Merge branch 'systemd'

0b6625e7 · anarcat · c0523a7e · a5ee5977 · 0b6625e7 · 0b6625e7
Verified Commit 0b6625e7 authored Jun 10, 2021 by anarcat
--- a/README.md
+++ b/README.md
@@ -98,6 +98,52 @@ in the `Files` dialog, under `Settings` (at the bottom left), in the
 The above will process *all* folders (except the special ones) and, on
 success, dump the sanitized files in the `safe/` special folder.

+The above can be done in a loop to continually process files, but
+obviously a better deployment mechanism is preferred, see below for
+systemd support.
+
+## Running under systemd
+
+As can be seen above, the processor is expected to be ran every time
+there are new files to process. A simple way to do this is to deploy
+the systemd unit files provided along the script.
+
+First install the script in a standard location, for example:
+
+    install processor.py /usr/local/bin/dangerzone-webdav-processor
+
+Then add a role user for the project, grant it access to the Docker
+daemon:
+
+    adduser --systemd dangerzone
+    adduser dangerzone docker
+
+Add the configuration file to
+`/etc/default/dangerzone-webdav-processor`, with the following syntax:
+
+    WEBDAV_LOCATION=https://example.com/remote.php/dav/files/dangerzone-bot/
+    WEBDAV_USERNAME=dangerzone-bot
+    WEBDAV_PASSWORD=[REDACTED]
+
+Those are equivalent to the `--location`, `--username`, and
+`--password` parameters, documented above.
+
+Then deploy the systemd scripts:
+
+    cp dangerzone-webdav-processor.{timer,service} /etc/systemd/system/
+    systemctl daemon-reload
+    systemctl enable dangerzone-webdav-processor.{timer,service}
+    systemctl start dangerzone-webdav-processor.timer
+
+You can then run the service by hand with:
+
+    systemctl start dangerzone-webdav-processor.service
+
+Or wait for the timer to expire (one hour). In any case, you can see
+the output of the job with:
+
+    systemctl status dangerzone-webdav-processor.service
+
 # Contributing

 See the [contribution guide](CONTRIBUTING.md) for more information on how to

--- a/dangerzone-webdav-processor.service
+++ b/dangerzone-webdav-processor.service
+[Unit]
+Description=Dangerzone WebDAV processor
+After=networking.service
+
+[Service]
+User=dangerzone
+Type=oneshot
+Nice=10
+EnvironmentFile=/etc/default/dangerzone-webdav-processor
+ExecStart=/usr/bin/dangerzone-webdav-processor
--- a/dangerzone-webdav-processor.timer
+++ b/dangerzone-webdav-processor.timer
+[Unit]
+Description=run Dangerzone WebDAV processor
+
+[Timer]
+OnCalendar=hourly
+
+[Install]
+WantedBy=timers.target