home · contact · privacy
projects / config / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cf999e4)
Add IRClogs password protection.
authorChristian Heller <c.heller@plomlompom.de>
Thu, 13 Dec 2018 20:28:15 +0000 (21:28 +0100)
committerChristian Heller <c.heller@plomlompom.de>
Thu, 13 Dec 2018 20:28:15 +0000 (21:28 +0100)
all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf patch | blob | history
all_new_2018/setup_plomlombot.sh patch | blob | history
all_new_2018/user_scripts/plomlombot_daemon.sh patch | blob | history
all_new_2018/user_scripts/start_plomlombot.sh [deleted file] patch | blob | history

diff --git a/all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf b/all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf
index fa1f106e6bcb8209a685b3fcb4025183fd12813c..411aa4b8f84d52a70fecdfa376d067984def9c23 100644 (file)
--- a/all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf
+++ b/all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf
@@ -64,7 +64,13 @@ http {
             fastcgi_pass unix:/var/run/fcgiwrap.socket;
         }
 
-        location /irclogs/plomlompomtest/ {
+        location /irclogs/([^/]+)/ {
+            auth_basic "$1 logs";
+            auth_basic_user_file /var/www/irclogs_pw/$1;
+            autoindex on;
+        }
+
+        location /irclogs/ {
             autoindex on;
         }
     }
diff --git a/all_new_2018/setup_plomlombot.sh b/all_new_2018/setup_plomlombot.sh
index 6bfc4d6a0a60a9e0cc6b83d85774a89a7e231c9c..45625882f70551fb74ab6d9d6cca55f4190b2ea5 100755 (executable)
--- a/all_new_2018/setup_plomlombot.sh
+++ b/all_new_2018/setup_plomlombot.sh
@@ -10,9 +10,10 @@ gpg_key="$1"
 
 config_tree_prefix="${HOME}/config/all_new_2018/"
 irclogs_dir=/var/www/html/irclogs
+irclogs_pw_dir=/var/www/irclogs_pw
 cp "${config_tree_prefix}"/user_scripts/plomlombot_daemon.sh /home/plom/
 chown plom:plom /home/plom/plomlombot_daemon.sh
-apt -y install screen python3-venv gpg dirmngr
+apt -y install screen python3-venv gpg dirmngr apache2-utils
 su plom -c "gpg --recv-key ${gpg_key}"
 # TODO: After this, we could in theory remove dirmngr if we only installed it just now.
 su plom -c "cd && git clone /var/public_repos/plomlombot-irc"
@@ -20,7 +21,9 @@ systemctl enable /etc/systemd/system/plomlombot.service
 service plomlombot start
 mkdir -p "${irclogs_dir}"
 chown -R plom:plom "${irclogs_dir}"
+mkdir -p "${irclogs_pw_dir}"
+chown -R plom:plom "${irclogs_pw_dir}"
 echo "Don't forget to add a file ~/.plomlombot with content such as:"
 echo "gpg_key ${gpg_key}"
-echo "bot: SCREEN_SESSION_NAME BOT_NAME #CHANNEL_NAME IRC_SERVER_NAME"
+echo "bot: SCREEN_SESSION_NAME BOT_NAME #CHANNEL_NAME IRC_SERVER_NAME LOGS_USER LOGS_PW"
 echo "# file should end in newline or non-interpreted line such as this"
diff --git a/all_new_2018/user_scripts/plomlombot_daemon.sh b/all_new_2018/user_scripts/plomlombot_daemon.sh
index dcac4f677c453f0f665a4e8ae66a001b88857270..df4f49d04d26468fe05252ba39b81a945c21d8d5 100755 (executable)
--- a/all_new_2018/user_scripts/plomlombot_daemon.sh
+++ b/all_new_2018/user_scripts/plomlombot_daemon.sh
@@ -5,6 +5,7 @@ set -e
 path=~/.plomlombot
 db_dir="${HOME}/plomlombot_db"
 irclogs_dir=/var/www/html/irclogs
+irclogs_pw_dir=/var/www/irclogs_pw
 while true; do
     if [ -f "${path}" ]; then
         cat "${path}" | while read line; do
@@ -16,7 +17,14 @@ while true; do
                session_name=$(echo -n "${line}" | cut -d' ' -f2)
                bot_name=$(echo -n "${line}" | cut -d' ' -f3)
                channel_name=$(echo -n "${line}" | cut -d' ' -f4)
+                shortened_channel_name="${channel_name}"
+                first_char=$(echo -n "${channel_name}" | cut -c1)
+                if [ "${first_char}" = "#" ]; then
+                    shortened_channel_name=$(echo -n "${channel_name}" | cut -c2-)
+                fi
                server_name=$(echo -n "${line}" | cut -d' ' -f5)
+                login_user=$(echo -n "${line}" | cut -d' ' -f6)
+                login_pw=$(echo -n "${line}" | cut -d' ' -f7)
                set +e
                screen -S "${session_name}" -Q select . > /dev/null
                start_screen=$?
@@ -30,12 +38,8 @@ while true; do
                logs_dir="${db_dir}/${md5_server}/${md5_channel}/logs"
                # FIXME: Note the trouble we will have if we have the same channel
                # name on different servers …
-                shortened_channel_name="${channel_name}"
-                first_char=$(echo -n "${channel_name}" | cut -c1)
-                if [ "${first_char}" = "#" ]; then
-                    shortened_channel_name=$(echo -n "${channel_name}" | cut -c2-)
-                fi
                 ln -sfn "${logs_dir}" "${irclogs_dir}/${shortened_channel_name}"
+                htpasswd -c "${irclogs_pw_dir}/${shortened_channel_name}" "${login_user}" "${login_pw}"
 
            # If "key:" line, encrypt old raw logs to that GPG key.
            elif [ "${first_word}" = "gpg_key": ]; then
diff --git a/all_new_2018/user_scripts/start_plomlombot.sh b/all_new_2018/user_scripts/start_plomlombot.sh
deleted file mode 100755 (executable)
index 8a368bc..0000000
--- a/all_new_2018/user_scripts/start_plomlombot.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-set -e
-cd ~/plomlombot-irc
-./run.sh -r 604800 -n "$1" "$2"
Unnamed repository; edit this file 'description' to name the repository.