 614 | { 615 | type = "file" 616 | name = "global.example.conf" 617 | } 618 | 619 | /* 620 | * [OPTIONAL] HostServ 621 | * 622 | * Includes hostserv.example.conf, which is necessary for HostServ functionality. 623 | * 624 | * Remove this block to disable HostServ. 625 | */ 626 | include 627 | { 628 | type = "file" 629 | name = "hostserv.example.conf" 630 | } 631 | 632 | /* 633 | * [OPTIONAL] MemoServ 634 | * 635 | * Includes memoserv.example.conf, which is necessary for MemoServ functionality. 636 | * 637 | * Remove this block to disable MemoServ. 638 | */ 639 | include 640 | { 641 | type = "file" 642 | name = "memoserv.example.conf" 643 | } 644 | 645 | /* 646 | * [OPTIONAL] NickServ 647 | * 648 | * Includes nickserv.example.conf, which is necessary for NickServ functionality. 649 | * 650 | * Remove this block to disable NickServ. 651 | */ 652 | include 653 | { 654 | type = "file" 655 | name = "nickserv.example.conf" 656 | } 657 | 658 | /* 659 | * [RECOMMENDED] OperServ 660 | * 661 | * Includes operserv.example.conf, which is necessary for OperServ functionality. 662 | * 663 | * Remove this block to disable OperServ. 664 | */ 665 | include 666 | { 667 | type = "file" 668 | name = "operserv.example.conf" 669 | } 670 | 671 | /* 672 | * [RECOMMENDED] Logging Configuration 673 | * 674 | * This section is used for configuring what is logged and where it is logged to. 675 | * You may have multiple log blocks if you wish. Remember to properly secure any 676 | * channels you choose to have Anope log to! 677 | */ 678 | log 679 | { 680 | /* 681 | * Target(s) to log to, which may be one of the following: 682 | * - a channel name 683 | * - a filename 684 | * - globops 685 | */ 686 | target = "services.log" 687 | 688 | /* Log to both services.log and the channel #services 689 | * 690 | * Note that some older IRCds, such as Ratbox, require services to be in the 691 | * log channel to be able to message it. To do this, configure service:channels to 692 | * join your logging channel. 693 | */ 694 | #target = "services.log #services" 695 | 696 | /* 697 | * The source(s) to only accept log messages from. Leave commented to allow all sources. 698 | * This can be a users name, a channel name, one of our clients (eg, OperServ), or a server name. 699 | */ 700 | #source = "" 701 | 702 | /* 703 | * The bot used to log generic messages which have no predefined sender if there 704 | * is a channel in the target directive. 705 | */ 706 | bot = "Global" 707 | 708 | /* 709 | * The number of days to keep logfiles, only useful if you are logging to a file. 710 | * Set to 0 to never delete old logfiles. 711 | * 712 | * Note that Anope must run 24 hours a day for this feature to work correctly. 713 | */ 714 | logage = 7 715 | 716 | /* 717 | * What types of log messages should be logged by this block. There are nine general categories: 718 | * 719 | * admin - Execution of admin commands (OperServ, etc). 720 | * override - A services operator using their powers to execute a command they couldn't normally. 721 | * commands - Execution of general commands. 722 | * servers - Server actions, linking, squitting, etc. 723 | * channels - Actions in channels such as joins, parts, kicks, etc. 724 | * users - User actions such as connecting, disconnecting, changing name, etc. 725 | * other - All other messages without a category. 726 | * rawio - Logs raw input and output from services 727 | * debug - Debug messages (log files can become VERY large from this). 728 | * 729 | * These options determine what messages from the categories should be logged. Wildcards are accepted, and 730 | * you can also negate values with a ~. For example, "~operserv/akill operserv/*" would log all operserv 731 | * messages except for operserv/akill. Note that processing stops at the first matching option, which 732 | * means "* ~operserv/*" would log everything because * matches everything. 