All checks were successful
CI / build-test (push) Successful in 1m2s
- Add `.gitignore` to exclude `node_modules/`, `.vitepress/cache/`, and `.vitepress/dist/` directories - Include `bun.lock` for dependency management with Bun
118 lines
3.5 KiB
Markdown
118 lines
3.5 KiB
Markdown
# DIUN Webhook Dashboard
|
|
|
|
A Go web app that receives [DIUN](https://crazymax.dev/diun/) webhook events and shows image updates in a modern dashboard. Events are persisted to SQLite so they survive restarts.
|
|
|
|
- Receives DIUN webhooks at `POST /webhook`
|
|
- Serves a React SPA dashboard at `/`
|
|
- REST API for updates, tags, and acknowledgements
|
|
- Persistent storage via SQLite (`diun.db`)
|
|
- Tag/group system to organize images
|
|
- Dismiss (acknowledge) updates you've reviewed
|
|
- Optional webhook authentication via `WEBHOOK_SECRET`
|
|
|
|
## Quick Start
|
|
|
|
### Docker Compose (recommended)
|
|
|
|
```bash
|
|
# Pulls from Gitea registry, persists DB to a named volume
|
|
docker compose up -d
|
|
# open http://localhost:8080
|
|
```
|
|
|
|
### Standalone Docker
|
|
|
|
```bash
|
|
docker build -t diun-webhook-dashboard .
|
|
docker run --rm -p 8080:8080 -v diun-data:/data \
|
|
-e DB_PATH=/data/diun.db \
|
|
diun-webhook-dashboard
|
|
```
|
|
|
|
### From Source
|
|
|
|
```bash
|
|
cd frontend && bun install && bun run build && cd ..
|
|
go run ./cmd/diunwebhook/
|
|
```
|
|
|
|
See [CONTRIBUTING.md](CONTRIBUTING.md) for full development setup, testing, and build instructions.
|
|
|
|
## Configuration
|
|
|
|
### Environment Variables
|
|
|
|
| Variable | Default | Description |
|
|
|----------|---------|-------------|
|
|
| `PORT` | `8080` | HTTP listen port |
|
|
| `DB_PATH` | `./diun.db` | Path to the SQLite database file |
|
|
| `WEBHOOK_SECRET` | *(unset)* | When set, `POST /webhook` requires a matching `Authorization` header. When unset, the webhook is open (a warning is logged at startup). |
|
|
|
|
### Webhook Authentication
|
|
|
|
Set `WEBHOOK_SECRET` to protect the webhook endpoint with token authentication:
|
|
|
|
```bash
|
|
# Via environment variable
|
|
WEBHOOK_SECRET=your-secret-token-here docker compose up -d
|
|
|
|
# Or in a .env file alongside compose.yml
|
|
echo 'WEBHOOK_SECRET=your-secret-token-here' > .env
|
|
docker compose up -d
|
|
```
|
|
|
|
When set, every `POST /webhook` must include an `Authorization` header whose value matches `WEBHOOK_SECRET` exactly.
|
|
|
|
### DIUN Configuration
|
|
|
|
Configure DIUN to send webhooks to this app:
|
|
|
|
```yaml
|
|
notif:
|
|
webhook:
|
|
enable: true
|
|
endpoint: http://your-host-or-ip:8080/webhook
|
|
headers:
|
|
authorization: "your-secret-token-here"
|
|
```
|
|
|
|
Or via environment variable: `DIUN_NOTIF_WEBHOOK_HEADERS_AUTHORIZATION=your-secret-token-here`
|
|
|
|
Expected JSON payload:
|
|
|
|
```json
|
|
{
|
|
"image": "library/nginx",
|
|
"tag": "1.27.0",
|
|
"status": "new",
|
|
"time": "2026-02-23T16:00:00Z"
|
|
}
|
|
```
|
|
|
|
## API Reference
|
|
|
|
| Method | Endpoint | Description |
|
|
|--------|----------|-------------|
|
|
| `POST` | `/webhook` | Accept a DIUN event JSON body |
|
|
| `GET` | `/api/updates` | Return all events (keyed by image) with tag and acknowledged state |
|
|
| `PATCH` | `/api/updates/{image}` | Mark an event as acknowledged (dismiss) |
|
|
| `GET` | `/api/tags` | List all tags |
|
|
| `POST` | `/api/tags` | Create a new tag |
|
|
| `DELETE` | `/api/tags/{id}` | Delete a tag (cascades to assignments) |
|
|
| `PUT` | `/api/tag-assignments` | Assign an image to a tag |
|
|
| `DELETE` | `/api/tag-assignments` | Unassign an image from its tag |
|
|
|
|
## Production Notes
|
|
|
|
- **Reverse proxy:** Ensure the app is reachable at `/webhook` from DIUN. Forward traffic to port `8080` (or your configured `PORT`).
|
|
- **Database persistence:** Data is stored in `diun.db` by default. Set `DB_PATH` to a persistent location (e.g. `DB_PATH=/data/diun.db`). The deploy compose file uses a named volume at `/data`.
|
|
- **Webhook security:** Set `WEBHOOK_SECRET` if the webhook endpoint is exposed publicly.
|
|
|
|
## Contributing
|
|
|
|
See [CONTRIBUTING.md](CONTRIBUTING.md) for development setup, testing, project structure, and CI/CD details.
|
|
|
|
## License
|
|
|
|
MIT — see [LICENSE](LICENSE).
|