From 2855881c732c041d9b6cd9c830d6ac4b84157b17 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 4 Sep 2017 00:16:54 +0200
Subject: move news & deps: echelon.r -> puyak.r

---
 krebs/2configs/ircd.nix | 101 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 101 insertions(+)
 create mode 100644 krebs/2configs/ircd.nix

(limited to 'krebs/2configs/ircd.nix')

diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix
new file mode 100644
index 00000000..11633773
--- /dev/null
+++ b/krebs/2configs/ircd.nix
@@ -0,0 +1,101 @@
+{ config, pkgs, ... }:
+
+{
+  networking.firewall.allowedTCPPorts = [
+    6667 6669
+  ];
+
+  services.charybdis = {
+    enable = true;
+    config = ''
+      serverinfo {
+        name = "${config.krebs.build.host.name}.irc.retiolum";
+        sid = "1as";
+        description = "miep!";
+        network_name = "irc.retiolum";
+        hub = yes;
+
+        vhost = "0.0.0.0";
+        vhost6 = "::";
+
+        #ssl_private_key = "etc/ssl.key";
+        #ssl_cert = "etc/ssl.cert";
+        #ssl_dh_params = "etc/dh.pem";
+        #ssld_count = 1;
+
+        default_max_clients = 10000;
+        #nicklen = 30;
+      };
+
+      listen {
+        defer_accept = yes;
+
+        /* If you want to listen on a specific IP only, specify host.
+         * host definitions apply only to the following port line.
+         */
+        host = "0.0.0.0";
+        port = 6667;
+        sslport = 6697;
+
+        /* Listen on IPv6 (if you used host= above). */
+        host = "::";
+        port = 6667;
+        sslport = 9999;
+      };
+
+      class "users" {
+        ping_time = 2 minutes;
+        number_per_ident = 10;
+        number_per_ip = 2048;
+        number_per_ip_global = 4096;
+        cidr_ipv4_bitlen = 24;
+        cidr_ipv6_bitlen = 64;
+        number_per_cidr = 65536;
+        max_number = 3000;
+        sendq = 1 megabyte;
+      };
+
+      exempt {
+        ip = "127.0.0.1";
+      };
+
+      exempt {
+        ip = "10.243.0.0/16";
+      };
+
+      auth {
+        user = "*@*";
+        class = "users";
+        flags = kline_exempt, exceed_limit, flood_exempt;
+      };
+
+      channel {
+        use_invex = yes;
+        use_except = yes;
+        use_forward = yes;
+        use_knock = yes;
+        knock_delay = 5 minutes;
+        knock_delay_channel = 1 minute;
+        max_chans_per_user = 15;
+        max_bans = 100;
+        max_bans_large = 500;
+        default_split_user_count = 0;
+        default_split_server_count = 0;
+        no_create_on_split = no;
+        no_join_on_split = no;
+        burst_topicwho = yes;
+        kick_on_split_riding = no;
+        only_ascii_channels = no;
+        resv_forcepart = yes;
+        channel_target_change = yes;
+        disable_local_channels = no;
+      };
+      general {
+        #maybe we want ident someday?
+        disable_auth = yes;
+        throttle_duration = 1;
+        throttle_count = 1000;
+      };
+    '';
+  };
+}
-- 
cgit v1.2.3