733 | * 734 | * Valid admin, override, and command options are: 735 | * pesudo-serv/commandname (eg, operserv/akill, chanserv/set) 736 | * 737 | * Valid server options are: 738 | * connect, quit, sync, squit 739 | * 740 | * Valid channel options are: 741 | * create, destroy, join, part, kick, leave, mode 742 | * 743 | * Valid user options are: 744 | * connect, disconnect, quit, nick, ident, host, mode, maxusers, oper, away 745 | * 746 | * Rawio and debug are simple yes/no answers, there are no types for them. 747 | * 748 | * Note that modules may add their own values to these options. 749 | */ 750 | admin = "*" 751 | override = "chanserv/* nickserv/* memoserv/set ~botserv/set botserv/*" 752 | commands = "~operserv/* *" 753 | servers = "*" 754 | #channels = "~mode *" 755 | users = "connect disconnect nick" 756 | other = "*" 757 | rawio = no 758 | debug = no 759 | } 760 | 761 | /* 762 | * A log block to globops some useful things. 763 | */ 764 | log 765 | { 766 | target = "globops" 767 | admin = "global/* operserv/chankill operserv/mode operserv/kick operserv/akill operserv/s*line operserv/noop operserv/jupe operserv/oline operserv/set operserv/svsnick operserv/svsjoin operserv/svspart nickserv/getpass */drop" 768 | servers = "squit" 769 | users = "oper" 770 | other = "expire/* bados akill/*" 771 | } 772 | 773 | /* 774 | * [RECOMMENDED] Oper Access Config 775 | * 776 | * This section is used to set up staff access to restricted oper only commands. 777 | * You may define groups of commands and privileges, as well as who may use them. 778 | * 779 | * This block is recommended, as without it you will be unable to access most oper commands. 780 | * It replaces the old ServicesRoot directive amongst others. 781 | * 782 | * The command names below are defaults and are configured in the *serv.conf's. If you configure 783 | * additional commands with permissions, such as commands from third party modules, the permissions 784 | * must be included in the opertype block before the command can be used. 785 | * 786 | * Available privileges: 787 | * botserv/administration - Can view and assign private BotServ bots 788 | * botserv/fantasy - Can use fantasy commands without the FANTASIA privilege 789 | * chanserv/administration - Can modify the settings of any channel (including changing of the owner!) 790 | * chanserv/access/list - Can view channel access and akick lists, but not modify them 791 | * chanserv/access/modify - Can modify channel access and akick lists, and use /chanserv enforce 792 | * chanserv/auspex - Can see any information with /chanserv info 793 | * chanserv/no-register-limit - May register an unlimited number of channels and nicknames 794 | * chanserv/kick - Can kick and ban users from channels through ChanServ 795 | * memoserv/info - Can see any information with /memoserv info 796 | * memoserv/set-limit - Can set the limit of max stored memos on any user and channel 797 | * memoserv/no-limit - Can send memos through limits and throttles 798 | * nickserv/access - Can modify other users access and certificate lists 799 | * nickserv/alist - Can see the channel access list of other users 800 | * nickserv/auspex - Can see any information with /nickserv info 801 | * nickserv/confirm - Can confirm other users nicknames 802 | * nickserv/drop - Can drop other users nicks 803 | * operserv/config - Can modify services's configuration 804 | * operserv/oper/modify - Can add and remove operators with at most the same privileges 805 | * protected - Can not be kicked from channels by Services 806 | * 807 | * Available commands: 808 | * botserv/bot/del botserv/bot/add botserv/bot/change botserv/set/private 809 | * botserv/set/nobot 810 | * 811 | * chanserv/drop chanserv/getkey chanserv/invite 812 | * chanserv/list chanserv/suspend chanserv/topic 813 | * 814 | * chanserv/saset/noexpire 815 | * 816 | * memoserv/sendall memoserv/staff 817 | * 818 | * nickserv/getpass