mirror of
https://github.com/octoleo/telegram-bot-bash.git
synced 2024-05-29 16:30:52 +00:00
dev: generate README.txt from README.html
This commit is contained in:
parent
04e3c18cc4
commit
da214ab819
22
README.html
22
README.html
|
@ -316,10 +316,10 @@ Written by Drew (@topkecleon) and Kay M (@gnadelwartz).
|
||||||
<pre><code>/start
|
<pre><code>/start
|
||||||
|
|
||||||
You are Botadmin
|
You are Botadmin
|
||||||
*Available commands*:
|
Available commands:
|
||||||
*• /start*: _Start bot and get this message_.
|
/start: _Start bot and get this message_.
|
||||||
*• /help*: _Get this message_.
|
/help: _Get this message_.
|
||||||
*• /info*: _Get shorter info message about this bot_....
|
/info: _Get shorter info message about this bot_....
|
||||||
|
|
||||||
/info
|
/info
|
||||||
|
|
||||||
|
@ -329,12 +329,12 @@ It features background tasks and interactive chats, and can serve as an interfac
|
||||||
<h3>Log files</h3>
|
<h3>Log files</h3>
|
||||||
<p>Bashbot actions are logged to <code>BASHBOT.log</code>. Telegram send/receive errors are logged to <code>ERROR.log</code>. Start bashbot in debug mode to see all messages sent to / received from Telegram, as well as bash command error messages.</p>
|
<p>Bashbot actions are logged to <code>BASHBOT.log</code>. Telegram send/receive errors are logged to <code>ERROR.log</code>. Start bashbot in debug mode to see all messages sent to / received from Telegram, as well as bash command error messages.</p>
|
||||||
<p>To enable debug mode, start bashbot with debug as third argument: <code>bashbot start debug</code></p>
|
<p>To enable debug mode, start bashbot with debug as third argument: <code>bashbot start debug</code></p>
|
||||||
<pre><code>├── logs
|
<pre><code>|__ logs
|
||||||
│ ├── BASHBOT.log # log what your bot is doing ...
|
| |__ BASHBOT.log # log what your bot is doing ...
|
||||||
│ ├── ERROR.log # connection errors from / to Telegram API
|
| |__ ERROR.log # connection errors from / to Telegram API
|
||||||
│ │
|
| |
|
||||||
│ ├── DEBUG.log # stdout/stderr of you bot (debug mode enabled)
|
| |__ DEBUG.log # stdout/stderr of you bot (debug mode enabled)
|
||||||
│ └── MESSAGE.log # full text of all message send/received (debug mode enabled)</code></pre>
|
| |__ MESSAGE.log # full text of all message send/received (debug mode enabled)</code></pre>
|
||||||
<hr />
|
<hr />
|
||||||
<h2>Security Considerations</h2>
|
<h2>Security Considerations</h2>
|
||||||
<p>Running a Telegram Bot means it is connected to the public and you never know what's send to your Bot.</p>
|
<p>Running a Telegram Bot means it is connected to the public and you never know what's send to your Bot.</p>
|
||||||
|
@ -390,6 +390,6 @@ It features background tasks and interactive chats, and can serve as an interfac
|
||||||
<p>@Gnadelwartz</p>
|
<p>@Gnadelwartz</p>
|
||||||
<h2>That's it all guys!</h2>
|
<h2>That's it all guys!</h2>
|
||||||
<p>If you feel that there's something missing or if you found a bug, feel free to submit a pull request!</p>
|
<p>If you feel that there's something missing or if you found a bug, feel free to submit a pull request!</p>
|
||||||
<h4>$$VERSION$$ v1.21-0-gc85af77</h4>
|
<h4>$$VERSION$$ v1.25-dev-33-g04e3c18</h4>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
22
README.md
22
README.md
|
@ -104,10 +104,10 @@ Now open the Telegram App on your mobile phone and start a chat with your bot (_
|
||||||
/start
|
/start
|
||||||
|
|
||||||
You are Botadmin
|
You are Botadmin
|
||||||
*Available commands*:
|
Available commands:
|
||||||
*• /start*: _Start bot and get this message_.
|
/start: _Start bot and get this message_.
|
||||||
*• /help*: _Get this message_.
|
/help: _Get this message_.
|
||||||
*• /info*: _Get shorter info message about this bot_....
|
/info: _Get shorter info message about this bot_....
|
||||||
|
|
||||||
/info
|
/info
|
||||||
|
|
||||||
|
@ -124,12 +124,12 @@ Start bashbot in debug mode to see all messages sent to / received from Telegram
|
||||||
To enable debug mode, start bashbot with debug as third argument: `bashbot start debug`
|
To enable debug mode, start bashbot with debug as third argument: `bashbot start debug`
|
||||||
|
|
||||||
```
|
```
|
||||||
├── logs
|
|__ logs
|
||||||
│ ├── BASHBOT.log # log what your bot is doing ...
