From ca462e290ac853eb60055f28c2543bdacbe92bd3 Mon Sep 17 00:00:00 2001
From: houhuan <houhuanya@gmail.com>
Date: Mon, 4 May 2026 22:58:08 +0800
Subject: [PATCH] feat: add token sync service and update docker-compose

---
 docker-compose.yml      | 15 +++++++++++++++
 sync_service/Dockerfile | 13 +++++++++++++
 sync_service/app.py     | 36 ++++++++++++++++++++++++++++++++++++
 3 files changed, 64 insertions(+)
 create mode 100644 sync_service/Dockerfile
 create mode 100644 sync_service/app.py

diff --git a/docker-compose.yml b/docker-compose.yml
index ad6d09c..92c478f 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,4 +1,5 @@
 services:
+  # 小爱机器人服务
   bot:
     build: .
     container_name: wework-xiaoai-bot
@@ -11,3 +12,17 @@ services:
       options:
         max-size: "10m"
         max-file: "3"
+
+  # Token 异地同步服务 (监听 42000 端口)
+  sync-service:
+    build: ./sync_service
+    container_name: xiaoai-sync-service
+    ports:
+      - "42000:42000"
+    volumes:
+      - ./.mi.token:/data/.mi.token
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - SYNC_SECRET_KEY=my_private_key_123
+      - BOT_CONTAINER_NAME=wework-xiaoai-bot
+    restart: unless-stopped
diff --git a/sync_service/Dockerfile b/sync_service/Dockerfile
new file mode 100644
index 0000000..852bd30
--- /dev/null
+++ b/sync_service/Dockerfile
@@ -0,0 +1,13 @@
+FROM python:3.11-slim
+
+# 安装 curl 用于与 Docker Socket 通信
+RUN apt-get update && apt-get install -y curl && rm -rf /var/lib/apt/lists/*
+
+RUN pip install --no-cache-dir flask
+
+WORKDIR /app
+COPY app.py .
+
+EXPOSE 42000
+
+CMD ["python", "app.py"]
diff --git a/sync_service/app.py b/sync_service/app.py
new file mode 100644
index 0000000..96ecd02
--- /dev/null
+++ b/sync_service/app.py
@@ -0,0 +1,36 @@
+from flask import Flask, request, jsonify
+import json
+import os
+
+app = Flask(__name__)
+
+# 配置信息
+TOKEN_FILE_PATH = "/data/.mi.token"  # 容器内挂载路径
+SECRET_KEY = os.getenv("SYNC_SECRET_KEY", "my_private_key_123") 
+CONTAINER_NAME = os.getenv("BOT_CONTAINER_NAME", "wework-xiaoai-bot")
+
+@app.route('/sync', methods=['POST'])
+def sync_token():
+    auth_key = request.headers.get('X-Auth-Key')
+    if auth_key != SECRET_KEY:
+        return jsonify({"msg": "Unauthorized"}), 401
+    
+    try:
+        token_data = request.json
+        if not token_data:
+            return jsonify({"msg": "No data received"}), 400
+            
+        with open(TOKEN_FILE_PATH, 'w', encoding='utf-8') as f:
+            json.dump(token_data, f, indent=2, ensure_ascii=False)
+        
+        # 通过 Docker Socket 重启机器人容器
+        # 使用 curl 调用容器内挂载的 docker.sock
+        os.system(f"curl --unix-socket /var/run/docker.sock -X POST http://localhost/containers/{CONTAINER_NAME}/restart")
+        
+        return jsonify({"msg": "Success. Token updated and Bot restarted."})
+    except Exception as e:
+        return jsonify({"msg": str(e)}), 500
+
+if __name__ == '__main__':
+    # 默认运行在 42000 端口
+    app.run(host='0.0.0.0', port=42000)