pkgs/scripts: uffd-unused-accounts-notification.scm
this is a helper script to send emails to people who've not logged in for a while (currently hard-coded to "since 2023-01-01"). It also sends weekly reminders to admins giving the current number of unused accounts. It is in $PATH for all normal users; for usage, invoke it with --help, or just see the email it send to admin@.
This commit is contained in:
parent
0caa57a30e
commit
ca0c1192a0
5 changed files with 151 additions and 0 deletions
|
@ -76,6 +76,7 @@
|
||||||
bat
|
bat
|
||||||
niv
|
niv
|
||||||
sqlite-interactive
|
sqlite-interactive
|
||||||
|
hacc-scripts
|
||||||
];
|
];
|
||||||
|
|
||||||
security.acme.defaults.email = "info+acme@hacc.space";
|
security.acme.defaults.email = "info+acme@hacc.space";
|
||||||
|
|
|
@ -101,6 +101,18 @@
|
||||||
startAt = "*:0/15";
|
startAt = "*:0/15";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
systemd.services.uffd-account-expiry-notification = {
|
||||||
|
enable = true;
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
after = [ "network.target" ];
|
||||||
|
serviceConfig.Type = "simple";
|
||||||
|
path = [ pkgs.hacc-scripts pkgs.sqlite-interactive pkgs.postfix ];
|
||||||
|
script = ''
|
||||||
|
uffd-unused-accounts-notification.scm -v admin
|
||||||
|
'';
|
||||||
|
startAt = "weekly";
|
||||||
|
};
|
||||||
|
|
||||||
sops.secrets."auamost/secrets.fish" = { };
|
sops.secrets."auamost/secrets.fish" = { };
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [ curl jq ];
|
environment.systemPackages = with pkgs; [ curl jq ];
|
||||||
|
|
|
@ -26,6 +26,8 @@ let
|
||||||
|
|
||||||
uffd = oldstable.callPackage ./uffd { };
|
uffd = oldstable.callPackage ./uffd { };
|
||||||
|
|
||||||
|
hacc-scripts = callPackage ./scripts {};
|
||||||
|
|
||||||
inherit (oldstable) uwsgi flask;
|
inherit (oldstable) uwsgi flask;
|
||||||
|
|
||||||
# TODO: once on nixos 24.05, remove this inherit
|
# TODO: once on nixos 24.05, remove this inherit
|
||||||
|
|
15
pkgs/scripts/default.nix
Normal file
15
pkgs/scripts/default.nix
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
{ stdenvNoCC, gauche }:
|
||||||
|
|
||||||
|
stdenvNoCC.mkDerivation {
|
||||||
|
name = "hacc-utility-scripts";
|
||||||
|
|
||||||
|
src = ./.;
|
||||||
|
|
||||||
|
buildInputs = [ gauche ];
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
chmod +x *.scm
|
||||||
|
mkdir -p $out/bin
|
||||||
|
cp *.scm $out/bin
|
||||||
|
'';
|
||||||
|
}
|
121
pkgs/scripts/uffd-unused-accounts-notification.scm
Normal file
121
pkgs/scripts/uffd-unused-accounts-notification.scm
Normal file
|
@ -0,0 +1,121 @@
|
||||||
|
#!/usr/bin/env gosh
|
||||||
|
|
||||||
|
(use gauche.process)
|
||||||
|
(use text.csv)
|
||||||
|
(use scheme.list)
|
||||||
|
(use gauche.parseopt)
|
||||||
|
(use util.match)
|
||||||
|
|
||||||
|
(define cutoff-date "2023-01-01")
|
||||||
|
|
||||||
|
(define sqlite-path "/persist/containers/uffd/uffd/db.sqlite")
|
||||||
|
(define sqlite-query
|
||||||
|
"select displayname, mail, max(expires) as last_login from oauth2token join user on user_id=user.id group by user_id having last_login < '2023-01-01'
|
||||||
|
union all select displayname, mail, '2022' from user where not exists (select * from oauth2token where user_id = user.id);")
|
||||||
|
|
||||||
|
(define dry #f)
|
||||||
|
(define verbose #f)
|
||||||
|
(define very-verbose #f)
|
||||||
|
|
||||||
|
(define (main args)
|
||||||
|
(let-args (cdr args)
|
||||||
|
((averbose "v|verbose")
|
||||||
|
(averyverbose "very-verbose")
|
||||||
|
(adry "n|dry-run")
|
||||||
|
(help "h|help" => (cut show-help (car args)))
|
||||||
|
. restargs
|
||||||
|
)
|
||||||
|
(set! dry adry)
|
||||||
|
