SawatoMosswartsEnjoyersClub/MosswartOverlord
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
MosswartOverlord/discord-rare-monitor
History
Erik a28b61511c security: enforce real plugin secret, fix proxy auth bypass, loopback DB ports, nightly backups 
- SHARED_SECRET now read from env and fail-closed: unset/placeholder refuses
  ALL plugin connections (constant-time compare). The old hardcoded
  'your_shared_secret' in this public repo was no auth at all. Dockerfile
  default removed; generate_data.py reads the env var.
- SECRET_KEY fails closed at startup (main.py and agent/auth.py) instead of
  falling back to a publicly-known signing key; agent systemd unit now
  requires /etc/overlord/agent.env (no '-' prefix).
- AuthMiddleware + /ws/live: replace the 172.x source-IP trust (which every
  nginx-proxied internet request satisfied via docker-proxy — full session
  bypass and unauthenticated in-game command injection) with
  private-source AND no X-Forwarded-For, i.e. only genuinely internal
  callers (overlord-agent on the host, compose-network services). Invariant
  documented in nginx/overlord.conf: every tracker-bound location must set
  X-Forwarded-For.
- /character-stats/test endpoints gated behind admin (they upsert real rows).
- docker-compose: bind 5432/5433 to 127.0.0.1 (both DBs were internet-
  reachable; active brute-force observed in dereth-db logs).
- discord-rare-monitor: drop dead SHARED_SECRET constant.
- scripts/backup-databases.sh + docs/backups.md: nightly pg_dump of both DBs
  (telemetry/spawn hypertable data excluded), 10MB canary, umask 077,
  TimescaleDB restore procedure.
- Remove stray mangled-path css file from repo root.

Adversarially reviewed pre-deploy (3-lens workflow): ship verdict; deploy-
sequencing blockers addressed (secret staged before enforcement, exec bit
set, cron uses bash).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-10 17:02:47 +02:00
..
icons added portals, quest tracking, discord monitor etc etc 2025-06-23 19:26:44 +00:00
config.py added portals, quest tracking, discord monitor etc etc 2025-06-23 19:26:44 +00:00
discord_rare_monitor.py security: enforce real plugin secret, fix proxy auth bypass, loopback DB ports, nightly backups 2026-06-10 17:02:47 +02:00
Dockerfile added portals, quest tracking, discord monitor etc etc 2025-06-23 19:26:44 +00:00
icon_mapping.py added portals, quest tracking, discord monitor etc etc 2025-06-23 19:26:44 +00:00
icon_name_mapping.json added portals, quest tracking, discord monitor etc etc 2025-06-23 19:26:44 +00:00
README.md added portals, quest tracking, discord monitor etc etc 2025-06-23 19:26:44 +00:00
requirements.txt added portals, quest tracking, discord monitor etc etc 2025-06-23 19:26:44 +00:00
test_websocket.py added portals, quest tracking, discord monitor etc etc 2025-06-23 19:26:44 +00:00

README.md

Discord Rare Monitor Bot

A Discord bot that monitors the Dereth Tracker WebSocket stream for rare discoveries and posts filtered notifications to Discord channels.

Features

  • Real-time Monitoring: Connects to Dereth Tracker WebSocket for instant rare notifications
  • Smart Classification: Automatically classifies rares as "common" or "great" based on keywords
  • Rich Embeds: Posts formatted Discord embeds with location and timestamp information
  • Dual Channels: Posts to separate channels for common and great rares
  • Robust Connection: Automatic reconnection with exponential backoff on connection failures

Rare Classification

Common Rares

Items containing these keywords (except "Frore Crystal"):

  • Crystal
  • Jewel
  • Pearl
  • Elixir
  • Kit

Great Rares

All other rare discoveries not classified as common.

Configuration

The bot is configured via environment variables:

Variable Default Description
DISCORD_RARE_BOT_TOKEN Required Discord bot token
DERETH_TRACKER_WS_URL ws://dereth-tracker:8765/ws/position WebSocket URL
COMMON_RARE_CHANNEL_ID 1355328792184226014 Discord channel for common rares
GREAT_RARE_CHANNEL_ID 1353676584334131211 Discord channel for great rares
LOG_LEVEL INFO Logging level (DEBUG, INFO, WARNING, ERROR)

Docker Usage

The bot is designed to run as a Docker container alongside the Dereth Tracker services:

# Build and start all services including the Discord bot
docker-compose up -d

# View bot logs
docker-compose logs discord-rare-monitor

# Restart just the bot
docker-compose restart discord-rare-monitor

Manual Setup

  1. Create a Discord application and bot at https://discord.com/developers/applications
  2. Get the bot token and invite the bot to your Discord server
  3. Set the DISCORD_RARE_BOT_TOKEN environment variable
  4. Ensure the bot has permissions to send messages in the target channels

Message Format

The bot listens for WebSocket messages with this structure:

{
  "type": "rare",
  "character_name": "PlayerName",
  "name": "Dark Heart",
  "timestamp": "2025-06-22T16:00:00Z",
  "ew": 12.34,
  "ns": -56.78,
  "z": 10.5
}

Architecture

  • WebSocket Client: Connects to Dereth Tracker's WebSocket stream
  • Message Filter: Only processes {"type": "rare"} messages
  • Classifier: Determines rare type based on name keywords
  • Discord Client: Posts formatted embeds to appropriate channels
  • Retry Logic: Automatic reconnection with exponential backoff

Dependencies

  • discord.py>=2.3.0 - Discord API client
  • websockets>=11.0.0 - WebSocket client library

Benefits

  • Zero Duplication: Each rare generates exactly one notification
  • Real-time: Instant notifications via WebSocket stream
  • Lightweight: Minimal resource usage (~50MB RAM)
  • Reliable: Robust error handling and reconnection logic
  • Integrated: Seamlessly works with existing Dereth Tracker infrastructure