commit ce8755654467252c91c09e53e236dc789342995b Author: Matt Housh <jaeger@crux.ninja> Date: Fri Feb 8 10:23:24 2019 -0600 ngircd: initial import, version 25 diff --git a/ngircd/.footprint b/ngircd/.footprint new file mode 100644 index 00000000..a1271a80 --- /dev/null +++ b/ngircd/.footprint @@ -0,0 +1,16 @@ +drwxr-xr-x root/root etc/ +-rw------- root/root etc/ngircd.conf +drwxr-xr-x root/root etc/rc.d/ +-rwxr-xr-x root/root etc/rc.d/ngircd +drwxr-xr-x root/root usr/ +drwxr-xr-x root/root usr/sbin/ +-rwxr-xr-x root/root usr/sbin/ngircd +drwxr-xr-x root/root usr/share/ +drwxr-xr-x root/root usr/share/man/ +drwxr-xr-x root/root usr/share/man/man5/ +-rw-r--r-- root/root usr/share/man/man5/ngircd.conf.5.gz +drwxr-xr-x root/root usr/share/man/man8/ +-rw-r--r-- root/root usr/share/man/man8/ngircd.8.gz +drwxr-xr-x root/root var/ +drwxr-xr-x root/root var/run/ +drwxr-xr-x ngircd/root var/run/ngircd/ diff --git a/ngircd/.signature b/ngircd/.signature new file mode 100644 index 00000000..159c080b --- /dev/null +++ b/ngircd/.signature @@ -0,0 +1,7 @@ +untrusted comment: verify with /etc/ports/contrib.pub +RWSagIOpLGJF34WYNXaUBGmh5I6Empg5+DxG5wVJctd/tr2KKPsZXTprmJo8SmSEkZ4jHf42Bvg4tCqFUXibjaczmIAQyuPmZA4= +SHA256 (Pkgfile) = af82c3f7c5e397e84b8eec0030748b4e6ec949682bf8aa5eea86b4227f68203e +SHA256 (.footprint) = 571f686839e084a4f0b36738b1e74a193facb5c83639df174201a250aa5f31f8 +SHA256 (ngircd-25.tar.gz) = 51915780519bae43da3798807e3bed60d887e4eaa728354aa6bb61cdbcda49ba +SHA256 (ngircd) = a82ea532a536ee46156cf5820a4f042ec54dae1d8c5f4c752e8d3040c3f68df2 +SHA256 (ngircd.conf) = cc377477bbca4bc216bcb0079e9326c1560dc4f1668e8611f89cbdd8cd739d8e diff --git a/ngircd/Pkgfile b/ngircd/Pkgfile new file mode 100644 index 00000000..9eecddb8 --- /dev/null +++ b/ngircd/Pkgfile @@ -0,0 +1,26 @@ +# Description: A free, portable and lightweight Internet Relay Chat server for small or private network +# URL: https://ngircd.barton.de/ +# Maintainer: Matt Housh, jaeger at crux dot ninja +# Depends on: openssl zlib + +name=ngircd +version=25 +release=1 +source=(http://ngircd.sourceforge.net/pub/$name/$name-$version.tar.gz \ + $name $name.conf) + +build() { + cd $name-$version + ./configure --prefix=/usr \ + --sysconfdir=/etc \ + --with-openssl + make + make DESTDIR=$PKG install + install -d -m 0755 -o $name \ + $PKG/var/run/$name + install -D -m 0755 $SRC/$name \ + $PKG/etc/rc.d/$name + install -m 0600 $SRC/$name.conf \ + $PKG/etc/$name.conf + rm -r $PKG/usr/share/doc +} diff --git a/ngircd/ngircd b/ngircd/ngircd new file mode 100755 index 00000000..083948e4 --- /dev/null +++ b/ngircd/ngircd @@ -0,0 +1,42 @@ +#!/bin/sh +# +# /etc/rc.d/ngircd: start/stop the ngircd daemon +# + +SSD=/sbin/start-stop-daemon +PROG=/usr/sbin/ngircd +PID=/var/run/ngircd/ngircd.pid +OPTS="-f /etc/ngircd.conf" + +case $1 in + "start") + $SSD --start --pidfile $PID --exec $PROG -- $OPTS + ;; + "stop") + $SSD --stop --retry 10 --pidfile $PID + ;; + "restart") + $0 stop + $0 start + ;; + "status") + $SSD --status --pidfile $PID + case $? in + 0) + echo "$PROG is running with pid $(cat $PID)" + ;; + 1) + echo "$PROG is not running but pid file $PID exists" + ;; + 3) + echo "$PROG is not running" + ;; + 4) + echo "Unable to determine program status" + ;; + esac + ;; + *) + echo "Usage: $0 [start|stop|restart|status]" + ;; +esac diff --git a/ngircd/ngircd.conf b/ngircd/ngircd.conf new file mode 100644 index 00000000..8ea9eae6 --- /dev/null +++ b/ngircd/ngircd.conf @@ -0,0 +1,404 @@ +# +# This is a sample configuration file for the ngIRCd IRC daemon, which must +# be customized to the local preferences and needs. +# +# Comments are started with "#" or ";". +# +# A lot of configuration options in this file start with a ";". You have +# to remove the ";" in front of each variable to actually set a value! +# The disabled variables are shown with example values for completeness only +# and