{"id":21453583,"url":"https://github.com/queil/seon","last_synced_at":"2025-03-17T03:13:25.007Z","repository":{"id":172976461,"uuid":"645718450","full_name":"queil/seon","owner":"queil","description":"Script Execution Over the Network","archived":false,"fork":false,"pushed_at":"2023-06-13T15:31:13.000Z","size":51,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-23T12:46:34.842Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"F#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/queil.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-05-26T09:25:38.000Z","updated_at":"2023-06-06T08:18:52.000Z","dependencies_parsed_at":null,"dependency_job_id":"886b4d2c-37b6-4561-847d-447dae7c2b22","html_url":"https://github.com/queil/seon","commit_stats":null,"previous_names":["queil/seon"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/queil%2Fseon","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/queil%2Fseon/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/queil%2Fseon/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/queil%2Fseon/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/queil","download_url":"https://codeload.github.com/queil/seon/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243965783,"owners_count":20375918,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-23T04:40:12.031Z","updated_at":"2025-03-17T03:13:24.995Z","avatar_url":"https://github.com/queil.png","language":"F#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Seon\n\nA configurable JWT-authenticated sub-claim-authorized endpoint for running bash scripts on Linux hosts via `https` (`curl` and the like). It's parameterless and fire'n'forget i.e. you only run a POST request to configured endpoints, (each can have a different script), and get HTTP status codes back. \n\n## Example usage (client)\n\n*Assuming you have a `/deploy` endpoint configured*\n\n```sh\ncurl -vvv -sS --fail-with-body -X POST -H \"Authorization: Bearer $DEPLOY_TOKEN\" \\\n      https://your.url.com/deploy\n```\n## Install\n\n### Publish the project:\n\n```sh\ndotnet publish -r linux-x64 -c Release -p:PublishSingleFile=true --self-contained -p:PublishTrimmed=true\n```\n\n### Copy files to your Linux host \n\n(e.g. to `/opt/seon`): `seon`, `seon.pdb`, `appsettings.json`.\n\n### Configure seon\n\n:warning: For seon to be useful it needs to be available either on the internet or your internal network. Configuring that is beyond the scope of this document.\n\nIf all your endpoints use the same JWT config you can configure it on the root level but you can override \nif per endpoint, just add the `jwt` node there.\n\n*appsettings.json*\n\n```json\n{\n  \"Logging\": {\n    \"LogLevel\": {\n      \"Default\": \"Debug\",\n      \"System\": \"Debug\",\n      \"Microsoft\": \"Debug\"\n    }\n  },\n  \"Urls\": \"http://127.0.0.1:5000\",\n  \"basePath\": \"\",\n  \"seon\": {\n    \"endpoints\": {\n      \"/run\": {\n        \"command\": {\n          \"path\": \"/tmp/test/test.sh\",\n          \"workingDir\": \"/tmp/test\"\n        },\n        \"auth\": {\n          \"allowedSub\": \"\"\n        }\n      }\n    },\n    \"jwt\": {\n      \"authority\": \"\",\n      \"issuer\": \"\",\n      \"audience\": \"\",\n      \"debug\": false\n    }\n  }\n}\n\n```\n\n### Configure systemd\n\n*Assuming you save it in /opt/seon/seon.service*\n\nExample unit file:\n\n```sh\n[Unit]\nDescription=Script Execution Over the Network\n\n[Service]\nType=exec\nExecStart=/opt/seon/seon\nWorkingDirectory=/opt/seon\nEnvironment=DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1\n\n[Install]\nWantedBy=multi-user.target\n```\n### Install the service\n\n* Symlink `/opt/seon/seon.service` to `/etc/systemd/system/seon.service`\n* Reload config: `sudo systemctl daemon-reload`\n* Enable \u0026 start the service: `sudo systemctl enable seon.service --now`\n* View logs: `journalctl -u seon -xn100 | less`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqueil%2Fseon","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fqueil%2Fseon","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqueil%2Fseon/lists"}