diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml index 7620559..60922c2 100644 --- a/.gitea/workflows/build.yml +++ b/.gitea/workflows/build.yml @@ -22,11 +22,25 @@ jobs: cd master echo "${{ secrets.DOCKERGIT_TOKEN }}" | docker login git.woodburn.au -u nathanwoodburn --password-stdin tag_num=$(git rev-parse --short HEAD) + echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" + tag=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} + tag=${tag//\//-} + if [ tag = "main" ]; then + tag="latest" + else + tag_num="${tag}-${tag_num}" + fi + + docker build -t hnshosting-master:$tag_num . docker tag hnshosting-master:$tag_num git.woodburn.au/nathanwoodburn/hnshosting-master:$tag_num docker push git.woodburn.au/nathanwoodburn/hnshosting-master:$tag_num - docker tag hnshosting-master:$tag_num git.woodburn.au/nathanwoodburn/hnshosting-master:latest - docker push git.woodburn.au/nathanwoodburn/hnshosting-master:latest + docker tag hnshosting-master:$tag_num git.woodburn.au/nathanwoodburn/hnshosting-master:$tag + docker push git.woodburn.au/nathanwoodburn/hnshosting-master:$tag + + + + Build Bot: runs-on: ubuntu-latest @@ -47,8 +61,18 @@ jobs: cd discord-bot echo "${{ secrets.DOCKERGIT_TOKEN }}" | docker login git.woodburn.au -u nathanwoodburn --password-stdin tag_num=$(git rev-parse --short HEAD) + echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" + tag=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} + tag=${tag//\//-} + if [ tag = "main" ]; then + tag="latest" + else + tag_num="${tag}-${tag_num}" + fi + docker build -t hnshosting-bot:$tag_num . docker tag hnshosting-bot:$tag_num git.woodburn.au/nathanwoodburn/hnshosting-bot:$tag_num docker push git.woodburn.au/nathanwoodburn/hnshosting-bot:$tag_num - docker tag hnshosting-bot:$tag_num git.woodburn.au/nathanwoodburn/hnshosting-bot:latest - docker push git.woodburn.au/nathanwoodburn/hnshosting-bot:latest \ No newline at end of file + docker tag hnshosting-bot:$tag_num git.woodburn.au/nathanwoodburn/hnshosting-bot:$tag + docker push git.woodburn.au/nathanwoodburn/hnshosting-bot:$tag + \ No newline at end of file diff --git a/README.md b/README.md index e00aad3..1217cb8 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,19 @@ Then to start the master api server screen -dmS hnshosting-master python3 main.py ``` +## Stripe webhook +Create a new webhook endpoint on stripe and set the url to https://master-server-domain:5000/stripe-webhook (note: you need to add a https proxy to your master server if you want to use stripe) +Add these environment variables to your master server +```yaml +STRIPE_SECRET: your-stripe-secret-key +STRIPE_ENDPOINT_SECRET: your-stripe-endpoint-secret +SMTP_HOST: smtp-server +SMTP_PORT: smtp-port +SMTP_USER: smtp-user +SMTP_PASS: smtp-pass +SMTP_FROM: smtp-from (eg. HNSHosting ) This is optional +``` + ## Worker server install diff --git a/master/main.py b/master/main.py index edbca2b..b5effa2 100644 --- a/master/main.py +++ b/master/main.py @@ -2,6 +2,8 @@ from flask import Flask, request, jsonify import dotenv import os import requests +import stripe # For stripe payments +import smtplib, ssl # For sending emails dotenv.load_dotenv() @@ -232,6 +234,60 @@ def tlsa(): return resp.json() + +@app.route('/stripe', methods=['POST']) +def stripeapi(): + payload = request.data + stripe.api_key = os.getenv('STRIPE_SECRET') + endpoint_secret = os.getenv('STRIPE_ENDPOINT_SECRET') + sig_header = request.headers.get('Stripe-Signature') + events = None + try: + event = stripe.Webhook.construct_event( + payload, sig_header, endpoint_secret + ) + except ValueError as e: + # Invalid payload + return jsonify({'success': 'false'}) + except stripe.error.SignatureVerificationError as e: + return jsonify({'success': 'false'}) + + if event.type == 'payment_intent.succeeded': + payment_intent = event.data.object + # Get email + email = payment_intent['receipt_email'] + # Create licence key + licence_key = os.urandom(16).hex() + # Add licence key to file + key_file = open('/data/licence_key.txt', 'a') + key_file.write(licence_key + '\n') + key_file.close() + # Send email + host = os.getenv('SMTP_HOST') + port = os.getenv('SMTP_PORT') + user = os.getenv('SMTP_USER') + password = os.getenv('SMTP_PASS') + from_email = os.getenv('SMTP_FROM') + if from_email == None: + from_email = "Hosting <"+user + ">" + + context = ssl.create_default_context() + with smtplib.SMTP_SSL(host, port, context=context) as server: + server.login(user, password) + message = "From: " + from_email + "\nTo: " + email + \ + "\nSubject: Your Licence key\n\nHello,\n\n"\ + +"This email contains your licence key for your new wordpress site.\n" \ + +"You can redeem this key via the discord bot or api.\n\n"\ + +"Your licence key is: " + licence_key +"\nThanks,\nHNSHosting" + + server.sendmail(from_email, email, message) + + print('Licence sent via email for stripe payment', flush=True) + else: + print('Unhandled event type {}'.format(event.type)) + return jsonify({'success': 'true'}) + + def get_sites_count(): # If file doesn't exist, create it try: diff --git a/master/requirements.txt b/master/requirements.txt index 01ad091..9a8f17f 100644 --- a/master/requirements.txt +++ b/master/requirements.txt @@ -1,4 +1,5 @@ python-dotenv requests flask -jsonify \ No newline at end of file +jsonify +stripe \ No newline at end of file diff --git a/worker/main.py b/worker/main.py index f24852a..82e4a18 100644 --- a/worker/main.py +++ b/worker/main.py @@ -26,7 +26,7 @@ def new_site(): sites_file.close() # New site in background - thread = threading.Thread(target=new_site, args=(domain, 5000 + count)) + thread = threading.Thread(target=new_site, args=(domain)) thread.start() @@ -93,8 +93,8 @@ def site_exists(domain): else: return False -def new_site(domain,port): - script = 'bash wp.sh ' + domain + ' '+ str(port) +def new_site(domain): + script = 'bash wp.sh ' + domain os.system(script) # Start the server diff --git a/worker/wp.sh b/worker/wp.sh index 6563699..227ddae 100644 --- a/worker/wp.sh +++ b/worker/wp.sh @@ -4,10 +4,8 @@ # Then it will create an NGINX reverse proxy to the container. # USAGE: -# ./wp.sh [domain] [port offset] +# ./wp.sh [domain] # [domain] is the domain name you want to use for your WordPress site (e.g. docker.freeconcept) -# [port offset] is the offset you want to use for the port numbers. -# This is used if you want to run multiple instances of WordPress on the same server. (e.g. 0, 1, 2, 3, etc.) # Variables # Set the domain name @@ -21,15 +19,6 @@ fi DOMAIN="$1" echo "Setting up on domain name: $DOMAIN" -# Set port offset -# This is used to offset the port numbers so you can run multiple instances of WordPress on the same server. -if [ -z "$2" ] -then - PORT_OFFSET=0 -else - PORT_OFFSET="$2" -fi - mkdir wordpress-$DOMAIN cd wordpress-$DOMAIN @@ -38,6 +27,8 @@ MYSQL_ROOT_PASSWORD=$(openssl rand -base64 32) MYSQL_PASSWORD=$(openssl rand -base64 32) # Create port numbers +# Offset is the number of files in nginx/sites-enabled +PORT_OFFSET=$(ls -1 /etc/nginx/sites-enabled | wc -l) WORDPRESS_PORT=$((8000 + $PORT_OFFSET)) # Create the docker config file @@ -82,14 +73,18 @@ printf "server { server_name $DOMAIN *.$DOMAIN; proxy_ssl_server_name on; location / { + proxy_set_header Accept-Encoding ""; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header Host \$http_host; proxy_set_header X-Forwarded-Host \$http_host; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto \$scheme; - proxy_pass $URL; - } + + sub_filter '' ''; + sub_filter_once on; + + } listen 443 ssl; ssl_certificate /etc/ssl/$DOMAIN.crt;