File 0001-default-config.patch of Package inspircd
From 51e46ec51180457a588ba42614fec07b7b120ac3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcus=20R=C3=BCckert?= <darix@nordisch.org>
Date: Sat, 29 Jun 2024 20:24:17 +0200
Subject: [PATCH] default config
---
docs/conf/inspircd.example.conf | 175 ++++++++++++++--------------
docs/conf/links.example.conf | 170 ++++++++++++++--------------
docs/conf/opers.example.conf | 194 ++++++++++++++++----------------
3 files changed, 271 insertions(+), 268 deletions(-)
diff --git a/docs/conf/inspircd.example.conf b/docs/conf/inspircd.example.conf
index badc60b35..28faa883d 100644
--- a/docs/conf/inspircd.example.conf
+++ b/docs/conf/inspircd.example.conf
@@ -68,31 +68,31 @@
# #
# See https://docs.inspircd.org/4/configuration/#define for a list of #
# predefined config variables. #
-<define name="networkDomain" value="example.com">
-<define name="networkName" value="ExampleNet">
+# <define name="networkDomain" value="example.com">
+# <define name="networkName" value="ExampleNet">
#-#-#-#-#-#-#-#-#-#-#-#- SERVER DESCRIPTION -#-#-#-#-#-#-#-#-#-#-#-#-
# #
# Here is where you enter the information about your server. #
# #
-<server
- # name: Hostname of your server. Does not need to resolve, but
- # does need to be correct syntax (something.somethingelse.tld).
- name="irc.&networkDomain;"
-
- # description: Server description. Spaces are allowed.
- description="&networkName; IRC server"
-
- # id: The SID to use for this server. This should not be uncommented
- # unless there is a SID conflict. This must be three characters long.
- # The first character must be a digit [0-9], the remaining two chars
- # may be letters [A-Z] or digits.
- #id="97K"
-
- # network: Network name given on connect to clients.
- # Should be the same on all servers on the network.
- network="&networkName;">
+# <server
+# # name: Hostname of your server. Does not need to resolve, but
+# # does need to be correct syntax (something.somethingelse.tld).
+# name="irc.&networkDomain;"
+#
+# # description: Server description. Spaces are allowed.
+# description="&networkName; IRC server"
+#
+# # id: The SID to use for this server. This should not be uncommented
+# # unless there is a SID conflict. This must be three characters long.
+# # The first character must be a digit [0-9], the remaining two chars
+# # may be letters [A-Z] or digits.
+# #id="97K"
+#
+# # network: Network name given on connect to clients.
+# # Should be the same on all servers on the network.
+# network="&networkName;">
#-#-#-#-#-#-#-#-#-#-#-#- ADMIN INFORMATION -#-#-#-#-#-#-#-#-#-#-#-#
@@ -100,70 +100,67 @@
# Configures the name and email of the server admin. #
# #
-<admin
- # name: The nickname, real name, or team name of the server admin(s).
- name="Adam Inistrator"
-
- # description: An optional description of the server admin(s).
- description="Supreme Overlord"
-
- # email: An email address at which the server admin(s) can be contacted
- # in case of issues.
- email="irc@&networkDomain;">
-
+# <admin
+# # description: An optional description of the server admin(s).
+# description="Supreme Overlord"
+#
+# # email: An email address at which the server admin(s) can be contacted
+# # in case of issues.
+# email="irc@&networkDomain;">
+#
#-#-#-#-#-#-#-#-#-#-#-#- PORT CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
# #
# Configure the port and address bindings here. #
# #
-# TLS listener that binds on a TCP/IP endpoint:
-<bind
- # address: IP address to bind to if the box that you are hosting
- # on has more than one IP, else the ircd will try to bind to all
- # IP's on the box if this is not defined.
- address=""
-
- # port: Port for users or servers to be able to connect to. You can bind
- # to multiple ports by separating them with commas and to a range with
- # a dash (e.g. 6660-6667,7000).
