/chatbot-notifier

This application allow sending of messages to chat group with token ecryption capabilities

Primary LanguageGoMIT LicenseMIT

chatbot-notifier

chatbot-notifier is a tool for sending message with telegram bot while securing chat id and token using AWS KMS.
chatbot-notifier aims to make sending notification to telegram chat group in an easy yet secure way.

How it works

chatbot-notifier uses aws-sdk-go to implement the encryption and decryption operation. Thus you will require an amazon web services access key id and secret access key. Similar to using terraform or terragrunt, AWS_PROFILE have to be pass in the command line. Example will be "AWS_PROFILE= notifier send -f credential.yml -m textfile.txt". This profile read from ~/.aws/credentials. If the access key id and secret access key are set as default profile in ~/.aws/credentials, then AWS_PROFILE will not need to be pass. Example "notifier send -f credential.yml -m textfile.txt".

Example of ~/.aws/credential

[default]
role_arn = arn:aws:iam::123456789012:role/testing
source_profile = default
role_session_name = OPTIONAL_SESSION_NAME

[profile_project1]
role_arn = arn:aws:iam::123456789012:role/testing
source_profile = default
role_session_name = OPTIONAL_SESSION_NAME

For more information, see https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials_profiles.html

notifier will then get key from AWS KMS to encrypt credential.yml. ENCRYPTED credential.yml WILL NOT BE ABLE TO DECRYPT THROUGH notifier. THIS IS TO ENSURE THAT TOKEN AND CHAT ID ARE SAFE IN THE SERVER.

notifier will then be able to send message using credential.yml.

Usage Example

Encrypt credential.yml

notifier encrypt -f credential.yml

or

AWS_PROFILE=profile_project1 notifier encrypt -f credential.yml

Message can only be send after encryption

Sending message file content to chat group

notifier send -f credential.yml -m message.txt

or

AWS_PROFILE=profile_project1 notifier send -f credential.yml -m message.txt

Sending text message to chat group

notifier text -f credential.yml -m "Hello World"

or

AWS_PROFILE=profile_project1 notifier text -f credential.yml -m "Hello World"

credential.yml format (SAMPLE NOT REAL INFOR) (File can be other name)

For more information on how to get token, see https://core.telegram.org/bots#6-botfather To get your chat id, update the URL with your bot token <https://api.telegram.org/bot< token >/getUpdates>

aws:
- arn: arn:aws:kms:ap-southeast-1:XXXXXXXXXX:key/XXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX
telegram:
- token: 2312312312:DASDASGSDFDSFADSA
  chatid: -32213123123

message.txt (File can be other name)

Any free text file.

Self-compile

git clone https://github.com/GovTechSG/chatbot-notifier.git

# MacOS
env GOOS=darwin GOARCH=amd64 go build -o notifier cmd/notifier/main.go

# Linux
env GOOS=linux GOARCH=amd64 go build -o notifier cmd/notifier/main.go

# Window
env GOOS=windows GOARCH=amd64 go build -o notifier cmd/notifier/main.go