setup

3 years ago · 6f88a5da1e
parent d19b1795f6
commit 6f88a5da1e
7 changed files with 63 additions and 2 deletions
--- a/auth.py
+++ b/auth.py
--- a/main.py
+++ b/main.py
@ -1,4 +1,4 @@
-from sys import argv
+from sys import argv, exit
 from cli_params import parse_args, fetch_cfg
 from cathedral import cathedral

@ -6,4 +6,5 @@ args = parse_args({
    "cfg": (True, "path to config file")
 })
 settings = fetch_cfg(args["cfg"])
+
 cathedral(settings).erect()
--- a/readme.txt
+++ b/readme.txt
@ -1,7 +1,9 @@
 the core of a plugin-based usergroup system.
 establishes a central auth for users, and loads plugins to carry out various functions based on events.

-requires aiohttp ~= 3.7.4
+the technically correct mode of installation is downloading `tools/init.py`, /not/ cloning the repo yourself
+
+requires aiohttp ~= 3.7.4, acl, git

 events:
 USER_CREATE
--- a/tools/cathedral.service
+++ b/tools/cathedral.service
@ -0,0 +1,12 @@
+[Unit]
+Description=erect the cathedral!
+Documentation=https://github.com/kurisufriend/cathedral
+
+[Service]
+User=cathedral
+Group=cathedral
+ExecStart=python3 /var/cathedral/main.py --cfg /var/cathedral/config.json
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
--- a/tools/init.py
+++ b/tools/init.py
@ -0,0 +1,41 @@
+from sys import exit
+import json
+import subprocess
+
+"""
+scope:
+* make /var/cathedral
+* clone the repo to /var/cathedral/cathedral
+* copy new template files to /etc/skel
+* create new cathedral user
+cathedral:.:.:.:/var/cathedral:/usr/bin/nologin
+* give the new user recursive ownership of /var/cathedral
+* allow new user access to /etc/shadow
+* copy systemd service file to /etc/systemd/system
+"""
+
+
+if not(subprocess.run(["id", "-u"]) == 0):
+    print("this script must be run as root")
+    exit(-1)
+
+# * make /var/cathedral
+subprocess.run(["mkdir", "/var/cathedral"])
+
+# * clone the repo to /var/cathedral
+subprocess.run(["git", "clone", "https://github.com/kurisufriend/cathedral", "/var/cathedral"])
+
+# * copy new template files to /etc/skel
+subprocess.run(["cp", "-r", "/var/cathedral/tools/skel/*", "/etc/skel"])
+
+# * create new cathedral user
+subprocess.run(["useradd", "-c", "cathedral", "-d", "/var/cathedral", "-M", "-s", "/usr/bin/nologin"])
+
+# * give the new user recursive ownership of /var/cathedral
+subprocess.run(["chown", "-R", "cathedral:cathedral", "/var/cathedral"])
+
+# * allow new user access to /etc/shadow
+subprocess.run(["setfacl", "-m", "u:cathedral:r", "/etc/shadow"])
+
+# * copy systemd service file to /etc/systemd/system
+subprocess.run(["cp", "/var/cathedral/tools/cathedral.service", "/etc/systemd/system"])
--- a/tools/skel/.web/index.html
+++ b/tools/skel/.web/index.html
@ -0,0 +1 @@
+hello, world!
--- a/tools/skel/welcome.txt
+++ b/tools/skel/welcome.txt
@ -0,0 +1,4 @@
+welcome to the system!
+
+~ rsk
+P.S. contact me at rishi@krishnas.club