|
1 | | -# web-node_webhook |
2 | | -Webhook server which clients can connect to via socket io |
| 1 | +# Webhook handler |
| 2 | + |
| 3 | +This is a lightweight server and client which will enable you to run shell commands on an instance via webhooks. |
| 4 | + |
| 5 | +## Inspiration |
| 6 | + |
| 7 | +This project was created as a hobby project for may 4th (star wars day) which would enable a slack command in the office to have a cardboard r2d2 (with raspberri pi) to express it in r2-d2 speak. |
| 8 | + |
| 9 | +After checking out this open-source repo https://github.com/adnanh/webhook I've decided the architecture was not actually what I wanted. I was looking for a central service for webhooks, and clients would be able to register and configure themselves. For communication between server and client I decided to go for socketio instead of some push/pull setup. |
| 10 | + |
| 11 | +Since it's actually a useful tool for automation and deployments, I've decided to open-source it. |
| 12 | + |
| 13 | +## How does it work? |
| 14 | +### Server |
| 15 | +The server captures incoming POST requests, validates and relays them to the client. All webhook configuration is determined by the client and not the server. |
| 16 | +### Client |
| 17 | +The client contains the configuration for the webhook and the command to run. It will connect to the server over a socket connection and authenticates using JSON webtoken. Multiple clients are supported as long as their APP (id) is unique. |
| 18 | + |
| 19 | +--- |
| 20 | + |
| 21 | +## Install |
| 22 | + |
| 23 | + npm install |
| 24 | + |
| 25 | +## Run |
| 26 | +### Server |
| 27 | + |
| 28 | + npm run server |
| 29 | + |
| 30 | +### Client |
| 31 | + |
| 32 | + npm run client |
| 33 | + |
| 34 | + |
| 35 | +## Configuration |
| 36 | + |
| 37 | +### Environment variables |
| 38 | + |
| 39 | +The server accepts the following environment variables: |
| 40 | + |
| 41 | +- `TOKEN` (Server/Client) This is the password the server will use to authenticate the client with, make sure to change it |
| 42 | +- `SECRET` (Server) The JWT secret |
| 43 | +- `SECRET_EXPIRY` (Server) The JWT secret expiry. Note that the JWT check is only done at socket connection and not in subsequent messages. |
| 44 | +- `PORT` (Server) The port the server will listen on. Default: 8080 |
| 45 | +- `APP` (Client) The client ID, should be unique per client. |
| 46 | +- `SERVER_URL` (Client) The server URL which the client will connect with. |
| 47 | + |
| 48 | +### Webhooks |
| 49 | + |
| 50 | +Now this is the real meat. |
| 51 | + |
| 52 | +The client will check for a `hooks.json` configuration file in the repo root, the user home directory and in the src directory in that order. |
| 53 | + |
| 54 | +The `hooks.json` file holds the configuration for all the hooks. You can define multiple. |
| 55 | + |
| 56 | +Example `hooks.json` configuration: |
| 57 | + |
| 58 | + [ |
| 59 | + { |
| 60 | + "id": "r2d2", |
| 61 | + "execute-command": "python3 ./r2d2.py", |
| 62 | + "command-working-directory": "/Users/codebrewery/PyTalk-R2D2-master/src", |
| 63 | + "response-message": "Executing r2d2 script", |
| 64 | + "pass-arguments-to-command": [ |
| 65 | + { |
| 66 | + "source": "payload", |
| 67 | + "name": "text" |
| 68 | + } |
| 69 | + ], |
| 70 | + "trigger-rule": { |
| 71 | + "match": { |
| 72 | + "type": "value", |
| 73 | + "value": "<YOUR-GENERATED-TOKEN>", |
| 74 | + "parameter": { |
| 75 | + "source": "payload", |
| 76 | + "name": "token" |
| 77 | + } |
| 78 | + } |
| 79 | + } |
| 80 | + } |
| 81 | + ] |
| 82 | + |
| 83 | +For more info on the configuration I'd like to point to the json used in https://github.com/adnanh/webhook as I took that as a reference. They have a detailed wiki https://github.com/adnanh/webhook/wiki. |
| 84 | + |
| 85 | +Currently only the `match` trigger rule is supported. |
| 86 | + |
| 87 | +## Security |
| 88 | + |
| 89 | +It should be quite obvious but allowing an external influence run shell commands poses quite a security risk. Therefore I recommend you always run the server over SSL, change the default server `SECRET` and the `APP_TOKEN` environment variables. |
| 90 | + |
| 91 | +## Docker |
| 92 | + |
| 93 | +### Server |
| 94 | + |
| 95 | +You are able to run the server in a docker environment. For production I would recommend to proxy it with for example nginx and only accept requests over SSL. |
| 96 | + |
| 97 | +### Client |
| 98 | + |
| 99 | +Since the client needs shell access, running it inside a container won't do anything for you. |
| 100 | + |
| 101 | +## TODO |
| 102 | + |
| 103 | +- Add tests, this is an open-source project and would like high coverage ;) |
| 104 | +- Add some tools, such as versioning and CI |
| 105 | +- Enable all json configuration based on https://github.com/adnanh/webhook/wiki/Hook-Definition |
| 106 | + |
0 commit comments