Skip to content

Commit de85ca4

Browse files
author
Olaf
authored
Update README.md
1 parent 941f74c commit de85ca4

1 file changed

Lines changed: 106 additions & 2 deletions

File tree

README.md

Lines changed: 106 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,106 @@
1-
# web-node_webhook
2-
Webhook server which clients can connect to via socket io
1+
# Webhook handler
2+
3+
This is a lightweight server and client which will enable you to run shell commands on an instance via webhooks.
4+
5+
## Inspiration
6+
7+
This project was created as a hobby project for may 4th (star wars day) which would enable a slack command in the office to have a cardboard r2d2 (with raspberri pi) to express it in r2-d2 speak.
8+
9+
After checking out this open-source repo https://github.com/adnanh/webhook I've decided the architecture was not actually what I wanted. I was looking for a central service for webhooks, and clients would be able to register and configure themselves. For communication between server and client I decided to go for socketio instead of some push/pull setup.
10+
11+
Since it's actually a useful tool for automation and deployments, I've decided to open-source it.
12+
13+
## How does it work?
14+
### Server
15+
The server captures incoming POST requests, validates and relays them to the client. All webhook configuration is determined by the client and not the server.
16+
### Client
17+
The client contains the configuration for the webhook and the command to run. It will connect to the server over a socket connection and authenticates using JSON webtoken. Multiple clients are supported as long as their APP (id) is unique.
18+
19+
---
20+
21+
## Install
22+
23+
npm install
24+
25+
## Run
26+
### Server
27+
28+
npm run server
29+
30+
### Client
31+
32+
npm run client
33+
34+
35+
## Configuration
36+
37+
### Environment variables
38+
39+
The server accepts the following environment variables:
40+
41+
- `TOKEN` (Server/Client) This is the password the server will use to authenticate the client with, make sure to change it
42+
- `SECRET` (Server) The JWT secret
43+
- `SECRET_EXPIRY` (Server) The JWT secret expiry. Note that the JWT check is only done at socket connection and not in subsequent messages.
44+
- `PORT` (Server) The port the server will listen on. Default: 8080
45+
- `APP` (Client) The client ID, should be unique per client.
46+
- `SERVER_URL` (Client) The server URL which the client will connect with.
47+
48+
### Webhooks
49+
50+
Now this is the real meat.
51+
52+
The client will check for a `hooks.json` configuration file in the repo root, the user home directory and in the src directory in that order.
53+
54+
The `hooks.json` file holds the configuration for all the hooks. You can define multiple.
55+
56+
Example `hooks.json` configuration:
57+
58+
[
59+
{
60+
"id": "r2d2",
61+
"execute-command": "python3 ./r2d2.py",
62+
"command-working-directory": "/Users/codebrewery/PyTalk-R2D2-master/src",
63+
"response-message": "Executing r2d2 script",
64+
"pass-arguments-to-command": [
65+
{
66+
"source": "payload",
67+
"name": "text"
68+
}
69+
],
70+
"trigger-rule": {
71+
"match": {
72+
"type": "value",
73+
"value": "<YOUR-GENERATED-TOKEN>",
74+
"parameter": {
75+
"source": "payload",
76+
"name": "token"
77+
}
78+
}
79+
}
80+
}
81+
]
82+
83+
For more info on the configuration I'd like to point to the json used in https://github.com/adnanh/webhook as I took that as a reference. They have a detailed wiki https://github.com/adnanh/webhook/wiki.
84+
85+
Currently only the `match` trigger rule is supported.
86+
87+
## Security
88+
89+
It should be quite obvious but allowing an external influence run shell commands poses quite a security risk. Therefore I recommend you always run the server over SSL, change the default server `SECRET` and the `APP_TOKEN` environment variables.
90+
91+
## Docker
92+
93+
### Server
94+
95+
You are able to run the server in a docker environment. For production I would recommend to proxy it with for example nginx and only accept requests over SSL.
96+
97+
### Client
98+
99+
Since the client needs shell access, running it inside a container won't do anything for you.
100+
101+
## TODO
102+
103+
- Add tests, this is an open-source project and would like high coverage ;)
104+
- Add some tools, such as versioning and CI
105+
- Enable all json configuration based on https://github.com/adnanh/webhook/wiki/Hook-Definition
106+

0 commit comments

Comments
 (0)