Code Issues 4 Pull requests Projects Releases 5 Packages Wiki Activity

Webhook receiver program

ci go productivity

92 commits 4 branches 5 tags 209 KiB

Go 92.6%
Shell 6.8%
Makefile 0.6%

Find a file

Felix Niederwanger ded7c4bace All checks were successful ci/woodpecker/push/test Pipeline was successful Details Merge pull request 'Two small fixes' ( #42 ) from fixed into main Reviewed-on: #42		2025年11月05日 14:36:05 +01:00
.woodpecker	Fix CI	2025年10月29日 10:17:26 +01:00
cmd/weblug	Use setsid only when root	2025年11月05日 14:30:03 +01:00
doc	Allow http methods	2025年10月29日 10:25:21 +01:00
test	Add possibility for priviledge drop	2023年06月05日 17:00:30 +02:00
.gitignore	Introduce tls support	2024年02月26日 08:01:42 +01:00
go.mod	Allow http methods	2025年10月29日 10:25:21 +01:00
go.sum	First prototype	2022年02月08日 11:25:22 +01:00
LICENSE	Initial commit	2022年02月08日 09:58:24 +01:00
Makefile	Add TLS test	2024年02月26日 13:50:30 +01:00
README.md	Add CI badge	2025年10月29日 10:20:06 +01:00
Taskfile.yml	Add TLS test	2024年02月26日 13:50:30 +01:00
weblug.service	Add systemd unit	2023年04月21日 18:56:27 +02:00
weblug.spec	Allow http methods	2025年10月29日 10:25:21 +01:00
weblug.yml	Add RequiredHeaders	2025年10月30日 20:59:04 +01:00

README.md

weblug

weblug is is a configurable webhook receiver that allows users to run arbitrary programs and script when a webhook is triggered.

The configuration happens via a yaml file. Read the usage caveats!

weblug supports multiple webhooks via different URL paths, concurrency limitations, background execution and running webhooks as separate user (uid/gid).

Usage

Webooks are defined via a yaml file. See weblug.yml for an example configuration. Pass the yaml file(s) to weblug to starting the webserver and waiting for incoming webhooks:

./weblug YAML-FILE

weblug can run as any user, however for custom uid/gid webhooks, the program needs to run as root.

Caveats

weblug should not face the open internet

weblug is expected to run behind a http reverse proxy (e.g. apache or nginx). While the program itself does support tls, to avoid a whole class of security issues, weblug should never run on the open internet without a http reverse proxy.

weblug runs as root, when using custom UID/GIDs

In it's current implementation, weblug requires to remain running as root without dropping privileges when using custom UID/GIDs.

TLS

weblug now supports tls. To generate self-signed keys

openssl genrsa -out weblug.key 2048
openssl req -new -x509 -sha256 -key weblug.key -out weblug1.pem -days 365

Then configure the weblug.yml file accordingly. You can use multiple keys/certificates.

Build

make # Build weblug
make static # Make a static binary

Alternatively you there is also a Taskfile

task
task static # Build static binary

Run as systemd unit

This repository provides an example weblug.service, which can be used to start weblug as systemd service. This file can be placed in /etc/systemd/system/weblug.service and in conjunction with an adequate weblug.yml file e.g. in /etc/weblug.yml this provides a way of running weblug as a native systemd service.