add ip/ua app and deploy script

Co-authored-by: Cursor <cursoragent@cursor.com>

Dockerfile

@@ -0,0 +1,9 @@
+FROM python:3.12-alpine
+
+WORKDIR /app
+COPY app.py /app/app.py
+
+ENV PORT=8080
+EXPOSE 8080
+
+CMD ["python3", "/app/app.py"]

app.py

@@ -0,0 +1,54 @@
+#!/usr/bin/env python3
+import json
+import os
+from datetime import datetime, timezone
+from http.server import BaseHTTPRequestHandler, HTTPServer
+
+
+class Handler(BaseHTTPRequestHandler):
+    def _write_json(self, status=200):
+        client_ip = self.headers.get("X-Forwarded-For", "").split(",")[0].strip()
+        if not client_ip:
+            client_ip = self.client_address[0]
+
+        payload = {
+            "ip": client_ip,
+            "user_agent": self.headers.get("User-Agent", ""),
+            "method": self.command,
+            "path": self.path,
+            "timestamp": datetime.now(timezone.utc).isoformat(),
+            "headers": {k: v for k, v in self.headers.items()},
+        }
+
+        data = json.dumps(payload, ensure_ascii=False).encode("utf-8")
+        self.send_response(status)
+        self.send_header("Content-Type", "application/json; charset=utf-8")
+        self.send_header("Content-Length", str(len(data)))
+        self.end_headers()
+        self.wfile.write(data)
+
+    def do_GET(self):
+        self._write_json()
+
+    def do_POST(self):
+        self._write_json()
+
+    def do_PUT(self):
+        self._write_json()
+
+    def do_DELETE(self):
+        self._write_json()
+
+    def log_message(self, format, *args):
+        # Minimal logs to stdout
+        pass
+
+
+def main():
+    port = int(os.environ.get("PORT", "8080"))
+    server = HTTPServer(("0.0.0.0", port), Handler)
+    server.serve_forever()
+
+
+if __name__ == "__main__":
+    main()

deploy/my-vpn/deploy.sh

@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+APP_DIR="/srv/ip-ua"
+IMAGE_NAME="ip-ua"
+CONTAINER_NAME="ip-ua"
+NGINX_SITE="/etc/nginx/sites-available/ip-ua"
+NGINX_LINK="/etc/nginx/sites-enabled/ip-ua"
+CERT_DIR="/etc/nginx/certs"
+CERT_KEY="$CERT_DIR/ip-ua.key"
+CERT_CRT="$CERT_DIR/ip-ua.crt"
+
+mkdir -p "$APP_DIR" "$CERT_DIR"
+
+if [ ! -d "$APP_DIR/.git" ]; then
+  git clone git@git.ornot.ru:alexanderOrNot/testRepo.git "$APP_DIR"
+fi
+
+cd "$APP_DIR"
+git fetch --all
+git reset --hard origin/master
+
+docker build -t "$IMAGE_NAME:latest" .
+docker rm -f "$CONTAINER_NAME" >/dev/null 2>&1 || true
+docker run -d --name "$CONTAINER_NAME" -p 18080:8080 "$IMAGE_NAME:latest"
+
+if [ ! -f "$CERT_KEY" ] || [ ! -f "$CERT_CRT" ]; then
+  openssl req -x509 -nodes -newkey rsa:2048 -days 3650 \
+    -keyout "$CERT_KEY" -out "$CERT_CRT" \
+    -subj "/CN=my-vpn.local"
+fi
+
+cat > "$NGINX_SITE" <<'CONF'
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    server_name _;
+
+    location / {
+        proxy_pass http://127.0.0.1:18080;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+
+server {
+    listen 443 ssl default_server;
+    listen [::]:443 ssl default_server;
+    server_name _;
+
+    ssl_certificate     /etc/nginx/certs/ip-ua.crt;
+    ssl_certificate_key /etc/nginx/certs/ip-ua.key;
+
+    location / {
+        proxy_pass http://127.0.0.1:18080;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+CONF
+
+ln -sf "$NGINX_SITE" "$NGINX_LINK"
+rm -f /etc/nginx/sites-enabled/default
+nginx -t
+systemctl reload nginx