### Static Provider Configuration Example Source: https://github.com/umputun/reproxy/blob/master/README.md Demonstrates how to configure the static provider using command-line arguments. This provider allows defining multiple routing rules directly, specifying server, source URL, destination, and optional ping URL and health check forwarding. ```bash # Proxy all requests to any host with /api prefix to https://api.example.com reproxy --static.rule="*,^/api/(.*),https://api.example.com/$1" # Proxy requests to example.com/foo/bar to https://api.example.com/zzz with health check reproxy --static.rule="example.com,/foo/bar,https://api.example.com/zzz,https://api.example.com/ping" # Same as above, but also forwards health check requests reproxy --static.rule="example.com,/foo/bar,https://api.example.com/zzz,https://api.example.com/ping,true" ``` -------------------------------- ### Homebrew Installation Source: https://github.com/umputun/reproxy/blob/master/README.md Installs Reproxy using the Homebrew package manager on macOS systems. ```bash brew install umputun/apps/reproxy ``` -------------------------------- ### Reproxy Header Management via Environment Variables Source: https://github.com/umputun/reproxy/blob/master/README.md This example shows how to configure Reproxy to drop incoming headers and set outgoing headers using environment variables, which is particularly useful in Docker Compose setups. It illustrates setting security-related headers. ```yaml environment: - DROP_HEADERS=X-Auth-User,X-Auth-Token - HEADER= X-Frame-Options:SAMEORIGIN, X-XSS-Protection:1; mode=block;, Content-Security-Policy:default-src 'self'; style-src 'self' 'unsafe-inline'; ``` -------------------------------- ### File Provider Configuration Example (YAML) Source: https://github.com/umputun/reproxy/blob/master/README.md Illustrates the configuration of the file provider using a YAML file. This method supports complex routing rules, including regex routes, destination URLs, ping URLs for health checks, remote access restrictions, and basic authentication. ```yaml default: # the same as * (catch-all) server - { route: "^/api/svc1/(.*)", dest: "http://127.0.0.1:8080/blah1/$1" } - { route: "/api/svc3/xyz", dest: "http://127.0.0.3:8080/blah3/xyz", ping: "http://127.0.0.3:8080/ping", remote: "192.168.1.0/24, 127.0.0.1", # optional, restrict access to the route "forward-health-checks": true # optional, forward /ping and /health to backend } - { route: "^/admin/(.*)", dest: "http://127.0.0.4:8080/$1", auth: "admin:$2y$05$..." # optional, per-route basic auth (htpasswd bcrypt format) } srv.example.com: - { route: "^/api/svc2/(.*)", dest: "http://127.0.0.2:8080/blah2/$1/abc" } - { route: "/web/", dest: "/var/www", "assets": true } "*.files.example.com": - { route: "^/files/(.*)", dest: "http://123.123.200.200:8080/$host/$1" } ``` -------------------------------- ### Configure Consul Catalog Provider via CLI Source: https://github.com/umputun/reproxy/blob/master/README.md Example command to enable the Consul Catalog provider with a custom address and polling interval. This allows Reproxy to discover services registered in Consul. ```bash reproxy --consul-catalog.enabled --consul-catalog.address=http://192.168.1.100:8500 --consul-catalog.interval=10s ``` -------------------------------- ### Complete Production Docker Compose Example Source: https://context7.com/umputun/reproxy/llms.txt This Docker Compose configuration sets up Reproxy for a production environment, including SSL termination (ACME), Docker service discovery, plugins, and monitoring. It also defines a sample 'api' service with Reproxy routing rules. ```yaml services: reproxy: image: umputun/reproxy:latest user: "1001" # Run as non-root ports: - "80:8080" - "443:8443" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ./ssl:/srv/var/ssl - ./logs:/srv/logs environment: - TZ=UTC - DOCKER_ENABLED=true - DOCKER_AUTO=true - SSL_TYPE=auto - SSL_ACME_EMAIL=admin@example.com - SSL_ACME_LOCATION=/srv/var/ssl - MGMT_ENABLED=true - MGMT_LISTEN=0.0.0.0:8081 - HEALTH_CHECK_ENABLED=true - HEALTH_CHECK_INTERVAL=60s - LB_TYPE=roundrobin - GZIP=true - MAX_SIZE=10M - LOGGER_ENABLED=true - LOGGER_FILE=/srv/logs/access.log - THROTTLE_SYSTEM=10000 - THROTTLE_USER=100 - HEADER=X-Frame-Options:SAMEORIGIN,X-XSS-Protection:1; mode=block - DROP_HEADERS=X-Powered-By api: image: my-api:latest labels: reproxy.server: "api.example.com" reproxy.route: "^(.