Releases: imann128/RelayCore
Release list
v 1.1.0 - Security Hardening
Security
SSRF guard — destination URLs validated against RFC 1918, loopback, and link-local ranges (including AWS metadata endpoint 169.254.169.254) at two independent points: on save and again in the delivery worker before posting.
Brute-force login protection — django-axes locks a username after 5 failed attempts for 1 hour, effective against distributed attacks regardless of source IP.
HTTPS enforcement — SECURE_SSL_REDIRECT, one-year HSTS, and secure cookie flags activate automatically in production.
Added
User action audit log with field-level diffs (Audit Log dashboard page)
Full Docker stack — docker compose up --build starts everything
Docker Hub: imann122/relaycore:latest and imann122/relaycore-frontend:latest
Duplicate and sig_failed metric cards on Overview dashboard
Fixed
Dead code removed from routing service
Bare except Exception narrowed to except InvalidToken in encrypted field
Delivery status ordering fixed for test correctness
v1.0.0 — General Availability
v1.0.0 — General Availability
RelayCore is a production-ready, self-hosted event gateway that ingests, verifies, deduplicates, routes, and delivers HTTP webhooks with enterprise-grade reliability.
What's Included
- Ingestion Layer — HMAC-SHA256 signature verification, source-level rate limiting, atomic Redis deduplication
- Delivery Worker — Exponential backoff retry logic (max 5 retries), dead-letter queue for failed deliveries, per-route rate limiting
- Routing Engine — Event-type matching + JSONPath conditions, fan-out to multiple destinations, priority-ordered route evaluation
- Transformers — 4 built-in transformers: GitHub→Slack, GitHub→Discord, Google Calendar→Database, Form→Email
- React Dashboard — Live metrics, source/destination/route management, delivery history with 10-second auto-refresh
- Security — Encrypted auth headers at rest (Fernet), atomic deduplication prevents replay attacks
- Monitoring — Per-minute success rate, queue depth, duplicate detection, signature failures
Architecture
- Django REST API backend
- Celery task queue + Beat scheduler for metrics collection
- PostgreSQL for event storage + routing rules
- Redis for deduplication + rate limiting
- React frontend dashboard
Production Readiness
- Tested end-to-end pipeline with full test coverage
- At least once delivery guarantee with idempotency
- Observable audit trail of all events
- Rate limiting + DDoS protection
- Credential encryption at rest
Recommended Production Hardening
- Destination URL allowlist (block private IPs to prevent SSRF)
- Network-level egress filtering
- Automatic secret rotation process
- mTLS for producer connections
Getting Started
See the GitHub repo for full documentation, or use Docker Compose:
docker-compose upDashboard at localhost:5173.