-
Notifications
You must be signed in to change notification settings - Fork 12
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
fa0f2ce
commit 17904f7
Showing
6 changed files
with
251 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
# Slack plugin | ||
|
||
<p align="center"> | ||
<img alt="BunkerWeb Slack diagram" src="https://github.com/bunkerity/bunkerweb-plugins/raw/main/slack/docs/diagram.svg" /> | ||
</p> | ||
|
||
This [BunkerWeb](https://www.bunkerweb.io) plugin will automatically send you attack notifications on a Slack channel of your choice using a webhook. | ||
|
||
# Table of contents | ||
|
||
- [Slack plugin](#slack-plugin) | ||
- [Table of contents](#table-of-contents) | ||
- [Prerequisites](#prerequisites) | ||
- [Setup](#setup) | ||
- [Settings](#settings) | ||
|
||
# Prerequisites | ||
|
||
Please read the [plugins section](https://docs.bunkerweb.io/plugins) of the BunkerWeb documentation first. | ||
|
||
You will need to setup a Slack webhook URL, you will find more information [here](https://api.slack.com/messaging/webhooks). | ||
|
||
# Setup | ||
|
||
See the [plugins section](https://docs.bunkerweb.io/plugins) of the BunkerWeb documentation for the installation procedure depending on your integration. | ||
|
||
There is no additional services to setup besides the plugin itself. | ||
|
||
## Docker | ||
|
||
```yaml | ||
version: '3' | ||
|
||
services: | ||
|
||
bunkerweb: | ||
image: bunkerity/bunkerweb:1.4.1 | ||
... | ||
environment: | ||
- USE_SLACK=yes | ||
- SLACK_WEBHOOK_URL=https://api.slack.com/messaging/webhooks/... | ||
... | ||
``` | ||
|
||
## Swarm | ||
|
||
```yaml | ||
version: '3.5' | ||
|
||
services: | ||
|
||
mybunker: | ||
image: bunkerity/bunkerweb:1.4.1 | ||
... | ||
environment: | ||
- USE_SLACK=yes | ||
- SLACK_WEBHOOK_URL=https://api.slack.com/messaging/webhooks/... | ||
... | ||
``` | ||
|
||
## Kubernetes | ||
|
||
```yaml | ||
apiVersion: networking.k8s.io/v1 | ||
kind: Ingress | ||
metadata: | ||
name: ingress | ||
annotations: | ||
bunkerweb.io/USE_SLACK: "yes" | ||
bunkerweb.io/SLACK_WEBHOOK_URL: "https://api.slack.com/messaging/webhooks/..." | ||
... | ||
``` | ||
|
||
# Settings | ||
|
||
| Setting | Default | Description | | ||
| :-----: | :-----: | :---------- | | ||