|
| |__ BASHBOT.log # log what your bot is doing ...
|
||||||
│ ├── ERROR.log # connection errors from / to Telegram API
|
| |__ ERROR.log # connection errors from / to Telegram API
|
||||||
│ │
|
| |
|
||||||
│ ├── DEBUG.log # stdout/stderr of you bot (debug mode enabled)
|
| |__ DEBUG.log # stdout/stderr of you bot (debug mode enabled)
|
||||||
│ └── MESSAGE.log # full text of all message send/received (debug mode enabled)
|
| |__ MESSAGE.log # full text of all message send/received (debug mode enabled)
|
||||||
```
|
```
|
||||||
|
|
||||||
----
|
----
|
||||||
|
@ -238,4 +238,4 @@ See `mycommnds.sh.dist` for an example.
|
||||||
|
|
||||||
If you feel that there's something missing or if you found a bug, feel free to submit a pull request!
|
If you feel that there's something missing or if you found a bug, feel free to submit a pull request!
|
||||||
|
|
||||||
#### $$VERSION$$ v1.21-0-gc85af77
|
#### $$VERSION$$ v1.25-dev-33-g04e3c18
|
||||||
|
|
506
README.txt
506
README.txt
|
@ -1,324 +1,284 @@
|
||||||
<h2><img align="middle"
|
|
||||||
src="https://raw.githubusercontent.com/odb/official-bash-logo/master/assets/Logo
|
|
||||||
s/Icons/PNG/64x64.png" >
|
|
||||||
Bashbot - A Telegram bot written in bash.
|
|
||||||
</h2>
|
|
||||||
|
Bashbot README
|
||||||
|
|
||||||
|
|
||||||
|
Bashbot - A Telegram bot written in bash.
|
||||||
|
|
||||||
Written by Drew (@topkecleon) and Kay M (@gnadelwartz).
|
Written by Drew (@topkecleon) and Kay M (@gnadelwartz).
|
||||||
|
Contributions by Daniil Gentili (@danog), JuanPotato, BigNerd95, TiagoDanin, iicc1 and
|
||||||
|
dcoomber.
|
||||||
|
Released to the public domain wherever applicable. Elsewhere, consider it released under
|
||||||
|
the WTFPLv2.
|
||||||
|
Linted by #ShellCheck
|
||||||
|
|
||||||
Contributions by Daniil Gentili (@danog), JuanPotato, BigNerd95, TiagoDanin,
|
Prerequisites
|
||||||
iicc1 and dcoomber.
|
|
||||||
|
|
||||||
Released to the public domain wherever applicable.
|
Uses JSON.sh and the magic of sed.
|
||||||
Elsewhere, consider it released under the
|
Bashbot is written in bash. It depends on commands typically available in a Linux/Unix
|
||||||
[WTFPLv2](http://www.wtfpl.net/txt/copying/).
|
Environment. For more concrete information on the common commands provided by recent
|
||||||
|
versions of coreutils, busybox or toybox, see Developer_Notes.
|
||||||
|
Note for MacOS and BSD Users: Bashbot will not run without installing additional software
|
||||||
|
as it uses modern bash and (gnu) grep/sed features. See Install_Bashbot.
|
||||||
|
Note for embedded systems: You need to install a "real" bash as the vanilla installation
|
||||||
|
of busybox or toybox is not sufficient. See Install_Bashbot.
|
||||||
|
Bashbot Documentation and Downloads are available on www.github.com.
|
||||||
|
|
||||||
Linted by [#ShellCheck](https://github.com/koalaman/shellcheck)
|
Documentation
|
||||||
|
|
||||||
## Prerequisites
|
|
||||||
Uses [JSON.sh](http://github.com/dominictarr/JSON.sh) and the magic of sed.
|
|
||||||
|
|
||||||
Bashbot is written in bash. It depends on commands typically available in a
|
* Introduction_to_Telegram_Bots
|
||||||
Linux/Unix Environment.
|
* Install_Bashbot
|
||||||
For more concrete information on the common commands provided by recent
|
|
||||||
versions of
|
|
||||||
[coreutils](https://en.wikipedia.org/wiki/List_of_GNU_Core_Utilities_commands),
|
|
||||||
[busybox](https://en.wikipedia.org/wiki/BusyBox#Commands) or
|
|
||||||
[toybox](https://landley.net/toybox/help.html), see [Developer
|
|
||||||
Notes](doc/7_develop.md#common-commands).
|
|
||||||
|
|
||||||
**Note for MacOS and BSD Users:** Bashbot will not run without installing
|
o Install release
|
||||||
additional software as it uses modern bash and (gnu) grep/sed features. See
|
o Install from github
|
||||||
[Install Bashbot](doc/0_install.md).
