1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
|
# The server object defines the server information parameters.
server:
# name - the server name
name: "irc.localhost"
# description - the description of the server on the network
description: "Test server for biboumi"
# network - the NETWORK= name in 005 for rfc1459 clients
network: "irc.localhost"
# recvq_len - the maximum number of lines that can be in a client's recvq
recvq_len: 20
# motd - the motd content (will later be file)
motd:
- "Default MOTD"
# The clients object defines client parameters
clients:
# ping_frequency - client ping frequency
ping_frequency:
minutes: 1
# ping_timeout - ping timeout length
ping_timeout:
minutes: 2
# The data object defines the data store parameters
data:
## JSON should only be considered for testing
# format - data store type
format: "json"
# filename - data store filename
filename: ".mammon.data.json"
# save_frequency - save the database every this amount of time
save_frequency:
minutes: 5
# The listeners object is a list of listeners.
listeners:
- {"host": "0.0.0.0", "port": 6667, "ssl": false, "certfile": "~/workspace/biboumi/cert.pem", "keyfile": "~/workspace/biboumi/key.pem", }
# The logs section is a list of logs.
logs:
- {
# path - the path of the logfile
"path": "mammond.log",
# level - the log level of the file
"level": "debug"
}
# Limits define maximum lengths for various commands and objects
# to remove a limit, simply comment it out
limits:
# user - maximum length of usernames
user: 10
# nick - maximum length of nicknames
nick: 50
# channel - maximum length of channel names
channel: 200
# topic - maximum length of channel topics
topic: 400
# line - maximum length of lines in and out
line: 2048
# The register object defines registration information
register:
# verify_timeout - length of time a user has to verify their newly-created
# account before it can be re-registered
verify_timeout:
days: 5
# enabled_callbacks - callbacks that we allow
enabled_callbacks:
# - mailto
# - none # no verification required, will instantly register successfully
# callbacks - types and details for various callback methods
callbacks:
# mailto - email using sendmail
mailto:
# from - address our messages get sent from
from: mammon@example.com
# sendmail - location of the sendmail binary
sendmail: /usr/sbin/sendmail
# verify_message_subject - subject of the verify message
verify_message_subject: "{network_name} Account Registration"
# verify_message - message sent to users to verify their account
verify_message: |
Hi,
You have requested to register the account {account}.
Your verification code is {auth_code}
Please type "/quote REG VERIFY {account} {auth_code}" to complete registration
Thank you,
{network_name}
# Roles define the capabilities an oper may have, as well as role-specific
# metadata.
# mammon capability names:
# oper:local_kill allows /KILLing local users
# oper:global_kill allows /KILLing local and remote users
# oper:routing allows remote SQUIT and CONNECT
# oper:kline allows KLINE and DLINE
# oper:unkline allows UNKLINE and UNDLINE
# oper:remote_ban allows remote klines
# oper:rehash allows REHASH of server config
# oper:die allows DIE and RESTART
roles:
# name - the name of the privilege set
"local_op":
# capabilities - a list of qualified capability names
capabilities:
- oper:local_kill
- oper:kline
- oper:unkline
- metadata:set_local
# metakeys_get - metadata keys this role can view
metakeys_get:
# - spammer_probability
# title - metadata identifying the specific role
title: "IRC Operator"
# name - the name of the privilege set
"global_op":
# extends - inherets this role's capabilities
extends: "local_op"
# capabilities - a list of qualified capability names
capabilities:
- oper:global_kill
- oper:remote_ban
- metadata:set_global
# title - metadata identifying the specific role
title: "IRC Operator"
# name - the name of the privilege set
"network_admin":
# capabilities - a list of qualified capability names
capabilities:
- oper:global_kill
- oper:routing
# title - metadata identifying the specific role
title: "Network Administrator"
# name - the name of the privilege set
"server_admin":
# extends - inherets this role's capabilities
extends: "local_op"
# capabilities - a list of qualified capability names
capabilities:
- oper:rehash
- oper:die
# title - metadata identifying the specific role
title: "Server Administrator"
# example metadata-specific roles
# name - the name of the privilege set
"spam_detection_bot":
# capabilities - a list of qualified capability names
capabilities:
- metadata:set_global
# metakeys_access - metadata keys this role can view and set
metakeys_access:
- spammer_probability
# title - metadata identifying the specific role
title: "Spam Detection Bot"
# Metadata defines the metadata users are allowed to set for themselves
metadata:
# limit - max number of metadata each target is allowed to have
# comment out to remove limit
limit: 20
# whitelist - if defined, a list of lowercase keys that are checked when users set data
whitelist:
- avatar
- info
- source
- url
- version
# restricted_keys - keys that unprived users cannot see / edit, and require a
# special entry in a ROLE to see / edit
restricted_keys:
- away
# - spammer_probability
# Monitor defines the monitoring users are allowed to do on other users
monitor:
# limit - max number of 'monitors' each target is allowed to have
# comment out to remove limit
limit: 20
# Operator credentials allow a user to transition from a typical user role
# to a privileged role.
opers:
# name - the name of the operator
"nobody":
# password - the plaintext oper password
password: "nothing"
# hostmask - if defined, the hostmask the oper must connect from
hostmask: "*@localhost"
# role - the role that the credentials allow transition to
role: "local_op"
# name - the name of the operator
"somebody":
# password - the hashed oper password
# created by: mammond --mkpasswd
password: "$6$rounds=100000$KkEHFBhWHV3BHCCS$YuOdlikJHdeIv2YpwvyLAtYCslDlsnUUnrfeKJiBh4SeVhkSU6pQqHWWDjr6lnalkkf1KLDD1wgSQH5AObILQ1"
# hash - the hashing algorithm to use
hash: "sha512_crypt"
# hostmask - if defined, the hostmask the oper must connect from
hostmask: "somebody!*@localhost"
# role - the role that the credentials allow transition to
role: "local_op"
# The extensions section is a list of extension modules to load.
extensions:
- mammon.ext.rfc1459.42
- mammon.ext.rfc1459.ident
- mammon.ext.ircv3.account_notify
- mammon.ext.ircv3.server_time
- mammon.ext.ircv3.echo_message
- mammon.ext.ircv3.register
- mammon.ext.ircv3.sasl
- mammon.ext.misc.nopost
|
