From: Christian Heller Date: Wed, 24 Jun 2020 19:58:06 +0000 (+0200) Subject: Add play server setup. X-Git-Url: https://plomlompom.com/repos/%7B%7Bprefix%7D%7D/%7B%7B%20web_path%20%7D%7D/%7B%7Bdb.prefix%7D%7D/%27%29;%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20chunks.push%28escapeHTML%28span%5B2%5D%29%29;%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20chunks.push%28%27?a=commitdiff_plain;h=710b6e4e7337b99a79910d35ef8216d214355719;p=config Add play server setup. --- diff --git a/buster/apt-mark/play b/buster/apt-mark/play new file mode 100644 index 0000000..e9ad25a --- /dev/null +++ b/buster/apt-mark/play @@ -0,0 +1,2 @@ +weechat +screen diff --git a/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.service b/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.service new file mode 100644 index 0000000..d7b6e49 --- /dev/null +++ b/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.service @@ -0,0 +1,6 @@ +[Unit] +Description=Attempt encryption of old chat logs +[Service] +Type=oneshot +User=plom +ExecStart=/bin/sh -c '~/encrypter.sh' diff --git a/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer b/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer new file mode 100644 index 0000000..79a6e1e --- /dev/null +++ b/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer @@ -0,0 +1,8 @@ +[Unit] +Description=Attempt encryption of old chatlogs once every minute. + +[Timer] +OnCalendar=*-*-* *:*:00 + +[Install] +WantedBy=timers.target \ No newline at end of file diff --git a/buster/other_files/weechat-wrapper.sh b/buster/other_files/weechat-wrapper.sh new file mode 100755 index 0000000..b433574 --- /dev/null +++ b/buster/other_files/weechat-wrapper.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +# Enforce ~/.weechatrc as sole persistent weechat config file. +rm -rf ~/.weechat/ +WEECHATCONF=`tr '\n' ';' < ~/.weechatrc` +weechat -r "$WEECHATCONF" +rm -rf ~/.weechat/ diff --git a/buster/other_files/weechatlogs_encrypter.sh b/buster/other_files/weechatlogs_encrypter.sh new file mode 100755 index 0000000..9e177d3 --- /dev/null +++ b/buster/other_files/weechatlogs_encrypter.sh @@ -0,0 +1,16 @@ +#!/bin/sh +# Encrypt dated weechatlog files older than one day to GPG target defined in +# ~/.encrypt_target +set -e + +gpg_key=$(cat ~/.encrypt_target) +cd ~/weechatlogs/irc/ + +# Dirty hack: To avoid trouble with GPG key expiration, fake +# system to something reasonbly old (younger than key creation, +# older than expiration) by taking the mod datetime of +# /etc/hostname, which should have last be changed when the +# system was set up. +hostname_mod_epoch=$(stat -c%Y /etc/hostname) +find . -regextype posix-egrep -regex '^.*/.*/.*\.[0-9]{4}-[0-9]{2}-[0-9]{2}\.weechatlog$' -type f -mtime +1 -exec gpg --recipient "${gpg_key}" --trust-model always --faked-system-time="${hostname_mod_epoch}" --encrypt {} \; -exec rm {} \; + diff --git a/buster/other_files/weechatrc b/buster/other_files/weechatrc new file mode 100644 index 0000000..ab30c17 --- /dev/null +++ b/buster/other_files/weechatrc @@ -0,0 +1,7 @@ +/set logger.file.path ~/weechatlogs +/set logger.file.flush_delay 0 +/set logger.mask.irc "irc/$server/$channel.%Y-%m-%d.weechatlog" +/set weechat.bar.status.items "[time],[buffer_last_number],[buffer_plugin],buffer_number+:+buffer_name+(buffer_modes)+{buffer_nicklist_count}+buffer_zoom+buffer_filter,[lag],[hotlist],completion,scroll,[otr]" +/set weechat.color.chat_nick_colors "lightcyan" +/server add freenode irc.freenode.net -nicks=plimlompom,plimlomp0m,pliml0mp0m -realname="foo bar" -autojoin=#plomlompomtest +/connect freenode diff --git a/buster/setup_scripts/setup_mail.sh b/buster/setup_scripts/setup_mail.sh index 81eb50e..c749f27 100755 --- a/buster/setup_scripts/setup_mail.sh +++ b/buster/setup_scripts/setup_mail.sh @@ -72,7 +72,6 @@ echo "plom:${password}" | chpasswd # Get old mail data, shutdown old postfix server. if [ "${old_server}" != "" ]; then cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/ - #chown plom:plom /home/plom/prepare_to_meet_server.sh su -lc "./prepare_to_meet_server.sh ${old_server}" plom read -p'Hit Enter when you are done.' ignore rm /home/plom/prepare_to_meet_server.sh @@ -80,6 +79,7 @@ if [ "${old_server}" != "" ]; then su -lc "scp plom@${old_server}:.fetchmailrc ~" plom su -lc "scp plom@${old_server}:.pingmailrc ~" plom su -lc "ssh -t plom@${old_server} \"su -lc 'service postfix stop'\"" plom + su -lc "ssh plom@${old_server} \"su -lc 'systemctl disable fetchmail_old_account.timer'\"" plom su -lc "ssh plom@${old_server} \"su -lc 'service fetchmail_old_account stop'\"" plom #su -lc "ssh -t plom@${old_server} \"su -lc 'service fetchmail stop'\"" plom cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/ diff --git a/buster/setup_scripts/setup_play.sh b/buster/setup_scripts/setup_play.sh new file mode 100644 index 0000000..c994eb9 --- /dev/null +++ b/buster/setup_scripts/setup_play.sh @@ -0,0 +1,53 @@ +#!/bin/sh +set -e +set -x + +if [ "$#" -lt 1 ]; then + echo "Need public key ID and optionally old server IP." + fi +fi +gpg_key="$1" +old_server="$2" + +config_tree_prefix="${HOME}/config/buster" +./install_for_target.sh play +./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" play +cp "${config_tree_prefix}/other_files/weechatrc" /home/plom/.weechatrc +cp "${config_tree_prefix}/other_files/weechat-wrapper.sh" /home/plom/ +cp "${config_tree_prefix}/other_files/weechatlogs-encrypter.sh" /home/plom/ +chown plom:plom /home/plom/*weechat* +echo "${gpg_key}" /home/plom/.encrypt_target +chown plom:plom /home/plom/.encrypt_target + +# TODO refactor with setup_website.sh +# Add encryption key. +keyservers='sks-keyservers.net/ keys.gnupg.net' +set +e +while true; do + do_break=0 + for keyserver in $(echo "${keyservers}"); do + su plom -c "gpg --no-tty --keyserver $keyserver --recv-key ${gpg_key}" + if [ $? -eq "0" ]; then + do_break=1 + break + fi + echo "Attempt with keyserver ${keyserver} unsuccessful, trying other." + done + if [ "${do_break}" -eq "1" ]; then + break + fi +done +set -e + +if [ "${old_server}" != "" ]; then + cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/ + su -lc "./prepare_to_meet_server.sh ${old_server}" plom + read -p'Hit Enter when you are done.' ignore + rm /home/plom/prepare_to_meet_server.sh + su -lc "scp plom@${old_server}:.weechatrc ~" plom + cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/ + su -lc "./mirror_dir.sh ${old_server} /home/plom/weechatlogs" plom + rm /home/plom/mirror_dir.sh +fi + +systemctl enable --now encrypt_chatlogs.timer