Documentation
¶
Index ¶
- Constants
- func CORSHandler(cors Cors) mux.MiddlewareFunc
- func CheckConfig(fileName string) error
- func GetConfigPaths() string
- func InitConfig(configFile string) error
- func NewRoundRobinReverseProxy(proxyRoute ProxyRoute, r *http.Request) (*httputil.ReverseProxy, error)
- func NewWeightedReverseProxy(proxyRoute ProxyRoute, r *http.Request) (*httputil.ReverseProxy, error)
- func ProxyErrorHandler(w http.ResponseWriter, r *http.Request, err error)
- type AccessPolicyRuleMiddleware
- type AccessRuleMiddleware
- type AddPrefixRuleMiddleware
- type Backend
- type Backends
- type BasicRuleMiddleware
- type BodyLimitRuleMiddleware
- type Cors
- type EntryPoint
- type EntryPointAddress
- type ExtraMiddleware
- type ExtraRoute
- type ExtraRouteConfig
- type ForwardAuthRuleMiddleware
- type Gateway
- type GatewayConfig
- type GatewayServer
- type Health
- type HealthCheckResponse
- type HealthCheckRoute
- type HealthCheckRouteResponse
- type JWTRuleMiddleware
- type JWTSecret
- type Middleware
- type OauthEndpoint
- type OauthRulerMiddleware
- type ProxyHandler
- type ProxyRoute
- type RateLimitRuleMiddleware
- type RedirectSchemeRuleMiddleware
- type Redis
- type RewriteRegexRuleMiddleware
- type Route
- type RouteHealthCheck
- type Router
- type TLS
- type UserInfo
Constants ¶
View Source
const ( AccessMiddleware = "access" // access middlewares BasicAuth = "basic" // basic authentication middlewares JWTAuth = "jwt" // JWT authentication middlewares OAuth = "oauth" // OAuth authentication middlewares )
Middlewares type
View Source
const CertsPath = ConfigDir + "/certs"
View Source
const ConfigDir = "/etc/goma/" // Default configuration file
View Source
const ConfigFile = "/etc/goma/goma.yml" // Default configuration file
View Source
const ExtraDir = ConfigDir + "extra"
Variables ¶
This section is empty.
Functions ¶
func CORSHandler ¶
func CORSHandler(cors Cors) mux.MiddlewareFunc
CORSHandler handles CORS headers for incoming requests
Adds CORS headers to the response dynamically based on the provided headers map[string]string
func CheckConfig ¶ added in v0.1.8
CheckConfig checks configs
func GetConfigPaths ¶
func GetConfigPaths() string
func NewRoundRobinReverseProxy ¶ added in v0.2.8
func NewRoundRobinReverseProxy(proxyRoute ProxyRoute, r *http.Request) (*httputil.ReverseProxy, error)
NewRoundRobinReverseProxy creates a reverse proxy that uses a round-robin load balancing algorithm.
func NewWeightedReverseProxy ¶ added in v0.2.8
func NewWeightedReverseProxy(proxyRoute ProxyRoute, r *http.Request) (*httputil.ReverseProxy, error)
NewWeightedReverseProxy creates a reverse proxy that uses a weighted load balancing algorithm.
func ProxyErrorHandler ¶
func ProxyErrorHandler(w http.ResponseWriter, r *http.Request, err error)
ProxyErrorHandler catches backend errors and returns a custom response
Types ¶
type AccessPolicyRuleMiddleware ¶ added in v0.2.4
type AccessPolicyRuleMiddleware struct {
Action string `yaml:"action,omitempty"` // action, ALLOW or DENY
SourceRanges []string `yaml:"sourceRanges"` // list of Ips
}
AccessPolicyRuleMiddleware access policy
type AccessRuleMiddleware ¶
type AccessRuleMiddleware struct {
StatusCode int `yaml:"statusCode,omitempty"` // HTTP Response code
}
type AddPrefixRuleMiddleware ¶ added in v0.2.5
type AddPrefixRuleMiddleware struct {
Prefix string `yaml:"prefix"`
}
type Backend ¶ added in v0.2.8
type Backend struct {
// Endpoint defines the endpoint of the backend
Endpoint string `yaml:"endpoint,omitempty"`
// EndPointD
// Deprecated, use Endpoint, replaced by endpoint in YAML
EndPointD string `yaml:"endPoint,omitempty"`
// Weight defines Weight for weighted algorithm, it optional
Weight int `yaml:"weight,omitempty"`
// contains filtered or unexported fields
}
Backend defines backend server to route traffic to
type Backends ¶ added in v0.2.8
type Backends []Backend
Backends defines List of backend servers to route traffic to
func (Backends) AvailableBackend ¶ added in v0.2.8
AvailableBackend returns a list of backends that are not marked as unavailable.
func (Backends) HasPositiveWeight ¶ added in v0.2.8
HasPositiveWeight checks if at least one backend has a positive weight.
func (Backends) SelectBackend ¶ added in v0.2.8
SelectBackend selects a backend based on weighted randomization.
func (Backends) TotalWeight ¶ added in v0.2.8
TotalWeight calculates the total weight of all backends.
type BasicRuleMiddleware ¶
type BodyLimitRuleMiddleware ¶ added in v0.2.9
type BodyLimitRuleMiddleware struct {
Limit string `yaml:"limit"`
}
type Cors ¶
type Cors struct {
// Cors Allowed origins,
// e.g:
//
// - http://localhost:80
//
// - https://example.com
Origins []string `yaml:"origins"`
//
// e.g:
//
// Access-Control-Allow-Origin: '*'
//
// Access-Control-Allow-Methods: 'GET, POST, PUT, DELETE, OPTIONS'
//
// Access-Control-Allow-Cors: 'Content-Type, Authorization'
Headers map[string]string `yaml:"headers"`
}
type EntryPoint ¶ added in v0.2.9
type EntryPoint struct {
Web EntryPointAddress `yaml:"web,omitempty"`
WebSecure EntryPointAddress `yaml:"webSecure,omitempty"`
}
func (EntryPoint) Validate ¶ added in v0.2.9
func (p EntryPoint) Validate()
type EntryPointAddress ¶ added in v0.2.9
type EntryPointAddress struct {
Address string `yaml:"address,omitempty"`
}
type ExtraMiddleware ¶ added in v0.2.2
type ExtraMiddleware struct {
// Routes holds proxy routes
Middlewares []Middleware `yaml:"middlewares"`
}
type ExtraRoute ¶ added in v0.2.1
type ExtraRoute struct {
// Routes holds proxy routes
Routes []Route `yaml:"routes"`
}
type ExtraRouteConfig ¶ added in v0.2.1
ExtraRouteConfig contains additional routes and middlewares directory
type ForwardAuthRuleMiddleware ¶ added in v0.2.5
type ForwardAuthRuleMiddleware struct {
AuthURL string `yaml:"authUrl"`
AuthSignIn string `yaml:"authSignIn,omitempty"`
EnableHostForwarding bool `yaml:"enableHostForwarding,omitempty"`
SkipInsecureVerify bool `yaml:"skipInsecureVerify,omitempty"`
AuthRequestHeaders []string `yaml:"authRequestHeaders,omitempty"`
AddAuthCookiesToResponse []string `yaml:"addAuthCookiesToResponse,omitempty"`
AuthResponseHeaders []string `yaml:"authResponseHeaders,omitempty"`
AuthResponseHeadersAsParams []string `yaml:"authResponseHeadersAsParams,omitempty"`
}
type Gateway ¶
type Gateway struct {
// SSLCertFile specifies the SSL certificate file.
// Deprecated: Use TlsCertFile instead.
SSLCertFile string `yaml:"sslCertFile,omitempty" env:"GOMA_SSL_CERT_FILE, overwrite"`
// SSLKeyFile specifies the SSL private key file.
// Deprecated: Use TlsKeyFile instead.
SSLKeyFile string `yaml:"sslKeyFile,omitempty" env:"GOMA_SSL_KEY_FILE, overwrite"`
// TlsCertFile specifies the TLS certificate file.
// Deprecated: Use TLS instead.
TlsCertFile string `yaml:"tlsCertFile,omitempty" env:"GOMA_TLS_CERT_FILE, overwrite"`
// TlsKeyFile specifies the TLS private key file.
// Deprecated: Use TLS instead.
TlsKeyFile string `yaml:"tlsKeyFile,omitempty" env:"GOMA_TLS_KEY_FILE, overwrite"`
// TLS specifies a list of tls certificate, cert and key
TLS TLS `yaml:"tls,omitempty"`
// Redis contains the configuration details for the Redis database.
Redis Redis `yaml:"redis,omitempty"`
// WriteTimeout defines the timeout (in seconds) for writing responses to clients.
WriteTimeout int `yaml:"writeTimeout" env:"GOMA_WRITE_TIMEOUT, overwrite"`
// ReadTimeout defines the timeout (in seconds) for reading requests from clients.
ReadTimeout int `yaml:"readTimeout" env:"GOMA_READ_TIMEOUT, overwrite"`
// IdleTimeout defines the timeout (in seconds) for idle connections.
IdleTimeout int `yaml:"idleTimeout" env:"GOMA_IDLE_TIMEOUT, overwrite"`
// RateLimit specifies the maximum number of requests allowed per minute.
RateLimit int `yaml:"rateLimit,omitempty" env:"GOMA_RATE_LIMIT, overwrite"` // Deprecated
// BlockCommonExploits enables or disables blocking of common exploit patterns.
BlockCommonExploits bool `yaml:"blockCommonExploits,omitempty"`
// AccessLog specifies the file path for access logs.
AccessLog string `yaml:"accessLog,omitempty" env:"GOMA_ACCESS_LOG, overwrite"`
// ErrorLog specifies the file path for error logs.
ErrorLog string `yaml:"errorLog,omitempty" env:"GOMA_ERROR_LOG=, overwrite"`
// LogLevel defines the logging level (e.g., info, debug, trace, off).
LogLevel string `yaml:"logLevel" env:"GOMA_LOG_LEVEL, overwrite"`
// DisableHealthCheckStatus enables or disables health checks for routes.
DisableHealthCheckStatus bool `yaml:"disableHealthCheckStatus,omitempty"`
// DisableRouteHealthCheckError enables or disables logging of backend health check errors.
DisableRouteHealthCheckError bool `yaml:"disableRouteHealthCheckError,omitempty"`
// DisableDisplayRouteOnStart enables or disables the display of routes during server startup.
DisableDisplayRouteOnStart bool `yaml:"disableDisplayRouteOnStart,omitempty"`
// DisableKeepAlive enables or disables the HTTP Keep-Alive functionality.
DisableKeepAlive bool `yaml:"disableKeepAlive,omitempty"`
// EnableStrictSlash enables or disables strict routing and trailing slashes.
//
// When enabled, the router will match the path with or without a trailing slash.
EnableStrictSlash bool `yaml:"enableStrictSlash,omitempty"`
// EnableMetrics enables or disables server metrics collection.
EnableMetrics bool `yaml:"enableMetrics,omitempty"`
EntryPoints EntryPoint `yaml:"entryPoints,omitempty"`
// InterceptErrors holds the status codes to intercept backend errors.
// Deprecated: Use ErrorInterceptor for advanced error handling.
InterceptErrors []int `yaml:"interceptErrors,omitempty"`
// ErrorInterceptor provides advanced error-handling configuration for intercepted backend errors.
ErrorInterceptor middlewares.RouteErrorInterceptor `yaml:"errorInterceptor,omitempty"`
// Cors defines the global Cross-Origin Resource Sharing (CORS) configuration for the gateway.
Cors Cors `yaml:"cors,omitempty"`
// ExtraRoutes specifies additional routes from a directory.
// Deprecated: Use ExtraConfig for a broader configuration scope.
ExtraRoutes ExtraRouteConfig `yaml:"extraRoutes,omitempty"`
// ExtraConfig provides additional configuration, including routes and middleware, from a specified directory.
ExtraConfig ExtraRouteConfig `yaml:"extraConfig,omitempty"`
// Routes defines the list of proxy routes.
Routes []Route `yaml:"routes"`
}
Gateway contains the configuration options for the Goma Proxy Gateway.
type GatewayConfig ¶
type GatewayConfig struct {
Version string `yaml:"version"`
// GatewayConfig holds Gateway config
GatewayConfig Gateway `yaml:"gateway"`
// Middlewares holds proxy middlewares
Middlewares []Middleware `yaml:"middlewares"`
}
type GatewayServer ¶
type GatewayServer struct {
// contains filtered or unexported fields
}
func (GatewayServer) Config ¶
func (GatewayServer) Config(configFile string, ctx context.Context) (*GatewayServer, error)
Config reads config file and returns Gateway
func (GatewayServer) Initialize ¶
func (gatewayServer GatewayServer) Initialize() error
Initialize initializes the routes
func (GatewayServer) SetEnv ¶ added in v0.1.8
func (gatewayServer GatewayServer) SetEnv()
SetEnv sets environment variables
func (GatewayServer) Start ¶
func (gatewayServer GatewayServer) Start() error
Start / Start starts the server
type Health ¶ added in v0.1.10
type Health struct {
Name string
URL string
TimeOut time.Duration
Interval string
HealthyStatuses []int
InsecureSkipVerify bool
}
Health represents the health check content for a route
type HealthCheckResponse ¶
type HealthCheckResponse struct {
Status string `json:"status"`
Routes []HealthCheckRouteResponse `json:"routes"`
}
HealthCheckResponse represents the health check response structure
type HealthCheckRoute ¶
func (HealthCheckRoute) HealthCheckHandler ¶
func (heathRoute HealthCheckRoute) HealthCheckHandler(w http.ResponseWriter, r *http.Request)
HealthCheckHandler handles health check of routes
func (HealthCheckRoute) HealthReadyHandler ¶
func (heathRoute HealthCheckRoute) HealthReadyHandler(w http.ResponseWriter, r *http.Request)
type HealthCheckRouteResponse ¶
type HealthCheckRouteResponse struct {
Name string `json:"name"`
Status string `json:"status"`
Error string `json:"error"`
}
HealthCheckRouteResponse represents the health check response for a route
type JWTRuleMiddleware ¶
type JWTRuleMiddleware struct {
Alg string
Secret string `yaml:"secret,omitempty"`
PublicKey string `yaml:"publicKey,omitempty"`
JwksUrl string `yaml:"jwksUrl,omitempty"`
ForwardAuthorization bool `yaml:"forwardAuthorization,omitempty"`
}
JWTRuleMiddleware authentication using HTTP GET method
JWTRuleMiddleware contains the authentication details
type Middleware ¶
type Middleware struct {
// Name specifies the unique name of the middleware.
Name string `yaml:"name"`
// Type indicates the type of middleware.
// Supported types: "basic", "jwt", "oauth", "rateLimit", "access", "accessPolicy.
Type string `yaml:"type"`
// Paths lists the routes or paths that this middleware will protect.
Paths []string `yaml:"paths,omitempty"`
// Rule represents the specific configuration or rules for the middleware.
// The structure of Rule depends on the middleware Type. For example:
// - "rateLimit" might use a struct defining rate limits.
// - "accessPolicy" could use a struct specifying accessPolicy control rules.
Rule interface{} `yaml:"rule,omitempty"`
}
Middleware defines the route middlewares configuration.
func GetMiddleware ¶
func GetMiddleware(rule string, middlewares []Middleware) (Middleware, error)
type OauthEndpoint ¶ added in v0.1.6
type OauthRulerMiddleware ¶ added in v0.1.6
type OauthRulerMiddleware struct {
// ClientID is the application's ID.
ClientID string `yaml:"clientId"`
// ClientSecret is the application's secret.
ClientSecret string `yaml:"clientSecret"`
// oauth provider google, gitlab, github, amazon, facebook, custom
Provider string `yaml:"provider"`
// Endpoint contains the resource server's token endpoint
Endpoint OauthEndpoint `yaml:"endpoint"`
// RedirectURL is the URL to redirect users going through
// the OAuth flow, after the resource owner's URLs.
RedirectURL string `yaml:"redirectUrl"`
// RedirectPath is the PATH to redirect users after authentication, e.g: /my-protected-path/dashboard
RedirectPath string `yaml:"redirectPath"`
// CookiePath e.g: /my-protected-path or / || by default is applied on a route path
CookiePath string `yaml:"cookiePath"`
// Scope specifies optional requested permissions.
