/j8a

j8a [ dʒʌbbʌ ] is a modern TLS 1.3 reverse proxy server designed as a lightweight API gateway for REST APIs.

Primary LanguageGoApache License 2.0Apache-2.0

Circleci Builds Dependabot Github Issues Github Activity
Go Report CodeClimate Maintainability CodeClimate Test Coverage SSLLabs Rating Go Version License Docker Pulls Version

CVEs

🛡️ J8a has zero reported CVEs as of 04/12/2023. If you are a security researcher, the project team would like to hear from you.

What's new?

v1.1.1 (04/12/2023)

  • Update to Go 1.21
  • Fixed a bug where IPV6 addresses as host names weren't logged correctly.
  • docker distribution now includes multi-arch amd64 and arm64 images.
  • Bumped several dependency versions

v1.1.0 (24/06/2023)

  • improved error handling for failed upstream requests.
  • added new internal status management for server bootstrap and shutdown behaviour.
  • bumped several dependencies
  • now validating port ranges for http and tls ports downstream during bootstrap
  • fixed a bug where acceptableSkewSeconds was incorrectly loaded from config files

v1.0.1 (26/05/2023)

  • can now validate config & files with cli option -o
  • added cli flags -h for usage and -v for version

v1.0.0 (07/05/2023)

  • support for virtual host based routing inc subdomains.
  • timeZone and logLevel are now options in config.yml as opposed to env variables.
  • re-introduced support for HTTP PATCH method.
  • OPTIONS requests to '*' now list legal server HTTP methods
  • update to go 1.20, and multiple dependency updates

What is j8a?

j8a [ dʒʌbbʌ ] is a modern TLS 1.3 reverse proxy server designed as a lightweight API gateway for REST APIs.

Features

  • Fast! 5k POST req/s traffic.
  • Secure. TLS1.2, TLS/1.3 termination w/ A+ SSLLabs rating.
  • Zero downtime. Auto-renew certs using ACME RFC 8555.
  • Observable. API request tracing w/ correlation ID for upstream microservices.
  • APM. CPU, memory logging built-in. Daily TLS health and validity check for your full certificate chain.
  • JWT token validation with full JWK(S) support for RFC 7519.
  • HTTP/1.1 and HTTP/2 support w/ upstream <> downstream protocol translation.
  • Websocket Support for RFC 6455
  • Docker native

Up and running

Docker

docker pull simonmittag/j8a &&
  docker run -e J8ACFG_YML -p443:443 simonmittag/j8a

Homebrew

brew tap simonmittag/cli && 
  brew install j8a && 
  j8a

Golang

go install github.com/simonmittag/j8a/cmd/j8a@latest &&
  j8a

Usage

J8a runs from the cli. The process will attempt to load its configuration from the environment variable J8ACFG_YML, a specified config file, or the default config file j8acfg.yml (in that order). You can validate the config using the -o flag without actually starting the server, which is useful for ci/cd pipelines. In validate mode, the process successfully exits with 0, or -1 in case of failure.

Commandline Options

λ j8a -h
j8a[v1.0.1] Goodde da lodia!
Usage: j8a [-c] [-o] | [-v] | [-h]
  -c string
        config file location (default "j8acfg.yml").
  -h    print usage instructions.
  -o    validate config file, then exit.
  -v    print version.

Examples

Validate Server Configuration supplied as myconfig.yml

λ j8a -c myconfig.yml -o
6:25PM INF hostName determined hostName=MacBook-Pro-16.local
6:25PM INF version determined version=v1.0.1
6:25PM INF srvID determined srvID=c91cda8c
...

Start Server With Configuration supplied as myconfig.yml

λ j8a -c myconfig.yml 
6:25PM INF hostName determined hostName=MacBook-Pro-16.local
6:25PM INF version determined version=v1.0.1
6:25PM INF srvID determined srvID=c91cda8c
...

Start Server With Configuration supplied via J8ACFG_YML

J8ACFG_YML="---
            connection:
              downstream:
                http:
                  port: 80
            routes:
              - path: "/todos"
                resource: jsonplaceholder
            resources:
              jsonplaceholder:
                - url:
                    scheme: https
                    host: jsonplaceholder.typicode.com
                    port: 443" j8a

Contributions

The j8a team is looking for and welcomes all contributors. Everyone interacting with the project's codebase, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct

Release Cycle

  • Now that 1.0 is reached, we usually release 3/4 minor versions per year.
  • Bug-fixes (e.g. 1.0.1, 1.0.2) are released as needed (no additional features are delivered in those versions, bug-fixes only).
  • Each version is supported until the next one is released (e.g. 1.1.x will be supported until 1.2.0 is out).

We use Semantic Versioning.