From e0fdf01095e92231da64da9febe9fe93d957e9b7 Mon Sep 17 00:00:00 2001
From: Michael Wallner <mike@php.net>
Date: Thu, 1 Oct 2015 17:07:09 +0200
Subject: [PATCH] init

---
 .gitignore |  1 +
 mirror.php | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 71 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 mirror.php

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a132d88
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+/mirror
diff --git a/mirror.php b/mirror.php
new file mode 100644
index 0000000..f83eedf
--- /dev/null
+++ b/mirror.php
@@ -0,0 +1,70 @@
+<?php
+
+use http\Env\Request;
+use http\Env\Response;
+use http\Params;
+
+$request = new Request;
+$response = new Response;
+$response->setResponseCode(500);
+ob_start($response);
+
+$mirror = getenv("mirror") ?: "/var/github/mirror";
+$secret = getenv("secret") ?: trim(file_get_contents("$mirror/.secret"));
+$owners = explode(",", getenv("owners") ?: trim(file_get_contents("$mirror/.owners")));
+
+$sig = $request->getHeader("X-Hub-Signature");
+$evt = $request->getHeader("X-Github-Event");
+
+if (!$sig || !$evt) {
+	$response->setResponseCode(400);
+	$response->setContentType("message/http");
+	$response->getBody()->append($request);
+	return $response->send();
+}
+
+foreach ((new Params($sig))->params as $algo => $mac) {
+	if ($mac["value"] !== hash_hmac($algo, $request->getBody(), $secret)) {
+		$response->setResponseCode(403);
+		$response->getBody()->append("Invalid signature");
+		return $response->send();
+	}
+}
+
+switch ($evt) {
+	default:
+		$response->setResponseCode(202);
+		$response->getBody()->append("Not a configured event");
+		break;
+	case "ping";
+	case "push":
+		if (!($json = json_decode($request->getBody()))) {
+			$response->setResponseCode(415);
+			$response->setContentType($request->getHeader("Content-Type"));
+			$response->getBody()->append($request->getBody());
+		} elseif (!in_array(isset($json->repository->owner->name)?$json->repository->owner->name:$json->repository->owner->login, $owners, true)) {
+			$response->setResponseCode(403);
+			$response->getBody()->append("Invalid owner");
+		} else {
+			$repo = $json->repository->full_name;
+			$path = $mirror . "/" . $repo;
+			if (is_dir($path) && chdir($path)) {
+				passthru("git fetch -vp 2>&1", $rv);
+				if ($rv == 0) {
+					$response->setResponseCode(200);
+				}
+			} elseif (mkdir($path, 0755, true) && chdir($path)) {
+				$source = escapeshellarg($json->repository->clone_url);
+				$description = escapeshellarg($json->repository->description);
+				passthru("git clone --mirror $source . 2>&1", $rv);
+				passthru("git config gitweb.description $description 2>&1");
+				unlink("description");
+				if ($rv == 0) {
+					$response->setResponseCode(200);
+				}
+			}
+		}
+		break;
+}
+
+$response->send();
-- 
2.30.2