Context Navigation

soju.1.scd@ 772

Last change on this file since 772 was 772, checked in by contact, 3 years ago

service: make name arg optional for network commands

Makes commands less verbose.

File size: 13.5 KB

Rev	Line
[169]	1	soju(1)
	2
	3	# NAME
	4
	5	soju - IRC bouncer
	6
	7	# SYNOPSIS
	8
	9	soju [options...]
	10
	11	# DESCRIPTION
	12
	13	soju is a user-friendly IRC bouncer. It connects to upstream IRC servers on
	14	behalf of the user to provide extra features.
	15
	16	- Multiple separate users sharing the same bouncer, each with their own
	17	upstream servers
	18	- Clients connecting to multiple upstream servers via a single connection to
	19	the bouncer
	20	- Sending the backlog (messages received while the user was disconnected from
	21	the bouncer), with per-client buffers
	22
	23	When joining a channel, the channel will be saved and automatically joined on
	24	the next connection. When registering or authenticating with NickServ, the
	25	credentials will be saved and automatically used on the next connection if the
[284]	26	server supports SASL. When parting a channel with the reason "detach", the
	27	channel will be detached instead of being left.
[169]	28
[214]	29	When all clients are disconnected from the bouncer, the user is automatically
	30	marked as away.
	31
[169]	32	soju supports two connection modes:
	33
	34	- Single upstream mode: one downstream connection maps to one upstream
	35	connection. To enable this mode, connect to the bouncer with the username
	36	"<username>/<network>". If the bouncer isn't connected to the upstream
	37	server, it will get automatically added. Then channels can be joined and
	38	parted as if you were directly connected to the upstream server.
	39	- Multiple upstream mode: one downstream connection maps to multiple upstream
	40	connections. Channels and nicks are suffixed with the network name. To join
	41	a channel, you need to use the suffix too: _/join #channel/network_. Same
	42	applies to messages sent to users.
	43
[190]	44	For per-client history to work, clients need to indicate their name. This can
	45	be done by adding a "@<client>" suffix to the username.
	46
[691]	47	soju will reload the configuration file, the TLS certificate/key and the MOTD
	48	file when it receives the HUP signal. The configuration options _listen_, _db_
	49	and _log_ cannot be reloaded.
[475]	50
[564]	51	Administrators can broadcast a message to all bouncer users via _/notice
	52	$<hostname> <text>_, or via _/notice $\* <text>_ in multi-upstream mode. All
	53	currently connected bouncer users will receive the message from the special
	54	_BouncerServ_ service.
	55
[169]	56	# OPTIONS
	57
	58	-h, -help
	59	Show help message and quit.
	60
	61	-config <path>
[264]	62	Path to the config file. If unset, a default config file is used.
[169]	63
	64	-debug
	65	Enable debug logging (this will leak sensitive information such as
	66	passwords).
	67
[317]	68	-listen <uri>
[491]	69	Listening URI (default: ":6697"). Can be specified multiple times.
[169]	70
	71	# CONFIG FILE
	72
	73	The config file has one directive per line.
	74
[368]	75	Example:
	76
	77	```
	78	listen ircs://
	79	tls cert.pem key.pem
	80	hostname example.org
	81	```
	82
	83	The following directives are supported:
	84
[317]	85	listen <uri>
	86	Listening URI (default: ":6697").
[169]	87
[317]	88	The following URIs are supported:
	89
	90	- _[ircs://][host][:port]_ listens with TLS over TCP (default port if
	91	omitted: 6697)
	92	- _irc+insecure://[host][:port]_ listens with plain-text over TCP (default
	93	port if omitted: 6667)
[466]	94	- _unix:///<path>_ listens on a Unix domain socket
[323]	95	- _wss://[host][:port]_ listens for WebSocket connections over TLS (default
	96	port: 443)
	97	- _ws+insecure://[host][:port]_ listens for plain-text WebSocket
	98	connections (default port: 80)
[386]	99	- _ident://[host][:port]_ listens for plain-text ident connections (default
	100	port: 113)
[707]	101	- _http+prometheus://localhost:<port>_ listens for plain-text HTTP
	102	connections and serves Prometheus metrics (host must be "localhost")
[713]	103	- _http+pprof://localhost:<port>_ listens for plain-text HTTP connections
	104	and serves pprof runtime profiling data (host must be "localhost"). For
	105	more information, see: <https://pkg.go.dev/net/http/pprof>.
[317]	106
	107	If the scheme is omitted, "ircs" is assumed. If multiple listen
	108	directives are specified, soju will listen on each of them.
	109
[169]	110	hostname <name>
	111	Server hostname (default: system hostname).
	112
[662]	113	title <title>
	114	Server title. This will be sent as the _ISUPPORT NETWORK_ value when clients
	115	don't select a specific network.
	116
[169]	117	tls <cert> <key>
	118	Enable TLS support. The certificate and the key files must be PEM-encoded.
	119
[620]	120	db <driver> <source>
	121	Set the database location for user, network and channel storage. By default,
	122	a _sqlite3_ database is opened in "./soju.db".
[169]	123
[620]	124	Supported drivers:
	125
	126	- _sqlite3_ expects _source_ to be a path to the SQLite file
	127	- _postgres_ expects _source_ to be a space-separated list of _key=value_
	128	parameters, e.g. _db postgres "host=/run/postgresql dbname=soju"_. Note
	129	that _sslmode_ defaults to _require_. For more information on connection
	130	strings, see:
	131	<https://pkg.go.dev/github.com/lib/pq#hdr-Connection_String_Parameters>.
	132
[507]	133	log fs <path>
[264]	134	Path to the bouncer logs root directory, or empty to disable logging. By
	135	default, logging is disabled.
[178]	136
[323]	137	http-origin <patterns...>
	138	List of allowed HTTP origins for WebSocket listeners. The parameters are
	139	interpreted as shell patterns, see glob(7).
	140
[556]	141	By default, only the request host is authorized. Use this directive to
	142	enable cross-origin WebSockets.
	143
[370]	144	accept-proxy-ip <cidr...>
	145	Allow the specified IPs to act as a proxy. Proxys have the ability to
[611]	146	overwrite the remote and local connection addresses (via the PROXY protocol,
	147	the Forwarded HTTP header field defined in RFC 7239 or the X-Forwarded-\*
[426]	148	HTTP header fields). The special name "localhost" accepts the loopback
[611]	149	addresses 127.0.0.0/8 and ::1/128.
[370]	150
[611]	151	By default, all IPs are rejected.
	152
[612]	153	max-user-networks <limit>
	154	Maximum number of networks per user. By default, there is no limit.
	155
[636]	156	motd <path>
	157	Path to the MOTD file. The bouncer MOTD is sent to clients which aren't
	158	bound to a specific network. By default, no MOTD is sent.
	159
[694]	160	multi-upstream-mode true\|false
	161	Globally enable or disable multi-upstream mode. By default, multi-upstream
	162	mode is enabled.
	163
[705]	164	upstream-user-ip <cidr...>
	165	Enable per-user IP addresses. One IPv4 range and/or one IPv6 range can be
	166	specified in CIDR notation. One IP address per range will be assigned to
	167	each user and will be used as the source address when connecting to an
	168	upstream network.
	169
	170	This can be useful to avoid having the whole bouncer banned from an upstream
	171	network because of one malicious user.
	172
[169]	173	# IRC SERVICE
	174
	175	soju exposes an IRC service called BouncerServ to manage the bouncer.
	176	Commands can be sent via regular private messages
	177	(_/msg BouncerServ <command> [args...]_). Commands may be written in full or
	178	abbreviated form, for instance network can be abbreviated as net or just
	179	n.
	180
	181	help [command]
	182	Show a list of commands. If _command_ is specified, show a help message for
	183	the command.
	184
	185	network create -addr <addr> [options...]
[269]	186	Connect to a new network at _addr_. _-addr_ is mandatory.
[169]	187
[269]	188	_addr_ supports several connection types:
[317]	189
[353]	190	- _[ircs://]<host>[:port]_ connects with TLS over TCP
	191	- _irc+insecure://<host>[:port]_ connects with plain-text TCP
[369]	192	- _irc+unix:///<path>_ connects to a Unix socket
[269]	193
