tiennm99/claude-status-webhook
1
0
Fork 0
mirror of https://github.com/tiennm99/claude-status-webhook.git synced 2026-04-17 13:21:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: notify admin via Telegram on webhook errors

Browse Source 
Send error details to ADMIN_CHAT_ID (optional secret) whenever the
statuspage webhook handler hits an error path. Uses waitUntil() so
the notification never blocks the 200 response.
This commit is contained in:
tiennm99
2026-04-13 22:50:27 +07:00
parent 3857c1e16f
commit 62bf203c22
6 changed files with 69 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/setup-guide.md
View File

@@ -55,6 +55,10 @@ npx wrangler secret put BOT_TOKEN
npx wrangler secret put WEBHOOK_SECRET
# Choose a random secret string for the Statuspage webhook URL
npx wrangler secret put ADMIN_CHAT_ID
# (Optional) Your Telegram chat ID — receive webhook error alerts via Telegram
# Use the bot's /info command to find your chat ID
```
### 5. Deploy

5
docs/system-architecture.md
View File

@@ -63,6 +63,7 @@ A middleware in `index.js` normalizes double slashes in URL paths (Statuspage oc
| `kv-store.js` | ~140 | KV key management, subscriber CRUD, filtered listing |
| `status-fetcher.js` | ~120 | Statuspage API client, HTML formatters, status helpers |
| `crypto-utils.js` | ~12 | Timing-safe string comparison (SHA-256 hashed) |
| `admin-notifier.js` | ~25 | Sends webhook error alerts to admin via Telegram (non-blocking) |
| `telegram-api.js` | ~9 | Telegram Bot API URL builder |
## KV Storage
@@ -103,6 +104,7 @@ Binding: `claude-status` queue
Enabled via `wrangler.jsonc` `observability` config. Automatic — no code changes required.
- **Logs**: All `console.log`/`console.error` calls, request metadata, exceptions. Persisted with invocation logs enabled. Free tier: 200k logs/day, 3-day retention.
- **Admin alerts**: Webhook errors are forwarded to admin Telegram chat in real-time (requires `ADMIN_CHAT_ID` secret)
- **Traces**: Automatic instrumentation of fetch calls, KV reads, queue operations. Persisted.
- **Sampling**: 100% (`head_sampling_rate: 1`) for both logs and traces — reduce for high-volume scenarios
- **Dashboard**: Cloudflare Dashboard → Workers → Observability
@@ -110,9 +112,10 @@ Enabled via `wrangler.jsonc` `observability` config. Automatic — no code chang
## Security
- **Statuspage webhook always-200**: Handler always returns HTTP 200 (even on errors) to prevent Statuspage from removing the webhook subscription. Errors are logged, not surfaced as HTTP status codes.
- **Admin error alerts**: All webhook errors send a Telegram notification to `ADMIN_CHAT_ID` (if set) via `admin-notifier.js`. Uses `waitUntil()` to avoid blocking the response. Silently fails if `ADMIN_CHAT_ID` is not configured.
- **Statuspage webhook auth**: URL path secret validated with timing-safe SHA-256 comparison
- **Telegram webhook**: Registered via `setup-bot.js` — Telegram only sends to the registered URL
- **No secrets in code**: `BOT_TOKEN` and `WEBHOOK_SECRET` stored as Cloudflare secrets
- **No secrets in code**: `BOT_TOKEN`, `WEBHOOK_SECRET`, and `ADMIN_CHAT_ID` stored as Cloudflare secrets
- **HTML injection**: All user/external strings passed through `escapeHtml()` before Telegram HTML rendering
## Dependencies