source: code/trunk/doc/suika-config.5@ 824

'\" t
.\"     Title: suika-config
.\"    Author: Simon Ser and contributors / Izuru Yakumo
.\" Generator: Asciidoctor 2.0.20
.\"      Date: 2023-09-15
.\"    Manual: Suika IRC Bouncer
.\"    Source: SUIKA-CONFIG
.\"  Language: English
.\"
.TH "SUIKA\-CONFIG" "5" "2023-09-15" "SUIKA\-CONFIG" "Suika IRC Bouncer"
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.ss \n[.ss] 0
.nh
.ad l
.de URL
\fI\\$2\fP <\\$1>\\$3
..
.als MTO URL
.if \n[.g] \{\
.  mso www.tmac
.  am URL
.    ad l
.  .
.  am MTO
.    ad l
.  .
.  LINKSTYLE blue R < >
.\}
.SH "NAME"
suika-config \- Configuration file for suika(1)
.SH "DESCRIPTION"
.sp
The config file has one directive per line
.sp
Example:
.sp
listen ircs://
tls cert.pem key.pem
hostname example.org
.sp
The following directives are supported:
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
listen <uri>
Listening URI (default ":6697")
.RE
.sp
The following URIs are supported:
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
ircs://host:port
Listens with TLS over TCP
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
irc+insecure://host:port
Listens with plain\-text over TCP
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
unix:///<path>
Listens on a Unix domain socket
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
wss://host:port
Listens for WebSocket connections over TLS
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
ws+insecure://host:port
Listens for plain\-text WebSocket connections
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
ident://host:port
Listens for plain\-text ident connections
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
http+prometheus://host:port
Listens for plain\-text HTTP connections and serves Prometheus metrics (host must be "localhost")
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
http+pprof://host:port
Listens for plain\-text HTTP connections and serves pprof runtime profiling data (host must be "localhost")
For more information, see: \c
.URL "https://pkg.go.dev/net/http/pprof" "" "."
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
hostname <name>
Server hostname
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
title <title>
Server title. This will be sent as the ISUPPORT NETWORK value when clients don\(cqt select a specific network.
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
tls <cert> <key>
Enable TLS support. The certificate and key files must be PEM\-encoded.
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
db <driver> <source>
Set the database location for user, network and channel storage.
By default, a sqlite3 database is opened in ./suika.db.
.RE
.sp
Supported drivers:
* sqlite3: expects source to be a path to the SQLite file
* postgres: expects source to be a space\- separated list of key=value parameters, e.g. db postgres host=/run/postgresql dbname=suika.
Note that sslmode defaults to require.
For more information on connection strings, see: \c
.URL "https://pkg.go.dev/github.com/lib/pq#hdr\-Connection_String_Parameters" "" ""
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
log fs <path>
Path to the bouncer logs directory, or empty to disable logging.
By default, logging is disabled.
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
http\-origin <patterns>
List of allowed HTTP origins for WebSocket listeners. The parameters are interpreted as shell patterns, see glob(3)
By default, only the request host is authorized. Use this directive to enable cross\-origin WebSockets.
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
accept\-proxy\-ip <cidr..>
Allow the specified IPs to act as a proxy.
Proxies have the ability to overwrite the remote and local connection addresses (via the PROXY protocol, the Forwarded HTTP header field defined in RFC 7239 or the X\-Forwarded\- HTTP header fields).
The special name "localhost" accepts the loopback addresses 127.0.0.0/8 and ::1/128.
By default, all IPs are rejected.
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
max\-user\-networks <limit>
Maximum number of networks per user. By default, there is no limit.
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
motd <path>
Path to the MOTD file.
The bouncer MOTD is sent to clients which aren\(cqt bound to a specific network.
By default, no MOTD is sent.
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
multi\-upstream\-mode <true|false>
Globally enable or disable multi\-upstream mode.
By default, multi\-upstream mode is enabled.
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.  sp -1
.  IP \(bu 2.3
.\}
upstream\-user\-ip <cidr...>
Enable per\-user IP addresses.
One IPv4 range and/or one IPv6 range can be specified in CIDR notation.
One IP address per range will be assigned to each user and will be used as the source address when connecting to an upstream network.
This can be useful to avoid having the whole bouncer banned from an upstream network because of one malicious user.
.RE
.SH "SEE ALSO"
.sp
suika(1)
suikadb(1)
suika\-znc\-import(1)
suika\-bouncerserv(7)
.SH "AUTHOR"
.sp
Simon Ser and contributors / Izuru Yakumo