Merge pull request 'fix' (#25 ) from master into dev

Reviewed-on: #25
Merge pull request 'fix' (#24 ) from master into dev
2025-06-01 19:55:24 +03:00 · 2025-06-01 19:53:30 +03:00 · 2025-06-01 19:51:42 +03:00 · 2025-06-01 19:48:51 +03:00
9 changed files with 198 additions and 147 deletions
--- a/.DS_Store
+++ b/.DS_Store
--- a/.deploy/deploy-dev.yaml
+++ b/.deploy/deploy-dev.yaml
@@ -6,22 +6,19 @@ services:
    image: mathwave/sprint-repo:certupdater
    command: worker
    environment:
      MINIO_HOST: "minio.develop.sprinthub.ru"
      MINIO_SECRET_KEY: $MINIO_SECRET_KEY_DEV
      MONGO_HOST: "mongo.develop.sprinthub.ru"
      MONGO_PASSWORD: $MONGO_PASSWORD_DEV
      STAGE: "development"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      - configurator
      - queues-development
      - minio-development
      - mongo-development
    deploy:
-      mode: replicated
+      mode: global
      restart_policy:
        condition: any
      placement:
        constraints: [node.labels.stage == development]
      update_config:
        parallelism: 1
        order: start-first
@@ -29,9 +26,3 @@ services:
 networks:
  configurator:
    external: true
  queues-development:
    external: true
  minio-development:
    external: true
  mongo-development:
    external: true
--- a/.deploy/deploy-prod.yaml
+++ b/.deploy/deploy-prod.yaml
@@ -2,36 +2,44 @@ version: "3.4"
 services:
-  certupdater:
+  worker:
-    image: mathwave/sprint-repo:certupdater
+    image: mathwave/sprint-repo:pizda-bot
    command: worker
    environment:
-      MINIO_SECRET_KEY: $MINIO_SECRET_KEY_PROD
+      MONGO_HOST: "mongo.sprinthub.ru"
      MONGO_PASSWORD: $MONGO_PASSWORD_PROD
      STAGE: "production"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      - configurator
      - queues
-      - minio
+      - configurator
-      - mongo
+    deploy:
      mode: replicated
      restart_policy:
        condition: any
      update_config:
        parallelism: 1
        order: start-first
  pizda-bot-nginx:
    image: mathwave/sprint-repo:pizda-bot
    command: api
    environment:
      MONGO_HOST: "mongo.sprinthub.ru"
      MONGO_PASSWORD: $MONGO_PASSWORD_PROD
    networks:
      - common-infra-nginx
    deploy:
      mode: replicated
      restart_policy:
        condition: any
      placement:
        constraints: [node.labels.stage == production]
      update_config:
        parallelism: 1
        order: start-first
 networks:
-  configurator:
+  common-infra-nginx:
    external: true
  queues:
    external: true
-  minio:
+  configurator:
    external: true
  mongo:
    external: true
--- a/.gitea/workflows/deploy-prod.yaml
+++ b/.gitea/workflows/deploy-prod.yaml
@@ -18,14 +18,14 @@ jobs:
        with:
          ref: prod
      - name: build
-        run: docker build -t mathwave/sprint-repo:certupdater .
+        run: docker build -t mathwave/sprint-repo:pizda-bot .
