Tip of the day: The blacklist { } block can be used to ban known troublemakers that are listed in blacklists like EfnetRBL and DroneBL. |
Remote includes
Remote includes are a great way to share your configuration settings between servers.
You simply put your (shared) configuration files on a secure location, like a trusted web server. IRC servers will then fetch the configuration from there when they boot or the configuration is /REHASH'ed.
Later on you can change the configuration file on the web server and just run /REHASH -all
on IRC. All IRC servers on your network will then reload the configuration, including your changes.
Example
In the example below we will assume you have a website called admin.example.org:
Create and password-protect a HTTP directory
Note: operations below are executed on the shell and assume shell access. You may possibly achieve the same via an admin panel like cPanel and SCP/SFTP.
- SSH to your www shell, go to the WWW directory and create a directory to store the configuration files:
irc@system:~$ cd public_html irc@system:~/public_html$ mkdir conf irc@system:~/public_html$ cd conf irc@system:~/public_html/conf$
- Create an .htaccess file
irc@system:~/public_html/conf$ nano .htaccess
Put in that file the following (change the path where needed!):
AuthType Basic AuthName "restricted test" AuthUserFile /home/irc/public_html/conf/.htpasswd require valid-user
- Create a .htpasswd file with the appropriate password
irc@system:~/public_html/conf$ htpasswd -c /home/irc/public_html/conf/.htpasswd restricted New password: Re-type new password: Adding password for user 'restricted'
- Create or upload a file called opers.conf in this ~/public_html/conf/ directory.
Use remote includes to fetch the conf
This is simple, you just write down the URL in the include directive. In our example that would be like this:
HTTPS is best, but requires your site to have HTTPS enabled:
include "https://restricted:[email protected]/conf/opers.conf";
Nginx tips
If you use nginx rather than apache as webserver, the way to configure the location is:
location ~* ^/conf/*$ { auth_basic "Remote configuration"; auth_basic_user_file /home/irc/public_html/conf/.htpasswd; }
What if your web server is down
When UnrealIRCd can't load a remote include it will used a "cache copy" (stored in the cache/ subdirectory in UnrealIRCd). A cached copy is always available, unless you are including the URL for the first time.
This way, you can safely use remote includes. Even if there's an outage at your web server, your IRC servers will still be able to boot or REHASH. (Many years ago this wasn't the case and an outage of the web servers would cause a really problematic situation)