*)" reproxy.dest: "/$1" reproxy.ping: "/health" ``` -------------------------------- ### Docker Compose Service with Per-Route Basic Auth Source: https://github.com/umputun/reproxy/blob/master/README.md An example of a Docker Compose service configuration that utilizes Reproxy for per-route basic authentication. It demonstrates how to set the reproxy.auth label with a username and hashed password. ```yaml services: admin-api: labels: - "reproxy.route=^/admin/(.*)" - "reproxy.dest=/$1" - "reproxy.auth=admin:$$2y$$05$$hashedpassword" ``` -------------------------------- ### Configure Cache Control with MIME Types (CLI) Source: https://context7.com/umputun/reproxy/llms.txt This command-line example demonstrates how to configure cache control durations for static assets served by Reproxy. It shows setting a default cache duration and then overriding it for specific MIME types like text/html and image/png. ```bash reproxy --assets.location=/var/www \ --assets.cache=48h \ --assets.cache=text/html:1h \ --assets.cache=image/png:7d ``` -------------------------------- ### Reproxy SSL Configuration with ACME and DNS Providers Source: https://github.com/umputun/reproxy/blob/master/README.md This snippet demonstrates how to configure Reproxy for automatic SSL certificate management using ACME, specifying the challenge type and integrating with various DNS providers for validation. It includes environment variable setup for Cloudflare. ```bash export CLOUDFLARE_API_TOKEN=your_api_token reproxy --ssl.type=auto --ssl.acme-email=admin@example.com --ssl.fqdn=example.com ``` -------------------------------- ### Configure Reproxy as a Static Asset Server in Docker Source: https://github.com/umputun/reproxy/blob/master/README.md Demonstrates how to create a multi-stage Dockerfile to build a frontend application and serve it using the reproxy base image. The configuration uses the --assets.location flag to point to the static site directory. ```docker FROM node:22-alpine as build WORKDIR /build COPY site/ /build COPY README.md /build/src/index.md RUN yarn --frozen-lockfile RUN yarn build RUN ls -la /build/public FROM ghcr.io/umputun/reproxy COPY --from=build /build/public /srv/site EXPOSE 8080 USER app ENTRYPOINT ["/srv/reproxy", "--assets.location=/srv/site"] ``` -------------------------------- ### File Provider for Multiple Static Sites Source: https://github.com/umputun/reproxy/blob/master/README.md Shows how to configure the file provider to serve multiple static sites on different domains. This is achieved by using server names as keys and setting the 'assets' field to true for each site's configuration. ```yaml site-en.example.com: - { route: "/", dest: "/var/www/en", "assets": true } site-ru.example.com: - { route: "/", dest: "/var/www/ru", "assets": true } ``` -------------------------------- ### Configure Reproxy for Static Assets and SPA Support Source: https://context7.com/umputun/reproxy/llms.txt These bash commands demonstrate how to configure Reproxy to serve static files and support Single Page Applications (SPAs). Options include specifying the location and root directory for assets, enabling SPA mode, and setting a custom 404 Not Found page. ```bash # Basic static file server reproxy --assets.location=/var/www --assets.root=/static # SPA mode with custom 404 page reproxy --assets.location=/var/www/app \ --assets.root=/ \ --assets.spa \ --assets.not-found=404.html ``` -------------------------------- ### Enable Reproxy Management API and Prometheus Metrics Source: https://context7.com/umputun/reproxy/llms.txt These bash commands demonstrate how to enable the Reproxy management API and expose Prometheus metrics. The management API allows for route inspection and control, while the metrics endpoint provides performance data for monitoring. ```bash # Enable management API reproxy --mgmt.enabled --mgmt.listen=0.0.0.0:8081 --mgmt.low-cardinality ``` ```bash # Get all configured routes curl http://localhost:8081/routes # Response: # { # "*": [{"route": "^/api/(.