From d297e9b6d11538c58a4de80b691083308227b2f7 Mon Sep 17 00:00:00 2001
From: Legacyyy777 <162005411+Legacyyy777@users.noreply.github.com>
Date: Fri, 19 Sep 2025 22:08:52 +0500
Subject: [PATCH 1/4] Add deploy workflow

---
 .github/workflows/deploy.yml | 37 ++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 .github/workflows/deploy.yml

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
new file mode 100644
index 00000000..2e158c49
--- /dev/null
+++ b/.github/workflows/deploy.yml
@@ -0,0 +1,37 @@
+name: Deploy Bot
+
+on:
+  push:
+    branches:
+      - DEV   # деплой только при пуше в DEV
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+
+      - name: Deploy to VPS
+        uses: appleboy/ssh-action@v1.0.3
+        with:
+          host: ${{ secrets.VPS_HOST }}
+          username: ${{ secrets.VPS_USER }}
+          key: ${{ secrets.VPS_SSH_KEY }}
+          script: |
+            # если папки ещё нет — клонируем
+            if [ ! -d /opt/mybot/.git ]; then
+              rm -rf /opt/mybot
+              git clone https://github.com/Legacyyy777/remnawave-bedolaga-telegram-bot_777.git /opt/mybot
+            fi
+
+            cd /opt/mybot
+
+            # обновляем и переключаемся на DEV
+            git fetch origin
+            git checkout DEV
+            git reset --hard origin/DEV
+
+            # пересобираем и запускаем контейнер
+            docker compose build --no-cache
+            docker compose up -d --force-recreate

From b68f1256ca26276595276c7ae3dc86d68a17680c Mon Sep 17 00:00:00 2001
From: Legacyyy777 <162005411+Legacyyy777@users.noreply.github.com>
Date: Fri, 3 Oct 2025 10:28:02 +0500
Subject: [PATCH 2/4] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5?=
 =?UTF-8?q?=D0=BD=D0=BE=20=D0=BB=D0=BE=D0=B3=D0=B8=D1=80=D0=BE=D0=B2=D0=B0?=
 =?UTF-8?q?=D0=BD=D0=B8=D0=B5=20=D0=B7=D0=B0=D0=B3=D0=BE=D0=BB=D0=BE=D0=B2?=
 =?UTF-8?q?=D0=BA=D0=BE=D0=B2=20=D0=B2=D0=B5=D0=B1=D1=85=D1=83=D0=BA=D0=B0?=
 =?UTF-8?q?=20Mulen=20Pay=20=D0=B4=D0=BB=D1=8F=20=D0=BE=D1=82=D0=BB=D0=B0?=
 =?UTF-8?q?=D0=B4=D0=BA=D0=B8=20=D0=B8=20=D0=B2=D1=80=D0=B5=D0=BC=D0=B5?=
 =?UTF-8?q?=D0=BD=D0=BD=D0=BE=20=D0=BE=D1=82=D0=BA=D0=BB=D1=8E=D1=87=D0=B5?=
 =?UTF-8?q?=D0=BD=D0=B0=20=D0=BF=D1=80=D0=BE=D0=B2=D0=B5=D1=80=D0=BA=D0=B0?=
 =?UTF-8?q?=20=D0=BF=D0=BE=D0=B4=D0=BF=D0=B8=D1=81=D0=B8.=20=D0=9E=D0=B1?=
 =?UTF-8?q?=D0=BD=D0=BE=D0=B2=D0=BB=D0=B5=D0=BD=D1=8B=20=D1=81=D0=BE=D0=BE?=
 =?UTF-8?q?=D0=B1=D1=89=D0=B5=D0=BD=D0=B8=D1=8F=20=D0=BB=D0=BE=D0=B3=D0=B8?=
 =?UTF-8?q?=D1=80=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8=D1=8F=20=D0=B4=D0=BB=D1=8F?=
 =?UTF-8?q?=20=D1=83=D0=BB=D1=83=D1=87=D1=88=D0=B5=D0=BD=D0=B8=D1=8F=20?=
 =?UTF-8?q?=D0=B4=D0=B8=D0=B0=D0=B3=D0=BD=D0=BE=D1=81=D1=82=D0=B8=D0=BA?=
 =?UTF-8?q?=D0=B8.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/external/webhook_server.py | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/app/external/webhook_server.py b/app/external/webhook_server.py
index cb0d22de..f37048de 100644
--- a/app/external/webhook_server.py
+++ b/app/external/webhook_server.py
@@ -112,14 +112,18 @@ class WebhookServer:
     async def _mulenpay_webhook_handler(self, request: web.Request) -> web.Response:
         try:
             logger.info(f"Получен Mulen Pay webhook: {request.method} {request.path}")
+            logger.info(f"MulenPay webhook headers: {dict(request.headers)}")
             raw_body = await request.read()
 
             if not raw_body:
                 logger.warning("Пустой Mulen Pay webhook")
                 return web.json_response({"status": "error", "reason": "empty_body"}, status=400)
 
