sol/openclaw-mattermost
1
0
Fork 0
forked from ROOH/openclaw-mattermost
Code Pull Requests Activity

Compare commits

base: sol:policies/add-standard-files
Branches Tags
sol:main
sol:policies/add-standard-files
ROOH:main
..
compare: ROOH:main
Branches Tags
ROOH:main
sol:main
sol:policies/add-standard-files

No commits in common. "policies/add-standard-files" and "main" have entirely different histories.
policies/a ... main

9 changed files with 13 additions and 159 deletions
Show Stats Expand all files Collapse all files

9
.editorconfig
View File

@ -1,9 +0,0 @@
root = true
[*]
indent_style = space
indent_size = 2
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true

1
.gitignore vendored
View File

@ -1 +0,0 @@
node_modules/

3
.prettierignore
View File

@ -1,3 +0,0 @@
node_modules/
*.sh
package-lock.json

6
.prettierrc
View File

@ -1,6 +0,0 @@
{
"singleQuote": true,
"trailingComma": "all",
"printWidth": 100,
"tabWidth": 2
}

17
Makefile
View File

@ -1,17 +0,0 @@
export NODE_ENV := development
.PHONY: check install fmt fmt-check secret-scan
check: install fmt-check secret-scan
install:
npm install
fmt:
npx prettier --write .
fmt-check:
npx prettier --check .
secret-scan:
bash tools/secret-scan.sh .

5
README.md
View File

@ -13,7 +13,7 @@ One-command deployment of **Mattermost Team Edition** on Ubuntu/Debian, pre-conf
## Prerequisites ## Prerequisites
| Requirement | Details | | Requirement | Details |
| ----------- | ------------------------------------------------- | |---|---|
| **OS** | Ubuntu 20.04+ / Debian 11+ | | **OS** | Ubuntu 20.04+ / Debian 11+ |
| **Access** | Root (sudo) | | **Access** | Root (sudo) |
| **Ports** | 80 and 443 open to the internet | | **Ports** | 80 and 443 open to the internet |
@ -32,7 +32,6 @@ sudo bash install.sh
``` ```
The wizard will ask you for: The wizard will ask you for:
1. **Domain name** (e.g. `chat.example.com`) 1. **Domain name** (e.g. `chat.example.com`)
2. **Email** (for Let's Encrypt SSL) 2. **Email** (for Let's Encrypt SSL)
3. **Port** (default: 8000) 3. **Port** (default: 8000)
@ -83,7 +82,7 @@ docker compose ps
## Troubleshooting ## Troubleshooting
| Issue | Fix | | Issue | Fix |
| --------------------- | ---------------------------------------------------------------------- | |---|---|
| SSL cert failed | Verify DNS A record points to this server; check ports 80/443 are open | | SSL cert failed | Verify DNS A record points to this server; check ports 80/443 are open |
| Container won't start | Check logs: `docker compose logs mattermost` | | Container won't start | Check logs: `docker compose logs mattermost` |
| 502 Bad Gateway | Container may still be booting — wait 30s and refresh | | 502 Bad Gateway | Container may still be booting — wait 30s and refresh |

31
package-lock.json generated
View File

@ -1,31 +0,0 @@
{
"name": "openclaw-mattermost",
"version": "1.0.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "openclaw-mattermost",
"version": "1.0.0",
"devDependencies": {
"prettier": "^3.2.0"
}
},
"node_modules/prettier": {
"version": "3.8.1",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.1.tgz",
"integrity": "sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg==",
"dev": true,
"license": "MIT",
"bin": {
"prettier": "bin/prettier.cjs"
},
"engines": {
"node": ">=14"
},
"funding": {
"url": "https://github.com/prettier/prettier?sponsor=1"
}
}
}
}

9
package.json
View File

@ -1,9 +0,0 @@
{
"name": "openclaw-mattermost",
"version": "1.0.0",
"private": true,
"description": "OpenClaw Mattermost Integration",
"devDependencies": {
"prettier": "^3.2.0"
}
}

69
tools/secret-scan.sh
View File

@ -1,69 +0,0 @@
#!/usr/bin/env bash
# secret-scan.sh — Scans for private keys and high-entropy secrets
# Usage: bash tools/secret-scan.sh [directory]
# Uses .secret-scan-allowlist for false positives (one file path per line)
set -e
SCAN_DIR="${1:-.}"
ALLOWLIST=".secret-scan-allowlist"
FINDINGS=0
# Build find exclusions
EXCLUDES=(-not -path "*/node_modules/*" -not -path "*/.git/*" -not -path "*/coverage/*" -not -path "*/dist/*")
# Load allowlist
ALLOWLIST_PATHS=()
if [ -f "$ALLOWLIST" ]; then
while IFS= read -r line || [ -n "$line" ]; do
[[ "$line" =~ ^#.*$ || -z "$line" ]] && continue
ALLOWLIST_PATHS+=("$line")
done < "$ALLOWLIST"
fi
is_allowed() {
local file="$1"
for allowed in "${ALLOWLIST_PATHS[@]}"; do
if [[ "$file" == *"$allowed"* ]]; then
return 0
fi
done
return 1
}
echo "Scanning $SCAN_DIR for secrets..."
# Scan for private keys
while IFS= read -r file; do
[ -f "$file" ] || continue
is_allowed "$file" && continue
if grep -qE '-----BEGIN (RSA |EC |OPENSSH |DSA )?PRIVATE KEY-----' "$file" 2>/dev/null; then
echo "FINDING [private-key]: $file"
FINDINGS=$((FINDINGS + 1))
fi
done < <(find "$SCAN_DIR" "${EXCLUDES[@]}" -type f)
# Scan for high-entropy hex strings (40+ chars)
while IFS= read -r file; do
[ -f "$file" ] || continue
is_allowed "$file" && continue
if grep -qE '[0-9a-f]{40,}' "$file" 2>/dev/null; then
# Filter out common false positives (git SHAs in lock files, etc.)
BASENAME=$(basename "$file")
if [[ "$BASENAME" != "package-lock.json" && "$BASENAME" != "*.lock" ]]; then
MATCHES=$(grep -oE '[0-9a-f]{40,}' "$file" 2>/dev/null || true)
if [ -n "$MATCHES" ]; then
echo "FINDING [high-entropy-hex]: $file"
FINDINGS=$((FINDINGS + 1))
fi
fi
fi
done < <(find "$SCAN_DIR" "${EXCLUDES[@]}" -type f -not -name "package-lock.json" -not -name "*.lock")
if [ "$FINDINGS" -gt 0 ]; then
echo "secret-scan: $FINDINGS finding(s) — FAIL"
exit 1
else
echo "secret-scan: clean — PASS"
exit 0
fi