phoenix/weblug
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
Simple webhook receiver program https://codeberg.org/grisu48/weblug
66 commits 16 branches 0 tags 310 KiB
Go 82.8%
Shell 15.9%
Makefile 1.3%
Go to file
Felix Niederwanger 42176fac4e
Add unit test for the message body and headers 
Adds unit tests for passing of the message body and the message headers.
2024-04-05 09:35:09 +02:00
cmd/weblug Add unit test for the message body and headers 2024-04-05 09:35:09 +02:00
doc Update manpage 2024-02-26 08:01:46 +01:00
test Add possibility for priviledge drop 2023-06-05 17:00:30 +02:00
.gitignore Introduce tls support 2024-02-26 08:01:42 +01:00
go.mod Increase to go1.18 2022-12-29 16:12:52 +01:00
go.sum First prototype 2022-02-08 11:25:22 +01:00
LICENSE Initial commit 2022-02-08 09:58:24 +01:00
Makefile Add TLS test 2024-02-26 13:50:30 +01:00
README.md Add key generation section 2024-03-23 18:54:45 +01:00
Taskfile.yml Add TLS test 2024-02-26 13:50:30 +01:00
weblug.service Add systemd unit 2023-04-21 18:56:27 +02:00
weblug.spec Add spec file 2023-05-16 20:33:11 +02:00
weblug.yml Pass headers and body to subcommands 2024-04-05 09:35:03 +02:00

README.md

weblug

weblug is is a configurable webhook receiver that allows users to run arbitrary programs and script when a webhook is triggered.

The configuration happens via a yaml file. Read the usage caveats!

weblug supports multiple webhooks via different URL paths, concurrency limitations, background execution and running webhooks as separate user (uid/gid).

Usage

Webooks are defined via a yaml file. See weblug.yml for an example configuration. Pass the yaml file(s) to weblug to starting the webserver and waiting for incoming webhooks:

./weblug YAML-FILE

weblug can run as any user, however for custom uid/gid webhooks, the program needs to run as root.

Caveats

  1. weblug should not face the open internet

weblug is expected to run behind a http reverse proxy (e.g. apache or nginx). While the program itself does support tls, to avoid a whole class of security issues, weblug should never run on the open internet without a http reverse proxy.

  1. weblug runs as root, when using custom UID/GIDs

In it's current implementation, weblug requires to remain running as root without dropping privileges when using custom UID/GIDs.

TLS

weblug now supports tls. To generate self-signed keys

openssl genrsa -out weblug.key 2048
openssl req -new -x509 -sha256 -key weblug.key -out weblug1.pem -days 365

Then configure the weblug.yml file accordingly. You can use multiple keys/certificates.

Build

make               # Build weblug
make static        # Make a static binary

Alternatively you there is also a Taskfile

task
task static        # Build static binary

Run as systemd unit

This repository provides an example weblug.service, which can be used to start weblug as systemd service. This file can be placed in /etc/systemd/system/weblug.service and in conjunction with an adequate weblug.yml file e.g. in /etc/weblug.yml this provides a way of running weblug as a native systemd service.