makiolaj/DiunDashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
4358de87baae6c31655bd42b616f79e127ecc757
DiunDashboard/README.md
Jean-Luc Makiola eeddd812fa
All checks were successful
CI / build-test (push) Successful in 1m2s
Details
**chore(docs):** add .gitignore for docs and introduce bun.lock file 
- Add `.gitignore` to exclude `node_modules/`, `.vitepress/cache/`, and `.vitepress/dist/` directories
- Include `bun.lock` for dependency management with Bun
2026-02-27 15:28:17 +01:00

118 lines
3.5 KiB
Markdown
Raw Blame History

# DIUN Webhook Dashboard
A Go web app that receives [DIUN](https://crazymax.dev/diun/) webhook events and shows image updates in a modern dashboard. Events are persisted to SQLite so they survive restarts.
- Receives DIUN webhooks at `POST /webhook`
- Serves a React SPA dashboard at `/`
- REST API for updates, tags, and acknowledgements
- Persistent storage via SQLite (`diun.db`)
- Tag/group system to organize images
- Dismiss (acknowledge) updates you've reviewed
- Optional webhook authentication via `WEBHOOK_SECRET`
## Quick Start
### Docker Compose (recommended)
```bash
# Pulls from Gitea registry, persists DB to a named volume
docker compose up -d
# open http://localhost:8080
```
### Standalone Docker
```bash
docker build -t diun-webhook-dashboard .
docker run --rm -p 8080:8080 -v diun-data:/data \
-e DB_PATH=/data/diun.db \
diun-webhook-dashboard
```
### From Source
```bash
cd frontend && bun install && bun run build && cd ..
go run ./cmd/diunwebhook/
```
See [CONTRIBUTING.md](CONTRIBUTING.md) for full development setup, testing, and build instructions.
## Configuration
### Environment Variables
| Variable | Default | Description |
|----------|---------|-------------|
| `PORT` | `8080` | HTTP listen port |
| `DB_PATH` | `./diun.db` | Path to the SQLite database file |
| `WEBHOOK_SECRET` | *(unset)* | When set, `POST /webhook` requires a matching `Authorization` header. When unset, the webhook is open (a warning is logged at startup). |
### Webhook Authentication
Set `WEBHOOK_SECRET` to protect the webhook endpoint with token authentication:
```bash
# Via environment variable
WEBHOOK_SECRET=your-secret-token-here docker compose up -d
# Or in a .env file alongside compose.yml
echo 'WEBHOOK_SECRET=your-secret-token-here' > .env
docker compose up -d
```
When set, every `POST /webhook` must include an `Authorization` header whose value matches `WEBHOOK_SECRET` exactly.
### DIUN Configuration
Configure DIUN to send webhooks to this app:
```yaml
notif:
webhook:
enable: true
endpoint: http://your-host-or-ip:8080/webhook
headers:
authorization: "your-secret-token-here"
```
Or via environment variable: `DIUN_NOTIF_WEBHOOK_HEADERS_AUTHORIZATION=your-secret-token-here`
Expected JSON payload:
```json
{
"image": "library/nginx",
"tag": "1.27.0",
"status": "new",
"time": "2026-02-23T16:00:00Z"
}
```
## API Reference
| Method | Endpoint | Description |
|--------|----------|-------------|
| `POST` | `/webhook` | Accept a DIUN event JSON body |
| `GET` | `/api/updates` | Return all events (keyed by image) with tag and acknowledged state |
| `PATCH` | `/api/updates/{image}` | Mark an event as acknowledged (dismiss) |
| `GET` | `/api/tags` | List all tags |
| `POST` | `/api/tags` | Create a new tag |
| `DELETE` | `/api/tags/{id}` | Delete a tag (cascades to assignments) |
| `PUT` | `/api/tag-assignments` | Assign an image to a tag |
| `DELETE` | `/api/tag-assignments` | Unassign an image from its tag |
## Production Notes
- **Reverse proxy:** Ensure the app is reachable at `/webhook` from DIUN. Forward traffic to port `8080` (or your configured `PORT`).
- **Database persistence:** Data is stored in `diun.db` by default. Set `DB_PATH` to a persistent location (e.g. `DB_PATH=/data/diun.db`). The deploy compose file uses a named volume at `/data`.
- **Webhook security:** Set `WEBHOOK_SECRET` if the webhook endpoint is exposed publicly.
## Contributing
See [CONTRIBUTING.md](CONTRIBUTING.md) for development setup, testing, project structure, and CI/CD details.
## License
MIT — see [LICENSE](LICENSE).
Reference in New Issue View Git Blame Copy Permalink