Last active
November 12, 2025 07:14
-
-
Save TehPeGaSuS/772070bd029d711dcdbf988b206ab1d5 to your computer and use it in GitHub Desktop.
Soju user systemd and certificate reload
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| #----------------------------------------------------------------------# | |
| # NOTE: THIS SCRIPT WAS TESTED ON UBUNTU 24.04 AND NEWER!!! # | |
| # # | |
| # Packages required: sqlite3 (apt install sqlite3) # | |
| # # | |
| # This shell script was created to clean up soju sqlite database and # | |
| # the uploads folder. Please adjust the paths to match your config. # | |
| # # | |
| # REPLACE ANY OCCURRENCE OF $USER WITH YOUR SHELL USERNAME FOR SAFETY # | |
| # # | |
| # Put this file on your HOME directory under the name `cleansoju` # | |
| # Make it executable with `chmod +x cleansoju` # | |
| # Add a crontab like `0 1 * * * /home/$USER/cleansoju >/dev/null 2>&1` # | |
| #----------------------------------------------------------------------# | |
| #----------------------------------# | |
| # Path to the soju sqlite database # | |
| #----------------------------------# | |
| sojuDatabase="/home/$USER/soju/soju.db" | |
| #----------------------------------------------------# | |
| # How many days of messages tp keep on the database? # | |
| #----------------------------------------------------# | |
| sojuMessageDays="7" | |
| #-----------------------------# | |
| # Path to soju uploads folder # | |
| #-----------------------------# | |
| sojuUploads="/home/$USER/soju/uploads/" | |
| #---------------------------------# | |
| # How many days of files to keep? # | |
| #---------------------------------# | |
| sojuFilesDays="7" | |
| #--------------------------------------------------------------------------------------------------------------# | |
| # DON'T TOUCH ANYTHING BELOW UNLESS YOU KNOW WHAT YOU'RE DOING!!! # | |
| # # | |
| # If you touch the code below and then complain the script "suddenly stopped working" I'll touch you at night. # | |
| #--------------------------------------------------------------------------------------------------------------# | |
| #-----------------------------------# | |
| # Delete messages from the database # | |
| #-----------------------------------# | |
| /usr/bin/sqlite3 "$sojuDatabase" "DELETE FROM Message WHERE time < datetime('now','-$sojuMessageDays days'); VACUUM;" | |
| #-----------------------# | |
| # Delete uploaded files # | |
| #-----------------------# | |
| /usr/bin/find "$sojuUploads" -mindepth 2 -type f -mtime +"$sojuFilesDays" -delete |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| #---------------------------------------------------------------------------------# | |
| # NOTE: This script was tested only on Ubuntu 20.04+ and Certbot # | |
| # # | |
| # PLEASE ADJUST ALL VARIABLES TO FIT YOUR NEEDS!!! # | |
| # # | |
| # This script is intended to be used with systemd user units and require # | |
| # systemd-container to be installed on the system (apt install systemd-container) # | |
| # # | |
| # To use this script follow this instructions: # | |
| # 1. Create a scripts folder inside the `/etc/letsencrypt` directory with: # | |
| # mkdir -p /etc/letsencrypt/scripts # | |
| # # | |
| # 2. Place this script inside that folder and name it `soju` # | |
| # # | |
| # 3. Make it executable with: # | |
| # chmod +x /etc/letsencrypt/scripts/soju # | |
| # # | |
| # 4. Request a certificate that will call the script as a deploy-hook with: # | |
| # certbot -d soju.domain.tld --deploy-hook /etc/letsencrypt/scripts/soju # | |
| # # | |
| # 5. From now on, whenever the certificate is renewed, soju will be reloaded # | |
| # automatically to load the new cerificate and privkey into it # | |
| # # | |
| # 6. Enjoy! # | |
| #---------------------------------------------------------------------------------# | |
| #----------------------# | |
| # Domain or Sub Domain # | |
| #----------------------# | |
| sojuDomain="soju.0bin.xyz" | |
| #-------------------# | |
| # User running soju # | |
| #-------------------# | |
| sojuUser="ubuntu" | |
| #--------------------------------# | |
| # Group of the user running soju # | |
| #--------------------------------# | |
| sojuGroup="ubuntu" | |
| #--------------------------------------# | |
| # Where should be the PEM file placed? # | |
| #--------------------------------------# | |
| sojuTLS="/home/ubuntu/.config/soju" | |
| #------------------------# | |
| # Soju systemd unit name # | |
| #------------------------# | |
| sojuUnit="soju_user.service" | |
| #--------------------------------------------------------------------------------------------------------------# | |
| # Don't edit anything below unless you know exactly what you're doing. # | |
| # If you touch the code below and then complain the script "suddenly stopped working" I'll touch you at night. # | |
| #--------------------------------------------------------------------------------------------------------------# | |
| case "$RENEWED_LINEAGE" in | |
| */"$sojuDomain") | |
| # Let's copy the PEM files | |
| cp -f -- "${RENEWED_LINEAGE}/fullchain.pem" "${RENEWED_LINEAGE}/privkey.pem" "$sojuTLS" && | |
| # Fix permissions | |
| chown -- "${sojuUser}:${sojuGroup}" "${sojuTLS}/fullchain.pem" "${sojuTLS}/privkey.pem" && | |
| # Reload soju | |
| /usr/bin/systemctl --machine="${sojuUser}@" --user reload "$sojuUnit" && | |
| # Print a success message | |
| printf "\n\nSoju certificate renewed successfully\n\n" | |
| ;; | |
| esac |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #----------------------------------------------------------------------# | |
| # Systemd User Unit for Soju # | |
| #----------------------------------------------------------------------# | |
| # HOW TO USE # | |
| # # | |
| # NOTE: PLEASE ADJUST ALL PATHS AND COMMANDS TO FIT YOUR NEEDS!!! # | |
| # # | |
| # 1. Enable lingering for your user with: # | |
| # loginctl enable-linger # | |
| # # | |
| # 2. Create the user systemd folder with: # | |
| # mkdir -p .config/systemd/user # | |
| # # | |
| # 3. Place this unit inside it and name it `soju_user.service` # | |
| # # | |
| # # | |
| # 4. Reload the user systemd daemon to load the newly added unit: # | |
| # systemctl --user daemon-reload # | |
| # # | |
| # 5. Commands to control your user unit: # | |
| # - Enable unit on boot: # | |
| # systemctl --user enable soju_user.service # | |
| # # | |
| # - Disable unit on boot: # | |
| # systemctl --user disable soju_user.service # | |
| # # | |
| # - Start your unit: # | |
| # systemctl --user start soju_user.service # | |
| # # | |
| # - Reload your unit: # | |
| # systemctl --user reload soju_user.service # | |
| # # | |
| # - Stop you unit: # | |
| # systemctl --user stop soju_user.service # | |
| # # | |
| # - Check unit status: # | |
| # systemctl --user status soju_user.service # | |
| # # | |
| # 6. Enjoy! # | |
| #----------------------------------------------------------------------# | |
| [Unit] | |
| Description=Soju Bouncer | |
| [Service] | |
| Type=simple | |
| WorkingDirectory=/home/ubuntu/soju | |
| ExecStart=/home/ubuntu/soju/soju -config /home/ubuntu/.config/soju/config | |
| ExecReload=/usr/bin/kill -s SIGHUP $MAINPID | |
| Restart=on-failure | |
| [Install] | |
| WantedBy=default.target |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment