Context Navigation

soju.1.scd@ 695

Last change on this file since 695 was 694, checked in by contact, 4 years ago

Add config option to globally disable multi-upstream mode

Closes: https://todo.sr.ht/~emersion/soju/122

File size: 12.0 KB

Rev	Line
[169]	1	soju(1)
	2
	3	# NAME
	4
	5	soju - IRC bouncer
	6
	7	# SYNOPSIS
	8
	9	soju [options...]
	10
	11	# DESCRIPTION
	12
	13	soju is a user-friendly IRC bouncer. It connects to upstream IRC servers on
	14	behalf of the user to provide extra features.
	15
	16	- Multiple separate users sharing the same bouncer, each with their own
	17	upstream servers
	18	- Clients connecting to multiple upstream servers via a single connection to
	19	the bouncer
	20	- Sending the backlog (messages received while the user was disconnected from
	21	the bouncer), with per-client buffers
	22
	23	When joining a channel, the channel will be saved and automatically joined on
	24	the next connection. When registering or authenticating with NickServ, the
	25	credentials will be saved and automatically used on the next connection if the
[284]	26	server supports SASL. When parting a channel with the reason "detach", the
	27	channel will be detached instead of being left.
[169]	28
[214]	29	When all clients are disconnected from the bouncer, the user is automatically
	30	marked as away.
	31
[169]	32	soju supports two connection modes:
	33
	34	- Single upstream mode: one downstream connection maps to one upstream
	35	connection. To enable this mode, connect to the bouncer with the username
	36	"<username>/<network>". If the bouncer isn't connected to the upstream
	37	server, it will get automatically added. Then channels can be joined and
	38	parted as if you were directly connected to the upstream server.
	39	- Multiple upstream mode: one downstream connection maps to multiple upstream
	40	connections. Channels and nicks are suffixed with the network name. To join
	41	a channel, you need to use the suffix too: _/join #channel/network_. Same
	42	applies to messages sent to users.
	43
[190]	44	For per-client history to work, clients need to indicate their name. This can
	45	be done by adding a "@<client>" suffix to the username.
	46
[691]	47	soju will reload the configuration file, the TLS certificate/key and the MOTD
	48	file when it receives the HUP signal. The configuration options _listen_, _db_
	49	and _log_ cannot be reloaded.
[475]	50
[564]	51	Administrators can broadcast a message to all bouncer users via _/notice
	52	$<hostname> <text>_, or via _/notice $\* <text>_ in multi-upstream mode. All
	53	currently connected bouncer users will receive the message from the special
	54	_BouncerServ_ service.
	55
[169]	56	# OPTIONS
	57
	58	-h, -help
	59	Show help message and quit.
	60
	61	-config <path>
[264]	62	Path to the config file. If unset, a default config file is used.
[169]	63
	64	-debug
	65	Enable debug logging (this will leak sensitive information such as
	66	passwords).
	67
[317]	68	-listen <uri>
[491]	69	Listening URI (default: ":6697"). Can be specified multiple times.
[169]	70
	71	# CONFIG FILE
	72
	73	The config file has one directive per line.
	74
[368]	75	Example:
	76
	77	```
	78	listen ircs://
	79	tls cert.pem key.pem
	80	hostname example.org
	81	```
	82
	83	The following directives are supported:
	84
[317]	85	listen <uri>
	86	Listening URI (default: ":6697").
[169]	87
[317]	88	The following URIs are supported:
	89
	90	- _[ircs://][host][:port]_ listens with TLS over TCP (default port if
	91	omitted: 6697)
	92	- _irc+insecure://[host][:port]_ listens with plain-text over TCP (default
	93	port if omitted: 6667)
[466]	94	- _unix:///<path>_ listens on a Unix domain socket
[323]	95	- _wss://[host][:port]_ listens for WebSocket connections over TLS (default
	96	port: 443)
	97	- _ws+insecure://[host][:port]_ listens for plain-text WebSocket
	98	connections (default port: 80)
[386]	99	- _ident://[host][:port]_ listens for plain-text ident connections (default
	100	port: 113)
[317]	101
	102	If the scheme is omitted, "ircs" is assumed. If multiple listen
	103	directives are specified, soju will listen on each of them.
	104
[169]	105	hostname <name>
	106	Server hostname (default: system hostname).
	107
[662]	108	title <title>
	109	Server title. This will be sent as the _ISUPPORT NETWORK_ value when clients
	110	don't select a specific network.
	111
[169]	112	tls <cert> <key>
	113	Enable TLS support. The certificate and the key files must be PEM-encoded.
	114
[620]	115	db <driver> <source>
	116	Set the database location for user, network and channel storage. By default,
	117	a _sqlite3_ database is opened in "./soju.db".
[169]	118
[620]	119	Supported drivers:
	120
	121	- _sqlite3_ expects _source_ to be a path to the SQLite file
	122	- _postgres_ expects _source_ to be a space-separated list of _key=value_
	123	parameters, e.g. _db postgres "host=/run/postgresql dbname=soju"_. Note
	124	that _sslmode_ defaults to _require_. For more information on connection
	125	strings, see:
	126	<https://pkg.go.dev/github.com/lib/pq#hdr-Connection_String_Parameters>.
	127
[507]	128	log fs <path>
[264]	129	Path to the bouncer logs root directory, or empty to disable logging. By
	130	default, logging is disabled.
[178]	131
[323]	132	http-origin <patterns...>
	133	List of allowed HTTP origins for WebSocket listeners. The parameters are
	134	interpreted as shell patterns, see glob(7).
	135
[556]	136	By default, only the request host is authorized. Use this directive to
	137	enable cross-origin WebSockets.
	138
[370]	139	accept-proxy-ip <cidr...>
	140	Allow the specified IPs to act as a proxy. Proxys have the ability to
[611]	141	overwrite the remote and local connection addresses (via the PROXY protocol,
	142	the Forwarded HTTP header field defined in RFC 7239 or the X-Forwarded-\*
[426]	143	HTTP header fields). The special name "localhost" accepts the loopback
[611]	144	addresses 127.0.0.0/8 and ::1/128.
[370]	145
[611]	146	By default, all IPs are rejected.
	147
[612]	148	max-user-networks <limit>
	149	Maximum number of networks per user. By default, there is no limit.
	150
[636]	151	motd <path>
	152	Path to the MOTD file. The bouncer MOTD is sent to clients which aren't
	153	bound to a specific network. By default, no MOTD is sent.
	154
[694]	155	multi-upstream-mode true\|false
	156	Globally enable or disable multi-upstream mode. By default, multi-upstream
	157	mode is enabled.
	158
[169]	159	# IRC SERVICE
	160
	161	soju exposes an IRC service called BouncerServ to manage the bouncer.
	162	Commands can be sent via regular private messages
	163	(_/msg BouncerServ <command> [args...]_). Commands may be written in full or
	164	abbreviated form, for instance network can be abbreviated as net or just
	165	n.
	166
	167	help [command]
	168	Show a list of commands. If _command_ is specified, show a help message for
	169	the command.
	170
	171	network create -addr <addr> [options...]
[269]	172	Connect to a new network at _addr_. _-addr_ is mandatory.
[169]	173
[269]	174	_addr_ supports several connection types:
[317]	175
[353]	176	- _[ircs://]<host>[:port]_ connects with TLS over TCP
	177	- _irc+insecure://<host>[:port]_ connects with plain-text TCP
[369]	178	- _irc+unix:///<path>_ connects to a Unix socket
[269]	179
	180	Other options are:
	181
[169]	182	-name <name>
	183	Short network name. This will be used instead of _addr_ to refer to the
	184	network.
	185
	186	-username <username>
	187	Connect with the specified username. By default, the nickname is used.
	188
	189	-pass <pass>
	190	Connect with the specified server password.
	191
	192	-realname <realname>
[568]	193	Connect with the specified real name. By default, the account's realname
	194	is used if set, otherwise the network's nickname is used.
[169]	195
	196	-nick <nickname>
	197	Connect with the specified nickname. By default, the account's username
	198	is used.
	199
[542]	200	-enabled true\|false
	201	Enable or disable the network. If the network is disabled, the bouncer
	202	won't connect to it. By default, the network is enabled.
	203
[524]	204	-connect-command <command>
	205	Send the specified command as a raw IRC message right after connecting
	206	to the server. This can be used to identify to an account when the
	207	server doesn't support SASL.
	208
	209	For instance, to identify with _NickServ_, the following command can be
	210	used:
	211
	212	```
	213	PRIVMSG NickServ :IDENTIFY <password>
	214	```
	215
	216	The flag can be specified multiple times to send multiple IRC messages.
	217	To clear all commands, set it to the empty string.
	218
[361]	219	network update <name> [options...]
	220	Update an existing network. The options are the same as the
	221	_network create_ command.
	222
	223	When this command is executed, soju will disconnect and re-connect to the
	224	network.
	225
[329]	226	network delete <name>
	227	Disconnect and delete a network.
	228
[577]	229	network quote <name> <command>
	230	Send a raw IRC line as-is to a network.
	231
[329]	232	network status
	233	Show a list of saved networks and their current status.
	234
[539]	235	channel status [options...]
	236	Show a list of saved channels and their current status.
	237
	238	Options:
	239
	240	-network <name>
	241	Only show channels for the specified network. By default, only the
	242	channels in the current network are displayed.
	243
[436]	244	channel update <name> [options...]
	245	Update the options of an existing channel.
	246
	247	Options are:
	248
	249	-relay-detached <mode>
	250	Set when to relay messages from detached channels to the user with a BouncerServ NOTICE.
	251
	252	Modes are:
	253
	254	message
	255	Relay any message from this channel when detached.
	256
	257	highlight
	258	Relay only messages mentioning you when detached.
	259
	260	none
	261	Don't relay any messages from this channel when detached.
	262
	263	default
	264	Currently same as highlight. This is the default behaviour.
	265
	266	-reattach-on <mode>
	267	Set when to automatically reattach to detached channels.
	268
	269	Modes are:
	270
	271	message
	272	Reattach to this channel when any message is received.
	273
	274	highlight
	275	Reattach to this channel when any message mentioning you is received.
	276
	277	none
	278	Never automatically reattach to this channel.
	279
	280	default
	281	Currently same as none. This is the default behaviour.
	282
	283	-detach-after <duration>
	284	Automatically detach this channel after the specified duration has elapsed without receving any message corresponding to -detach-on.
	285
	286	Example duration values: 1h30m, 30s, 2.5h.
	287
	288	Setting this value to 0 will disable this behaviour, i.e. this channel will never be automatically detached. This is the default behaviour.
	289
	290	-detach-on <mode>
	291	Set when to reset the auto-detach timer used by -detach-after, causing it to wait again for the auto-detach duration timer before detaching.
	292	Joining, reattaching, sending a message, or changing any channel option will reset the timer, in addition to the messages specified by the mode.
	293
	294	Modes are:
	295
	296	message
	297	Receiving any message from this channel will reset the auto-detach timer.
	298
	299	highlight
	300	Receiving any message mentioning you from this channel will reset the auto-detach timer.
	301
	302	none
	303	Receiving messages from this channel will not reset the auto-detach timer. Sending messages or joining the channel will still reset the timer.
	304
	305	default
	306	Currently same as message. This is the default behaviour.
	307
[361]	308	certfp generate [options...] <network name>
[365]	309	Generate self-signed certificate and use it for authentication (via SASL
	310	EXTERNAL).
[307]	311
[632]	312	Generates a 3072-bit RSA private key by default.
[307]	313
	314	Options are:
	315
	316	-key-type <type>
[632]	317	Private key algorithm to use. Valid values are: _rsa_, _ecdsa_ and
	318	_ed25519_. _ecdsa_ uses the NIST P-521 curve.
[307]	319
	320	-bits <bits>
	321	Size of RSA key to generate. Ignored for other key types.
	322
	323	certfp fingerprint <network name>
	324	Show SHA-1 and SHA-256 fingerprints for the certificate
	325	currently used with the network.
	326
[363]	327	sasl set-plain <network name> <username> <password>
	328	Set SASL PLAIN credentials.
	329
[364]	330	sasl reset <network name>
	331	Disable SASL authentication and remove stored credentials.
	332
[568]	333	user create -username <username> -password <password> [options...]
[331]	334	Create a new soju user. Only admin users can create new accounts.
[571]	335	The _-username_ and _-password_ flags are mandatory.
[329]	336
[631]	337	Options are:
[568]	338
[631]	339	-username <username>
	340	The bouncer username. This cannot be changed after the user has been
	341	created.
	342
	343	-password <password>
	344	The bouncer password.
	345
[625]	346	-admin true\|false
[568]	347	Make the new user an administrator.
	348
	349	-realname <realname>
	350	Set the user's realname. This is used as a fallback if there is no
	351	realname set for a network.
	352
[625]	353	user update [username] [options...]
	354	Update a user. The options are the same as the _user create_ command.
[568]	355
[625]	356	If _username_ is omitted, the current user is updated. Only admins can
	357	update other users.
	358
	359	Not all flags are valid in all contexts:
	360
	361	- The _-username_ flag is never valid, usernames are immutable.
	362	- The _-realname_ flag is only valid when updating the current user.
	363	- The _-admin_ flag is only valid when updating another user.
	364
[525]	365	user delete <username>
	366	Delete a soju user. Only admins can delete accounts.
	367
[605]	368	server status
	369	Show some bouncer statistics. Only admins can query this information.
	370
[615]	371	server notice <message>
	372	Broadcast a notice. All currently connected bouncer users will receive the
	373	message from the special _BouncerServ_ service. Only admins can broadcast a
	374	notice.
	375
[169]	376	# AUTHORS
	377
	378	Maintained by Simon Ser <contact@emersion.fr>, who is assisted by other
	379	open-source contributors. For more information about soju development, see
[630]	380	<https://sr.ht/~emersion/soju>.

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format