- port="6697"
-
- # type: Type of bind block this is. It can either be clients or
- # servers. Whichever you select will be the only type able to connect
- # to this bind section.
- type="clients"
-
- # sslprofile: If you want the port(s) in this bind tag to use TLS, set this
- # to the name of a custom <sslprofile> tag that you have defined. See the
- # docs page for the TLS module you are using for more details:
- #
- # GnuTLS: https://docs.inspircd.org/4/modules/ssl_gnutls#sslprofile
- # OpenSSL: https://docs.inspircd.org/4/modules/ssl_openssl#sslprofile
- #
- # You will need to load the ssl_openssl module for OpenSSL and ssl_gnutls
- # for GnuTLS.
- sslprofile="Clients"
-
- # defer: When this is non-zero, connections will not be handed over to
- # the daemon from the operating system before data is ready.
- # In Linux, the value indicates the time period we'll wait for a
- # connection to come up with data. Don't set it too low!
- # In BSD the value is ignored; only zero and non-zero is possible.
- # Windows ignores this parameter completely.
- # Note: This does not take effect on rehash.
- # To change it on a running bind, you'll have to comment it out,
- # rehash, comment it in and rehash again.
- defer="0"
-
- # free: When this is enabled the listener will be created regardless of
- # whether the interface that provides the bind address is available. This
- # is useful for if you are starting InspIRCd on boot when the server may
- # not have brought the network interfaces up yet.
- free="no">
+# # TLS listener that binds on a TCP/IP endpoint:
+# <bind
+# # address: IP address to bind to if the box that you are hosting
+# # on has more than one IP, else the ircd will try to bind to all
+# # IP's on the box if this is not defined.
+# address=""
+#
+# # port: Port for users or servers to be able to connect to. You can bind
+# # to multiple ports by separating them with commas and to a range with
+# # a dash (e.g. 6660-6667,7000).
+# port="6697"
+#
+# # type: Type of bind block this is. It can either be clients or
+# # servers. Whichever you select will be the only type able to connect
+# # to this bind section.
+# type="clients"
+#
+# # sslprofile: If you want the port(s) in this bind tag to use TLS, set this
+# # to the name of a custom <sslprofile> tag that you have defined. See the
+# # docs page for the TLS module you are using for more details:
+# #
+# # GnuTLS: https://docs.inspircd.org/4/modules/ssl_gnutls#sslprofile
+# # OpenSSL: https://docs.inspircd.org/4/modules/ssl_openssl#sslprofile
+# #
+# # You will need to load the ssl_openssl module for OpenSSL and ssl_gnutls
+# # for GnuTLS.
+# sslprofile="Clients"
+#
+# # defer: When this is non-zero, connections will not be handed over to
+# # the daemon from the operating system before data is ready.
+# # In Linux, the value indicates the time period we'll wait for a
+# # connection to come up with data. Don't set it too low!
+# # In BSD the value is ignored; only zero and non-zero is possible.
+# # Windows ignores this parameter completely.
+# # Note: This does not take effect on rehash.
+# # To change it on a running bind, you'll have to comment it out,
+# # rehash, comment it in and rehash again.
+# defer="0"
+#
+# # free: When this is enabled the listener will be created regardless of
+# # whether the interface that provides the bind address is available. This
+# # is useful for if you are starting InspIRCd on boot when the server may
+# # not have brought the network interfaces up yet.
+# free="no">
# Plaintext listener that binds on a TCP/IP endpoint:
-<bind address="" port="6667" type="clients">
+# <bind address="" port="6667" type="clients">
# Listener that binds on a UNIX endpoint (not supported on Windows):
@@ -253,7 +250,7 @@
# allow: The IP address or hostname of clients that can use this
# class. You can specify either an exact match, a glob match, or
# a CIDR range here.
- allow="203.0.113.*"
+ allow="127.0.0.*"
# hash: the hash function this password is hashed with. Requires the
# module for the selected function (bcrypt, md5, sha1, or sha256) and
@@ -494,7 +491,11 @@
# This file has all the information about oper classes, types and o:lines.
# You *MUST* edit it.
-#<include file="&dir.example;/opers.example.conf">
+#<include file="opers.conf">
+
+# This file has all the information about server links and ulined servers.