nickserv/getemail nickserv/suspend nickserv/ajoin 819 | * nickserv/list 820 | * 821 | * nickserv/saset/autoop nickserv/saset/email nickserv/saset/greet nickserv/saset/password 822 | * nickserv/saset/display nickserv/saset/kill nickserv/saset/language nickserv/saset/message 823 | * nickserv/saset/private nickserv/saset/secure nickserv/saset/url nickserv/saset/noexpire 824 | * nickserv/saset/keepmodes 825 | * 826 | * hostserv/set hostserv/del hostserv/list 827 | * 828 | * global/global 829 | * 830 | * operserv/news operserv/stats operserv/kick operserv/exception operserv/seen 831 | * operserv/mode operserv/session operserv/modinfo operserv/ignore operserv/chanlist 832 | * operserv/chankill operserv/akill operserv/sqline operserv/snline operserv/userlist 833 | * operserv/oper operserv/config operserv/umode operserv/logsearch 834 | * operserv/modload operserv/jupe operserv/set operserv/noop 835 | * operserv/quit operserv/update operserv/reload operserv/restart 836 | * operserv/shutdown operserv/svs operserv/oline operserv/kill 837 | * 838 | * Firstly, we define 'opertypes' which are named whatever we want ('Network Administrator', etc). 839 | * These can contain commands for oper-only strings (see above) which grants access to that specific command, 840 | * and privileges (which grant access to more general permissions for the named area). 841 | * Wildcard entries are permitted for both, e.g. 'commands = "operserv/*"' for all OperServ commands. 842 | * 843 | * Below are some default example types, but this is by no means exhaustive, 844 | * and it is recommended that you configure them to your needs. 845 | */ 846 | 847 | opertype 848 | { 849 | /* The name of this opertype */ 850 | name = "Helper" 851 | 852 | /* What commands (see above) this opertype has */ 853 | commands = "hostserv/*" 854 | } 855 | 856 | opertype 857 | { 858 | /* The name of this opertype */ 859 | name = "Services Operator" 860 | 861 | /* What opertype(s) this inherits from. Separate with a comma. */ 862 | inherits = "Helper, Another Helper" 863 | 864 | /* What commands (see above) this opertype may use */ 865 | commands = "chanserv/list chanserv/suspend chanserv/topic memoserv/staff nickserv/list nickserv/suspend operserv/mode operserv/chankill operserv/akill operserv/session operserv/modinfo operserv/sqline operserv/oper operserv/kick operserv/ignore operserv/snline" 866 | 867 | /* What privs (see above) this opertype has */ 868 | privs = "chanserv/auspex chanserv/no-register-limit memoserv/* nickserv/auspex nickserv/confirm" 869 | 870 | /* 871 | * Modes to be set on users when they identify to accounts linked to this opertype. 872 | * 873 | * This can be used to automatically oper users who identify for services operator accounts, and is 874 | * useful for setting modes such as Plexus's user mode +N. 875 | * 876 | * Note that some IRCds, such as InspIRCd, do not allow directly setting +o, and this will not work. 877 | */ 878 | #modes = "+o" 879 | } 880 | 881 | opertype 882 | { 883 | name = "Services Administrator" 884 | 885 | inherits = "Services Operator" 886 | 887 | commands = "botserv/* chanserv/access/list chanserv/drop chanserv/getkey chanserv/saset/noexpire memoserv/sendall nickserv/saset/* nickserv/getemail operserv/news operserv/jupe operserv/svs operserv/stats operserv/oline operserv/noop operserv/forbid global/*" 888 | 889 | privs = "*" 890 | } 891 | 892 | opertype 893 | { 894 | name = "Services Root" 895 | 896 | commands = "*" 897 | 898 | privs = "*" 899 | } 900 | 901 | /* 902 | * After defining different types of operators in the above opertype section, we now define who is in these groups 903 | * through 'oper' blocks, similar to ircd access. 904 | * 905 | * The default is to comment these out (so NOBODY will have Services access). 906 | * You probably want to add yourself and a few other people at minimum. 907 | * 908 | * As with all permissions, make sure to only give trustworthy people access to Services. 909 | */ 910 | 911 | #oper 912 | { 913 | /* The nickname of this services oper */ 914 | #name = "nick1" 915 | 916 | /* The opertype this person will have */ 917 | type = "Services Root" 918 | 919 | /* If set, the user must be an oper on the IRCd to gain their Services 920 | * oper privileges. 921 | */ 922 | require_oper = yes 923 | 924 | /* An optional password. If defined the user must login using "/msg OperServ LOGIN" first */ 925 | #password = "secret" 926 | 927 | /* An optional SSL fingerprint. If defined, it's required to be able to use this opertype. */ 928 | #certfp = "ed3383b3f7d74e89433ddaa4a6e5b2d7" 929 | 930 | /* An optional list of user@host masks. If defined the user must be connected from one of them */ 931 | #host = "*@*.anope.org ident@*" 932 | 933 | /* An optional vHost to set on users who identify for this oper block. 934 | * This will override HostServ vHosts, and may not be available on all IRCds 935 | */ 936 | #vhost = "oper.mynet" 937 | } 938 | 939 | #oper 940 | { 941 | name = "nick2" 942 | type = "Services Administrator" 943 | } 944 | 945 | #oper 946 | { 947 | name = "nick3" 948 | type = "Helper" 949 | } 950 | 951 | /* 952 | * [OPTIONAL] Mail Config 953 | * 954 | * This section contains settings related to the use of e-mail from Services. 955 | * If the usemail directive is set to yes, unless specified otherwise, all other 956 | * directives are required. 957 | * 958 | * NOTE: Users can find the IP of the machine services is running on by examining 959 | * mail headers. If you do not want your IP known, you should set up a mail relay 960 | * to strip the relevant headers. 961 | */ 962 | mail 963 | { 964 | /* 965 | * If set, this option enables the mail commands in Services. You may choose 966 | * to disable it if you have no Sendmail-compatible mailer installed. Whilst 967 | * this directive (and entire block) is optional, it is required if 968 | * nickserv:registration is set to yes. 969 | */ 970 | usemail = no 971 | 972 | /* 973 | * This is the command-line that will be used to call the mailer to send an 974 | * e-mail. It must be called with all the parameters needed to make it 975 | * scan the mail input to find the mail recipient; consult your mailer 976 | * documentation. 977 | * 978 | * Postfix users must use the compatible sendmail utility provided with 979 | * it. This one usually needs no parameters on the command-line. Most 980 | * sendmail applications (or replacements of it) require the -t option 981 | * to be used. 982 | */ 983 | sendmailpath = "/usr/sbin/sendmail -t" 984 | 985 | /* 986 | * This is the e-mail address from which all the e-mails are to be sent from. 987 | * It should really exist. 988 | */ 989 | sendfrom = "services@localhost.net" 990 | 991 | /* 992 | * This controls the minimum amount of time a user must wait before sending 993 | * another e-mail after they have sent one. It also controls the minimum time 994 | * a user must wait before they can receive another e-mail. 995 | * 996 | * This feature prevents users from being mail bombed using Services and 997 | * it is highly recommended that it be used. 998 | * 999 | * This directive is optional, but highly recommended. 1000 | */ 1001 | delay = 5m 1002 | 1003 | /* 1004 | * If set, Services will not attempt to put quotes around the TO: fields 1005 | * in e-mails. 1006 | * 1007 | * This directive is optional, and as far as we know, it's only needed 1008 | * if you are using ESMTP or QMail to send out e-mails. 1009 | */ 1010 | #dontquoteaddresses = yes 1011 | 1012 | /* 1013 | * The subject and message of emails sent to users when they register accounts. 1014 | */ 1015 | registration_subject = "Nickname registration for %n" 1016 | registration_message = "Hi, 1017 | 1018 | You have requested to register the nickname %n on %N. 1019 | Please type \" /msg NickServ CONFIRM %c \" to complete registration. 