From f6fe3bab0f6c72126cdb5ddff9ce457e5789257a Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Thu, 6 Jan 2022 08:12:42 -0600 Subject: [PATCH] Connect to IRC bouncer instead of directly Changes botka on libera to connect to a bouncer, which also uses SASL, in order to fix the connection issues and keep a stable connection with minimal maintenance. --- .../credentials/botka_irc-libera-chat.json | 58 ++++++++++++++----- .../recipes/botka_irc-libera-chat.rb | 21 +++---- 2 files changed, 54 insertions(+), 25 deletions(-) diff --git a/data_bags/credentials/botka_irc-libera-chat.json b/data_bags/credentials/botka_irc-libera-chat.json index 96547eb..f1676c4 100644 --- a/data_bags/credentials/botka_irc-libera-chat.json +++ b/data_bags/credentials/botka_irc-libera-chat.json @@ -1,37 +1,65 @@ { "id": "botka_irc-libera-chat", "rs_logger_token": { - "encrypted_data": "2CYA4uMDMcTA3/TnoUkZ/WoB573oFn5oZk6zJmgc0MwCjYlKxhOTO6JZV5NF\nrQh0b6DS\n", - "iv": "ZDSklJrhSJknQTGJ\n", - "auth_tag": "RZVkeuP7iu1a/HkeIyM9/Q==\n", + "encrypted_data": "K0totr/aUIZ/ArLHLsXOCtpmhYRyebJv5GOsYEgCo3s2ObdYOWsDEIkhj7ho\nf9fFwdii\n", + "iv": "zpdygbdrCqumn2Us\n", + "auth_tag": "xqjaUt8BjBPNNKas47gzmA==\n", "version": 3, "cipher": "aes-256-gcm" }, "nickserv_password": { - "encrypted_data": "NXPE0ouvPESbBVRDDg362LaHVfeOqo+BEh4PkE5XeA==\n", - "iv": "4iESOnvAyMLF2TNs\n", - "auth_tag": "PiJvYy++dZls1t+goXui2w==\n", + "encrypted_data": "QBKx59optTSTfhLAtZ1h0dcQD1Xh7/ornslRb4en1A==\n", + "iv": "DrpHZPcfac7Cq4wf\n", + "auth_tag": "CUI9Wf/EObL3CpEr8MfqLw==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "znc_host": { + "encrypted_data": "U7n5uu39L6ShcnLY3iKuRsUZpI4NuZvBnBkqedc=\n", + "iv": "QFqfqQEjxmi1O12z\n", + "auth_tag": "uLXLy7AGt1/SarBx8QpWSw==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "znc_port": { + "encrypted_data": "T2lZ6mXjUwlulpyqkM1VTBGf2zU/SBi+\n", + "iv": "BtF1HBLST3RmYk/s\n", + "auth_tag": "htf0Clo/9H5FWbTwFc4W8Q==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "znc_user": { + "encrypted_data": "q/rGDx8G51/MlFr/fE29GyZmEC7e9OnSJK07yCABNw==\n", + "iv": "Lvj2yLTpWba1cOLT\n", + "auth_tag": "V43rrkVYDXmZ7csTKiQpJg==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "znc_password": { + "encrypted_data": "0QZxtYSDiYEfXGm3rMsAmE2lUWa1P5X0L1d7jHIdPww=\n", + "iv": "+yICaeYVn1HtaVYS\n", + "auth_tag": "7qe/85sww2TCc31/l0Gszw==\n", "version": 3, "cipher": "aes-256-gcm" }, "gcm_api_key": { - "encrypted_data": "QaF+kUTZbx3fK9QXua9QPq0f8ACZbrj+FEvlcMiv9x469OMOxTHfL2+cF6X2\nyK+1zYtl8byiMdLmSQ==\n", - "iv": "whutD4hY4htiEePI\n", - "auth_tag": "EF19h8haFSNHsOM/oVkcRQ==\n", + "encrypted_data": "UnarSxLUWt9JUUxRH7yeeA1VKOvePwwCCPO1Vi0F6hl/1P8HOxpGp2O1a/1R\nC78KVFfi9vmLa2Gwlw==\n", + "iv": "C25lCAZeEiki0Ruq\n", + "auth_tag": "XhtL3J79PpltMLs6Y2xg9A==\n", "version": 