@wjsc/remote-config-client
Advanced tools
Externalized config server with built-in encryption for microservices architecture
Externalized config server with built-in encryption for microservices architecture
Architecture:
The remote-config server stores remote-configs with this structure:
Every remote-config stored has client side encryption with asymetric keys.
value is encrypted with public key and it's only accesible by the remote-config owner
docker run --name remote-config-db-redis -p6379:6379 -d redis
cd ./server
docker build -t remote-config-server:1.0 .
docker run -p3000:3000 \
-e STORAGE=redis \
-e DATABASE_HOST=host.docker.internal \
-e DATABASE_PORT=6379 \
-e HOST=0.0.0.0 \
-e PORT=3000 \
-v $PWD/certs:/home/node/certs/ \
-e CA_CERT_PATH=/home/node/certs/ca.crt \
-e KEY_PATH=/home/node/certs/server.key \
-e CERT_PATH=/home/node/certs/server.crt \
--name remote-config-server-redis \
-d remote-config-server:1.0
cd ./client/cli
npm i
cd ./client/cli
node set_config.js -r certs/client.key -l certs/client.crt -a certs/ca.crt -n ns1 -k key1 -v value1 -h 127.0.0.1:3000
// output: { namespace: 'ns1', key: 'key1', value: 'value1' }
node get_config.js -r certs/client.key -l certs/client.crt -a certs/ca.crt -n ns1 -k key1 -h 127.0.0.1:3000
// output: { namespace: 'ns1', key: 'key1', value: 'value1' }
cd ./client/cli
node set_config.js -r certs/client.key -l certs/client.crt -a certs/ca.crt -n ns2 -k key2 -v value2 -h 127.0.0.1:3000 -x
// output: { namespace: 'ns2', key: 'key2', value: 'value2' }
node get_config.js -r certs/client.key -l certs/client.crt -a certs/ca.crt -n ns2 -k key2 -h 127.0.0.1:3000 -x
// output: { namespace: 'ns2', key: 'key2', value: 'value2' }
node get_config.js --help
Usage: get_config [options]
Options:
-x, --share Do not decrypt value
-r, --private <path> Private key path
-p, --passphrase <path> Passphrase
-n, --namespace <namespace> Config namespace
-k, --key <key> Config key
-h, --host <value> Remote config server ip:port
--help display help for command
node set_config.js --help
Usage: set_config [options]
Options:
-x, --share Do not encrypt value
-u, --public <path> Public key path
-n, --namespace <namespace> Config namespace
-k, --key <key> Config key
-v, --value <value> Config value
-h, --host <value> Remote config server ip:port
--help display help for command
cd ./server
docker build -t remote-config-server:1.0 .
docker run -p3000:3000 \
-e STORAGE=filesystem \
-v $PWD/data:/home/node/.storage \
-e HOST=0.0.0.0 \
-e PORT=3000 \
--name remote-config-server-fs \
-v $PWD/certs:/home/node/certs/ \
-e CA_CERT_PATH=/home/node/certs/ca.crt \
-e KEY_PATH=/home/node/certs/server.key \
-e CERT_PATH=/home/node/certs/server.crt \
-d remote-config-server:1.0
docker run --name remote-config-db-mongodb -p27017:27017 -d mongo
cd ./server
docker build -t remote-config-server:1.0 .
docker run -p3000:3000 \
-e STORAGE=mongodb \
-e DATABASE_HOST=host.docker.internal \
-e DATABASE_PORT=27017 \
-e DATABASE_NAME=remote-config-storage \
-e DATABASE_COLLECTION=remote-config-collection \
-e HOST=0.0.0.0 \
-e PORT=3000 \
-v $PWD/certs:/home/node/certs/ \
-e CA_CERT_PATH=/home/node/certs/ca.crt \
-e KEY_PATH=/home/node/certs/server.key \
-e CERT_PATH=/home/node/certs/server.crt \
--name remote-config-server-mongodb \
-d remote-config-server:1.0
STORAGE: Storage engine. Redis OR mongodb OR filesystem
DATABASE_HOST: Database connection endpoint
DATABASE_PORT: Database connection port
DATABASE_NAME: Database name
DATABASE_COLLECTION: Optional. Only when using mongodb as storage engine.
HOST: Server binding IP
PORT: Server binding port
CA_CERT_PATH: Optional. Certificate authority certificate path for SSL/TLS authentication. This file must be mounted.
KEY_PATH: Optional. Server private key path for SSL/TLS authentication. This file must be mounted.
CERT_PATH: Optional. Server certificate path for SSL/TLS authentication. This file must be mounted.
/// If CA_CERT_PATH, KEY_PATH & CERT_PATH are not defined, the server can run in insecure mode
FAQs
Externalized config server with built-in encryption for microservices architecture: https://microservices.io/patterns/externalized-configuration.html
The npm package @wjsc/remote-config-client receives a total of 3 weekly downloads. As such, @wjsc/remote-config-client popularity was classified as not popular.
We found that @wjsc/remote-config-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.