1020 | 1021 | If you don't know why this mail was sent to you, please ignore it silently. 1022 | 1023 | %N administrators." 1024 | 1025 | /* 1026 | * The subject and message of emails sent to users when they request a new password. 1027 | */ 1028 | reset_subject = "Reset password request for %n" 1029 | reset_message = "Hi, 1030 | 1031 | You have requested to have the password for %n reset. 1032 | To reset your password, type \" /msg NickServ CONFIRM %n %c \" 1033 | 1034 | If you don't know why this mail was sent to you, please ignore it silently. 1035 | 1036 | %N administrators." 1037 | 1038 | /* 1039 | * The subject and message of emails sent to users when they request a new email address. 1040 | */ 1041 | emailchange_subject = "Email confirmation" 1042 | emailchange_message = "Hi, 1043 | 1044 | You have requested to change your email address from %e to %E. 1045 | Please type \" /msg NickServ CONFIRM %c \" to confirm this change. 1046 | 1047 | If you don't know why this mail was sent to you, please ignore it silently. 1048 | 1049 | %N administrators." 1050 | 1051 | /* 1052 | * The subject and message of emails sent to users when they receive a new memo. 1053 | */ 1054 | memo_subject = "New memo" 1055 | memo_message = "Hi %n, 1056 | 1057 | You've just received a new memo from %s. This is memo number %d. 1058 | 1059 | Memo text: 1060 | 1061 | %t" 1062 | } 1063 | 1064 | /* 1065 | * [REQUIRED] Database configuration. 1066 | * 1067 | * This section is used to configure databases used by Anope. 1068 | * You should at least load one database method, otherwise any data you 1069 | * have will not be stored! 1070 | */ 1071 | 1072 | include 1073 | { 1074 | type = "executable" 1075 | name = "/anope/conf/database.sh" 1076 | } 1077 | 1078 | /* 1079 | * [DEPRECATED] db_old 1080 | * 1081 | * This is the old binary database format from late Anope 1.7.x, Anope 1.8.x, and 1082 | * early Anope 1.9.x. This module only loads these databases, and will NOT save them. 1083 | * You should only use this to upgrade old databases to a newer database format by loading 1084 | * other database modules in addition to this one, which will be used when saving databases. 1085 | */ 1086 | #module 1087 | { 1088 | name = "db_old" 1089 | 1090 | /* 1091 | * This is the encryption type used by the databases. This must be set correctly or 1092 | * your passwords will not work. Valid options are: md5, oldmd5, sha1, and plain. 1093 | * You must also be sure to load the correct encryption module below in the Encryption 1094 | * Modules section so that your passwords work. 1095 | */ 1096 | #hash = "md5" 1097 | } 1098 | 1099 | /* 1100 | * [RECOMMENDED] db_flatfile 1101 | * 1102 | * This is the default flatfile database format. 1103 | */ 1104 | #module 1105 | { 1106 | name = "db_flatfile" 1107 | 1108 | /* 1109 | * The database name db_flatfile should use 1110 | */ 1111 | database = "/data/anope.db" 1112 | 1113 | /* 1114 | * Sets the number of days backups of databases are kept. If you don't give it, 1115 | * or if you set it to 0, Services won't backup the databases. 1116 | * 1117 | * NOTE: Services must run 24 hours a day for this feature to work. 1118 | * 1119 | * This directive is optional, but recommended. 1120 | */ 1121 | keepbackups = 3 1122 | 1123 | /* 1124 | * Allows Services to continue file write operations (i.e. database saving) 1125 | * even if the original file cannot be backed up. Enabling this option may 1126 | * allow Services to continue operation under conditions where it might 1127 | * otherwise fail, such as a nearly-full disk. 1128 | * 1129 | * NOTE: Enabling this option can cause irrecoverable data loss under some 1130 | * conditions, so make CERTAIN you know what you're doing when you enable it! 1131 | * 1132 | * This directive is optional, and you are discouraged against enabling it. 1133 | */ 1134 | #nobackupokay = yes 1135 | 1136 | /* 1137 | * If enabled, services will fork a child process to save databases. 