From 6f88a5da1e36379d07add50b2920892812c44175 Mon Sep 17 00:00:00 2001 From: cynic Date: Mon, 31 Oct 2022 11:48:52 -0400 Subject: [PATCH] setup --- auth.py | 0 main.py | 3 ++- readme.txt | 4 +++- tools/cathedral.service | 12 +++++++++++ tools/init.py | 41 ++++++++++++++++++++++++++++++++++++++ tools/skel/.web/index.html | 1 + tools/skel/welcome.txt | 4 ++++ 7 files changed, 63 insertions(+), 2 deletions(-) create mode 100644 auth.py create mode 100644 tools/cathedral.service create mode 100644 tools/init.py create mode 100644 tools/skel/.web/index.html create mode 100644 tools/skel/welcome.txt diff --git a/auth.py b/auth.py new file mode 100644 index 0000000..e69de29 diff --git a/main.py b/main.py index 4c57779..35d6064 100644 --- a/main.py +++ b/main.py @@ -1,4 +1,4 @@ -from sys import argv +from sys import argv, exit from cli_params import parse_args, fetch_cfg from cathedral import cathedral @@ -6,4 +6,5 @@ args = parse_args({ "cfg": (True, "path to config file") }) settings = fetch_cfg(args["cfg"]) + cathedral(settings).erect() \ No newline at end of file diff --git a/readme.txt b/readme.txt index 0525020..94f3008 100644 --- a/readme.txt +++ b/readme.txt @@ -1,7 +1,9 @@ the core of a plugin-based usergroup system. establishes a central auth for users, and loads plugins to carry out various functions based on events. -requires aiohttp ~= 3.7.4 +the technically correct mode of installation is downloading `tools/init.py`, /not/ cloning the repo yourself + +requires aiohttp ~= 3.7.4, acl, git events: USER_CREATE diff --git a/tools/cathedral.service b/tools/cathedral.service new file mode 100644 index 0000000..9be7601 --- /dev/null +++ b/tools/cathedral.service @@ -0,0 +1,12 @@ +[Unit] +Description=erect the cathedral! +Documentation=https://github.com/kurisufriend/cathedral + +[Service] +User=cathedral +Group=cathedral +ExecStart=python3 /var/cathedral/main.py --cfg /var/cathedral/config.json +Restart=always + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/tools/init.py b/tools/init.py new file mode 100644 index 0000000..6f5e698 --- /dev/null +++ b/tools/init.py @@ -0,0 +1,41 @@ +from sys import exit +import json +import subprocess + +""" +scope: +* make /var/cathedral +* clone the repo to /var/cathedral/cathedral +* copy new template files to /etc/skel +* create new cathedral user +cathedral:.:.:.:/var/cathedral:/usr/bin/nologin +* give the new user recursive ownership of /var/cathedral +* allow new user access to /etc/shadow +* copy systemd service file to /etc/systemd/system +""" + + +if not(subprocess.run(["id", "-u"]) == 0): + print("this script must be run as root") + exit(-1) + +# * make /var/cathedral +subprocess.run(["mkdir", "/var/cathedral"]) + +# * clone the repo to /var/cathedral +subprocess.run(["git", "clone", "https://github.com/kurisufriend/cathedral", "/var/cathedral"]) + +# * copy new template files to /etc/skel +subprocess.run(["cp", "-r", "/var/cathedral/tools/skel/*", "/etc/skel"]) + +# * create new cathedral user +subprocess.run(["useradd", "-c", "cathedral", "-d", "/var/cathedral", "-M", "-s", "/usr/bin/nologin"]) + +# * give the new user recursive ownership of /var/cathedral +subprocess.run(["chown", "-R", "cathedral:cathedral", "/var/cathedral"]) + +# * allow new user access to /etc/shadow +subprocess.run(["setfacl", "-m", "u:cathedral:r", "/etc/shadow"]) + +# * copy systemd service file to /etc/systemd/system +subprocess.run(["cp", "/var/cathedral/tools/cathedral.service", "/etc/systemd/system"]) \ No newline at end of file diff --git a/tools/skel/.web/index.html b/tools/skel/.web/index.html new file mode 100644 index 0000000..30f51a3 --- /dev/null +++ b/tools/skel/.web/index.html @@ -0,0 +1 @@ +hello, world! \ No newline at end of file diff --git a/tools/skel/welcome.txt b/tools/skel/welcome.txt new file mode 100644 index 0000000..794a4c7 --- /dev/null +++ b/tools/skel/welcome.txt @@ -0,0 +1,4 @@ +welcome to the system! + +~ rsk +P.S. contact me at rishi@krishnas.club \ No newline at end of file