aboutsummaryrefslogtreecommitdiffstats
path: root/roles/znc
diff options
context:
space:
mode:
authorAaron LI <aly@aaronly.me>2019-09-22 13:03:02 +0800
committerAaron LI <aly@aaronly.me>2019-09-22 13:03:02 +0800
commit1975ac785727e1a19931e202d0e670e8c0905641 (patch)
tree7d0352e61594a55821bb70e6072f393a4c544768 /roles/znc
parent3a46c140fe496dba09726ffe31995bce92cad07f (diff)
downloadansible-dfly-vps-1975ac785727e1a19931e202d0e670e8c0905641.tar.bz2
znc: Use multiple servers and enable SSL
But accept all certificates, because most IRC servers use self-signed certificates.
Diffstat (limited to 'roles/znc')
-rw-r--r--roles/znc/templates/znc.conf.j212
1 files changed, 8 insertions, 4 deletions
diff --git a/roles/znc/templates/znc.conf.j2 b/roles/znc/templates/znc.conf.j2
index 6b96611..2380ad4 100644
--- a/roles/znc/templates/znc.conf.j2
+++ b/roles/znc/templates/znc.conf.j2
@@ -22,6 +22,8 @@ SSLCertFile = {{ znc.data_dir }}/ssl.crt
SSLKeyFile = {{ znc.data_dir }}/ssl.key
SSLDHParamFile = /usr/local/etc/ssl/dhparam4096.pem
+LoadModule = adminlog
+
// NOTE: DragonFly BSD doesn't allow using "IPV6_V6ONLY=0" to bind on
// both IPv4 & IPv6, therefore bind them separately.
{% for listener in ["ipv4", "ipv6"] %}
@@ -89,10 +91,12 @@ SSLDHParamFile = /usr/local/etc/ssl/dhparam4096.pem
// Auth with NickServ
LoadModule = nickserv
- Server = {{ net.server }} {% if net.ssl|default(false) %}+{% endif%}{{ net.port }} {{ net.password|default("") }}
- {% if net.fingerprint is defined -%}
- TrustedServerFingerprint = {{ net.fingerprint }}
- {% endif %}
+ {% for server in net.servers -%}
+ Server = {{ server.name }} {% if server.ssl|default(false) %}+{% endif%}{{ server.port }} {{ server.password|default("") }}
+ {% endfor %}
+
+ TrustPKI = true
+ TrustAllCerts = true
{% for ch in net.channels -%}
<Chan #{{ ch | regex_replace('^#', '') }}>