From 7850528b058670a6563a74733397c94f9d30e508 Mon Sep 17 00:00:00 2001 From: Runxi Yu Date: Fri, 26 Jul 2024 08:00:00 +0800 Subject: config.md: Update --- config.md | 136 ++++++++++++++++++++++++++++++++++---------------------------- 1 file changed, 74 insertions(+), 62 deletions(-) diff --git a/config.md b/config.md index b498a56..3e8e965 100644 --- a/config.md +++ b/config.md @@ -26,13 +26,12 @@ object file and is linked into the main `HaxIRCd.so` shared object. #ifdef USE_SERVER struct server_config SERVER_CONFIG[] = { { - .name = STRING("peer.server.name"), /* * The name of the remote server. Must be in a valid DNS format, * but doesn't have to resolve. */ + .name = STRING("peer.server.name"), - .sid = STRING("1UL"), /* * The server ID of the remote server. The format depends on the * protocol, but most protocols expect a three-byte string, @@ -41,14 +40,14 @@ struct server_config SERVER_CONFIG[] = { * uppercase. Server IDs are not translted between protocols * so a uniform format is generally required. */ + .sid = STRING("1UL"), - .in_pass = STRING("password-to-expect-from-peer"), - .out_pass = STRING("password-to-send-to-peer"), /* * Passwords, should be self-explanatory. */ + .in_pass = STRING("password-to-expect-from-peer"), + .out_pass = STRING("password-to-send-to-peer"), - .protocol = INSPIRCD4_PROTOCOL, /* * Which protocol to use. Currently, only InspIRCd protocols are * supported. A custom HaxIRCd binary protocol is planned, and @@ -58,14 +57,21 @@ struct server_config SERVER_CONFIG[] = { * INSPIRCD3_PROTOCOL: the 1205 protocol native to InspIRCd v3 * INSPIRCD2_PROTOCOL: the 1202 protocol native to InspIRCd v2 */ + .protocol = INSPIRCD4_PROTOCOL, .ignore_remote_unlinks = 0, .ignore_remote_kills = 1, .ignore_local_kills = 1, + /* + * Set autoconnect to 1 if you want to connect to this server. + * Set autoconnect to 0 if you want this server to connect to you. + */ .autoconnect = 1, - .autoconnect_type = NET_TYPE_PLAINTEXT, + /* + * This option is ignored when autoconnect=0. + * * TLS links are highly recommended if not connecting to localhost * or otherwise over a secure channel such as WireGuard. Although * GnuTLS is supported, the primary developers use OpenSSL, and @@ -80,13 +86,13 @@ struct server_config SERVER_CONFIG[] = { * NET_TYPE_GNUTLS_BUFFERED: GnuTLS link with buffering * NET_TYPE_OPENSSL_BUFFERED: OpenSSL link with buffering */ + .autoconnect_type = NET_TYPE_PLAINTEXT, - .address = STRING("127.0.0.1"), /* - * The address to connect to, either as an IP address or as a domain - * name. + * The address and the port to connect to. The address may be + * either an IP address or a resolvable domain. */ - + .address = STRING("127.0.0.1"), .port = STRING("7000"), }, }; @@ -94,7 +100,6 @@ struct server_config SERVER_CONFIG[] = { size_t SERVER_CONFIG_LEN = sizeof(SERVER_CONFIG) / sizeof(*SERVER_CONFIG); #endif -struct string SID = STRING("2TX"); /* * Our own server ID. Most protocols expect a three-byte string, * where the first byte is a number and the two subsequent @@ -102,28 +107,36 @@ struct string SID = STRING("2TX"); * uppercase. Server IDs are not translted between protocols * so a uniform format is generally required. */ +struct string SID = STRING("2TX"); -struct string SERVER_NAME = STRING("h.learn.tuxiversity.org"); /* * Our server name. Well-formed DNS, doesn't have