+# You *MUST* edit it if you intend to link servers.
+#<include file="links.conf">
#-#-#-#-#-#-#-#-#-#- MISCELLANEOUS CONFIGURATION -#-#-#-#-#-#-#-#-#-#
# #
@@ -503,7 +504,8 @@
#
# motd - displayed on connect and when a user executes /MOTD
# Modules can also define their own files
-<files motd="&dir.example;/motd.example.txt">
+<files motd="motd.txt"
+ rules="rules.txt">
# Example of an executable file include. Note this will be read on rehash,
# not when the command is run.
@@ -931,10 +933,10 @@
# target - If the method is set to "file" then the name of the file #
# to write log messages to. #
-<log method="file"
- level="normal"
- type="* -USERINPUT -USEROUTPUT"
- target="inspircd.log">
+# <log method="file"
+# level="normal"
+# type="* -USERINPUT -USEROUTPUT"
+# target="inspircd.log">
#<log method="stderr"
# level="normal"
@@ -944,6 +946,7 @@
# level="normal"
# type="* -USERINPUT -USEROUTPUT">
+
#-#-#-#-#-#-#-#-#-#-#-#-#- WHOWAS OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# This tag lets you define the behaviour of the /WHOWAS command of #
@@ -1054,7 +1057,7 @@
# provide almost all the features of InspIRCd. :) #
# #
# The default does nothing -- we include it for simplicity for you. #
-#<include file="&dir.example;/modules.example.conf">
+<include file="modules.conf">
#-#-#-#-#-#-#-#-#-#-#-# SERVICES CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
# #
@@ -1063,13 +1066,13 @@
# exemptions for services pseudoclients: #
#
# Anope users should uncomment this:
-#<include file="&dir.example;/services/anope.example.conf">
+#<include file="services/anope.conf">
#
# Atheme users should uncomment this:
-#<include file="&dir.example;/services/atheme.example.conf">
+#<include file="services/atheme.conf">
#
# Users of other services should uncomment this:
-#<include file="&dir.example;/services/generic.example.conf">
+#<include file="services/generic.conf">
#########################################################################
# #
diff --git a/docs/conf/links.example.conf b/docs/conf/links.example.conf
index 78eb9f4ac..53e83b42f 100644
--- a/docs/conf/links.example.conf
+++ b/docs/conf/links.example.conf
@@ -7,15 +7,15 @@
# #
# TLS listener that binds on a TCP/IP endpoint:
-<bind address="1.2.3.4"
- port="7005"
- type="servers"
- sslprofile="Servers">
+# <bind address="1.2.3.4"
+# port="7005"
+# type="servers"
+# sslprofile="Servers">
# Plaintext listener that binds on a TCP/IP endpoint:
-<bind address=""
- port="7000,7001"
- type="servers">
+# <bind address=""
+# port="7000,7001"
+# type="servers">
#-#-#-#-#-#-#-#-#-#-#- SERVER LINK CONFIGURATION -#-#-#-#-#-#-#-#-#-#
@@ -34,99 +34,99 @@
# will NOT work! #
# #
-<link
- # name: The name of the remote server. This must match
- # the <server:name> value of the remote server.
- name="hub.example.org"
-
- # ipaddr: The IP address of the remote server.
- # Can also be a hostname, but hostname must resolve.
- ipaddr="penguin.example.org"
-
- # port: The port to connect to the server on.
- # It must be bound as a server port on the other server.
- port="7000"
-
- # allowmask: Range of IP addresses to allow for this link.
- # Can be a CIDR (see example).
- allowmask="203.0.113.0/24 127.0.0.0/8 2001:db8::/32"
-
- # timeout: If defined, this option defines how long the server
- # will wait to consider the connect attempt failed and try the
- # failover (see above).
