Installing Anope
Anope is a set of IRC services. It is cross-platform (runs on Linux and BSD) and works well with a variety of IRCds such as [ngircd. Anope is a set of IRC services. It is cross-platform (runs on Linux and BSD) and works well with a variety of IRCds such as [ngircd.
Anope provides users with the NickServ, ChanServ and other *Serv that users expect from IRC. This allows users to register their nicknames, channels, and much more.
The main drawback to anope is that it is written in C++ and has too many configurable parameters for most new admins of IRC.
Building
First, install cmake
and gettext-tools
(internationalization support):
$ doas pkg_add cmake gettext-tools
Create a new user for anope:
$ doas useradd -m -g =uid -c "anope" -d /home/anope -s /bin/ksh anope
$ doas su anope
$ cd
Next, download the latest [[https://github.com/anope/anope/releases]] of Anope:
$ ftp https://github.com/anope/anope/archive/refs/tags/2.0.10.tar.gz
$ tar -zxf 2.0.10.tar.gz
$ cd anope-2.0.10
Before proceeding, make sure to thoroughly read README.md and the
docs/ folder.
$ ./Config
Default settings are recommended. Press enter for every question asked.
For these two questions, type NONE in all caps.
Next, build Anope:
$ cd build/
$ make
$ make install
Create services.conf:
$ cd ~/services/conf/
$ cp example.conf services.conf
Edit services.conf:
define
{
name = "services.host"
value = "services.irc.example.com"
}
Replace services.irc.example.com
with your real hostname.
uplink
{
host = "127.0.0.1"
ipv6 = no
ssl = no
port = 16667
password = "NGIRCDMYPASSWORD"
}
The host is the address of the server you want to connect to. In this setup, anope will be running on the same server that ngircd will be running on.
We want to disable IPv6 and use [IPv4 only. SSL is not necessary because we are connecting to localhost. We want to disable IPv6 and use [IPv4 only. SSL is not necessary because we are connecting to localhost.
NOTE: ngircd must be set to listen on port 16667 (or whatever port you decide to use.md).
The server password must match MyPassword in ngircd.conf's [Server block. The server password must match MyPassword in ngircd.conf's [Server block.
serverinfo
{
name = "services.irc.example.com"
description = "Services for IRC Networks"
pid = "data/services.pid"
motd = "conf/services.motd"
}
Replace services.irc.example.com
with the actual hostname. Replace the description. The rest should be left untouched.
module
{
name = "ngircd"
use_server_side_mlock = yes
use_server_side_topiclock = yes
}
WARNING: Your module must match your ircd. In this guide, we use the ngircd module.
networkinfo
{
networkname = "ExampleNet"
nicklen = 16
userlen = 16
hostlen = 64
chanlen = 32
modelistsize = 100
vhost_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-"
allow_undotted_vhosts = false
disallow_start_or_end = ".-"
}
Replace ExampleNet
with your actual network name.
On IRCNow, nicklen
(the maximum nick length) and userlen
(the maximum ident length.md) are both 16. The rest are left at defaults.
You will need to configure the rest of services.conf according to the comments. The defaults are generally sensible.
Adding Operators
For each IRC operator, create a block:
oper
{
name = "OPERNICK"
type = "Services Root"
require_oper = yes
password = "OPERPASSWORD"
#certfp = "ed3383b3f7d74e89433ddaa4a6e5b2d7"
#host = "*@*.anope.org ident@*"
#vhost = "oper.mynet"
}
Replace OPERNICK
with your operator's nickname. require_oper will require the user first be an oper on the IRCd before he can be services operator. The user must first type /quote oper OPERNICK PASSWORD
Anope has four levels of operators:
|| Operator Level
|| border=1 width=100%25 class="simpletable"
||# Type ||# Commands ||
|| Helper || HostServ (approves vhosts.md) ||
|| Services Operator || HostServ, ChanServ (some), [OperServ (some.md) || || Services Operator || HostServ, ChanServ (some), [OperServ (some.md) ||
|| Services Administrator || [HostServ|anope/HostServ]], [ChanServ|anope/chanserv]] (some), [[OperServ|anope/operserv]] (some), [BotServ, [MemoServ, [Global || || Services Administrator || [HostServ|anope/HostServ]], [ChanServ|anope/chanserv]] (some), [[OperServ|anope/operserv]] (some), [BotServ, [MemoServ, [Global ||
|| Services Root || All ||
If a password is defined, the user must login using /squery OPERSERV LOGIN
.
