Matrix Notification Plugin by jonas0b1011001 · Pull Request #106 · bunkerity/bunkerweb-plugins

jonas0b1011001 · 2024-09-21T17:58:48Z

Initially made this for myself, maybe you want to add it to your collection.
Code is heavily inspired by your Webhook plugin.

This is how it looks in Element.

TheophileDiot · 2026-04-13T08:21:50Z

@coderabbitai full review

coderabbitai · 2026-04-13T08:21:58Z

✅ Actions performed

Full review triggered.

coderabbitai · 2026-04-13T08:22:01Z

Matrix Notification Plugin (New)

Summary: New plugin added to send attack denial notifications to Matrix chat rooms via the Matrix Client-Server API. Implementation includes async delivery and IP/ASN enrichment. Critical runtime bug and missing version tracking present.

Files Added

matrix/plugin.json – Plugin metadata with 6 configuration settings (USE_MATRIX, MATRIX_BASE_URL, MATRIX_ROOM_ID, MATRIX_ACCESS_TOKEN, MATRIX_ANONYMIZE_IP, MATRIX_INCLUDE_HEADERS)
matrix/matrix.lua – Core plugin logic (210 lines) extending base plugin class
matrix/utils.lua – Helper module for ASN organisation lookup (21 lines)
matrix/README.md – User documentation with Docker/Swarm/Kubernetes setup examples
matrix/ui/actions.py – UI integration for ping status card
README.md – Added Matrix plugin entry to index

Plugin Metadata

Version: 1.1
Stream mode: Enabled
Context: Multisite for USE_MATRIX toggle; global for credentials and options

Critical Issues

Runtime bug in matrix.lua, line 50: Typo elf.logger:log(ERR, ...) should be self.logger:log(ERR, ...). This will cause a crash when country lookup fails during request denial handling.
Missing COMPATIBILITY.json entry: Plugin version 1.1 is not registered in COMPATIBILITY.json. The collection tracks versions 0.3–1.4 mapping to BunkerWeb 1.5.0–1.5.6, but there is no 1.6 entry despite the README badge indicating "bunkerweb_plugins-1.6" and the PR commit message stating "1.6 compatibility".
No test coverage: No unit or integration tests provided.

Functional Changes

Sends formatted (HTML) and plain-text Matrix messages to a configured room when requests are denied
Enriches notifications with: request details (method, host, URI), geolocation (country), ASN, ASN organisation; optionally includes HTTP request headers
Implements /matrix/ping POST endpoint for connection testing via the same Matrix API endpoint
Supports IP anonymization (masks final two octets as xxx.xxx)
Uses async timers (ngx.timer.at) for non-blocking notification delivery
Fallback error handling with logging when enrichment lookups fail

Security Observations

Access token transmitted in Authorization headers (standard Matrix practice); configured as password field in plugin.json
Header inclusion is opt-in (MATRIX_INCLUDE_HEADERS defaults to no)
IP anonymisation regex (%d+%.%d+$) masks only final two octets; adequate for basic privacy but not a strong anonymisation strategy
No rate limiting on ping endpoint
Settings validation uses overly permissive regex for text fields (^.*$); MATRIX_BASE_URL and MATRIX_ROOM_ID should validate format more strictly
Default MATRIX_BASE_URL points to public matrix.org; users must reconfigure for private instances

Configuration

Boolean settings correctly use strict regex ^(yes|no)$. Text fields default to acceptable placeholders but lack format validation.

Documentation & Deployment

README includes setup examples for Docker Compose, Swarm, and Kubernetes (annotations)
Links to BunkerWeb plugin installation docs
UI action provides ping status card for testing connectivity

Walkthrough

A new Matrix notification plugin is introduced for BunkerWeb, enabling the system to send attack notifications to a configured Matrix room. The implementation includes core Lua logic, plugin configuration, documentation, and UI integration for health monitoring.

Changes

Cohort / File(s)	Summary
Plugin Configuration & Implementation `matrix/matrix.lua`, `matrix/plugin.json`, `matrix/utils.lua`	Core plugin logic for sending Matrix room notifications on denied requests, with async HTTP client instantiation, optional IP anonymisation, header inclusion, and ASN enrichment via utility function. Plugin metadata defines six configuration settings and declares streaming mode.
Documentation `README.md`, `matrix/README.md`	Added Matrix plugin entry to main README and comprehensive setup guide covering prerequisites (Matrix base URL, access token, room ID), installation instructions, and deployment examples for Docker, Swarm, and Kubernetes with configuration settings reference table.
UI Integration `matrix/ui/actions.py`	New UI module providing `pre_render()` function to fetch and display ping status for the Matrix plugin endpoint, with error logging and graceful exception handling.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Poem

📨 Through Matrix threads, alerts now flow,
When attacks strike, the warnings glow,
BunkerWeb speaks to rooms with care,
Async shields dance through the air,
Security whispers, configured and bright! 🛡️

🚥 Pre-merge checks | ✅ 1 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	Title is vague and generic; it lacks specificity about the change type (feat/add) and does not follow Conventional Commits or the required " - description" format.	Reformat title to follow Conventional Commits: e.g., "feat: add Matrix Notification Plugin" or "matrix - add notification plugin for Matrix integration".

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description check	✅ Passed	Description is related to the changeset; it mentions the plugin's purpose, origin, and provides visual context, though it lacks technical detail.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

TheophileDiot · 2026-04-13T09:10:56Z

@coderabbitai review

coderabbitai · 2026-04-13T09:11:04Z

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

coderabbitai

Actionable comments posted: 11

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@matrix/matrix.lua`:
- Around line 106-136: The send path currently continues after http_new() or
httpc:request_uri() failures, which causes httpc:close() and res.status
dereferences on nil; update the logic in the Matrix send function(s) to
immediately return an error when http_new() fails (http_new -> httpc nil) and
likewise after request_uri() fails (res nil), ensuring you do not call
httpc:close() or access res.status in those failure branches; specifically, in
the code using http_new(), httpc, httpc:request_uri, httpc:close and res.status
(also apply the same fix to the second send path around the block referenced at
185-203), log the error and return early before touching httpc or res.
- Around line 75-85: When MATRIX_INCLUDE_HEADERS is enabled in matrix.lua, avoid
forwarding raw headers in the loop that appends to data["formatted_body"] and
data["body"]; instead implement an allow-list (e.g., only include common safe
headers like "User-Agent", "Accept", "Host") or explicitly redact sensitive
names (e.g., "Authorization", "Cookie", "Set-Cookie", "X-CSRF-Token",
"Proxy-Authorization", "Authentication") before serialising, and in the for
header,value in pairs(headers) block replace sensitive values with a placeholder
like "[REDACTED]" (or skip adding those headers entirely) so no bearer tokens,
cookies, CSRF tokens, or secrets are sent to Matrix.
- Around line 48-50: The country lookup fallback has a typo and uses an
undefined variable: replace "elf.logger" with "self.logger", reference the IP
with "self.ctx.bw.remote_addr" in the log message (instead of "remote_addr"),
and ensure you set a safe fallback value (e.g. assign country = "Country
unknown") after logging so callers of get_country handling the nil case don't
raise; look for get_country, self.ctx.bw.remote_addr, self.logger and the local
variable country in the surrounding code to apply these changes.
- Around line 124-131: The Matrix HTTP calls use httpc:request_uri() without
timeouts; before each request_uri call (e.g., the PUT call that sends post_data
to url using access_token and the other request_uri call later) call
httpc:set_timeout(1000) or httpc:set_timeouts(...) to enforce a 1s (or
configured) timeout so the worker thread won't block; update both places that
call httpc:request_uri() to set the timeout on the httpc instance immediately
before invoking request_uri().
- Around line 111-115: The txn_id currently set via tostring(os.time()) is not
collision-resistant; replace it with a per-send unique id and update both places
where txn_id is generated/used (the variable named txn_id in matrix.lua). For
example, build txn_id by concatenating os.time() with a higher-resolution or
unique per-request value: use ngx.var.msec if available (tostring(os.time()) ..
"-" .. ngx.var.msec), or ngx.var.request_id when present, or combine
ngx.now()*1000 with a short random suffix to guarantee uniqueness across rapid
successive sends; ensure both locations that set txn_id use the same new
generation logic so Matrix idempotency keys are unique per send.
- Around line 70-85: Sanitise and flatten request-derived inputs before
concatenating into data["formatted_body"] and data["body"]: run request_method,
remote_addr, request_host, self.ctx.bw.uri, reason, reason_data and every header
name/value through an HTML-escape helper (e.g., escape_html) for formatted_body
and tostring for plain body, and when reading headers from ngx_req.get_headers()
handle table values by flattening with table.concat(v, ", ") (or tostring on
non-tables) so duplicate headers do not cause concatenation errors; apply this
transformation where data["formatted_body"] and data["body"] are built and when
iterating headers returned by ngx_req.get_headers().

In `@matrix/README.md`:
- Around line 5-15: The Table of contents contains a stale entry linking to
"#todo" that does not exist; open the README.md section containing the bulleted
list (the lines under "Table of contents") and remove the "- [TODO](`#todo`)" list
item so the TOC matches the actual headings and keeps the documentation concise
and accurate.
- Around line 34-50: Update the Docker examples in matrix/README.md to reference
the 1.6 image series: replace all occurrences of the image tag
"bunkerity/bunkerweb:1.5.10" (seen in the bunkerweb service blocks) with the
appropriate 1.6 tag (e.g., "bunkerity/bunkerweb:1.6" or the exact 1.6.x release
you intend to document) so examples match this PR's 1.6 compatibility; ensure
both instances mentioned in the diff are updated.
- Around line 86-93: The settings table in README.md has drifted from
matrix/plugin.json; rerun the JSON-to-Markdown generator
(.tests/misc/json2md.py) against matrix/plugin.json to regenerate the table (so
defaults like MATRIX_ACCESS_TOKEN show as an empty string), replace the manually
edited table in README.md with the generated output, and commit the regenerated
README instead of hand-editing the table.

In `@matrix/ui/actions.py`:
- Around line 18-21: The code assigns str(e) to ret["error"], exposing
potentially sensitive details; change this so the full exception remains only in
server logs (keep logger.debug(format_exc()) and logger.error(f"Failed to get
matrix ping: {e}") for diagnostics) but replace ret["error"] with a generic,
non-sensitive marker such as "Unable to retrieve matrix ping" or
"internal_error" (update the assignment to ret["error"] accordingly) — locate
the try/except handling around the ping path where ret["error"] is set and
remove any raw exception string from the payload.
- Around line 29-30: The function matrix(**kwargs) currently returns None which
violates the plugin main-page contract; update the matrix function to return an
empty dict ({}). Locate the matrix function definition and replace the
pass/implicit None with a return {} so it matches other plugin entry points
(e.g., clamav, coraza, crowdsec, discord) and ensures callers receive a
dictionary.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

Push a commit to this branch (recommended)
Create a new PR with the fixes

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 753a0cbf-db03-4998-b08e-b65f9b264c6e

📥 Commits

Reviewing files that changed from the base of the PR and between 4951522 and b0a9540.

📒 Files selected for processing (6)

README.md
matrix/README.md
matrix/matrix.lua
matrix/plugin.json
matrix/ui/actions.py
matrix/utils.lua

📜 Review details

🧰 Additional context used

📓 Path-based instructions (5)

**/*.md