- timeout="5m"
-
- # sslprofile: If defined, this states the TLS profile that will be used
- # when making an outbound connection to the server. See the docs page for
- # the TLS module you are using for more details:
- #
- # GnuTLS: https://docs.inspircd.org/4/modules/ssl_gnutls#sslprofile
- # OpenSSL: https://docs.inspircd.org/4/modules/ssl_openssl#sslprofile
- #
- # You will need to load the ssl_openssl module for OpenSSL and ssl_gnutls
- # for GnuTLS. The server port that you connect to must be capable of
- # accepting this type of connection.
- sslprofile="Servers"
-
- # fingerprint: If defined, this option will force servers to be
- # authenticated using TLS certificate fingerprints. See
- # https://docs.inspircd.org/4/modules/spanningtree for more information.
- # This will require a TLS link for both inbound and outbound connections.
- #fingerprint=""
-
- # bind: Local IP address to bind to.
- bind="1.2.3.4"
-
- # statshidden: Defines if IP is shown to opers when
- # /STATS c is invoked.
- statshidden="no"
-
- # hidden: If this is set to yes, this server and its "child"
- # servers will not be shown when users do a /MAP or /LINKS.
- hidden="no"
-
- # passwords: The passwords we send and receive.
- # The remote server will have these passwords reversed.
- # Passwords that contain a space character or begin with
- # a colon (:) are invalid and may not be used.
- sendpass="outgoing!password"
- recvpass="incoming!password">
+# <link
+# # name: The name of the remote server. This must match
+# # the <server:name> value of the remote server.
+# name="hub.example.org"
+#
+# # ipaddr: The IP address of the remote server.
+# # Can also be a hostname, but hostname must resolve.
+# ipaddr="penguin.example.org"
+#
+# # port: The port to connect to the server on.
+# # It must be bound as a server port on the other server.
+# port="7000"
+#
+# # allowmask: Range of IP addresses to allow for this link.
+# # Can be a CIDR (see example).
+# allowmask="203.0.113.0/24 127.0.0.0/8 2001:db8::/32"
+#
+# # timeout: If defined, this option defines how long the server
+# # will wait to consider the connect attempt failed and try the
+# # failover (see above).
+# timeout="5m"
+#
+# # sslprofile: If defined, this states the TLS profile that will be used
+# # when making an outbound connection to the server. See the docs page for
+# # the TLS module you are using for more details:
+# #
+# # GnuTLS: https://docs.inspircd.org/4/modules/ssl_gnutls#sslprofile
+# # OpenSSL: https://docs.inspircd.org/4/modules/ssl_openssl#sslprofile
+# #
+# # You will need to load the ssl_openssl module for OpenSSL and ssl_gnutls
+# # for GnuTLS. The server port that you connect to must be capable of
+# # accepting this type of connection.
+# sslprofile="Servers"
+#
+# # fingerprint: If defined, this option will force servers to be
+# # authenticated using TLS certificate fingerprints. See
+# # https://docs.inspircd.org/4/modules/spanningtree for more information.
+# # This will require a TLS link for both inbound and outbound connections.
+# #fingerprint=""
+#
+# # bind: Local IP address to bind to.
+# bind="1.2.3.4"
+#
+# # statshidden: Defines if IP is shown to opers when
+# # /STATS c is invoked.
+# statshidden="no"
+#
+# # hidden: If this is set to yes, this server and its "child"
+# # servers will not be shown when users do a /MAP or /LINKS.
+# hidden="no"
+#
+# # passwords: The passwords we send and receive.
+# # The remote server will have these passwords reversed.
+# # Passwords that contain a space character or begin with
+# # a colon (:) are invalid and may not be used.
