From d41eeb3232d649543523baf2bca474ecf5533784 Mon Sep 17 00:00:00 2001
From: hogweed1 <simple.not1759@gmail.com>
Date: Wed, 3 Jul 2024 17:38:45 +1000
Subject: [PATCH] make pipisa secure

---
 .drone.yml              |  5 +++++
 config.yaml             |  4 ++--
 db_logic/collections.py | 16 ++++++++++------
 jack_bot.service        | 15 +++++++++++++++
 4 files changed, 32 insertions(+), 8 deletions(-)
 create mode 100644 jack_bot.service

diff --git a/.drone.yml b/.drone.yml
index ff582d3..41bdcd5 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -24,6 +24,11 @@ steps:
   when:
     branch:
     - main
+  environment:
+    ARANGO_PASSWORD:
+      from_secret: arango-pwd
+    ARANGO_USERNAME:
+      from_secret: arango-usr
 - name: restart systemd unit
   commands:
   - systemctl restart jack_bot
diff --git a/config.yaml b/config.yaml
index 812831a..43a243d 100644
--- a/config.yaml
+++ b/config.yaml
@@ -1,8 +1,8 @@
 ---
 databaso:
   host:                     'https://arango.guaranteedstruggle.host'
-  user:                      root
-  pass:                      stolendick527
+  #user:                      root
+  #pass:                      stolendick527
   base:                      pipisa
   collection:                dicks
   posts_removal_collection:  posts_removal
diff --git a/db_logic/collections.py b/db_logic/collections.py
index 2f9ebe9..bfaa145 100644
--- a/db_logic/collections.py
+++ b/db_logic/collections.py
@@ -5,7 +5,7 @@ from global_conf import CONFIG
 from arango import ArangoClient
 
 import logging
-
+import os 
 
 
 def get_dicks_collection(): 
@@ -13,8 +13,10 @@ def get_dicks_collection():
         arango_client = ArangoClient(hosts=CONFIG['databaso']['host'] ) 
         pipisa_db     = arango_client.db(
             CONFIG['databaso']['base'], 
-            username=CONFIG['databaso']['user'],
-            password=CONFIG['databaso']['pass']
+            username=os.environ['ARANGO_USR'],
+            password=os.environ['ARANGO_PWD'],
+            #username=CONFIG['databaso']['user'],
+            #password=CONFIG['databaso']['pass']
         ) 
         dicks_collection = pipisa_db.collection(CONFIG['databaso']['collection']) 
 
@@ -28,9 +30,11 @@ def get_posts_removal_collection():
     try:
         arango_client = ArangoClient(hosts=CONFIG['databaso']['host'] ) 
         pipisa_db     = arango_client.db(
-            CONFIG['databaso']['base'], 
-            username=CONFIG['databaso']['user'],
-            password=CONFIG['databaso']['pass']
+            CONFIG['databaso']['base'],  
+            username=os.environ['ARANGO_USR'],
+            password=os.environ['ARANGO_PWD'],
+            #username=CONFIG['databaso']['user'],
+            #password=CONFIG['databaso']['pass']
         ) 
         posts_removal_collection = pipisa_db.collection(CONFIG['databaso']['posts_removal_collection']) 
 
diff --git a/jack_bot.service b/jack_bot.service
new file mode 100644
index 0000000..87e7eb7
--- /dev/null
+++ b/jack_bot.service
@@ -0,0 +1,15 @@
+# пример того что лежит на хосте
+[Unit]
+Description=pipisa-bot
+After=network.target
+
+[Service]
+User=jack
+Type=simple
+Restart=always
+WorkingDirectory=/usr/share/python_bot
+ExecStart=/usr/bin/python3 /usr/share/python_bot/bot.py
+ExecStart=/usr/bin/python3 /usr/share/python_bot/bot.py
+
+[Install]
+WantedBy=multi-user.target#
\ No newline at end of file