From 710b6e4e7337b99a79910d35ef8216d214355719 Mon Sep 17 00:00:00 2001
From: Christian Heller <c.heller@plomlompom.de>
Date: Wed, 24 Jun 2020 21:58:06 +0200
Subject: [PATCH] Add play server setup.

---
 buster/apt-mark/play                          |  2 +
 .../systemd/system/encrypt_chatlogs.service   |  6 +++
 .../etc/systemd/system/encrypt_chatlogs.timer |  8 +++
 buster/other_files/weechat-wrapper.sh         |  7 +++
 buster/other_files/weechatlogs_encrypter.sh   | 16 ++++++
 buster/other_files/weechatrc                  |  7 +++
 buster/setup_scripts/setup_mail.sh            |  2 +-
 buster/setup_scripts/setup_play.sh            | 53 +++++++++++++++++++
 8 files changed, 100 insertions(+), 1 deletion(-)
 create mode 100644 buster/apt-mark/play
 create mode 100644 buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.service
 create mode 100644 buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer
 create mode 100755 buster/other_files/weechat-wrapper.sh
 create mode 100755 buster/other_files/weechatlogs_encrypter.sh
 create mode 100644 buster/other_files/weechatrc
 create mode 100644 buster/setup_scripts/setup_play.sh

diff --git a/buster/apt-mark/play b/buster/apt-mark/play
new file mode 100644
index 0000000..e9ad25a
--- /dev/null
+++ b/buster/apt-mark/play
@@ -0,0 +1,2 @@
+weechat
+screen
diff --git a/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.service b/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.service
new file mode 100644
index 0000000..d7b6e49
--- /dev/null
+++ b/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Attempt encryption of old chat logs
+[Service]
+Type=oneshot
+User=plom
+ExecStart=/bin/sh -c '~/encrypter.sh'
diff --git a/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer b/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer
new file mode 100644
index 0000000..79a6e1e
--- /dev/null
+++ b/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer
@@ -0,0 +1,8 @@
+[Unit]
+Description=Attempt encryption of old chatlogs once every minute.
+
+[Timer]
+OnCalendar=*-*-* *:*:00
+
+[Install]
+WantedBy=timers.target
\ No newline at end of file
diff --git a/buster/other_files/weechat-wrapper.sh b/buster/other_files/weechat-wrapper.sh
new file mode 100755
index 0000000..b433574
--- /dev/null
+++ b/buster/other_files/weechat-wrapper.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+# Enforce ~/.weechatrc as sole persistent weechat config file.
+rm -rf ~/.weechat/
+WEECHATCONF=`tr '\n' ';' < ~/.weechatrc`
+weechat -r "$WEECHATCONF"
+rm -rf ~/.weechat/
diff --git a/buster/other_files/weechatlogs_encrypter.sh b/buster/other_files/weechatlogs_encrypter.sh
new file mode 100755
index 0000000..9e177d3
--- /dev/null
+++ b/buster/other_files/weechatlogs_encrypter.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+# Encrypt dated weechatlog files older than one day to GPG target defined in
+# ~/.encrypt_target
+set -e
+
+gpg_key=$(cat ~/.encrypt_target)
+cd ~/weechatlogs/irc/
+
+# Dirty hack: To avoid trouble with GPG key expiration, fake
+# system to something reasonbly old (younger than key creation,
+# older than expiration) by taking the mod datetime of
+# /etc/hostname, which should have last be changed when the
+# system was set up.
