From: Christian Heller Date: Thu, 13 Dec 2018 20:28:15 +0000 (+0100) Subject: Add IRClogs password protection. X-Git-Url: https://plomlompom.com/repos/%7B%7Bdb.prefix%7D%7D/static/%7B%7B%20web_path%20%7D%7D/bar%20baz.html?a=commitdiff_plain;h=9f911349477be35286ddafd553a500806325dca6;p=config Add IRClogs password protection. --- diff --git a/all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf b/all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf index fa1f106..411aa4b 100644 --- a/all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf +++ b/all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf @@ -64,7 +64,13 @@ http { fastcgi_pass unix:/var/run/fcgiwrap.socket; } - location /irclogs/plomlompomtest/ { + location /irclogs/([^/]+)/ { + auth_basic "$1 logs"; + auth_basic_user_file /var/www/irclogs_pw/$1; + autoindex on; + } + + location /irclogs/ { autoindex on; } } diff --git a/all_new_2018/setup_plomlombot.sh b/all_new_2018/setup_plomlombot.sh index 6bfc4d6..4562588 100755 --- a/all_new_2018/setup_plomlombot.sh +++ b/all_new_2018/setup_plomlombot.sh @@ -10,9 +10,10 @@ gpg_key="$1" config_tree_prefix="${HOME}/config/all_new_2018/" irclogs_dir=/var/www/html/irclogs +irclogs_pw_dir=/var/www/irclogs_pw cp "${config_tree_prefix}"/user_scripts/plomlombot_daemon.sh /home/plom/ chown plom:plom /home/plom/plomlombot_daemon.sh -apt -y install screen python3-venv gpg dirmngr +apt -y install screen python3-venv gpg dirmngr apache2-utils su plom -c "gpg --recv-key ${gpg_key}" # TODO: After this, we could in theory remove dirmngr if we only installed it just now. su plom -c "cd && git clone /var/public_repos/plomlombot-irc" @@ -20,7 +21,9 @@ systemctl enable /etc/systemd/system/plomlombot.service service plomlombot start mkdir -p "${irclogs_dir}" chown -R plom:plom "${irclogs_dir}" +mkdir -p "${irclogs_pw_dir}" +chown -R plom:plom "${irclogs_pw_dir}" echo "Don't forget to add a file ~/.plomlombot with content such as:" echo "gpg_key ${gpg_key}" -echo "bot: SCREEN_SESSION_NAME BOT_NAME #CHANNEL_NAME IRC_SERVER_NAME" +echo "bot: SCREEN_SESSION_NAME BOT_NAME #CHANNEL_NAME IRC_SERVER_NAME LOGS_USER LOGS_PW" echo "# file should end in newline or non-interpreted line such as this" diff --git a/all_new_2018/user_scripts/plomlombot_daemon.sh b/all_new_2018/user_scripts/plomlombot_daemon.sh index dcac4f6..df4f49d 100755 --- a/all_new_2018/user_scripts/plomlombot_daemon.sh +++ b/all_new_2018/user_scripts/plomlombot_daemon.sh @@ -5,6 +5,7 @@ set -e path=~/.plomlombot db_dir="${HOME}/plomlombot_db" irclogs_dir=/var/www/html/irclogs +irclogs_pw_dir=/var/www/irclogs_pw while true; do if [ -f "${path}" ]; then cat "${path}" | while read line; do @@ -16,7 +17,14 @@ while true; do session_name=$(echo -n "${line}" | cut -d' ' -f2) bot_name=$(echo -n "${line}" | cut -d' ' -f3) channel_name=$(echo -n "${line}" | cut -d' ' -f4) + shortened_channel_name="${channel_name}" + first_char=$(echo -n "${channel_name}" | cut -c1) + if [ "${first_char}" = "#" ]; then + shortened_channel_name=$(echo -n "${channel_name}" | cut -c2-) + fi server_name=$(echo -n "${line}" | cut -d' ' -f5) + login_user=$(echo -n "${line}" | cut -d' ' -f6) + login_pw=$(echo -n "${line}" | cut -d' ' -f7) set +e screen -S "${session_name}" -Q select . > /dev/null start_screen=$? @@ -30,12 +38,8 @@ while true; do logs_dir="${db_dir}/${md5_server}/${md5_channel}/logs" # FIXME: Note the trouble we will have if we have the same channel # name on different servers … - shortened_channel_name="${channel_name}" - first_char=$(echo -n "${channel_name}" | cut -c1) - if [ "${first_char}" = "#" ]; then - shortened_channel_name=$(echo -n "${channel_name}" | cut -c2-) - fi ln -sfn "${logs_dir}" "${irclogs_dir}/${shortened_channel_name}" + htpasswd -c "${irclogs_pw_dir}/${shortened_channel_name}" "${login_user}" "${login_pw}" # If "key:" line, encrypt old raw logs to that GPG key. elif [ "${first_word}" = "gpg_key": ]; then diff --git a/all_new_2018/user_scripts/start_plomlombot.sh b/all_new_2018/user_scripts/start_plomlombot.sh deleted file mode 100755 index 8a368bc..0000000 --- a/all_new_2018/user_scripts/start_plomlombot.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -set -e -cd ~/plomlombot-irc -./run.sh -r 604800 -n "$1" "$2"