WIP Sgratzl/setup

Dockerfile

@@ -0,0 +1,19 @@
+FROM python:3.7
+
+WORKDIR /usr/src/app
+
+VOLUME [ "/data" ]
+VOLUME [ "/config" ]
+
+ENV DATABASE_FILE /data/db.pickle
+ENV SERVER_HOSTNAME_PATTERN=.*
+ENV SERVER_PORT 80
+ENV GITHUB_PRIVATE_KEY_PATH /config/key.pem
+
+
+COPY requirements.txt ./
+RUN pip install --no-cache-dir -r requirements.txt
+
+COPY . .
+
+CMD [ "python", "-m", "bot" ]

bot/main.py → bot/__main__.py

@@ -5,7 +5,7 @@
 from telegram.ext import TypeHandler, CallbackContext, CommandHandler, MessageHandler, Filters
 
 from bot import settings
-from bot.const import TELEGRAM_BOT_TOKEN, DATABASE_FILE, DEBUG
+from bot.const import TELEGRAM_BOT_TOKEN, DATABASE_FILE, DEBUG, GITHUB_APP_NAME
 from bot.github import GithubHandler
 from bot.githubapi import github_api
 from bot.githubupdates import GithubUpdate, GithubAuthUpdate
@@ -50,7 +50,7 @@ def help_handler(update: Update, context: CallbackContext):
     msg = update.effective_message
     private = update.effective_chat.type == Chat.PRIVATE
     steps = [
-        f'First you must allow me access to the repositories in question. To do this, <a href="https://github.com/apps/telegram-githubbot-revised/installations/new">install</a> my <a href="https://github.com/apps/telegram-githubbot-revised">GitHub App</a> on your account or organisation, and make sure that it has access to the desired repositories.',
+        f'First you must allow me access to the repositories in question. To do this, <a href="https://github.com/apps/{GITHUB_APP_NAME}/installations/new">install</a> my <a href="https://github.com/apps/telegram-githubbot-revised">GitHub App</a> on your account or organisation, and make sure that it has access to the desired repositories.',
         f'Use the command /settings to open my settings interface and press the login button. This way I will know who you are.',
         f'Add me ({context.bot.name}) to the chat/group in which you would like to receive notifications.',
         f'In that chat use /settings to add the repositories you would like to receive notifications for.'

bot/const.py

@@ -2,16 +2,21 @@
 
 GITHUB_WEBHOOK_SECRET = os.getenv('GITHUB_WEBHOOK_SECRET').encode()
 TELEGRAM_BOT_TOKEN = os.getenv('TELEGRAM_BOT_TOKEN')
-SERVER_PORT = int(os.getenv('SERVER_PORT'))
 SERVER_URL_BASE = os.getenv('SERVER_URL_BASE').rstrip('/')
-TELEGRAM_WEBHOOK_URL = SERVER_URL_BASE + '/' + TELEGRAM_BOT_TOKEN
+SERVER_PORT = int(os.getenv('SERVER_PORT', 80))
 SERVER_HOSTNAME_PATTERN = os.getenv('SERVER_HOSTNAME_PATTERN')
+
 HMAC_SECRET = TELEGRAM_BOT_TOKEN.encode('ascii')
+GITHUB_APP_NAME = os.getenv('GITHUB_APP_NAME', 'telegram-githubbot-revised')
 GITHUB_PRIVATE_KEY_PATH = os.getenv('GITHUB_PRIVATE_KEY_PATH')
 GITHUB_APP_ID = os.getenv('GITHUB_APP_ID')
-DATABASE_FILE = os.getenv('DATABASE_FILE')
+DATABASE_FILE = os.getenv('DATABASE_FILE', '/data/db.pickle')
 GITHUB_OAUTH_CLIENT_ID = os.getenv('GITHUB_OAUTH_CLIENT_ID')
 GITHUB_OAUTH_CLIENT_SECRET = os.getenv('GITHUB_OAUTH_CLIENT_SECRET')
-GITHUB_OAUTH_REDIRECT_URI = SERVER_URL_BASE + '/github/auth'
-DEBUG = os.getenv('DEBUG', False)
+DEBUG = bool(os.getenv('DEBUG', False))
+
+
 DEFAULT_TRUNCATION_LIMIT = 4096
+
+TELEGRAM_WEBHOOK_URL = SERVER_URL_BASE + '/' + TELEGRAM_BOT_TOKEN
+GITHUB_OAUTH_REDIRECT_URI = SERVER_URL_BASE + '/github/auth'

bot/webhookupdater.py

@@ -11,7 +11,7 @@
 from tornado.ioloop import IOLoop
 from tornado.web import Application, RequestHandler, HTTPError
 
-from bot.const import GITHUB_WEBHOOK_SECRET, SERVER_HOSTNAME_PATTERN, SERVER_PORT, TELEGRAM_WEBHOOK_URL, HMAC_SECRET
+from bot.const import GITHUB_WEBHOOK_SECRET, SERVER_HOSTNAME_PATTERN, SERVER_PORT, TELEGRAM_WEBHOOK_URL, HMAC_SECRET, DEBUG
 from bot.githubupdates import GithubUpdate, GithubAuthUpdate
 from bot.utils import secure_decode_64, HMACException
 
@@ -145,7 +145,7 @@ def __init__(self, token, updater_kwargs=None):
         self.dispatcher = self.updater.dispatcher
         self.update_queue = self.updater.update_queue
 
-        self.app = Application()
+        self.app = Application(debug=DEBUG)
         self.app.add_handlers(SERVER_HOSTNAME_PATTERN, [
             (
                 r'/{}/?'.format(token),

docker-compose.yml

@@ -0,0 +1,25 @@
+version: '3.0'
+
+services:
+  bot:
+    build: 
+      context: .
+    volumes:
+      - './:/usr/src/app'
+      - 'bot_data:/data'
+      - './private-key.pem:/config/key.pem'
+    env_file:
+      - .env
+  localtunnel:
+    image: kaixhin/localtunnel
+    command:
+      - '80'
+      - '--local-host'
+      - 'bot'
+      - '--subdomain'
+      - '${SERVER_SUBDOMAIN}'
+    restart: always
+
+volumes:
+  bot_data: null
+

setup_dev.md

@@ -0,0 +1,119 @@
+# Create Dev Setup
+
+## Define some names
+
+will be later referred using the right notation
+
+ * Github app name:  `<github-app>` e.g., GithubBot Revised
+ * Localtunnel custom domain: `<custom-domain>` e.g., githubbot-revised 
+ * telegram bot name: `<telegram-bot>` e.g., githubrevised_bot 
+ * random webhook url secret: `<webhook-secret>` e.g., abcde 
+
+create an `.env` file in the repo directory and enter the following values:
+
+```
+DEBUG=True
+
+SERVER_SUBDOMAIN=<custom-domain>
+SERVER_URL_BASE=https://<custom-domain>.localtunnel.me
+```
+
+## Register new Github app
+
+### Define App
+
+Go to: https://github.com/settings/apps/new
+
+enter following values while replacing the corresponding chosen names:
+
+* name: `<github-app>`
+* url: `https://t.me/<telegram-bot>`
+* webhook url: `https://<custom-domain>.localtunnel.me`
+* user callback url: `https://<custom-domain>.localtunnel.me/github/auth`
+* setup url: `https://t.me/<telegram-bot>`
+
+permissions:
+ * repo admin -> read
+ * repository contents -> read
+ * deployments -> read
+ * issues -> read+write
+ * repo meta -> read
+ * pages -> read
+ * pr -> read
+ * repo projects -> read
+ * security vulneratibly alerts -> read
+ * commit status -> read
+ * organizatin projects -> read
+ * team discussions -> read
+
+events
+ * all
+
+This will results in values for the following ids:
+
+```
+App ID: e.g., 12345
+(OAuth) Client ID: e.g., Iv1.abcd...
+(OAuth) Client secret: e.g., 123...
+```
+
+### Generate private key
+create a new private key and store it in the repo directory as `private-key.pem`
+
+### Configure repo
+extend the `.env` file with: 
+
+```
+GITHUB_APP_NAME=telegramgithubbot-sam
+GITHUB_APP_ID=
+GITHUB_WEBHOOK_SECRET=<webhook-secret>
+GITHUB_OAUTH_CLIENT_ID=
+GITHUB_OAUTH_CLIENT_SECRET=
+```
+
+## Create Telegram bot
+
+### Create via BotFather
+Use bot father to create a new bot named `<telegram-bot>`
+
+```
+/newbot
+```
+
+e.g., results in `https://t.me/githubrevised_sam_bot` along with a secret token
+
+```
+token: 34334:adff3f...
+```
+
+### Advanced BotFather settings
+
+enable inline mode
+```
+/setinline ... to inline query enable
+```
+
+add available commands for better autocompletion
+
+```
+start - Start the bot
+help - Show help
+login - Login to Github
+privacy - Privacy Policy
+settings - Settings
+```
+
+### Configure bot
+extend the `.env` file with the received token
+```
+TELEGRAM_BOT_TOKEN=
+```
+
+## Launch docker-compose 
+
+
+```
+docker-compose up
+```
+
+now you should be able to chat with the bot.