Scopes []string `yaml:"scopes"`
// contains filtered or unexported fields
State string `yaml:"state"`
JWTSecret string `yaml:"jwtSecret"`
}
type ProxyHandler ¶ added in v0.2.9
type ProxyHandler struct {
Name string
Enabled bool
ContentType string
Errors []middlewares.RouteError
Origins []string
}
type ProxyRoute ¶
type ProxyRoute struct {
// contains filtered or unexported fields
}
func (ProxyRoute) ProxyHandler ¶
func (proxyRoute ProxyRoute) ProxyHandler() http.HandlerFunc
ProxyHandler is the main handler for proxying incoming HTTP requests. It handles method validation, CORS headers, backend selection, and request rewriting.
type RateLimitRuleMiddleware ¶ added in v0.2.2
type RedirectSchemeRuleMiddleware ¶ added in v0.2.9
type RewriteRegexRuleMiddleware ¶ added in v0.2.7
type Route ¶
type Route struct {
// Path specifies the route's path.
Path string `yaml:"path"`
// Rewrite rewrites the incoming request path to a desired path.
//
// For example, `/cart` to `/` rewrites `/cart` to `/`.
// Name provides a descriptive name for the route.
Name string `yaml:"name"`
// Priority, Determines route matching order
Priority int `yaml:"priority,omitempty"`
// Disabled specifies whether the route is disabled.
Disabled bool `yaml:"disabled"`
// Hosts lists domains or hosts for request routing.
Hosts []string `yaml:"hosts"`
// Cors defines the route-specific Cross-Origin Resource Sharing (CORS) settings.
Cors Cors `yaml:"cors,omitempty"`
Rewrite string `yaml:"rewrite,omitempty"`
// Methods specifies the HTTP methods allowed for this route (e.g., GET, POST).
Methods []string `yaml:"methods"`
// Destination defines the primary backend URL for this route.
Destination string `yaml:"destination,omitempty"` // Deprecated, use Backends
// Backends specifies a list of backend URLs for load balancing.
Backends Backends `yaml:"backends"`
// InsecureSkipVerify disables SSL/TLS verification for the backend.
InsecureSkipVerify bool `yaml:"insecureSkipVerify"`
// HealthCheck contains configuration for monitoring the health of backends.
HealthCheck RouteHealthCheck `yaml:"healthCheck,omitempty"`
// RateLimit specifies the maximum number of requests allowed per minute for this route.
RateLimit int `yaml:"rateLimit,omitempty"` // Deprecated
// DisableHostForwarding disables the forwarding of host-related headers.
//
// The headers affected are:
// - X-Forwarded-Host
// - X-Forwarded-For
// - Host
// - Scheme
//
// If disabled, the backend may not match routes correctly.
DisableHostForwarding bool `yaml:"disableHostForwarding"`
// DisableHostFording is deprecated and replaced by DisableHostForwarding.
DisableHostFording bool `yaml:"disableHostFording,omitempty"` // Deprecated
// InterceptErrors contains HTTP status codes for intercepting backend errors.
// Deprecated: Use ErrorInterceptor for more advanced error handling.
InterceptErrors []int `yaml:"interceptErrors,omitempty"`
// ErrorInterceptor provides configuration for handling backend errors.
ErrorInterceptor middlewares.RouteErrorInterceptor `yaml:"errorInterceptor,omitempty"`
// BlockCommonExploits enables or disables blocking of common exploit patterns
// such as SQL injection or simple XSS attempts.
BlockCommonExploits bool `yaml:"blockCommonExploits,omitempty"`
EnableBotDetection bool `yaml:"enableBotDetection,omitempty"`
TLS TLS `yaml:"tls,omitempty"`
// Middlewares lists middleware names to apply to this route.
Middlewares []string `yaml:"middlewares"`
}
Route defines a gateway route configuration.
type RouteHealthCheck ¶ added in v0.1.8
Source Files
¶
- check_config.go
- config.go
- cors_type.go
- extra_config.go
- gateway_type.go
- handler.go
- healthcheck.go
- helpers.go
- jwt.go
- middleware.go
- middleware_type.go
- proxy.go
- proxy_handler.go
- proxy_route_type.go
- redis.go
- route_config.go
- route_type.go
- router.go
- router_type.go
- routes.go
- server.go
- tls.go
- types.go
- var.go
- watcher.go
Directories
Click to show internal directories.
Click to hide internal directories.