Telegram Bot
42 lines
1.5 KiB
Python
42 lines
1.5 KiB
Python
#!/usr/bin/env python3
|
|
import http.server, subprocess, hashlib, hmac, json, os, sys
|
|
|
|
SECRET = os.environ.get('WEBHOOK_SECRET', 'ptp-deploy-2026')
|
|
PORT = 9000
|
|
|
|
class Handler(http.server.BaseHTTPRequestHandler):
|
|
def do_POST(self):
|
|
if self.path != '/deploy':
|
|
self.send_response(404); self.end_headers(); return
|
|
|
|
length = int(self.headers.get('Content-Length', 0))
|
|
body = self.rfile.read(length)
|
|
|
|
# Verify signature (Gitea sends X-Gitea-Signature)
|
|
sig = self.headers.get('X-Gitea-Signature', '')
|
|
expected = hmac.new(SECRET.encode(), body, hashlib.sha256).hexdigest()
|
|
|
|
if not hmac.compare_digest(sig, expected):
|
|
self.send_response(403); self.end_headers()
|
|
self.wfile.write(b'Bad signature'); return
|
|
|
|
try:
|
|
data = json.loads(body)
|
|
ref = data.get('ref', '')
|
|
if ref not in ('refs/heads/mirror', 'refs/heads/main'):
|
|
self.send_response(200); self.end_headers()
|
|
self.wfile.write(b'Skipped (not mirror/main)'); return
|
|
except: pass
|
|
|
|
subprocess.Popen(['/usr/local/bin/deploy-ptp.sh'])
|
|
self.send_response(200); self.end_headers()
|
|
self.wfile.write(b'Deploy triggered')
|
|
|
|
def log_message(self, fmt, *args):
|
|
pass # silent
|
|
|
|
if __name__ == '__main__':
|
|
httpd = http.server.HTTPServer(('127.0.0.1', PORT), Handler)
|
|
print(f'Webhook server on port {PORT}')
|
|
httpd.serve_forever()
|