right now, the webhook handler is exposed on the "main" server - which might be exposed on the internet. this endpoint is only used by lighthouse to push webhook events, so it could be internal.
we should create an "internal" server/port on the container, and an internal service used only by lighthouse
right now, the webhook handler is exposed on the "main" server - which might be exposed on the internet. this endpoint is only used by lighthouse to push webhook events, so it could be internal.
we should create an "internal" server/port on the container, and an internal service used only by lighthouse