Updated README.md

This commit is contained in:
Anon 2024-03-09 18:03:11 -08:00
parent 2819c01a9c
commit eaf320aa39

View File

@ -1,20 +1,23 @@
# Readme
Create Pleroma App is a simple python3 script to generate OAuth tokens for your Pleroma account.
By default it will output your credentials as valid python code, but you can disable this with the --plain switch.
This will output the following credentials as shell variable:
```
API_BASE_URL=string
CLIENT_ID=string
CLIENT_SECRET=string
API_BASE_URL=string
```
## Installing
To setup the python3 environment (for Arch Linux) run the following commands:
To setup the python3 environment run the following commands:
```
sudo pacman -Syu
sudo pacman -S --needed python git
git clone 'https://git.yandere.cc/Anon/CreatePleromaApp.git'
cd CreatePleromaApp/
python -m venv venv
source venv/bin/activate
pip install --upgrade pip
pip install -r requirements.txt
pip install Mastodon.py
deactivate
./run.sh -h
```
@ -24,17 +27,43 @@ If everything worked correctly you should see usage information on Create Plerom
## Default Settings
If you want to change the default values for the input prompts, you can edit the source code directly in `src/create_app.py`
## Encryption
You can also encrypt your credentials with the encryption.py module included in the repo. If you choose to use this with your custom bot, you must copy the encryption.py module to your project's root source directory.
See below for an example implementation:
## Generating Your OAuth Tokens
To generate your tokens, run the following commands and follow the interactive prompts:
```
def decrypt_settings(self):
if self.settings_encrypt["encrypt"] and not self.decrypted:
import encryption
self.settings_server = encryption.settings_server_decrypt(self.settings_server, self.settings_encrypt, keyfile_path)
self.decrypted = True
touch cred.sh
chmod 600 cred.sh
cd ..
git clone 'https://git.yandere.cc/Anon/CreatePleromaApp.git'
cd CreatePleromaApp/
./run.sh > ../FediStatusPoster/cred.sh
# Follow the interactive prompts
```
## Encrypting Your OAuth Tokens
If you are going to be running a bot over a long period of time, consider encrypting your OAuth tokens with GPG encryption and a keyfile.
REMINDER: Your keyfile should typically be stored on a seperate removable device that can be quickly disconnected. If your account is compromised, you should also revoke permissions in your Pleroma settings panel.
```
touch cred.sh.gpg
touch cred.sh.key
chmod 600 cred.sh.key cred.sh.gpg
</dev/random tr -dc 'a-zA-Z0-9' | head -c4096 > cred.sh.key
cd ..
git clone 'https://git.yandere.cc/Anon/CreatePleromaApp.git'
cd CreatePleromaApp/
./run.sh | gpg -q -c --pinentry-mode loopback --passphrase-file ../FediStatusPoster/cred.sh.gpg -o ../FediStatusPoster/cred.sh.gpg -
# Follow the interactive prompts
```
If you do not want to keep a keyfile, but still want encryption, modify the encryption step with the following:
```
./run.sh | gpg -q -c --pinentry-mode loopback -o ../FediStatusPoster/cred.sh.gpg -
```
Be sure to update `./run.sh` to point to your new paths:
```
DEFAULT_CREDENTIALS="cred.sh.gpg"
DEFAULT_KEYFILE="cred.sh.key" or DEFAULT_KEYFILE="-" (if not using a keyfile)
```
## Donate