devbennett7/goma-gateway
1
0
Fork 0
Code Pull Requests Activity

Merge pull request #99 from jkaninda/docs

Browse Source 
Docs
This commit is contained in:
Jonas Kaninda
2024-11-14 15:21:11 +01:00
committed by GitHub
parent 46ed66eca2 d36f1a0d72
commit 0905a41941
6 changed files with 43 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -56,10 +56,10 @@ It's designed to be straightforward and efficient, offering features, like:
- OAuth
- Rate limiting, In-Memory client IP based
- Limit HTTP methods allowed for a particular route.
- Distributed rate limiting, client IP based using Redis
### Todo:
- [ ] Blocklist IP address middleware
- [ ] Distributed Rate Limiting for In-Memory client IP based across multiple instances using Redis
----

2
docs/index.md
View File

@@ -33,6 +33,8 @@ It's designed to be straightforward and efficient, offering features, like:
- OAuth
- Rate limiting, In-Memory client IP based
- Limit HTTP methods allowed for a particular route.
- Distributed rate limiting, client IP based using Redis
Declare your routes and middlewares as code.

29
docs/quickstart/distrubuted-intance.md Normal file
View File

@@ -0,0 +1,29 @@
---
title: Distributed instances
layout: default
parent: Quickstart
nav_order: 5
---
# Distributed instances
```yaml
version: "1.0"
gateway:
sslCertFile: cert.pem
sslKeyFile: key.pem
writeTimeout: 15
readTimeout: 15
idleTimeout: 30
rateLimit: 60 # peer minute
blockCommonExploits: false
accessLog: /dev/Stdout
errorLog: /dev/stderr
logLevel: ''
## Redis connexion for distributed rate limiting; when using multiple instances | It's optional
redis:
addr: redis:6379
password: password
```

6
examples/configMap.yaml
View File

@@ -4,7 +4,7 @@ metadata:
name: goma-config
data:
goma.yml: |
# Goma Gateway configurations
# Goma Gateway configurations
version: 1.0
gateway:
# Proxy write timeout
@@ -22,6 +22,10 @@ data:
logLevel: info # debug, trace, off
accessLog: "/dev/Stdout"
errorLog: "/dev/stderr"
## Redis connexion for distributed rate limiting, when using multiple instances | It's optional
#redis:
#addr: redis:6379
# password: password
## Enable, disable routes health check
disableHealthCheckStatus: false
## Returns backend route healthcheck errors

4
examples/goma.yml
View File

@@ -16,6 +16,10 @@ gateway:
logLevel: info # debug, trace, off
accessLog: "/dev/Stdout"
errorLog: "/dev/stderr"
## Redis connexion for distributed rate limiting, when using multiple instances | It's optional
#redis:
#addr: redis:6379
# password: password
## Enable, disable routes health check
disableHealthCheckStatus: false
## Returns backend route healthcheck errors

4
internal/middleware/block-common-exploits.go
View File

@@ -41,7 +41,7 @@ func BlockExploitsMiddleware(next http.Handler) http.Handler {
pathTraversalPattern.MatchString(r.URL.Path) ||
xssPattern.MatchString(r.URL.RawQuery) {
logger.Error("%s: %s Forbidden - Potential exploit detected", getRealIP(r), r.URL.Path)
RespondWithError(w, http.StatusForbidden, fmt.Sprintf("%d Forbidden - Potential exploit detected", http.StatusForbidden))
RespondWithError(w, http.StatusForbidden, fmt.Sprintf("%d Forbidden", http.StatusForbidden))
return
}
@@ -52,7 +52,7 @@ func BlockExploitsMiddleware(next http.Handler) http.Handler {
for _, value := range values {
if sqlInjectionPattern.MatchString(value) || xssPattern.MatchString(value) {
logger.Error("%s: %s %s Forbidden - Potential exploit detected", getRealIP(r), r.Method, r.URL.Path)
RespondWithError(w, http.StatusForbidden, fmt.Sprintf("%d Forbidden - Potential exploit detected", http.StatusForbidden))
RespondWithError(w, http.StatusForbidden, fmt.Sprintf("%d Forbidden", http.StatusForbidden))
return
}
}