Securely trigger personal scripts from incoming HTTP requests
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
Peter J. Jones 597d2858b4
Add a NixOS module to configure webhooks that wait on FIFOs
2 тижднів тому
data/migrations New command: server -- run a web server that responds to hook requests 1 рік тому
docs New command: server -- run a web server that responds to hook requests 1 рік тому
examples Relocate safety checks, add force option (-F) 1 рік тому
lib/Web/Hooks/Personal Update dependencies 7 місяці тому
nix Add a NixOS module to configure webhooks that wait on FIFOs 2 тижднів тому
scripts Initial import 1 рік тому
src Improve error messages, add a `--verbose' command line option 10 місяці тому
test Added integration test script, verified constant memory usage 10 місяці тому
.envrc Add a NixOS module to configure webhooks that wait on FIFOs 2 тижднів тому
.gitignore Initial import 1 рік тому
CHANGES.md Initial import 1 рік тому
INSTALL.md GitHub formatting of Markdown is weird 10 місяці тому
LICENSE Update dependencies for NixOS 19.03 2 місяці тому
README.md GitHub formatting of Markdown is weird 10 місяці тому
Setup.hs Initial import 1 рік тому
default.nix Update dependencies for NixOS 19.03 2 місяці тому
personal-webhooks.cabal Update dependencies for NixOS 19.03 2 місяці тому
personal-webhooks.nix Add a NixOS module to configure webhooks that wait on FIFOs 2 тижднів тому
shell.nix Add a NixOS module to configure webhooks that wait on FIFOs 2 тижднів тому

README.md

Trigger personal scripts from incoming HTTP requests

Ever wish you could do something custom with all those web hooks offered by various web service providers? This package provides an easy and safe way to do just that.

Example: Tagging a video will download and sync it to your phone

In the examples directory there is a script named download-video.sh. Here is how I use it:

  • When I want to watch a video later, probably on an airplane, I tag the video in my RSS feed reader (https://feedly.com/).

  • That triggers an IFTTT applet which uses the IFTTT support for calling a web hook and calls into this package.

  • This package runs the download-video.sh script which downloads the video to a directory that is automatically synced with my phone.

How this package works

This package includes an executable called webhooks. This executable can be used to create new hooks from the command line or run a web server to respond to incoming requests. A hook is just an indirect way to run a script if you know the hook’s secret code.

For security reasons, the web server does not run scripts directly. Instead, if the incoming request correctly maps to an existing hook, the request data will be appended to an existing file as JSON.

“Okay, but how does appending JSON to a file help me?” you ask. Good question. Thanks to the magic of POSIX named pipes (FIFOs), you can feed that JSON data into a waiting script.

Setting up the example web hook

  1. Run the HTTP server provided by this package:

     $ webhooks server --port 3000
    
  2. Create a new web hook that appends to a file. In this example we’ll configure a hook to append to the file /tmp/foo.pipe:

     $ webhooks create --append /tmp/foo.pipe
    

    This command will print a secret code for the newly created hook. (If you forget the hook’s secret code you can use the webhooks list command to look it up again.)

  3. Run a script that creates the named pipe and then reads lines from it. In the examples directory there is a script that will do this for you and then execute other commands as requests come in. (The commands receive JSONs request on their stdin.)

     $ examples/watchfifo.sh -f /tmp/foo.pipe -- examples/download-video.sh
    
  4. Use the hook’s secret code to trigger your script. In this example we’ll pretend that the secret code is XXX.

     $ curl --data url=https://player.vimeo.com/video/148946917 \
         http://localhost:3000/hooks/XXX
    

    This leads to the download-video.sh script running and being fed the following JSON:

     {"url": "https://player.vimeo.com/video/148946917"}
    

Ideally, you should run the webhooks server behind a reverse proxy that is properly configured for TLS. This will prevent hook codes from being exposed to the network unencrypted. To encourage this, the server only binds to the loopback device.

More details about installing and running this package can be found in the installation guide.