  push:
    name: Push
    runs-on: [ dev ]
    needs: build
    steps:
      - name: push
-        run: docker push mathwave/sprint-repo:certupdater
+        run: docker push mathwave/sprint-repo:pizda-bot
  deploy-prod:
    name: Deploy prod
    runs-on: [prod]
@@ -40,5 +40,4 @@ jobs:
      - name: deploy
        env:
          MONGO_PASSWORD_PROD: ${{ secrets.MONGO_PASSWORD_PROD }}
-          MINIO_SECRET_KEY_PROD: ${{ secrets.MINIO_SECRET_KEY_PROD }}
+        run: docker stack deploy --with-registry-auth -c ./.deploy/deploy-prod.yaml pizda-bot
        run: docker stack deploy --with-registry-auth -c ./.deploy/deploy-prod.yaml certupdater
--- a/blob.py
+++ b/blob.py
@@ -1,7 +1,7 @@
 import os
 from minio import Minio
-MINIO_HOST = "minio:9000"
+MINIO_HOST = os.getenv("MINIO_HOST", "localhost") + ":9000"
 MINIO_ACCESS_KEY = os.getenv("MINIO_ACCESS_KEY", "serviceminioadmin")
 MINIO_SECRET_KEY = os.getenv("MINIO_SECRET_KEY", "minioadmin")
--- a/configurator.py
+++ b/configurator.py
@@ -0,0 +1,88 @@
 import json
 import os
 import urllib.parse
 from threading import Thread
 from time import sleep
 from requests import get
 class ConfiguratorClient:
    def __init__(self, app_name: str, stage: str, need_poll: bool = True):
        self.app_name = app_name
        self.stage = stage
        self.endpoint = 'http://configurator/'
        self.fetch_url = urllib.parse.urljoin(self.endpoint, '/api/v1/fetch')
        self.config_storage = {}
        self.experiment_storage = {}
        self.staff_storage = {}
        self.poll_data()
        if need_poll:
            self.poll_data_in_thread()
    def poll_data_in_thread(self):
        def inner():
            while True:
                sleep(30)
                self.fetch()
        Thread(target=inner, daemon=True).start()
    def poll_data(self):
        self.fetch(with_exception=True)
    def request_with_retries(self, url, params, with_exception=False, retries_count=3):
        exception_to_throw = None
        for _ in range(retries_count):
            try:
                response = get(
                    url,
                    params=params
                )
                if response.status_code == 200:
                    return response.json()
                print(f'Failed to request {url}, status_code={response.status_code}')
                exception_to_throw = Exception('Not 200 status')
            except Exception as exc:
                print(exc)
                exception_to_throw = exc
            sleep(1)
        print(f'Failed fetching with retries: {url}, {params}')
        if with_exception:
            raise exception_to_throw
    def fetch(self, with_exception=False):
        if self.stage == 'local':
            local_platform = json.loads(open('local_platform.json', 'r').read())
            self.config_storage = local_platform['configs']
            self.experiment_storage = local_platform['experiments']
            self.staff_storage = {
                key: set(value)
                for key, value in local_platform['platform_staff'].items()
            }
            return
        response_data = self.request_with_retries(self.fetch_url, {
            'project': self.app_name,
            'stage': self.stage,
        }, with_exception)
        self.config_storage = response_data['configs']
        self.experiment_storage = response_data['experiments']
        self.staff_storage = {
            key: set(value)
            for key, value in response_data['platform_staff'].items()
        }
    def is_staff(self, **kwargs):
        for key, value in kwargs.items():
            if value in self.staff_storage[key]:
                return True
        return False
    def get_config(self, name):
        return self.config_storage[name]
    def get_experiment(self, name):
        return self.experiment_storage[name]
 configurator = ConfiguratorClient("certupdater", os.getenv("STAGE"))
--- a/main.py
+++ b/main.py
@@ -1,10 +1,7 @@
 import datetime
 import io
 import os
 import subprocess
 import time
-
+from configurator import configurator
 from requests import get, post
 from mongo import mongo
 from blob import minio
@@ -15,136 +12,61 @@ class Response:
    err: str
 def send_notification(text: str):
    post(
