diff options
author | Aaron LI <aly@aaronly.me> | 2019-09-22 13:03:02 +0800 |
---|---|---|
committer | Aaron LI <aly@aaronly.me> | 2019-09-22 13:03:02 +0800 |
commit | 1975ac785727e1a19931e202d0e670e8c0905641 (patch) | |
tree | 7d0352e61594a55821bb70e6072f393a4c544768 /roles/znc | |
parent | 3a46c140fe496dba09726ffe31995bce92cad07f (diff) | |
download | ansible-dfly-vps-1975ac785727e1a19931e202d0e670e8c0905641.tar.bz2 |
znc: Use multiple servers and enable SSL
But accept all certificates, because most IRC servers use self-signed
certificates.
Diffstat (limited to 'roles/znc')
-rw-r--r-- | roles/znc/templates/znc.conf.j2 | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/roles/znc/templates/znc.conf.j2 b/roles/znc/templates/znc.conf.j2 index 6b96611..2380ad4 100644 --- a/roles/znc/templates/znc.conf.j2 +++ b/roles/znc/templates/znc.conf.j2 @@ -22,6 +22,8 @@ SSLCertFile = {{ znc.data_dir }}/ssl.crt SSLKeyFile = {{ znc.data_dir }}/ssl.key SSLDHParamFile = /usr/local/etc/ssl/dhparam4096.pem +LoadModule = adminlog + // NOTE: DragonFly BSD doesn't allow using "IPV6_V6ONLY=0" to bind on // both IPv4 & IPv6, therefore bind them separately. {% for listener in ["ipv4", "ipv6"] %} @@ -89,10 +91,12 @@ SSLDHParamFile = /usr/local/etc/ssl/dhparam4096.pem // Auth with NickServ LoadModule = nickserv - Server = {{ net.server }} {% if net.ssl|default(false) %}+{% endif%}{{ net.port }} {{ net.password|default("") }} - {% if net.fingerprint is defined -%} - TrustedServerFingerprint = {{ net.fingerprint }} - {% endif %} + {% for server in net.servers -%} + Server = {{ server.name }} {% if server.ssl|default(false) %}+{% endif%}{{ server.port }} {{ server.password|default("") }} + {% endfor %} + + TrustPKI = true + TrustAllCerts = true {% for ch in net.channels -%} <Chan #{{ ch | regex_replace('^#', '') }}> |