| `USE_SLACK` | `no` | When set to `yes`, notifications of denied requests will be sent to a Slack webhook. | | ||
| `SLACK_WEBHOOK_URL` | `https://api.slack.com/messaging/webhooks/...` | Address of the Slack webhook where notifications will be sent to. | | ||
| `SLACK_RETRY_IF_LIMITED` | `no` | Slack is applying a rate-limit ton their API. When this settings is set to `yes`, the plugin will retry to send the notification later. It may consumes some resources if you are under heavy attacks by the way. | | ||
|
||
# TODO | ||
|
||
* Add more info in notification : | ||
* Date | ||
* Country of IP | ||
* ASN of IP | ||
* ... | ||
* Add settings to control what details to send : | ||
* Anonymize IP | ||
* Add body | ||
* Add headers |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
<mxfile host="app.diagrams.net" modified="2022-06-27T11:34:10.787Z" agent="5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" etag="5R3u8GQ5zY3JOuKGN8ec" version="20.0.3" type="device"><diagram id="To2Da4PRRWEcok_Ws3eM" name="Page-1">7VrXkqxIc36ac7kn8DSXeO+habjZwDUeujGNeXoVc2Z2j9W/klYrKULERE+RVWQVWV86sj6hbLeJY/wo9SHL208IlG2fUO4TgsAYgnw6/6Bs/0IhKewLoRir7H3QnwS3OvJ3IvROXaosn74ZOA9DO1ePb4np0Pd5On9Di8dxWL8ddh/ab2d9xEX+A8FN4/ZHalBlc/lOhSHozw4pr4ryfeoL/t7RxR+D3wlTGWfD+hUJ5T+h7DgM85dWt7F5ewrvQy5fnhN+0fvHwsa8n//KAxvso/ffnr9Hu1kSOHSpb2v32zuXV9wu7y/8vth5/5DAOCx9lp9M4E8os5bVnLuPOD17V7DngFbOXfvefa/alh3aYQT3/dCDQcw0j0OTfxA/ISiM4AR5AT0/vsHHcvJxzrevSO9vJOZDl8/jDoa89yKXd+m+w4v4EP/652Yh2Dut/GqfqHda/I6P4g/Wf4oQNN6l+B+QKPqvJQqQ8DibVfcGPuZ83QpATouTvLWGqZqroQf9yTDPQwcGtGcHE6dN8bYZH7LM8nu8tPNXHOi2Ks4n5+Hcl3h6fFGJe7WdG8i8TUh/UKEPyskqnuNPKP3lFhEeffEJYasrYzorpIrFQIPLcP2S9wvQcmTww5gsHYL/3MQpTXIOEG+OEEiOlyARlCHCHtkME4lUFbmMkgRCH12VNgwcPE3b1jqfxB3F4QU/N8bp5lODlKbR7YBzFvWVfELuFdY7LGUjZB5QBQ2WBStXoqUMtkP0Twhjz0XGaTxvvubmKdBPwaWHWaAVHGogqcAxdvFsBnGFhaukq1pDGAPzgAmVc37qzwGiVZJphoq/Zmk1vu6vR99DwQPJ0ATtUOggwBQXqQJPeNCsmQeYUrAo/JVRF9CDTiVvYPJLgjSw48KI17XxAo28t8DvsOFewEpgHFLhDjdttA0XDi9qnvV85sygPFaClcl2ZVmqNlIuhClL9SZluvBwvskueNCTMbEI4qG8pBAkRQXmEjbg3ByjCCPh5Sn3M3jmYdLFMcC2G9a1ThBkWG8zq95DDKJUetLz2KRtWydsrzt3VJBfkVf2A8Ex45rcGNOaFNLhpNGOXHcF0BZOuQqYUltQcKkVx04fl4BwsTqNoFweecdweM02woWbAEyYZEv5gsUVGdYYqrzPK2+vgPxiU+R8db0eA7xn8dAiM0jAXRPasLBiff/KkR5aD86lbyp0vOLMgOaCnZm6bz9vxQXP/Wp/VR6rndxYgx86LZY2