GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → txn2 → p3y

txn2 / p3y

Licence: Apache-2.0 license
A single binary reverse proxy written in go. It was developed for use in Kubernetes, to wrap services like Prometheus with simple BasicAuth and TLS encryption.

Programming Languages

go
31211 projects - #10 most used programming language
Dockerfile
14818 projects

Labels

dockertlskubernetesproxycontainerproxy-serverreverse-proxytls-proxy

Projects that are alternatives of or similar to p3y

Goproxy
🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API。
Stars: ✭ 11,334 (+75460%)
Mutual labels:  tls, reverse-proxy, tls-proxy
Gobetween
☁️ Modern & minimalistic load balancer for the Сloud era
Stars: ✭ 1,631 (+10773.33%)
Mutual labels:  tls, proxy-server, tls-proxy
docker-ssl-reverse-proxy
Easy-to-use auto-SSL reverse proxy as a Docker container based on Caddy and Let’s Encrypt
Stars: ✭ 22 (+46.67%)
Mutual labels:  tls, reverse-proxy, tls-proxy
swarm-router
Scalable stateless «zero config» service-name ingress for docker swarm mode with a fresh more secure approach
Stars: ✭ 58 (+286.67%)
Mutual labels:  tls, reverse-proxy
Mongols
C++ high performance networking with TCP/UDP/RESP/HTTP/WebSocket protocols
Stars: ✭ 250 (+1566.67%)
Mutual labels:  proxy-server, reverse-proxy
nginx-container
Nginx high-performance HTTP server and reverse proxy container images based on Red Hat Software Collections and intended for OpenShift and general usage. Users can choose between Red Hat Enterprise Linux, Fedora, and CentOS based images.
Stars: ✭ 77 (+413.33%)
Mutual labels:  container, reverse-proxy
mps
MPS is a high-performance HTTP(S) proxy library that supports forward proxies, reverse proxies, man-in-the-middle proxies, tunnel proxies, Websocket proxies. MPS 是一个高性能HTTP(s)中间代理库,它支持正向代理、反向代理、中间人代理、隧道代理、Websocket代理
Stars: ✭ 64 (+326.67%)
Mutual labels:  proxy-server, reverse-proxy
Ssl Proxy
🔒 Simple zero-config SSL reverse proxy with real autogenerated certificates (LetsEncrypt, self-signed, provided)
Stars: ✭ 427 (+2746.67%)
Mutual labels:  tls, reverse-proxy
ptw
Pooling TLS Wrapper
Stars: ✭ 20 (+33.33%)
Mutual labels:  tls, tls-proxy
Caddy
Matthew Holt began developing Caddy in 2014 while studying computer science at Brigham Young University. (The name "Caddy" was chosen because this software helps with the tedious, mundane tasks of serving the Web, and is also a single place for multiple things to be organized together.) It soon became the first web server to use HTTPS automatically and by default, and now has hundreds of contributors and has served trillions of HTTPS requests.
Stars: ✭ 35,966 (+239673.33%)
Mutual labels:  tls, reverse-proxy
Lophttpd
lots of performance (or lots of porn, if you prefer) httpd: Easy, chrooted, fast and simple to use HTTP server for static content. Runs on Linux, BSD, Android and OSX/Darwin. It's free but if you like it, consider donating to the EFF: https://supporters.eff.org/donate
Stars: ✭ 123 (+720%)
Mutual labels:  tls, proxy-server
Noginx
High performance HTTP and reverse proxy server based on Node.js. 基于 Node.js 的高性能 HTTP 及反向代理服务器,类似nginx。
Stars: ✭ 53 (+253.33%)
Mutual labels:  proxy-server, reverse-proxy
Ergo
The management of multiple apps running over different ports made easy
Stars: ✭ 452 (+2913.33%)
Mutual labels:  proxy-server, reverse-proxy
Ecs Nginx Proxy
Reverse proxy for AWS ECS. Lets you address your docker containers by sub domain.
Stars: ✭ 93 (+520%)
Mutual labels:  container, reverse-proxy
throo
A Vert.x/Spring based HTTP reverse-proxy
Stars: ✭ 19 (+26.67%)
Mutual labels:  proxy-server, reverse-proxy
sillyproxy
SillyProxy - Dynamic SNI based TLS proxy for terminating TLS (>=1.1) HTTP connections to multiple domains.
Stars: ✭ 19 (+26.67%)
Mutual labels:  tls, tls-proxy
reproxy
Simple edge server / reverse proxy
Stars: ✭ 994 (+6526.67%)
Mutual labels:  proxy-server, reverse-proxy
go-reverse-proxy
Reverse proxy with simple routing configuration and override behaviour
Stars: ✭ 21 (+40%)
Mutual labels:  proxy-server, reverse-proxy
Nico
A HTTP2 web server for reverse proxy and single page application, automatically apply for ssl certificate, Zero-Configuration.
Stars: ✭ 43 (+186.67%)
Mutual labels:  tls, reverse-proxy
node-proxy
High performance HTTP and reverse proxy server based on Node.js. 基于 Node.js 的高性能 HTTP 及反向代理服务器,类似nginx。
Stars: ✭ 71 (+373.33%)
Mutual labels:  proxy-server, reverse-proxy
View All Similar Projects ➔

p3y: Micro Reverse Proxy

p3y is a small (3.5M Container) single binary reverse proxy written in go. It was developed for use in Kubernetes, to wrap services like Prometheus with simple BasicAuth and TLS encryption. p3y exposes its operational metrics on port 2112 by default and tracks number of requests, authentication failures and latency.