+hostname_mod_epoch=$(stat -c%Y /etc/hostname)
+find . -regextype posix-egrep -regex '^.*/.*/.*\.[0-9]{4}-[0-9]{2}-[0-9]{2}\.weechatlog$' -type f -mtime +1 -exec gpg --recipient "${gpg_key}" --trust-model always --faked-system-time="${hostname_mod_epoch}" --encrypt {} \; -exec rm {} \;
+
diff --git a/buster/other_files/weechatrc b/buster/other_files/weechatrc
new file mode 100644
index 0000000..ab30c17
--- /dev/null
+++ b/buster/other_files/weechatrc
@@ -0,0 +1,7 @@
+/set logger.file.path ~/weechatlogs
+/set logger.file.flush_delay 0
+/set logger.mask.irc "irc/$server/$channel.%Y-%m-%d.weechatlog"
+/set weechat.bar.status.items "[time],[buffer_last_number],[buffer_plugin],buffer_number+:+buffer_name+(buffer_modes)+{buffer_nicklist_count}+buffer_zoom+buffer_filter,[lag],[hotlist],completion,scroll,[otr]"
+/set weechat.color.chat_nick_colors "lightcyan"
+/server add freenode irc.freenode.net -nicks=plimlompom,plimlomp0m,pliml0mp0m -realname="foo bar" -autojoin=#plomlompomtest
+/connect freenode
diff --git a/buster/setup_scripts/setup_mail.sh b/buster/setup_scripts/setup_mail.sh
index 81eb50e..c749f27 100755
--- a/buster/setup_scripts/setup_mail.sh
+++ b/buster/setup_scripts/setup_mail.sh
@@ -72,7 +72,6 @@ echo "plom:${password}" | chpasswd
 # Get old mail data, shutdown old postfix server.
 if [ "${old_server}" != "" ]; then
   cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
-  #chown plom:plom /home/plom/prepare_to_meet_server.sh
   su -lc "./prepare_to_meet_server.sh ${old_server}" plom
   read -p'Hit Enter when you are done.' ignore
   rm /home/plom/prepare_to_meet_server.sh
@@ -80,6 +79,7 @@ if [ "${old_server}" != "" ]; then
   su -lc "scp plom@${old_server}:.fetchmailrc ~" plom
   su -lc "scp plom@${old_server}:.pingmailrc ~" plom
   su -lc "ssh -t plom@${old_server} \"su -lc 'service postfix stop'\"" plom
+  su -lc "ssh plom@${old_server} \"su -lc 'systemctl disable fetchmail_old_account.timer'\"" plom
   su -lc "ssh plom@${old_server} \"su -lc 'service fetchmail_old_account stop'\"" plom
   #su -lc "ssh -t plom@${old_server} \"su -lc 'service fetchmail stop'\"" plom
   cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
diff --git a/buster/setup_scripts/setup_play.sh b/buster/setup_scripts/setup_play.sh
new file mode 100644
index 0000000..c994eb9
--- /dev/null
+++ b/buster/setup_scripts/setup_play.sh
@@ -0,0 +1,53 @@
+#!/bin/sh
+set -e
+set -x
+
+if [ "$#" -lt 1 ]; then
+  echo "Need public key ID and optionally old server IP."
+  fi
+fi
+gpg_key="$1"
+old_server="$2"
+
+config_tree_prefix="${HOME}/config/buster"
+./install_for_target.sh play
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" play
+cp "${config_tree_prefix}/other_files/weechatrc" /home/plom/.weechatrc
+cp "${config_tree_prefix}/other_files/weechat-wrapper.sh" /home/plom/
+cp "${config_tree_prefix}/other_files/weechatlogs-encrypter.sh" /home/plom/
+chown plom:plom /home/plom/*weechat*
+echo "${gpg_key}" /home/plom/.encrypt_target
+chown plom:plom /home/plom/.encrypt_target
+
+# TODO refactor with setup_website.sh
+# Add encryption key.
+keyservers='sks-keyservers.net/ keys.gnupg.net'
+set +e
+while true; do
+    do_break=0
+    for keyserver in $(echo "${keyservers}"); do
+        su plom -c "gpg --no-tty --keyserver $keyserver --recv-key ${gpg_key}"
+        if [ $? -eq "0" ]; then
+            do_break=1
+            break
+        fi
+        echo "Attempt with keyserver ${keyserver} unsuccessful, trying other."
+    done
+    if [ "${do_break}" -eq "1" ]; then
+        break
+    fi
+done
+set -e
+
+if [ "${old_server}" != "" ]; then
+  cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
+  su -lc "./prepare_to_meet_server.sh ${old_server}" plom
+  read -p'Hit Enter when you are done.' ignore
+  rm /home/plom/prepare_to_meet_server.sh
+  su -lc "scp plom@${old_server}:.weechatrc ~" plom
+  cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
+  su -lc "./mirror_dir.sh ${old_server} /home/plom/weechatlogs" plom
+  rm /home/plom/mirror_dir.sh
+fi
+
+systemctl enable --now encrypt_chatlogs.timer
-- 
2.30.2