home · contact · privacy
Set up nodrama bot and letsencrypt infrastructure.
authorChristian Heller <c.heller@plomlompom.de>
Sun, 17 Apr 2016 20:55:03 +0000 (22:55 +0200)
committerChristian Heller <c.heller@plomlompom.de>
Sun, 17 Apr 2016 20:55:03 +0000 (22:55 +0200)
bin/broiler_in.sh [new file with mode: 0755]
bin/install_certs.sh [new file with mode: 0755]
bin/plomlombot.sh
bin/renew_certs.sh [new file with mode: 0755]
jessie_postinstall.sh
systemfiles/nginx.conf
systemfiles/plomlombot.service

diff --git a/bin/broiler_in.sh b/bin/broiler_in.sh
new file mode 100755 (executable)
index 0000000..5b16ddd
--- /dev/null
@@ -0,0 +1,3 @@
+#!/bin/sh
+cd ~/plomlombot-irc
+./run.sh -r 604800 -n broiler_in "#nodrama.de"
diff --git a/bin/install_certs.sh b/bin/install_certs.sh
new file mode 100755 (executable)
index 0000000..ea04482
--- /dev/null
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+set -e
+set -x
+
+~/letsencrypt-auto certonly --webroot -w /var/www/html -d dump.plomlompom.com 
index 3ee907354e6a9318818a9b7839ddc15c50bea5f8..01d0a7b494d6ac2406dd697ab8f62e5a7c3ff330 100755 (executable)
@@ -1,3 +1,3 @@
 #!/bin/sh
 cd ~/plomlombot-irc
-./run.sh "#zrolaps"
+./run.sh -r 604800 "#zrolaps"
diff --git a/bin/renew_certs.sh b/bin/renew_certs.sh
new file mode 100755 (executable)
index 0000000..a1a2b96
--- /dev/null
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+~/letsencrypt/letsencrypt-auto renew --webroot -w /var/www/html/
index 821b4b3f76bf7057f2194f978f24e92151030821..e4ea6c739b06eb5f0d0c84b7eb559daac54e733c 100755 (executable)
@@ -219,8 +219,8 @@ if [ "$1" = "server" ]; then
 
     elif [ "$2" = "public" ]; then
 
-        # Set up htwtxt environment.
-        apt-get -y install screen nginx
+        # Set up htwtxt and environment.
+        apt-get -y install screen
         apt-get -y -t jessie-backports install golang
         su - plom -c 'git clone https://github.com/plomlompom/htwtxt $GOPATH/src/htwtxt'
         su - plom -c 'go get htwtxt'
@@ -230,7 +230,13 @@ if [ "$1" = "server" ]; then
         cp config/systemfiles/htwtxt_restart_reminder.service \
             /etc/systemd/system/htwtxt_restart_reminder.service
         systemctl enable /etc/systemd/system/htwtxt_restart_reminder.service
+
+        # Set up nginx and letsencrypt.
+        apt-get -y install nginx
         cp config/systemfiles/nginx.conf /etc/nginx/nginx.conf
+        cd ~
+        git clone https://github.com/letsencrypt/letsencrypt
+        echo '0 18 * * 0 ~/config/bin/renew_certs.sh' | crontab -
 
         # Set up plomlombot.
         apt-get -y install python3 python3-venv python3-pip
@@ -239,8 +245,13 @@ if [ "$1" = "server" ]; then
         cp config/systemfiles/plomlombot.service \
             /etc/systemd/system/plomlombot.service
         systemctl enable /etc/systemd/system/plomlombot.service
-        mkdir /var/www/irclogs_zrolaps/
+
+        # Set up plomlombot logging infrastructure.
+        mkdir -p /var/www/html/irclogs/
+        ln -s /home/plom/plomlombot_db/6f322d574618816aa2d6d1ceb4fd2551/3c0248e76a1de3a6ee5bf3421f7379b0/logs/ /var/www/html/irclogs/zrolaps/
         touch /var/www/password_irclogs_zrolaps
+        ln -s /home/plom/plomlombot_db/6f322d574618816aa2d6d1ceb4fd2551/657eea42f86866f2954d39f92a6c71ff/logs/ /var/www/html/irclogs/nodrama.de/
+        touch /var/www/password_irclogs_nodrama_de
     fi
 
 elif [ "$1" = "thinkpad" ]; then
@@ -299,4 +310,4 @@ passwd plom
 rm jessie_postinstall.sh
 
 # Finalize everything with a reboot.
-reboot
+echo 'You may reboot now with the "reboot" command unless there's more to do.'
index 98626de2ed962d5da8fe8080ede3193a3c25388b..ac07114f8bb9552a0fd32ebbca92d1167eb510ab 100644 (file)
@@ -25,11 +25,24 @@ http {
 
         # IRC logs server
         server {
+                listen 443 ssl;
+                server_name dump.plomlompom.com;
+                ssl_certificate /etc/letsencrypt/live/dump.plomlompom.com/fullchain.pem;
+                ssl_certificate_key /etc/letsencrypt/live/dump.plomlompom.com/privkey.pem;
                 location / {
-                        auth_basic "IRC logs";
+                        root /var/www/html/;
+                }
+                location /irclogs/zrolaps/ {
+                        auth_basic "#zrolaps logs";
                         auth_basic_user_file /var/www/password_irclogs_zrolaps;
                         autoindex on;
-                        root /var/www/irclogs_zrolaps/;
+                        root /var/www/html/irclogs/zrolaps/;
+                }
+                location /irclogs/zrolaps/ {
+                        auth_basic "#nodrama.de logs";
+                        auth_basic_user_file /var/www/password_irclogs_nodrama_de;
+                        autoindex on;
+                        root /var/www/html/irclogs/nodrama.de/;
                 }
         }
 
index 5f4b0ebf0b4f57453100dba584658faa38f403fd..8c464a27a31bfdad6b9040dedc04e0c739840bd3 100644 (file)
@@ -6,7 +6,7 @@ Description=plomlombot screen
 [Service]
 Type=forking
 User=plom
-ExecStart=/bin/sh -c 'LC_ALL=en_US.UTF8 screen -d -m ~/config/bin/plomlombot.sh'
+ExecStart=/bin/sh -c 'LC_ALL=en_US.UTF8 screen -d -m ~/config/bin/plomlombot.sh && screen -d -m ~/config/bin/broiler_in.sh'
 
 [Install]
 WantedBy=multi-user.target