slack_log.org

Initial setup

apt-get install python-virtualenv python-pip npm

adduser --system --disabled-password --shell /bin/bash --gecos "slack log bot" --group --home /var/slackbot slackbot

As slackbot

Install the bot, use a python virtual environment to shield its dependencies from interference.

virtualenv venv
source venv/bin/activate
git clone https://bitbucket.org/ul/slack-archivist.git
cd slack-archivist
pip install -r requirements.txt

Configure the bot (config file)

DEBUG: True

SLACK_TOKEN: "<token>"
HUMAN_SLACK_TOKEN: ""

IGNORE_CHANNELS: ["clojureladies"]

LOGFILE: /var/slackbot/slackbot.log

A script to run the bot

#!/bin/bash
source /var/slackbot/venv/bin/activate
cd /var/slackbot/slack-archivist/
exec python2.7 rtmbot.py

Which we start at startup with Systemd.

[Unit]
Description=Slack bot
After=network.target

[Service]
WorkingDirectory=/var/slackbot
ExecStart=/var/slackbot/bin/run-rtmbot.sh
User=slackbot
Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target

This bit we’re not doing yet, since we don’t have an API token. Get the bot to join channels.

python2.7 cli.py invite ul logbot

We generate sitemaps with some node thing

npm install sitemap-static

We will need some scripts to run from Cron

Generate the static HTML pages

#!/bin/bash
cd /var/slackbot/slack-archivist
source /var/slackbot/venv/bin/activate
python2.7 cli.py export /var/slackbot/public/

Push backups to Github:

rsync -avz /var/slackbot/public/ /var/slackbot/backups/public
cd /var/slackbot/backups
git add -A
git commit -m `date +%Y%m%d-%H%M%S`
git push origin master

Set up cron jobs to generate the HTML, generate a sitemap, and backup logs and HTML to Github.

0,30  * * * * slackbot /var/slackbot/bin/generate-static-html
5,35  * * * * slackbot nodejs /var/slackbot/node_modules/sitemap-static/bin/index.js --prefix=http://clojurians-log.clojureverse.org/ . > /var/slackbot/public/sitemap.xml
15,45 * * * * slackbot /var/slackbot/bin/backup-logs

We also need a Github repo, add the key of slackbot to Github, and

git clone  git@github.com:plexus/clojurians-log.git

For https access we use let’s encrypt. Make sure nginx is set up to serve static pages on all these domains.

git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto certonly --email arne.brasseur@gmail.com -d clojurians-log.clojureverse.org --webroot --webroot-path /var/slackbot/public

And we need this one as well, this takes a looong time.

openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096

/root@clojurians-log.clojureverse.org:/etc/nginx/sites-available/default

# Use this while generating certificates
#
# server {
#     listen 80;
#     server_name clojurians-log.clojureverse.org www.clojurians-log.clojureverse.org clojurians-log.clojureverse.org;
#     location / {
#       alias /var/slackbot/public/;
#     }
# }

server {
    listen 80;
    server_name clojurians-log.mantike.pro clojurians-log.clojureverse.org;
    return 301 https://$host$request_uri;
}

server {
    listen 443;
    server_name clojurians-log.mantike.pro clojurians-log.clojureverse.org;

    ssl_certificate      /etc/letsencrypt/live/clojurians-log.clojureverse.org/fullchain.pem;
    ssl_certificate_key  /etc/letsencrypt/live/clojurians-log.clojureverse.org/privkey.pem;

    ssl on;
    ssl_prefer_server_ciphers  on;
    ssl_session_timeout 180m;
    ssl_session_cache builtin:1000  shared:SSL:10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'AES256+EECDH:AES256+EDH';
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    add_header Strict-Transport-Security 'max-age=31536000';

    location / {
      alias /var/slackbot/public/;
    }
}