Implement start/stop commands

fix #41 update README and configuration files accordingly
2023-10-18 12:00:00 +02:00
parent d35167b878
commit 345dd94b17
8 changed files with 127 additions and 77 deletions
--- a/config/activitywatch.jsonnet
+++ b/config/activitywatch.jsonnet
@ -1,8 +1,6 @@
-local directory = '~/.local/share/watch';
 // Those strings will be substitued in each shell() call
 local substitutions = [
-  ['OUTFILE', directory + '/logs-$(date %+F)'],
-  ['TMUXFILE', directory + '/tmux'],
+  ['OUTFILE', '"$HOME/.local/share/watch/logs-$(date +%F)"'],
  ['DATE', '"$(date "+%F %T")"'],
 ];

@ -18,19 +16,17 @@ local shell(prg) = [
  sub(prg),
 ];

-{
-  // Startup is currently not implemented
-  startup: shell(|||
-    mkdir -p "$(dirname OUTFILE)"
-    echo DATE start >> OUTFILE
-    # tmux set-hook -g pane-focus-in[50] new-session -d 'echo tmux >> TMUXFILE'
-  |||),
+local log(line) = shell('echo DATE ' + std.strReplace(line, '\n', ' ') + '>> OUTFILE');

-  // Stop is currently not implemented
-  stop: shell(|||
-    tmux set-hook -ug pane-focus-in[50]
-    echo DATE stop >> OUTFILE
-  |||),
+{
+  start: [
+    shell('mkdir -p "$(dirname OUTFILE)"'),
+    log('start'),
+  ],
+
+  stop: [
+    log('stop'),
+  ],

  patterns: {
    all: { regex: '.*' },
@ -47,7 +43,7 @@ local shell(prg) = [
        send: {
          regex: ['^<all>$'],
          actions: {
-            send: { cmd: shell('echo DATE focus <all> >> OUTFILE') },
+            send: { cmd: log('focus <all>') },
          },
        },
      },
@ -55,12 +51,13 @@ local shell(prg) = [

    // Be notified when user is away
    swayidle: {
-      cmd: ['swayidle', 'timeout', '60', 'echo sleep', 'resume', 'echo resume'],
+      // FIXME echo stop and start instead?
+      cmd: ['swayidle', 'timeout', '30', 'echo sleep', 'resume', 'echo resume'],
      filters: {
        send: {
          regex: ['^<all>$'],
          actions: {
-            send: { cmd: shell('echo DATE <all> >> OUTFILE') },
+            send: { cmd: log('<all>') },
          },
        },
      },
@ -92,7 +89,7 @@ local shell(prg) = [
    //     send: {
    //       regex: ['^tmux <all>$'],
    //       actions: {
-    //         send: { cmd: shell('echo DATE tmux <all> >> OUTFILE') },
+    //         send: { cmd: log('tmux <all>') },
    //       },
    //     },
    //   },
--- a/config/example.jsonnet
+++ b/config/example.jsonnet
@ -1,11 +1,13 @@
 // This file is using JSONNET, a complete configuration language based on JSON
 // See https://jsonnet.org
 // JSONNET is a superset of JSON, so one can write plain JSON files if wanted.
-// Note that YAML is also supported.
+// Note that YAML is also supported, see ./example.yml

+// A JSONNET function
+local iptables(args) = ['ip46tables', '-w'] + args;
 // variables defined for later use.
-local iptablesban = ['ip46tables', '-w', '-A', 'reaction', '1', '-s', '<ip>', '-j', 'DROP'];
-local iptablesunban = ['ip46tables', '-w', '-D', 'reaction', '1', '-s', '<ip>', '-j', 'DROP'];
+local iptablesban = iptables(['-A', 'reaction', '1', '-s', '<ip>', '-j', 'drop']);
+local iptablesunban = iptables(['-D', 'reaction', '1', '-s', '<ip>', '-j', 'drop']);
 // ip46tables is a minimal C program (only POSIX dependencies) present as a subdirectory.
 // it permits to handle both ipv4/iptables and ipv6/ip6tables commands

@ -21,6 +23,30 @@ local iptablesunban = ['ip46tables', '-w', '-D', 'reaction', '1', '-s', '<ip>',
    },
  },

+  // Those commands will be executed in order at start, before everything else
+  start: [
+    // Create an iptables chain for reaction
+    iptables(['-N', 'reaction']),
+    // Set its default to ACCEPT
+    iptables(['-A', 'reaction', '-j', 'ACCEPT']),
+    // Always accept 127.0.0.1
+    iptables(['-I', 'reaction', '1', '-s', '127.0.0.1', '-j', 'ACCEPT']),
+    // Always accept ::1
+    iptables(['-I', 'reaction', '1', '-s', '::1', '-j', 'ACCEPT']),
+    // Insert this chain as the first item of the INPUT chain (for incoming connections)
+    iptables(['-I', 'INPUT', '-p', 'all', '-j', 'reaction']),
+  ],
+
+  // Those commands will be executed in order at stop, after everything else
+  stop: [
+    // Remove the chain from the INPUT chain
+    iptables(['-D,', 'INPUT', '-p', 'all', '-j', 'reaction']),
+    // Empty the chain
+    iptables(['-F,', 'reaction']),
+    // Delete the chain
+    iptables(['-X,', 'reaction']),
+  ],
+
  // streams are commands
  // they're run and their ouptut is captured
  // *example:* `tail -f /var/log/nginx/access.log`
--- a/config/reaction.service
+++ b/config/reaction.service
@ -6,24 +6,6 @@ WantedBy=multi-user.target
 [Service]
 ExecStart=/path/to/reaction -c /etc/reaction.yml

-# Create an iptables chain for reaction
-ExecStartPre=/path/to/ip46tables -w -N reaction
-# Set its default to ACCEPT
-ExecStartPre=/path/to/ip46tables -w -A reaction -j ACCEPT
-# Always accept 127.0.0.1
-ExecStartPre=/path/to/ip46tables -w -I reaction 1 -s 127.0.0.1 -j ACCEPT
-# Always accept ::1
-ExecStartPre=/path/to/ip46tables -w -I reaction 1 -s ::1 -j ACCEPT
-# Insert this chain as the first item of the INPUT chain (for incoming connections)
-ExecStartPre=/path/to/ip46tables -w -I INPUT -p all -j reaction
-
-# Remove the chain from the INPUT chain
-ExecStopPost=/path/to/ip46tables -w -D INPUT -p all -j reaction
-# Empty the chain
-ExecStopPost=/path/to/ip46tables -w -F reaction
-# Delete the chain
-ExecStopPost=/path/to/ip46tables -w -X reaction
-
 # Ask systemd to create /var/lib/reaction (/var/lib/ is implicit)
 StateDirectory=reaction
 # Ask systemd to create /run/reaction at runtime (/run/ is implicit)