|
||
---|---|---|
.forgejo | ||
.github/workflows | ||
locales | ||
src | ||
.gitignore | ||
Cargo.lock | ||
Cargo.toml | ||
CHANGELOG.md | ||
cliff.toml | ||
DCO | ||
LICENSE | ||
README.md | ||
rust-toolchain.toml | ||
rustfmt.toml | ||
sumi.toml | ||
taplo.toml |
Forgejo Guardian
Simple Forgejo instance guardian, banning users and alerting admins based on certain regular expressions (regex)
Installation
You can let cargo build the binary for you, or build it yourself. You can also download the pre-built binaries from the releases page.
Build it
cargo-install
Tip
This will install the binary in
~/.cargo/bin/forgejo-guardian
. Make sure to add this directory to yourPATH
. If you want to update it, rerun the command.
cargo install --git https://git.4rs.nl/awiteb/forgejo-guardian
cargo-install
(from source)
Tip
Then when you want to update it, pull the changes and run
cargo install --path .
again.
git clone https://git.4rs.nl/awiteb/forgejo-guardian
cd forgejo-guardian
cargo install --path .
Build (from source)
Tip
The binary will be in
./target/release/forgejo-guardian
.
git clone https://git.4rs.nl/awiteb/forgejo-guardian
cd forgejo-guardian
cargo build --release
Configuration
We use TOML
format for configuration, the default configuration file is /app/forgejo-guardian.toml
, but you can specify a different one with FORGEJO_GUARDIAN_CONFIG
environment variable.
Structure
In our configuration file you can have the following sections and the global section:
forgejo
: Forgejo instance configurationexpressions
: Regular expressions to match againsttelegram
: Telegram bot configuration
Global section
The global section is the one that doesn't have a name, and it's in the top of the configuration file, with the following fields:
dry_run
: If set totrue
, the guardian will not ban the users, but will only alert the admins (default:false
)only_new_users
: If set totrue
, the guardian will only check the new users, and not the existing ones (default:false
)
forgejo
Forgejo configuration section, with the following fields:
instance_url
: Forgejo instance URL (must be HTTPS or HTTP)token
: Token to use to get the new users and ban them, requiresread:admin
andwrite:admin
scopes.
[forgejo]
instance_url = "https://forgejo.example"
token = "your-token"
expressions
Expressions configuration section, with the following fields:
ban
: Regular expressions to match against to ban the usersus
: Regular expressions to match against to alert the admins
ban
and sus
are tables, and each one have the following fields:
usernames
: Regular expressions to match against the usernamesfull_names
: Regular expressions to match against the full namesbiographies
: Regular expressions to match against the biographiesemails
: Regular expressions to match against the emailswebsites
: Regular expressions to match against the websiteslocations
: Regular expressions to match against the locations
Each field is an array of regular expressions, the regular expression can be one of the following:
- String: The regular expression itself
- Table: The regular expression and the reason, with the following fields:
re
(string, array of string): The regular expression (if it's an array of strings, all regex in that array should match to ban/sus the user)reason
(optional string): The reason to ban/sus the user. This will be used in the notification message.
[expressions.ban]
usernames = ['^admin.*$']
websites = ['^https://example\.com$', { re = '^https://example2\.com$', reason = "Example 2 is not allowed" }, '^https://example3\.com$']
[expressions.sus]
usernames = ['^mod.*$']
telegram
Telegram bot configuration section, with the following fields:
token
: Telegram bot tokenchat
: Chat ID to send the alerts to (Can be a group or a channel or a user)ban_alert
: Send a notification when a user is banned (default:false
)lang
: Language to use for the alerts (Currently onlyar-sa
,en-us
andru-ru
are supported)
[telegram]
token = "your-token"
chat = 00000000000
lang = "en-us"
Running the guardian
After you have the configuration file ready, you can run the guardian with the following command:
FORGEJO_GUARDIAN_CONFIG=/path/to/your/config.toml forgejo-guardian
You can remove the FORGEJO_GUARDIAN_CONFIG
environment variable from the command if it's already set, or the file in the default location /app/forgejo-guardian.toml
.
Adding a new language
If you would like to contribute by adding a new language, you can do that by adding your language file in the locales
directory, and then add it to Lang
enum in src/telegram_bot/mod.rs
file. Then you can use it in the configuration file.
License
This project is licensed under the AGPL-3.0-or-later license.