From 914a8204d44be05d552ea8a9ad80ed365a749648 Mon Sep 17 00:00:00 2001 From: Marcel Schuster Date: Fri, 1 Mar 2024 23:07:05 +0100 Subject: [PATCH 1/2] Watchdog: escape subject and body for webhooks --- data/Dockerfiles/watchdog/watchdog.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/data/Dockerfiles/watchdog/watchdog.sh b/data/Dockerfiles/watchdog/watchdog.sh index cb342c138..e0cb76a6b 100755 --- a/data/Dockerfiles/watchdog/watchdog.sh +++ b/data/Dockerfiles/watchdog/watchdog.sh @@ -169,9 +169,13 @@ function notify_error() { return 1 fi + # Escape subject and body (https://stackoverflow.com/a/2705678) + ESCAPED_SUBJECT=$(echo ${SUBJECT} | sed -e 's/[\/&]/\\&/g') + ESCAPED_BODY=$(echo ${BODY} | sed -e 's/[\/&]/\\&/g') + # Replace subject and body placeholders - WEBHOOK_BODY=$(echo ${WATCHDOG_NOTIFY_WEBHOOK_BODY} | sed "s/\$SUBJECT\|\${SUBJECT}/$SUBJECT/g" | sed "s/\$BODY\|\${BODY}/$BODY/g") - + WEBHOOK_BODY=$(echo ${WATCHDOG_NOTIFY_WEBHOOK_BODY} | sed -e "s/\$SUBJECT\|\${SUBJECT}/$ESCAPED_SUBJECT/g" -e "s/\$BODY\|\${BODY}/$ESCAPED_BODY/g") + # POST to webhook curl -X POST -H "Content-Type: application/json" ${CURL_VERBOSE} -d "${WEBHOOK_BODY}" ${WATCHDOG_NOTIFY_WEBHOOK} From 82fde23cc1e42136444ea45e99dc15fea35afa28 Mon Sep 17 00:00:00 2001 From: Marcel Schuster Date: Thu, 1 Aug 2024 19:14:29 +0200 Subject: [PATCH 2/2] Bump watchdog to v2.03 --- docker-compose.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 3efd6a42b..1e444e0d7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -460,7 +460,7 @@ services: - /lib/modules:/lib/modules:ro watchdog-mailcow: - image: mailcow/watchdog:2.02 + image: mailcow/watchdog:2.03 dns: - ${IPV4_NETWORK:-172.22.1}.254 tmpfs: @@ -477,7 +477,6 @@ services: - mysql-mailcow - acme-mailcow - redis-mailcow - environment: - IPV6_NETWORK=${IPV6_NETWORK:-fd4d:6169:6c63:6f77::/64} - LOG_LINES=${LOG_LINES:-9999}