+# sendpass="outgoing!password"
+# recvpass="incoming!password">
# A duplicate of the first link block without comments,
# if you like copying & pasting.
-<link name="hub.example.org"
- ipaddr="penguin.example.org"
- port="7000"
- allowmask="203.0.113.0/24 127.0.0.0/8 2001:db8::/32"
- timeout="5m"
- sslprofile="Servers"
- bind="1.2.3.4"
- statshidden="no"
- hidden="no"
- sendpass="outgoing!password"
- recvpass="incoming!password">
+# <link name="hub.example.org"
+# ipaddr="penguin.example.org"
+# port="7000"
+# allowmask="203.0.113.0/24 127.0.0.0/8 2001:db8::/32"
+# timeout="5m"
+# sslprofile="Servers"
+# bind="1.2.3.4"
+# statshidden="no"
+# hidden="no"
+# sendpass="outgoing!password"
+# recvpass="incoming!password">
# Link block for services. Options are the same as for the first
# link block (depending on what your services package supports).
-<link name="services.example.com"
- ipaddr="localhost"
- port="7000"
- allowmask="127.0.0.0/8"
- sendpass="penguins"
- recvpass="polarbears">
+# <link name="services.example.com"
+# ipaddr="localhost"
+# port="7000"
+# allowmask="127.0.0.0/8"
+# sendpass="penguins"
+# recvpass="polarbears">
# Simple autoconnect block. This enables automatic connections to a server.
# Recommended setup is to have leaves connect to the hub, and have no
# automatic connections started by the hub.
-<autoconnect period="10m" server="hub.example.org">
+# <autoconnect period="10m" server="hub.example.org">
# Failover autoconnect block. If you have multiple hubs, or want your network
# to automatically link even if the hub is down, you can specify multiple
# space separated servers to autoconnect; they will be tried in a round
# robin fashion until one succeeds. Period defines the time for restarting
# a single loop.
-<autoconnect period="2m"
- server="hub.us.example.org hub.eu.example.org leaf.eu.example.org">
+# <autoconnect period="2m"
+# server="hub.us.example.org hub.eu.example.org leaf.eu.example.org">
#-#-#-#-#-#-#-#-#-#-#-# SERVICES CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
@@ -138,7 +138,7 @@
# not generate quit and connect notices, which can cut down on noise #
# to opers on the network. #
# #
-<services server="services.example.com" silent="yes">
+# <services server="services.example.com" silent="yes">
# Once you have edited this file you can remove this line. This is just to
# ensure that you don't hastily include the file without reading it.
diff --git a/docs/conf/opers.example.conf b/docs/conf/opers.example.conf
index b184dd9ff..6a95ad537 100644
--- a/docs/conf/opers.example.conf
+++ b/docs/conf/opers.example.conf
@@ -115,107 +115,107 @@
# #
# Operator account with a plaintext password.
-<oper
- # name: Oper login that is used to oper up (/OPER <username> <password>).
- # Remember: This is case sensitive.
- name="Attila"
-
- # password: Case-sensitive, unhashed (plaintext).
- password="s3cret"
-
- # nopassword: Whether to allow logging into an account without a password.
- #
- # IMPORTANT: As this option overrides the password field it should **NOT** be used
- # unless you are certain that nobody other than the intended user will match the
- # restrictions of this <oper> block. Failure to do this may result in your server
- # being compromised.
- #nopassword="no"
-
- # host: What hostnames and IPs are allowed to use this operator account.
- # Multiple options can be separated by spaces and CIDRs are allowed.
- # You can use just * or *@* for this section, but it is not recommended
- # for security reasons.
- host="attila@inspircd.org *@2001:db8::/32"
-
- # account: A space delimited list of account names or account ids that are allowed
- # to log into this account.
- # Requires the account module.
- account="Attila 1234567890"
-
- # fingerprint: When using the sslinfo module, you may specify a space separated
- # list of TLS client certificate fingerprints here. These can be obtained by using
- # the /SSLINFO command while the module is loaded, and is also noticed on connect.
- # This enhances security by verifying that the person opering up has
- # a matching TLS client certificate, which is very difficult to
- # forge (impossible unless preimage attacks on the hash exist).
