Powered by Koshka!!!
Version 1.0.0
Further we will configure development environment for each developer
on his computer and several or one remote "on server/pre build" environments.
It can be for example - 4 developers environments, one remote for test and
on remote - main production environment.
Or it can be two developers environments and one remote production.
On both we need:
- Debian based Linux destribution
- Git - distributed version control system
- NodeJS (Node.js) - JavaScript run-time environment for executing JavaScript code server-side
- NodeJS module 'react-scripts'
- Apache2 - web server software
- Apache2 module 'curl'
- Apache2 module 'mysql'
- PHP 7.* - server-side scripting language
- PECL - repository for PHP Extensions
- Composer - package manager for PHP
- Doctrine - set of PHP libraries for converting data to object model
- CodeIgniter - PHP framework
- CodeIgniter Rest Server - a RESTful server implementation for CodeIgniter
- MySQL - relational database management system
- OpenSSL - cryptography library and toolkit for secure protocols
You need nginx on both environment (development and production), thus
there is bug in CodeIgniter with base_url configuration, and thus it is
impossible to set homepage for react-js in npm start mode.
For each environment we need one Telegramm bot. We will create it with
BotFather.
- Find @BotFather applicative account in Telegramm.
- Print: /help
- /newbot
- Forward instructions
- Create token, and save it
You cat create tokens.txt at root of project and save there your tokens.
It is ignored by git.
Install main php package and all what you need for build the dependencies:
sudo apt-get install \
php7.0 \
php7.0-curl \
php7.0-json \
php7.0-mbstring \
php7.0-mysql \
php7.0-dev \
php-pear \
build-essential
Bot can determine gender of a requester.
It uses php gender pear dependency.
Install the dependency:
sudo pecl install gender
Edit /etc/php/7.?/mods-available/gender.ini file and add there:
extension=gender.so
Then enable the module and restart the server:
sudo phpenmod gender
sudo service apache2 restart
Create folder for the dictionary in /opt/gender and navigate there,
than run follow command.
Type . for the dictionary location:
pear run-scripts pecl/gender
TODO: connect dictionary to the flow
Clone the project some where it can be accessed for Apache2 and Nginx
Navigate to /path/to/project/backend folder and run composer install
Run from the root of project: ./installci.sh
Configure /ci/public/index.php
Find and adjust follow:
$application_folder = '../../backend/application';
$system_path = '../../backend/vendor/codeigniter/framework/system';
Configure /backend/application/config/config.php Find and adjust follow:
$config['enable_hooks'] = TRUE;
Lcate /etc/mysql/mysql.conf.d/mysqld.cnf
Edit it:
[mysqld]
...
character-set-server= utf8mb4
collation-server=utf8mb4_general_ci
mysql -u root -p
create database telegrammbot
DEFAULT CHARACTER SET utf8mb4
DEFAULT COLLATE utf8mb4_general_ci;
create user 'telegrammbot'@'localhost' identified by 'dbpassword';
grant all privileges on telegrammbot.* to 'telegrammbot'@'localhost';
flush privileges;
You can use also follow commands for fix characters set issues:
show variables like "character_set_database";
# -
SELECT character_set_name FROM information_schema.`COLUMNS`
WHERE table_schema = "telegrammbot"
AND table_name = "posts"
AND column_name = "text";
# -
SELECT default_character_set_name
FROM information_schema.SCHEMATA
WHERE schema_name = "telegrammbot";
# -
SELECT CCSA.character_set_name FROM information_schema.`TABLES` T,
information_schema.`COLLATION_CHARACTER_SET_APPLICABILITY` CCSA
WHERE CCSA.collation_name = T.table_collation
AND T.table_schema = "telegrammbot"
AND T.table_name = "posts";
#-
alter database telegrammbot
DEFAULT CHARACTER SET utf8mb4
DEFAULT COLLATE utf8mb4_general_ci;
# -
ALTER TABLE posts CONVERT TO CHARACTER SET utf8mb4;
For fix character set.
You can use user and password as you wish, just keep it same in DB/user
creation and bot configuration
If you have follow socket error while use doctrine scripts:
SQLSTATE[HY000] [2002] No such file or directory
- Run follow command from mysql prompt:
show variables like '%sock%' - Locate php.ini with:
php -i | grep php.ini - Past appropriate path to socket file to
php.iniconfig file:
pdo_mysql.default_socket=/var/run/mysqld/mysqld.sock
Create config.yml in /backend/ folder and put:
token: "BOT_TOKEN"
db:
user: "telegrammbot"
password: "dbpassword"
db: "telegrammbot"
driver: "pdo_mysql"
- token - the bot token
Perform follow GET query for retrieve some bot data if necessary:
https://api.telegram.org/bot<YOURTOKEN>/getMe
The driver part is mostly problematic one. You need make your php installation
support pdo_msql driver or any other.
<? echo phpinfo(); integrated in outside page will help you to reach this
goal.
Run at /backend:
- For create:
vendor/bin/doctrine orm:schema-tool:create - For drop:
vendor/bin/doctrine orm:schema-tool:drop - For update:
vendor/bin/doctrine orm:schema-tool:update
You need add --dump-sql for print the query or --force for run the query.
- Navigate to
/backend/db/and runmysql -u user -p - Enter the password
use dbname
source script.sql
Create account for admin:
Important! You need to md5 the passwords
show create table users;
insert into users(`login`, `password`) values (
> "username",
> "5f4dcc3b5aa765d61d8327deb882cf99");
select * from users;
Use apg command for retrive random data.
Then you can md5 the data from the shell using md5sum command:
apg
echo -n "password" | md5sum
Remember to use -n option for skip new line!
You need choose username and password It is credential data for login from
Admin-On-Rest admin panel.
Install nodejs, and fix nodejs on Ubuntu after install:
sudo ln -s /usr/bin/nodejs /usr/local/bin/node
Install last npm:
sudo npm install -g n
sudo n latest
Install all necessary modules from /admin folder: npm install
Than use follow commands:
npm start- For debugnpm run build- For buildserve -s build- For test of deploy package (optional)
In case of start demonization will occure on port 3000
Create some folder, for example /var/keys/ and run there:
openssl req
-newkey rsa:2048
-sha256
-nodes
-keyout domain.key
-x509
-days 365
-out domain.pem
-subj "/C=RU/ST=Moscow/L=Pushkino/O=KoshkaSoft/CN=domain.org"
You need to implode the command to one line before run it.
IMPORTANT! You need to set CN exactly as your domain name of the outer
callback for Telegramm.
For print certificate data:
openssl x509 -in domain.pem -text
Perform follow (curl) step after you will achive all the goals described
below, and have all necessary data.
When you will have all the data, than: upload certificate and set callback:
curl \
-F "url=https://domain.org/webhook.php" \
-F "certificate=@/var/keys/domain.pem" \
https://api.telegram.org/bot<YOURTOKEN>/setWebhook
Create site in /etc/apache2/sites-available
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName bot.domain.org
DocumentRoot /path/to/project/backend/bot
# -
ErrorLog ${APACHE_LOG_DIR}/talegrammbot.log
CustomLog ${APACHE_LOG_DIR}/talegrammbot-access.log combined
# -
SSLEngine on
# -
SSLCertificateFile /var/keys/domain.pem
SSLCertificateKeyFile /var/keys/domain.key
# -
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
# -
<Directory /path/to/project/backend/bot>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
</IfModule>
Create configuration for api backend and admin site (see Alias)
with prebuild react js sources.
Here you need use appropriate port configured for the current environment.
<VirtualHost *:[port]>
ServerName domain.org
# -
ServerAdmin [email protected]
DocumentRoot /path/to/project/ci/public
# -
Alias /admin /path/to/project/admin/build/
# -
<Directory /path/to/project/ci/public>
AllowOverride all
Require all granted
</Directory>
<Directory /path/to/project/backend/vendor/>
AllowOverride all
Require all granted
</Directory>
<Directory /path/to/project/admin/build/>
AllowOverride all
Require all granted
</Directory>
# -
ErrorLog ${APACHE_LOG_DIR}/botapi_error.log
CustomLog ${APACHE_LOG_DIR}/botapi_access.log combined
</VirtualHost>
Enable it with sudo a2ensite sitename
And reload apache sudo service apache2 reload
See substitutions for domain.org and bot.domain.org further.
Let:
- Outer ip:
7.98.98.10 - Outer HTTP port from outside for Telegramm to connect to the bot:
443 - Dynamic DNS name for remote connections:
telegrammbot.olga.ddns.net - Inner ip:
192.168.0.100 - Inner router ip:
192.168.0.1 - Inner HTTP ports for apache to get connections:
8080and443 - Inner HTTP port for NodeJS:
3000 - Inner HTTP port for Nginx:
80 - Local server name for PHP admin REST service:
telegrammbotapi - Local server name for NodeJS admin-on-rest compilation:
telegrammadmin
Substitutions for Apache2 servers in VHosts configurations:
- Apache2 SSL configuration:
bot.domain.org->telegrammbot.olga.ddns.net. - Apache2 HTTP configuration:
domain.org->telegrammbotapi
You need configure:
- Port forwarding
- Dynamic DNS
- Link MAC to IP
You need access your router admin panel at the web interface. It is
represented by 192.168.0.1 in list above. For instance it can be:
http://192.168.0.1. Type it at your browser. Find password for admin
at box of the router or reset the settings and find the default password
in product description.