(set! verbose averbose)
|
||||||
|
(when averyverbose
|
||||||
|
(set! verbose #t)
|
||||||
|
(set! very-verbose #t))
|
||||||
|
(match restargs
|
||||||
|
[("admin") (do-admin-mail)]
|
||||||
|
[("send-reminder") (send-reminder-mails)]
|
||||||
|
[("list-accounts") (do-list-accounts)]
|
||||||
|
[_ (display "unknown command") (exit 1)]))
|
||||||
|
0)
|
||||||
|
|
||||||
|
(define (do-admin-mail)
|
||||||
|
(send-email "admin@hacc.space" "unused accounts list" (mk-admin-mail unused-accounts))
|
||||||
|
(when verbose
|
||||||
|
(display "done")))
|
||||||
|
|
||||||
|
(define (do-list-accounts)
|
||||||
|
(display (string-join
|
||||||
|
(map
|
||||||
|
(lambda (row) (format "~a (~a)" (list-ref row 0) (list-ref row 1)))
|
||||||
|
unused-accounts)
|
||||||
|
"\n")))
|
||||||
|
|
||||||
|
(define (send-reminder-mails)
|
||||||
|
(map (lambda (row)
|
||||||
|
(send-email (list-ref row 1) "Unbenutzter infra4future.de Account" (mk-email (list-ref row 0) (list-ref row 2))))
|
||||||
|
unused-accounts)
|
||||||
|
(when verbose
|
||||||
|
(display "done")))
|
||||||
|
|
||||||
|
|
||||||
|
(define csv-reader
|
||||||
|
(make-csv-reader #\,))
|
||||||
|
|
||||||
|
(define unused-accounts
|
||||||
|
(map (lambda (str) (with-input-from-string str csv-reader))
|
||||||
|
;; (process-output->string-list `(cat example.csv))))
|
||||||
|
(process-output->string-list `(sqlite3 -csv ,sqlite-path ,sqlite-query))))
|
||||||
|
|
||||||
|
(define (mk-email displayname last-login)
|
||||||
|
#"
|
||||||
|
Subject: meow
|
||||||
|
Hallo ~|displayname|!
|
||||||
|
|
||||||
|
Wir haben schon lange (seit über einem Jahr; dein letzter Login war um ~|last-login|)
|
||||||
|
nichts mehr von dir gehört und würden demnächst deinen Account löschen wollen.
|
||||||
|
Solltest du ihn noch benötigen logge dich bitte einfach auf https://login.infra4future.de ein.
|
||||||
|
Falls nicht, musst du weiter nichts tun und wir werden deine Account in ca. 3 Monaten löschen.
|
||||||
|
|
||||||
|
Viele Grüße,
|
||||||
|
das Infra4Future Team
|
||||||
|
")
|
||||||
|
|
||||||
|
(define (mk-admin-mail rows)
|
||||||
|
(format #"
|
||||||
|
Meow!
|
||||||
|
|
||||||
|
this is the uffd-unused-accounts-notification.scm script. There are currently
|
||||||
|
~~s accounts which have not logged in since ~|cutoff-date|. To mass-send account
|
||||||
|
expiry reminders, invoke this script with the \"send-reminder\" option. To see a
|
||||||
|
list of these accounts, invoke it with the \"list-accounts\" option.
|
||||||
|
|
||||||
|
(invoke me,, 🥺)
|
||||||
|
" (length unused-accounts)))
|
||||||
|
|
||||||
|
; utility definitions
|
||||||
|
|
||||||
|
(define (send-email address subject text)
|
||||||
|
(when verbose
|
||||||
|
(display (format "sending email to ~a\n" address)))
|
||||||
|
(let ([text (string-append "subject: " subject "\n" text "\n")])
|
||||||
|
(when very-verbose
|
||||||
|
(display text))
|
||||||
|
(call-with-output-process
|
||||||
|
(if dry '(cat) `(sendmail ,address))
|
||||||
|
(lambda (port) (display text port))
|
||||||
|
:on-abnormal-exit :ignore)))
|
||||||
|
|
||||||
|
(define (show-help progname)
|
||||||
|
(display #"
|
||||||
|
~|progname|: unused account expiry helper script.
|
||||||
|
|
||||||
|
Invoke as `~|progname| [options] admin' to send a list of unused accounts to administrators.
|
||||||
|
|
||||||
|
Invoke as `~|progname| [options] send-reminder' to send a reminder email to all
|
||||||
|
currently unused accounts.
|
||||||
|
|
||||||
|
Options:
|
||||||
|
-v --verbose show which emails are being sent
|
||||||
|
-n --dry-run print emails to stdout instead
|
||||||
|
-h --help show this help
|
||||||
|
"))
|
||||||
|
|
Loading…
Reference in a new issue