@cloud-cli/px v4.2.4

PX

Reverse proxy to map local services and external http(s) domains

Usage

Use it with Cloudy

// cloudy.conf.mjs

import proxy from '@cloud-cli/px';

export default { proxy };

API

All proxies have the following properties:

Add a proxy to a local service

cy proxy.add --domain "foo.example.com" --target "http://localhost:1234"

Remove a proxy

cy proxy.remove --domain "foo.example.com"

Get details of a proxy

cy proxy.get --domain "foo.example.com"

List proxies

cy proxy.list

List registered domains

cy proxy.domains

Reload all configurations

cy proxy.reload

Certificate file resolution

certificatesFolder  = '/etc/letsencrypt/live' or process.env.PX_CERTS_FOLDER
rootDomain          = 'example.com' in 'xyz.example.com'
cert                = certificatesFolder + '/' + rootDomain + '/' + certificateFile
key                 = certificatesFolder + '/' + rootDomain + '/' + keyFile

So xyz.example.com points to:

/etc/letsencrypt/live/example.com/fullchain.pem   for certificate
/etc/letsencrypt/live/example.com/privkey.pem     for private key

Notes

CORS handling on proxy level is convenient, but a security risk. Beware:

• All origins are allowed, all common methods and headers, and credentials are enabled.
• In case of an OPTIONS request, if coming via CORS (a preflight), an empty response will be send and the request ends before calling the proxied target.

Every request has additional headers:

• x-forwarded-for: the host of the original request. If a proxy is from 'https://foo.example.com' to 'http://localhost:1234', the header will be 'foo.example.com'
• x-forwarded-proto: 'http' or 'https', depends on the original request
• forwarded: the standard header with the same information as the other two above