From c60e32a9ad070e5a80df1e82606ab80e0b69a60b Mon Sep 17 00:00:00 2001
From: Art Cancro
Once your Citadel server is up and running, the first thing you'll +want to do is customize and tune it. This can be done from the +text-based client with the +.Aide System configuration General +command, +or from WebCit (if you have it installed) by clicking 'Advanced Options' +followed by 'Edit site-wide configuration.' Either method will offer the +same configuration options. This document shows the text mode client +being used.
+ +The first set of options deal with the identification of your system.
+ ++Lobby> . Aide System configuration General +Node name [uncnsrd]: +Fully qualified domain name [uncensored.citadel.org]: +Human readable node name [Uncensored]: +Modem dialup number [US 914 999 9999]: +Geographic location of this system [Mount Kisco, NY]: +Name of system administrator [IGnatius T Foobar]: +Paginator prompt [+ +]: +
'Node name' refers to the short, unqualified node name by which your +system is known on a Citadel network. Generally it will be the same as the +unqualified host name of your computer; this is, in fact, the default +setting.
+ +Then enter the fully-qualified domain name (FQDN) of your system. If you +are not on the Internet, you can simply set it to the same as your +unqualified host name. Otherwise you should set this value +to the host name by which your system is most commonly known.
+ +The field called 'Human-readable node name' (also known as the 'node +title' or 'organization name' in other software) is used solely for display +purposes. Set it to the actual name of your system as you want it to appear +in banners, messages, etc.
+ +If you have a modem or bank of modems answering data calls for your +system, enter it in the field marked 'Modem dialup number.' Otherwise you +may leave it blank.
+ +'Geographic location of this system' is another display field. Enter a +city and state, or city and country.
+ +'Name of system administrator' is important! Any user who logs on with +the name you enter here will automatically be granted Aide privileges. +This is one of two ways for the system administrator to grant +himself/herself Aide access to the system when initially setting it up. (The +other is simply to have the first account created on a new installation.)
+ + +The next set of options are your system's security settings. Before +delving into the actual options, we should review the various access +levels available on the system. Citadel has seven access levels:
+ ++Require registration for new users [No]: No +Disable self-service user account creation [No]: No +Initial access level for new users [4]: +Access level required to create rooms [4]: +Automatically give room aide privs to a user who creates a private room [No]: No + +Automatically move problem user messages to twit room [Yes]: Yes +Name of twit room [Trashcan]: +Restrict Internet mail to only those with that privilege [No]: No +Allow Aides to Zap (forget) rooms [Yes]: Yes +Allow system Aides access to user mailboxes [Yes]: Yes +Log all pages [No]: No ++ +
'Registration' refers to the process of a user entering various personal +contact information (real name, address, telephone number, etc.) into the +system. When enabled, this information is stored as a vCard object on +the system in two places: the user's My Citadel Config> +room, and in +the Global Address Book> +room. (Note: the latter should be made private +on publicly-accessible systems, for obvious reasons.)
+ +If you answer Yes to 'Require registration for new users' then each new +user, upon creating a new account, will immediately be entered into the +registration process. On the other hand, if you answer Yes to +'Disable self-service user account creation' then new users will not +be able to log in at all -- all accounts must be created by an Aide.
+ +'Initial access level for new users' should be set to 1 (New User) if you +would like to review each new user's registration info before granting +them higher access. This would be done periodically with the +.Aide Validate new users +command. If you do not require registration, you +should set the initial access level to 4 (Network User).
+ +Given the above options, it then becomes clear that there are generally +two ways you can set up your Citadel system, depending on its purpose:
+ +'Access level required to create rooms' is up to you. You might wish to +restrict the creation of new rooms only to Aides, or you might wish to +allow anyone to create a room. The latter is one of the Citadel +culture's most long-standing traditions; the former may be appropriate if +users are abusing this privilege.
+ +You have the ability to 'Automatically give room aide privs to a user who +creates a private room.' If you answer Yes, then any user who creates a +guess-name, passworded, or invitation-only room will automatically become +the room aide, and will have access to a subset of the .Aide +command set while in that room. If you would rather grant this permission +manually, answer No.