|
o Update Bashbot
|
||||||
|
o Notes on Updates
|
||||||
|
|
||||||
**Note for embedded systems:** You need to install a "real" bash as the vanilla
|
* Get_Bottoken_from_Botfather
|
||||||
installation of busybox or toybox is not sufficient. See [Install
|
* Getting_Started
|
||||||
Bashbot](doc/0_install.md).
|
|
||||||
|
|
||||||
Bashbot [Documentation](https://github.com/topkecleon/telegram-bot-bash) and
|
o Managing your Bot
|
||||||
[Downloads](https://github.com/topkecleon/telegram-bot-bash/releases) are
|
o Receive data
|
||||||
available on [www.github.com](https://www.github.com).
|
o Send messages
|
||||||
|
o Send files, locations, keyboards
|
||||||
|
|
||||||
## Documentation
|
* Advanced_Features
|
||||||
* [Introduction to Telegram Bots](https://core.telegram.org/bots)
|
|
||||||
* [Install Bashbot](doc/0_install.md)
|
|
||||||
* Install release
|
|
||||||
* Install from github
|
|
||||||
* Update Bashbot
|
|
||||||
* Notes on Updates
|
|
||||||
* [Get Bottoken from Botfather](doc/1_firstbot.md)
|
|
||||||
* [Getting Started](doc/2_usage.md)
|
|
||||||
* Managing your Bot
|
|
||||||
* Receive data
|
|
||||||
* Send messages
|
|
||||||
* Send files, locations, keyboards
|
|
||||||
* [Advanced Features](doc/3_advanced.md)
|
|
||||||
* Access Control
|
|
||||||
* Interactive Chats
|
|
||||||
* Background Jobs
|
|
||||||
* Inline queries
|
|
||||||
* Send message errors
|
|
||||||
* [Expert Use](doc/4_expert.md)
|
|
||||||
* Handling UTF-8 character sets
|
|
||||||
* Run as other user or system service
|
|
||||||
* Schedule bashbot from Cron
|
|
||||||
* Use from CLI and Scripts
|
|
||||||
* Customize Bashbot Environment
|
|
||||||
* [Best Practices](doc/5_practice.md)
|
|
||||||
* Customize mycommands.sh
|
|
||||||
* Overwrite/disable commands
|
|
||||||
* Separate logic from commands
|
|
||||||
* Test your Bot with shellcheck
|
|
||||||
* [Function Reference](doc/6_reference.md)
|
|
||||||
* Sending Messages, Files, Keyboards
|
|
||||||
* User Access Control
|
|
||||||
* Inline Queries
|
|
||||||
* jsshDB Bashbot key-value storage
|
|
||||||
* Background and Interactive Jobs
|
|
||||||
* [Developer Notes](doc/7_develop.md)
|
|
||||||
* Debug bashbot
|
|
||||||
* Modules, addons, events
|
|
||||||
* Setup your environment
|
|
||||||
* Bashbot test suite
|
|
||||||
* [Examples Directory](examples/README.md)
|
|
||||||
|
|
||||||
### Your very first bashbot in a nutshell
|
o Access Control
|
||||||
|
o Interactive Chats
|
||||||
|
o Background Jobs
|
||||||
|
o Inline queries
|
||||||
|
o Send message errors
|
||||||
|
|
||||||
To install and run bashbot you need access to a Linux/Unix command line with
|
* Expert_Use
|
||||||
bash, a [Telegram client](https://telegram.org) and a mobile phone [with a
|
|
||||||
Telegram account](https://telegramguide.com/create-a-telegram-account/).
|
|
||||||
|
|
||||||
First you need to [create a new Telegram Bot token](doc/1_firstbot.md) for your
|
o Handling UTF-8 character sets
|
||||||
bot and write it down.
|
o Run as other user or system service
|
||||||
|
o Schedule bashbot from Cron
|
||||||
|
o Use from CLI and Scripts
|
||||||
|
o Customize Bashbot Environment
|
||||||
|
|
||||||
Now open a Linux/Unix terminal with bash, create a new directory, change to it
|
* Best_Practices
|
||||||
and install telegram-bot-bash:
|
|
||||||
|
|
||||||
```bash
|
o Customize mycommands.sh
|
||||||
# create bot dir
|
o Overwrite/disable commands
|
||||||
mkdir mybot
|
o Separate logic from commands
|
||||||
cd mybot
|
o Test your Bot with shellcheck
|
||||||
|
|
||||||
# download latest release with wget or from
|
* Function_Reference
|
||||||
https://github.com/topkecleon/telegram-bot-bash/releases/latest
|
|
||||||
wget "https://github.com/$(wget -q
|
|
||||||
"https://github.com/topkecleon/telegram-bot-bash/releases/latest" -O - | egrep
|
|
||||||
'/.*/download/.*/.*tar.gz' -o)"
|
|
||||||
|
|
||||||
# Extract the tar archive and go into bot dir
|
o Sending Messages, Files, Keyboards
|
||||||
tar -xzf *.tar.gz
|
o User Access Control
|
||||||
cd telegram-bot-bash
|
o Inline Queries
|
||||||
|
o jsshDB Bashbot key-value storage
|
||||||
|
o Background and Interactive Jobs
|
||||||
|
|
||||||
# initialize your bot
|
* Developer_Notes
|
||||||
# Enter your bot token when asked, all other questions can be answered by
|
|
||||||
hitting the \<Return\> key.