Oq2ooNdX0tW9UQA9FTd3ShblD1FRMEe+XoVLZs8SvB6JEj2jcmuSnllUMLLmg/QWzaBVTGjBoq5qvtCCVMk1aQ+4AXSpRox4cOol9UjXQW78rEQNUd7kUjUUQ2mt3sgP2mk1PruckNh28zJPeHOrlBXllbGx0RMgrfoaIY1LrqvLPl2JssSbm/SSUzQvS7h3tofXB4mWhn/EOG2LBvzMh5YbwsEEazhFml6TgHG9mhzAzYO8LzJZoFI+04gGO2sbyOIzWuHqLsasknrM8LJGf0x1LxNRe+VhpE3AKtR1jUPi7soOLc0H9rB0rJmpoJH8fKFaY3N8eaQle1Rq5nKrlUy/LezFnMVr3eiNc9s01aSv2boTFoIXL4kbl+CGOw1R93JRLVrb0L7jBsS+EjaOsly1RvCy3JtAklMcWYPZFFhIwjThJoxI3elxtm9NqjYPVNzjy6hyxgNf9YSIeibdl2GGRZ2oRz32sJGV5Wky1ofWLXkW3lWvBmb3rvP7PXeGmrd7fLCQC6Ft/KtIgxS/+LMtD2LuyOVNohBXiceEqytCl/aMw7S7GK4kQ99J+BQnVxtBjgHHZN0FE3UYVRFnTJSPsA9LJnQErbPFoTm4gZh0gm0Z+15FVFm74BLQJCSe4r4nkAZ3q4HDsigJECceXlnw4uDO9HyFWYSAY3KOCk2DOLjcWP9U2bLrNlfaRIW30hPQfrhsur3M7OTucEbL6gspmhtcJwms2isq53rNmKaowLyoFIyMC8/UfLYRNNa9EXeuXrRQ2mwzfLI62OuEwHvA6a5LAQK96fSlm4MQd0z4es52iZmr00UILzfT4Db664SpLjhKjh0zQ/JdKpkLErtdo48PMSvu7hMY0GouxUfva/qTtxgJf8mvpiTzI1PxEldcoRLz9GJ7xgR4uUKggX+HyDrVECyECCZt0Aa/KbuUYJcn6Ht1ygltOHOayrSeo4ZzjdaW+2W7ro/KgKHxucFtZyNw6VnSfbvB7dWQB4tfZMVcX+XuAyZIszaRXF9XbOfalXw9iHLWWP2a4ihPwLDqX/E5vB7H5KAGGB40CdqeXgK0zZLtvc5JuLFz5Oxa2bamDm0lmqinPLBBSKeW8tODIDwRZZGXvEC69ixvIga0UqgLjUd4PLo8hIBNH8IIOeioGg8hr3gmR1P+CiVpaakgnGGg+vkQeLfY96JSomgnNEIKLYa7AQkx5PRahHPXrs6QAJ+dVLFryYKQVPOdubYOxeIUOdm3+ujs60bYSYiuVBkicCKJEhqNBTA35wuhzzjq/avrj8/VIbGqI1+LgYhiePOL41ig4jV14m3pvUJZX3EFAh1mD9ftuFFpNRG7JlOB32k3VHyZDNf76YCQ92yVOr5DdgrqBj5yNK3D/GnhVyp7MdehSxr39sD4cj8934WxrZfv2xdYlWfL2YCMyChdiRvC6XfU1tobnlw4B7+o+MAQ7piLmEiPD8x9TTOnWFCYlr38Oi2ewKAhjhPe9FAvrO5fT5OHMBEEdaSmCRny7pAs7hYwxAVKWkFi5MDyycg32FuBVGVtifwDFx4qx8tXy7/WwWWL7u1m732IDidsYKfJEsiFVy44N9MySRF/1E9zYvYk8hB4qnC/lmzpmg76LXEydWAgPPAJ3L05uHwzpyRBnJq8LJo4X56d4w6eC8FOVN42KnxWTcRNGPwKLlcQHPXKi1LNa4oehrviINFh+pmxK7XIx0HOcvSmRDJcEy77SDxf5GPm9CQsob9ScZepXbeLYKmgZ7MzyKM6JgxdQAxzRhsT3OiGrW07xBtxGN08RzodBlJjnDGR0xNWooEaMUFcrxGgq6Tr4lOR+HoAbzaWEVnUssHttkoDpre3YfaItcafMakGA2+OiTz3lAGgFGVCx1jYMXqsChuQYCjZpAfUUXhO5wgcH/g0lHTPawxsTL+vpl5HDvTgdu4JTBP3mK7eo5Jwej/0WpAXxAISEG6D0hC4waFl3pSCAoXSoEwOMykuJ+LiLJq32JJesJzmIp41U9Cv94bXiikGkbKg8QruhTAJSwqdzB4qWv0GW0YEg2CG0Q69uLBBD/ltqCBbAgdpEeWYOrsgaCwm8hhQqnFJKtQu51YQx2qSC0YwBim6EJ/0qDaxXCKqNYZc+5XPM6rcniTnyxKNY7aCSBe2pI4htb0Iny6EePE4v7rJ1A1YGtYTm0XupkL1wyx+OCV9k3ELL/kQDfZs6ugawdXY91wnXNNA5CVPeC5gEc+aP8JgLW9G2hpSNnmApsSkac2dCVm1IqIaWnZ87fWbfcAdPHtCpTNFcOYiTVLRSYiljwYlG7FDT2OwpzfntDu5b6xJpWaPO49pWXMfp6nXhT1GpECYuL4OZd7EfSxCD0SDGqeIGnuFuILUW7giPQEzGmt7eOW+HK/pNSUWsyV9h2iWAIyt+HIbgrgsrnJ9yRnQIqarPapE5aXh91hyr6SPei7W7+z62jgqhBAO5bHDYWBcwjGhbLUndJmCpa4pfkaSNALREtXJO+XhaqvDj9l+JfamXSnvuRR7FtnUDgMMhyKUJfTEJVPE9ugZunX+PmW9aKPKvIpZvVpXLVEjylgVdXWXoFFLlU+ctHycGRzCODq1TlGEbGSxJgcPG/QFPw4BP/3TiYe+GD3LzcbJuN5P+SY+1A5IaTSw5dV6di9VZdMaZJlXC/WYaJuop6YtmfFcbhAXEo972ZacYgYcCDigIadXKyChSd7rHL4D/qa8SXfdQR1tw4mS0QqI7OE4uHH63iB+p8hjXBTZiui2WYdNXkpE73bKaa31qikhbWvPiD1aQlR1urHdQ0UlVDVTjXXgxkcMpi1UMbA4vis50XnkMHajrOF0eU9eWZdcd9pXtYjPl3bnbZc+bevddG7RvgvxZFKXeBBpdw9eMkwJXV09SSMdQBhP7+HdSa+u7dRzi5oXjdJYljSbweONwzfus0ipIEo/4s1YsYaXt3Z2MMNYoPYOdzpxLG62kTtU2NdmfYTAt7+QEpKUI7im9bWFLk94KPOL3VS+pCS2pry5AZ4YDjOb2mShLGlmvTZr3cWI2jK/RgsfXX1KEa5hy2Tck19Fz203/WGBsL/yBAq+58TUZb07vGyw7YIgdKfPv2evGLyzscUtqT4LkNNAZZQji5tkLVWhrhSjBxTaewkPdxbSCp8uFLZw6YZHpRomFME8A6XJ40uQNDJzuN2fMO10g3U79zYChgOqBRe4LMF50m1Bab3LZOeMp2UqYWoqLao6tHt/kAlM2kIvMQHRJ1fyVHnkTC4XXuKdxqEbyBp8fQuBfRAWvcbxM4+07NOvWmhdxPm9gSWpv50v9eZrozRbS0SjWFt25TKQR/IN8AIqBkkPGIf3mpzy3Cx5h50YHY4LmS18hvcrGC15upAr3rcfS1wAt6zykcs76+Uibwc55K+So16kgZnYekktGnPKw7rfqRYn5kmiXsd8ykSXjiIlz1fPff5yc7aXUd5Ma8Aty1zz01/xME4SxPRaex0hu13CkfzxWg+PgV9MZmP4hmOUJJH50r+8xRMxIYosmZVLmdf166S95Jk4o1m/mWSbjs6MJoGBijItavMlzXFqfUrCCuNTZIsMYwlLg3w6RmcKd3VpKAa3YuxxB/mNpb0sq4yXYGV5u2V4jyNRqqKEeNBkxl6nJ7/nETuoHaYn9fK6U0Mmnvl3yiFXarLMqOVdOmfPDaPEV/8MKEo5vK7N59v6OpMKFPLdQtJoQntJx9G+Eg3x3Aii3ZvglpZJa1ZB0ZqY9tboPMUDk6ah5xXebmi2mazb9QApwHoNHD7k3z4xnFE8LQO/tKeOTFOm3HG0LYR7U2hcuVpPOrZpZmPjqh9kNN6LO1ui5PJUZwZfk7geu8vdLOccO/eByZ+vWYToSZ3bUEctukgq0QK5kLBeLNVboMSQRFbKmh6zxiLs+SvNuP5TEo/txqLS0mD7NBjHzUIhsrErpjXPkIU2szOx4J9DS5e8QttNIU9MWRXHyAFUO0UmCRvlGFDgc/5elBUh6HeOhFglkkQcM7n++ZbXj0mwStWgJubtUHe9tXe6kmOWMLWMXTFIVJsrV5eywiHKgkbBWOjZclBXX3E0YfkC+cv5fcaNU98NlZBTQVziC/608YWK5KiFRk2hDxyD8czpJXFs4K5N1XGQFu/1i6xYx2TvXBvezrfSRgwyyIcpTPZ8yfGrrlCtWhoyI6xAfzqMoQKMl0W5VIGZkJMmDQroXIUeiZTHTHlqlvhpy86AtUYtNXajoar23Tkz8tanDDh2zlzkPpJWTubwrJCpU9isKVayXfi7q3NS4Z72uwwS43iUQPS+KzN+wcFyRdZ7QW9VOILchhm9Udh4RfbJhd6FdbMZlTZWtT83lrmDEIIZCQ6O5KZYGFXOzw9UVaXGnRo3mVLF9CA3NZ36iYpMOWqQDquloyNyncroBeMAZZKMMZfupdc811tH0HrbBTYDF/eB0+PnRDGs7NIFjipL3WB3ZOECqwocErcU+mDtC44QrFw0Pvc8wsIEWx6LharI3IG4aoavp5RMc/UWleLDUmaFSo2k9C3X0s9PZrGmzU+FpBEbZFN1eDrEGj6/4vC4RQP/KLAYc7lKOiWLxlXxaM0tnD0cwkQRkNKr0krOS1eRDuUaxcmaQYkuPK8LnQ98UybSNpKnlRYPrWsXruTMM7YQ3tSbK44NWF0miPvcYs7kIb768j7cRnpnGK2CZc+gNXaMAovHWEXnudFaAKaXRhOcw544+7RKN0WCFI7Z7s243+/cNCnSxrwZRU42ju5SrnUBfPKbpxDmMzLVF3rjHbwpr0HZrPxjlXJ7xDUIYrCCWE3mFLfdxNMdBJgdP7ktPjHM9Ly6SnwVWXboURRajtPD0yD85eVhGmu+mSSQTGJcaoUNu9PSkzmT9Z7T+24R7Gy9Uw79GKLBuseirAVfHBfAdHnm8sYcZ9p+4WJgw4rnNawF33+NvENyMuhWFIYEOUnifXkKWGDNYVlHsGuOLkOF2/aIu/MTS1eNS484EXsDpuFzUFxfbpbTLRzc5mBfEGlvXMba7gXN02Pp5i0InM6cDzs/JtOufzUdFWdDWT4/m/8t5QIUwj/D+LcVA+LyQ8UAvlCfTwf0fdEAx/6bigYfNaK/UjW4t/lGn5UtIJK8z96bXNrG01Sl35Zj/qzdQN8VZz4hqCAQ4HrjAt7h9j7o7SY8bz7jH7fc9nUnt7/ffVvZeS/33Id+FuKuas9RAJvT0J7ieqO7wzK+FY7KeX4AOOIoAC1+GnLwcw6YPhfDULR5/Kimz+nQvXWk09tQ4f6FK2h+zffnpY/2u1JKClaej3+l1hK/8/njiV/CLs++KR3+CLqvEIX/pAT1QRvzNp6r17cFx59B7H0Ga6jASv7ANIx8VwKj8G9ZTG9Sf3/q6wLhd4wQ4ntG2OfvWM3xWOTzD6zeMP/Hi/8X1AD/QQ1kgzV12RAB1XNoQZDZHxQD6P78Lex/DswfS5M/7PX3YOqqLDun+WnZ8zvlAvD9WZHzn9aHv8FKAkR9Ri/Qn9d3FvMnNVYYBhYT+RHjKP5rOP/XLCbxE6h4vAMc9P9D5Z+DCo796/r7P48N8n/Am2Z4fsmw//em/8e9KY5Sf483JcjvGf03elOfYm4gl1Vgw+eKq2inQSz+lbM9/0IL3kH4V1XgD0MGWAjVudhfAzvfqvn2p16Au/BDK0D7TxU5bz405JfYmT404VcW4X8XxlAU/kx9fWHfIAWGYOg/hzkM+tYa4yT0zyLuZ4aXeDuhlFUv0CzOJu15NKt+dICJvur7yXDD9GTgy2lPNg33oz8Zv3/iez7/az3/P2nOfxVp/A2eH4W/8/zQj56f+IkOoX/DwTsuuvMOkf72e7gfROiqidiuPzV3X6BxSuHtiOiHIIjnMnxByYdIviJ9AZCrfYvRLzx+Aa7vD/R9hbLvwfKHZ/yV6/zK4/544g8s+P52/fQw38/P+/2BqBNP5zfTNOuRz1U69PcKQHP8AiXh7QQgIpz080PRNKRV3P7W5VkV/3YeawU0HD63CP7dbcHCfn8TZ579Pr2K32Dk8vk8M/jvhAo/qNH/TLT7A8B/oga/xvx3p03xjyzkK8z/7LAp9h/H/Hmm8I+jwV/s858HrFH+3wA=</diagram></mxfile> |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
{ | ||
"id": "slack", | ||
"order": 999, | ||
"name": "Slack", | ||
"description": "Send alerts to a Slack channel (using webhooks).", | ||
"version": "0.1", | ||
"settings": { | ||
"USE_SLACK": { | ||
"context": "multisite", | ||
"default": "no", | ||
"help": "Enable sending alerts to a Slack channel.", | ||
"id": "use-slack", | ||
"label": "Use Slack", | ||
"regex": "^(yes|no)$", | ||
"type": "check" | ||
}, | ||
"SLACK_WEBHOOK_URL": { | ||
"context": "global", | ||
"default": "https://hooks.slack.com/services/...", | ||
"help": "Address of the Slack Webhook.", | ||
"id": "slack-webhook-url", | ||
"label": "Slack webhook URL", | ||
