menshend

module

v0.1.0 Latest Latest Go to latest Published: Apr 14, 2017 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nebtex/menshend

Links

Open Source Insights

README ¶

menshend 门神

Operating system	Status
Linux
Windows
OSX

Links

⌘ Full feature list
? Docs
⇩ Download
⌧ Docker

Resume

Menshend is an identity-aware reverse proxy (TCP/HTTP) that uses Vault as policy manager. You can use it as replacement for VPNs, firewall rules and to give access programmatically to organization's members, scripts, external users or third party applications.

Menshend was built with the objective of making the secure laboratories creation easy, facilitating the life of DevOps/cloud admin engineers, whom this product is oriented to.

⚠ In order to use it effectively, you already need to know how to install and operate Vault.

It does also come with a beautiful and functional UI which makes it simple to manage the services, login to them from the browser, share secrets, etc.

Brief list of things you can protect or do:

Organization internal applications (in-house or open-source).
Serverless functions.
Connect your applications (PostgreSQL, Redshift, etc.) across different VPCs on AWS, without the need of a VPN, VPC peering, etc.
Secure external APPs for small or medium size sites.
Give secure access to scripts, other machines, third party applications, web-hooks, in-house slack bots.
Deploy to Kubernetes in a controlled and secure way from your CI pipelines (Travis CI, Gitlab, CircleCI, Drone, etc.).
and much more..., its usages are endless because of being a programmable proxy.

See similar software and limitations

Download

Docker

Thanks

Without these projects, menshend would not exist.

Vault, as the central policy manager.
Oxy, the heart of the proxying strategy.
Chisel, we use an adapted version of Chisel to create secured tunnels (port forwarding strategy).
Kubernetes and Swagger, the API and CLI tools are inspired on Kubernetes, and we implemented the API with Swagger.

Contribution

To contribute to this project, see CONTRIBUTING.

RoadMap

At the moment we will be focused on fixing small issues and making the software more stable. Development of major features is froze till we can rewrite the codebase with OmniQL.

Some of the planned features are:

Natively support TLS and ACME.
Add Javascript resolver.
Reduce the hits to Vault.
Distributed cache for the resolvers.
Improve the performance and make it viable for protecting any kind of external or user facing APP.

Licensing

menshend is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.

Directories ¶

Path	Synopsis
cmd
menshend
pkg
apis/client
apis/menshend/v1
config
filters
pfclient
pfclient/chisel/client
pfclient/chisel/server
resolvers
resolvers/cache
strategy
utils
utils/test

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL