ОбзорДокументацияВойти
/
muravjov
/
pog-server
Код
Запросы
0
Пакеты
0
Релизы
0
Аналитика
Безопасность

pog-server

1

Описание

116 KiB
README
Лицензия
В избранном6
Форки1

Языки

  • Go95,3%
  • Dockerfile2,8%
  • HCL1,9%
1
56
0
.vscode
2 года назад
grpcapi
2 года назад
grpcproxy
2 года назад
grpctest
2 года назад
gstacks
2 года назад
healthcheck
2 года назад
terraform
2 года назад
util
2 года назад
.gitignore
2 года назад
LICENSE
2 года назад
README.md
2 года назад
go.mod
2 года назад
go.sum
2 года назад
README.md

Proxy over gRPC

pog-server is a HTTP proxy which uses gRPC for sending bytes:

User <-(HTTP proxying)-> pog client <-(gRPC)-> pog server <-(HTTP proxying)-> destination server

Статья на Хабре

Applications of Proxy over gRPC (PoG)

  • If a site is not available from your IP address, use the proxy, e.g. with Google Chrome:

Simple example of use

The pog server:

The pog client:

A user of the HTTP proxy:

Here the user reaches the destination URL ifconfig.me via the HTTP proxy at https://localhost:18080 .

How to build

Go programming language version > 1.21 is required.

How to build Docker image

How to deploy to Google Cloud Run using Terraform1

The server part can be deployed into GCP Cloud Run, see

terraform/pog-server.tf
as an example. First, let's gate our server service with auth with login and password:

This JSON value we assign to the env variable POG_AUTH_ITEM1, see

terraform/pog-server.tf

Having a GCP project

PROJECT
, do:

Optionally, let's gate user requests to our client service, login=user and password=password:

The client part:

Finally, the user request:

Optional tweaks to GCP service config (
pog-server.tf
)

For a single home usage, the Cloud Run costs might be not affordable (around 15$/m), so one might try those tweaks:

Options

All the options are represented as environment variables.

The server part options:

VariableDescription
PORTPort to listen to. Default:
8080
POG_AUTH_*Enables authorization for PoG clients. Use
genauthitem
 to generate JSON values
GRPC_AND_HTTP_MUXListen to both gRPC and HTTP requests (/metrics). Default:
1
 (enabled)

The client part options:

VariableDescription
SERVER_ADDRPoG server address (host:port). Required. Example:
localhost:8080
INSECURESkip SSL validation. Default: `` (false)
CLIENT_LISTENClient address to listen to ([host]:port). Default:
:18080
CLIENT_POG_AUTHAuth string to connect to PoG server, in the form
user:password
CLIENT_AUTH_*Enables authorization for proxy users. Use
genauthitem
 to generate JSON values
MUX_SERVER_METRICSServe both server and client
Prometheus
 metrics from
/metrics
, iff there is any connection to the server. Default: `` (false)

The common options:

VariableDescription
DISABLE_ACCESS_LOGGINGDisables request logging in the form
pog: ifconfig.me:443 ilya HTTPS 172.17.0.1:60748 [2024-06-15T12:53:42Z] 200
METRIC_NAMESPACEPrepends
Prometheus
 metrics with a prefix (useful to avoid confusion between server and client metrics in case of
MUX_SERVER_METRICS
)
GRPC_BUILTIN_METRICSPopulates
/metrics
 with the builtin gRPC metrics. Default:
1
 (enabled)

Metrics and operations

Both PoG server and client provides Prometheus metrics at

/metrics
. An example:

What does it mean:

  • rpcs
    : stats how much requests were processed and their success
  • tunnelling_connections_total
    : a gauge featuring how many connections are being proccessed now; if the value is growing over time then there is a memory leak
  • auth_item_earliest_expiry
    : time when a user account is to expire (both at server and client side)

Footnotes

  1. One can deploy a Cloud Run service with the console, too.