*)", "destination": "http://backend:8080/$1", "match": "proxy", "provider": "static"}], # "example.com": [{"route": "/static/", "match": "static", "assets_location": "/var/www"}] # } # Prometheus metrics endpoint curl http://localhost:8081/metrics # Metrics include: # - http_requests_total{method, route, status} # - response_status{method, route, status} # - http_response_time_seconds{method, route} ``` -------------------------------- ### Reproxy Plugin Development with Go Source: https://context7.com/umputun/reproxy/llms.txt This Go code defines a basic Reproxy plugin that can handle authentication and add headers. It demonstrates how to implement the `Authenticate` and `AddHeaders` methods, which are called by Reproxy to process requests. The plugin communicates with Reproxy via RPC. ```go // plugin/main.go package main import ( "context" "log" "net/http" "github.com/umputun/reproxy/lib" ) func main() { plugin := lib.Plugin{ Name: "AuthPlugin", Address: "plugin-host:1234", Methods: []string{"Authenticate", "AddHeaders"}, } if err := plugin.Do(context.Background(), "http://reproxy:8081", new(Handler)); err != nil { log.Fatal(err) } } type Handler struct{} // Authenticate validates requests and can reject with status >= 400 func (h *Handler) Authenticate(req lib.Request, res *lib.Response) error { log.Printf("Request: %s %s from %s", req.Host, req.URL, req.RemoteAddr) if req.Header.Get("Authorization") == "" { res.StatusCode = 401 // Reject request res.HeadersOut = http.Header{"WWW-Authenticate": []string{`Bearer realm=\"api\"`}} return nil } res.StatusCode = 200 // Allow request to proceed return nil } // AddHeaders adds custom headers to proxied requests func (h *Handler) AddHeaders(req lib.Request, res *lib.Response) error { res.StatusCode = 200 res.HeadersIn = http.Header{"X-User-ID": []string{"12345"}} // Sent to backend res.HeadersOut = http.Header{"X-Request-ID": []string{"abc123"}} // Sent to client return nil } ``` -------------------------------- ### Dockerfile for Static Site with Reproxy Source: https://context7.com/umputun/reproxy/llms.txt This Dockerfile builds a static site using Node.js for the build process and then uses Reproxy as the base image for serving the built assets. It copies the built site into the Reproxy image and configures the entrypoint to serve the static files. ```dockerfile # Dockerfile for static site using reproxy as base FROM node:22-alpine as build WORKDIR /build COPY . . RUN npm ci && npm run build FROM ghcr.io/umputun/reproxy COPY --from=build /build/dist /srv/site EXPOSE 8080 USER app ENTRYPOINT ["/srv/reproxy", "--assets.location=/srv/site", "--assets.spa"] ``` -------------------------------- ### Static Provider Rule Configuration Source: https://github.com/umputun/reproxy/blob/master/README.md Configures Reproxy to use a static provider for defining proxy rules. The rule format specifies the requested server, URL pattern, and destination URL. Supports regex groups for dynamic URL construction. ```bash reproxy --static.enabled --static.rule="*,example.com/api/(.*),https://api.example.com/$1" ``` -------------------------------- ### SSL/TLS Configuration Source: https://context7.com/umputun/reproxy/llms.txt Configures automatic SSL via Let's Encrypt using HTTP-01 or DNS-01 challenges, or provides paths to static certificate files. ```bash # Automatic SSL with Let's Encrypt (HTTP-01 challenge) reproxy --ssl.type=auto \ --ssl.acme-email=admin@example.com \ --ssl.fqdn=example.com,api.example.com \ --ssl.acme-location=/var/acme # DNS-01 challenge with Cloudflare reproxy --ssl.type=auto \ --ssl.acme-email=admin@example.com \ --ssl.fqdn=example.com \ --ssl.dns.type=cloudflare \ --ssl.dns.cloudflare.api-token=YOUR_TOKEN # Static certificate reproxy --ssl.type=static \ --ssl.cert=/path/to/cert.pem \ --ssl.key=/path/to/key.pem ``` -------------------------------- ### Assets Server and SPA Support Source: https://context7.com/umputun/reproxy/llms.txt Configure Reproxy to serve static files, including support for Single Page Applications (SPAs) with custom 404 handling and cache