"regex": "^.*$", | ||
"type": "text" | ||
}, | ||
"SLACK_RETRY_IF_LIMITED": { | ||
"context": "global", | ||
"default": "no", | ||
"help": "Retry to send the request if Slack API is rate limiting us (may consume a lot of resources).", | ||
"id": "slack-retry-if-limited", | ||
"label": "Retry if limited by Slack", | ||
"regex": "^(yes|no)$", | ||
"type": "check" | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,117 @@ | ||
local _M = {} | ||
_M.__index = _M | ||
|
||
local utils = require "utils" | ||
local logger = require "logger" | ||
local cjson = require "cjson" | ||
local http = require "resty.http" | ||
|
||
function _M.new() | ||
local self = setmetatable({}, _M) | ||
local value, err = utils.get_variable("SLACK_WEBHOOK_URL", false) | ||
if not value then | ||
logger.log(ngx.ERR, "SLACK", "error while getting SLACK_WEBHOOK_URL setting : " .. err) | ||
return nil, "error while getting SLACK_WEBHOOK_URL setting : " .. err | ||
end | ||
self.webhook = value | ||
local value, err = utils.get_variable("SLACK_RETRY_IF_LIMITED", false) | ||
if not value then | ||
logger.log(ngx.ERR, "SLACK", "error while getting SLACK_RETRY_IF_LIMITED setting : " .. err) | ||
return nil, "error while getting SLACK_RETRY_IF_LIMITED setting : " .. err | ||
end | ||
self.retry = value | ||
return self, nil | ||
end | ||
|
||
function _M:log(bypass_use_slack) | ||
if not bypass_use_slack then | ||
-- Check if Slack is activated | ||
local check, err = utils.get_variable("USE_SLACK") | ||
if check == nil then | ||
return false, "error while getting variable USE_SLACK (" .. err .. ")" | ||
end | ||
if check ~= "yes" then | ||
return true, "Slack plugin not enabled" | ||
end | ||
end | ||
|
||
-- Check if request is denied | ||
local reason = utils.get_reason() | ||
if reason == nil then | ||
return true, "request not denied" | ||
end | ||
|
||
-- Send request in a timer because cosocket is not allowed in log() | ||
local function send(premature, obj, data) | ||
local httpc, err = http.new() | ||
if not httpc then | ||
logger.log(ngx.ERR, "SLACK", "can't instantiate http object : " .. err) | ||
end | ||
local res, err_http = httpc:request_uri(obj.webhook, { | ||
method = "POST", | ||
headers = { | ||
["Content-Type"] = "application/json", | ||
["User-Agent"] = "BunkerWeb/" .. utils.get_version() | ||
}, | ||
body = cjson.encode(data) | ||
}) | ||
httpc:close() | ||
if not res then | ||
logger.log(ngx.ERR, "SLACK", "error while sending request : " .. err) | ||
end | ||
if obj.retry == "yes" and res.status == 429 and res.headers["Retry-After"] then | ||
logger.log(ngx.WARN, "SLACK", "Slack API is rate-limiting us, retrying in " .. res.headers["Retry-After"] .. "s") | ||
local hdr, err = ngx.timer.at(res.headers["Retry-After"], send, obj, data) | ||
if not hdr then | ||
logger.log(ngx.ERR, "SLACK", "can't create report timer : " .. err) | ||
return | ||
end | ||
return | ||
end | ||
if res.status < 200 or res.status > 299 then | ||
logger.log(ngx.ERR, "SLACK", "request returned status " .. tostring(res.status)) | ||
return | ||
end | ||
logger.log(ngx.INFO, "SLACK", "request sent to webhook") | ||
end | ||
local data = {} | ||
data.text = "```Denied request for IP " .. ngx.var.remote_addr .. " (reason = " .. reason .. ").\n\nRequest data :\n\n" .. ngx.var.request .. "\n" | ||
local headers, err = ngx.req.get_headers() | ||
if not headers then | ||
data.text = data.text .. "error while getting headers : " .. err | ||
else | ||
for header, value in pairs(headers) do | ||
data.text = data.text .. header .. ": " .. value .. "\n" | ||
end | ||
end | ||
data.text = data.text .. "```" | ||
local hdr, err = ngx.timer.at(0, send, self, data) | ||
if not hdr then | ||
return false, "can't create report timer : " .. err | ||
end | ||
-- Done | ||
return true, "created report timer" | ||
end | ||
|
||
function _M:log_default() | ||
-- Check if SLACK is activated | ||
local check, err = utils.has_variable("USE_SLACK", "yes") | ||
if check == nil then | ||
return false, "error while checking variable USE_SLACK (" .. err .. ")" | ||
end | ||
if not check then | ||
return true, "Slack plugin not enabled" | ||
end | ||
-- Check if default server is disabled | ||
local check, err = utils.get_variable("DISABLE_DEFAULT_SERVER", false) | ||
if check == nil then | ||
return false, "error while getting variable DISABLE_DEFAULT_SERVER (" .. err .. ")" | ||
end | ||
if check ~= "yes" then | ||
return true, "default server not disabled" | ||
end | ||
-- Call log method | ||
return self:log(true) | ||
end | ||
|
||
return _M |