at_secondary_proxy acts as a TCP reverse proxy for connections from clients to secondary servers, where the clients are limited in the ports they can connect to - for example if they are behind a firewall which limits the ports that outgoing connections can connect to using an allow-list or block-list or both
- Configuration
- The 'certs' subdirectory here contains certs for 'vip.ve.atsign.zone' This will allow you to run the proxy on your local machine, serving up SecureSockets for 'vip.ve.atsign.zone'
- You need an entry like this in your local machine's 'hosts' file:
127.0.0.1 vip.ve.atsign.zone
- Execution
bin/main.dart <domain of the atRoot server> <port for this atsign to listen on>- e.g. if running on your local machine, proxying to AtSign's production root server at root.atsign.org, and listening locally on port 8443
bin/main.dart root.atsign.org 8443
- Connecting from an AtClient
- The AtClient libraries allow you to set rootDomain and rootPort. Usually these are left at
the default values of
root.atsign.organd64respectively. - By convention, if you set rootDomain to
proxy:<proxy domain>, then when your client looks up the address of an atSign's remote secondary, then rather than getting the actual secondary address, it will receive<proxy domain>:<rootPort>instead - So ... if for example you are running the proxy locally as outlined above, then you will need
to set rootDomain and rootPort in your client code to
proxy:vip.ve.atsign.zoneand8443respectively. - As of July 23, this convention is honoured by both the Dart and Java atClient SDKs
- The AtClient libraries allow you to set rootDomain and rootPort. Usually these are left at
the default values of
All of our software is open with intent. We welcome contributions - we want pull requests, and we want to hear about issues. See also CONTRIBUTING.md
- Updated README
- Initial version of at_secondary_proxy