egutierrez
0701089ecf
- Remove launcher binary from all git history (git-filter-repo) - Add launcher, run/*.pid, run/*.log to .gitignore - Remove tracked run/assistant-bot.pid (runtime file) - Add dev-scripts/reset-password.sh Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
69 lines
2.4 KiB
Bash
Executable File
69 lines
2.4 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# reset-password.sh — resetea la contraseña de un bot existente y la escribe en .env
|
|
#
|
|
# A diferencia de register.sh, este script NO crea una nueva sesión ni cambia el device ID.
|
|
# El token de acceso actual sigue siendo válido.
|
|
# Útil para añadir MATRIX_PASSWORD_X a .env en bots ya registrados.
|
|
#
|
|
# Uso:
|
|
# ./dev-scripts/reset-password.sh <agent-id>
|
|
#
|
|
# Ejemplo:
|
|
# ./dev-scripts/reset-password.sh assistant-bot
|
|
#
|
|
# Requiere en .env:
|
|
# MATRIX_ADMIN_TOKEN=syt_...
|
|
# MATRIX_HOMESERVER=https://...
|
|
# MATRIX_SERVER_NAME=...
|
|
|
|
source "$(dirname "$0")/_common.sh"
|
|
load_env
|
|
|
|
need_arg "${1:-}"
|
|
|
|
ID="$1"
|
|
USERNAME="$ID"
|
|
PASSWORD_ENV_VAR="MATRIX_PASSWORD_$(echo "$ID" | tr '[:lower:]-' '[:upper:]_' | sed 's/_BOT$//')"
|
|
|
|
[[ -n "${MATRIX_ADMIN_TOKEN:-}" ]] || fail "MATRIX_ADMIN_TOKEN no está en .env"
|
|
[[ -n "${MATRIX_HOMESERVER:-}" ]] || fail "MATRIX_HOMESERVER no está en .env"
|
|
[[ -n "${MATRIX_SERVER_NAME:-}" ]] || fail "MATRIX_SERVER_NAME no está en .env"
|
|
|
|
USER_ID="@${USERNAME}:${MATRIX_SERVER_NAME}"
|
|
|
|
# Generar nueva contraseña aleatoria
|
|
NEW_PASSWORD=$(head -c 24 /dev/urandom | od -A n -t x1 | tr -d ' \n')
|
|
|
|
info "Reseteando contraseña de ${USER_ID}..."
|
|
info "(El token de acceso actual NO cambia — solo la contraseña)"
|
|
|
|
# Synapse admin API: reset password sin cerrar sesiones existentes
|
|
RESPONSE=$(curl -s -w "\n%{http_code}" -X POST \
|
|
"${MATRIX_HOMESERVER}/_synapse/admin/v1/reset_password/${USER_ID}" \
|
|
-H "Authorization: Bearer ${MATRIX_ADMIN_TOKEN}" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"new_password\": \"${NEW_PASSWORD}\", \"logout_devices\": false}")
|
|
|
|
HTTP_CODE=$(echo "$RESPONSE" | tail -1)
|
|
BODY=$(echo "$RESPONSE" | head -1)
|
|
|
|
if [[ "$HTTP_CODE" != "200" ]]; then
|
|
fail "Admin API devolvió HTTP $HTTP_CODE: $BODY"
|
|
fi
|
|
|
|
# Escribir en .env
|
|
if grep -q "^${PASSWORD_ENV_VAR}=" .env; then
|
|
awk -v key="$PASSWORD_ENV_VAR" -v val="$NEW_PASSWORD" \
|
|
'index($0, key "=") == 1 { print key "=" val; next } { print }' \
|
|
.env > /tmp/_env_tmp && mv /tmp/_env_tmp .env
|
|
ok "$PASSWORD_ENV_VAR actualizado en .env"
|
|
else
|
|
printf '\n%s=%s\n' "$PASSWORD_ENV_VAR" "$NEW_PASSWORD" >> .env
|
|
ok "$PASSWORD_ENV_VAR añadido a .env"
|
|
fi
|
|
|
|
echo ""
|
|
ok "Contraseña reseteada para ${USER_ID}"
|
|
dim " El bot usará esta contraseña para cross-signing bootstrap en el próximo arranque."
|
|
dim " Reinícialo con: ./dev-scripts/stop.sh $ID && ./dev-scripts/start.sh $ID"
|