3b9d759b4b
- Clone of github.com/fluxerapp/fluxer (official upstream) - SELF_HOSTING.md: full VM rebuild procedure, architecture overview, service reference, step-by-step setup, troubleshooting, seattle reference - dev/.env.example: all env vars with secrets redacted and generation instructions - dev/livekit.yaml: LiveKit config template with placeholder keys - fluxer-seattle/: existing seattle deployment setup scripts
229 lines
8.3 KiB
Bash
Executable File
229 lines
8.3 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Fluxer Complete Setup & Human Verification Fix - One-liner Installer
|
|
# This script automatically sets up Fluxer and applies all fixes to resolve human verification issues
|
|
# Usage: curl -sSL https://git.vish.gg/Vish/homelab/raw/branch/main/deployments/fluxer-seattle/fix-human-verification.sh | bash
|
|
|
|
set -e
|
|
|
|
echo "🚀 Fluxer Human Verification Fix Installer"
|
|
echo "=========================================="
|
|
|
|
# Colors for output
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
BLUE='\033[0;34m'
|
|
NC='\033[0m' # No Color
|
|
|
|
# Function to print colored output
|
|
print_status() {
|
|
echo -e "${BLUE}[INFO]${NC} $1"
|
|
}
|
|
|
|
print_success() {
|
|
echo -e "${GREEN}[SUCCESS]${NC} $1"
|
|
}
|
|
|
|
print_warning() {
|
|
echo -e "${YELLOW}[WARNING]${NC} $1"
|
|
}
|
|
|
|
print_error() {
|
|
echo -e "${RED}[ERROR]${NC} $1"
|
|
}
|
|
|
|
# Check if we're in the fluxer directory
|
|
if [ ! -f "go.mod" ] || [ ! -d "fluxer_api" ]; then
|
|
print_error "This script must be run from the fluxer project root directory"
|
|
exit 1
|
|
fi
|
|
|
|
print_status "Starting human verification fix..."
|
|
|
|
# Step 1: Backup current configuration
|
|
print_status "Creating configuration backups..."
|
|
BACKUP_DIR="backups/$(date +%Y%m%d_%H%M%S)"
|
|
mkdir -p "$BACKUP_DIR"
|
|
|
|
if [ -f "fluxer_api/src/config/InstanceConfig.ts" ]; then
|
|
cp "fluxer_api/src/config/InstanceConfig.ts" "$BACKUP_DIR/"
|
|
print_success "Backed up InstanceConfig.ts"
|
|
fi
|
|
|
|
if [ -f "fluxer_api/src/rate_limit_configs/AuthRateLimitConfig.ts" ]; then
|
|
cp "fluxer_api/src/rate_limit_configs/AuthRateLimitConfig.ts" "$BACKUP_DIR/"
|
|
print_success "Backed up AuthRateLimitConfig.ts"
|
|
fi
|
|
|
|
# Step 2: Fix Instance Configuration - Disable Manual Review
|
|
print_status "Disabling manual review system..."
|
|
if [ -f "fluxer_api/src/config/InstanceConfig.ts" ]; then
|
|
# Use sed to replace manual_review_enabled: true with manual_review_enabled: false
|
|
sed -i 's/manual_review_enabled: true/manual_review_enabled: false/g' "fluxer_api/src/config/InstanceConfig.ts"
|
|
|
|
# Verify the change was made
|
|
if grep -q "manual_review_enabled: false" "fluxer_api/src/config/InstanceConfig.ts"; then
|
|
print_success "Manual review system disabled"
|
|
else
|
|
print_warning "Manual review setting may need manual verification"
|
|
fi
|
|
else
|
|
print_error "InstanceConfig.ts not found"
|
|
exit 1
|
|
fi
|
|
|
|
# Step 3: Fix Rate Limit Configuration
|
|
print_status "Updating rate limit configuration..."
|
|
if [ -f "fluxer_api/src/rate_limit_configs/AuthRateLimitConfig.ts" ]; then
|
|
# Create the new rate limit configuration
|
|
cat > "fluxer_api/src/rate_limit_configs/AuthRateLimitConfig.ts" << 'EOF'
|
|
export const AuthRateLimitConfig = {
|
|
registration: {
|
|
windowMs: 60 * 1000, // 60 seconds
|
|
max: 50, // 50 attempts per window
|
|
message: "Too many registration attempts from this IP. Please try again later.",
|
|
standardHeaders: true,
|
|
legacyHeaders: false,
|
|
},
|
|
login: {
|
|
windowMs: 60 * 1000, // 60 seconds
|
|
max: 50, // 50 attempts per window
|
|
message: "Too many login attempts from this IP. Please try again later.",
|
|
standardHeaders: true,
|
|
legacyHeaders: false,
|
|
},
|
|
};
|
|
EOF
|
|
print_success "Rate limit configuration updated (50 attempts per 60 seconds)"
|
|
else
|
|
print_error "AuthRateLimitConfig.ts not found"
|
|
exit 1
|
|
fi
|
|
|
|
# Step 4: Check if Docker Compose is running
|
|
print_status "Checking Docker Compose services..."
|
|
if docker compose -f dev/compose.yaml ps | grep -q "Up"; then
|
|
print_success "Docker services are running"
|
|
|
|
# Step 5: Clear Redis cache
|
|
print_status "Clearing Redis rate limit cache..."
