From c7f7163aaa8aec87c32790baadfaf4f6a0fe5049 Mon Sep 17 00:00:00 2001 From: Marek Isalski Date: Mon, 14 Feb 2022 08:24:38 +0000 Subject: [PATCH 1/3] Update Bitbucket example to reference Atlassian's outgoing IP subnets (#578) * Update Bitbucket example to check all of Atlassian's outgoing IP ranges Co-authored-by: Marek Isalski --- docs/Hook-Examples.md | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/docs/Hook-Examples.md b/docs/Hook-Examples.md index 1aefe8a..05f9a23 100644 --- a/docs/Hook-Examples.md +++ b/docs/Hook-Examples.md @@ -83,7 +83,7 @@ This example works on 2.8+ versions of Webhook - if you are on a previous series ## Incoming Bitbucket webhook -Bitbucket does not pass any secrets back to the webhook. [Per their documentation](https://confluence.atlassian.com/bitbucket/manage-webhooks-735643732.html#Managewebhooks-trigger_webhookTriggeringwebhooks), in order to verify that the webhook came from Bitbucket you must whitelist the IP range `104.192.143.0/24`: +Bitbucket does not pass any secrets back to the webhook. [Per their documentation](https://support.atlassian.com/organization-administration/docs/ip-addresses-and-domains-for-atlassian-cloud-products/#Outgoing-Connections), in order to verify that the webhook came from Bitbucket you must whitelist a set of IP ranges: ```json [ @@ -100,11 +100,23 @@ Bitbucket does not pass any secrets back to the webhook. [Per their documentati ], "trigger-rule": { - "match": - { - "type": "ip-whitelist", - "ip-range": "104.192.143.0/24" - } + "or": + [ + { "match": { "type": "ip-whitelist", "ip-range": "13.52.5.96/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "13.236.8.224/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "18.136.214.96/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "18.184.99.224/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "18.234.32.224/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "18.246.31.224/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "52.215.192.224/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "104.192.137.240/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "104.192.138.240/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "104.192.140.240/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "104.192.142.240/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "104.192.143.240/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "185.166.143.240/28" } }, + { "match": { "type": "ip-whitelist", "ip-range": "185.166.142.240/28" } } + ] } } ] From 0c0bf0b244660a766773b50dd6dbae1ff7a5eb0f Mon Sep 17 00:00:00 2001 From: Arran Date: Mon, 21 Feb 2022 13:15:17 +0100 Subject: [PATCH 2/3] Add Gitea and Uberspace Guide (#579) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index acd45a1..1e16bb3 100644 --- a/README.md +++ b/README.md @@ -139,6 +139,7 @@ Check out [Hook examples page](docs/Hook-Examples.md) for more complex examples - [Set up Automated Deployments From Github With Webhook](https://maximorlov.com/automated-deployments-from-github-with-webhook/) by [Maxim Orlov](https://twitter.com/_maximization) - VIDEO: [Gitlab CI/CD configuration using Docker and adnanh/webhook to deploy on VPS - Tutorial #1](https://www.youtube.com/watch?v=Qhn-lXjyrZA&feature=youtu.be) by [Yes! Let's Learn Software Engineering](https://www.youtube.com/channel/UCH4XJf2BZ_52fbf8fOBMF3w) - [Integrate automatic deployment in 20 minutes using webhooks + Nginx setup](https://anksus.me/blog/integrate-automatic-deployment-in-20-minutes-using-webhooks) by [Anksus](https://github.com/Anksus) + - [Automatically redeploy your static blog with Gitea, Uberspace & Webhook](https://by.arran.nz/posts/code/webhook-deploy/) by [Arran](https://arran.nz) - ... - Want to add your own? Open an Issue or create a PR :-) From dab29e72671ab26fc80918d7168b681e7ce9b4ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C4=81rlis=20K?= Date: Wed, 31 Aug 2022 11:30:47 +0300 Subject: [PATCH 3/3] Update Hook-Examples.md (#576) Synology webhook example --- docs/Hook-Examples.md | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/docs/Hook-Examples.md b/docs/Hook-Examples.md index 05f9a23..d970104 100644 --- a/docs/Hook-Examples.md +++ b/docs/Hook-Examples.md @@ -21,6 +21,7 @@ although the examples on this page all use the JSON format. * [XML Payload](#xml-payload) * [Multipart Form Data](#multipart-form-data) * [Pass string arguments to command](#pass-string-arguments-to-command) +* [Receive Synology DSM notifications](#receive-synology-notifications) ## Incoming Github webhook @@ -636,3 +637,39 @@ The following example will pass two static string parameters ("-e 123123") to th } ] ``` + +## Receive Synology DSM notifications + +It's possible to securely receive Synology push notifications via webhooks. +Webhooks feature introduced in DSM 7.x seems to be incomplete & broken, but you can use Synology SMS notification service to push webhooks. To configure SMS notifications on DSM follow instructions found here: https://github.com/ryancurrah/synology-notifications this will allow you to set up everything needed for webhook to accept any and all notifications sent by Synology. During setup an 'api_key' is specified - you can generate your own 32-char string and use it as an authentication mechanism to secure your webhook. Additionally, you can specify what notifications to receive via this method by going and selecting the "SMS" checkboxes under topics of interes in DSM: Control Panel -> Notification -> Rules + +```json +[ + { + "id": "synology", + "execute-command": "do-something.sh", + "command-working-directory": "/opt/webhook-linux-amd64/synology", + "response-message": "Request accepted", + "pass-arguments-to-command": + [ + { + "source": "payload", + "name": "message" + } + ], + "trigger-rule": + { + "match": + { + "type": "value", + "value": "PUT_YOUR_API_KEY_HERE", + "parameter": + { + "source": "header", + "name": "api_key" + } + } + } + } +] +```