control. ```APIDOC ## Assets Server and SPA Support ### Description Serve static files with caching control and single-page application support. ### Method N/A (Configuration via command-line flags or configuration file) ### Endpoint N/A ### Parameters #### Command-line Flags - **--assets.location** (string) - The directory containing the static files. - **--assets.root** (string) - The URL path prefix for serving assets. - **--assets.spa** (bool) - Enable Single Page Application mode (redirects 404s to index.html). - **--assets.not-found** (string) - The filename to serve as the 404 page in SPA mode. ### Request Example ```bash # Basic static file server reproxy --assets.location=/var/www --assets.root=/static # SPA mode with custom 404 page reproxy --assets.location=/var/www/app \ --assets.root=/ \ --assets.spa \ --assets.not-found=404.html ``` ### Response N/A (Configuration affects proxy behavior) ### Response Example N/A ``` -------------------------------- ### Reproxy Plugin Interface (Go) Source: https://github.com/umputun/reproxy/blob/master/README.md Defines the core interfaces and types for developing Reproxy plugins in Go. It includes structures for requests and responses, and the handler function signature. ```go package lib type Request struct { URL string Headers map[string][]string Route Route } type HandlerResponse struct { Headers map[string][]string StatusCode int } type Handler func(req Request, res *HandlerResponse) (err error) ``` -------------------------------- ### Configure Static Routing Rules Source: https://context7.com/umputun/reproxy/llms.txt Defines proxy rules using CLI flags or environment variables. Rules support regex path matching, health check endpoints, static asset serving, and SPA mode. ```bash # Basic proxy rule: proxy /api requests to backend reproxy --static.enabled --static.rule="*,^/api/(.*),https://api.example.com/$1" # Multiple rules with health check endpoints reproxy --static.enabled \ --static.rule="*,^/api/(.*),https://api.example.com/$1,https://api.example.com/ping" \ --static.rule="example.com,/users/,https://users.example.com/,https://users.example.com/health" # Serve static assets with assets: prefix reproxy --static.enabled --static.rule="*,assets:/web,/var/www" # SPA mode with spa: prefix (redirects 404 to index.html) reproxy --static.enabled --static.rule="*,spa:/app,/var/www/app" # Using environment variables export STATIC_ENABLED=true export STATIC_RULES="*,^/api/(.*),https://api.example.com/$1;example.com,/web/,/var/www" reproxy ``` -------------------------------- ### Docker Provider Automatic Discovery Source: https://github.com/umputun/reproxy/blob/master/README.md Enables Reproxy's Docker provider for automatic discovery of services. This allows Reproxy to dynamically configure proxy rules based on running Docker containers. ```bash reproxy --docker.enabled --docker.auto ``` -------------------------------- ### Generate htpasswd Entry Source: https://github.com/umputun/reproxy/blob/master/README.md Generates a username and password hash for basic authentication using the htpasswd command. This is useful for creating entries for the htpasswd file used by Reproxy. ```bash htpasswd -nbB test passwd ``` -------------------------------- ### Docker Auto-Discovery Configuration Source: https://context7.com/umputun/reproxy/llms.txt Enables automatic service discovery for Docker containers. Routing can be configured via container labels, supporting multiple routes per container and security constraints. ```yaml # docker-compose.yml services: reproxy: image: umputun/reproxy:latest ports: - "80:8080" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro environment: - DOCKER_ENABLED=true - DOCKER_AUTO=true # auto-discover containers - DEBUG=true # Auto-discovered: routes to ^/api-service/(.*) api-service: image: my-api:latest expose: - "8080" # Explicit routing via labels backend: image: my-backend:latest labels: reproxy.server: "api.example.com" reproxy.route: "^/v1/(.*)" reproxy.dest: "/api/$1" reproxy.port: "8080" reproxy.ping: "/health" reproxy.remote: "192.168.1.0/24" reproxy.auth: "user:$$2y$$05$$hashedpassword" # escape $ in compose # Multiple routes on same container multi-api: image: my-multi-api:latest labels: reproxy.0.route: "^/public/(.*)" reproxy.0.dest: "/api/public/$1" reproxy.1.route: "^/admin/(.*)" reproxy.1.dest: "/api/admin/$1" reproxy.1.auth: "admin:$$2y$$05$$hashedpw" ``` -------------------------------- ### Plugin Development API Source: https://context7.com/umputun/reproxy/llms.txt Allows extending reproxy functionality using RPC-based plugins. Plugins can intercept requests to modify headers, authenticate users, and control request flow. ```APIDOC ## Plugin Development ### Description Extend reproxy functionality with RPC-based plugins that can modify headers and control request flow. ### Method RPC (via HTTP) ### Endpoint `http://reproxy:8081` (as configured in the plugin) ### Parameters #### Request Body (for plugin methods) - **req** (lib.Request) - Details of the incoming request. - **res** (lib.Response) - Structure to define the response from the plugin. ### Request Example (Go Plugin) ```go // plugin/main.go package main import ( "context" "log" "net/http" "github.com/umputun/reproxy/lib" ) func main() { plugin := lib.Plugin{ Name: "AuthPlugin", Address: "plugin-host:1234", Methods: []string{"Authenticate", "AddHeaders"}, } if err := plugin.Do(context.Background(), "http://reproxy:8081", new(Handler)); err != nil { log.Fatal(err) } } type Handler struct{} // Authenticate validates requests and can reject with status >= 400 func (h *Handler) Authenticate(req lib.Request, res *lib.Response) error { log.Printf("Request: %s %s from %s", req.Host, req.URL, req.RemoteAddr) if req.Header.Get("Authorization") == "" { res.StatusCode = 401 // Reject request res.HeadersOut = http.Header{"WWW-Authenticate": []string{`Bearer realm="api"`}} return nil } res.StatusCode = 200 // Allow request to proceed return nil } // AddHeaders adds custom headers to proxied requests func (h *Handler) AddHeaders(req lib.Request, res *lib.Response) error { res.StatusCode = 200 res.HeadersIn = http.Header{"X-User-ID": []string{"12345"}} // Sent to backend res.HeadersOut = http.Header{"X-Request-ID": []string{"abc123"}} // Sent to client return nil } ``` ### Response (from plugin methods) #### Success Response (200) - **StatusCode** (int) - HTTP status code to return. - **HeadersOut** (http.Header) - Headers to be sent to the client. - **HeadersIn** (http.Header) - Headers to be sent to the backend service. #### Response Example ```json { "StatusCode": 200, "HeadersOut": { "X-Request-ID": ["abc123"] }, "HeadersIn": { "X-User-ID": ["12345"] } } ``` ``` -------------------------------- ### Configure Reproxy Request Throttling and Access Control Source: https://context7.com/umputun/reproxy/llms.txt These bash commands and YAML configuration show how to implement request throttling and access control in Reproxy. This includes setting system-wide and per-user request limits, configuring basic authentication using htpasswd, and enabling IP address restrictions for specific routes. ```bash # System-wide and per-user throttling reproxy --throttle.system=1000 --throttle.user=10 # requests per second # Basic authentication via htpasswd htpasswd -nbB admin secretpassword > /etc/reproxy/htpasswd reproxy --basic-htpasswd=/etc/reproxy/htpasswd # Enable X-Forwarded-For header parsing for IP checks reproxy --remote-lookup-headers ``` ```yaml # File provider with IP restrictions default: - route: "^/admin/(.*)" dest: "http://admin-backend:8080/$1" remote: "10.0.0.0/8, 192.168.1.100" # Allow only these IPs auth: "admin:$2y$05$..." # And require auth ``` -------------------------------- ### GitHub Container Registry Pull Source: https://github.com/umputun/reproxy/blob/master/README.md Pulls the Reproxy Docker image from the GitHub Container Registry. ```docker docker pull ghcr.io/umputun/reproxy ``` -------------------------------- ### Docker Compose for Reproxy with Plugin Integration Source: https://context7.com/umputun/reproxy/llms.txt This Docker Compose configuration integrates a custom plugin with Reproxy. It defines services for both Reproxy and the plugin, setting environment variables to enable plugin functionality in Reproxy and specifying the plugin's build context and dependencies. ```yaml # docker-compose.yml with plugin services: reproxy: image: umputun/reproxy:latest environment: - PLUGIN_ENABLED=true - PLUGIN_LISTEN=0.0.0.0:8081 - DOCKER_ENABLED=true auth-plugin: build: ./plugin depends_on: - reproxy ``` -------------------------------- ### Configure File-Based Routing Source: https://context7.com/umputun/reproxy/llms.txt Loads routing rules from a YAML file, supporting host-based routing, per-route authentication, and IP access control. The file provider supports dynamic reloading. ```yaml # reproxy.yml default: # matches all hosts (same as *) - { route: "^/api/svc1/(.*)", dest: "http://127.0.0.1:8080/blah1/$1" } - { route: "/api/svc2", dest: "http://127.0.0.1:8081/api", ping: "http://127.0.0.1:8081/ping" } - { route: "^/admin/(.*)", dest: "http://127.0.0.1:8082/$1", auth: "admin:$2y$05$hashedpassword", # per-route basic auth remote: "192.168.1.0/24, 127.0.0.1" # IP access control } srv.example.com: - { route: "^/api/(.*)", dest: "http://backend:8080/$1" } - { route: "/static/", dest: "/var/www/static", assets: true } "*.files.example.com": # wildcard domain matching - { route: "^/files/(.*)", dest: "http://storage:8080/${host}/$1" } # Multiple static sites site-en.example.com: - { route: "/", dest: "/var/www/en", assets: true } site-ru.example.com: - { route: "/", dest: "/var/www/ru", assets: true, spa: true } ``` ```bash # Start with file provider reproxy --file.enabled --file.name=reproxy.yml --file.interval=3s ``` -------------------------------- ### Configure Reproxy Health Checks and Load Balancing Source: https://context7.com/umputun/reproxy/llms.txt These bash commands illustrate how to enable health checks and configure load balancing strategies in Reproxy. Health checks allow for automatic failover, and various load balancing types like round-robin, random, or failover can be selected. ```bash # Enable health checks with 5-minute interval reproxy --health-check.enabled --health-check.interval=300s \ --lb-type=roundrobin # or: random, failover ``` ```bash # Health endpoint returns status of all backends curl http://localhost:8080/health # Returns 200 OK if all healthy, 417 if any failed # { # "services": { # "http://backend1:8080/ping": "ok", # "http://backend2:8080/ping": "failed: connection refused" # } # } # Ping endpoint for reproxy itself curl http://localhost:8080/ping # Returns: pong ``` -------------------------------- ### Docker Container Deployment Source: https://github.com/umputun/reproxy/blob/master/README.md Deploys Reproxy as a Docker container, exposing ports 80 and 8080. It utilizes the Docker provider for automatic service discovery. ```docker docker up -p 80:8080 umputun/reproxy --docker.enabled --docker.auto ``` -------------------------------- ### Docker Container with Automatic SSL Source: https://github.com/umputun/reproxy/blob/master/README.md Deploys Reproxy as a Docker container with automatic SSL enabled via Let's Encrypt. It configures ports 80 and 8443, enables Docker discovery, and sets the fully qualified domain name (FQDN) for SSL certificates. ```docker docker up -p 80:8080 -p 443:8443 umputun/reproxy --docker.enabled --docker.auto --ssl.type=auto --ssl.fqdn=example.com ``` -------------------------------- ### Management API and Prometheus Metrics Source: https://context7.com/umputun/reproxy/llms.txt Exposes endpoints for inspecting configured routes and collecting Prometheus metrics. The management API can be enabled and configured with specific listen addresses and options. ```APIDOC ## Management API and Prometheus Metrics ### Description Enable the management server for route inspection and prometheus metrics collection. ### Method GET ### Endpoint `http://localhost:8081/routes` `http://localhost:8081/metrics` ### Parameters None ### Request Example ```bash # Get all configured routes curl http://localhost:8081/routes # Prometheus metrics endpoint curl http://localhost:8081/metrics ``` ### Response #### Success Response (200) - **routes** (object) - A JSON object where keys are hostnames and values are arrays of route configurations. - **metrics** (text/plain) - Prometheus-formatted metrics. #### Response Example ```json { "*": [{"route": "^/api/(.