From da23d6864d384167026ce4a690b16694839c2b65 Mon Sep 17 00:00:00 2001 From: Nico Jensch Date: Sun, 13 Aug 2023 17:14:57 +0200 Subject: [PATCH] Add configuration of OAUTH/Telegram notifications via Docker environment variables --- Dockerfile | 8 ++++++++ docker/entrypoint.sh | 28 ++++++++++++++++++++++++++++ docs/faq.rst | 12 ++++++++++-- 3 files changed, 46 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3ea34628..4e1df0b0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,12 +6,20 @@ ENV AHRIMAN_DEBUG="" ENV AHRIMAN_FORCE_ROOT="" ENV AHRIMAN_HOST="0.0.0.0" ENV AHRIMAN_MULTILIB="yes" +ENV AHRIMAN_OAUTH_CLIENT_ID="" +ENV AHRIMAN_OAUTH_CLIENT_SECRET="" +ENV AHRIMAN_OAUTH_ENABLE="" +ENV AHRIMAN_OAUTH_PROVIDER="" +ENV AHRIMAN_OAUTH_SCOPE="" ENV AHRIMAN_OUTPUT="" ENV AHRIMAN_PACKAGER="ahriman bot " ENV AHRIMAN_PACMAN_MIRROR="" ENV AHRIMAN_PORT="" +ENV AHRIMAN_REPORT_TELEGRAM="" ENV AHRIMAN_REPOSITORY="aur-clone" ENV AHRIMAN_REPOSITORY_ROOT="/var/lib/ahriman/ahriman" +ENV AHRIMAN_TELEGRAM_API_KEY="" +ENV AHRIMAN_TELEGRAM_CHAT_ID="" ENV AHRIMAN_UNIX_SOCKET="" ENV AHRIMAN_USER="ahriman" ENV AHRIMAN_VALIDATE_CONFIGURATION="yes" diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 53d5f984..eb8a8934 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -16,6 +16,34 @@ host = $AHRIMAN_HOST EOF +# oauth configuration +[ -n "$AHRIMAN_OAUTH_ENABLE" ] && cat <"/etc/ahriman.ini.d/00-auth.ini" +[auth] +target = oath + +[oath] +client_id = $AHRIMAN_OAUTH_CLIENT_ID +client_secret = $AHRIMAN_OAUTH_CLIENT_SECRET +oauth_provider = $AHRIMAN_OAUTH_PROVIDER +oauth_scopes = $AHRIMAN_OAUTH_SCOPE + +EOF + +# telegram report configuration +[ -n "$AHRIMAN_REPORT_TELEGRAM" ] && cat <"/etc/ahriman.ini.d/00-telegram.ini" +[report] +target = console telegram + +[console] +use_utf = yes + +[telegram] +api_key = $AHRIMAN_TELEGRAM_API_KEY +chat_id = $AHRIMAN_TELEGRAM_CHAT_ID +template_path = /usr/share/ahriman/templates/telegram-index.jinja2 + +EOF + AHRIMAN_DEFAULT_ARGS=("--architecture" "$AHRIMAN_ARCHITECTURE") if [ -n "$AHRIMAN_OUTPUT" ]; then AHRIMAN_DEFAULT_ARGS+=("--log-handler" "$AHRIMAN_OUTPUT") diff --git a/docs/faq.rst b/docs/faq.rst index a52ce94a..97a4e376 100644 --- a/docs/faq.rst +++ b/docs/faq.rst @@ -391,15 +391,23 @@ The following environment variables are supported: * ``AHRIMAN_FORCE_ROOT`` - force run ahriman as root instead of guessing by subcommand. * ``AHRIMAN_HOST`` - host for the web interface, default is ``0.0.0.0``. * ``AHRIMAN_MULTILIB`` - if set (default) multilib repository will be used, disabled otherwise. +* ``AHRIMAN_OAUTH_CLIENT_ID`` - OAUTH client ID. +* ``AHRIMAN_OAUTH_CLIENT_SECRET`` - OAUTH client secret. +* ``AHRIMAN_OAUTH_ENABLE`` - enable configuration of OAUTH, needs all other ``_OAUTH_`` variables to be set as well. +* ``AHRIMAN_OAUTH_PROVIDER`` - OAUTH provider, defaults to ``GithubClient``. +* ``AHRIMAN_OAUTH_SCOPE`` - Scope to be used by OAUTH provider. * ``AHRIMAN_OUTPUT`` - controls logging handler, e.g. ``syslog``, ``console``. The name must be found in logging configuration. Note that if ``syslog`` handler is used you will need to mount ``/dev/log`` inside container because it is not available there. * ``AHRIMAN_PACKAGER`` - packager name from which packages will be built, default is ``ahriman bot ``. * ``AHRIMAN_PACMAN_MIRROR`` - override pacman mirror server if set. * ``AHRIMAN_PORT`` - HTTP server port if any, default is empty. -* ``AHRIMAN_REPOSITORY`` - repository name, default is ``aur-clone``. +* ``AHRIMAN_REPORT_TELEGRAM`` - posts update notifications to Telegram channels if enabled. Needs to be supplied with secrets as well. * ``AHRIMAN_REPOSITORY_ROOT`` - repository root. Because of filesystem rights it is required to override default repository root. By default, it uses ``ahriman`` directory inside ahriman's home, which can be passed as mount volume. +* ``AHRIMAN_REPOSITORY`` - repository name, default is ``aur-clone``. +* ``AHRIMAN_TELEGRAM_API_KEY`` - sets Telegram API key obtained by botfather. +* ``AHRIMAN_TELEGRAM_CHAT_ID`` - where to post notifications in Telegram. * ``AHRIMAN_UNIX_SOCKET`` - full path to unix socket which is used by web server, default is empty. Note that more likely you would like to put it inside ``AHRIMAN_REPOSITORY_ROOT`` directory (e.g. ``/var/lib/ahriman/ahriman/ahriman-web.sock``) or to ``/tmp``. * ``AHRIMAN_USER`` - ahriman user, usually must not be overwritten, default is ``ahriman``. -* ``AHRIMAN_VALIDATE_CONFIGURATION`` - if set validate service configuration +* ``AHRIMAN_VALIDATE_CONFIGURATION`` - if set validate service configuration. You can pass any of these variables by using ``-e`` argument, e.g.: