[fix] Adds secrets for #2 and minor fixes

2022-09-02 17:59:36 +02:00 · 2022-09-02 17:59:36 +02:00 · fdb17586ee
parent d9ef72e168
commit fdb17586ee
4 changed files with 99 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -23,8 +23,14 @@ git clone https://git.interhacker.space/alban/maubot-installer.git
 cd maubot-installer
 bash install.sh

-# Optionaly use the plugin installer if you cloned
-$EDITOR plugin-install.sh # Edit the variables
+# 3) Run the secure db install for security
+bash secure-db-install.sh
+
+# Optionnaly use the plugin installer if you cloned
+# Edit the variables
+$EDITOR plugin-install.sh 
+# OR use a config file
+cp config.default config && $EDITOR config
 bash plugin-install.sh

 ```
@ -80,8 +86,8 @@ nano config # Edit

 ## Contributing

-Feel free to post issues here o
+Feel free to post issues here on https://git.interhacker.space/alban/maubot-installer/issues

 ## Known problems

-Some plugins might require additional pip packages, you might have to install them by hand.
+Some plugins might require additional pip packages, you might have to install them by hand.
--- a/install.sh
+++ b/install.sh
@ -12,11 +12,12 @@ packageList=()
 packageList+=("certbot")
 packageList+=("nginx")
 packageList+=("pwgen")
-packageList+=("python-pip")
+packageList+=("python3-pip")
 packageList+=("python3-minimal")
 packageList+=("python3-distutils")
 packageList+=("sqlite3")
 packageList+=("virtualenv")
+packageList+=("wget")

 info "Updating packages informations"
 apt-get update >/dev/null
--- a/plugins-install.sh
+++ b/plugins-install.sh
@ -3,7 +3,15 @@
 panic(){ echo -e "$@"; exit 2; }
 info(){ echo -e "\e[0;32m$@\e[0m"; }

-which zip &>/dev/null || panic "Please install zip and unzip."
+which zip &>/dev/null || {
+    packageList+=("zip")
+    packageList+=("unzip")
+
+    info "Updating packages informations"
+    apt-get update >/dev/null
+    info "Installing packages ${packageList[@]}"
+    apt-get install --no-install-recommends -y ${packageList[@]} >/dev/null
+}

 basePath=$( cd `dirname $BASH_SOURCE[0]` && pwd )
 cd "$basePath"
@ -19,7 +27,7 @@ cd "$basePath"
 # maubot_user=maubot
 # maubot_pass=maubot

-[[ -z "$install_dir" ]] || [[ -z "$maubot_user" ]] || [[ -z "$maubot_pass" ]] || [[ -z "$server_address" ]] && panic "Please set variables"
+[[ -z "$install_dir" ]] || [[ -z "$maubot_user" ]] || [[ -z "$maubot_pass" ]] || [[ -z "$server_address" ]] && panic "Please set variables using .config or edit shell script"

 declare -A botList
 botList[https://github.com/maubot/jesaribot]="A simple bot that replies with an image when you say "jesari"."
@ -70,6 +78,11 @@ while [[ "$install" == "y" ]]; do
 			cd "$tempDir"
 			info "Downloading file"
 			wget -q "$zipURL" &>/dev/null 
+            if [[ 0 != $? || ! -f master.zip ]] ; then
+                echo "Something went wrong, zip file not available."
+                read -p "Press enter to continue"
+                continue
+            fi
 			info "Converting"
 			unzip master.zip &>/dev/null
 			cd "$projectName-master" 
--- a/secure-db-install.sh
+++ b/secure-db-install.sh
@ -0,0 +1,72 @@
+#! /bin/bash
+
+
+panic(){ echo -e "$@"; echo "Exiting."; exit 2; }
+spacer(){ echo -e "\n - - - - - - - - - "; }
+info(){ echo -e "\e[0;32m$@\e[0m"; }
+
+[[ "root" == $(whoami) ]] || panic "Must run as root."
+
+# 
+cd /opt/maubot
+. bin/activate
+
+packageList=()
+packageList+=("libolm-dev")
+packageList+=("python3-dev") 
+packageList+=("build-essential")
+
+pip3_packages=()
+pip3_packages+=("asyncpg")
+pip3_packages+=("python-olm")
+pip3_packages+=("pycryptodome")
+pip3_packages+=("unpaddedbase64")
+pip3_packages+=("urllib3")
+pip3_packages+=("maubot[all]==0.2.2a1")
+info "Updating packages informations"
+apt-get update >/dev/null
+info "Installing packages ${packageList[@]}"
+apt-get install --no-install-recommends -y ${packageList[@]} >/dev/null
+
+info "Installing python packages ${pip3_packages[@]}"
+
+pip3 install ${pip3_packages[@]} >/dev/null 
+
+systemctl stop maubot.service
+
+if egrep -q "^crypto_database" config.yaml; then
+    if egrep -q "^crypto_database: default" config.yaml ; then 
+        sed -i -E 's=^(crypto_database:.*)=crypto_database: sqlite:///crypto.db=' config.yaml 
+    fi
+else 
+    sed -i -E 's=^(database:.*)=\1\ncrypto_database: sqlite:///crypto.db=' config.yaml
+fi 
+
+rm /opt/maubot/maubot.db
+
+systemctl start maubot.service
+alembic upgrade head
+systemctl status maubot.service
+
+
+cat << EOF
+Now we have to authenticate on our maubot account that we created during the installation of maubot and that is accessible from its web-panel, but we will have to do it from the terminal with the mbc tool
+
+Connect to the panel using the login and password provided earlier for install.sh
+EOF
+
+bin/mbc login
+
+
+cat << EOF
+Once the authentication is done, we will use the same tool again to connect to our user account (bot client) that we created on the Matrix homeserver, to generate a unique token code and a device-id in order to allow the bot to have full control over the client (It is important to do it from the terminal, not from a classic matrix client)
+
+It is important that the user used has www-data rights, otherwise the authentication will not work.
+
+Generate the token and the device ID by connecting with the matrix user.
+EOF
+
+bin/mbc auth --update-client
+
+
+EOF