try to do proper markdown in README
The gogs markdown parser didn't like how I did code blocks, so trying something else.
This commit is contained in:
sceox
parent
97bd5b000a
commit
d2a65b14a6
40
README.md
40
README.md
@ -1,40 +1,48 @@
|
||||
A simple anti-spam system for
|
||||
[question2answer](https://www.question2answer.org/qa/), using [the
|
||||
stopforumspam API](https://www.stopforumspam.com/usage) and
|
||||
[ufw](https://launchpad.net/ufw).
|
||||
stopforumspam API](https://www.stopforumspam.com/usage) and system firewall
|
||||
([pf](https://www.openbsd.org/faq/pf/filter.html) or
|
||||
[ufw](https://launchpad.net/ufw)).
|
||||
|
||||
To deploy:
|
||||
|
||||
* modify the configuration variables in the scripts
|
||||
* copy the scripts to `/usr/local/bin`
|
||||
* create the user
|
||||
1. Modify the configuration variables in the scripts as neede.
|
||||
|
||||
2. Copy the scripts to `/usr/local/bin` (requires root):
|
||||
|
||||
install -m 755 -o root -g bin forumspam.sh /usr/local/bin/forumspam.sh
|
||||
install -m 755 -o root -g bin q2a_usercheck.sh /usr/local/bin/q2a_usercheck.sh
|
||||
|
||||
3. Create the user the scripts will run as:
|
||||
|
||||
useradd -s /sbin/nologin _forumspam
|
||||
|
||||
* if using `pf`:
|
||||
* create appropriate permissions for the file:
|
||||
4. If using `pf`:
|
||||
|
||||
Create appropriate permissions for the file:
|
||||
|
||||
install -m 640 -o _forumspam -g wheel /dev/null /etc/pf-forumspam.txt
|
||||
|
||||
* add the following to `/etc/pf.conf`, preferably high up in the ruleset:
|
||||
Add the following to `/etc/pf.conf`, preferably high up in the ruleset:
|
||||
|
||||
table <forumspam> persist file "/etc/pf-forumspam.txt"
|
||||
block in quick on egress from <forumspam>
|
||||
block out quick on egress to <forumspam>
|
||||
|
||||
* set up sudo or doas:
|
||||
* for doas:
|
||||
* add the following to `/etc/doas.conf`:
|
||||
5. Give the `forumspam` user restrictive sudo or doas permissions:
|
||||
|
||||
If using doas, add the following to `/etc/doas.conf`:
|
||||
|
||||
permit nopass _forumspam cmd pfctl args -nf /etc/pf.conf
|
||||
permit nopass _forumspam cmd pfctl args -t forumspam -T replace -f /etc/pf-forumspam.txt
|
||||
|
||||
* for sudo:
|
||||
* add to your sudo config file:
|
||||
`Cmnd_Alias FIREWALL = /usr/sbin/ufw, /sbin/iptables`
|
||||
and `_forumspam ALL = NOPASSWD: FIREWALL`
|
||||
If using sudo, add to your sudo config file:
|
||||
|
||||
* register `q2a_usercheck.sh` as a systemd unit or rc script
|
||||
_forumspam ALL = NOPASSWD: /usr/sbin/ufw
|
||||
|
||||
Note: the path to `ufw` may be different depending on your linux distribution.
|
||||
|
||||
6. Register `q2a_usercheck.sh` as a systemd unit or rc script.
|
||||
|
||||
TODO:
|
||||
* also check against [botscout](http://botscout.com/api.htm)
|
||||
|
||||
Reference in New Issue
Block a user