Add config examples for CI

2 files changed, 361 insertions, 0 deletions

diff --git a/ci/.makeopts b/ci/.makeopts
new file mode 100644
index 0000000..6ec80ac
--- /dev/null
+++ b/ci/.makeopts
@@ -0,0 +1,54 @@
+# The following options control which network transports are built into
+# HaxIRCd.
+# PLAINTEXT: Use plain TCP sockets.
+# GNUTLS:    Use TLS over TCP, as provided by GnuTLS.
+# OPENSSL:   Use TLS over TCP, as provided by OpenSSL/LibreSSL.
+# The BUFFERED variants causes sending to occur over a separate thread
+# and uses a ring buffer to buffer messages, until full messages are
+# ready to send. These usually perform better than their unbuffered
+# counterparts. The size of the ring buffer is configurable in
+# config.c.
+LAST_PLAINTEXT_NETWORK = 1
+LAST_GNUTLS_NETWORK =
+LAST_OPENSSL_NETWORK = 1
+LAST_PLAINTEXT_BUFFERED_NETWORK = 1
+LAST_GNUTLS_BUFFERED_NETWORK =
+LAST_OPENSSL_BUFFERED_NETWORK = 1
+
+# CLIENT: Support connections from clients. (Not implemented yet.)
+# SERVER: Support s2s connections.
+LAST_CLIENT =
+LAST_SERVER = 1
+
+# The following control the server protocols compiled into HaxIRCd.
+# You should enable at least one of them. Note that InspIRCd v(n+1) is
+# compatible with INSPIRCD(n)_PROTOCOL.
+LAST_INSPIRCD2_PROTOCOL = 1
+LAST_INSPIRCD3_PROTOCOL = 1
+LAST_INSPIRCD4_PROTOCOL = 1
+
+# The following control pseudoclients compiled into HaxIRCd.
+LAST_HAXSERV_PSEUDOCLIENT = 1
+LAST_SERVICES_PSEUDOCLIENT = 1
+
+# When SAFE_STACK is enabled, -fstack-check is added to CFLAGS.
+LAST_SAFE_STACK = 1
+
+# The following control how locks are handled in HaxIRCd.
+# ATOMICS are recommended whenever supported. FUTEX is recommended on Linux.
+# MISERABLE_SPINLOCKS may be used on systems that support neither POSIX
+# semaphores or futexes. If neither FUTEX or MISERABLE_SPINLOCKS are
+# defined, POSIX semaphores are used.
+LAST_FUTEX = 1
+LAST_MISERABLE_SPINLOCKS =
+LAST_ATOMICS = 1
+
+# You must enable at least one of the below. Enabling both is recommended,
+# but if one of them is undesirable for whatever reason, you could turn it
+# off here.
+LAST_IPv4 = 1
+LAST_IPv6 = 1
+
+# General options.
+LAST_CFLAGS =
+LAST_CC = cc
diff --git a/ci/config.c b/ci/config.c
new file mode 100644
index 0000000..26a6ea9
--- /dev/null
+++ b/ci/config.c
@@ -0,0 +1,307 @@
+#include <time.h>
+
+#include "config.h"
+#include "general_network.h"
+#include "protocols.h"
+
+#ifdef USE_SERVER
+#include "server_network.h"
+#endif
+
+#ifdef USE_SERVER
+struct server_config SERVER_CONFIG[] = {
+	{
+	 /*
+	  * The name of the remote server. Must be in a valid DNS format,
+	  * but doesn't have to resolve.
+	  */
+	 .name = STRING("peer.server.name"),
+
+	 /*
+	  * The server ID of the remote server. The format depends on the
+	  * protocol, but most protocols expect a three-byte string,
+	  * where the first byte is a number and the two subsequent
+	  * bytes are alphanumeric. Letters should usually be in
+	  * uppercase. Server IDs are not translted between protocols
+	  * so a uniform format is generally required.
+	  */
+	 .sid = STRING("1UL"),
+
+	 /*
+	  * Passwords, should be self-explanatory.
+	  */
+	 .in_pass = STRING("password-to-expect-from-peer"),
+	 .out_pass = STRING("password-to-send-to-peer"),
+
+	 /*
+	  * Which protocol to use. Currently, only InspIRCd protocols are
+	  * supported. A custom HaxIRCd binary protocol is planned, and
+	  * support for TS6, UnrealIRCd, and other protocols may be added.
+	  *
+	  * INSPIRCD4_PROTOCOL: the 1206 protocol native to InspIRCd v4
+	  * INSPIRCD3_PROTOCOL: the 1205 protocol native to InspIRCd v3
+	  * INSPIRCD2_PROTOCOL: the 1202 protocol native to InspIRCd v2
+	  */
+	 .protocol = INSPIRCD4_PROTOCOL,
+
+	 .ignore_remote_unlinks = 0,
+	 .ignore_remote_kills = 1,
+	 .ignore_local_kills = 1,
+
+	 /*
+	  * Set autoconnect to 1 if you want to connect to this server.
+	  * Set autoconnect to 0 if you want this server to connect to you.
+	  */
+	 .autoconnect = 1,
+
+	 /*
+	  * This option is ignored when autoconnect=0.
+	  *
+	  * TLS links are highly recommended if not connecting to localhost
+	  * or otherwise over a secure channel such as WireGuard. Although
+	  * GnuTLS is supported, the primary developers use OpenSSL, and
+	  * OpenSSL is more common anyways.
+	  * Buffering is also highly recommended as it measurably improves
+	  * performance.
+	  *
+	  * NET_TYPE_PLAINTEXT: Plain TCP link
+	  * NET_TYPE_GNUTLS: GnuTLS link
+	  * NET_TYPE_OPENSSL: OpenSSL link
+	  * NET_TYPE_PLAINTEXT_BUFFERED: Plain TCP link with buffering
+	  * NET_TYPE_GNUTLS_BUFFERED: GnuTLS link with buffering
+	  * NET_TYPE_OPENSSL_BUFFERED: OpenSSL link with buffering
+	  */
+	 .autoconnect_type = NET_TYPE_PLAINTEXT,
+
+	 /*
+	  * The address and the port to connect to. The address may be
+	  * either an IP address or a resolvable domain.
+	  */
+	 .address = STRING("127.0.0.1"),
+	 .port = STRING("7000"),
+	},
+};
+
+size_t SERVER_CONFIG_LEN = sizeof(SERVER_CONFIG) / sizeof(*SERVER_CONFIG);
+#endif
+
+/*
+ * Our own server ID. Most protocols expect a three-byte string,
+ * where the first byte is a number and the two subsequent
+ * bytes are alphanumeric. Letters should usually be in
+ * uppercase. Server IDs are not translted between protocols
+ * so a uniform format is generally required.
+ */
+struct string SID = STRING("2TX");
+
+/*
+ * Our server name. Well-formed DNS, doesn't have to resolve.
+ */
+struct string SERVER_NAME = STRING("h.learn.tuxiversity.org");
+
+/*
+ * Our server description.
+ */
+struct string SERVER_FULLNAME = STRING("HaxIRCd");
+
+/*
+ * How many seconds of idleness should cause a PING to be sent.
+ */
+time_t PING_INTERVAL = 60;
+
+/*
+ * TLS certificates. If using Let's Encrypt or a similar provider,
+ * supply the "fullchain" in *_CERT_PATH and the "privkey" in
+ * *_KEY_PATH.
+ *
+ * NOTE: We do not check the validity of TLS certificates yet. CertFP
+ * authentication will be added later.
+ */
+#ifdef USE_GNUTLS
+char GNUTLS_USE_SYSTEM_TRUST = 1;
+char *GNUTLS_CERT_PATH = "/path/to/fullchain.pem";
+char *GNUTLS_KEY_PATH = "/path/to/privkey.pem";
+#endif
+#ifdef USE_OPENSSL
+char OPENSSL_USE_SYSTEM_TRUST = 1;
+char *OPENSSL_CERT_PATH = "/path/to/fullchain.pem";
+char *OPENSSL_KEY_PATH = "/path/to/privkey.pem";
+#endif
+
+/*
+ * The following section defines the port that each (network, protocol)
+ * should listen on.
