tide
tide copied to clipboard
http-rs
Production-grade Reverse Proxy
The example created in this PR https://github.com/http-rs/tide/pull/784 looks super interesting!
That PR has a comment:
I think before merging anything like this, the example should have a large and clear warning not to use this in production. There is more to a correct reverse proxy implementation than this example, and it should be a standalone crate. This is a security-sensitive feature
What would it take for Tide to have a production-grade reverse proxy feature built in?
- Which exact "security-sensitive" implications need to be considered and how?
- Which features would be needed to make this "complete" - think e.g. http/2 features, other edge cases?
- What kind of performance characteristics would be required?
- What other things would need to be on a roadmap / created as tasks for this to happen?
- How can people help with this?
I think it would be incredibly valuable to get a good reverse proxy story to Tide. It could become a very serious contender for entirely replacing nginx and apache http server in certain use cases, with configurability & extensibility in Rust. This would be especially suitable in the modern containerized environments, where you do not have long-lived installations that you configure and edit, but rather build containers and replace the deployments. Instead of having to use some configuration DSL, you could just code the logic in Rust directly - with all the great benefits of working with a "real" programming language - and build & deploy the entire application. Imagine having proper tests for your proxy & edge layer logic!
Obligatory disclaimer - if this would feel like something that does not fit the goals of the tide project, feel free to close the issue and direct me elsewhere 😄
But: if this could be something you could see as a project to add to tide, I would love to see this broken down to an actionable plan & tasks, and help contributing 🙇♂️ Thank you!