|
|
||||||
./bashbot.sh init
|
|
||||||
|
|
||||||
# Now start your bot
|
o Debug bashbot
|
||||||
./bashbot.sh start
|
o Modules, addons, events
|
||||||
|
o Setup your environment
|
||||||
|
o Bashbot test suite
|
||||||
|
|
||||||
Bottoken is valid ...
|
* Examples_Directory
|
||||||
Bot Name: yourbotname_bot
|
|
||||||
Session Name: yourbotname_bot-startbot
|
|
||||||
Bot started successfully.
|
|
||||||
```
|
|
||||||
|
|
||||||
Now open the Telegram App on your mobile phone and start a chat with your bot
|
|
||||||
(_your bot's username is shown after 'Bot Name:'_):
|
|
||||||
|
|
||||||
```
|
Your very first bashbot in a nutshell
|
||||||
/start
|
|
||||||
|
|
||||||
You are Botadmin
|
To install and run bashbot you need access to a Linux/Unix command line with bash, a
|
||||||
*Available commands*:
|
Telegram_client and a mobile phone with_a_Telegram_account.
|
||||||
*• /start*: _Start bot and get this message_.
|
First you need to create_a_new_Telegram_Bot_token for your bot and write it down.
|
||||||
*• /help*: _Get this message_.
|
Now open a Linux/Unix terminal with bash, create a new directory, change to it and install
|
||||||
*• /info*: _Get shorter info message about this bot_....
|
telegram-bot-bash:
|
||||||
|
|
||||||
/info
|
# create bot dir
|
||||||
|
mkdir mybot
|
||||||
|
cd mybot
|
||||||
|
|
||||||
This is bashbot, the Telegram bot written entirely in bash.
|
# download latest release with wget or from https://github.com/topkecleon/telegram-bot-
|
||||||
It features background tasks and interactive chats, and can serve as an
|
bash/releases/latest
|
||||||
interface for CLI programs.
|
wget "https://github.com/$(wget -q "https://github.com/topkecleon/telegram-
|
||||||
```
|
bot-bash/releases/latest" -O - | egrep '/.*/download/.*/.*tar.gz' -o)"
|
||||||
For more Information on how to install, customize and use your new bot, read
|
|
||||||
the [Documentation](#Documentation).
|
|
||||||
|
|
||||||
### Log files
|
# Extract the tar archive and go into bot dir
|
||||||
|
tar -xzf *.tar.gz
|
||||||
|
cd telegram-bot-bash
|
||||||
|
|
||||||
Bashbot actions are logged to `BASHBOT.log`. Telegram send/receive errors are
|
# initialize your bot
|
||||||
logged to `ERROR.log`.
|
# Enter your bot token when asked, all other questions can be answered by hitting the
|
||||||
Start bashbot in debug mode to see all messages sent to / received from
|
\<Return\> key.
|
||||||
|
./bashbot.sh init
|
||||||
|
|
||||||
|
# Now start your bot
|
||||||
|
./bashbot.sh start
|
||||||
|
|
||||||
|
Bottoken is valid ...
|
||||||
|
Bot Name: yourbotname_bot
|
||||||
|
Session Name: yourbotname_bot-startbot
|
||||||
|
Bot started successfully.
|
||||||
|
|
||||||
|
Now open the Telegram App on your mobile phone and start a chat with your bot (your bot's
|
||||||
|
username is shown after 'Bot Name:'):
|
||||||
|
|
||||||
|
/start
|
||||||
|
|
||||||
|
You are Botadmin
|
||||||
|
Available commands:
|
||||||
|
/start: _Start bot and get this message_.
|
||||||
|
/help: _Get this message_.
|
||||||
|
/info: _Get shorter info message about this bot_....
|
||||||
|
|
||||||
|
/info
|
||||||
|
|
||||||
|
This is bashbot, the Telegram bot written entirely in bash.
|
||||||
|
It features background tasks and interactive chats, and can serve as an interface for
|
||||||
|
CLI programs.
|
||||||
|
|
||||||
|
For more Information on how to install, customize and use your new bot, read the
|
||||||
|
Documentation.
|
||||||
|
|
||||||
|
Log files
|
||||||
|
|
||||||
|
Bashbot actions are logged to BASHBOT.log. Telegram send/receive errors are logged to
|
||||||
|
ERROR.log. Start bashbot in debug mode to see all messages sent to / received from
|
||||||
Telegram, as well as bash command error messages.