+ */
+#ifdef USE_SERVER
+unsigned short SERVER_PORTS[NUM_NET_TYPES][NUM_PROTOCOLS] = {
+#ifdef USE_PLAINTEXT
+#ifdef USE_INSPIRCD2_PROTOCOL
+	[NET_TYPE_PLAINTEXT][INSPIRCD2_PROTOCOL] = 7001,
+#endif
+#ifdef USE_INSPIRCD3_PROTOCOL
+	[NET_TYPE_PLAINTEXT][INSPIRCD3_PROTOCOL] = 7002,
+#endif
+#ifdef USE_INSPIRCD4_PROTOCOL
+	[NET_TYPE_PLAINTEXT][INSPIRCD4_PROTOCOL] = 7003,
+#endif
+#endif
+#ifdef USE_GNUTLS
+#ifdef USE_INSPIRCD2_PROTOCOL
+	[NET_TYPE_GNUTLS][INSPIRCD2_PROTOCOL] = 7011,
+#endif
+#ifdef USE_INSPIRCD3_PROTOCOL
+	[NET_TYPE_GNUTLS][INSPIRCD3_PROTOCOL] = 7012,
+#endif
+#ifdef USE_INSPIRCD4_PROTOCOL
+	[NET_TYPE_GNUTLS][INSPIRCD4_PROTOCOL] = 7013,
+#endif
+#endif
+#ifdef USE_OPENSSL
+#ifdef USE_INSPIRCD2_PROTOCOL
+	[NET_TYPE_OPENSSL][INSPIRCD2_PROTOCOL] = 7021,
+#endif
+#ifdef USE_INSPIRCD3_PROTOCOL
+	[NET_TYPE_OPENSSL][INSPIRCD3_PROTOCOL] = 7022,
+#endif
+#ifdef USE_INSPIRCD4_PROTOCOL
+	[NET_TYPE_OPENSSL][INSPIRCD4_PROTOCOL] = 7023,
+#endif
+#endif
+};
+
+/*
+ * The following section defines the backlog of each protocol's
+ * listening. This is passed into the backlog argument of listen(2).
+ */
+size_t SERVER_LISTEN[NUM_NET_TYPES][NUM_PROTOCOLS] = {
+#ifdef USE_PLAINTEXT
+#ifdef USE_INSPIRCD2_PROTOCOL
+	[NET_TYPE_PLAINTEXT][INSPIRCD2_PROTOCOL] = 16,
+#endif
+#ifdef USE_INSPIRCD3_PROTOCOL
+	[NET_TYPE_PLAINTEXT][INSPIRCD3_PROTOCOL] = 16,
+#endif
+#ifdef USE_INSPIRCD4_PROTOCOL
+	[NET_TYPE_PLAINTEXT][INSPIRCD4_PROTOCOL] = 16,
+#endif
+#endif
+#ifdef USE_GNUTLS
+#ifdef USE_INSPIRCD2_PROTOCOL
+	[NET_TYPE_GNUTLS][INSPIRCD2_PROTOCOL] = 16,
+#endif
+#ifdef USE_INSPIRCD3_PROTOCOL
+	[NET_TYPE_GNUTLS][INSPIRCD3_PROTOCOL] = 16,
+#endif
+#ifdef USE_INSPIRCD4_PROTOCOL
+	[NET_TYPE_GNUTLS][INSPIRCD4_PROTOCOL] = 16,
+#endif
+#endif
+#ifdef USE_OPENSSL
+#ifdef USE_INSPIRCD2_PROTOCOL
+	[NET_TYPE_OPENSSL][INSPIRCD2_PROTOCOL] = 16,
+#endif
+#ifdef USE_INSPIRCD3_PROTOCOL
+	[NET_TYPE_OPENSSL][INSPIRCD3_PROTOCOL] = 16,
+#endif
+#ifdef USE_INSPIRCD4_PROTOCOL
+	[NET_TYPE_OPENSSL][INSPIRCD4_PROTOCOL] = 16,
+#endif
+#endif
+};
+
+/*
+ * The following section defines whether HaxIRCd should listen for
+ * incoming connections at all, for each (network, protocol) combination.
