weblug

Webhook receiver program. weblug is is a configurable webhook receiver that allows users to define custom programs and script to be executed when a webhook is triggered.

The configuration happens via a yaml file. Read the usage caveats!

weblug supports multiple webhooks, limitations for concurrent web hooks to be executed, background execution and running webhooks as separate user (uid/gid).

Usage

To use weblug you need to define webooks in a yaml file. See weblug.yml for an example configuration. Then run

./weblug YAML-FILE

This starts the webserver and listens for incoming webhooks.

weblug can run as any user, however for custom uid/gid webhooks, the program needs to run as root.

Caveats

1. weblug does not support https encryption!

weblug is expected to run behind a http reverse proxy (e.g. apache or nginx) which handles transport encryption. The program it self does not support https, nor are there any plans to implement this in the near future.

CAVE: Don't expose secrets and credentials by running this without any transport encryption!

2. Do not run this without reverse proxy

weblug relies on the standart go http implementation. To avoid a whole class of securtiy concerns, weblug should never run on the open internet without a http reverse proxy.

3. weblug runs as root, when using custom UID/GIDs

In it's current implementation, weblug requires to remain running as root without dropping privileges when using custom UID/GIDs. This is a current limitation that will be hopefully resolved soon.

Build

make               # Build weblug
make static        # Make a static binary

Run as systemd unit

This repository provides an example weblug.service, which can be used to start weblug as systemd service. This file can be placed in /etc/systemd/system/weblug.service and in conjunction with an adequate weblug.yml file e.g. in /etc/weblug.yml this provides a way of running weblug as a native systemd service.