1138 | * 1139 | * This is only useful with very large databases, with hundreds 1140 | * of thousands of objects, that have a noticeable delay from 1141 | * writing databases. 1142 | * 1143 | * If your database is large enough cause a noticeable delay when 1144 | * saving you should consider a more powerful alternative such 1145 | * as db_sql or db_redis, which incrementally update their 1146 | * databases asynchronously in real time. 1147 | */ 1148 | fork = no 1149 | } 1150 | 1151 | /* 1152 | * db_sql and db_sql_live 1153 | * 1154 | * db_sql module allows saving and loading databases using one of the SQL engines. 1155 | * This module loads the databases once on startup, then incrementally updates 1156 | * objects in the database as they are changed within Anope in real time. Changes 1157 | * to the SQL tables not done by Anope will have no effect and will be overwritten. 1158 | * 1159 | * db_sql_live module allows saving and loading databases using one of the SQL engines. 1160 | * This module reads and writes to SQL in real time. Changes to the SQL tables 1161 | * will be immediately reflected into Anope. This module should not be loaded 1162 | * in conjunction with db_sql. 1163 | * 1164 | */ 1165 | #module 1166 | { 1167 | name = "db_sql" 1168 | #name = "db_sql_live" 1169 | 1170 | /* 1171 | * The SQL service db_sql(_live) should use, these are configured in modules.conf. 1172 | * For MySQL, this should probably be mysql/main. 1173 | */ 1174 | engine = "sqlite/main" 1175 | 1176 | /* 1177 | * An optional prefix to prepended to the name of each created table. 1178 | * Do not use the same prefix for other programs. 1179 | */ 1180 | #prefix = "anope_db_" 1181 | 1182 | /* Whether or not to import data from another database module in to SQL on startup. 1183 | * If you enable this, be sure that the database services is configured to use is 1184 | * empty and that another database module to import from is loaded before db_sql. 1185 | * After you enable this and do a database import you should disable it for 1186 | * subsequent restarts. 1187 | * 1188 | * Note that you can not import databases using db_sql_live. If you want to import 1189 | * databases and use db_sql_live you should import them using db_sql, then shut down 1190 | * and start services with db_sql_live. 1191 | */ 1192 | import = false 1193 | } 1194 | 1195 | /* 1196 | * db_redis. 1197 | * 1198 | * This module allows using Redis (http://redis.io) as a database backend. 1199 | * This module requires that m_redis is loaded and configured properly. 1200 | * 1201 | * Redis 2.8 supports keyspace notifications which allows Redis to push notifications 1202 | * to Anope about outside modifications to the database. This module supports this and 1203 | * will internally reflect any changes made to the database immediately once notified. 1204 | * See docs/REDIS for more information regarding this. 1205 | */ 1206 | #module 1207 | { 1208 | name = "db_redis" 1209 | 1210 | /* 1211 | * Redis database to use. This must be configured with m_redis. 1212 | */ 1213 | engine = "redis/main" 1214 | } 1215 | 1216 | /* 1217 | * [RECOMMENDED] Encryption modules. 1218 | * 1219 | * The encryption modules are used when dealing with passwords. This determines how 1220 | * the passwords are stored in the databases, and does not add any security as 1221 | * far as transmitting passwords over the network goes. 1222 | * 1223 | * Without any encryption modules loaded users will not be able to authenticate unless 1224 | * there is another module loaded that provides authentication checking, such as 1225 | * m_ldap_authentication or m_sql_authentication. 1226 | * 1227 | * With enc_none, passwords will be stored in plain text, allowing for passwords 1228 | * to be recovered later but it isn't secure and therefore is not recommended. 1229 | * 1230 | * The other encryption modules use one-way encryption, so the passwords can not 1231 | * be recovered later if those are used. 1232 | * 1233 | * The first encryption module loaded is the primary encryption module. All new passwords are 1234 | * encrypted by this module. Old passwords stored in another encryption method are 1235 | * automatically re-encrypted by the primary encryption module on next identify. 1236 | * 1237 | * enc_md5, enc_sha1, and enc_old are deprecated, and are provided for users 1238 | * to upgrade to a newer encryption module. Do not use them as the primary 1239 | * encryption module. They will be removed in a future release. 1240 | * 1241 | */ 1242 | 1243 | #module { name = "enc_bcrypt" } 1244 | module { name = "enc_sha256" } 1245 | 1246 | /* 1247 | * When using enc_none, passwords will be stored without encryption. This isn't secure 1248 | * therefore it is not recommended. 1249 | */ 1250 | #module { name = "enc_none" } 1251 | 1252 | /* Deprecated encryption modules */ 1253 | #module { name = "enc_md5" } 1254 | #module { name = "enc_sha1" } 1255 | 1256 | /* 1257 | * enc_old is Anope's previous (broken) MD5 implementation used from 1.4.x to 1.7.16. 1258 | * If your databases were made using that module, load it here to allow conversion to the primary 1259 | * encryption method. 1260 | */ 1261 | #module { name = "enc_old" } 1262 | 1263 | 1264 | /* Extra (optional) modules. */ 1265 | include 1266 | { 1267 | type = "file" 1268 | name = "modules.example.conf" 1269 | } 1270 | 1271 | /* 1272 | * Chanstats module. 1273 | * Requires a MySQL Database. 1274 | */ 1275 | #include 1276 | { 1277 | type = "file" 1278 | name = "chanstats.example.conf" 1279 | } 1280 | 1281 | /* 1282 | * IRC2SQL Gateway 1283 | * This module collects data about users, channels and servers. It doesn't build stats 1284 | * itself, however, it gives you the database, it's up to you how you use it. 1285 | * 1286 | * Requires a MySQL Database and MySQL version 5.5 or higher 1287 | */ 1288 | #include 1289 | { 1290 | type = "file" 1291 | name = "irc2sql.example.conf" 1292 | } 1293 | -------------------------------------------------------------------------------- /conf/uplink.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cat < 7 | 8 | 9 | -------------------------------------------------------------------------------- /tests/release.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | echo " 3 | ###################################### 4 | ### Release test ## 5 | ###################################### 6 | " 7 | 8 | if [ "$ANOPE_VERSION" = "" ]; then 9 | echo "\$ANOPE_VERSION is not set. Useless test... Exiting." 10 | exit 0 11 | fi 12 | 13 | 14 | # Check for command existence 15 | # See: https://www.shivering-isles.com/helpful-shell-snippets-for-docker-testing-and-bootstrapping/ 16 | command_exits() { command -v "$1" >/dev/null 2>&1 || { echo >&2 "I require $1 but it's not installed. Aborting."; exit 1; }; } 17 | 18 | # Version comparison greater or equal 19 | # See: https://www.shivering-isles.com/helpful-shell-snippets-for-docker-testing-and-bootstrapping/ 20 | version_ge() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1" || test "$1" = "$2"; } 21 | 22 | # GitHub get latest release tag 23 | # See: https://www.shivering-isles.com/helpful-shell-snippets-for-docker-testing-and-bootstrapping/ 24 | github_latest_release() { wget -qO- "https://api.github.com/repos/$1/releases/latest" | jq .tag_name | sed -e 's/"//g'; } 25 | 26 | command_exits wget 27 | command_exits jq 28 | 29 | if version_ge "$ANOPE_VERSION" "$(github_latest_release "anope/anope")"; then 30 | echo "Anope version ($ANOPE_VERSION) is up to date! Test successful." 31 | else 32 | echo >&2 "A newer Anope release is available! Please update. New version is $(github_latest_release "anope/anope")" 33 | exit 1 34 | fi 35 | --------------------------------------------------------------------------------