Move echobot into /var/lib/echobot

This commit is contained in:
link2xt 2024-05-02 18:19:34 +00:00
parent e4f8c78efe
commit 0493e27312
4 changed files with 36 additions and 10 deletions

View File

@ -45,23 +45,32 @@ def is_allowed_to_create(config: Config, user, cleartext_password) -> bool:
return False return False
localpart, domain = parts localpart, domain = parts
if localpart == "echo":
# echobot account should not be created in the database
return False
if ( if (
len(localpart) > config.username_max_length len(localpart) > config.username_max_length
or len(localpart) < config.username_min_length or len(localpart) < config.username_min_length
): ):
if localpart != "echo": logging.warning(
logging.warning( "localpart %s has to be between %s and %s chars long",
"localpart %s has to be between %s and %s chars long", localpart,
localpart, config.username_min_length,
config.username_min_length, config.username_max_length,
config.username_max_length, )
)
return False
return True return True
def get_user_data(db, config: Config, user): def get_user_data(db, config: Config, user):
if user == f"echo@{config.mail_domain}":
return dict(
home=f"/home/vmail/mail/{config.mail_domain}/echo@{config.mail_domain}",
uid="vmail",
gid="vmail",
)
with db.read_connection() as conn: with db.read_connection() as conn:
result = conn.get_user(user) result = conn.get_user(user)
if result: if result:
@ -76,6 +85,14 @@ def lookup_userdb(db, config: Config, user):
def lookup_passdb(db, config: Config, user, cleartext_password): def lookup_passdb(db, config: Config, user, cleartext_password):
if user == f"echo@{config.mail_domain}":
return dict(
home=f"/home/vmail/mail/{config.mail_domain}/echo@{config.mail_domain}",
uid="vmail",
gid="vmail",
password=encrypt_password("eiPhiez0eo8raighoh0C"), # FIXME read from config
)
with db.write_transaction() as conn: with db.write_transaction() as conn:
userdata = conn.get_user(user) userdata = conn.get_user(user)
if userdata: if userdata:

View File

@ -3,13 +3,13 @@
it will echo back any message that has non-empty text and also supports the /help command. it will echo back any message that has non-empty text and also supports the /help command.
""" """
import logging import logging
import os import os
import sys import sys
from deltachat_rpc_client import Bot, DeltaChat, EventType, Rpc, events from deltachat_rpc_client import Bot, DeltaChat, EventType, Rpc, events
from chatmaild.newemail import create_newemail_dict
from chatmaild.config import read_config from chatmaild.config import read_config
hooks = events.HookCollection() hooks = events.HookCollection()
@ -77,7 +77,7 @@ def main():
bot = Bot(account, hooks) bot = Bot(account, hooks)
if not bot.is_configured(): if not bot.is_configured():
config = read_config(sys.argv[1]) config = read_config(sys.argv[1])
password = create_newemail_dict(config).get("password") password = "eiPhiez0eo8raighoh0C" # FIXME read from config
email = "echo@" + config.mail_domain email = "echo@" + config.mail_domain
bot.configure(email, password) bot.configure(email, password)
bot.run_forever() bot.run_forever()

View File

@ -477,6 +477,7 @@ def deploy_chatmail(config_path: Path) -> None:
groups=["opendkim"], groups=["opendkim"],
system=True, system=True,
) )
server.user(name="Create echobot user", user="echobot", system=True)
server.shell( server.shell(
name="Fix file owner in /home/vmail", name="Fix file owner in /home/vmail",

View File

@ -7,6 +7,14 @@ Environment="PATH={remote_venv_dir}:$PATH"
Restart=always Restart=always
RestartSec=30 RestartSec=30
User=echobot
Group=echobot
# Create /var/lib/echobot
StateDirectory=echobot
WorkingDirectory=/var/lib/echobot
# Apply security restrictions suggested by # Apply security restrictions suggested by
# systemd-analyze security echobot.service # systemd-analyze security echobot.service
CapabilityBoundingSet= CapabilityBoundingSet=