en:tecdoc:abusenotif

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
en:tecdoc:abusenotif [2021/03/17 16:13]
jomat created 		en:tecdoc:abusenotif [2021/08/22 10:04] (current)
jomat [Content Reports]
Line 2: Line 2:
  
 <code - nginx.conf> <code - nginx.conf>
- location /_matrix/client/r0/register { +        location ~ ^/_matrix/client/(r0|unstable)/register
-                #limit_req zone=limitregister burst=5; + proxy_pass http://127.0.0.1:8008;
- client_max_body_size 100M; +
- client_body_buffer_size 100M; +
- +
- proxy_pass  http://127.0.0.1:8008;+
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header Host     $host; + proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr; +
-                proxy_set_header X-Forwarded-Proto $scheme; +
-                proxy_set_header X-Forwarded-Ssl on; +
-                proxy_set_header X-SSL 1;                +
                 body_filter_by_lua_block {                 body_filter_by_lua_block {
                   local proc = io.popen('/usr/local/bin/matrix_user_registered ' .. ngx.var.remote_addr,'w')                   local proc = io.popen('/usr/local/bin/matrix_user_registered ' .. ngx.var.remote_addr,'w')
Line 25: Line 17:
 #!/usr/bin/zsh #!/usr/bin/zsh
  
 +# access token of @abuse:…
 AT='MDMA...' AT='MDMA...'
 +# admin room to send notifications to
 ROOM='!x1y2z3:example.com' ROOM='!x1y2z3:example.com'
-IP=$1+# ip of the new user, with gdpr redaction to /24 
 +IP=`echo $1|cut -d. -f1-3`.0 
 + 
 +#read stdin
 SI=`/bin/cat` SI=`/bin/cat`
-echo `date` $SI >> /tmp/newuserlog+#try to retrieve new user id
 U=`echo $SI|jq -r .user_id` U=`echo $SI|jq -r .user_id`
  
Line 35: Line 32:
 [ "null" = "$U" ] && exit 0 [ "null" = "$U" ] && exit 0
  
 +# send notification
 curl -X PUT "https://asra.gr/_matrix/client/r0/rooms/${ROOM}/send/m.room.message/"`uuid -m -F SIV`"?access_token=${AT}" -H  "accept: application/json" -H  "Content-Type: application/json" -d " \"body\": \"@room New user registered: ${U} from ${IP}\",  \"msgtype\": \"m.text\"}" >> /tmp/reguser.txt 2>> /tmp/reguser.txt curl -X PUT "https://asra.gr/_matrix/client/r0/rooms/${ROOM}/send/m.room.message/"`uuid -m -F SIV`"?access_token=${AT}" -H  "accept: application/json" -H  "Content-Type: application/json" -d " \"body\": \"@room New user registered: ${U} from ${IP}\",  \"msgtype\": \"m.text\"}" >> /tmp/reguser.txt 2>> /tmp/reguser.txt
 +</code>
 +
 +====== Content Reports ======
 +<code - nginx.conf>
 + location ~ ^/_matrix/client/(r0|unstable)/rooms/.*/report/ {
 + proxy_pass http://127.0.0.1:8008;
 +                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 + proxy_set_header Host $host;             
 + rewrite_by_lua '
 +                  if ngx.var.request_method == "POST" then
 +                    os.execute("/usr/local/bin/matrix_event_reported")
 +                  end
 +                ';
 + }
 +</code>
 +
 +<code - /usr/local/bin/matrix_event_reported>
 +#!/bin/sh
 +
 +AT='MDMA...'
 +ROOM='!x1y2z3:example.com'
 +
 +# log abuse reports
 +echo date $* >> /tmp/report.log 
 +
 +# TODO: abuse reports should be forwarded to appropriate admins or
 +#       abuse contacts. since some servers don't implement MSC 1929
 +#       an idea is to implement a semi automatic filled db of some kind
 +#https://asra.gr/.well-known/matrix/support
 +# abuse@matrix.org: https://matrix.to/#/!OGEhHVWSdvArJzumhm:matrix.org/$3CNYJIakytzbO6qI4eR8JmCVJUMUUm57YmjJJIOR-ic
 +
 +curl -X PUT "https://asra.gr/_matrix/client/r0/rooms/${ROOM}/send/m.room.message/"`uuid -m -F SIV`"?access_token=${AT}" -H  "accept: application/json" -H  "Content-Type: application/json" -d " \"body\": \"@room there was a event reported\",  \"msgtype\": \"m.text\"}"
 </code> </code>
  • en/tecdoc/abusenotif.1615997625.txt.gz
  • Last modified: 2021/03/17 16:13
  • by jomat