Following on from my last post on joining the indieweb… Back in February, I implemented Webmentions on my website. I took a roll-my-own approach, borrowing from an idea by superkuh. It's a semi-automated solution which listens for webmentions using nginx. When (if) one is received, an email is generated that tells me about this, allowing me to validate it's a genuine comment.
Technically, nginx logs the body of POST requests in its logfile. In the main configuration file `/etc/nginx/nginx.conf`, I've added
# Defined for Webmention logging support of www.vanrenterghem.biz log_format postdata '$time_local,$remote_addr,"$http_user_agent",$request_body'; """]] In the configuration for www.vanrenterghem.biz, the following lines enable logging webmention requests: [[!format sh """ # use proxying to self to get the HTTP post variables. # https://stackoverflow.com/questions/4939382/logging-post-data-from-request-body location = /webmention { limit_req zone=webmention; client_max_body_size 7k; if ($request_method = POST) { access_log /var/log/nginx/postdata.log postdata; proxy_pass $scheme://www.vanrenterghem.biz/logsink; break; } return 204 $scheme://$host/serviceup.html; } location /logsink { #return 200; # use 204 instead of 200 so no 0 byte file is sent to browsers from HTTP forms. return 204; }
Before the `server` section in there, I'm reducing the risk of abuse by rate limiting requests:
limit_req_zone $server_name zone=webmention:1m rate=2r/s;
The logfile is being monitored by a service calling a shell script:
#!/bin/sh # Service starts on boot in /etc/systemd/system/webmention.service TO=my@email.address WEBMENTION_LOG=/var/log/nginx/postdata.log inotifywait -s -m $WEBMENTION_LOG --format "%e %w%f" --event modify| while read CHANGED; do echo "$CHANGED" logger "Webmention received" tail -n1 $WEBMENTION_LOG | /usr/bin/mail -a'From: niihau webmention service <webmaster@email.address>' -s 'Webmention received' $TO done
This uses `inotifywait`, which is part of inotify-tools. Unfortunately, `logrotate` will remove the log file on a regular basis, which is done in 3 steps. The first 2 steps results in a MODIFY event, before a DELETE event is created. That results in 2 emails being sent every time logs are rotated if using the above script. I've not tried to ignore these yet - checking for `logrotate` running at the time an event is triggered could be a solution.
The systemd service is defined in `/etc/systemd/system/webmention.service`:
[Unit] Description=Service to monitor nginx log for webmentions After=multi-user.target [Service] ExecStart=/root/webmention_service.sh [Install] WantedBy=multi-user.target
Announcing I'm accepting webmentions is as simple as putting the endpoint in the header of the blog:
<link rel="webmention" href="https://www.vanrenterghem.biz/webmention">
Clearly federating conversation as the final level of joining the indieweb is quite a bit more complicated than achieving 'level 2' status on indiewebify.me.
Posted on Sunday 14 May 2023 at 20:32