Context Navigation

soju.1.scd@ 635

Last change on this file since 635 was 632, checked in by contact, 4 years ago
doc.soju.1: fix typo and improve formatting for "certfp generate"
File size: 11.5 KB

Rev	Line
[169]	1	soju(1)
	2
	3	# NAME
	4
	5	soju - IRC bouncer
	6
	7	# SYNOPSIS
	8
	9	soju [options...]
	10
	11	# DESCRIPTION
	12
	13	soju is a user-friendly IRC bouncer. It connects to upstream IRC servers on
	14	behalf of the user to provide extra features.
	15
	16	- Multiple separate users sharing the same bouncer, each with their own
	17	upstream servers
	18	- Clients connecting to multiple upstream servers via a single connection to
	19	the bouncer
	20	- Sending the backlog (messages received while the user was disconnected from
	21	the bouncer), with per-client buffers
	22
	23	When joining a channel, the channel will be saved and automatically joined on
	24	the next connection. When registering or authenticating with NickServ, the
	25	credentials will be saved and automatically used on the next connection if the
[284]	26	server supports SASL. When parting a channel with the reason "detach", the
	27	channel will be detached instead of being left.
[169]	28
[214]	29	When all clients are disconnected from the bouncer, the user is automatically
	30	marked as away.
	31
[169]	32	soju supports two connection modes:
	33
	34	- Single upstream mode: one downstream connection maps to one upstream
	35	connection. To enable this mode, connect to the bouncer with the username
	36	"<username>/<network>". If the bouncer isn't connected to the upstream
	37	server, it will get automatically added. Then channels can be joined and
	38	parted as if you were directly connected to the upstream server.
	39	- Multiple upstream mode: one downstream connection maps to multiple upstream
	40	connections. Channels and nicks are suffixed with the network name. To join
	41	a channel, you need to use the suffix too: _/join #channel/network_. Same
	42	applies to messages sent to users.
	43
[190]	44	For per-client history to work, clients need to indicate their name. This can
	45	be done by adding a "@<client>" suffix to the username.
	46
[475]	47	soju will reload the TLS certificate and key when it receives the HUP signal.
	48
[564]	49	Administrators can broadcast a message to all bouncer users via _/notice
	50	$<hostname> <text>_, or via _/notice $\* <text>_ in multi-upstream mode. All
	51	currently connected bouncer users will receive the message from the special
	52	_BouncerServ_ service.
	53
[169]	54	# OPTIONS
	55
	56	-h, -help
	57	Show help message and quit.
	58
	59	-config <path>
[264]	60	Path to the config file. If unset, a default config file is used.
[169]	61
	62	-debug
	63	Enable debug logging (this will leak sensitive information such as
	64	passwords).
	65
[317]	66	-listen <uri>
[491]	67	Listening URI (default: ":6697"). Can be specified multiple times.
[169]	68
	69	# CONFIG FILE
	70
	71	The config file has one directive per line.
	72
[368]	73	Example:
	74
	75	```
	76	listen ircs://
	77	tls cert.pem key.pem
	78	hostname example.org
	79	```
	80
	81	The following directives are supported:
	82
[317]	83	listen <uri>
	84	Listening URI (default: ":6697").
[169]	85
[317]	86	The following URIs are supported:
	87
	88	- _[ircs://][host][:port]_ listens with TLS over TCP (default port if
	89	omitted: 6697)
	90	- _irc+insecure://[host][:port]_ listens with plain-text over TCP (default
	91	port if omitted: 6667)
[466]	92	- _unix:///<path>_ listens on a Unix domain socket
[323]	93	- _wss://[host][:port]_ listens for WebSocket connections over TLS (default
	94	port: 443)
	95	- _ws+insecure://[host][:port]_ listens for plain-text WebSocket
	96	connections (default port: 80)
[386]	97	- _ident://[host][:port]_ listens for plain-text ident connections (default
	98	port: 113)
[317]	99
	100	If the scheme is omitted, "ircs" is assumed. If multiple listen
	101	directives are specified, soju will listen on each of them.
	102
[169]	103	hostname <name>
	104	Server hostname (default: system hostname).
	105
	106	tls <cert> <key>
	107	Enable TLS support. The certificate and the key files must be PEM-encoded.
	108
[620]	109	db <driver> <source>
	110	Set the database location for user, network and channel storage. By default,
	111	a _sqlite3_ database is opened in "./soju.db".