3, "cipher": "aes-256-gcm" }, "vapid_public_key": { - "encrypted_data": "dw1LEyE/hksxM+H0ExgIWXgrhFYzFo/dmps4/ct8mG2Se0ukYJ7OI5uJYI1E\nUaaZ+feqK2nic0GsnkaY++SI4Us+RNGoOu0J67CWooy8KIVdGGmxHx/rOI2L\n9S9zbo+8TE3KYBWrHa2jyw==\n", - "iv": "PaqtzI+RgtL/VeKE\n", - "auth_tag": "BPQcLAEWN4cPlrTylfwD/Q==\n", + "encrypted_data": "LU7E8wwKSrJLzsM1yDl6MO/SiVQ600NWpLhZFO+cb5jfHGoU4x0Zvo9zKVle\nG+SGzvm+OM14ld2MTbHCCtSkHuIR+tO2lrDg19gnQRmHRrf4A8Vbhl7nQ33E\ntwKjo2UUTSYQGGeNbSAOHw==\n", + "iv": "ppveJZXb2+nFHOwP\n", + "auth_tag": "ZcY9O5NCenlWrp4zS9uSjQ==\n", "version": 3, "cipher": "aes-256-gcm" }, "vapid_private_key": { - "encrypted_data": "Czly/hPyXa529rlxe3Ab3ea/Hg53iSW3Mpz1d8Aimuojih9GhWWFytY8YH9T\nwAINhXw7toST5o3LLjQjPkk=\n", - "iv": "XZeA6abV1Fi9Q3wm\n", - "auth_tag": "02zb8q+WDLj+mF+bJRWXxQ==\n", + "encrypted_data": "69aGVRJOA4MjErS5uB4HG4Y4vw4ch6t6xe0AFN1Ir5a6uC7JULy5pTWpht/k\n5KWSJgynjYH405bIompkTMo=\n", + "iv": "zofy6sRjLVO2q/XD\n", + "auth_tag": "f79xkUJpaoYhcCLqA7WURQ==\n", "version": 3, "cipher": "aes-256-gcm" } diff --git a/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb b/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb index 5f569ec..00db622 100644 --- a/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb +++ b/site-cookbooks/kosmos-hubot/recipes/botka_irc-libera-chat.rb @@ -17,7 +17,7 @@ include_recipe "kosmos-nodejs" include_recipe "kosmos-redis" application app_path do - data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name) + credentials = Chef::EncryptedDataBagItem.load('credentials', app_name) owner app_user group app_group @@ -63,11 +63,12 @@ application app_path do environment: { "HUBOT_LOG_LEVEL" => node.chef_environment == "development" ? "debug" : "info", "HUBOT_IRC_USESSL" => "true", - "HUBOT_IRC_SERVER" => "irc.libera.chat", - "HUBOT_IRC_PORT" => "6697", + "HUBOT_IRC_SERVER" => credentials["znc_host"], + "HUBOT_IRC_PORT" => credentials["znc_port"], "HUBOT_IRC_NICK" => "botka", - "HUBOT_IRC_NICKSERV_USERNAME" => "botka", - "HUBOT_IRC_NICKSERV_PASSWORD" => data_bag['nickserv_password'], + "HUBOT_IRC_USERNAME" => credentials['znc_user'], + "HUBOT_IRC_PASSWORD" => credentials['znc_password'], + "HUBOT_IRC_REALNAME" => "botka (kosmos)", "HUBOT_IRC_ROOMS" => "#kosmos,#kosmos-dev,#kosmos-random,#remotestorage,#hackerbeach,#unhosted,#sockethub,#mastodon", "HUBOT_IRC_UNFLOOD" => "100", "HUBOT_RSS_PRINTSUMMARY" => "false", @@ -78,13 +79,13 @@ application app_path do "HUBOT_AUTH_ADMIN" => "bkero,raucao", "HUBOT_HELP_REPLY_IN_PRIVATE" => "true", "RS_LOGGER_USER" => "kosmos@5apps.com", - "RS_LOGGER_TOKEN" => data_bag['rs_logger_token'], - "RS_LOGGER_SERVER_NAME" => "freenode", + "RS_LOGGER_TOKEN" => credentials['rs_logger_token'], + "RS_LOGGER_SERVER_NAME" => "irc.libera.chat", "RS_LOGGER_PUBLIC" => "true", - "GCM_API_KEY" => data_bag['gcm_api_key'], + "GCM_API_KEY" => credentials['gcm_api_key'], "VAPID_SUBJECT" => "https://kosmos.org", - "VAPID_PUBLIC_KEY" => data_bag['vapid_public_key'], - "VAPID_PRIVATE_KEY" => data_bag['vapid_private_key'] + "VAPID_PUBLIC_KEY" => credentials['vapid_public_key'], + "VAPID_PRIVATE_KEY" => credentials['vapid_private_key'] } ) notifies :run, "execute[systemctl daemon-reload]", :delayed