2015-07-16 13:51:01 +00:00
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
|
|
|
{
|
2015-10-08 23:23:45 +00:00
|
|
|
krebs.iptables.tables.filter.INPUT.rules = [
|
|
|
|
{ predicate = "-i retiolum -p tcp --dport 6667"; target = "ACCEPT"; }
|
|
|
|
];
|
2015-10-09 11:21:25 +00:00
|
|
|
|
|
|
|
services.charybdis = {
|
2015-07-16 13:51:01 +00:00
|
|
|
enable = true;
|
|
|
|
config = ''
|
|
|
|
serverinfo {
|
2015-10-08 23:09:13 +00:00
|
|
|
name = "${config.krebs.build.host.name}.irc.retiolum";
|
|
|
|
sid = "1as";
|
2015-07-16 13:51:01 +00:00
|
|
|
description = "miep!";
|
|
|
|
network_name = "irc.retiolum";
|
|
|
|
network_desc = "Retiolum IRC Network";
|
|
|
|
hub = yes;
|
|
|
|
|
|
|
|
vhost = "0.0.0.0";
|
|
|
|
vhost6 = "::";
|
|
|
|
|
|
|
|
#ssl_private_key = "etc/ssl.key";
|
|
|
|
#ssl_cert = "etc/ssl.cert";
|
|
|
|
#ssl_dh_params = "etc/dh.pem";
|
|
|
|
#ssld_count = 1;
|
|
|
|
|
|
|
|
default_max_clients = 10000;
|
|
|
|
#nicklen = 30;
|
|
|
|
};
|
|
|
|
|
|
|
|
listen {
|
|
|
|
defer_accept = yes;
|
|
|
|
|
|
|
|
/* If you want to listen on a specific IP only, specify host.
|
|
|
|
* host definitions apply only to the following port line.
|
|
|
|
*/
|
|
|
|
host = "0.0.0.0";
|
|
|
|
port = 6667;
|
|
|
|
sslport = 6697;
|
|
|
|
|
|
|
|
/* Listen on IPv6 (if you used host= above). */
|
|
|
|
host = "::";
|
|
|
|
port = 6667;
|
|
|
|
sslport = 9999;
|
|
|
|
};
|
|
|
|
|
|
|
|
class "users" {
|
|
|
|
ping_time = 2 minutes;
|
|
|
|
number_per_ident = 200;
|
|
|
|
number_per_ip = 200;
|
|
|
|
number_per_ip_global = 500;
|
|
|
|
cidr_ipv4_bitlen = 24;
|
|
|
|
cidr_ipv6_bitlen = 64;
|
|
|
|
number_per_cidr = 9000;
|
|
|
|
max_number = 10000;
|
|
|
|
sendq = 400 kbytes;
|
|
|
|
};
|
|
|
|
|
|
|
|
exempt {
|
|
|
|
ip = "127.0.0.1";
|
|
|
|
};
|
|
|
|
|
|
|
|
auth {
|
|
|
|
user = "*@*";
|
|
|
|
class = "users";
|
|
|
|
flags = exceed_limit;
|
|
|
|
};
|
|
|
|
|
|
|
|
channel {
|
|
|
|
use_invex = yes;
|
|
|
|
use_except = yes;
|
|
|
|
use_forward = yes;
|
|
|
|
use_knock = yes;
|
|
|
|
knock_delay = 5 minutes;
|
|
|
|
knock_delay_channel = 1 minute;
|
|
|
|
max_chans_per_user = 15;
|
|
|
|
max_bans = 100;
|
|
|
|
max_bans_large = 500;
|
|
|
|
default_split_user_count = 0;
|
|
|
|
default_split_server_count = 0;
|
|
|
|
no_create_on_split = no;
|
|
|
|
no_join_on_split = no;
|
|
|
|
burst_topicwho = yes;
|
|
|
|
kick_on_split_riding = no;
|
|
|
|
only_ascii_channels = no;
|
|
|
|
resv_forcepart = yes;
|
|
|
|
channel_target_change = yes;
|
|
|
|
disable_local_channels = no;
|
|
|
|
};
|
2015-07-18 12:19:41 +00:00
|
|
|
general {
|
|
|
|
#maybe we want ident someday?
|
|
|
|
disable_auth = yes;
|
|
|
|
};
|
2015-07-16 13:51:01 +00:00
|
|
|
'';
|
|
|
|
};
|
|
|
|
}
|