Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
Savely Krasovsky
@L11R
@jeevatkm can I ask here question about Thumbai?
I cannot reverse proxify it correctly. It works, login page loads, but login button redirects me to https://$host:$port/ instead of just https://$host/
Savely Krasovsky
@L11R
I don't think that such hacks are the solution:
sub_filter '//$host:8083/' '//$host/'; sub_filter_once off;
Jeevanandam M.
@jeevatkm

@L11R Thanks for sharing your concerns. THUMBAI Proxy does not manipulate the request/response body content. I best guess is; targeted application might be producing a HTML content like that.

Your scenario is typical usage, I have many such hosts configured. This is live instance of THUMBAI https://aahframework.org/thumbai/login . Please use credentials as readonly/readonly have a look on proxy configurations.

I'm looking forward to improve THUMBAI, fix any issues. To track this issue, could you please also create an issue here https://github.com/thumbai/thumbai/issues and Kindly check your application end.

Could you use slack channel for thumbai https://gophers.slack.com/messages/CEQJ9EJPR/ :smile:

Savely Krasovsky
@L11R
@jeevatkm maybe you didn't understand me correctly. I didn't even set it up :D
When I go at mydomain.com/thumbai/login page I cannot even login because when I press "Login" button itself, site redirects me at mydomain.com:8080/thumbai/login page. Where I am getting 404 of course.
Jeevanandam M.
@jeevatkm
@L11R Okay, it seems you're running THUMBAI on port 8080. Because for THUMBAI that's the port allocated, so thumbai HTML response come with that https://$host:$port/. Ideally proxy setup are done at entry point, e.g.: port 80 Could you try it on let me know? I hope I got your explanation this time.
Savely Krasovsky
@L11R
@jeevatkm Yeah, you got. I reverse proxify it with Nginx that runs at 80 and 443.
Thumbai runs at localhost:8080
location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://localhost:8080/;
}
So I don't know how to resolve it without using sub_filter nginx module.
Jeevanandam M.
@jeevatkm
@L11R THUMBAI proxy is same nature of nginx. So it replaces any proxy tool in the segment. In your case THUMBAI proxy is one of the application/path route for nginx. Currently I'm not sure how best we can handle via thumbai.conf for scenario "THUMBAI behind another proxy tool". I will think about it. If you have a suggestion, propose it while creating an issue on given URL.
Savely Krasovsky
@L11R
@jeevatkm reverse proxy is popular thing, isn't it? I mean I didn't have infinity IPs at VPS, Nginx allows me to have as many virtual hosts as I want to. I don't see here strange use case, it's pretty popular case for small VPS and large production environments where EVERY external service is reverse proxified.
Jeevanandam M.
@jeevatkm
@L11R You're correct, I know, I'm not denying that fact. I have explained the THUMBAI proxy is similar to other proxy tool (Not up to Nginx capabilities).
Savely Krasovsky
@L11R
@jeevatkm got it. But well, it based at aah, that also could not be reverse proxified such way? (sorry, i didn't use it, so don't know)
As far as I got it, THUMBAI is sort of precompiled hardened aah build with predefined functionality.
Jeevanandam M.
@jeevatkm

@L11R aah framework has NO limitation as such, you could bend it as you want; aah follows industry practices very well. So you will not have any issues.

It just when I developed THUMBAI, I have developed with certain goals in mind. For example: Thumbai core feature is Go Mod repository, Go vanity server. I didn't put much effort on Proxy feature. That's why it has limitation. I have addressed it by user inputs and suggestions.