- # If the sslinfo module isn't loaded, this option will be ignored.
- #fingerprint="67cb9dc013248a829bb2171ed11becd4"
-
- # autologin: Whether to automatically log this server operator in on connect if all
- # of their details match the ones in this <oper> block. Can be set to "strict" to
- # automatically log in if the user's nickname matches the oper account name and the
- # account/host/sslonly/etc fields match, "relaxed" to automatically log in if the
- # account/host/sslonly/etc fields match, and "never" to not allow automatically
- # logging in to this oper account. Defaults to "never".
- #
- # IMPORTANT: As this option overrides the password field it should **NOT** be used
- # unless you are certain that nobody other than the intended user will match the
- # restrictions of this <oper> block. Failure to do this may result in your server
- # being compromised.
- #autologin="strict"
-
- # sslonly: If enabled, this oper can only oper up if they're using a TLS connection.
- # Setting this option adds a decent bit of security. Highly recommended
- # if the oper is on wifi, or specifically, unsecured wifi. Note that it
- # is redundant to specify this option if you specify a fingerprint.
- # This setting only takes effect if the sslinfo module is loaded.
- #sslonly="yes"
-
- # vhost: Overrides the vhost in the type block. Class and modes may also
- # be overridden.
- vhost="attila.example.org"
-
- # type: Which type of operator this person is; see the block
- # above for the list of types. NOTE: This is case-sensitive as well.
- type="NetAdmin">
+# <oper
+# # name: Oper login that is used to oper up (/OPER <username> <password>).
+# # Remember: This is case sensitive.
+# name="Attila"
+#
+# # password: Case-sensitive, unhashed (plaintext).
+# password="s3cret"
+#
+# # nopassword: Whether to allow logging into an account without a password.
+# #
+# # IMPORTANT: As this option overrides the password field it should **NOT** be used
+# # unless you are certain that nobody other than the intended user will match the
+# # restrictions of this <oper> block. Failure to do this may result in your server
+# # being compromised.
+# #nopassword="no"
+#
+# # host: What hostnames and IPs are allowed to use this operator account.
+# # Multiple options can be separated by spaces and CIDRs are allowed.
+# # You can use just * or *@* for this section, but it is not recommended
+# # for security reasons.
+# host="attila@inspircd.org *@2001:db8::/32"
+#
+# # account: A space delimited list of account names or account ids that are allowed
+# # to log into this account.
+# # Requires the account module.
+# account="Attila 1234567890"
+#
+# # fingerprint: When using the sslinfo module, you may specify a space separated
+# # list of TLS client certificate fingerprints here. These can be obtained by using
+# # the /SSLINFO command while the module is loaded, and is also noticed on connect.
+# # This enhances security by verifying that the person opering up has
+# # a matching TLS client certificate, which is very difficult to
+# # forge (impossible unless preimage attacks on the hash exist).
+# # If the sslinfo module isn't loaded, this option will be ignored.
+# #fingerprint="67cb9dc013248a829bb2171ed11becd4"
+#
+# # autologin: Whether to automatically log this server operator in on connect if all
+# # of their details match the ones in this <oper> block. Can be set to "strict" to
+# # automatically log in if the user's nickname matches the oper account name and the
+# # account/host/sslonly/etc fields match, "relaxed" to automatically log in if the
+# # account/host/sslonly/etc fields match, and "never" to not allow automatically
+# # logging in to this oper account. Defaults to "never".
+# #
+# # IMPORTANT: As this option overrides the password field it should **NOT** be used
+# # unless you are certain that nobody other than the intended user will match the
+# # restrictions of this <oper> block. Failure to do this may result in your server
+# # being compromised.
+# #autologin="strict"
+#
+# # sslonly: If enabled, this oper can only oper up if they're using a TLS connection.
+# # Setting this option adds a decent bit of security. Highly recommended
+# # if the oper is on wifi, or specifically, unsecured wifi. Note that it
+# # is redundant to specify this option if you specify a fingerprint.
