Shivaram Lingamneni
e191e67632
reduce recommended bcrypt cost to the lowest allowed value
Two objectives:
1. Reduce thundering-herd effects on server restart (a cost of 4 should be
approximately 1 millisecond of CPU time per reconnecting client)
2. Speed up mobile reattach as much as possible (see also #1420 )
3 years ago
Shivaram Lingamneni
4a48e52518
fix #1490
Track channel join times, use them to optionally enforce history access
restrictions
3 years ago
Shivaram Lingamneni
e195854851
fix #1442
strip local_ from oper capab names, also consolidate unban into ban
3 years ago
Shivaram Lingamneni
48166b5b4b
Implement expiration for always-on clients
Fixes #810
3 years ago
Shivaram Lingamneni
b3daf51f0a
clean up some config comments
3 years ago
Shivaram Lingamneni
84e3b5d77b
stop autocreating d-lines for throttle violations
This didn't work correctly for IPv6 or custom nets.
/UNDLINE IP can temporarily be used to reset the throttle.
3 years ago
Mikaela Suomalainen
a68d4da5df
{default,traditional}.yaml: refer to IPs/CIDR instead of addrs
Whenever CIDR is mentioned in the config, it's in combination with IP so
talking about addressese in these points gives wrong impression that a
domain name would be valid as those are often thought as addresses.
3 years ago
Daniel Oaks
cd6d9826b2
Tweaked oper blocks.
I think that 'moderator vs admin' is a pretty common set of priv levels,
whereas 'oper vs admin' is a little confusing, esp. to less irc-savvy
people.
/SAJOIN and /SAMODE are really common for joining channels to check out
what's going on and for e.g. opping someone when nobody in the channel
is opered, so it makes sense for mods to have those. I feel similarly
about vhosts, they're usually something that's delegated to less-prived
opers.
Changed the whois line from 'a server admin' to 'the server admin' to
make it a bit more clear that this is one single user, rather than a set
of privs to be shared. And it's a tiny thing, but removed the 'less
privileged' term from alice's oper block because it felt a bit dodgy.
3 years ago
Shivaram Lingamneni
c8d999c95f
clean up and clarify example operator blocks
See #1426
3 years ago
Shivaram Lingamneni
f9b842c88b
fix #1421
Allow custom limit definitions that encompass multiple subnets
3 years ago
Shivaram Lingamneni
3ee6fd1f6c
allow overriding services hostname
Fixes #1407
3 years ago
Shivaram Lingamneni
c57828eb62
documentation updates for proxy v2
3 years ago
Shivaram Lingamneni
3062f97c2b
fix #1389
Support PROXY protocol v2, including ahead of plaintext connections
3 years ago
Shivaram Lingamneni
42d246b557
improve security properties of INVITE
See #1171 .
3 years ago
Shivaram Lingamneni
203fc580f4
fix #1049
3 years ago
Shivaram Lingamneni
4edd3198cd
rename conventional.yaml -> traditional.yaml
3 years ago
Shivaram Lingamneni
eb5a16821f
review fix: remove config blocks for vhost requests
3 years ago
Shivaram Lingamneni
76e3d67b66
replace suppress-ident with coerce-ident
3 years ago
Shivaram Lingamneni
a37a91694c
fix #1337
3 years ago
Shivaram Lingamneni
e69c6659b1
disable snomasks by default
See #1309
3 years ago
Shivaram Lingamneni
3346af2b36
change example oper vhost to 'staff'
3 years ago
Shivaram Lingamneni
78b2f61707
fix #1194
3 years ago
Shivaram Lingamneni
c470f63daf
fix #1312
3 years ago
Shivaram Lingamneni
9ed789f67c
fix #1075
3 years ago
Shivaram Lingamneni
127a03ccf3
fix #1295
3 years ago
Shivaram Lingamneni
1a98a37a75
scripting API for IP bans
See discussion on #68 .
3 years ago
Shivaram Lingamneni
af056f26a9
fixes and refactoring
3 years ago
Shivaram Lingamneni
3962ff8643
deprecate roleplay commands
See #1240
3 years ago
Shivaram Lingamneni
307adba8bd
fix #1213
3 years ago
Shivaram Lingamneni
20fcbe5147
remove stray references to timeout enforcement
These should have been removed in #1027 .
3 years ago
Shivaram Lingamneni
6628a3d1c6
fix #1244
3 years ago
Shivaram Lingamneni
32c58c1e1f
fix #1190
4 years ago
Shivaram Lingamneni
bca3dd0b41
make TAGMSG storage configurable
4 years ago
Shivaram Lingamneni
6ea2eb367d
fix #328 (implement DEFCON)
4 years ago
Shivaram Lingamneni
09c4fd3b47
enable login-via-pass-command by default
4 years ago
Shivaram Lingamneni
a4f9e08a85
fix #1151
4 years ago
Shivaram Lingamneni
01bd04a8ff
fix #1050
4 years ago
Shivaram Lingamneni
114e359347
remove ldap
4 years ago
Shivaram Lingamneni
68faf7926e
review fix
4 years ago
Shivaram Lingamneni
e61e0143bd
refactor/enhance jwt signing
4 years ago
Daniel Oaks
9b998a7582
Allow custom JWT service expiry times
4 years ago
Daniel Oaks
0bbb5d121d
Basic EXTJWT support
4 years ago
Shivaram Lingamneni
a6e2b5a3ae
update references to oragono.yaml to reflect new name of default.yaml
4 years ago
Daniel Oaks
4ecd7fdf43
Allow configuring relay
4 years ago
Daniel Oaks
4ee49f8450
Initial RELAYMSG implementation
4 years ago
Shivaram Lingamneni
95aafbc951
shorten recommended message length limits, fixes #1112
4 years ago
Shivaram Lingamneni
61738782c0
fix #1107
4 years ago
Shivaram Lingamneni
5c4425ec54
switch to nothing-up-my-sleeve example password hashes
4 years ago
Shivaram Lingamneni
b09258b698
change the default self-signed certificate filenames
4 years ago
Shivaram Lingamneni
ca7da62138
recommend that auto-away be opt-in
4 years ago