[169]	112
[620]	113	Supported drivers:
	114
	115	- _sqlite3_ expects _source_ to be a path to the SQLite file
	116	- _postgres_ expects _source_ to be a space-separated list of _key=value_
	117	parameters, e.g. _db postgres "host=/run/postgresql dbname=soju"_. Note
	118	that _sslmode_ defaults to _require_. For more information on connection
	119	strings, see:
	120	<https://pkg.go.dev/github.com/lib/pq#hdr-Connection_String_Parameters>.
	121
[507]	122	log fs <path>
[264]	123	Path to the bouncer logs root directory, or empty to disable logging. By
	124	default, logging is disabled.
[178]	125
[323]	126	http-origin <patterns...>
	127	List of allowed HTTP origins for WebSocket listeners. The parameters are
	128	interpreted as shell patterns, see glob(7).
	129
[556]	130	By default, only the request host is authorized. Use this directive to
	131	enable cross-origin WebSockets.
	132
[370]	133	accept-proxy-ip <cidr...>
	134	Allow the specified IPs to act as a proxy. Proxys have the ability to
[611]	135	overwrite the remote and local connection addresses (via the PROXY protocol,
	136	the Forwarded HTTP header field defined in RFC 7239 or the X-Forwarded-\*
[426]	137	HTTP header fields). The special name "localhost" accepts the loopback
[611]	138	addresses 127.0.0.0/8 and ::1/128.
[370]	139
[611]	140	By default, all IPs are rejected.
	141
[612]	142	max-user-networks <limit>
	143	Maximum number of networks per user. By default, there is no limit.
	144
[169]	145	# IRC SERVICE
	146
	147	soju exposes an IRC service called BouncerServ to manage the bouncer.
	148	Commands can be sent via regular private messages
	149	(_/msg BouncerServ <command> [args...]_). Commands may be written in full or
	150	abbreviated form, for instance network can be abbreviated as net or just
	151	n.
	152
	153	help [command]
	154	Show a list of commands. If _command_ is specified, show a help message for
	155	the command.
	156
	157	network create -addr <addr> [options...]
[269]	158	Connect to a new network at _addr_. _-addr_ is mandatory.
[169]	159
[269]	160	_addr_ supports several connection types:
[317]	161
[353]	162	- _[ircs://]<host>[:port]_ connects with TLS over TCP
	163	- _irc+insecure://<host>[:port]_ connects with plain-text TCP
[369]	164	- _irc+unix:///<path>_ connects to a Unix socket
[269]	165
	166	Other options are:
	167
[169]	168	-name <name>
	169	Short network name. This will be used instead of _addr_ to refer to the
	170	network.
	171
	172	-username <username>
	173	Connect with the specified username. By default, the nickname is used.
	174
	175	-pass <pass>
	176	Connect with the specified server password.
	177
	178	-realname <realname>
[568]	179	Connect with the specified real name. By default, the account's realname
	180	is used if set, otherwise the network's nickname is used.
[169]	181
	182	-nick <nickname>
	183	Connect with the specified nickname. By default, the account's username
	184	is used.
	185
[542]	186	-enabled true\|false
	187	Enable or disable the network. If the network is disabled, the bouncer
	188	won't connect to it. By default, the network is enabled.
	189
[524]	190	-connect-command <command>
	191	Send the specified command as a raw IRC message right after connecting
	192	to the server. This can be used to identify to an account when the
	193	server doesn't support SASL.
	194
	195	For instance, to identify with _NickServ_, the following command can be
	196	used:
	197
	198	```
	199	PRIVMSG NickServ :IDENTIFY <password>
	200	```
	201
	202	The flag can be specified multiple times to send multiple IRC messages.
	203	To clear all commands, set it to the empty string.
	204
[361]	205	network update <name> [options...]
	206	Update an existing network. The options are the same as the
	207	_network create_ command.
	208
	209	When this command is executed, soju will disconnect and re-connect to the
	210	network.
	211
[329]	212	network delete <name>
	213	Disconnect and delete a network.
	214
[577]	215	network quote <name> <command>
	216	Send a raw IRC line as-is to a network.
	217
[329]	218	network status
	219	Show a list of saved networks and their current status.
	220
[539]	221	channel status [options...]
	222	Show a list of saved channels and their current status.
	223
	224	Options:
	225
	226	-network <name>
	227	Only show channels for the specified network. By default, only the
	228	channels in the current network are displayed.
	229
[436]	230	channel update <name> [options...]
