adammcclure
/
thunix-www
forked from thunix/www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
thunix-www/ansible-hook.php

47 lines
1.1 KiB
PHP
Raw Permalink Normal View History

Ok, giving up, splitting the hooks
2019-03-22 00:34:33 +00:00
<?php
/* gitea deploy webhook */
/* security */
$access_token = 'abcdefg';
Ok, swap files... le sigh
2019-03-22 00:36:33 +00:00
$ansible_lastrun = '/dev/shm/ansible-hook-last-run';
$ansible_dropfile = '/dev/shm/run-ansible';
Ok, giving up, splitting the hooks
2019-03-22 00:34:33 +00:00
$remoteip = $_SERVER['REMOTE_ADDR'];
$allowedip = "195.201.242.48";
$ratelimit = 300;
/* get json data */
$json = file_get_contents('php://input');
$data = json_decode($json, true);
$client_token = $data["secret"];
if ($client_token === $access_token)
{
http_response_code(403);
echo "HTTP 403 - Forbidden, P1.";
die();
}
if ($remoteip != $allowedip)
{
http_response_code(403);
echo "HTTP 403 - Forbidden, P2.";
//echo '\n' . $remoteip . " " . $allowedip;
die();
}
Ok, swap files... le sigh
2019-03-22 00:36:33 +00:00
syslog(LOG_INFO, 'Ansible Webhook recieved.');
if ( time () - filemtime ( $ansible_lastrun ) > $ratelimit ) {
touch ( $ansible_dropfile );
touch ( $ansible_lastrun );
echo "HTTP 200 - Ansible webhook recieved.";
Ok, giving up, splitting the hooks
2019-03-22 00:34:33 +00:00
die();
}
else {
http_response_code(429);
echo "HTTP 429 - Rate Limited.";
die();
}
die();
?>