en:tecdoc:abusenotif [ARG!]

Link to this comparison view

--- en:tecdoc:abusenotif [2021/03/17 16:18]
jomat
+++ en:tecdoc:abusenotif [2021/08/22 10:04] (current)
jomat [Content Reports]
@@ Line 2: / Line 2: @@
 <code - nginx.conf>
-	location = /_matrix/client/r0/register {
+        location ~ ^/_matrix/client/(r0|unstable)/register$ {
-                #limit_req zone=limitregister burst=5;
+		proxy_pass http://127.0.0.1:8008;
-		client_max_body_size 100M;
-		client_body_buffer_size 100M;
-		proxy_pass	 http://127.0.0.1:8008;
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-		proxy_set_header Host	    $host;
+		proxy_set_header Host $host;
-		proxy_set_header X-Real-IP $remote_addr;
-                proxy_set_header X-Forwarded-Proto $scheme;
-                proxy_set_header X-Forwarded-Ssl on;
-                proxy_set_header X-SSL 1;
                 body_filter_by_lua_block {
                   local proc = io.popen('/usr/local/bin/matrix_user_registered ' .. ngx.var.remote_addr,'w')
@@ Line 25: / Line 17: @@
 #!/usr/bin/zsh
+# access token of @abuse:…
 AT='MDMA...'
+# admin room to send notifications to
 ROOM='!x1y2z3:example.com'
-IP=$1
+# ip of the new user, with gdpr redaction to /24
+IP=`echo $1|cut -d. -f1-3`.0
+#read stdin
 SI=`/bin/cat`
-echo `date` $SI >> /tmp/newuserlog
+#try to retrieve new user id
 U=`echo $SI|jq -r .user_id`
@@ Line 35: / Line 32: @@
 [ "null" = "$U" ] && exit 0
+# send notification
 curl -X PUT "https://asra.gr/_matrix/client/r0/rooms/${ROOM}/send/m.room.message/"`uuid -m -F SIV`"?access_token=${AT}" -H  "accept: application/json" -H  "Content-Type: application/json" -d "{  \"body\": \"@room New user registered: ${U} from ${IP}\",  \"msgtype\": \"m.text\"}" >> /tmp/reguser.txt 2>> /tmp/reguser.txt
 </code>
@@ Line 40: / Line 38: @@
 ====== Content Reports ======
 <code - nginx.conf>
-	location ~ /_matrix/client/r0/rooms/.*/report/.* {
+	location ~ ^/_matrix/client/(r0|unstable)/rooms/.*/report/ {
-		client_max_body_size 100M;
+		proxy_pass http://127.0.0.1:8008;
-		client_body_buffer_size 100M;
-		proxy_pass	 http://127.0.0.1:8008;
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-		proxy_set_header Host	    $host;
+		proxy_set_header Host $host;
-		proxy_set_header X-Real-IP $remote_addr;
-                proxy_set_header X-Forwarded-Proto $scheme;
-                proxy_set_header X-Forwarded-Ssl on;
-                proxy_set_header X-SSL 1;
 		rewrite_by_lua '
                   if ngx.var.request_method == "POST" then
@@ Line 65: / Line 56: @@
 ROOM='!x1y2z3:example.com'
+# log abuse reports
 echo date $* >> /tmp/report.log
+# TODO: abuse reports should be forwarded to appropriate admins or
+#       abuse contacts. since some servers don't implement MSC 1929
+#       an idea is to implement a semi automatic filled db of some kind
 #https://asra.gr/.well-known/matrix/support
 # abuse@matrix.org: https://matrix.to/#/!OGEhHVWSdvArJzumhm:matrix.org/$3CNYJIakytzbO6qI4eR8JmCVJUMUUm57YmjJJIOR-ic