[generic webhook] No signature on URL

[rhizoet]

I have set up hookshot with a generic webhook. I use the current helm chart for this or have supplemented it so that I can use the encryption.

But no matter how I set up the bridge, I get the following error message every time:

ERROR 08:15:50:988 [Webhooks] No signature on URL. Rejecting                                                                                                   
INFO 08:15:50:989 [ListenerService] POST /webhooks/98b318f6-8009-4fcd-b400-2fd6a4d33d32 500 - HS_UNKNOWN - An internal error occurred                          
DEBUG 08:15:50:991 [ListenerService] Error: Invalid signature.                                                                                                 
    at Webhooks.verifyRequest (/usr/bin/matrix-hookshot/Webhooks.js:349:15)                                                                                    
    at /usr/bin/matrix-hookshot/node_modules/body-parser/lib/read.js:111:9                                                                                     
    at AsyncResource.runInAsyncScope (node:async_hooks:206:9)                                                                                                  
    at invokeCallback (/usr/bin/matrix-hookshot/node_modules/raw-body/index.js:231:16)                                                                         
    at done (/usr/bin/matrix-hookshot/node_modules/raw-body/index.js:220:7)                                                                                    
    at IncomingMessage.onEnd (/usr/bin/matrix-hookshot/node_modules/raw-body/index.js:280:7)                                                                   
    at IncomingMessage.emit (node:events:518:28)                                                                                                               
    at IncomingMessage.emit (node:domain:488:12)                                                                                                               
    at endReadableNT (node:internal/streams/readable:1696:12)                                                                                                  
    at process.processTicksAndRejections (node:internal/process/task_queues:82:21) {                                                                           
  expose: true,                                                                                                                                                
  statusCode: 403,                                                                                                                                             
  status: 403,                                                                                                                                                 
  body: <Buffer 7b 22 65 76 65 6e 74 6d 65 74 61 22 3a 7b 22 6b 69 6e 64 22 3a 22 50 6f 64 22 2c 22 6e 61 6d 65 22 3a 22 6b 75 62 65 77 61 74 63 68 2d 36 63 62
  type: 'entity.verify.failed'                                                                                                                                 
}

My configuration looks like this:

ingress:
  webhook:
    enabled: true
    className: nginx
    annotations:
      cert-manager.io/cluster-issuer: letsencrypt-prod
    hosts:
      - host: webhook.matrix.example.com
        paths:
        - path: /
          pathType: Prefix
          port: 9000
    tls:
      - secretName: hookshot-webhook-tls
        hosts:
          - webhook.matrix.example.com
  appservice:
    enabled: true
    className: nginx
    annotations:
      cert-manager.io/cluster-issuer: letsencrypt-prod
    hosts:
      - host: hookshot.matrix.example.com
        paths:
          - path: /
            pathType: Prefix
            port: 9002
    tls:
      - secretName: hookshot-app-tls
        hosts:
          - hookshot.matrix.example.com
persistence:
  enabled: true
  storageClass: ssd
  accessMode: ReadWriteOnce
  size: 8Gi
hookshot:
  config:
    bridge:
      domain: example.com
      url: http://synapse-matrix-synapse:8008
      mediaUrl: http://synapse-matrix-synapse:8008
      port: 9993
      bindAddress: 0.0.0.0
    passFile: /data/passkey.pem
    logging:
      level: debug
    bot:
      displayname: Hookshot Bot
      avatar: mxc://half-shot.uk/2876e89ccade4cb615e210c458e2a7a6883fe17d
    generic:
      enabled: true
      enableHttpGet: false
      urlPrefix: https://webhook.matrix.example.com/webhooks
      userIdPrefix: _webhooks_
      allowJsTransformationFunctions: true
      waitForComplete: false
    cache:
      redisUri: redis://:PASSWORD@redis-master:6379
    experimentalEncryption:
      storagePath: /persistent/encryption
    widgets:
      addToAdminRooms: false
      disallowedIpRanges: []
      roomSetupWidget:
        addOnInvite: true
      publicUrl: "https://hookshot.matrix.example.com/widgetapi/v1/static"
      branding:
        widgetTitle: Hookshot Configuration
    permissions:
      - actor: '@user:example.com'
        services:
          - service: '*'
            level: admin
registration:
  id: matrix-hookshot
  as_token: TOKEN
  hs_token: TOKEN
  namespaces:
    rooms: []
    users:
      - regex: '@_webhooks_.+:example.com'
        exclusive: true
  sender_localpart: hookshot
  url: http://hookshot:9993
  rate_limited: false
  de.sorunome.msc2409.push_ephemeral: true
  push_ephemeral: true
  org.matrix.msc3202: true
passkey: |-
  MULTILINE
  PRIVATE
  KEY

What am I doing wrong?

[verymilan]

It happened to me as well, the proxy should instead use the /webhook endpoint. As soon as i droped the s, things started to work :)