From 1cf7cdaa89b9441e4ab8527988f02c153fb2f8e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sven=20M=C3=A4der?= <maeder@phys.ethz.ch>
Date: Wed, 13 Mar 2024 12:00:33 +0100
Subject: [PATCH] Add notes about encryption, add systemd service

---
 README.md      | 37 ++++++++++++++++++++++++++++++++++++-
 maubot.service | 19 +++++++++++++++++++
 2 files changed, 55 insertions(+), 1 deletion(-)
 create mode 100644 maubot.service

diff --git a/README.md b/README.md
index b353316..dd89aba 100644
--- a/README.md
+++ b/README.md
@@ -44,7 +44,7 @@ with a cli http tool such as [httpie](https://httpie.io/):
 http POST 'https://example.com/_matrix/client/v3/login' <<<'{"identifier":{"type":"m.id.user","user":"botusername"},"initial_device_display_name":"Standalone Bot","password":"ilovebananas","type":"m.login.password"}'
 ```
 
-Invite the bot user to your room and note the `<roomid_or_alias>`.
+Invite the bot user to your (preferably unencrypted) room and note the `<roomid_or_alias>`.
 
 Manually join the bot user to the room using the
 [client-server api](https://spec.matrix.org/latest/client-server-api/#post_matrixclientv3joinroomidoralias):
@@ -105,6 +105,41 @@ Available bot commands with the above:
 !cmd device start
 ```
 
+### Systemd
+
+To automatically start the bot on boot create a systemd service:
+
+```bash
+cp maubot.service /etc/systemd/system
+systemctl daemon-reload
+systemctl enable maubot.service
+systemctl start maubot.service
+```
+
+To view the log:
+
+```bash
+journalctl -fu maubot.service | ccze
+```
+
+### Encryption
+
+Maubot supports encryption, but encryption is buggy and could lead to problems.
+Just use an unencrypted room for bots and keep your encrypted rooms secure,
+as it is generally not advisable to include bots in encrypted rooms for obvious security reasons.
+
+For encryption problems try the following:
+
+- Kick the bot
+- Stop the bot
+- `rm /opt/maubot/bot.db`
+- Optional: logout the bot's current device
+- Generate a new `access_token` and `device_id`
+- Update it the config
+- Start the bot
+- Invite the bot
+- Join the bot
+
 
 ## exec
 A [maubot](https://github.com/maubot/maubot) that executes code.
diff --git a/maubot.service b/maubot.service
new file mode 100644
index 0000000..d6ba913
--- /dev/null
+++ b/maubot.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=Maubot Standalone
+
+[Service]
+Type=simple
+NotifyAccess=main
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=always
+RestartSec=3
+User=maubot
+Group=maubot
+WorkingDirectory=/opt/maubot
+ExecStart=/opt/maubot/env/bin/python3 -m maubot.standalone
+SyslogIdentifier=maubot
+ReadOnlyDirectories=/
+ReadWriteDirectories=/opt/maubot
+
+[Install]
+WantedBy=multi-user.target
-- 
GitLab