There you need find "virtual server" or "port forwarding", but not port
triggering.
google for "port forwarding"
Configure (basing on assumptions above):
- Outer port (must be): 443
- Inner port: 443
- Inner ip: 192.168.0.100
Than you need find option for dynamic DNS and configure it as well.
You will need to register on the DDNS service provider.
Than in options of linking MAC to IP for local DHCP you need link your local
MAC address to static IP address.
MAC address you cat get from ifconfig command in field HWaddr of the
command output, for port forwarding option will remain actual.
Append follow lines in /etc/hosts:
127.0.0.1 telegrammbotadmin
127.0.0.1 telegrammbotapi
127.0.0.1 telegrammbotcb
- telegrammbotadmin - is for develop ReactJS admin panel
- telegrammbotapi - is for develop backend of ReactJS panel
- telegrammbotcb - is for test connection to the bot call back for Telegramm
On the dev, you will need use nginx for both apache and nodejs will be on same
domain. Otherwise some browsers as Chromium will ose OPTIONS instead of
POST over the HTTP.
Configure site in /etc/nginx/sites-available and link it to
/etc/nginx/sites-enabled with ln -s source destination command
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# -
upstream websocket {
server localhost:3000;
}
# -
upstream api {
server telegrammbotapi:8080;
}
# -
server {
listen 80;
server_name telegrammbotapi;
# -
location / {
proxy_pass http://websocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
# -
location /api {
rewrite /api/(.*) /$1 break;
proxy_pass http://api;
proxy_set_header Host telegrammbotapi;
proxy_set_header X-Real-IP $remote_addr;
}
}
It is very important to set X-Real-IP header
Restart the server: sudo service nginx restart
Set apache2 listen on port 8080 instead of 80 in /etc/apache2/ports.conf
You will need restart apache2: sudo service apache2 restart
Create one more SSL VHost with /etc/hosts name for test connection locally:
<IfModule mod_ssl.c>
<VirtualHost *:443>
...
ServerName telegrammbotcb
...
</VirtualHost>
</IfModule>
Always confirm security exceptions about missing certificate, unless you will
have really approved one with known CA.
You still need keep apache2 on 8080 port for http protocol.
You need configure nginx in follow way. This is the same way you need
configure it for test npm run build package on the development.
Let antibot.technofractal.org is our domain.
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# -
upstream api {
server antibot.technofractal.org:8080;
}
# -
upstream admin {
server antibot.technofractal.org:8080;
}
# -
server {
listen 80;
server_name antibot.technofractal.org;
# -
location /admin {
proxy_pass http://admin;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
# -
location /api {
rewrite /api/(.*) /$1 break;
proxy_pass http://api;
}
}
You need run npm run build in the /admin directory every time admin NodeJs
frontend changed for rebuild it.
curl \
--tlsv1 -v -k \
-X POST \
-H "Content-Type: application/json" \
-H "Cache-Control: no-cache" \
-d '{
"update_id":10000,
"message":{
"date":1441645532,
"chat":{
"last_name":"Test Lastname",
"id":1111111,
"first_name":"Test",
"username":"Test"
},
"message_id":1365,
"from":{
"last_name":"Test Lastname",
"id":1111111,
"first_name":"Test",
"username":"Test"
},
"text":"/start"
}
}' "https://url.org"
When you will create text will be used by the bot, put it in
/backend/bot/data directory. There you can split lines by CRLF, but it will
joined by the application.
For put new line (as br tag) use - "\r".
You also can use templates.
For instance:
<b>Some header<b>\r
Some text
will not split here\nbut here!\n
Good evening: {name}
- https://marmelab.com/admin-on-rest/
- https://www.nginx.com/blog/websocket-nginx/
- http://docs.doctrine-project.org/en/latest/tutorials/getting-started.html
- https://reacttraining.com/react-router/web/example/basic
- https://code.tutsplus.com/tutorials/working-with-restful-services-in-codeigniter--net-8814
- https://core.telegram.org/bots/api
- https://telegram-bot-sdk.readme.io/docs
- https://dev.mysql.com/doc/refman/5.7/en/charset-applications.html
- https://scottlinux.com/2011/03/04/rotate-mysql-backups-with-logrotate/
- https://rclone.org/