+# # This setting only takes effect if the sslinfo module is loaded.
+# #sslonly="yes"
+#
+# # vhost: Overrides the vhost in the type block. Class and modes may also
+# # be overridden.
+# vhost="attila.example.org"
+#
+# # type: Which type of operator this person is; see the block
+# # above for the list of types. NOTE: This is case-sensitive as well.
+# type="NetAdmin">
# Operator with a plaintext password and no comments, for easy copy & paste.
-<oper
- name="Brain"
- password="youshouldhashthis"
- host="brain@dialup15.isp.test.com *@localhost *@example.com *@2001:db8::/32"
- #fingerprint="67cb9dc013248a829bb2171ed11becd4"
- type="NetAdmin">
+# <oper
+# name="Brain"
+# password="youshouldhashthis"
+# host="brain@dialup15.isp.test.com *@localhost *@example.com *@2001:db8::/32"
+# #fingerprint="67cb9dc013248a829bb2171ed11becd4"
+# type="NetAdmin">
# Operator with a hashed password. It is highly recommended to use hashed passwords.
-<oper
- # name: Oper login that is used to oper up (/OPER <username> <password>).
- # Remember: This is case sensitive.
- name="Adam"
-
- # hash: The hash function this password is hashed with. Requires the
- # module for the selected function (bcrypt, md5, sha1, or sha256) and
- # the password hashing module (password_hash) to be loaded.
- #
- # You may also use any of the above other than bcrypt prefixed with
- # either "hmac-" or "pbkdf2-hmac-" (requires the pbkdf2 module).
- # Create hashed passwords with: /MKPASSWD <hashtype> <plaintext>.
- hash="bcrypt"
-
- # password: A hash of the password (see above option) hashed
- # with /MKPASSWD <hashtype> <plaintext>. See the password_hash module
- # in modules.conf for more information about password hashing.
- password="qQmv3LcF$Qh63wzmtUqWp9OXnLwe7yv1GcBwHpq59k2a0UrY8xe0"
-
- # host: What hostnames and IPs are allowed to use this operator account.
- # Multiple options can be separated by spaces and CIDRs are allowed.
- # You can use just * or *@* for this section, but it is not recommended
- # for security reasons.
- host="*@127.0.0.1 *@192.0.2.40 *@198.51.100.4"
-
- # type: Which type of operator this person is; see the block
- # above for the list of types. NOTE: This is case-sensitive as well.
- type="Helper">
+# <oper
+# # name: Oper login that is used to oper up (/OPER <username> <password>).
+# # Remember: This is case sensitive.
+# name="Adam"
+#
+# # hash: The hash function this password is hashed with. Requires the
+# # module for the selected function (bcrypt, md5, sha1, or sha256) and
+# # the password hashing module (password_hash) to be loaded.
+# #
+# # You may also use any of the above other than bcrypt prefixed with
+# # either "hmac-" or "pbkdf2-hmac-" (requires the pbkdf2 module).
+# # Create hashed passwords with: /MKPASSWD <hashtype> <plaintext>.
+# hash="bcrypt"
+#
+# # password: A hash of the password (see above option) hashed
+# # with /MKPASSWD <hashtype> <plaintext>. See the password_hash module
+# # in modules.conf for more information about password hashing.
+# password="qQmv3LcF$Qh63wzmtUqWp9OXnLwe7yv1GcBwHpq59k2a0UrY8xe0"
+#
+# # host: What hostnames and IPs are allowed to use this operator account.
+# # Multiple options can be separated by spaces and CIDRs are allowed.
+# # You can use just * or *@* for this section, but it is not recommended
+# # for security reasons.
+# host="*@127.0.0.1 *@192.0.2.40 *@198.51.100.4"
+#
+# # type: Which type of operator this person is; see the block
+# # above for the list of types. NOTE: This is case-sensitive as well.
+# type="Helper">
# Once you have edited this file you can remove this line. This is just to
# ensure that you don't hastily include the file without reading it.
--
2.47.0