the daemon is using compiled-in default settings. +# +# Use "ngircd --configtest" (see manual page ngircd(8)) to validate that the +# server interprets the configuration file as expected! +# +# Please see ngircd.conf(5) for a complete list of configuration options +# and their descriptions. +# + +[Global] + # The [Global] section of this file is used to define the main + # configuration of the server, like the server name and the ports + # on which the server should be listening. + # These settings depend on your personal preferences, so you should + # make sure that they correspond to your installation and setup! + + # Server name in the IRC network, must contain at least one dot + # (".") and be unique in the IRC network. Required! + Name = irc.example.net + + # Information about the server and the administrator, used by the + # ADMIN command. Not required by server but by RFC! + ;AdminInfo1 = Description + ;AdminInfo2 = Location + ;AdminEMail = admin@irc.server + + # Text file which contains the ngIRCd help text. This file is required + # to display help texts when using the "HELP <cmd>" command. + ;HelpFile = /usr/share/doc/ngircd/Commands.txt + + # Info text of the server. This will be shown by WHOIS and + # LINKS requests for example. + Info = Server Info Text + + # Comma separated list of IP addresses on which the server should + # listen. Default values are: + # "0.0.0.0" or (if compiled with IPv6 support) "::,0.0.0.0" + # so the server listens on all IP addresses of the system by default. + ;Listen = 127.0.0.1,192.168.0.1 + + # Text file with the "message of the day" (MOTD). This message will + # be shown to all users connecting to the server: + ;MotdFile = /etc/ngircd.motd + + # A simple Phrase (<127 chars) if you don't want to use a motd file. + ;MotdPhrase = "Hello world!" + + # The name of the IRC network to which this server belongs. This name + # is optional, should only contain ASCII characters, and can't contain + # spaces. It is only used to inform clients. The default is empty, + # so no network name is announced to clients. + ;Network = aIRCnetwork + + # Global password for all users needed to connect to the server. + # (Default: not set) + ;Password = abc + + # This tells ngIRCd to write its current process ID to a file. + # Note that the pidfile is written AFTER chroot and switching the + # user ID, e.g. the directory the pidfile resides in must be + # writable by the ngIRCd user and exist in the chroot directory. + PidFile = /var/run/ngircd/ngircd.pid + + # Ports on which the server should listen. There may be more than + # one port, separated with ",". (Default: 6667) + ;Ports = 6667, 6668, 6669 + + # Group ID under which the ngIRCd should run; you can use the name + # of the group or the numerical ID. ATTENTION: For this to work the + # server must have been started with root privileges! + ServerGID = ngircd + + # User ID under which the server should run; you can use the name + # of the user or the numerical ID. ATTENTION: For this to work the + # server must have been started with root privileges! In addition, + # the configuration and MOTD files must be readable by this user, + # otherwise RESTART and REHASH won't work! + ServerUID = ngircd + +[Limits] + # Define some limits and timeouts for this ngIRCd instance. Default + # values should be safe, but it is wise to double-check :-) + + # The server tries every <ConnectRetry> seconds to establish a link + # to not yet (or no longer) connected servers. + ;ConnectRetry = 60 + + # Number of seconds after which the whole daemon should shutdown when + # no connections are left active after handling at least one client + # (0: never, which is the default). + # This can be useful for testing or when ngIRCd is started using + # "socket activation" with systemd(8), for example. + ;IdleTimeout = 0 + + # Maximum number of simultaneous in- and outbound connections the + # server is allowed to accept (0: unlimited): + ;MaxConnections = 0 + + # Maximum number of simultaneous connections from a single IP address + # the server will accept (0: unlimited): + ;MaxConnectionsIP = 5 + + # Maximum number of channels a user can be member of (0: no limit): + ;MaxJoins = 10 + + # Maximum length of an user nickname (Default: 9, as in RFC 2812). + # Please note that all servers in an IRC network MUST use the same + # maximum nickname length! + ;MaxNickLength = 9 + + # Maximum penalty time increase in seconds, per penalty event. Set to -1 + # for no limit (the default), 0 to disable penalties altogether. The + # daemon doesn't use penalty increases higher than 2 seconds during + # normal operation, so values greater than 1 rarely make sense. + ;MaxPenaltyTime = -1 + + # Maximum number of channels returned in response to a /list + # command (0: unlimited): + ;MaxListSize = 100 + + # After <PingTimeout> seconds of inactivity the server will send a + # PING to the peer to test whether it is alive or not. + ;PingTimeout = 120 + + # If a client fails to answer a PING with a PONG within <PongTimeout> + # seconds, it will be disconnected by the server. + ;PongTimeout = 20 + +[Options] + # Optional features and configuration options to further tweak the + # behavior of ngIRCd. If you want to get started quickly, you most + # probably don't have to make changes here -- they are all optional. + + # List of allowed channel types (channel prefixes) for newly created + # channels on the local server. By default, all supported channel + # types are allowed. Set this variable to the empty string to disallow + # creation of new channels by local clients at all. + ;AllowedChannelTypes = #&+ + + # Are remote IRC operators allowed to control this server, e.g. + # use commands like CONNECT, SQUIT, DIE, ...? + ;AllowRemoteOper = no + + # A directory to chroot in when everything is initialized. It + # doesn't need to be populated if ngIRCd is compiled as a static + # binary. By default ngIRCd won't use the chroot() feature. + # ATTENTION: For this to work the server must have been started + # with root privileges! + ;ChrootDir = /var/empty + + # Set this hostname for every client instead of the real one. + # Use %x to add the hashed value of the original hostname. + ;CloakHost = cloaked.host + + # Use this hostname for hostname cloaking on clients that have the + # user mode "+x" set, instead of the name of the server. + # Use %x to add the hashed value of the original hostname. + ;CloakHostModeX = cloaked.user + + # The Salt for cloaked hostname hashing. When undefined a random + # hash is generated after each server start. + ;CloakHostSalt = abcdefghijklmnopqrstuvwxyz + + # Set every clients' user name to their nickname + ;CloakUserToNick = yes + + # Try to connect to other IRC servers using IPv4 and IPv6, if possible. + ;ConnectIPv6 = yes + ;ConnectIPv4 = yes + + # Default user mode(s) to set on new local clients. Please note that + # only modes can be set that the client could set using regular MODE + # commands, you can't set "a" (away) for example! Default: none. + ;DefaultUserModes = i + + # Do DNS lookups when a client connects to the server. + ;DNS = yes + + # Do IDENT lookups if ngIRCd has been compiled with support for it. + # Users identified using IDENT are registered without the "~" character + # prepended to their user name. + ;Ident = yes + + # Directory containing configuration snippets (*.conf), that should + # be read in after parsing this configuration file. + ;IncludeDir = /etc/conf.d + + # Enhance user privacy slightly (useful for IRC server on TOR or I2P) + # by censoring some information like idle time, logon time, etc. + ;MorePrivacy = no + + # Normally ngIRCd doesn't send any messages to a client until it is + # registered. Enable this option to let the daemon send "NOTICE *" + # messages to clients while connecting. + ;NoticeBeforeRegistration = no + + # Should IRC Operators be allowed to use the MODE command even if + # they are not(!) channel-operators? + ;OperCanUseMode = no + + # Should IRC Operators get AutoOp (+o) in persistent (+P) channels? + ;OperChanPAutoOp = yes + + # Mask IRC Operator mode requests as if they were coming from the + # server? (This is a compatibility hack for ircd-irc2 servers) + ;OperServerMode = no + + # Use PAM if ngIRCd has been compiled with support for it. + # Users identified using PAM are registered without the "~" character + # prepended to their user name. + ;PAM = yes + + # When PAM is enabled, all clients are required to be authenticated + # using PAM; connecting to the server without successful PAM + # authentication isn't possible. + # If this option is set, clients not sending a password are still + # allowed to connect: they won't become "identified" and keep the "~" + # character prepended to their supplied user name. + # Please note: To make some use of this behavior, it most probably + # isn't useful to enable "Ident", "PAM" and "PAMIsOptional" at the + # same time, because you wouldn't be able to distinguish between + # Ident'ified and PAM-authenticated users: both don't have a "~" + # character prepended to their respective user names! + ;PAMIsOptional = no + + # When PAM is enabled, this value determines the used PAM + # configuration. + # This setting allows to run multiple ngIRCd instances with + # different PAM configurations on each instance. + # If you set it to "ngircd-foo", PAM will use + # /etc/pam.d/ngircd-foo instead of the default + # /etc/pam.d/ngircd. + ;PAMServiceName = ngircd + + # Let ngIRCd send an "authentication PING" when a new client connects, + # and register this client only after receiving the corresponding + # "PONG" reply. + ;RequireAuthPing = no + + # Silently drop all incoming CTCP requests. + ;ScrubCTCP = no + + # Syslog "facility" to which ngIRCd should send log messages. + # Possible values are system dependent, but most probably auth, daemon, + # user and local1 through local7 are possible values; see syslog(3). + # Default is "local5" for historical reasons, you probably want to + # change this to "daemon", for example. + ;SyslogFacility = local1 + + # Password required for using the WEBIRC command used by some + # Web-to-IRC gateways. If not set/empty, the WEBIRC command can't + # be used. (Default: not set) + ;WebircPassword = xyz + +;[SSL] + # SSL-related configuration options. Please note that this section + # is only available when ngIRCd is compiled with support for SSL! + # So don't forget to remove the ";" above if this is the case ... + + # SSL Server Key Certificate + ;CertFile = /etc/ssl/server-cert.pem + + # Select cipher suites allowed for SSL/TLS connections. This defaults + # to HIGH:!aNULL:@STRENGTH (OpenSSL) or SECURE128 (GnuTLS). + # See 'man 1ssl ciphers' (OpenSSL) or 'man 3 gnutls_priority_init' + # (GnuTLS) for details. + # For OpenSSL: + ;CipherList = HIGH:!aNULL:@STRENGTH:!SSLv3 + # For GnuTLS: + ;CipherList = SECURE128:-VERS-SSL3.0 + + # Diffie-Hellman parameters + ;DHFile = /etc/ssl/dhparams.pem + + # SSL Server Key + ;KeyFile = /etc/ssl/server-key.pem + + # password to decrypt SSLKeyFile (OpenSSL only) + ;KeyFilePassword = secret + + # Additional Listen Ports that expect SSL/TLS encrypted connections + ;Ports = 6697, 9999 + +[Operator] + # [Operator] sections are used to define IRC Operators. There may be + # more than one [Operator] block, one for each local operator. + + # ID of the operator (may be different of the nickname) + ;Name = TheOper + + # Password of the IRC operator + ;Password = ThePwd + + # Optional Mask from which /OPER will be accepted + ;Mask = *!ident@somewhere.example.com + +[Operator] + # More [Operator] sections, if you like ... + +[Server] + # Other