Github/aralez
1
0
Fork 0
mirror of https://github.com/sadoyan/aralez.git synced 2026-05-30 03:44:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

README update

Browse Source
This commit is contained in:
Ara Sadoyan
2026-05-01 12:32:58 +02:00
parent a0b6de9759
commit aee71c74f5
1 changed files with 19 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
README.md
View File

@@ -24,6 +24,7 @@ Built on Rust, on top of **Cloudflares Pingora engine**, **Aralez** delivers
- **Dynamic Config Reloads** — Upstreams can be updated live via API, no restart required. - **Dynamic Config Reloads** — Upstreams can be updated live via API, no restart required.
- **TLS Termination** — Built-in OpenSSL support. - **TLS Termination** — Built-in OpenSSL support.
- **Automatic loading of certificates** — Automatically reads and loads certificates from a folder, without a restart. - **Automatic loading of certificates** — Automatically reads and loads certificates from a folder, without a restart.
- **Lets Encrypt Certificates** — Automatic ordering and renewal of SSL/TLS certificates via the HTTP-01 challenge
- **Upstreams TLS detection** — Aralez will automatically detect if upstreams uses secure connection. - **Upstreams TLS detection** — Aralez will automatically detect if upstreams uses secure connection.
- **Built in rate limiter** — Limit requests to server, by setting up upper limit for requests per seconds, per virtualhost. - **Built in rate limiter** — Limit requests to server, by setting up upper limit for requests per seconds, per virtualhost.
- **Global rate limiter** — Set rate limit for all virtualhosts. - **Global rate limiter** — Set rate limit for all virtualhosts.
@@ -52,7 +53,7 @@ Built on Rust, on top of **Cloudflares Pingora engine**, **Aralez** delivers
- 🔮 **Automatic GRPC Support:** Zero config, Requires `ssl` to proxy, gRPC handled seamlessly. - 🔮 **Automatic GRPC Support:** Zero config, Requires `ssl` to proxy, gRPC handled seamlessly.
- 🔮 **Upstreams Session Stickiness:** Enable/Disable Sticky sessions globally. - 🔮 **Upstreams Session Stickiness:** Enable/Disable Sticky sessions globally.
- 🔐 **TLS Termination:** Fully supports TLS for upstreams and downstreams. - 🔐 **TLS Termination:** Fully supports TLS for upstreams and downstreams.
- 🛡️ **Built-in Authentication** Basic Auth, JWT, API key. - 🛡️ **Built-in Authentication** Basic Auth, JWT, API key, Forward Auth.
- 🧠 **Header Injection:** Global and per-route header configuration. - 🧠 **Header Injection:** Global and per-route header configuration.
- 🧪 **Health Checks:** Pluggable health check methods for upstreams. - 🧪 **Health Checks:** Pluggable health check methods for upstreams.
- 🛰️ **Remote Config Push:** Lightweight HTTP API to update configs from CI/CD or other systems. - 🛰️ **Remote Config Push:** Lightweight HTTP API to update configs from CI/CD or other systems.
@@ -62,12 +63,20 @@ Built on Rust, on top of **Cloudflares Pingora engine**, **Aralez** delivers
## 📁 File Structure ## 📁 File Structure
``` ```
.
├── autoconfigs # Automatically create directory fo non human managed files
│ ├── acme_credentials.json # Credentials for loggind in to Let's Encrypt server. Automatically generated
│ └── domains.json # Auto generated file, contains list of domains for certificates
├── certificates
│ ├── yourdomain.com.crt
│ ├── yourdomain.com.key
│ ├── otherdomain.com.crt
│ └── otherdomain.com.key
├── conf.d
│ ├── yourdomain.yaml # Split configuration file for yourdomain.com
│ └── otherdomain.yaml # Split configuration file for otherdomain.com
├── main.yaml # Main configuration loaded at startup ├── main.yaml # Main configuration loaded at startup
── upstreams.yaml # Watched config with upstream mappings ── upstreams.yaml # Watched config with upstream mappings
├── etc/
│ ├── server.crt # TLS certificate (required if using TLS)
│ └── key.pem # TLS private key
``` ```
--- ---
@@ -93,7 +102,7 @@ Built on Rust, on top of **Cloudflares Pingora engine**, **Aralez** delivers
| **config_tls_key_file** | etc/key.pem | Private Key file path. Mandatory if proxy_address_tls is set, else optional | | **config_tls_key_file** | etc/key.pem | Private Key file path. Mandatory if proxy_address_tls is set, else optional |
| **proxy_address_http** | 0.0.0.0:6193 | Aralez HTTP bind address | | **proxy_address_http** | 0.0.0.0:6193 | Aralez HTTP bind address |
| **proxy_address_tls** | 0.0.0.0:6194 | Aralez HTTPS bind address (Optional) | | **proxy_address_tls** | 0.0.0.0:6194 | Aralez HTTPS bind address (Optional) |
| **proxy_certificates** | etc/certs/ | The directory containing certificate and key files. In a format {NAME}.crt, {NAME}.key. | | **proxy_configs** | etc/ | The top directory of config files |
| **upstreams_conf** | etc/upstreams.yaml | The location of upstreams file | | **upstreams_conf** | etc/upstreams.yaml | The location of upstreams file |
| **log_level** | info | Log level , possible values : info, warn, error, debug, trace, off | | **log_level** | info | Log level , possible values : info, warn, error, debug, trace, off |
| **hc_method** | HEAD | Healthcheck method (HEAD, GET, POST are supported) UPPERCASE | | **hc_method** | HEAD | Healthcheck method (HEAD, GET, POST are supported) UPPERCASE |
@@ -105,13 +114,13 @@ Built on Rust, on top of **Cloudflares Pingora engine**, **Aralez** delivers
### 🌐 `upstreams.yaml` ### 🌐 `upstreams.yaml`
- `provider`: `file` or `consul` - `provider`: `file`, `consul` or `kubernetes`
- File-based upstreams define: - File-based upstreams define:
- Hostnames and routing paths - Hostnames and routing paths
- Backend servers (load-balanced) - Backend servers (load-balanced)
- Optional request headers, specific to this upstream - Optional request headers, specific to this upstream
- Global headers (e.g., CORS) apply to all proxied responses - Global headers (e.g., CORS) apply to all proxied responses
- Optional authentication (Basic, API Key, JWT) - Optional authentication (Basic, API Key, JWT, Forward)
--- ---