Dzahn has submitted this change and it was merged.
Change subject: mw_rc_irc: add "secret" files without real secret data
......................................................................
mw_rc_irc: add "secret" files without real secret data
The IP addresses used here are only examples that
don't exist on the Internet. (RFC5737)
Passwords are fake. This is as usual to keep the compiler happy
when testing changes on this role.
The actually private prod repo has the real IPs and passwords.
Change-Id: I94b182269e0cca83f22e1d0db70b689d17361d85
---
A modules/secret/secrets/mw_rc_irc/auth.conf
A modules/secret/secrets/mw_rc_irc/operator.conf
2 files changed, 105 insertions(+), 0 deletions(-)
Approvals:
Dzahn: Verified; Looks good to me, approved
diff --git a/modules/secret/secrets/mw_rc_irc/auth.conf
b/modules/secret/secrets/mw_rc_irc/auth.conf
new file mode 100644
index 0000000..7c85978
--- /dev/null
+++ b/modules/secret/secrets/mw_rc_irc/auth.conf
@@ -0,0 +1,45 @@
+/* auth {}: allow users to connect to the ircd (OLD I:) */
+auth {
+ /* user: the user@host allowed to connect. multiple IPv4/IPv6 user
+ * lines are permitted per auth block. examples below using
non-existent IPs (RFC5737)
+ */
+ user="*@192.0.2.1";
+ user="*@127.0.0.1";
+ user="*@203.0.113.1";
+ user="user@192.0.2.1";
+
+ /* password: an optional password that is required to use this block.
+ * By default this is not encrypted, specify the flag "encrypted" in
+ * flags = ...; below if it is.
+ */
+
+ /* spoof: fake the users user@host to be be this. You may either
+ * specify a host or a user@host to spoof to. This is free-form,
+ * just do everyone a favour and dont abuse it. (OLD I: = flag)
+ */
+ spoof = "special.user";
+
+ /* Possible flags in auth:
+ *
+ * encrypted | password is encrypted with mkpasswd
+ * spoof_notice | give a notice when spoofing hosts
+ * exceed_limit (old > flag) | allow user to exceed class user limits
+ * kline_exempt (old ^ flag) | exempt this user from k/g/xlines
+ * gline_exempt (old _ flag) | exempt this user from glines
+ * spambot_exempt | exempt this user from spambot checks
+ * shide_exempt | exempt this user from serverhiding
+ * jupe_exempt | exempt this user from generating
+ * warnings joining juped channels
+ * resv_exempt | exempt this user from resvs
+ * flood_exempt | exempt this user from flood limits
+ * USE WITH CAUTION.
+ * no_tilde (old - flag) | don't prefix ~ to username if no ident
+ * need_ident (old + flag) | require ident for user in this class
+ * restricted | prevent user from sending mode changes
+ */
+ flags = kline_exempt, exceed_limit, gline_exempt, flood_exempt;
+
+ /* class: the class the user is placed in */
+ class = "opers";
+};
+
diff --git a/modules/secret/secrets/mw_rc_irc/operator.conf
b/modules/secret/secrets/mw_rc_irc/operator.conf
new file mode 100644
index 0000000..ea01796
--- /dev/null
+++ b/modules/secret/secrets/mw_rc_irc/operator.conf
@@ -0,0 +1,60 @@
+/* operator {}: defines ircd operators. (OLD O:)
+ * ircd-ratbox no longer supports local operators, privileges are
+ * controlled via flags.
+ */
+
+
+ /* privileges: controls the activities and commands an oper is
+ * allowed to do on the server. You may prefix an option with ~ to
+ * disable it, ie ~operwall
+ *
+ * Default flags are operwall, remoteban and encrypted.
+ *
+ * Available options:
+ *
+ * encrypted: the password specified above is encrypted [DEFAULT]
+ * local_kill: allows local users to be /KILL'd
+ * global_kill: allows local and remote users to be
+ * /KILL'd (OLD 'O' flag)
+ * remote: allows remote SQUIT and CONNECT (OLD 'R' flag)
+ * kline: allows KILL, KLINE and DLINE (OLD 'K' flag)
+ * unkline: allows UNKLINE and UNDLINE (OLD 'U' flag)
+ * gline: allows GLINE (OLD 'G' flag)
+ * nick_changes: allows oper to see nickchanges (OLD 'N' flag)
+ * via usermode +n
+ * rehash: allows oper to REHASH config (OLD 'H' flag)
+ * die: allows DIE and RESTART (OLD 'D' flag)
+ * admin: gives admin privileges. admins
+ * may (un)load modules and see the
+ * real IPs of servers.
+ * hidden_admin: gives admin privileges except
+ * will not have the admin lines in
+ * stats p and whois.
+ * xline: allows use of /quote xline/unxline
+ * operwall: allows the oper to send operwalls [DEFAULT]
+ * oper_spy: allows 'operspy' features to see through +s
+ * channels etc. see /quote help operspy
+ * hidden_oper: hides the oper from /stats p (OLD UMODE +p)
+ * remoteban: allows remote kline etc [DEFAULT]
+ */
+
+operator "Foo" {
+ #user="*@127.0.0.1";
+ user="*@*";
+ password="SNAKEOIL";
+ flags = global_kill, remote, kline, unkline, gline, die, rehash,
nick_changes, admin;
+ };
+
+operator "Bar" {
+ user="*@127.0.0.1";
+ user="*@203.0.113.1";
+ password="NOTREAL";
+ flags = global_kill, remote, kline, unkline, gline, die, rehash,
nick_changes, admin;
+};
+
+operator "rc" {
+ user="*@127.0.0.1";
+ user="*@special.user";
+ password="FAKEFAKEFAKE";
+};
+
--
To view, visit https://gerrit.wikimedia.org/r/287136
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I94b182269e0cca83f22e1d0db70b689d17361d85
Gerrit-PatchSet: 2
Gerrit-Project: labs/private
Gerrit-Branch: master
Gerrit-Owner: Dzahn <dz...@wikimedia.org>
Gerrit-Reviewer: Dzahn <dz...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
