diff --git a/.env b/.env index 85596413..a609937d 100644 --- a/.env +++ b/.env @@ -15,4 +15,5 @@ ETHPLORER_API_KEY = "" CURRENCY = "" RUNTIME_ENVIRONMENT = "DEV" WEBHOOK_SECRET_TOKEN = "" +REDIS_HOST = "" REDIS_PASSWORD = "" \ No newline at end of file diff --git a/bot.py b/bot.py index fd2940ae..f7d534d8 100644 --- a/bot.py +++ b/bot.py @@ -9,14 +9,13 @@ from aiogram import Bot, Dispatcher from aiogram.enums import ParseMode from fastapi import FastAPI, Request, status, HTTPException -from config import TOKEN, WEBHOOK_URL, ADMIN_ID_LIST, WEBHOOK_SECRET_TOKEN from db import create_db_and_tables import uvicorn from fastapi.responses import JSONResponse from services.notification import NotificationService -redis = Redis(password=config.REDIS_PASSWORD) -bot = Bot(TOKEN, default=DefaultBotProperties(parse_mode=ParseMode.HTML)) +redis = Redis(host=config.REDIS_HOST, password=config.REDIS_PASSWORD) +bot = Bot(config.TOKEN, default=DefaultBotProperties(parse_mode=ParseMode.HTML)) dp = Dispatcher(storage=RedisStorage(redis)) app = FastAPI() @@ -24,7 +23,7 @@ @app.post(config.WEBHOOK_PATH) async def webhook(request: Request): secret_token = request.headers.get("X-Telegram-Bot-Api-Secret-Token") - if secret_token != WEBHOOK_SECRET_TOKEN: + if secret_token != config.WEBHOOK_SECRET_TOKEN: raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Unauthorized") try: @@ -40,10 +39,10 @@ async def webhook(request: Request): async def on_startup(): await create_db_and_tables() await bot.set_webhook( - url=WEBHOOK_URL, - secret_token=WEBHOOK_SECRET_TOKEN + url=config.WEBHOOK_URL, + secret_token=config.WEBHOOK_SECRET_TOKEN ) - for admin in ADMIN_ID_LIST: + for admin in config.ADMIN_ID_LIST: try: await bot.send_message(admin, 'Bot is working') except Exception as e: diff --git a/config.py b/config.py index 0231005d..df6bc616 100644 --- a/config.py +++ b/config.py @@ -30,4 +30,5 @@ ETHPLORER_API_KEY = os.environ.get("ETHPLORER_API_KEY") CURRENCY = Currency(os.environ.get("CURRENCY")) WEBHOOK_SECRET_TOKEN = os.environ.get("WEBHOOK_SECRET_TOKEN") +REDIS_HOST = os.environ.get("REDIS_HOST") REDIS_PASSWORD = os.environ.get("REDIS_PASSWORD") diff --git a/docker-compose.yml b/docker-compose.yml index 3ea8a825..a601d693 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -37,6 +37,8 @@ services: CURRENCY: "USD" # fiat currency RUNTIME_ENVIRONMENT: "PROD" WEBHOOK_SECRET_TOKEN: "1234567890" # Any string you want + REDIS_HOST: "redis" + REDIS_PASSWORD: "1234567890" # Any string you want labels: caddy: YOUR-DOMAIN-GOES-HERE caddy.reverse_proxy: "bot:5000" @@ -68,6 +70,8 @@ services: volumes: - redis_data:/data restart: always + networks: + - caddy volumes: AiogramShopBot: diff --git a/readme.md b/readme.md index b782619a..a9805a59 100644 --- a/readme.md +++ b/readme.md @@ -99,6 +99,9 @@ Litecoin, Solana and stablecoins in the TRC20 and ERC20 networks, which allows y | ETHPLORER_API_KEY | API Key from ethplorer.io, used to get ERC20 balances. | No recommended value | | CURRENCY | Currency to be used in the bot. | "USD" or "EUR" or "JPY" or "CAD" or "GBP" | | RUNTIME_ENVIRONMENT | If set to "dev", the bot will be connected via an ngrok tunnel. "prod" will use [Caddy](https://hub.docker.com/r/lucaslorentz/caddy-docker-proxy) as reverse proxy together with your public hostname | "prod" or "dev" | +| WEBHOOK_SECRET_TOKEN | Required variable, used to protect requests coming from Telegram servers from spoofing. | Any string you want | +| REDIS_HOST | Required variable, needed to make the throttling mechanism work. | "redis" for docker-compose.yml | +| REDIS_PASSWORD | Required variable, needed to make the throttling mechanism work. | Any string you want | ### 1.1 Starting AiogramShopBot with Docker-compose.