gate-keeper is simple anti-bruteforce service with gRPC API
+----------+ +-------------+ +---------+
| | | | reset ip/login | |
| Some | ip+login+hash(pass) req | +<--------------------+ |
Auth Req | Auth +--------------------------->+ | CIDR black list | |
+--------->+ Service | | Gate-Keeper +<--------------------+ gkcli |
| +<---------------------------+ | CIDR white list | |
<----------+ | ok/nok resp | +<--------------------+ |
ok/nok | | | | | |
+----------+ +-------------+ +---------+
make buildproduces gk and gkcli in ./bin directory
gk is service
gkcli is cli command able to:
- check if ip/login/pass banned or not
- add IP CIDR to white/black list
- reset tries counters for particular IP/Logins
- exec simple benchmark against service
VETing/linting/errchecking:
make check-allmake testbuilds docker container:
make build-containerto build and run latest version in docker:
docker-compose up -dto run binaries natively:
make runto do unit benchmark core:
make benchto do e2e benchmark gkcli simple-bench inside docker container:
make docker-bench- make white/black lists persitent somewhere (DB? file?)
- add option to move all state to external DB (Redis)
- add multicore/multi-instance benchmarks
- send notifications to Kafka topics
- add prometheus-style metrics
- move containers to Github registry