mirrors/ngircd
1
0
Fork 0
mirror of https://github.com/osmarks/ngircd.git synced 2025-09-07 05:07:56 +00:00
Code Issues Releases Wiki Activity

Merge branch 'newconfig'

Browse Source 
* newconfig:
  sample-ngircd.conf: "SyslogFacility" should be commented out
  Move SSL-related configuration variables to new [SSL] section
  CheckFileReadable(): only check when a filename is given ...
  PAM: make clear which "Password" config option is ignored
  Really remove [Features] in our manual pages
  INSTALL: document changed location of configuration variables
  Update sample config file and manual page for new config structure
  Testsuite: update configuration files for new config file format
  Display configuration errors more prominent on "--configtest"
  conf.c: code cleanup
  Check for redability of SSL-related files like for MOTD file
  Restructure ngIRCd configuration, introduce [Limits] and [Options]
This commit is contained in:
Alexander Barton
2011-06-26 15:24:07 +02:00
parent b1786f309e 3d0ce77f12
commit 3282c1325e
6 changed files with 835 additions and 655 deletions
Download Patch File Download Diff File Expand all files Collapse all files

204
doc/sample-ngircd.conf.tmpl
View File

@@ -12,69 +12,37 @@
# Use "ngircd --configtest" (see manual page ngircd(8)) to validate that the
# server interprets the configuration file as expected!
#
# Please see ngircd.conf(5) for a complete list of configuration options.
# Please see ngircd.conf(5) for a complete list of configuration options
# and their descriptions.
#
[Global]
# The [Global] section of this file is used to define the main
# configuration of the server, like the server name and the ports
# on which the server should be listening.
# These settings depend on your personal preferences, so you should
# make sure that they correspond to your installation and setup!
# Server name in the IRC network, must contain at least one dot
# (".") and be unique in the IRC network. Required!
Name = irc.example.net
# Info text of the server. This will be shown by WHOIS and
# LINKS requests for example.
Info = Server Info Text
# Global password for all users needed to connect to the server.
# (Default: not set)
;Password = abc
# Password required for using the WEBIRC command used by some
# Web-to-IRC gateways. If not set/empty, the WEBIRC command can't
# be used. (Default: not set)
;WebircPassword = xyz
# Information about the server and the administrator, used by the
# ADMIN command. Not required by server but by RFC!
;AdminInfo1 = Description
;AdminInfo2 = Location
;AdminEMail = admin@irc.server
# Ports on which the server should listen. There may be more than
# one port, separated with ",". (Default: 6667)
;Ports = 6667, 6668, 6669
# Info text of the server. This will be shown by WHOIS and
# LINKS requests for example.
Info = Server Info Text
# Additional Listen Ports that expect SSL/TLS encrypted connections
;SSLPorts = 6697, 9999
# SSL Server Key
;SSLKeyFile = :ETCDIR:/ssl/server-key.pem
# password to decrypt SSLKeyFile (OpenSSL only)
;SSLKeyFilePassword = secret
# SSL Server Key Certificate
;SSLCertFile = :ETCDIR:/ssl/server-cert.pem
# Diffie-Hellman parameters
;SSLDHFile = :ETCDIR:/ssl/dhparams.pem
# comma separated list of IP addresses on which the server should
# Comma separated list of IP addresses on which the server should
# listen. Default values are:
# "0.0.0.0" or (if compiled with IPv6 support) "::,0.0.0.0"
# so the server listens on all IP addresses of the system by default.
;Listen = 127.0.0.1,192.168.0.1
# Syslog "facility" to which ngIRCd should send log messages.
# Possible values are system dependant, but most probably auth, daemon,
# user and local1 through local7 are possible values; see syslog(3).
# Default is "local5" for historical reasons, you probably want to
# change this to "daemon", for example.
SyslogFacility = local1
# Text file with the "message of the day" (MOTD). This message will
# be shown to all users connecting to the server:
;MotdFile = :ETCDIR:/ngircd.motd
@@ -82,6 +50,25 @@
# A simple Phrase (<256 chars) if you don't want to use a motd file.
;MotdPhrase = "Hello world!"
# Global password for all users needed to connect to the server.
# (Default: not set)
;Password = abc
# This tells ngIRCd to write its current process ID to a file.
# Note that the pidfile is written AFTER chroot and switching the
# user ID, e.g. the directory the pidfile resides in must be
# writeable by the ngIRCd user and exist in the chroot directory.
;PidFile = /var/run/ngircd/ngircd.pid
# Ports on which the server should listen. There may be more than
# one port, separated with ",". (Default: 6667)
;Ports = 6667, 6668, 6669
# Group ID under which the ngIRCd should run; you can use the name
# of the group or the numerical ID. ATTENTION: For this to work the
# server must have been started with root privileges!
;ServerGID = 65534
# User ID under which the server should run; you can use the name
# of the user or the numerical ID. ATTENTION: For this to work the
# server must have been started with root privileges! In addition,
@@ -89,55 +76,14 @@
# otherwise RESTART and REHASH won't work!
;ServerUID = 65534
# Group ID under which the ngircd should run; you can use the name
# of the group or the numerical ID. ATTENTION: For this to work the
# server must have been started with root privileges!
;ServerGID = 65534
# A directory to chroot in when everything is initialized. It
# doesn't need to be populated if ngIRCd is compiled as a static
# binary. By default ngIRCd won't use the chroot() feature.
# ATTENTION: For this to work the server must have been started
# with root privileges!
;ChrootDir = /var/empty
