No description
- Rust 89.1%
- Dockerfile 10.9%
|
ConYel
ebd79c8a0f
- Add honeypot detection with hidden website_url field - Add rate limiting (5 req/60s) - Add audit logging for security events - Add input length validation (name: 200, help: 5000) - Add service field allowlist validation - Add error codes (4001-5002) - Add 15 tests for validation and security - Normalize email to lowercase |
||
|---|---|---|
| crates/web-form | refactor(web-form): add security features | |
| .dockerignore | make thing do | |
| .env.example | refactor(web-form): add security features | |
| .gitignore | refactor(web-form): add security features | |
| Cargo.lock | make thing do | |
| Cargo.toml | clean up unused deps | |
| Devfile | refactor(web-form): add security features | |
| docker-compose.yml | refactor(web-form): add security features | |
| Dockerfile | refactor(web-form): add security features | |
| PRODUCTION.md | refactor(web-form): add security features | |
| README.md | refactor(web-form): add security features | |
web-form - Contact Form Handler
Self-hosted contact form handler for static websites. Built with Rust + Axum.
Quick Start
Build with Podman
# Build the container
podman build -t web-form:latest .
Run
# With environment variables
podman run -d \
-p 127.0.0.1:4200:4200 \
-e WEBMAIL_USERNAME=your-migadu-email@domain.com \
-e WEBMAIL_PASSWORD=your-migadu-password \
-e WEBMAIL_TARGET=where-you-want-to-receive@domain.com \
web-form:latest
Or using docker-compose
# Set environment variables
export WEBMAIL_USERNAME=your-email@domain.com
export WEBMAIL_PASSWORD=your-password
export WEBMAIL_TARGET=target@domain.com
# Run
docker-compose up -d
Environment Variables
SECURITY: Never commit credentials to git!
Option 1: Environment variables directly
export WEBMAIL_USERNAME=your-migadu-email@domain.com
export WEBMAIL_PASSWORD=your-migadu-password
export WEBMAIL_TARGET=target@domain.com
Option 2: docker-compose (recommended)
# Copy the example
cp .env.example .env
# Edit .env with real credentials
nano .env
# Run
docker-compose up -d
The .env file is in .gitignore - won't be committed.
Form Fields
The form expects these fields:
name(optional) - Sender nameemail(required) - Sender emailcompany_name(optional) - Company/organizationservice(required) - Service typehelp(required) - Messagehear_about(optional) - How they found youother_source(hidden honeypot) - Bots only
Integration with Caddy
Add this to your Caddyfile:
web-form.yourdomain.com {
reverse_proxy localhost:4200
}
Or with Anubis in front:
web-form.yourdomain.com {
reverse_proxy localhost:3000 # Anubis
}
Security
- Honeypot field (
other_source) catches bots - Run behind Anubis for bot filtering
- Only listens on localhost by default
- Use TLS in production
Build for Production
podman build --no-cache -t web-form:latest .
Notes
- Redirects to
/contact.htmlon success/failure - Sets cookie
is=okoris=errfor feedback - Uses Migadu SMTP relay by default