+            # Временно отключаем проверку подписи для отладки
+            # TODO: Включить обратно после настройки MulenPay
             if not self._verify_mulenpay_signature(request, raw_body):
-                return web.json_response({"status": "error", "reason": "invalid_signature"}, status=401)
+                logger.warning("MulenPay webhook signature verification failed, but processing anyway for debugging")
+                # return web.json_response({"status": "error", "reason": "invalid_signature"}, status=401)
 
             try:
                 payload = json.loads(raw_body.decode('utf-8'))
@@ -160,6 +164,12 @@ class WebhookServer:
             logger.error("Mulen Pay secret key is not configured")
             return False
 
+        # Логируем все заголовки для отладки
+        logger.info("MulenPay webhook headers for signature verification:")
+        for header_name, header_value in request.headers.items():
+            if any(keyword in header_name.lower() for keyword in ['signature', 'sign', 'token', 'auth']):
+                logger.info(f"  {header_name}: {header_value}")
+
         signature = WebhookServer._extract_mulenpay_header(
             request,
             (
@@ -171,6 +181,14 @@ class WebhookServer:
                 'X-MULENPAY-WEBHOOK-SIGNATURE',
                 'X-Signature',
                 'Signature',
+                'X-MulenPay-Sign',
+                'X-Mulenpay-Sign',
+                'X-MULENPAY-SIGN',
+                'MulenPay-Signature',
+                'Mulenpay-Signature',
+                'MULENPAY-SIGNATURE',
+                'signature',
+                'sign',
             )
         )
         if signature:
@@ -228,7 +246,7 @@ class WebhookServer:
         if fallback_token and hmac.compare_digest(fallback_token, secret_key):
             return True
 
-        logger.debug(
+        logger.info(
             "Mulen Pay webhook headers received: %s",
             {key: value for key, value in request.headers.items() if 'authorization' not in key.lower()}
         )

From d33831dfe4172abf6816fc53b1e582f3219c5552 Mon Sep 17 00:00:00 2001
From: Egor <egor.andrianovv@gmail.com>
Date: Fri, 3 Oct 2025 21:43:30 +0300
Subject: [PATCH 3/4] Delete .github/workflows/deploy.yml

---
 .github/workflows/deploy.yml | 37 ------------------------------------
 1 file changed, 37 deletions(-)
 delete mode 100644 .github/workflows/deploy.yml

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
deleted file mode 100644
index 2e158c49..00000000
--- a/.github/workflows/deploy.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-name: Deploy Bot
-
-on:
-  push:
-    branches:
-      - DEV   # деплой только при пуше в DEV
-
-jobs:
-  deploy:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v3
-
-      - name: Deploy to VPS
-        uses: appleboy/ssh-action@v1.0.3
-        with:
-          host: ${{ secrets.VPS_HOST }}
-          username: ${{ secrets.VPS_USER }}
-          key: ${{ secrets.VPS_SSH_KEY }}
-          script: |
-            # если папки ещё нет — клонируем
-            if [ ! -d /opt/mybot/.git ]; then
-              rm -rf /opt/mybot
-              git clone https://github.com/Legacyyy777/remnawave-bedolaga-telegram-bot_777.git /opt/mybot
-            fi
-
-            cd /opt/mybot
-
-            # обновляем и переключаемся на DEV
-            git fetch origin
-            git checkout DEV
-            git reset --hard origin/DEV
-
-            # пересобираем и запускаем контейнер
-            docker compose build --no-cache
-            docker compose up -d --force-recreate

From 7d204684e102d6f00f1dec528bdc357047e7ef25 Mon Sep 17 00:00:00 2001
From: Egor <egor.andrianovv@gmail.com>
Date: Sat, 4 Oct 2025 00:11:19 +0300
Subject: [PATCH 4/4] Update install_bot.sh

---
 install_bot.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install_bot.sh b/install_bot.sh
index 272e42c4..d1c1f2a3 100755
--- a/install_bot.sh
+++ b/install_bot.sh
@@ -272,7 +272,7 @@ POSTGRES_DB=remnawave_bot
 REDIS_HOST=redis
 REDIS_PORT=6379
 NODE_ENV=production
-LOG_LEVEL=info
+LOG_LEVEL=INFO
 EOF
   chmod 600 "$env_file"
   print_success ".env файл создан: $env_file"