summaryrefslogtreecommitdiffstats
path: root/krebs/2configs/ircd.nix
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2017-09-04 00:16:54 +0200
committerlassulus <lassulus@lassul.us>2017-09-04 00:29:30 +0200
commit2855881c732c041d9b6cd9c830d6ac4b84157b17 (patch)
treef57ac5858b875cba9b807eff5c4e4e200e3802dd /krebs/2configs/ircd.nix
parent5b4af805ecc2ea4ea7abd4f3298686282778d7e9 (diff)
move news & deps: echelon.r -> puyak.r
Diffstat (limited to 'krebs/2configs/ircd.nix')
-rw-r--r--krebs/2configs/ircd.nix101
1 files changed, 101 insertions, 0 deletions
diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix
new file mode 100644
index 000000000..116337733
--- /dev/null
+++ b/krebs/2configs/ircd.nix
@@ -0,0 +1,101 @@
+{ config, pkgs, ... }:
+
+{
+ networking.firewall.allowedTCPPorts = [
+ 6667 6669
+ ];
+
+ services.charybdis = {
+ enable = true;
+ config = ''
+ serverinfo {
+ name = "${config.krebs.build.host.name}.irc.retiolum";
+ sid = "1as";
+ description = "miep!";
+ network_name = "irc.retiolum";
+ hub = yes;
+
+ vhost = "0.0.0.0";
+ vhost6 = "::";
+
+ #ssl_private_key = "etc/ssl.key";
+ #ssl_cert = "etc/ssl.cert";
+ #ssl_dh_params = "etc/dh.pem";
+ #ssld_count = 1;
+
+ default_max_clients = 10000;
+ #nicklen = 30;
+ };
+
+ listen {
+ defer_accept = yes;
+
+ /* If you want to listen on a specific IP only, specify host.
+ * host definitions apply only to the following port line.
+ */
+ host = "0.0.0.0";
+ port = 6667;
+ sslport = 6697;
+
+ /* Listen on IPv6 (if you used host= above). */
+ host = "::";
+ port = 6667;
+ sslport = 9999;
+ };
+
+ class "users" {
+ ping_time = 2 minutes;
+ number_per_ident = 10;
+ number_per_ip = 2048;
+ number_per_ip_global = 4096;
+ cidr_ipv4_bitlen = 24;
+ cidr_ipv6_bitlen = 64;
+ number_per_cidr = 65536;
+ max_number = 3000;
+ sendq = 1 megabyte;
+ };
+
+ exempt {
+ ip = "127.0.0.1";
+ };
+
+ exempt {
+ ip = "10.243.0.0/16";
+ };
+
+ auth {
+ user = "*@*";
+ class = "users";
+ flags = kline_exempt, exceed_limit, flood_exempt;
+ };
+
+ channel {
+ use_invex = yes;
+ use_except = yes;
+ use_forward = yes;
+ use_knock = yes;
+ knock_delay = 5 minutes;
+ knock_delay_channel = 1 minute;
+ max_chans_per_user = 15;
+ max_bans = 100;
+ max_bans_large = 500;
+ default_split_user_count = 0;
+ default_split_server_count = 0;
+ no_create_on_split = no;
+ no_join_on_split = no;
+ burst_topicwho = yes;
+ kick_on_split_riding = no;
+ only_ascii_channels = no;
+ resv_forcepart = yes;
+ channel_target_change = yes;
+ disable_local_channels = no;
+ };
+ general {
+ #maybe we want ident someday?
+ disable_auth = yes;
+ throttle_duration = 1;
+ throttle_count = 1000;
+ };
+ '';
+ };
+}