to resolve. */ +struct string SERVER_NAME = STRING("h.learn.tuxiversity.org"); -struct string SERVER_FULLNAME = STRING("HaxIRCd"); /* * Our server description. */ +struct string SERVER_FULLNAME = STRING("HaxIRCd"); -time_t PING_INTERVAL = 60; /* - * How many seconds between sending PINGs. + * How many seconds of idleness should cause a PING to be sent. */ +time_t PING_INTERVAL = 60; +/* + * TLS certificates. If using Let's Encrypt or a similar provider, + * supply the "fullchain" in *_CERT_PATH and the "privkey" in + * *_KEY_PATH. + * + * NOTE: We do not check the validity of TLS certificates yet. CertFP + * authentication will be added later. + */ #ifdef USE_GNUTLS char GNUTLS_USE_SYSTEM_TRUST = 1; char *GNUTLS_CERT_PATH = "/path/to/fullchain.pem"; char *GNUTLS_KEY_PATH = "/path/to/privkey.pem"; #endif - #ifdef USE_OPENSSL char OPENSSL_USE_SYSTEM_TRUST = 1; char *OPENSSL_CERT_PATH = "/path/to/fullchain.pem"; @@ -131,10 +144,9 @@ char *OPENSSL_KEY_PATH = "/path/to/privkey.pem"; #endif /* - * NOTE: We do not check the validity of TLS certificates yet. CertFP - * authentication will be added later. + * The following section defines the port that each (network, protocol) + * should listen on. */ - #ifdef USE_SERVER unsigned short SERVER_PORTS[NUM_NET_TYPES][NUM_PROTOCOLS] = { #ifdef USE_PLAINTEXT @@ -144,6 +156,9 @@ unsigned short SERVER_PORTS[NUM_NET_TYPES][NUM_PROTOCOLS] = { #ifdef USE_INSPIRCD3_PROTOCOL [NET_TYPE_PLAINTEXT][INSPIRCD3_PROTOCOL] = 7002, #endif +#ifdef USE_INSPIRCD4_PROTOCOL + [NET_TYPE_PLAINTEXT][INSPIRCD4_PROTOCOL] = 7003, +#endif #endif #ifdef USE_GNUTLS #ifdef USE_INSPIRCD2_PROTOCOL @@ -169,6 +184,10 @@ unsigned short SERVER_PORTS[NUM_NET_TYPES][NUM_PROTOCOLS] = { #endif }; +/* + * The following section defines the backlog of each protocol's + * listening. This is passed into the backlog argument of listen(2). + */ size_t SERVER_LISTEN[NUM_NET_TYPES][NUM_PROTOCOLS] = { #ifdef USE_PLAINTEXT #ifdef USE_INSPIRCD2_PROTOCOL @@ -205,27 +224,31 @@ size_t SERVER_LISTEN[NUM_NET_TYPES][NUM_PROTOCOLS] = { #endif }; +/* + * The following section defines whether HaxIRCd should listen for + * incoming connections at all, for each (network, protocol) combination. + */ char SERVER_INCOMING[NUM_NET_TYPES][NUM_PROTOCOLS] = { #ifdef USE_PLAINTEXT #ifdef USE_INSPIRCD2_PROTOCOL - [NET_TYPE_PLAINTEXT][INSPIRCD2_PROTOCOL] = 0, + [NET_TYPE_PLAINTEXT][INSPIRCD2_PROTOCOL] = 1, #endif #ifdef USE_INSPIRCD3_PROTOCOL - [NET_TYPE_PLAINTEXT][INSPIRCD3_PROTOCOL] = 0, + [NET_TYPE_PLAINTEXT][INSPIRCD3_PROTOCOL] = 1, #endif #ifdef USE_INSPIRCD4_PROTOCOL - [NET_TYPE_PLAINTEXT][INSPIRCD4_PROTOCOL] = 0, + [NET_TYPE_PLAINTEXT][INSPIRCD4_PROTOCOL] = 1, #endif #endif #ifdef USE_GNUTLS #ifdef USE_INSPIRCD2_PROTOCOL - [NET_TYPE_GNUTLS][INSPIRCD2_PROTOCOL] = 0, + [NET_TYPE_GNUTLS][INSPIRCD2_PROTOCOL] = 1, #endif #ifdef USE_INSPIRCD3_PROTOCOL - [NET_TYPE_GNUTLS][INSPIRCD3_PROTOCOL] = 0, + [NET_TYPE_GNUTLS][INSPIRCD3_PROTOCOL] = 1, #endif #ifdef USE_INSPIRCD4_PROTOCOL - [NET_TYPE_GNUTLS][INSPIRCD4_PROTOCOL] = 0, + [NET_TYPE_GNUTLS][INSPIRCD4_PROTOCOL] = 1, #endif #endif #ifdef USE_OPENSSL @@ -233,54 +256,44 @@ char SERVER_INCOMING[NUM_NET_TYPES][NUM_PROTOCOLS] = { [NET_TYPE_OPENSSL][INSPIRCD2_PROTOCOL] = 1, #endif #ifdef USE_INSPIRCD3_PROTOCOL - [NET_TYPE_OPENSSL][INSPIRCD3_PROTOCOL] = 0, + [NET_TYPE_OPENSSL][INSPIRCD3_PROTOCOL] = 