# This tells ngircd to write its current process id to a file.
# Note that the pidfile is written AFTER chroot and switching uid,
# i. e. the Directory the pidfile resides in must be writeable by
# the ngircd user and exist in the chroot directory.
;PidFile = /var/run/ngircd/ngircd.pid
# After <PingTimeout> seconds of inactivity the server will send a
# PING to the peer to test whether it is alive or not.
;PingTimeout = 120
# If a client fails to answer a PING with a PONG within <PongTimeout>
# seconds, it will be disconnected by the server.
;PongTimeout = 20
[Limits]
# Define some limits and timeouts for this ngIRCd instance. Default
# values should be safe, but it is wise to double-check :-)
# The server tries every <ConnectRetry> seconds to establish a link
# to not yet (or no longer) connected servers.
;ConnectRetry = 60
# Should IRC Operators be allowed to use the MODE command even if
# they are not(!) channel-operators?
;OperCanUseMode = no
# Mask IRC Operator mode requests as if they were coming from the
# server? (This is a compatibility hack for ircd-irc2 servers)
;OperServerMode = no
# Are remote IRC operators allowed to control this server, e. g.
# use commands like CONNECT, SQUIT, DIE, ...?
;AllowRemoteOper = no
# Allow Pre-Defined Channels only (see Section [Channels])
;PredefChannelsOnly = no
# try to connect to other irc servers using ipv4 and ipv6, if possible
;ConnectIPv6 = yes
;ConnectIPv4 = yes
# Maximum number of simultaneous in- and outbound connections the
# server is allowed to accept (0: unlimited):
;MaxConnections = 0
@@ -154,15 +100,29 @@
# maximum nick name length!
;MaxNickLength = 9
# Normally ngIRCd doesn't send any messages to a client until it is
# registered. Enable this option to let the daemon send "NOTICE AUTH"
# messages to clients while connecting.
;NoticeAuth = no
# After <PingTimeout> seconds of inactivity the server will send a
# PING to the peer to test whether it is alive or not.
;PingTimeout = 120
# Let ngIRCd send an "authentication PING" when a new client connects,
# and register this client only after receiving the corresponding
# "PONG" reply.
;RequireAuthPing = no
# If a client fails to answer a PING with a PONG within <PongTimeout>
# seconds, it will be disconnected by the server.
;PongTimeout = 20
[Options]
# Optional features and configuration options to further tweak the
# behavior of ngIRCd. If you wan't to get started quickly, you most
# probably don't have to make changes here -- they are all optional.
# Are remote IRC operators allowed to control this server, e.g.
# use commands like CONNECT, SQUIT, DIE, ...?
;AllowRemoteOper = no
# A directory to chroot in when everything is initialized. It
# doesn't need to be populated if ngIRCd is compiled as a static
# binary. By default ngIRCd won't use the chroot() feature.
# ATTENTION: For this to work the server must have been started
# with root privileges!
;ChrootDir = /var/empty
# Set this hostname for every client instead of the real one.
# Please note: don't use the percentage sign ("%"), it is reserved for
@@ -172,16 +132,72 @@
# Set every clients' user name to their nick name
;CloakUserToNick = yes
[Features]
# Try to connect to other IRC servers using IPv4 and IPv6, if possible.
;ConnectIPv6 = yes
;ConnectIPv4 = yes
# Do any DNS lookups when a client connects to the server.
;DNS = yes
# Do any IDENT lookups if ngIRCd has been compiled with support for it.
# Do IDENT lookups if ngIRCd has been compiled with support for it.
;Ident = yes
# Normally ngIRCd doesn't send any messages to a client until it is
# registered. Enable this option to let the daemon send "NOTICE AUTH"
# messages to clients while connecting.
;NoticeAuth = no
# Should IRC Operators be allowed to use the MODE command even if
# they are not(!) channel-operators?
;OperCanUseMode = no
# Mask IRC Operator mode requests as if they were coming from the
# server? (This is a compatibility hack for ircd-irc2 servers)
;OperServerMode = no
# Use PAM if ngIRCd has been compiled with support for it.
;PAM = no
# Allow Pre-Defined Channels only (see Section [Channels])
;PredefChannelsOnly = no
# Let ngIRCd send an "authentication PING" when a new client connects,
# and register this client only after receiving the corresponding
# "PONG" reply.
;RequireAuthPing = no
# Syslog "facility" to which ngIRCd should send log messages.
# Possible values are system dependent, but most probably auth, daemon,
# user and local1 through local7 are possible values; see syslog(3).
# Default is "local5" for historical reasons, you probably want to
# change this to "daemon", for example.
;SyslogFacility = local1
# Password required for using the WEBIRC command used by some
# Web-to-IRC gateways. If not set/empty, the WEBIRC command can't
# be used. (Default: not set)
;WebircPassword = xyz
;[SSL]
# SSL-related configuration options. Please note that this section
# is only available when ngIRCd is compiled with support for SSL!
# So don't forget to remove the ";" above if this is the case ...
# SSL Server Key Certificate
;SSLCertFile = :ETCDIR:/ssl/server-cert.pem
# Diffie-Hellman parameters
;SSLDHFile = :ETCDIR:/ssl/dhparams.pem
# SSL Server Key
;SSLKeyFile = :ETCDIR:/ssl/server-key.pem
# password to decrypt SSLKeyFile (OpenSSL only)
;SSLKeyFilePassword = secret
# Additional Listen Ports that expect SSL/TLS encrypted connections
;SSLPorts = 6697, 9999
[Operator]
# [Operator] sections are used to define IRC Operators. There may be
# more than one [Operator] block, one for each local operator.