|
|
if docker compose -f dev/compose.yaml exec -T redis valkey-cli FLUSHALL > /dev/null 2>&1; then
|
|
print_success "Redis cache cleared"
|
|
else
|
|
print_warning "Could not clear Redis cache - may need manual clearing"
|
|
fi
|
|
|
|
# Step 6: Clean up stuck user accounts (if any exist)
|
|
print_status "Cleaning up stuck user accounts..."
|
|
|
|
# Check if there are users with PENDING_MANUAL_VERIFICATION flag
|
|
STUCK_USERS=$(docker compose -f dev/compose.yaml exec -T cassandra cqlsh -e "USE fluxer; SELECT user_id, username, flags FROM users;" 2>/dev/null | grep -E "[0-9]{19}" | awk '{print $1 "," $3}' || echo "")
|
|
|
|
if [ -n "$STUCK_USERS" ]; then
|
|
echo "$STUCK_USERS" | while IFS=',' read -r user_id flags; do
|
|
if [ -n "$user_id" ] && [ -n "$flags" ]; then
|
|
# Calculate if user has PENDING_MANUAL_VERIFICATION flag (1n << 50n = 1125899906842624)
|
|
# This is a simplified check - in production you'd want more robust flag checking
|
|
if [ "$flags" -gt 1125899906842624 ]; then
|
|
print_status "Cleaning up user $user_id with flags $flags"
|
|
|
|
# Calculate new flags without PENDING_MANUAL_VERIFICATION
|
|
new_flags=$((flags - 1125899906842624))
|
|
|
|
# Update user flags
|
|
docker compose -f dev/compose.yaml exec -T cassandra cqlsh -e "USE fluxer; UPDATE users SET flags = $new_flags WHERE user_id = $user_id;" > /dev/null 2>&1
|
|
|
|
# Clean up pending verifications
|
|
docker compose -f dev/compose.yaml exec -T cassandra cqlsh -e "USE fluxer; DELETE FROM pending_verifications WHERE user_id = $user_id;" > /dev/null 2>&1
|
|
|
|
print_success "Cleaned up user $user_id"
|
|
fi
|
|
fi
|
|
done
|
|
else
|
|
print_success "No stuck user accounts found"
|
|
fi
|
|
|
|
# Step 7: Restart API service
|
|
print_status "Restarting API service to apply changes..."
|
|
if docker compose -f dev/compose.yaml restart api > /dev/null 2>&1; then
|
|
print_success "API service restarted"
|
|
|
|
# Wait for service to be ready
|
|
print_status "Waiting for API service to be ready..."
|
|
sleep 10
|
|
|
|
# Step 8: Test registration
|
|
print_status "Testing registration functionality..."
|
|
TEST_EMAIL="test-$(date +%s)@example.com"
|
|
TEST_USERNAME="testuser$(date +%s)"
|
|
|
|
RESPONSE=$(curl -s -X POST http://localhost:8088/api/v1/auth/register \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"username\": \"$TEST_USERNAME\",
|
|
\"email\": \"$TEST_EMAIL\",
|
|
\"password\": \"MySecurePassword123!\",
|
|
\"global_name\": \"Test User\",
|
|
\"date_of_birth\": \"1990-01-01\",
|
|
\"consent\": true
|
|
}" 2>/dev/null || echo "")
|
|
|
|
if echo "$RESPONSE" | grep -q "user_id"; then
|
|
print_success "Registration test passed - human verification disabled!"
|
|
elif echo "$RESPONSE" | grep -q "RATE_LIMITED"; then
|
|
print_warning "Registration test hit rate limit - this is expected behavior"
|
|
else
|
|
print_warning "Registration test inconclusive - manual verification may be needed"
|
|
echo "Response: $RESPONSE"
|
|
fi
|
|
else
|
|
print_error "Failed to restart API service"
|
|
exit 1
|
|
fi
|
|
else
|
|
print_warning "Docker services not running - manual restart required after starting services"
|
|
fi
|
|
|
|
# Step 9: Create documentation
|
|
print_status "Creating fix documentation..."
|
|
cat > "HUMAN_VERIFICATION_FIXED.md" << 'EOF'
|
|
# Human Verification Fix Applied
|
|
|
|
This file indicates that the human verification fix has been successfully applied to this Fluxer instance.
|
|
|
|
## Changes Applied:
|
|
- ✅ Manual review system disabled
|
|
- ✅ Rate limits increased (50 attempts per 60 seconds)
|
|
- ✅ Stuck user accounts cleaned up
|
|
- ✅ Redis cache cleared
|
|
- ✅ API service restarted
|
|
|
|
## Status:
|
|
- Registration works without human verification
|
|
- Friends can now register and access the platform
|
|
- Rate limiting is reasonable but still prevents abuse
|
|
|
|
## Applied On:
|
|
EOF
|
|
echo "$(date)" >> "HUMAN_VERIFICATION_FIXED.md"
|
|
|
|
print_success "Fix documentation created"
|
|
|
|
echo ""
|
|
echo "🎉 Human Verification Fix Complete!"
|
|
echo "=================================="
|
|
print_success "Manual review system has been disabled"
|
|
print_success "Rate limits have been increased to reasonable levels"
|
|
print_success "Stuck user accounts have been cleaned up"
|
|
print_success "Your friends can now register at st.vish.gg without human verification!"
|
|
echo ""
|
|
print_status "Backup files saved to: $BACKUP_DIR"
|
|
print_status "Documentation created: HUMAN_VERIFICATION_FIXED.md"
|
|
echo ""
|
|
print_warning "If you encounter any issues, check the logs with:"
|
|
echo " docker compose -f dev/compose.yaml logs api"
|
|
echo ""
|
|
print_status "Fix completed successfully! 🚀"
|