The respectably rugged, remarkably reliable, reconfigurable, round-robin reverse proxy.
Sundry is a caching, dynamically configurable, reverse proxy, written in NodeJS and backed by redis.
- Multiple load balancing modes, including Sticky Sessions, Round robin, and application controlled.
- Balance mode and Cache time configurable per host.
- Dynamically add and remove hosts and backends with 0 downtime.
- Wildcard https, http -> https redirect built in.
- Centralize request logging and error handling without exposing backend errors.
- Programmatically control access to backends in real time.
- Separate CLI app to view and manage hosts and routes.
- Really, Really fast, workload is very nearly 100% Asyncronous (Aside from a couple of ifs and assigments on each request)
- System Daemon, can drop privleges to bind to ports 80 and 443, or use Authbind.
Installation and setup
Redis server (with events enabled)
- Preferably local to the Sundry server, bare minimum on the local network.
- With "gsE" events enabled.
- More Info on Redis keyspace events
NodeJS v.11.0 +
AuthBind for port 80/443 bindings as non root user.
Upstart for running as a system daemon.
$ npm install -g sundry
Sundry relies on several configuration values, all of which can be provided in two ways.
- Enviornment Variables. (Useful for running as a system daemon)
- Values in $HOME/.sundry/config.json
You can generate a skeleton config by running...
$ sundry config build
This will create
Sundry uses some generic files for its default host, 404 and 500 error pages.
You can override any of these by placing the correctly named file in
Add and edit hosts.
You can list, add and remove hosts from any computer that can connect to the Redis database that Sundry is using.
The easiest way is to simply run:
$ sundry -i
This will give you a pretty robust interactive cli which can be used to manage every aspect of the hosts registered with the system. Other config options are available with:
$ sundry -h
From CLI locally
$ sundry start
This will start sundry on your local machine, to take full advantage of its features, you will probably want to be running Dnsmasq on your router.
Add something like this to Dnsmasq 'Additional DNS Options', obviously replacing host and ip with your own.
Now you should be able to point your browser at *.my-computer.internal and sundry will handle the routing from there.
Production (some recent flavor of Ubuntu assumed.)
Create a new system user
$ sudo adduser --disabled-password sundry
Build default config (Optional)
$ sudo su -- sundry $ sundry config build
$ sudo apt-get install authbind $ sudo touch /etc/authbind/byport/80 /etc/authbind/byport/443 $ sudo chown sundry:sundry /etc/authbind/byport/80 /etc/authbind/byport/443 $ sudo chmod 755 /etc/authbind/byport/80 /etc/authbind/byport/443
Create sundry.conf upstart file.
$ sudo touch /etc/init/sundry.conf $ sudo <vi/emacs/nano/ed> /etc/init/sundry.conf # no flame wars here
description "Sundry Dynamic Router" author "PaperElectron" start on (local-filesystems and net-device-up IFACE=eth0) stop on shutdown # Automatically Respawn: respawn respawn limit 5 60 script export HOME=/home/sundry export NODE_ENV=production exec start-stop-daemon --start -u sundry --exec /usr/bin/authbind sundry start end script
Test / Development
Generate a self signed cert.
Browsers will flag this as an insecure certificate.
$ cd ~/.sundry/ssl $ openssl genrsa -out key.pem 2048 $ openssl req -new -key key.pem -out server.csr $ openssl x509 -req -days 365 -in server.csr -signkey key.pem -out cert.pem