Introducing Hooky
Summer time is a time for experimental projects. I’m bad at having vacations, so I always end up building something. This time it was a minor project that accepts incoming webhooks, stores and displays it. Fully anonymous and ephemeral.
I know several similar tools already exists, but now there’s another one! And I got to buy one of those fancy new TLDs!
Technical details
Since I use it for work nowadays, I wanted to try something with the newest and greatest ASP.NET Core 2.1.
On the frontend, I use plain TypeScript compiled down to JavaScript. No jQuery or any other framework. For the live updates, I installed SignalR as a bridge between the two. It really bloated the bundle, and could probably very easily be done with some polling or other technique, but I wanted to give it a try, as I’m slowly being swallowed up by the Microsoft world.
Data storage is handled by a Redis instance that’s set to memory only. Meaning that whenever I deploy a new version, every received webhook gets wiped away, thanks to Docker. More on that below. I decided early that I didn’t want to deal with storing it for any period of time.
Deployment
In the interest of making a ton of new experiences, I decided this should be deployed using Docker. Docker seems to be a great way to make a server run several small isolated messes, isntead of turning into one giant mess.
Since it seems to change everything every other month, I probably used the wrong method by using Docker Compose to wire up three separate containers for this tiny app.
I have one that runs nginx
, serving static requests and forwarding other requests to the backend that runs ASP.NET Core
. The backend talks to the third container, running Redis
. All theoretically insulated from the rest of the machine, so any poor code can’t escape out and wreak havoc on the rest of my poor server. In theory. If I understood everything.
So whenever I publish a new version, every container gets rebuilt from scratch, wiping out all the old data in the memory-only Redis instance. Anybody posted something sensitive? Just wipe it all! Great!
One interesting feature is that every IP listed when viewing a hook is wrong, since it passes through some other containers on the way. Haven’t really bothered looking into that yet…
Now go try it out!