A cloud-native GraphQL-powered gateway service for the infrastructure of the future!
aqueduct is a scalable service for bundling, monitoring and securing GraphQL services by utilizing remote schema-stitching, functioning as a gateway. While it's admittedly minimal currently, aqueduct will get integrations for logging, metrics and more in the near future, to be used in large, distributed setups.
Warning: As this is a Node.js-based application, consider setting
production to be sure all security & performance-relevant options are enabled!
Generally speaking, you are able to deploy aqueduct in almost every setup you can imagine, whether it's through Docker Compose, Kubernetes or just bare-metal. In any scenario, you'd start by pulling the official Docker image from Docker Hub (
docker pull brunoscheufler/aqueduct:latest).
Whichever way you deploy aqueduct, the yaml-based configuration is pretty straightforward and can be set using a simple config file mount to the container's config path (defaults to
/config/aqueduct.yaml, can be changed using the
AQUEDUCT_CONFIG_PATH environment variable).
# Put your endpoints to be schema-stitched below endpoints: - cms: endpoint: https://api.graphcms.com/simple/v1/swapi passHeaders: - authorization
All options below are used to configure aqueduct on a service level. If you want more fine-grained options for each endpoint, scroll down to the endpoint configuration. Available aqueduct options are
|endpoints||EndpointMap||true||n/a||An object of endpoints to stitch||n/a|
||aqueduct GraphQL endpoint path||
|launchDelay||number||false||n/a||if set, aqueduct will wait the specified amount of ms||
|jwtSecret||string||false||n/a||if set, aqueduct will verify Authorization headers for a valid JWT (warning: this can interfere with endpoints)||
|enablePlayground||boolean||false||n/a||if set, the default graphql-playground site will be available on the aqueduct endpoint, regardless of the environment||
|helmet||object||false||n/a||if set, the object will be used to configure the Helmet middleware||n/a|
|disablePreflightRequests||boolean||false||n/a||if set, CORS preflight requests will be blocked||
||if set, these options will be used to configure the CORS middleware for preflight requests||n/a|
|engineApiKey||string||false||n/a||if set, this key will be used to report metrics to Apollo Engine||
||if set, these options will be used to configure the CORS middleware||n/a|
|retrySchemaStitchOnError||boolean||false||n/a||if set, aqueduct will attempt to retry introspecting the endpoint after a failure||n/a|
|retryTimeout||number||false||n/a||number of ms to wait before attempting to retry||n/a|
|retryAttempts||number||false||5||number of attempts to try before failing||n/a|
Endpoints are configured in a Map with the key acting as the endpoint name and endpoint-specific configuration options added in the value object. Available options are
|endpoint||string||true||n/a||The GraphQL service endpoint URL you want to stitch|
|passHeaders||string||false||n/a||Headers from the original request to reuse for future requests to this service|
|retrySchemaStitchOnError||boolean||false||n/a||Same as in aqueduct config|
|retryTimeout||number||false||n/a||Same as in aqueduct config|
|retryAttempts||number||false||n/a||Same as in aqueduct config|
Note: Headers are only passed in the user requests, not for introspection use. If your target service requires authentication for introspecting the schema, this won't work unfortunately