[728]	194	For example, to connect to Libera Chat:
	195
	196	```
	197	net create -addr irc.libera.chat
	198	```
	199
[269]	200	Other options are:
	201
[169]	202	-name <name>
	203	Short network name. This will be used instead of _addr_ to refer to the
	204	network.
	205
	206	-username <username>
	207	Connect with the specified username. By default, the nickname is used.
	208
	209	-pass <pass>
	210	Connect with the specified server password.
	211
	212	-realname <realname>
[568]	213	Connect with the specified real name. By default, the account's realname
	214	is used if set, otherwise the network's nickname is used.
[169]	215
	216	-nick <nickname>
	217	Connect with the specified nickname. By default, the account's username
	218	is used.
	219
[542]	220	-enabled true\|false
	221	Enable or disable the network. If the network is disabled, the bouncer
	222	won't connect to it. By default, the network is enabled.
	223
[524]	224	-connect-command <command>
	225	Send the specified command as a raw IRC message right after connecting
	226	to the server. This can be used to identify to an account when the
	227	server doesn't support SASL.
	228
	229	For instance, to identify with _NickServ_, the following command can be
	230	used:
	231
	232	```
	233	PRIVMSG NickServ :IDENTIFY <password>
	234	```
	235
	236	The flag can be specified multiple times to send multiple IRC messages.
	237	To clear all commands, set it to the empty string.
	238
[772]	239	network update [name] [options...]
[361]	240	Update an existing network. The options are the same as the
	241	_network create_ command.
	242
	243	When this command is executed, soju will disconnect and re-connect to the
	244	network.
	245
[772]	246	If _name_ is not specified, the current network is updated.
	247
	248	network delete [name]
[329]	249	Disconnect and delete a network.
	250
[772]	251	If _name_ is not specified, the current network is deleted.
	252
	253	network quote [name] <command>
[577]	254	Send a raw IRC line as-is to a network.
	255
[772]	256	If _name_ is not specified, the command is sent to the current network.
	257
[329]	258	network status
	259	Show a list of saved networks and their current status.
	260
[539]	261	channel status [options...]
	262	Show a list of saved channels and their current status.
	263
	264	Options:
	265
	266	-network <name>
	267	Only show channels for the specified network. By default, only the
	268	channels in the current network are displayed.
	269
[436]	270	channel update <name> [options...]
	271	Update the options of an existing channel.
	272
	273	Options are:
	274
	275	-relay-detached <mode>
	276	Set when to relay messages from detached channels to the user with a BouncerServ NOTICE.
	277
	278	Modes are:
	279
	280	message
	281	Relay any message from this channel when detached.
	282
	283	highlight
	284	Relay only messages mentioning you when detached.
	285
	286	none
	287	Don't relay any messages from this channel when detached.
	288
	289	default
	290	Currently same as highlight. This is the default behaviour.
	291
	292	-reattach-on <mode>
	293	Set when to automatically reattach to detached channels.
	294
	295	Modes are:
	296
	297	message
	298	Reattach to this channel when any message is received.
	299
	300	highlight
	301	Reattach to this channel when any message mentioning you is received.
	302
	303	none
	304	Never automatically reattach to this channel.
	305
	306	default
	307	Currently same as none. This is the default behaviour.
	308
	309	-detach-after <duration>
	310	Automatically detach this channel after the specified duration has elapsed without receving any message corresponding to -detach-on.
	311
	312	Example duration values: 1h30m, 30s, 2.5h.
	313
	314	Setting this value to 0 will disable this behaviour, i.e. this channel will never be automatically detached. This is the default behaviour.
	315
	316	-detach-on <mode>
	317	Set when to reset the auto-detach timer used by -detach-after, causing it to wait again for the auto-detach duration timer before detaching.