+ */
+char SERVER_INCOMING[NUM_NET_TYPES][NUM_PROTOCOLS] = {
+#ifdef USE_PLAINTEXT
+#ifdef USE_INSPIRCD2_PROTOCOL
+	[NET_TYPE_PLAINTEXT][INSPIRCD2_PROTOCOL] = 1,
+#endif
+#ifdef USE_INSPIRCD3_PROTOCOL
+	[NET_TYPE_PLAINTEXT][INSPIRCD3_PROTOCOL] = 1,
+#endif
+#ifdef USE_INSPIRCD4_PROTOCOL
+	[NET_TYPE_PLAINTEXT][INSPIRCD4_PROTOCOL] = 1,
+#endif
+#endif
+#ifdef USE_GNUTLS
+#ifdef USE_INSPIRCD2_PROTOCOL
+	[NET_TYPE_GNUTLS][INSPIRCD2_PROTOCOL] = 1,
+#endif
+#ifdef USE_INSPIRCD3_PROTOCOL
+	[NET_TYPE_GNUTLS][INSPIRCD3_PROTOCOL] = 1,
+#endif
+#ifdef USE_INSPIRCD4_PROTOCOL
+	[NET_TYPE_GNUTLS][INSPIRCD4_PROTOCOL] = 1,
+#endif
+#endif
+#ifdef USE_OPENSSL
+#ifdef USE_INSPIRCD2_PROTOCOL
+	[NET_TYPE_OPENSSL][INSPIRCD2_PROTOCOL] = 1,
+#endif
+#ifdef USE_INSPIRCD3_PROTOCOL
+	[NET_TYPE_OPENSSL][INSPIRCD3_PROTOCOL] = 1,
+#endif
+#ifdef USE_INSPIRCD4_PROTOCOL
+	[NET_TYPE_OPENSSL][INSPIRCD4_PROTOCOL] = 1,
+#endif
+#endif
+};
+#endif
+
+/*
+ * The following section includes configuration for the primary
+ * pseudoclient, HaxServ.
+ */
+#ifdef USE_HAXSERV_PSEUDOCLIENT
+struct string HAXSERV_UID = STRING("2TX000000");
+struct string HAXSERV_NICK = STRING("HaxServ");
+struct string HAXSERV_FULLNAME = STRING("HaxServ");
+struct string HAXSERV_IDENT = STRING("HaxServ");
+struct string HAXSERV_VHOST = STRING("services/HaxServ");
+struct string HAXSERV_HOST = STRING("/dev/full");
+struct string HAXSERV_ADDRESS = STRING("/dev/null");
+struct string HAXSERV_PREJOIN_CHANNELS[] = {
+	STRING("#chat"),
+	STRING("#services"),
+	STRING("#spam"),
+};
+size_t HAXSERV_NUM_PREJOIN_CHANNELS =
+    sizeof(HAXSERV_PREJOIN_CHANNELS) / sizeof(*HAXSERV_PREJOIN_CHANNELS);
+struct string HAXSERV_COMMAND_PREFIX = STRING("HaxServ: ");
+struct string HAXSERV_REQUIRED_OPER_TYPE = STRING("NetAdmin");
+struct string HAXSERV_LOG_CHANNEL = STRING("#services");
+#endif
+
+/*
+ * You may specify the size of the ring buffers for each buffered
+ * network backend here. They must be larger than any full message;
+ * otherwise, undefined behavior occurs.
+ */
+#ifdef USE_PLAINTEXT_BUFFERED
+size_t PLAINTEXT_BUFFERED_LEN = 1048576;
+#endif
+#ifdef USE_GNUTLS_BUFFERED
+size_t GNUTLS_BUFFERED_LEN = 1048576;
+#endif
+#ifdef USE_OPENSSL_BUFFERED
+size_t OPENSSL_BUFFERED_LEN = 1048576;
+#endif
+
+/*
+ * The following section includes configuration for the IRC
+ * services, such as NickServ.
+ */
+#ifdef USE_SERVICES_PSEUDOCLIENT
+struct string NICKSERV_UID = STRING("2TX0000NS");
+struct string NICKSERV_NICK = STRING("NickServ");
+struct string NICKSERV_FULLNAME = STRING("Nickname Services");
+struct string NICKSERV_IDENT = STRING("NickServ");
+struct string NICKSERV_VHOST = STRING("services/NickServ");
+struct string NICKSERV_HOST = STRING("localhost");
+struct string NICKSERV_ADDRESS = STRING("/dev/null");
+struct string SERVICES_CHANNEL = STRING("#services");
+size_t SERVICES_DB_MAX_SIZE = 104857600;
+struct string SERVICES_DB_PATH = STRING("services.mdb");
+#endif