*)", "destination": "http://backend:8080/$1", "match": "proxy", "provider": "static"}], "example.com": [{"route": "/static/", "match": "static", "assets_location": "/var/www"}] } ``` ```text # Metrics include: # - http_requests_total{method, route, status} # - response_status{method, route, status} # - http_response_time_seconds{method, route} ``` ``` -------------------------------- ### Docker Image Pull Source: https://github.com/umputun/reproxy/blob/master/README.md Pulls the Reproxy Docker image from Docker Hub. The `:latest` tag is an alias for the latest stable version. ```docker docker pull umputun/reproxy ``` -------------------------------- ### Management API Endpoints Source: https://github.com/umputun/reproxy/blob/master/README.md An optional management API can be enabled to expose endpoints for route listing and metrics. ```APIDOC ## Management API ### Description This API is optional and can be enabled with `--mgmt.enabled`. It exposes endpoints on the address specified by `mgmt.listen`. ## GET /routes ### Description Lists all discovered routes. ### Method GET ### Endpoint /routes ### Parameters None ### Request Example None ### Response #### Success Response (200) - **routes** (array) - A list of discovered routes. #### Response Example ```json [ { "id": "route1", "match": { "type": "path-prefix", "value": "/api" }, "servers": [ "http://localhost:8080" ] } ] ``` ## GET /metrics ### Description Returns Prometheus metrics, including `http_requests_total`, `response_status`, and `http_response_time_seconds`. ### Method GET ### Endpoint /metrics ### Parameters None ### Request Example None ### Response #### Success Response (200) - **metrics** (string) - Prometheus-formatted metrics. #### Response Example ``` # HELP http_requests_total Total number of HTTP requests received. # TYPE http_requests_total counter http_requests_total{code="200",method="GET",path="/"} 10 # HELP response_status HTTP response status codes. # TYPE response_status counter response_status{code="200",method="GET",path="/"} 10 # HELP http_response_time_seconds HTTP response time in seconds. # TYPE http_response_time_seconds histogram http_response_time_seconds_bucket{le="+Inf",method="GET",path="/"} 10 http_response_time_seconds_sum{method="GET",path="/"} 0.5 http_response_time_seconds_count{method="GET",path="/"} 10 ``` ``` -------------------------------- ### Docker Compose for Reproxy with Auto SSL Source: https://context7.com/umputun/reproxy/llms.txt This Docker Compose configuration sets up Reproxy with automatic SSL certificate management using ACME. It maps ports 80 and 443, mounts the Docker socket and SSL certificates directory, and configures environment variables for SSL type, ACME details, and DNS provider settings. ```yaml services: reproxy: image: umputun/reproxy:latest ports: - "80:8080" - "443:8443" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ./ssl:/srv/var/ssl environment: - SSL_TYPE=auto - SSL_ACME_EMAIL=admin@example.com - SSL_ACME_FQDN=example.com - SSL_ACME_LOCATION=/srv/var/ssl - SSL_DNS_TYPE=route53 - SSL_DNS_ROUTE53_REGION=us-east-1 - SSL_DNS_ROUTE53_HOSTED_ZONE_ID=Z1234567890 ``` -------------------------------- ### Request Throttling and Access Control Source: https://context7.com/umputun/reproxy/llms.txt Implement request rate limiting globally, per-user, and control access using basic authentication (htpasswd) or IP address restrictions. ```APIDOC ## Request Throttling and Access Control ### Description Limit request rates and restrict access by IP addresses. ### Method N/A (Configuration via command-line flags or configuration file) ### Endpoint N/A ### Parameters #### Command-line Flags - **--throttle.system** (int) - System-wide request rate limit (requests per second). - **--throttle.user** (int) - Per-user request rate limit (requests per second). - **--basic-htpasswd** (string) - Path to the htpasswd file for basic authentication. - **--remote-lookup-headers** (bool) - Enable parsing of X-Forwarded-For and similar headers for IP checks. #### Configuration File (Example) - **route** (string) - Regular expression for the route path. - **dest** (string) - Destination