+ +Another tradition in the Citadel culture is to refrain from deleting +problem users, but instead to 'twit' them (reduce their access level to 2 +[Problem User]). You can then 'Automatically move problem user messages +to twit room' (answer Yes, then specify 'Name of twit room' and remember +to create that room). If you employ this logic, any user with level 2 +(Problem User) access will continue to have access to the same set of +rooms, but all messages posted will automatically be routed to the +Trashcan (or whatever you call your twit room).
+ +If you have Internet mail configured, you have the option of +restricting its use on a user-by-user basis. If you wish to do this, +answer Yes to 'Restrict Internet mail to only those with that privilege.' +Obviously this makes no sense for an internal e-mail system, but for a +public BBS it might be appropriate.
+ +Normally, Aides have access to every room, public or private, except +for user mailboxes. They are also forbidden from Zapping +rooms, because the review of content is considered one of their roles. If +you wish to change these policies, the next two options allow you to. You +may 'Allow Aides to Zap (forget) rooms', in which case they may use the +Zap command just like any other user. Furthermore, if you +'Allow system Aides access to user mailboxes', then they may +.Goto any private mailbox belonging to any user, using a +special room name format.
+ +If your local security and/or privacy policy dictates that you keep a +log of all pages (instant messages) that go through the system, then answer +Yes to 'Log all pages'. If you answer Yes, you will be prompted for the +name of a room to which all pages will be logged. If you answer No, then +only the sender and recipient of each individual message will receive a +copy.
+ +The next set of options deals with the tuning of your system. It is +usually safe to leave these untouched.
+ ++Server connection idle timeout (in seconds) [900]: +Maximum concurrent sessions [20]: +Maximum message length [2147483647]: +Minimum number of worker threads [5]: +Maximum number of worker threads [256]: ++ +
The 'Server connection idle timeout' is for the connection between client +and server software. It is not an idle timer for the user interface. +900 seconds (15 minutes) is the default and a sane setting.
+ +'Maximum concurrent sessions' is the highest number of user sessions you +wish to allow on your system at any given time. Citadel can scale to +hundreds of concurrent users, but if you have limited hardware or (more +likely) limited bandwidth, you might wish to set a maximum. You can also +set it to zero for no limit.
+ +'Maximum message length' is just that. This could be a good way to +prevent enormous multimedia files from finding their way into your +message base. This maximum is enforced in all protocols and is also +advertised by the ESMTP service.
+ +The minimum and maximum number of worker threads can be tuned to your +liking. Citadel will attempt to keep one worker thread running per +session, within these constraints. You should be aware that due to the +use of the worker thread model, Citadel can handle a large number of +concurrent sessions with a much smaller thread pool. If you don't know +the programming theory behind multithreaded servers, you should leave +these parameters alone.
+ +The next set of options affect how Citadel behaves on a network.
+ ++How often to run network jobs (in seconds) [3600]: +SMTP server port (-1 to disable) [25]: +POP3 server port (-1 to disable) [110]: +IMAP server port (-1 to disable) [143]: ++ +
'How often to run network jobs' refers to the sharing of content on a +Citadel network. If your system is on a Citadel network, this configuration +item dictates how often the Citadel server will contact other Citadel +servers to send and receive messages. In reality, this will happen more +frequently than you specify, because other Citadel servers will be contacting +yours at regular intervals as well.
+ +Then you can specify TCP port numbers for the SMTP, POP3, and IMAP +services. For a system being used primarily for Internet e-mail, these are +essential, so you'll want to specify the standard port numbers: 25, 110, +and 143. If Citadel is running alongside some other mail system, though, then +you might want to choose other, unused port numbers, or enter -1 for any +protocol to disable it entirely.
+ +The final set of options configures system-wide defaults for the +auto-purger:
+ ++Default user purge time (days) [120]: +Default room purge time (days) [30]: +System default message expire policy (? for list) [2]: +Keep how many messages online? [150]: ++ +
Any user who does not log in for the period specified in 'Default user +purge time' will be deleted the next time a purge is run. This setting +may be modified on a per-user basis.
+ +'Default room purge time' behaves the same way, and may also be modified +on a per-room basis.
+ +'System default message expire policy' defines the way in which old +messages are expired (purged) off the system. You can specify any of:
+ +Again, this setting may be overridden on a per-floor basis, and the +floor setting may be overridden on a per-room basis.
+ ++Save this configuration? No ++ +
When you're done, enter 'Yes' to confirm the changes, or 'No' to discard +the changes.
+