Go Proxy Cache
Simple Reverse Proxy with Caching, written in Go, using Redis.
>>> (semi) production-ready <<<
How it works
When the request is not cached:
.---------. .---------. .---------.
| | | | | |
| | | | | |
you ---->|---->----|--->---|---->----|--->---|-->--. |
| | | | | | |
<----|----<----|---<---|----<----|---<---|--<--' |
`---------´ `---------´ `---------´
network go-proxy-cache redis
When the request is cached:
website
_
| |
.----+-+--. .---------. .---------.
| | '->|--->---|---->----|--->---|-->--, |
| '-<--|---<---|<--, | | | |
| | | | | | | |
you ---->|---->----|--->---|---' | | | |
| | | | | | |
<----|----<----|---<---|----<----|---<---|--<--' |
`---------´ `---------´ `---------´
network go-proxy-cache redis
Features
Small, Pragmatic and Easy to Use
- Dockerized
- Compiled
- Easily Configurable, via YAML or Environment Variables.
- Self-Contained, does not require Go, Git or any other software installed. Just run the binary or the container.
Caching
- Full Page Caching, via Redis.
- Cache Invalidation, by calling HTTP Method
PURGE
on the resource URI.
- Support Chunking, by replicating exactly the same original amount.
- Selective HTTP Status Codes/Methods, allows caching for different response codes or HTTP methods.
Load Balancing
- HTTP & HTTPS Forward Traffic
- Load Balancing, uses a list of IPs/Hostnames as load balanced backend servers (supported only Round-Robin).
Security
- HTTP/2 Support
- SSL/TLS Certificates via ACME, provides automatic generation of SSL/TLS certificates from Let's Encrypt and any other ACME-based CA.
- Using your own SSL/TLS Certificates, optional.
Reliability
- Healthcheck Endpoint, exposes the route
/healthcheck
(optional).
- Respecting HTTP Cache Headers,
Vary
, Cache-Control
and Expires
.
- Fully Tested, Unit, Functional & Linted & 0 Race Conditions Detected.
- Cache Circuit Breaker, bypassing Redis when not available.
Scaling
- Multiple domains, override and fine-tune the global settings per domain.
Customisations
- HTTP to HTTPS Redirects, optional, status code to be used when redirecting HTTP to HTTPS.
- GZip Compression, optional.
- Server Timeouts, it is possible to configure in details the server overall timeouts (read, write, headers, handler, idle).
- Fine tuning circuit-breaker and TLS settings, it is possible to adjust the settings about thresholds, timeouts and failure rate.
- Configure error handler, stdout or file.
- Debug/Verbose mode, it is possible to have additional levels of details by settings the flags
-verbose
or -debug
.
Configuration
YAML
This is a simple (and not comprehensive) configuration:
server:
port:
http: "80"
https: "443"
tls:
cert_file: server.pem
key_file: server.key
upstream:
host: ~
port: 443
scheme: https
endpoints:
- 127.0.0.1
http_to_https: true
redirect_status_code: 301
cache:
host: localhost
domains:
example_com:
server:
upstream:
host: example.com
example_org:
server:
upstream:
host: example.org
For more details about the full server configuration check the relative documentation in docs/CONFIGURATION.md
Examples
CLI
$ go-proxy-cache -h
Usage of go-proxy-cache:
-config string
config file (default "config.yml")
-debug
enable debug
-log string
log file (default stdout)
-test
test configuration
-verbose
enable verbose
-version
display version
[...]
For examples check the relative documentation in docs/EXAMPLES.md
Release Cycle
- Bug-fixes (e.g.
1.1.1
, 1.1.2
, 1.2.1
, 1.2.3
) are released as needed (no additional features are delivered in those versions, bug-fixes only).
- Each version is supported until the next one is released (e.g.
1.1.x
will be supported until 1.2.0
is out).
- We use Semantic Versioning.
Common Errors
acme/autocert: server name component count invalid
Let's Encrypt cannot be used locally, as described in this thread
acme/autocert: missing certificate
Let's Encrypt cannot be used locally, as described in this thread
501 Not Implemented
If there's no domain defined in the main configuration nor in the domain overrides, and a client will request an
unknown domain the status 501
is returned.
References
License
MIT License
Copyright (c) 2020 Fabio Cicerchia info@fabiocicerchia.it
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.