Documentation
¶
Index ¶
- type ACMEClient
- func (a *ACMEClient) CheckAndRenewCertificates() error
- func (a *ACMEClient) ObtainCertificate(domains []string) (*types.TLSCertificate, error)
- func (a *ACMEClient) RenewCertificate(cert *types.TLSCertificate) (*types.TLSCertificate, error)
- func (a *ACMEClient) SaveACMEAccount() error
- func (a *ACMEClient) StartRenewalJob()
- type ACMEUser
- type Backend
- type HTTP01Provider
- type LoadBalancer
- type Middleware
- func (m *Middleware) AddProxyHeaders(r *http.Request)
- func (m *Middleware) ApplyHeaderManipulation(r *http.Request, config *types.HeaderManipulation)
- func (m *Middleware) ApplyPathRewrite(r *http.Request, config *types.PathRewrite)
- func (m *Middleware) CheckAccessControl(r *http.Request, config *types.AccessControl) (bool, string)
- func (m *Middleware) CheckRateLimit(r *http.Request, config *types.RateLimit) bool
- func (m *Middleware) CleanupRateLimiters()
- func (m *Middleware) StartCleanupJob()
- type Proxy
- type Router
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ACMEClient ¶
type ACMEClient struct {
// contains filtered or unexported fields
}
ACMEClient manages Let's Encrypt certificate issuance and renewal
func NewACMEClient ¶
NewACMEClient creates a new ACME client
func (*ACMEClient) CheckAndRenewCertificates ¶
func (a *ACMEClient) CheckAndRenewCertificates() error
CheckAndRenewCertificates checks all auto-renewable certificates and renews if needed
func (*ACMEClient) ObtainCertificate ¶
func (a *ACMEClient) ObtainCertificate(domains []string) (*types.TLSCertificate, error)
ObtainCertificate requests a new certificate from Let's Encrypt
func (*ACMEClient) RenewCertificate ¶
func (a *ACMEClient) RenewCertificate(cert *types.TLSCertificate) (*types.TLSCertificate, error)
RenewCertificate renews an existing certificate
func (*ACMEClient) SaveACMEAccount ¶
func (a *ACMEClient) SaveACMEAccount() error
SaveACMEAccount saves the ACME account to storage as a secret
func (*ACMEClient) StartRenewalJob ¶
func (a *ACMEClient) StartRenewalJob()
StartRenewalJob starts a background job that checks for certificate renewal
type ACMEUser ¶
type ACMEUser struct {
Email string
Registration *registration.Resource
// contains filtered or unexported fields
}
ACMEUser implements the required user interface for ACME registration
func (*ACMEUser) GetPrivateKey ¶
func (u *ACMEUser) GetPrivateKey() crypto.PrivateKey
func (*ACMEUser) GetRegistration ¶
func (u *ACMEUser) GetRegistration() *registration.Resource
type HTTP01Provider ¶
type HTTP01Provider struct {
// contains filtered or unexported fields
}
HTTP01Provider implements the lego HTTP-01 challenge provider interface
func NewHTTP01Provider ¶
func NewHTTP01Provider(proxy *Proxy) *HTTP01Provider
NewHTTP01Provider creates a new HTTP-01 challenge provider
func (*HTTP01Provider) CleanUp ¶
func (p *HTTP01Provider) CleanUp(domain, token, keyAuth string) error
CleanUp removes the HTTP-01 challenge after verification
func (*HTTP01Provider) GetKeyAuth ¶
func (p *HTTP01Provider) GetKeyAuth(domain, token string) (string, bool)
GetKeyAuth retrieves the key authorization for a given domain and token
func (*HTTP01Provider) Present ¶
func (p *HTTP01Provider) Present(domain, token, keyAuth string) error
Present presents the HTTP-01 challenge by storing it for the proxy to serve
type LoadBalancer ¶
type LoadBalancer struct {
// contains filtered or unexported fields
}
LoadBalancer handles backend selection and load balancing
func NewLoadBalancer ¶
func NewLoadBalancer(managerAddr string, grpcClient *grpc.ClientConn) *LoadBalancer
NewLoadBalancer creates a new load balancer
func (*LoadBalancer) SelectBackend ¶
func (lb *LoadBalancer) SelectBackend(ctx context.Context, serviceName string, port int) (string, error)
SelectBackend selects a backend for the given service Returns the backend IP:port or error
type Middleware ¶
type Middleware struct {
// contains filtered or unexported fields
}
Middleware handles request modification, rate limiting, and access control
func NewMiddleware ¶
func NewMiddleware() *Middleware
NewMiddleware creates a new middleware handler
func (*Middleware) AddProxyHeaders ¶
func (m *Middleware) AddProxyHeaders(r *http.Request)
AddProxyHeaders adds standard proxy headers (X-Forwarded-For, X-Real-IP, etc.)
func (*Middleware) ApplyHeaderManipulation ¶
func (m *Middleware) ApplyHeaderManipulation(r *http.Request, config *types.HeaderManipulation)
ApplyHeaderManipulation applies header manipulation rules to the request
func (*Middleware) ApplyPathRewrite ¶
func (m *Middleware) ApplyPathRewrite(r *http.Request, config *types.PathRewrite)
ApplyPathRewrite applies path rewriting rules to the request
func (*Middleware) CheckAccessControl ¶
func (m *Middleware) CheckAccessControl(r *http.Request, config *types.AccessControl) (bool, string)
CheckAccessControl checks if the request is allowed based on IP access control
func (*Middleware) CheckRateLimit ¶
CheckRateLimit checks if the request should be rate limited
func (*Middleware) CleanupRateLimiters ¶
func (m *Middleware) CleanupRateLimiters()
CleanupRateLimiters removes old rate limiters (call periodically)
func (*Middleware) StartCleanupJob ¶
func (m *Middleware) StartCleanupJob()
StartCleanupJob starts a background job to clean up old rate limiters
type Proxy ¶
type Proxy struct {
// contains filtered or unexported fields
}
Proxy is the main HTTP reverse proxy
func (*Proxy) ReloadIngresses ¶
ReloadIngresses reloads the ingress rules from storage
func (*Proxy) ReloadTLSCertificates ¶
ReloadTLSCertificates reloads TLS certificates from storage
type Router ¶
type Router struct {
// contains filtered or unexported fields
}
Router handles request routing based on host and path
func (*Router) Route ¶
func (r *Router) Route(host, path string) *types.IngressPath
Route finds the matching path configuration for the given host and path Returns the matched IngressPath or nil if no match
func (*Router) UpdateIngresses ¶
UpdateIngresses updates the router with a new list of ingresses
Source Files