	318	Joining, reattaching, sending a message, or changing any channel option will reset the timer, in addition to the messages specified by the mode.
	319
	320	Modes are:
	321
	322	message
	323	Receiving any message from this channel will reset the auto-detach timer.
	324
	325	highlight
	326	Receiving any message mentioning you from this channel will reset the auto-detach timer.
	327
	328	none
	329	Receiving messages from this channel will not reset the auto-detach timer. Sending messages or joining the channel will still reset the timer.
	330
	331	default
	332	Currently same as message. This is the default behaviour.
	333
[771]	334	certfp generate [options...]
[365]	335	Generate self-signed certificate and use it for authentication (via SASL
	336	EXTERNAL).
[307]	337
[632]	338	Generates a 3072-bit RSA private key by default.
[307]	339
	340	Options are:
	341
[771]	342	-network <name>
	343	Select a network. By default, the current network is selected, if any.
	344
[307]	345	-key-type <type>
[632]	346	Private key algorithm to use. Valid values are: _rsa_, _ecdsa_ and
	347	_ed25519_. _ecdsa_ uses the NIST P-521 curve.
[307]	348
	349	-bits <bits>
	350	Size of RSA key to generate. Ignored for other key types.
	351
[771]	352	certfp fingerprint [options...]
[307]	353	Show SHA-1 and SHA-256 fingerprints for the certificate
	354	currently used with the network.
	355
[771]	356	Options are:
	357
	358	-network <name>
	359	Select a network. By default, the current network is selected, if any.
	360
	361	sasl status [options...]
[730]	362	Show current SASL status.
	363
[771]	364	Options are:
	365
	366	-network <name>
	367	Select a network. By default, the current network is selected, if any.
	368
	369	sasl set-plain [options...] <username> <password>
[363]	370	Set SASL PLAIN credentials.
	371
[771]	372	Options are:
	373
	374	-network <name>
	375	Select a network. By default, the current network is selected, if any.
	376
	377	sasl reset [options...]
[364]	378	Disable SASL authentication and remove stored credentials.
	379
[771]	380	Options are:
	381
	382	-network <name>
	383	Select a network. By default, the current network is selected, if any.
	384
[568]	385	user create -username <username> -password <password> [options...]
[331]	386	Create a new soju user. Only admin users can create new accounts.
[571]	387	The _-username_ and _-password_ flags are mandatory.
[329]	388
[631]	389	Options are:
[568]	390
[631]	391	-username <username>
	392	The bouncer username. This cannot be changed after the user has been
	393	created.
	394
	395	-password <password>
	396	The bouncer password.
	397
[625]	398	-admin true\|false
[568]	399	Make the new user an administrator.
	400
	401	-realname <realname>
	402	Set the user's realname. This is used as a fallback if there is no
	403	realname set for a network.
	404
[625]	405	user update [username] [options...]
	406	Update a user. The options are the same as the _user create_ command.
[568]	407
[625]	408	If _username_ is omitted, the current user is updated. Only admins can
	409	update other users.
	410
	411	Not all flags are valid in all contexts:
	412
	413	- The _-username_ flag is never valid, usernames are immutable.
	414	- The _-realname_ flag is only valid when updating the current user.
	415	- The _-admin_ flag is only valid when updating another user.
	416
[525]	417	user delete <username>
	418	Delete a soju user. Only admins can delete accounts.
	419
[605]	420	server status
	421	Show some bouncer statistics. Only admins can query this information.
	422
[615]	423	server notice <message>
	424	Broadcast a notice. All currently connected bouncer users will receive the
	425	message from the special _BouncerServ_ service. Only admins can broadcast a
	426	notice.
	427
[169]	428	# AUTHORS
	429
	430	Maintained by Simon Ser <contact@emersion.fr>, who is assisted by other
	431	open-source contributors. For more information about soju development, see
[630]	432	<https://sr.ht/~emersion/soju>.

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format