|
Telegram, as well as bash command error messages.
|
||||||
|
To enable debug mode, start bashbot with debug as third argument: bashbot start debug
|
||||||
|
|
||||||
To enable debug mode, start bashbot with debug as third argument: `bashbot
|
|__ logs
|
||||||
start debug`
|
| |__ BASHBOT.log # log what your bot is doing ...
|
||||||
|
| |__ ERROR.log # connection errors from / to Telegram API
|
||||||
|
| |
|
||||||
|
| |__ DEBUG.log # stdout/stderr of you bot (debug mode enabled)
|
||||||
|
| |__ MESSAGE.log # full text of all message send/received (debug mode enabled)
|
||||||
|
|
||||||
```
|
------------------------------------------------------------------------------------------
|
||||||
├── logs
|
|
||||||
│ ├── BASHBOT.log # log what your bot is doing ...
|
|
||||||
│ ├── ERROR.log # connection errors from / to Telegram API
|
|
||||||
│ │
|
|
||||||
│ ├── DEBUG.log # stdout/stderr of you bot (debug mode enabled)
|
|
||||||
│ └── MESSAGE.log # full text of all message send/received (debug mode
|
|
||||||
enabled)
|
|
||||||
```
|
|
||||||
|
|
||||||
----
|
Security Considerations
|
||||||
|
|
||||||
## Security Considerations
|
Running a Telegram Bot means it is connected to the public and you never know what's send
|
||||||
Running a Telegram Bot means it is connected to the public and you never know
|
to your Bot.
|
||||||
what's send to your Bot.
|
Bash scripts in general are not designed to be bulletproof, so consider this Bot as a
|
||||||
|
proof of concept. Bash programmers often struggle with 'quoting hell' and globbing, see
|
||||||
|
Implications_of_wrong_quoting.
|
||||||
|
Whenever you are processing input from untrusted sources (messages, files, network) you
|
||||||
|
must be as careful as possible (e.g. set IFS appropriately, disable globbing with set -
|
||||||
|
f and quote everything). In addition remove unused scripts and examples from your Bot
|
||||||
|
(e.g. everything in example/) and disable/remove all unused bot commands.
|
||||||
|
It's important to escape or remove $ in input from user, files or network (as bashbot
|
||||||
|
does). One of the powerful features of Unix shells is variable and command substitution
|
||||||
|
using ${} and$() can lead to remote code execution (RCE) or remote information disclosure
|
||||||
|
(RID) bugs if unescaped $ is included in untrusted input (e.g. $$ or $(rm -rf /*)).
|
||||||
|
A powerful tool to improve your scripts is shellcheck. You can use_it_online or install
|
||||||
|
shellcheck_locally. Shellcheck is used extensively in bashbot development to ensure a high
|
||||||
|
code quality (e.g. it's not allowed to push changes without passing all shellcheck tests).
|
||||||
|
In addition bashbot has a test_suite to check if important functionality is working as
|
||||||
|
expected.
|
||||||
|
|
||||||
Bash scripts in general are not designed to be bulletproof, so consider this
|
Use printf whenever possible
|
||||||
Bot as a proof of concept.
|
|
||||||
Bash programmers often struggle with 'quoting hell' and globbing,
|
|
||||||
see [Implications of wrong
|
|
||||||
quoting](https://unix.stackexchange.com/questions/171346/security-implications-o
|
|
||||||
f-forgetting-to-quote-a-variable-in-bash-posix-shells).
|
|
||||||
|
|
||||||
Whenever you are processing input from untrusted sources (messages, files,
|
If you're writing a script that accepts external input (e.g. from the user as arguments or
|
||||||
network) you must be as careful as possible
|
the file system), you shouldn't use echo to display it. Use_printf_whenever_possible.
|
||||||
(e.g. set IFS appropriately, disable globbing with `set -f` and quote
|
|
||||||
everything). In addition remove unused scripts and examples
|
|
||||||
from your Bot (e.g. everything in `example/`) and disable/remove all unused bot
|
|
||||||
commands.
|
|
||||||
|
|
||||||
It's important to escape or remove `$` in input from user, files or network
|
Run your Bot as a restricted user
|
||||||
(_as bashbot does_).
|
|
||||||
One of the powerful features of Unix shells is variable and command
|
|
||||||
substitution using `${}` and`$()` can lead to remote code execution (RCE) or
|
|
||||||
remote information disclosure (RID) bugs if unescaped `$` is included in
|
|
||||||
untrusted input (e.g. `$$` or `$(rm -rf /*)`).