Savely Krasovsky
@L11R
@jeevatkm Okay, I got you point.
Can I somehow fix it by rebuilding THUMBAI?
sub_filter does not work because of enabled gzip I guess.
Jeevanandam M.
@jeevatkm
Yes, you can. Clone this repo https://github.com/thumbai/thumbai and update it. If you make it generic/configurable way, you could send PR too. We can release it everyone.
Savely Krasovsky
@L11R
@jeevatkm yeah, would be nice. But I need to found out how aah works :D It seems pretty complex to me currently.
Jeevanandam M.
@jeevatkm

In thumbai this file could be your interest I think https://github.com/thumbai/thumbai/blob/master/app/thumbai.go and refer to these two doc page https://docs.aahframework.org/routes-config.html and https://docs.aahframework.org/deployment.html

Running THUMBAI locally have a look configs here at https://github.com/thumbai/thumbai/tree/master/dev-files

Ping me when have any questions.

NOTE: all aah OOTB configurations you could use it with THUMABI easily.
Eduardo Lopes
@eduardoslopes
Hi guys, do you know how can I map a service with a query param to receive an array? Like this: GET /state?point=[-4.969750, -39.018362]
Eduardo Lopes
@eduardoslopes
I tried something like that:
type MyController struct {
    *aah.Context
}

func (a *MyController) MyMethod(point []float64) {

    a.Reply().Ok().JSON(point)
}
Afandy Lamusu
@afandy_gitlab
Hi.. Its me Afandy Nice to meet the community
I would like to implement GraphQL with aah controller. Did any one have it?
aah framework
@aahframework_twitter

@/all Hello aah users -

Thank you for using aah framework.

I want to keep you informed about the upcoming aah directions and goals. Also, I would like to convey my apologies for the unexpected in-activeness that happened in aah development due to my day work priorities and commitments.

I want to bring the following improvements and changes in aah framework direction.

  • Performing foundation level improvements and organizing the modules with Dependency Injection (DI)
  • Optimize, streamline aah code generations for aah user codebase
  • Planning to do frequent releases after v0.14.0 release and engaging with user feedback. I know this is going to be a challenging one, but I'm going to aim for it
  • Make aah further modular and publish aah developer documentations. Encouraging contributors and creating minimal entry path to contribute. It sparked from aah health module contribution by @adrianlop.

I'm going to make v0.13.0 release as soon as possible with currently completed enhancements, catch up few issues and bug fixes.

I am aiming to release v0.14.0 anytime before the end of the year.

I'm looking forward to your support and co-operation.

~ Jeeva

auhlrich
@auhlrich
Is aah framework being used in production? Wich companies uses this framework?
Joel Serrano
@joelsdc
I can tell you 2 companies I know about that successfully use aah framework in production:
One is voice communications operator in Panama: vozelia.com.pa
Another is a mobile communications app in US with worldwide presence: textplus.com
Do you have any specific doubts regarding the framework when it comes to performance or anything?
Tapan Bavaliya
@TBavaliya_twitter
Hello everyone, can help me how to implement database in this framework, any starting reference ?
Jeevanandam M.
@jeevatkm

@TBavaliya_twitter as of now I do not have ready to give CURD example. However this reference bolt NoSQL https://github.com/thumbai/thumbai/blob/master/app/datastore/datastore.go and https://github.com/thumbai/thumbai/blob/master/app/init.go

In general, you will keep a setting for database in the config. Create event function and register in the server events to connect and disconnet database. like above.

Tapan Bavaliya
@TBavaliya_twitter
cool @jeevatkm, do you have anything releated to mysql ?
Jeevanandam M.
@jeevatkm
@TBavaliya_twitter currently I don't have a handy example for mysql. Otherwise, I could have posted it here https://docs.aahframework.org/examples.html
Jeevanandam M.
@jeevatkm
ANN: aah Go web framework v0.12.4 Released! - security fix release. Kindly upgrade it. Thank you.
jaiganeshvazhkudai
@jaiganeshvazhkudai
hi.. found this framework recently and i am a newbie in golang..
i got this error when i ran the first web app
2020-04-15 15:09:35.347 ERROR firstaah read applications/firstaah/config/basic-auth-realm.conf: vfs: mount does not exist
not sure what to do
i am on latest Mac OS release
Jeevanandam M.
@jeevatkm
@jaiganeshvazhkudai Based on error you're missing a basic auth config file.
Refer to doc: https://docs.aahframework.org/v0.12/auth-schemes/basic.html
and example app: https://github.com/go-aah/examples/tree/master/rest-api-basic-auth
adding your config you should be good.
jaiganeshvazhkudai
@jaiganeshvazhkudai

-----------------------------------------------------------------------------

firstaah - Application Security Configuration

#

Refer documentation to explore and customize the configurations.

Doc: https://docs.aahframework.org/security-config.html

-----------------------------------------------------------------------------

security {

-----------------------------------------------------------------------------

Auth Schemes configuration

Doc: https://docs.aahframework.org/authentication.html

-----------------------------------------------------------------------------

auth_schemes {

# -----------------------------------------------------------------------------
# Basic auth scheme
# Choose a unique key name. It gets used as route auth.
#
# Doc: https://docs.aahframework.org/auth-schemes/basic.html
# -----------------------------------------------------------------------------
basic_auth {
  scheme = "basic"
  realm_name = "Protected" 
  file_realm = "applications/firstaah/config/basic-auth-realm.conf"

  # Password encoder
  # Doc: https://docs.aahframework.org/password-encoders.html
  password_encoder = "bcrypt"
} 

}

-----------------------------------------------------------------------------

Password Encoders Configuration

aah supports bcrypt, scrypt, pbkdf2 password algorithm.

#

Doc: https://docs.aahframework.org/password-encoders.html

-----------------------------------------------------------------------------

password_encoder {

bcrypt {
  enable = true
  cost = 12
}  

}

-----------------------------------------------------------------------------

Session configuration

HTTP state management across multiple requests.

#

Doc: https://docs.aahframework.org/security-config.html#section-session

-----------------------------------------------------------------------------

session {
mode = "stateful"
store {
type = "cookie"
}
prefix = "aah_firstaah"
sign_key = "4ec14830062ede4b55e367d7b0208041aa1719804ab6159632f6072ae4b51bfc"
enc_key = "ee87114d2a7d60b96288275310a48637"
}

-----------------------------------------------------------------------------

Anti-CSRF (Cross Site Request Forgery protection)

#

Doc: https://docs.aahframework.org/anti-csrf-protection.html

-----------------------------------------------------------------------------

anti_csrf {
enable = true
sign_key = "225a0e7b54205499ea72be9a27bf67adf7f109367856228095e6e72c2a48afb9"
enc_key = "61b37c436dc0101e76e32fe01502f61e"
}

---------------------------------------------------------------------------

HTTP Secure Header(s)

Application security headers with many safe defaults.

#

Doc: https://docs.aahframework.org/security-config.html#section-http-header

#

Tip: Quick way to verify secure headers - https://securityheaders.io

---------------------------------------------------------------------------

http_header {
enable = true

# X-XSS-Protection
#xxssp = "1; mode=block"

# X-Content-Type-Options
#xcto = "nosniff"

# X-Frame-Options
#xfo = "SAMEORIGIN"

# Referrer-Policy
#rp = "no-referrer-when-downgrade"

# Strict-Transport-Security (STS, aka HSTS)
sts {
  #max_age = "720h"
}

# Content-Security-Policy (CSP)
csp {
  #directives = ""
  report_uri = ""
  report_only = true
}

# Public-Key-Pins PKP (aka HPKP)
pkp {
  # The Base64 encoded Subject Public Key Information (SPKI) fingerprint.
  # These values gets added as `pin-sha256=<key1>; ...`.
  #keys = [
  #"X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg=",
  #"MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec="
  #]

  max_age = "720h"
  report_uri = ""
  report_only = true
}

# X-Permitted-Cross-Domain-Policies
#xpcdp = "master-only"

}
}

@jeevatkm this file is there in the generated files
slong with the realm conf
sorry.. first time gitter user