proxyd

command module
v0.0.0-...-23e34da Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 23, 2021 License: MIT Imports: 9 Imported by: 0

README

proxyd

proxyd proxies data between TCP, TLS, and unix sockets

TLS termination:     Connecting to a remote application's unix socket:
   +---------+         +----------+        +----------+
   |         |         |          |        |          |
->TLS -> TCP |         | -> unix -+------>TLS -> unix |
   |         |         |          |        |          |
   +---------+         +----------+        +----------+
                                                                     _
Proxying through an encrypted pipe:                                 | |
                                       _ __  _ __ _____  ___   _  __| |
   +---------+      +---------+       | '_ \| '__/ _ \ \/ / | | |/ _` |
   |         |      |         |       | |_) | | | (_) >  <| |_| | (_| |
->TCP -------+---> TLS -> TCP |       | .__/|_|  \___/_/\_\\__, |\__,_|
   |         |      |         |       | |                   __/ |
   +---------+      +---------+       |_|                  |___/

Usage

$ proxyd --help
Usage of proxyd:
  -config string
        name of configuration file (default "proxyd_config.json")

proxyd takes a file with a configuration object that describes listeners and proxies. The object is in the form of a ServicePack.

Examples

Listen on a port and forward to another host

[
	{
		"Front": "tcp://0.0.0.0:80",
		"Back": "tcp://192.168.1.2:8080",
	}
]

Accept TCP connections and forward to a local TLS server without verification

[
	{
		"Front": "tcp://0.0.0.0:80",
		"Back": "tls://127.0.0.1:443",
		"BackConfig": {
			"InsecureSkipVerify": "true"
		}
	}
]

Terminate TLS

[
	{
		"Front": "tls://0.0.0.0:443",
		"Back": "tcp://127.0.0.1:80",
		"FrontConfig": {
			"CERT": "-----BEGIN CERTIFICATE-----\n...",
			"KEY": "-----BEGIN RSA PRIVATE KEY-----\n..."
		}
	}
]

Terminate TLS with client certificate verification

Serve the same unix socket on 80 and 443 with TLS

[
	{
		"Front": "tcp://0.0.0.0:80",
		"Back": "unix:///tmp/ipc.sock"
	},
	{
		"Front": "tls://0.0.0.0:443",
		"Back": "unix:///tmp/ipc.sock",
		"FrontConfig": {
			"CERT": "-----BEGIN CERTIFICATE-----\n...",
			"KEY": "-----BEGIN RSA PRIVATE KEY-----\n..."
		}
	}
]

Supported TLS features

Tests

$ go test -race -cover .
ok      github.com/hkparker/proxyd      1.016s  coverage: 59.6% of statements

Documentation

The Go Gopher

There is no documentation for this package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL