readme: various smaller changes
+ add automatic ejabberd config reload option to the example
This commit is contained in:
parent
68300f2b99
commit
c227b55828
33
README.md
33
README.md
|
@ -1,11 +1,11 @@
|
||||||
## bl-imp - the JabberSpam bl(acklist) imp(orter)
|
## bl-imp - the JabberSpam bl(acklist) imp(orter)
|
||||||
|
|
||||||
### precursor
|
### precursor
|
||||||
Please be warned that at this point the JabberSpam blacklist is the only list that will be utilized. It is planed to
|
Please be warned that at this point the JabberSpam blacklist is the only list that will be used. It is planed to open up
|
||||||
open up the tool to also import other lists in the future.
|
the tool to also import other lists in the future.
|
||||||
|
|
||||||
### install
|
### install
|
||||||
The tool can be installed easily via that Python package installer (pip). After that the local wrapper `/usr/bin/bl-imp`
|
The tool can be installed easily via that Python package Index (pip). After that the local wrapper `/usr/bin/bl-imp`
|
||||||
can be called to use the module.
|
can be called to use the module.
|
||||||
```bash
|
```bash
|
||||||
pip install bl-imp
|
pip install bl-imp
|
||||||
|
@ -34,7 +34,7 @@ no outfile assigned
|
||||||
Running `bl-imp` with `-dr` or `--dry-run` as argument will cause the tool to only output the aggregated yaml file to
|
Running `bl-imp` with `-dr` or `--dry-run` as argument will cause the tool to only output the aggregated yaml file to
|
||||||
stdout. Except the local etag and cache file no file is written to disk.
|
stdout. Except the local etag and cache file no file is written to disk.
|
||||||
|
|
||||||
```bash
|
```bashinstaller
|
||||||
$ /usr/bin/bl-imp --dry-run
|
$ /usr/bin/bl-imp --dry-run
|
||||||
outfile selected: None
|
outfile selected: None
|
||||||
acl:
|
acl:
|
||||||
|
@ -49,20 +49,20 @@ Adding the `outfile` argument while omitting the dry run argument runs the tools
|
||||||
|
|
||||||
### ejabberd configuration
|
### ejabberd configuration
|
||||||
To fully utilize the tool some configuration changes are required.
|
To fully utilize the tool some configuration changes are required.
|
||||||
It is required that the tool is the only one editing the defined yml file. It is required because any local change not
|
Firstly it is necessary that `bl-imp` is the only one editing the defined yml file, because any local change not
|
||||||
present in the remote list will be overwritten automatically.
|
present in the remote list will be overwritten automatically. Furthermore it is necessary for the file to be separate
|
||||||
Furthermore it is necessary for the file to be separate from the "main" ejabberd configuration file e.g `ejabberd.yml`.
|
from the "main" ejabberd configuration e.g `ejabberd.yml`. To further protect the integrity of your config the
|
||||||
To further protect the integrity of your config the `allow_only` sections defines only `acl` rules.
|
`allow_only` argument restricts the external file to only allow for `acl` rules.
|
||||||
|
|
||||||
#### ejabberd acl config
|
#### ejabberd acl config
|
||||||
```yaml
|
```yaml
|
||||||
## ACL section
|
## acl
|
||||||
include_config_file:
|
include_config_file:
|
||||||
"/etc/ejabberd/blacklist.yml": <-- the path is completely user configurable
|
"/etc/ejabberd/blacklist.yml": ⟵ the path is completely user configurable
|
||||||
allow_only: <-- these two lines are optional but recommended
|
allow_only: ⟵ these two lines are optional but recommended
|
||||||
- acl └─ to prevent potentially malicious acls to not incluse anthing but ACL rules
|
- acl └─ to prevent potentially malicious acls to not incluse anthing but ACL rules
|
||||||
|
|
||||||
## Access Rules
|
## access rules
|
||||||
access_rules:
|
access_rules:
|
||||||
s2s_access:
|
s2s_access:
|
||||||
- deny: spamblacklist
|
- deny: spamblacklist
|
||||||
|
@ -70,15 +70,14 @@ access_rules:
|
||||||
```
|
```
|
||||||
|
|
||||||
### automation
|
### automation
|
||||||
The tools is meant to be deployed in an automatic fashion. It is build to operate silently without interrupting the
|
The tool is meant to be used in an automatic fashion. It is build to operate silently without any user interaction.
|
||||||
ejabberd server.
|
|
||||||
|
|
||||||
For example the script could be run every day at 00:01 to automatically add and remove affected servers from the local
|
For example the script could be run every day at 00:01 to automatically add/ remove affected servers from the local
|
||||||
blacklist.
|
blacklist and reload the configuration if the first task finished successfully.
|
||||||
|
|
||||||
```cron
|
```cron
|
||||||
# jabber blacklist update
|
# jabber blacklist update
|
||||||
|
|
||||||
# the outfile here is configured with the shortflag -o instead of the long form
|
# the outfile here is configured with the shortflag -o instead of the long form
|
||||||
1 0 * * * /usr/bin/bl-imp -o /etc/ejabberd/config/blacklist.yml
|
1 0 * * * /usr/bin/bl-imp -o /etc/ejabberd/config/blacklist.yml && /usr/bin/ejabberdctl reload_config
|
||||||
```
|
```
|
||||||
|
|
Loading…
Reference in New Issue