URL for the route. - **remote** (string) - Comma-separated list of allowed IP addresses or CIDR blocks. - **auth** (string) - Basic authentication credentials (e.g., `username:hashed_password`). ### Request Example ```bash # System-wide and per-user throttling reproxy --throttle.system=1000 --throttle.user=10 # requests per second # Basic authentication via htpasswd htpasswd -nbB admin secretpassword > /etc/reproxy/htpasswd reproxy --basic-htpasswd=/etc/reproxy/htpasswd # Enable X-Forwarded-For header parsing for IP checks reproxy --remote-lookup-headers ``` ### Response N/A (Configuration affects proxy behavior) ### Response Example ```yaml # File provider with IP restrictions default: - route: "^/admin/(.*)" dest: "http://admin-backend:8080/$1" remote: "10.0.0.0/8, 192.168.1.100" # Allow only these IPs auth: "admin:$2y$05$..." # And require auth ``` ``` -------------------------------- ### Health Checks and Load Balancing Source: https://context7.com/umputun/reproxy/llms.txt Configure health checks for backend services to enable automatic failover. Supports various load balancing strategies like roundrobin, random, and failover. ```APIDOC ## Health Checks and Load Balancing ### Description Configure health checks for automatic failover between multiple backends. ### Method GET ### Endpoint `http://localhost:8080/health` `http://localhost:8080/ping` ### Parameters None ### Request Example ```bash # Get health status of all backends curl http://localhost:8080/health # Get reproxy status curl http://localhost:8080/ping ``` ### Response #### Success Response (200) - **health** (object) - An object detailing the health status of each monitored service. - **ping** (string) - Returns "pong" if reproxy is running. #### Response Example ```json { "services": { "http://backend1:8080/ping": "ok", "http://backend2:8080/ping": "failed: connection refused" } } ``` ``` pong ``` ``` -------------------------------- ### Prometheus Scrape Configuration for Reproxy Source: https://context7.com/umputun/reproxy/llms.txt This YAML snippet shows how to configure Prometheus to scrape metrics from Reproxy. It defines a scrape job named 'reproxy' and specifies the target address where Reproxy's metrics endpoint is exposed. ```yaml # prometheus.yml scrape config scrape_configs: - job_name: 'reproxy' static_configs: - targets: ['reproxy:8081'] ``` -------------------------------- ### Ping and Health Check Endpoints Source: https://github.com/umputun/reproxy/blob/master/README.md Reproxy provides endpoints for checking its operational status and the health of backend services. ```APIDOC ## GET /ping ### Description Responds with 'pong' to indicate that reproxy is up and running. ### Method GET ### Endpoint /ping ### Parameters None ### Request Example None ### Response #### Success Response (200) - **pong** (string) - A simple string indicating the service is active. #### Response Example ``` pong ``` ## GET /health ### Description Returns a 200 OK status if all destination servers responded to their ping request with 200 or 417. Returns an error status if any server responded with a non-200 code. Also returns a JSON body with details about passed/failed services. ### Method GET ### Endpoint /health ### Parameters None ### Request Example None ### Response #### Success Response (200) - **details** (object) - Contains information about the health status of destination servers. - **passed** (array) - List of services that passed the health check. - **failed** (array) - List of services that failed the health check. #### Response Example ```json { "passed": [ "service1", "service2" ], "failed": [] } ``` ``` -------------------------------- ### Docker Compose Environment Variable Escaping for Reproxy Source: https://github.com/umputun/reproxy/blob/master/README.md When using Reproxy rules within Docker Compose environment variables, the '$' character needs to be escaped to avoid conflicts with Compose syntax. This is achieved by replacing '$' with '$$' or by using '@' as an alternative for regex group substitution. ```text https://api.example.com/$$1 https://api.example.com/@1 ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.