Implementing Webmention on my blog

Following on from my last post on joining the indieweb...

Back in February, I implemented Webmentions on my website. I took a roll-my-own approach, borrowing from an idea by superkuh. It's a semi-automated solution which listens for webmentions using nginx. When (if) one is received, an email is generated that tells me about this, allowing me to validate it's a genuine comment.

Technically, nginx logs the body of POST requests in its logfile.

In the main configuration file /etc/nginx/nginx.conf, I've added

# Defined for Webmention logging support of www.vanrenterghem.biz
log_format postdata '$time_local,$remote_addr,"$http_user_agent",$request_body';

In the configuration for www.vanrenterghem.biz, the following lines enable logging webmention requests:

# use proxying to self to get the HTTP post variables.
    # https://stackoverflow.com/questions/4939382/logging-post-data-from-request-body
    location = /webmention {
    limit_req zone=webmention;
    client_max_body_size 7k;
    if ($request_method = POST) {
            access_log /var/log/nginx/postdata.log postdata;
            proxy_pass $scheme://www.vanrenterghem.biz/logsink;
            break;
    }
    return 204 $scheme://$host/serviceup.html;
    }
    location /logsink {
    #return 200;
    # use 204 instead of 200 so no 0 byte file is sent to browsers from HTTP forms.
    return 204;
    }

Before the server section in there, I'm reducing the risk of abuse by rate limiting requests:

limit_req_zone  $server_name  zone=webmention:1m   rate=2r/s;

The logfile is being monitored by a service calling a shell script:

#!/bin/sh
# Service starts on boot in /etc/systemd/system/webmention.service
TO=my@email.address
WEBMENTION_LOG=/var/log/nginx/postdata.log
inotifywait -s -m $WEBMENTION_LOG --format "%e %w%f" --event modify|
while read CHANGED;
do
    echo "$CHANGED"
    logger "Webmention received"
    tail -n1 $WEBMENTION_LOG | /usr/bin/mail -a'From: niihau webmention service <webmaster@email.address>' -s 'Webmention received' $TO
done

This uses inotifywait, which is part of inotify-tools. Unfortunately, logrotate will remove the log file on a regular basis, which is done in 3 steps. The first 2 steps results in a MODIFY event, before a DELETE event is created. That results in 2 emails being sent every time logs are rotated if using the above script. I've not tried to ignore these yet - checking for logrotate running at the time an event is triggered could be a solution.

The systemd service is defined in /etc/systemd/system/webmention.service:

[Unit]
Description=Service to monitor nginx log for webmentions
After=multi-user.target

[Service]
ExecStart=/root/webmention_service.sh

[Install]
WantedBy=multi-user.target

Announcing I'm accepting webmentions is as simple as putting the endpoint in the header of the blog:

<link rel="webmention" href="https://www.vanrenterghem.biz/webmention">

Clearly federating conversation as the final level of joining the indieweb is quite a bit more complicated than achieving 'level 2' status on indiewebify.me.