|
|
||||||
|
|
||||||
A powerful tool to improve your scripts is `shellcheck`. You can [use it
|
I recommend running your bot as a user with almost no access rights. All files your Bot
|
||||||
online](https://www.shellcheck.net/) or
|
has write access to are in danger of being overwritten/deleted if your bot is hacked. For
|
||||||
[install shellcheck
|
the same reason every file your Bot can read is in danger of being disclosed. Restrict
|
||||||
locally](https://github.com/koalaman/shellcheck#installing). Shellcheck is used
|
your Bots access rights to the absolute minimum.
|
||||||
extensively in bashbot development
|
Never run your Bot as root, this is the most dangerous you can do! Usually the user
|
||||||
to ensure a high code quality (e.g. it's not allowed to push changes without
|
'nobody' has almost no rights on Linux/Unix systems. See Expert_use on how to run your Bot
|
||||||
passing all shellcheck tests).
|
as an other user.
|
||||||
In addition bashbot has a [test suite](doc/7_develop.md) to check if important
|
|
||||||
functionality is working as expected.
|
|
||||||
|
|
||||||
### Use printf whenever possible
|
Secure your Bot installation
|
||||||
|
|
||||||
If you're writing a script that accepts external input (e.g. from the user as
|
Your Bot configuration must not be readable by other users. Everyone who can read your
|
||||||
arguments or the file system),
|
Bots token is able to act as your Bot and has access to all chats the Bot is in!
|
||||||
you shouldn't use echo to display it. [Use printf whenever
|
Everyone with read access to your Bot files can extract your Bots data. Especially your
|
||||||
possible](https://unix.stackexchange.com/a/6581).
|
Bot config inconfig.jssh must be protected against other users. No one except you should
|
||||||
|
have write access to the Bot files. The Bot should be restricted to have write access
|
||||||
|
tocount.jssh and data-bot-bash only, all other files must be write protected.
|
||||||
|
To set access rights for your bashbot installation to a reasonable default runsudo ./
|
||||||
|
bashbot.sh init after every update or change to your installation directory.
|
||||||
|
|
||||||
### Run your Bot as a restricted user
|
FAQ
|
||||||
**I recommend running your bot as a user with almost no access rights.**
|
|
||||||
All files your Bot has write access to are in danger of being
|
|
||||||
overwritten/deleted if your bot is hacked.
|
|
||||||
For the same reason every file your Bot can read is in danger of being
|
|
||||||
disclosed. Restrict your Bots access rights to the absolute minimum.
|
|
||||||
|
|
||||||
**Never run your Bot as root, this is the most dangerous you can do!** Usually
|
|
||||||
the user 'nobody' has almost no rights on Linux/Unix systems. See [Expert
|
|
||||||
use](doc/4_expert.md) on how to run your Bot as an other user.
|
|
||||||
|
|
||||||
### Secure your Bot installation
|
|
||||||
**Your Bot configuration must not be readable by other users.** Everyone who
|
|
||||||
can read your Bots token is able to act as your Bot and has access to all chats
|
|
||||||
the Bot is in!
|
|
||||||
|
|
||||||
Everyone with read access to your Bot files can extract your Bots data.
|
|
||||||
Especially your Bot config in`config.jssh` must be protected against other
|
|
||||||
users. No one except you should have write access to the Bot files. The Bot
|
|
||||||
should be restricted to have write access to`count.jssh` and `data-bot-bash`
|
|
||||||
only, all other files must be write protected.
|
|
||||||
|
|
||||||
To set access rights for your bashbot installation to a reasonable default
|
|
||||||
run`sudo ./bashbot.sh init` after every update or change to your installation
|
|
||||||
directory.
|
|
||||||
|
|
||||||
## FAQ
|
|
||||||
|
|
||||||
### Is this Bot insecure?
|
|
||||||
Bashbot is not more (in)secure than a Bot written in another language. We have
|
|
||||||
done our best to make it as secure as possible. But YOU are responsible for the
|
|
||||||
bot commands you wrote and you should know about the risks ...
|
|
||||||
|
|
||||||
**Note:** Up to version 0.941 (mai/22/2020) telegram-bot-bash had a remote code
|
|
||||||
execution bug, please update if you use an older version!
|
|
||||||
|
|
||||||
### Why Bash and not the much better xyz?
|
|
||||||
Well, that's a damn good question... maybe because I'm a Unix admin from the
|
|
||||||
stone age. Nevertheless there are more reasons from my side:
|
|
||||||
|
|
||||||
- bashbot will run wherever bash and (gnu) sed is available, from embedded
|
|
||||||
Linux to mainframe
|
|
||||||
- easy to integrate with other shell scripts, e.g. for sending system message /
|
|
||||||
health status
|
|
||||||
- no need to install or learn a new programming language, library or framework
|
|
||||||
- no database, not event driven, not object oriented ...
|
|
||||||
|
|
||||||
### Can I have the single bashbot.sh file back?
|
|
||||||
At the beginning bashbot was simply the file`bashbot.sh` that you could copy
|
|
||||||
everywhere and run the bot. Now we have 'commands.sh', 'mycommands.sh',
|
|
||||||
'modules/*.sh' and much more.