1, #endif #ifdef USE_INSPIRCD4_PROTOCOL - [NET_TYPE_OPENSSL][INSPIRCD4_PROTOCOL] = 0, + [NET_TYPE_OPENSSL][INSPIRCD4_PROTOCOL] = 1, #endif #endif }; #endif -#ifdef USE_HAXSERV_PSEUDOCLIENT -struct string HAXSERV_UID = STRING("2TX000000"); /* - * The UID of the HaxServ pseudoclient. For compatibility with most - * protocols, this should be 9 bytes long, and the first 3 bytes - * must match the SID. + * The following section includes configuration for the primary + * pseudoclient, HaxServ. */ - -struct string HAXSERV_NICK = STRING("TuxServ"); -struct string HAXSERV_FULLNAME = STRING("TuxServ"); -struct string HAXSERV_IDENT = STRING("TuxServ"); -struct string HAXSERV_VHOST = STRING("services/TuxServ"); +#ifdef USE_HAXSERV_PSEUDOCLIENT +struct string HAXSERV_UID = STRING("2TX000000"); +struct string HAXSERV_NICK = STRING("HaxServ"); +struct string HAXSERV_FULLNAME = STRING("HaxServ"); +struct string HAXSERV_IDENT = STRING("HaxServ"); +struct string HAXSERV_VHOST = STRING("services/HaxServ"); struct string HAXSERV_HOST = STRING("/dev/full"); struct string HAXSERV_ADDRESS = STRING("/dev/null"); - struct string HAXSERV_PREJOIN_CHANNELS[] = { STRING("#chat"), STRING("#services"), STRING("#spam"), }; - size_t HAXSERV_NUM_PREJOIN_CHANNELS = sizeof(HAXSERV_PREJOIN_CHANNELS) / sizeof(*HAXSERV_PREJOIN_CHANNELS); - -struct string HAXSERV_COMMAND_PREFIX = STRING("TuxServ: "); - +struct string HAXSERV_COMMAND_PREFIX = STRING("HaxServ: "); struct string HAXSERV_REQUIRED_OPER_TYPE = STRING("NetAdmin"); -/* - * Which operator class is required to access HaxServ's extended - * command set? Note that HaxServ includes dangerous commands such - * as raw S2S message injections and SPAM. - */ - struct string HAXSERV_LOG_CHANNEL = STRING("#services"); -/* - * HaxServ logs command usages to a channel. Specify the channel here. - */ #endif +/* + * You may specify the size of the ring buffers for each buffered + * network backend here. They must be larger than any full message; + * otherwise, undefined behavior occurs. + */ #ifdef USE_PLAINTEXT_BUFFERED size_t PLAINTEXT_BUFFERED_LEN = 1048576; #endif @@ -290,18 +303,17 @@ size_t GNUTLS_BUFFERED_LEN = 1048576; #ifdef USE_OPENSSL_BUFFERED size_t OPENSSL_BUFFERED_LEN = 1048576; #endif -/* - * You may specify the size of the ring buffers for each buffered - * network backend here. They must be larger than any full message; - * otherwise, undefined behavior occurs. - */ -#ifdef USE_HAXSERV_PSEUDOCLIENT -struct string NICKSERV_UID = STRING("2TX000001"); -struct string NICKSERV_NICK = STRING("TuxNickServ"); -struct string NICKSERV_FULLNAME = STRING("Tux's Nickname Services"); -struct string NICKSERV_IDENT = STRING("TuxNickServ"); -struct string NICKSERV_VHOST = STRING("services/TuxNickServ"); +/* + * The following section includes configuration for the IRC + * services, such as NickServ. + */ +#ifdef USE_SERVICES_PSEUDOCLIENT +struct string NICKSERV_UID = STRING("2TX0000NS"); +struct string NICKSERV_NICK = STRING("NickServ"); +struct string NICKSERV_FULLNAME = STRING("Nickname Services"); +struct string NICKSERV_IDENT = STRING("NickServ"); +struct string NICKSERV_VHOST = STRING("services/NickServ"); struct string NICKSERV_HOST = STRING("localhost"); struct string NICKSERV_ADDRESS = STRING("/dev/null"); struct string SERVICES_CHANNEL = STRING("#services"); -- cgit v1.2.3