mail
{
usemail = yes
sendmailpath = "/usr/sbin/sendmail -t"
sendfrom = "services@example.com"
delay = 5m
registration_subject = "Nickname registration for %25n"
registration_message = "Hi,
You have requested to register the nickname %25n on %25N.
Please type \" /msg NickServ CONFIRM %25c \" to complete registration.
If you don't know why this mail was sent to you, please ignore it silently.
%25N administrators."
reset_subject = "Reset password request for %25n"
reset_message = "Hi,
You have requested to have the password for %25n reset.
To reset your password, type \" /msg NickServ CONFIRM %25n %25c \"
If you don't know why this mail was sent to you, please ignore it silently.
%25N administrators."
emailchange_subject = "Email confirmation"
emailchange_message = "Hi,
You have requested to change your email address from %25e to %25E.
Please type \" /msg NickServ CONFIRM %25c \" to confirm this change.
If you don't know why this mail was sent to you, please ignore it silently.
%25N administrators."
memo_subject = "New memo"
memo_message = "Hi %25n,
You've just received a new memo from %25s. This is memo number %25d.
Memo text:
%25t"
}
We set usemail to yes so that users can reset their passwords. Make sure your mail server is configured and [running properly before enabling this option. We set usemail to yes so that users can reset their passwords. Make sure your mail server is configured and [running properly before enabling this option.
Replace services@example.com
with the actual email address you plan to send mail from.
NOTE: sendmail must be able to send from this email address.
The rest of the configuration uses the defaults.
Edit /home/anope/services/conf/nickserv.conf
:
defaults = "killprotect ns_secure ns_private hide_email hide_mask memo
_signon memo_receive autoop"
killprotect will give users 60 seconds to identify if they use a registered nick. If they do not identify within that time, they are killed.
restrictopernicks = yes
Configuring ngircd.conf
In ngircd.conf, you need a block that looks like this:
[Server]
Name = services.irc.example.com
Host = 127.0.0.1
;Bind = 192.168.0.1
Port = 16667
MyPassword = NGIRCDMYPASSWORD
PeerPassword = NGIRCDPEERPASSWORD
;Group = 123
Passive = yes
SSLConnect = false
ServiceMask = *Serv,Global
Replace services.irc.example.com
with the actual services hostname. The host will likely be 127.0.0.1 (again, because anope is running on the same server as ngircd). The port should be 16667.
Make sure that MyPassword matches the server password for the uplink block in anope. Set Passive to yes so that ngircd does not automatically connect to anope (let anope initiate the connection), and turn off SSL.
Finally, we set the ServiceMask. This lets ngircd know that the nicknames *Serv and Global belong to IRC Services.
If ngircd is already running, remember to reload changes to ngircd.conf:
$ doas rcctl reload ngircd
NOTE: restarting ngircd is unnecessary and results in downtime.
To start services:
$ cd ~/services/bin
$ ./anoperc start
If './anoperc start' fails, please double check the conf file.
Automation
While logged in as user anope:
$ cp ~/services/conf/{example,services}.chk
$ chmod +x ~/services/conf/services.chk
Edit the lines in ~/services/conf/services.chk to read as follows:
# Anope binary directory
ANOPATH=/home/anope/services/bin
# Anope data directory
ANODATA=/home/anope/services/data
# Name of the pid file
ANOPIDF=services.pid
# Name of the executable
ANOPROG=services
# Parameters to pass to the executable
ANOARGS=""
#ANOARGS="-debug"
While logged in as user anope, set up a cronjob with this entry:
$ crontab -e
*/5 * * * * /home/anope/services/conf/services.chk >/home/anope/services/logs/services.log 2>&1
Troubleshooting
If you run into issues, check /home/anope/services/logs.