Quick Docker Example

Proxy your local port 8080 to site https://example.com.

docker run --rm -p 8080:8080 -p 2112:2112 txn2/p3y \
    -backend https://example.com:443 \
    -username test \
    -password test

Open http://localhost:8080 to view the site or http://localhost:2112 to view metrics.

Install p3y on a Mac

If you are running MacOS and use homebrew you can install kubefwd directly from the txn2 tap:

# install
brew install txn2/tap/kubefwd

# ... or upgrade
brew upgrade p3y

CLI & ENV Options

Note: The environment variables SKIP_VERIFY and TLS expect values "true" or "false" if explicitly set.

Flag Environment Variable Description
-help Display help.
-version Display version.
-backend BACKEND Backend server. (default "http://example.com:80")
-skip-verify SKIP_VERIFY Skip backend tls verify.
-ip IP Server IP address to bind to. (default "0.0.0.0")
-port PORT Server port. (default "8080")
-logout LOGOUT log output stdout (default "stdout")
-metrics_port METRICS_PORT Metrics server port. (default "2112")
-username USERNAME BasicAuth username to secure Proxy.
-password PASSWORD BasicAuth password to secure Proxy.
-tls TLS TLS Support (requires crt and key)
-crt CRT Path to cert. (enable --tls) (default "./example.crt")
-key KEY Path to private key. (enable --tls (default "./example.key")
-tlsCfg TLSCFG TLS config file path.

Kubernetes Example

The following sets up two services, one for the p3y proxy exposed on NodePort 30090, this should now be accessible from outside the cluster. Metrics for the proxy are available inside the cluster at **http://prom-proxy-metrics:2112/metrics.

Example Services:

apiVersion: v1
kind: Service
metadata:
  name: prom-proxy
  namespace: example
  labels:
    app: prom-proxy
spec:
  selector:
    app: prom-proxy
  ports:
    - protocol: "TCP"
      port: 9090
      nodePort: 30090
      targetPort: 9090
  type: NodePort
---
apiVersion: v1
kind: Service
metadata:
  name: prom-proxy-metrics
  namespace: example
  labels:
    app: prom-proxy
spec:
  selector:
    app: prom-proxy
  ports:
    - protocol: "TCP"
      port: 80
      targetPort: 2112
  type: ClusterIP

Example Deployment:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: prom-proxy
  namespace: example
  labels:
    app: prom-proxy
spec:
  replicas: 1
  selector:
    matchLabels:
      app: prom-proxy
  template:
    metadata:
      labels:
        app: prom-proxy
        component: idx
    spec:
      containers:
        - name: prom-proxy
          image: txn2/p3y:1.0.0
          imagePullPolicy: IfNotPresent
          args: [
            "-port=9090",
            "-backend=http://prometheus:9090",
            "-username=somebody",
            "-password=goodlongpassword",
            "-tls",
            "-crt=/cert/server.crt",
            "-key=/cert/server.key"
          ]
          ports:
            - name: http
              containerPort: 9090
            - name: metrics
              containerPort: 2112
          volumeMounts:
            - name: prom-proxy-cert
              mountPath: "/cert"
      volumes:
        - name: prom-proxy-cert
          secret:
            secretName: prom-proxy-cert

TLS Configuration

If you have specific TLS requirements you can specify them in a configuration file. p3y proxy supports TLS 1.0 (VersionTLS10), 1.1 (VersionTLS11) and 1.2 (VersionTLS12).

Example:

-tlsCfg /cfg/tls.yml

tls.yml:

min: VersionTLS12
max: VersionTLS12
curvePreferences:
  - CurveP521
  - CurveP384
  - CurveP256
ciphers:
  - TLS_RSA_WITH_RC4_128_SHA
  - TLS_RSA_WITH_3DES_EDE_CBC_SHA
  - TLS_RSA_WITH_AES_128_CBC_SHA
  - TLS_RSA_WITH_AES_256_CBC_SHA
  - TLS_RSA_WITH_AES_128_CBC_SHA256
  - TLS_RSA_WITH_AES_128_GCM_SHA256
  - TLS_RSA_WITH_AES_256_GCM_SHA384
  - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
  - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  - TLS_ECDHE_RSA_WITH_RC4_128_SHA
  - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
  - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305

Development

Test Release

goreleaser --skip-publish --rm-dist --skip-validate

Release

GITHUB_TOKEN=$GITHUB_TOKEN goreleaser --rm-dist
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].