goprivateproxy

README

goprivateproxy

A Go-based reverse proxy and AWS PrivateLink replacement running as a systemd service on EC2 instances. Includes rate limiting, bot blocking, and dynamic routing based on subdomains and paths.

Requirements

• Go 1.20 or later

Features

• Reverse proxy for handling incoming requests
• Rate limiting to prevent abuse
• Bot blocking based on user-agent strings
• Dynamic routing based on subdomains and paths
• Configurable via a YAML configuration file

Installation

1. Clone the repository:

   git clone https://github.com/dutchdata/goprivateproxy.git
   cd goprivateproxy
   

2. Create a configuration file:

   cp config.yaml.example config.yaml
   

3. Edit config.yaml according to your subnet and requirements:

   The configuration file supports the following fields:

   • port: The port on which the proxy server listens.
   • limiter: Rate limiting configuration, with rps (requests per second) and burst values.
   • botBlockList: A list of user-agent substrings to block.
   • permittedBots: A list of user-agent substrings to allow.
   • otherRoutes: A list of routes for subdomains and paths.
   • ip: Target IP address.
   • port: Target port.
   • path: Path or subdomain for routing.
   • defaultRoute: Default route configuration.
   • ip: Default target IP address.
   • port: Default target port.

Getting Started

Fetch config and create the server

package main

import "github.com/dutchdata/goprivateproxy"

func main() {
	config := GetConfig()
	server := NewServer(config)
	server.Start()
}

Build the binary

go build

Run to test your configuration

./goprivateproxy -config config.yaml

Set up as a systemd service

/etc/systemd/system/goprivateproxy.service

[Unit]
Description=Go Proxy Service

[Service]
ExecStart=/home/ec2-user/goprivateproxy/goprivateproxy -config /home/ec2-user/goprivateproxy/config.yaml
Restart=always
User=ec2-user
Group=ec2-user
WorkingDirectory=/home/ec2-user/goprivateproxy/

[Install]
WantedBy=multi-user.target

Start the service

sudo systemctl daemon-reload
sudo systemctl enable goprivateproxy
sudo systemctl start goprivateproxy

Check logs

journalctl -u goprivateproxy.service -f

License

This project is licensed under the MIT License - see the LICENSE file for details.

Documentation

Overview

Package privatelinkproxy is a Go-based reverse proxy and AWS PrivateLink replacement running as a systemd service on EC2 instances. Includes rate limiting, bot blocking, and dynamic routing based on subdomains and paths.

Index

• type Config
  • func GetConfig() Config
• type LimiterConfig
• type Route
• type Server
  • func NewServer(config Config) *Server
  • func (s *Server) Start()

Types

type Config

type Config struct {
	Port          int           `yaml:"port"`
	Limiter       LimiterConfig `yaml:"limiter"`
	BotBlockList  []string      `yaml:"botBlockList"`
	PermittedBots []string      `yaml:"permittedBots"`
	OtherRoutes   []Route       `yaml:"otherRoutes"`
	DefaultRoute  Route         `yaml:"defaultRoute"`
}

Config holds the server configuration.

func GetConfig

func GetConfig() Config

GetConfig fetches configuration details from config.yaml.

type LimiterConfig

type LimiterConfig struct {
	RPS   int `yaml:"rps"`
	Burst int `yaml:"burst"`
}

LimiterConfig represents the rate limiter configuration.

type Route

type Route struct {
	IP   string `yaml:"ip"`
	Port int    `yaml:"port"`
	Path string `yaml:"path"`
}

Route represents the target IP, port, and path for a route.

type Server

type Server struct {
	Config Config
}

Server represents the reverse proxy server.

func NewServer

func NewServer(config Config) *Server

NewServer initializes a new Server instance.

func (*Server) Start

func (s *Server) Start()

Start runs the HTTP server.