        "http://queues:1239/api/v1/put",
        headers={"queue": "botalka_mailbox"},
        json={
            "payload": {
                "project": "notifications-bot",
                "name": "telegram-bot",
                "body": {
                    "text": text,
                    "chat_id": 84367486,
                },
            },
            "seconds_to_execute": 1,
            "delay": None,
        },
    )
 def call(command: str) -> Response:
-    p = subprocess.Popen(
+    p = subprocess.Popen(command, stderr=subprocess.PIPE, stdout=subprocess.PIPE, shell=True)
        command, stderr=subprocess.PIPE, stdout=subprocess.PIPE, shell=True
    )
    resp = p.wait()
    response = Response()
    response.code = resp
-    response.out, response.err = p.stdout.read().decode(
+    response.out, response.err = p.stdout.read().decode('utf-8'), p.stderr.read().decode('utf-8')
        "utf-8"
    ), p.stderr.read().decode("utf-8")
    return response
 def get_hosts() -> list[str]:
-    response = get(
+    return list(set(configurator.get_config("hosts") + ["platform.develop.chocomarsh.com"]))
        f"http://configurator/api/v1/fetch?project=certupdater&stage={os.getenv("STAGE")}"
    ).json()
    hosts = response["configs"]["hosts"]
    return list(hosts)
-def update_host(host: str) -> str | None:
+def update_host(host: str) -> bool:
-    if os.getenv("STAGE") == "development":
+    container_id_run = call(f"echo $(docker ps -q -f name=infra-development_nginx)")
        container_id_run = call("echo $(docker ps -q -f name=infra-development_nginx)")
    else:
        container_id_run = call("echo $(docker ps -q -f name=infra_nginx)")
    if container_id_run.code != 0:
-        return container_id_run.err
+        print(f"something wrong {container_id_run.err}")
        return False
    container_name = container_id_run.out.strip()
    if not container_name:
-        return "no nginx container"
+        print("Not correct node")
        return False
-    gen_command = f'docker exec {container_name} certbot --nginx --email emmtvv@gmail.com --agree-tos --non-interactive -d "{host}"'
+    gen_command = f"docker exec {container_name} certbot --nginx --email emmtvv@gmail.com --agree-tos --non-interactive -d \"{host}\""
    print(gen_command)
    gen_cert = call(gen_command)
    if gen_cert.code != 0:
-        log = call(
+        print(f"failed generating certificate: {gen_cert.err}")
-            f"docker exec {container_name} cat /var/log/letsencrypt/letsencrypt.log"
+        return False
        ).out
        return f"failed generating certificate: {log}"
-    fullchain_command = call(
+    fullchain_command = call(f"docker exec {container_name} cat /etc/letsencrypt/live/{host}/fullchain.pem")
        f"docker exec {container_name} cat /etc/letsencrypt/live/{host}/fullchain.pem"
    )
    if fullchain_command.code != 0:
-        return f"failed getting fullchain: {fullchain_command.err}"
+        print(f"failed getting fullchain: {fullchain_command.err}")
        return True
-    privkey_command = call(
+    privkey_command = call(f"docker exec {container_name} cat /etc/letsencrypt/live/{host}/privkey.pem")
        f"docker exec {container_name} cat /etc/letsencrypt/live/{host}/privkey.pem"
    )
    if privkey_command.code != 0:
-        return f"failed getting fullchain: {privkey_command.err}"
+        print(f"failed getting fullchain: {privkey_command.err}")
        return True
    fullchain = fullchain_command.out.encode("utf-8")
    privkey = privkey_command.out.encode("utf-8")
-    minio.put_object(
+    minio.put_object("certupdater", f"certificates/{host}/fullchain.pem", fullchain, len(fullchain))
-        "certupdater",
+    minio.put_object("certupdater", f"certificates/{host}/privkey.pem", privkey, len(privkey))
-        f"certificates/{host}/fullchain.pem",
+    return True
        io.BytesIO(fullchain),
        len(fullchain),
    )
    minio.put_object(
        "certupdater",
        f"certificates/{host}/privkey.pem",
        io.BytesIO(privkey),
        len(privkey),
    )
    return None
-if __name__ == "__main__":
+while True:
    while True:
    now = datetime.datetime.now()
    mongo_hosts = mongo.hosts
-        hosts = get_hosts()
+    for host in get_hosts():
-        print(f"got hosts {hosts}")
+        if now + datetime.timedelta(days=14) > mongo_hosts.get(host, {"expire_time": datetime.datetime.fromtimestamp(1)})["expire_time"]:
        updated = False
        for host in hosts:
            if (
                now + datetime.timedelta(days=14)
                > mongo_hosts.get(
                    host, {"expire_time": datetime.datetime.fromtimestamp(1)}
                )["expire_time"]
            ):
            success = update_host(host)
            if success:
-                    print(success)
+                print(f"Host {host} updated")
                    send_notification(
                        f"host {host} was not updated with an error: {success}"
                    )
                else:
                mongo.update_date(host)
-                    updated = True
+    time.sleep(5 * 60)
                    send_notification(f"host {host} updated")
            else:
                print(f"Host {host} does not need to be updated")
        if updated:
            if os.getenv("STAGE") == "development":
                container_id_run = call(
                    "echo $(docker ps -q -f name=infra-development_nginx)"
                )
            else:
                container_id_run = call("echo $(docker ps -q -f name=infra_nginx)")
            print(container_id_run.code, container_id_run.out, container_id_run.err)
            command = f"docker exec {container_id_run.out.strip()} ./refre.sh"
            print(command)
            restart = call(command)
            print(restart.code, restart.out, restart.err)
            send_notification(f"Balancer for {os.getenv("STAGE")} was restarted")
        time.sleep(30)
--- a/mongo.py
+++ b/mongo.py
@@ -4,11 +4,12 @@ import os
 MONGO_USER = os.getenv("MONGO_USER", "mongo")
 MONGO_PASSWORD = os.getenv("MONGO_PASSWORD", "password")
 MONGO_HOST = os.getenv("MONGO_HOST", "localhost")
 class Mongo:
    def __init__(self):
-        url = f"mongodb://{MONGO_USER}:{MONGO_PASSWORD}@mongo:27017/"
+        url = f"mongodb://{MONGO_USER}:{MONGO_PASSWORD}@{MONGO_HOST}:27017/"
        self.client: pymongo.MongoClient = pymongo.MongoClient(url)
        self.database = self.client.get_database("certupdater")
        self.hosts_collection.create_index([
--- a/storage.py
+++ b/storage.py
@@ -0,0 +1,42 @@
 from cachetools import TTLCache
 import os
 from utils.mongo import mongo
 CACHE_SIZE = int(os.getenv("CACHE_SIZE", 1000))
 CACHE_TTL = int(os.getenv("CACHE_TTL", 3600))
 cache = TTLCache(CACHE_SIZE, CACHE_TTL)
 def get_chat_info(chat_id: int) -> dict:
    cached_info = cache.get(chat_id)
    if cached_info is not None:
        return cached_info
    mongo_info = mongo.chats_collection.find_one({"chat_id": chat_id})
    if mongo_info is not None:
        cache[chat_id] = mongo_info
        return mongo_info
    chat_info = {"chat_id": chat_id, "state": "default", "probability": 100}
    mongo.chats_collection.insert_one(chat_info)
    cache[chat_id] = chat_info
    return chat_info
 def set_values(chat_id: int, **values):
    cached_info = cache.get(chat_id)
    if cached_info is None:
        mongo_info = mongo.chats_collection.find_one({"chat_id": chat_id})
        if mongo_info is None:
            chat_info = {"chat_id": chat_id, "state": "default", "probability": 100}
            chat_info.update(values)
            mongo.chats_collection.insert_one(chat_info)
            cache[chat_id] = chat_info
        else:
            mongo.chats_collection.update_one({"chat_id": chat_id}, {"$set": values})
            mongo_info = dict(mongo_info)
            mongo_info.update(values)
            cache[chat_id] = mongo_info
    else:
        cached_info.update(values)
        mongo.chats_collection.update_one({"chat_id": chat_id}, {"$set": values})
Author	SHA1	Message	Date
emmatveev	ded08985b5	Merge pull request 'fix' (#25 ) from master into dev Reviewed-on: #25	2025-06-01 19:55:24 +03:00
emmatveev	cb847f8b8f	Merge pull request 'fix' (#24 ) from master into dev Reviewed-on: #24	2025-06-01 19:53:30 +03:00
emmatveev	a7b082dc7a	Merge pull request 'master' (#23 ) from master into dev Reviewed-on: #23	2025-06-01 19:51:42 +03:00
emmatveev	741eed066c	Merge pull request 'fix' (#22 ) from master into dev Reviewed-on: #22	2025-06-01 19:48:51 +03:00