servers are configured in [Server] sections. If you + # configure a port for the connection, then this ngircd tries to + # connect to to the other server on the given port; if not it waits + # for the other server to connect. + # There may be more than one server block, one for each server. + # + # Server Groups: + # The ngIRCd allows "server groups": You can assign an "ID" to every + # server with which you want this ngIRCd to link. If a server of a + # group won't answer, the ngIRCd tries to connect to the next server + # in the given group. But the ngircd never tries to connect to two + # servers with the same group ID. + + # IRC name of the remote server, must match the "Name" variable in + # the [Global] section of the other server (when using ngIRCd). + ;Name = irc2.example.net + + # Internet host name or IP address of the peer (only required when + # this server should establish the connection). + ;Host = connect-to-host.example.net + + # IP address to use as _source_ address for the connection. if + # unspecified, ngircd will let the operating system pick an address. + ;Bind = 10.0.0.1 + + # Port of the server to which the ngIRCd should connect. If you + # assign no port the ngIRCd waits for incoming connections. + ;Port = 6667 + + # Own password for the connection. This password has to be configured + # as "PeerPassword" on the other server. + ;MyPassword = MySecret + + # Foreign password for this connection. This password has to be + # configured as "MyPassword" on the other server. + ;PeerPassword = PeerSecret + + # Group of this server (optional) + ;Group = 123 + + # Set the "Passive" option to "yes" if you don't want this ngIRCd to + # connect to the configured peer (same as leaving the "Port" variable + # empty). The advantage of this option is that you can actually + # configure a port an use the IRC command CONNECT more easily to + # manually connect this specific server later. + ;Passive = no + + # Connect to the remote server using TLS/SSL (Default: false) + ;SSLConnect = yes + + # Define a (case insensitive) list of masks matching nicknames that + # should be treated as IRC services when introduced via this remote + # server, separated by commas (","). + # REGULAR SERVERS DON'T NEED this parameter, so leave it empty + # (which is the default). + # When you are connecting IRC services which mask as a IRC server + # and which use "virtual users" to communicate with, for example + # "NickServ" and "ChanServ", you should set this parameter to + # something like "*Serv" or "NickServ,ChanServ,XyzServ". + ;ServiceMask = *Serv,Global + +[Server] + # More [Server] sections, if you like ... + +[Channel] + # Pre-defined channels can be configured in [Channel] sections. + # Such channels are created by the server when starting up and even + # persist when there are no more members left. + # Persistent channels are marked with the mode 'P', which can be set + # and unset by IRC operators like other modes on the fly. + # There may be more than one [Channel] block, one for each channel. + + # Name of the channel + ;Name = #TheName + + # Topic for this channel + ;Topic = a great topic + + # Initial channel modes + ;Modes = tnk + + # initial channel password (mode k) + ;Key = Secret + + # Key file, syntax for each line: "<user>:<nick>:<key>". + # Default: none. + ;KeyFile = /etc/#chan.key + + # maximum users per channel (mode l) + ;MaxUsers = 23 + +[Channel] + # More [Channel] sections, if you like ... + +# -eof- diff --git a/ngircd/pre-install b/ngircd/pre-install new file mode 100755 index 00000000..b400d19f --- /dev/null +++ b/ngircd/pre-install @@ -0,0 +1,10 @@ +#!/bin/sh + +if [ -z "`getent group ngircd`" ]; then + /usr/sbin/groupadd --system ngircd +fi + +if [ -z "`getent passwd ngircd`" ]; then + /usr/sbin/useradd -r -g ngircd -d /var/empty -s /bin/false -c "ngircd server" ngircd + /usr/bin/passwd -l ngircd +fi