|
|
||||||
|
|
||||||
Hey no problem, if you are finished with your cool bot,
|
|
||||||
run`dev/make-standalone.sh` to create a stripped down version of your bot
|
|
||||||
containing only
|
|
||||||
'bashbot.sh' and 'commands.sh'! For more information see [Create a stripped
|
|
||||||
down version of your Bot](doc/7_develop.md).
|
|
||||||
|
|
||||||
### Can I send messages from CLI and scripts?
|
|
||||||
Of course you can send messages from command line and scripts! Simply install
|
|
||||||
bashbot as [described here](#Your-really-first-bashbot-in-a-nutshell),
|
|
||||||
send the message '/start' to set yourself as botadmin and then stop the bot
|
|
||||||
with `./bashbot.sh stop`.
|
|
||||||
|
|
||||||
Bashbot provides some ready to use scripts for sending messages from command
|
|
||||||
line in `bin/` dir, e.g. `send_message.sh`.
|
|
||||||
|
|
||||||
```bash
|
|
||||||
bin/send_message.sh BOTADMIN "This is my first message send from CLI"
|
|
||||||
|
|
||||||
bin/send_message.sh --help
|
|
||||||
```
|
|
||||||
|
|
||||||
You can also source bashbot for use in your scripts, for more information see
|
|
||||||
[Expert Use](doc/4_expert.md).
|
|
||||||
|
|
||||||
|
|
||||||
### Blocked by telegram?
|
Is this Bot insecure?
|
||||||
This may happen if too many or wrong requests are sent to api.telegram.org,
|
|
||||||
e.g. using a invalid token or invalid API calls.
|
|
||||||
If the block stay for longer time you can ask telegram service to unblock your
|
|
||||||
IP-Address.
|
|
||||||
|
|
||||||
|
Bashbot is not more (in)secure than a Bot written in another language. We have done our
|
||||||
|
best to make it as secure as possible. But YOU are responsible for the bot commands you
|
||||||
|
wrote and you should know about the risks ...
|
||||||
|
Note: Up to version 0.941 (mai/22/2020) telegram-bot-bash had a remote code execution bug,
|
||||||
|
please update if you use an older version!
|
||||||
|
|
||||||
|
Why Bash and not the much better xyz?
|
||||||
|
|
||||||
|
Well, that's a damn good question... maybe because I'm a Unix admin from the stone age.
|
||||||
|
Nevertheless there are more reasons from my side:
|
||||||
|
|
||||||
|
* bashbot will run wherever bash and (gnu) sed is available, from embedded Linux to
|
||||||
|
mainframe
|
||||||
|
* easy to integrate with other shell scripts, e.g. for sending system message / health
|
||||||
|
status
|
||||||
|
* no need to install or learn a new programming language, library or framework
|
||||||
|
* no database, not event driven, not object oriented ...
|
||||||
|
|
||||||
|
|
||||||
|
Can I have the single bashbot.sh file back?
|
||||||
|
|
||||||
|
At the beginning bashbot was simply the filebashbot.sh that you could copy everywhere and
|
||||||
|
run the bot. Now we have 'commands.sh', 'mycommands.sh', 'modules/*.sh' and much more.
|
||||||
|
Hey no problem, if you are finished with your cool bot, rundev/make-standalone.sh to
|
||||||
|
create a stripped down version of your bot containing only 'bashbot.sh' and 'commands.sh'!
|
||||||
|
For more information see Create_a_stripped_down_version_of_your_Bot.
|
||||||
|
|
||||||
|
Can I send messages from CLI and scripts?
|
||||||
|
|
||||||
|
Of course you can send messages from command line and scripts! Simply install bashbot as
|
||||||
|
described_here, send the message '/start' to set yourself as botadmin and then stop the
|
||||||
|
bot with ./bashbot.sh stop.
|
||||||
|
Bashbot provides some ready to use scripts for sending messages from command line in bin/
|
||||||
|
dir, e.g. send_message.sh.
|
||||||
|
|
||||||
|
bin/send_message.sh BOTADMIN "This is my first message send from CLI"
|
||||||
|
|
||||||
|
bin/send_message.sh --help
|
||||||
|
|
||||||
|
You can also source bashbot for use in your scripts, for more information see Expert_Use.
|
||||||
|
|
||||||
|
Blocked by telegram?
|
||||||
|
|
||||||
|
This may happen if too many or wrong requests are sent to api.telegram.org, e.g. using a
|
||||||
|
invalid token or invalid API calls. If the block stay for longer time you can ask telegram
|
||||||
|
service to unblock your IP-Address.
