Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

CoffeeScript

C#

Scala

Objective-C

Nix

Haskell

Elixir

Solidity

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

PHP

C++

Elixir

Go

Erlang

Nix

Julia

Ada

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇩🇪 Germany

🇳🇵 Nepal

🇳🇺 Niue

🇹🇷 Türkiye

🇨🇲 Cameroon

🇦🇹 Austria

🇬🇬 Guernsey

🇲🇭 Marshall Islands

All Countries Compare Countries

inconshreveable/slt

Stars
406
Rank 106,421 (Top 3 %)
Language
Go
License
Other
Created almost 11 years ago
Updated 11 months ago

inconshreveable/slt

inconshreveable

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

A TLS reverse proxy with SNI multiplexing in Go

slt is a dead-simple TLS reverse-proxy with SNI multiplexing (TLS virtual hosts).

That means you can send TLS/SSL connections for multiple different applications to the same port and forward them all to the appropriate backend hosts depending on the intended destination.

Features

SNI Multiplexing

slt multiplexes connections to a single TLS port by inspecting the name in the SNI extension field of each connection.

Simple YAML Configuration

You configure slt with a simple YAML configuration file:

bind_addr: ":443"

frontends:
  v1.example.com:
    backends:
      -
        addr: ":4443"

  v2.example.com:
    backends:
      -
        addr: "192.168.0.2:443"
      -
        addr: "192.168.0.1:443"

Optional TLS Termination

Sometimes, you don't actually want to terminate the TLS traffic, you just want to forward it elsewhere. slt only terminates the TLS traffic if you specify a private key and certificate file like so:

frontends:
  v1.example.com:
    tls_key: /path/to/v1.example.com.key
    tls_crt: /path/to/v1.example.com.crt

Round robin load balancing among arbitrary backends

slt performs simple round-robin load balancing when more than one backend is available (other strategies will be available in the future):

frontends:
  v1.example.com:
    backends:
      -
        addr: ":8080"
      -
        addr: ":8081"

Running it

Running slt is also simple. It takes a single argument, the path to the configuration file:

./slt /path/to/config.yml

Building it

Just cd into the directory and "go build". It requires Go 1.1+.

Testing it

Just cd into the directory and "go test".

Stability

I run slt in production handling hundreds of thousands of connections daily.

License

Apache

ngrok

Unified ingress for developers

go-update

Build self-updating Golang programs

log15

Structured, composable logging for Go

muxado

Stream multiplexing for Go

srvdir

Expose any folder as an HTTPS fileserver

gonative

Build Go Toolchains /w native libs for cross-compilation

sqltap

SQL profiling and introspection for applications using sqlalchemy

go-vhost

HTTP/TLS hostname multiplexing library for Go

mousetrap

Detect starting from Windows explorer

go-tunnel

[DEPRECATED] Tunnel to localhost as a library

go-keen

Keen IO Client SDK in Go

shroud

[DEPRECATED] Public hidden services

axiom

utilities to build production command line apps

go-execpath

[DEPRECATED] Cross-platform Go(lang) library for determining the path to the executable of the running process

olive

REST APIs with Martini

rewire

Transform distracting browsing habits into productive time

gophercon-2022

examples for gophercon 2022 lightning talk

cduplex