	231	Update the options of an existing channel.
	232
	233	Options are:
	234
	235	-relay-detached <mode>
	236	Set when to relay messages from detached channels to the user with a BouncerServ NOTICE.
	237
	238	Modes are:
	239
	240	message
	241	Relay any message from this channel when detached.
	242
	243	highlight
	244	Relay only messages mentioning you when detached.
	245
	246	none
	247	Don't relay any messages from this channel when detached.
	248
	249	default
	250	Currently same as highlight. This is the default behaviour.
	251
	252	-reattach-on <mode>
	253	Set when to automatically reattach to detached channels.
	254
	255	Modes are:
	256
	257	message
	258	Reattach to this channel when any message is received.
	259
	260	highlight
	261	Reattach to this channel when any message mentioning you is received.
	262
	263	none
	264	Never automatically reattach to this channel.
	265
	266	default
	267	Currently same as none. This is the default behaviour.
	268
	269	-detach-after <duration>
	270	Automatically detach this channel after the specified duration has elapsed without receving any message corresponding to -detach-on.
	271
	272	Example duration values: 1h30m, 30s, 2.5h.
	273
	274	Setting this value to 0 will disable this behaviour, i.e. this channel will never be automatically detached. This is the default behaviour.
	275
	276	-detach-on <mode>
	277	Set when to reset the auto-detach timer used by -detach-after, causing it to wait again for the auto-detach duration timer before detaching.
	278	Joining, reattaching, sending a message, or changing any channel option will reset the timer, in addition to the messages specified by the mode.
	279
	280	Modes are:
	281
	282	message
	283	Receiving any message from this channel will reset the auto-detach timer.
	284
	285	highlight
	286	Receiving any message mentioning you from this channel will reset the auto-detach timer.
	287
	288	none
	289	Receiving messages from this channel will not reset the auto-detach timer. Sending messages or joining the channel will still reset the timer.
	290
	291	default
	292	Currently same as message. This is the default behaviour.
	293
[361]	294	certfp generate [options...] <network name>
[365]	295	Generate self-signed certificate and use it for authentication (via SASL
	296	EXTERNAL).
[307]	297
[632]	298	Generates a 3072-bit RSA private key by default.
[307]	299
	300	Options are:
	301
	302	-key-type <type>
[632]	303	Private key algorithm to use. Valid values are: _rsa_, _ecdsa_ and
	304	_ed25519_. _ecdsa_ uses the NIST P-521 curve.
[307]	305
	306	-bits <bits>
	307	Size of RSA key to generate. Ignored for other key types.
	308
	309	certfp fingerprint <network name>
	310	Show SHA-1 and SHA-256 fingerprints for the certificate
	311	currently used with the network.
	312
[363]	313	sasl set-plain <network name> <username> <password>
	314	Set SASL PLAIN credentials.
	315
[364]	316	sasl reset <network name>
	317	Disable SASL authentication and remove stored credentials.
	318
[568]	319	user create -username <username> -password <password> [options...]
[331]	320	Create a new soju user. Only admin users can create new accounts.
[571]	321	The _-username_ and _-password_ flags are mandatory.
[329]	322
[631]	323	Options are:
[568]	324
[631]	325	-username <username>
	326	The bouncer username. This cannot be changed after the user has been
	327	created.
	328
	329	-password <password>
	330	The bouncer password.
	331
[625]	332	-admin true\|false
[568]	333	Make the new user an administrator.
	334
	335	-realname <realname>
	336	Set the user's realname. This is used as a fallback if there is no
	337	realname set for a network.
	338
[625]	339	user update [username] [options...]
	340	Update a user. The options are the same as the _user create_ command.
[568]	341
[625]	342	If _username_ is omitted, the current user is updated. Only admins can
	343	update other users.
	344
	345	Not all flags are valid in all contexts:
	346
	347	- The _-username_ flag is never valid, usernames are immutable.
	348	- The _-realname_ flag is only valid when updating the current user.
	349	- The _-admin_ flag is only valid when updating another user.
	350
[525]	351	user delete <username>
	352	Delete a soju user. Only admins can delete accounts.
	353
[605]	354	server status
	355	Show some bouncer statistics. Only admins can query this information.
	356
[615]	357	server notice <message>
	358	Broadcast a notice. All currently connected bouncer users will receive the
	359	message from the special _BouncerServ_ service. Only admins can broadcast a
	360	notice.
	361
[169]	362	# AUTHORS
	363
	364	Maintained by Simon Ser <contact@emersion.fr>, who is assisted by other
	365	open-source contributors. For more information about soju development, see
[630]	366	<https://sr.ht/~emersion/soju>.

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format