diff --git a/.gitignore b/.gitignore index 9a71ebb..a3ee00e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ # configs configs/config.json configs/webhooks.json +configs/ipbanned.json # Logs logs diff --git a/README.md b/README.md index 8b0a081..305a9fe 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,15 @@ # GitHub-Discord-HookRouter -A Lightweight API that routes github webhook requests to Discord. Allows easy management of multiple webhooks. Features signature verification, rate-limit handling, and cool logging. +All your webhooks with one URL. +A Lightweight API that routes github webhook requests to Discord. Allows easy management of multiple webhooks. Features signature verification, rate-limit handling, IP banning and verification, and cool logging. -This API allows you to send requests to multiple Discord webhooks which is sent from GitHub. As you guessed it, this API will act as the POSTman in delivering the requests. +This API allows you to send requests to multiple Discord webhooks which is sent from GitHub. As you guessed it, this API will act as the POSTman in delivering the requests. This API also auto-bans IP addresses on repeated access if it is unauthorized. -**Notes**: +**Precautions**: 1) Use only one webhook URL on all your repository (which should be the link to reach this API). -2) It is highly recommended to protect this endpoint with signature verification to prevent unauthorized access to your API. More info about creating a secure secret could be found [here](https://developer.github.com/webhooks/securing/). -3) This API also supports SSL verification. +2) It is highly recommended to protect this endpoint with signature verification to prevent unauthorized access to your API. More info about creating a secure secret with a high entropy could be found [here](https://developer.github.com/webhooks/securing/). +3) This API also supports SSL verification header sent by GitHub. 4) The content type should be set to `application/json` when the GitHub webhook is being created, or it will cause unintended issues as Discord can't parse any other content-type. +5) Although this API supports handling requests from the baseURL, we recommend you to use the allocated path of the webhook. For example, use the path `/github` if you're using this API for managing GitHub requests. ## Instructions on setting it up! 1) Copy paste the [config.template.json](https://github.com/Khaazz/GitHub-Discord-HookRouter/template/config-template.json) in [configs/config.json](https://github.com/Khaazz/GitHub-Discord-HookRouter/configs/). @@ -15,13 +17,16 @@ This API allows you to send requests to multiple Discord webhooks which is sent { "port": "3000", "auth": true, - "authorization": "Secret key" + "authorization": "Secret key", + "blacklisted": [] } ``` 2) If you want to secure your API using the github webhook secret, set `auth` to ̀`true` and set the property of `authorization` as the secret key. -3) Copy paste the [webhooks.template.json](https://github.com/Khaazz/GitHub-Discord-HookRouter/template/webhooks-template.json) in [configs/webhooks.json](https://github.com/Khaazz/GitHub-Discord-HookRouter/configs/). +3) You can manually blacklist IP addresses by adding those to the `blacklisted` property. The API will automatically refuse connections from those IP addresses. + +4) Copy paste the [webhooks.template.json](https://github.com/Khaazz/GitHub-Discord-HookRouter/template/webhooks-template.json) in [configs/webhooks.json](https://github.com/Khaazz/GitHub-Discord-HookRouter/configs/). ```js [ { @@ -34,10 +39,12 @@ This API allows you to send requests to multiple Discord webhooks which is sent The webhooks config contains the array of all webhooks you want to manage. Provide a name, webhook's id, and token and you are good to go. -4) Start this API by executing `node src/app.js` in the console. [PM2 script](https://github.com/Khaazz/GitHub-Discord-HookRouter/scripts/start.js) is located in the scripts folder which could be used if you want to use PM2. +5) When setting up the webhook in github, copy the url to access this API with the path as `/github`. Don't forget to change the content type to `application/json` and provide a secret token if you are going to use one. Same goes for setting up GitLab webhooks. + +6) Start this API by executing `node src/app.js` in the console. [PM2 script](https://github.com/Khaazz/GitHub-Discord-HookRouter/scripts/start.js) is located in the scripts folder which could be used if you want to use PM2. Alternatively, you can use `npm start` or `npm pm2start`. -5) If you want to quickly host this API, you could use ngrok; which is available [here](https://ngrok.com/). +7) If you want to quickly host this API, you could use ngrok; which is available [here](https://ngrok.com/). ## Contributions Feel free to contribute to this project by opening Pull-Request or Issues. diff --git a/template/config.template.json b/template/config.template.json index 94e9835..649e8e2 100644 --- a/template/config.template.json +++ b/template/config.template.json @@ -1,5 +1,6 @@ { "port": "3000", "auth": true, - "authorization": "secret" + "authorization": "secret", + "blacklisted": [] }