inconshreveable/slt inconshreveable/slt

  • Stars
    star
    406
  • Rank 106,421 (Top 3 %)
  • Language
    Go
  • License
    Other
  • Created almost 11 years ago
  • Updated 11 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
inconshreveable/slt
github

inconshreveable

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A TLS reverse proxy with SNI multiplexing in Go

slt is a dead-simple TLS reverse-proxy with SNI multiplexing (TLS virtual hosts).

That means you can send TLS/SSL connections for multiple different applications to the same port and forward them all to the appropriate backend hosts depending on the intended destination.

Features

SNI Multiplexing

slt multiplexes connections to a single TLS port by inspecting the name in the SNI extension field of each connection.

Simple YAML Configuration

You configure slt with a simple YAML configuration file:

bind_addr: ":443"

frontends:
  v1.example.com:
    backends:
      -
        addr: ":4443"

  v2.example.com:
    backends:
      -
        addr: "192.168.0.2:443"
      -
        addr: "192.168.0.1:443"

Optional TLS Termination

Sometimes, you don't actually want to terminate the TLS traffic, you just want to forward it elsewhere. slt only terminates the TLS traffic if you specify a private key and certificate file like so:

frontends:
  v1.example.com:
    tls_key: /path/to/v1.example.com.key
    tls_crt: /path/to/v1.example.com.crt

Round robin load balancing among arbitrary backends

slt performs simple round-robin load balancing when more than one backend is available (other strategies will be available in the future):

frontends:
  v1.example.com:
    backends:
      -
        addr: ":8080"
      -
        addr: ":8081"

Running it

Running slt is also simple. It takes a single argument, the path to the configuration file:

./slt /path/to/config.yml

Building it

Just cd into the directory and "go build". It requires Go 1.1+.

Testing it

Just cd into the directory and "go test".

Stability

I run slt in production handling hundreds of thousands of connections daily.

License

Apache

More Repositories

1

ngrok

Unified ingress for developers
Go
24,088
star
2

go-update

Build self-updating Golang programs
Go
2,079
star
3

log15

Structured, composable logging for Go
Go
1,103
star
4

muxado

Stream multiplexing for Go
Go
529
star
5

srvdir

Expose any folder as an HTTPS fileserver
Go
377
star
6

gonative

Build Go Toolchains /w native libs for cross-compilation
Go
340
star
7

sqltap

SQL profiling and introspection for applications using sqlalchemy
Python
336
star
8

go-vhost

HTTP/TLS hostname multiplexing library for Go
Go
256
star
9

mousetrap

Detect starting from Windows explorer
Go
231
star
10

go-tunnel

[DEPRECATED] Tunnel to localhost as a library
Go
159
star
11

go-keen

Keen IO Client SDK in Go
Go
25
star
12

shroud

[DEPRECATED] Public hidden services
Go
24
star
13

axiom

utilities to build production command line apps
Go
22
star
14

go-execpath

[DEPRECATED] Cross-platform Go(lang) library for determining the path to the executable of the running process
Go
14
star
15

olive

REST APIs with Martini
Go
8
star
16

rewire

Transform distracting browsing habits into productive time
CoffeeScript
7
star
17

gophercon-2022

examples for gophercon 2022 lightning talk
Go
3
star
18

cduplex

C
1
star