From 3bcabe46ac8fff98e79c7016412400f41d992e97 Mon Sep 17 00:00:00 2001 From: Yehoyada Date: Fri, 25 Oct 2024 13:06:15 +0300 Subject: [PATCH 1/2] remove ssl cert --- cmd/server.crt | 19 ------------------- cmd/server.key | 28 ---------------------------- 2 files changed, 47 deletions(-) delete mode 100644 cmd/server.crt delete mode 100644 cmd/server.key diff --git a/cmd/server.crt b/cmd/server.crt deleted file mode 100644 index 05cc46f..0000000 --- a/cmd/server.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDFzCCAf8CFEr5EL/yymRq5V/Gb90zfI27zc1+MA0GCSqGSIb3DQEBCwUAMEgx -CzAJBgNVBAYTAklMMRMwEQYDVQQIDApTb21lLVN0YXRlMRAwDgYDVQQKDAd0ZXN0 -aW5nMRIwEAYDVQQDDAkxMjcuMC4wLjEwHhcNMjQwODMwMTEyODMxWhcNMjUwODMw -MTEyODMxWjBIMQswCQYDVQQGEwJJTDETMBEGA1UECAwKU29tZS1TdGF0ZTEQMA4G -A1UECgwHdGVzdGluZzESMBAGA1UEAwwJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEAnPuJiW2y951vdrVaXmN8imc6s9D/fSFvnus4rkDv -8f8eBLOC4kb2aFLZ4ugH6a2fkKOVn7XHPoaLv83yyIO3jcCUh6dHo2dTy134Z6aa -t4SheG6bxR4X54c/9yus9G7D0p6t8tkbFjR8J7aR2tvc8a4sUd6OHn+GDiudZwnG -oGs4An34pYXk7H7l5JhL/c2U0srYRILnUMbyflEz+ZAy4jd+2MqFD/yUnYNIWZeD -+FscEKT51G1HpmsVdXV55zMz/SAZ0rk9YZiY2G+thxZa4bQvOVm12PASbwS3Nxl+ -0Pe5FFqM5yMTYdQn9zBleyHSMbdmkE5napTmrFlNLgKQ8wIDAQABMA0GCSqGSIb3 -DQEBCwUAA4IBAQAFkAostxRlbjlM0+zUnl6msqFo09vXmpg26Ah+zqy5zcfF51Oy -rY0v+K1IMN9p7167dKSKxlBLeqMIZAuZnUpsxEc8TOYgUIEYZwuJFxqZzl+7Jgdl -NfbyRT8hzk2PNixe28zkLz2vgRzRjUw/p+XeFF9E19hPkBakFm2Ba7NkMu/C50c9 -Yk5oWG5mE6IdpIloU/tu06sSfOhCetrSRW4HtBy0R+3/2SLEO2bt66Dgg9zUB17U -n5nrhD3M6Z6mOOm7ZJP2Am1Ex3At8IXkLTktywF0zOVhSST4kLQy5WlWVPXfgA2j -r4+KuSN5xlb5lqTI9ECQB3NS69PFPr8uz/Is ------END CERTIFICATE----- diff --git a/cmd/server.key b/cmd/server.key deleted file mode 100644 index da9897a..0000000 --- a/cmd/server.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCc+4mJbbL3nW92 -tVpeY3yKZzqz0P99IW+e6ziuQO/x/x4Es4LiRvZoUtni6AfprZ+Qo5Wftcc+hou/ -zfLIg7eNwJSHp0ejZ1PLXfhnppq3hKF4bpvFHhfnhz/3K6z0bsPSnq3y2RsWNHwn -tpHa29zxrixR3o4ef4YOK51nCcagazgCffilheTsfuXkmEv9zZTSythEgudQxvJ+ -UTP5kDLiN37YyoUP/JSdg0hZl4P4WxwQpPnUbUemaxV1dXnnMzP9IBnSuT1hmJjY -b62HFlrhtC85WbXY8BJvBLc3GX7Q97kUWoznIxNh1Cf3MGV7IdIxt2aQTmdqlOas -WU0uApDzAgMBAAECggEADc1HwF92trKO1D8JnPbeQkTlMl4TuGqyJ6TCrP9kmUA2 -4W7u+PoIPA/cvEhuOatcNhlL1GjlBahKrShsShjakIn4BR09/S3efija6DILtEri -73W6GFCXBXIsu4yJfkwmx2PQI2PXL9KZf9xbYoSmHlGT7/bDRAcuQByxkBeZ8QyY -6+BCIgMC80lpi4rOcVTgDNxwz0HYF3AwEZRbMZC/C8X7hpWRPbZWIeUGMpoCVnxR -kRK5HfcMEMACMvlNWyD8tDaPZsNquWHpxB9qq0U3vxdvVKojdxuCPema9eZ935Jh -CUsnywyQBjIHUY0ryhDEoncOUdgzFFjoX3zoKQYycQKBgQC/Qqm0NFgXYbAXaFvZ -mUbx0oLPGGA/JmRai39CEV3d31kfEm6B8UTbpFl0aEgwPn4+IYh5putN0WP4ve1n -L82INuZTJO+iqlkPLEpieHriZo7RDALdVjUHoRytoRaJMHt5+LVi3TJE9FRZDaTd -Y5tPG/tHbApmHTfFnozfPYdrhwKBgQDSHpaZd51dqB1os0//DH93eO3FTFyfC4n6 -xNyS1RhE/mFLC7V//16a1xRR9b5bnMbqqvHAZDyqUC6F4ZVjHR/WBHWBfQ6UuhA2 -2uvbEL6zvFC2OyLE6BMKYsAZ9TPuKPXG/IlNqWzN8yOvHqkPz+GPeGGKWnIrkwdw -Hrasw9vCNQKBgQCEl7iCv48alpS3hZe3oPV4DFK3M9T1sq37v523tcZ3XLGyQtrt -ps/v3V5Ov0TcfVaTyDeO7tNOHY3LEhCVaqR4fGbs2TxwbtxTEod3AMNgVW1JK6SI -wYz9/wmcrYKsFTpk8rD9GxAQkbowCq9y8+zlySZI+3OyGythC2vqEAPj3QKBgEPA -cTcTBr8IUlNMXmMTGJbhe2m+8a6m/drKV4VRCP5WN/EG2YNoSI0NBRRYdQT9THam -oEU1DQqtyBKLZqwK3BUaYvlZ5bW3OTs25A5DG/rAohXgg5mSa3FR3jeAhToqIvYC -wBM2qkrON5dj/4eFtGmam3kNKPs78Y4JmUWj8dxxAoGAVbV62tUIQv8hCRF8y5u/ -QA5dbqj8UJWmUqi92ERbo6XdIIaEgf5dAh2iBBL/KsJyBEiPuYub0duaY9yBqone -aPyJt5g4YBmp7CMTF+Ko3FnsQ885p89lSb6+vTID+kmC6y/YKx0XtPDPS/2Yr1D3 -70bwv+NgZDciiMqXKfRR/u0= ------END PRIVATE KEY----- From 622d290bfb97c172f33b0c2d1a4eac1675b3634a Mon Sep 17 00:00:00 2001 From: Yehoyada Date: Fri, 25 Oct 2024 14:07:56 +0300 Subject: [PATCH 2/2] Better readme --- README.md | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 59 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 15565ed..a43fac9 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,44 @@ This reverse proxy server is designed to forward incoming requests to internal services, while offering advanced features such as SSL termination, rate limiting, content optimization, and OpenAPI-based request/response validation. -## Key Features +## Supported Features + +- 🔒 SSL Termination - HTTPS support with configurable SSL certificates + +- 🚀 Content Optimization + - Minification for HTML, CSS, JS, XML, JSON, and SVG + - GZIP compression support + + +- ⚡ Performance Controls + - Configurable request timeouts + - Maximum request size limits + - Response caching for cacheable content + + +- 🛡️ Security & Protection + + - IP-based rate limiting (per minute/day) + - Request/response validation via OpenAPI + +- ⚖️ Load Balancing + + - Multiple backend server support + - Round-robin, random, and least-latency policies + - Weighted distribution options + + +- 📁 File Serving - Static file serving with path stripping + +- 🏥 Health Monitoring + + - Automated health checks with cron scheduling +Configurable failure notifications + + +- 📊 Observability - OpenTelemetry integration for tracing and metrics + +## More About The Features ### 1. SSL Termination The proxy supports secure connections through SSL, with configurable paths to the SSL key and certificate files. This allows for secure HTTPS communication between clients and the reverse proxy. @@ -218,10 +255,28 @@ services: ``` -### Breakdown: +### Breakdown +The configuration is organized into three main sections: + +1. Global Settings: + - Server configuration (host, port) + - SSL settings + - OpenTelemetry configuration + + +2. Services +- Domain-based routing +- Multiple endpoints per domain +- Path-based matching with longest-prefix wins + + +3. Endpoints +- Backend service configuration +- Performance optimizations +- Security controls +- Monitoring settings -- Services: You can define multiple domains and endpoints, each with their own routing and optimization settings. -- Endpoints: You can have multiple endpoints that share a path prefix, the request will be routed to the longest muching endpoint. +Each endpoint can be independently configured with its own set of features, allowing for flexible and granular control over different parts of your application. ## License