https://github.com/hyperadev/kani
A fast Traefik forward-auth server for validating Cloudflare Access requests
https://github.com/hyperadev/kani
cloudflare-access docker hacktoberfest jwt k8s kubernetes traefik traefik-forward-auth
Last synced: 2 months ago
JSON representation
A fast Traefik forward-auth server for validating Cloudflare Access requests
- Host: GitHub
- URL: https://github.com/hyperadev/kani
- Owner: HyperaDev
- License: mit
- Created: 2022-09-15T14:59:47.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-05-22T21:30:46.000Z (about 1 year ago)
- Last Synced: 2024-05-22T22:35:53.027Z (about 1 year ago)
- Topics: cloudflare-access, docker, hacktoberfest, jwt, k8s, kubernetes, traefik, traefik-forward-auth
- Language: Go
- Homepage:
- Size: 126 KB
- Stars: 13
- Watchers: 1
- Forks: 1
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
- Security: SECURITY.md
Awesome Lists containing this project
README
# Kani
A fast Traefik forward-auth server for validating Cloudflare Access requests
[](LICENSE)
[](https://hub.docker.com/r/joshuasing/kani)
[](https://hub.docker.com/r/joshuasing/kani)
* [Kani](#kani)
* [What is Kani?](#what-is-kani)
* [Why use Kani?](#why-use-kani)
* [Getting started](#getting-started)
* [Contributing](#contributing)
* [Contact](#contact)
* [License](#license)
* [Acknowledgements](#acknowledgements)
* [Supporters](#supporters)
## What is Kani?
[Kani (カニ)](https://ja.wikipedia.org/wiki/カニ) ([Pronunciation](http://ipa-reader.xyz/?text=kan%CA%B2i)) means Crab in
Japanese.
I'm not entirely sure what I decided to use this name, but here we are.
Kani is designed to be a [Traefik](https://github.com/traefik/traefik) ForwardAuth server for
validating [Cloudflare Access](https://www.cloudflare.com/products/zero-trust/access/) requests.
When a request is proxied through Cloudflare Access, a signed JWT token will be sent to the backend (Traefik in this
case) as an HTTP header.
Since the JWT token is signed, we can get the public keys from Cloudflare Access to validate that it was indeed issued
by Cloudflare Access.
## Why use Kani?
We recommend using Kani when using Cloudflare Access to protect websites.
Kani allows Traefik to validate that requests actually went through Cloudflare Access, preventing users from accessing
the page without going through Cloudflare Access.
## Getting started
**See examples in [examples/](examples)**.
## Contributing
If you would like to contribute to this project, please see [CONTRIBUTING.md](CONTRIBUTING.md).
### Contact
If you want to contact the Kani Project maintainers, please use one of the following methods:
- [Discord server](https://discord.hypera.dev/) (Ask questions here please - best response time)
- [Email `[email protected]`](mailto:[email protected])
- [Email `[email protected]`](mailto:[email protected])
- [Email `[email protected]`](mailto:[email protected]) (security-related matters only)
### License
Kani is distributed under the terms of the MIT License.
For further details, please refer to the [LICENSE](LICENSE) file.
## Acknowledgements
We are extremely grateful to the
[amazing individuals who have contributed to this project](https://github.com/HyperaDev/kani/graphs/contributors),
as well as those who have supported us by providing valuable feedback and donations.
We would also like to thank all the individuals and companies who have supported us in sustaining
this project. We are grateful for their valuable contributions that have enabled us to continue to
improve Kani.
Please note that the individuals and companies listed under the "Supporters" section are
independent of this project, and their inclusion should not be interpreted as an endorsement or
affiliation.
### Supporters
We don't currently have any supporters for this project :(
If you would like to sponsor this project, please [contact us](#contact)!