Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/inconshreveable/slt

A TLS reverse proxy with SNI multiplexing in Go
https://github.com/inconshreveable/slt

Last synced: 2 days ago
JSON representation

A TLS reverse proxy with SNI multiplexing in Go

Host: GitHub
URL: https://github.com/inconshreveable/slt
Owner: inconshreveable
License: other
Created: 2013-12-15T18:32:54.000Z (about 11 years ago)
Default Branch: master
Last Pushed: 2023-12-19T14:26:23.000Z (about 1 year ago)
Last Synced: 2025-01-11T18:40:42.271Z (3 days ago)
Language: Go
Size: 20.5 KB
Stars: 410
Watchers: 19
Forks: 57
Open Issues: 17
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-lists - inconshreveable/slt - A TLS reverse proxy with SNI multiplexing in Go (Go)

README

slt is a dead-simple TLS reverse-proxy with SNI multiplexing (TLS virtual hosts).

That means you can send TLS/SSL connections for multiple different applications to the same port and forward
them all to the appropriate backend hosts depending on the intended destination.

# Features

### SNI Multiplexing
slt multiplexes connections to a single TLS port by inspecting the name in the SNI extension field of each connection.

### Simple YAML Configuration
You configure slt with a simple YAML configuration file:

bind_addr: ":443"

frontends:
v1.example.com:
backends:
-
addr: ":4443"

v2.example.com:
backends:
-
addr: "192.168.0.2:443"
-
addr: "192.168.0.1:443"

### Optional TLS Termination
Sometimes, you don't actually want to terminate the TLS traffic, you just want to forward it elsewhere. slt only
terminates the TLS traffic if you specify a private key and certificate file like so:

frontends:
v1.example.com:
tls_key: /path/to/v1.example.com.key
tls_crt: /path/to/v1.example.com.crt

### Round robin load balancing among arbitrary backends
slt performs simple round-robin load balancing when more than one backend is available (other strategies will be available in the future):

frontends:
v1.example.com:
backends:
-
addr: ":8080"
-
addr: ":8081"

# Running it
Running slt is also simple. It takes a single argument, the path to the configuration file:

./slt /path/to/config.yml

# Building it
Just cd into the directory and "go build". It requires Go 1.1+.

# Testing it
Just cd into the directory and "go test".

# Stability
I run slt in production handling hundreds of thousands of connections daily.

# License
Apache