|
||||||
You can check with curl or wget if you are blocked by Telegram:
|
You can check with curl or wget if you are blocked by Telegram:
|
||||||
```bash
|
|
||||||
curl -m 10 https://api.telegram.org/bot
|
|
||||||
#curl: (28) Connection timed out after 10001 milliseconds
|
|
||||||
|
|
||||||
wget -t 1 -T 10 https://api.telegram.org/bot
|
curl -m 10 https://api.telegram.org/bot
|
||||||
#Connecting to api.telegram.org (api.telegram.org)|46.38.243.234|:443...
|
#curl: (28) Connection timed out after 10001 milliseconds
|
||||||
failed: Connection timed out.
|
|
||||||
|
|
||||||
nc -w 2 api.telegram.org 443 || echo "your IP seems blocked by telegram"
|
wget -t 1 -T 10 https://api.telegram.org/bot
|
||||||
#your IP seems blocked by telegram
|
#Connecting to api.telegram.org (api.telegram.org)|46.38.243.234|:443... failed:
|
||||||
```
|
Connection timed out.
|
||||||
|
|
||||||
Bashbot offers the option to recover from broken connections (blocked).
|
nc -w 2 api.telegram.org 443 || echo "your IP seems blocked by telegram"
|
||||||
Therefore you can provide a function
|
#your IP seems blocked by telegram
|
||||||
named `bashbotBlockRecover()` in `mycommands.sh`, the function is called every
|
|
||||||
time when a broken connection is detected.
|
|
||||||
|
|
||||||
Possible actions are: Check if network is working, change IP-Address or simply
|
|
||||||
wait some time.
|
|
||||||
See `mycommnds.sh.dist` for an example.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
|
Bashbot offers the option to recover from broken connections (blocked). Therefore you can
|
||||||
|
provide a function named bashbotBlockRecover() in mycommands.sh, the function is called
|
||||||
|
every time when a broken connection is detected.
|
||||||
|
Possible actions are: Check if network is working, change IP-Address or simply wait some
|
||||||
|
time. See mycommnds.sh.dist for an example.
|
||||||
|
------------------------------------------------------------------------------------------
|
||||||
@Gnadelwartz
|
@Gnadelwartz
|
||||||
|
|
||||||
## That's it all guys!
|
That's it all guys!
|
||||||
|
|
||||||
If you feel that there's something missing or if you found a bug, feel free to
|
If you feel that there's something missing or if you found a bug, feel free to submit a
|
||||||
submit a pull request!
|
pull request!
|
||||||
|
|
||||||
|
$$VERSION$$ v1.25-dev-33-g04e3c18
|
||||||
|
|
||||||
#### $$VERSION$$ v1.21-0-gc85af77
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
#
|
#
|
||||||
#### $$VERSION$$ v1.25-dev-14-g2fe6d4b
|
#### $$VERSION$$ v1.25-dev-33-g04e3c18
|
||||||
# shellcheck disable=SC2016
|
# shellcheck disable=SC2016
|
||||||
#
|
#
|
||||||
# Easy Versioning in git:
|
# Easy Versioning in git:
|
||||||
|
@ -52,6 +52,18 @@ printf "Update to version %s ...\n" "${VERSION}"
|
||||||
FILES="$(find ./*)"
|
FILES="$(find ./*)"
|
||||||
[ "$1" != "" ] && FILES="$*"
|
[ "$1" != "" ] && FILES="$*"
|
||||||
|
|
||||||
|
# autogenerate REMADME.html REMADE.txt
|
||||||
|
if [[ "${FILES}" == *"README.md"* ]]; then
|
||||||
|
FILES+=" README.html README.txt"
|
||||||
|
type -f pandoc >/dev/null && pandoc -s -f commonmark -M "title=Bashbot README" README.md >README.html
|
||||||
|
if type -f html2text >/dev/null; then
|
||||||
|
html2text -style pretty -width 90 README.html >README.txt
|
||||||
|
else
|
||||||
|
type -f fold >/dev/null && fold -s -w 90 README.md >README.txt
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# change version string in given files
|
||||||
for file in ${FILES}
|
for file in ${FILES}
|
||||||
do
|
do
|
||||||
[ ! -f "${file}" ] && continue
|
[ ! -f "${file}" ] && continue
|
||||||
|
@ -59,9 +71,6 @@ do
|
||||||
printf "%s" " ${file}" >&2
|
printf "%s" " ${file}" >&2
|
||||||
sed -i 's/^#### $$VERSION$$.*/#### \$\$VERSION\$\$ '"${VERSION}"'/' "${file}"
|
sed -i 's/^#### $$VERSION$$.*/#### \$\$VERSION\$\$ '"${VERSION}"'/' "${file}"
|
||||||
done
|
done
|
||||||
# try to compile README.txt
|
|
||||||
printf " README.txt" >&2
|
|
||||||
type -f pandoc >/dev/null && pandoc -s -f commonmark -M "title=Bashbot README" README.md >README.html
|
|
||||||
fold -s README.md >README.txt
|
|
||||||
printf " done.\n"
|
printf " done.\n"
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user