Update README to include check information and code quality
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
This commit is contained in:
parent
43205337c1
commit
4d7c836810
24
README.md
24
README.md
|
@ -6,6 +6,7 @@ This repository contains a redirect service for Armbian downloads, apt, etc.
|
||||||
It uses multiple current technologies and best practices, including:
|
It uses multiple current technologies and best practices, including:
|
||||||
|
|
||||||
- Go 1.19
|
- Go 1.19
|
||||||
|
- Ginkgo v2 and Gomega testing framework
|
||||||
- GeoIP + Distance routing
|
- GeoIP + Distance routing
|
||||||
- Server weighting, pooling (top x servers are served instead of a single one)
|
- Server weighting, pooling (top x servers are served instead of a single one)
|
||||||
- Health checks (HTTP, TLS)
|
- Health checks (HTTP, TLS)
|
||||||
|
@ -13,9 +14,28 @@ It uses multiple current technologies and best practices, including:
|
||||||
Code Quality
|
Code Quality
|
||||||
------------
|
------------
|
||||||
|
|
||||||
The code quality isn't the greatest/top tier. All code lives in the "main" package and should be moved at some point.
|
The code quality isn't the greatest/top tier. Work is being done towards cleaning it up and standardizing it, writing tests, etc.
|
||||||
|
|
||||||
Regardless, it is meant to be simple and easy to understand.
|
All contributions are welcome, see the `check_test.go` file for example tests.
|
||||||
|
|
||||||
|
Checks
|
||||||
|
------
|
||||||
|
|
||||||
|
The supported checks are HTTP and TLS.
|
||||||
|
|
||||||
|
### HTTP
|
||||||
|
|
||||||
|
Verifies server accessibility via HTTP. If the server returns a forced redirect to an `https://` url, it is considered to be https-only.
|
||||||
|
|
||||||
|
If the server responds on the `https` url with a forced `http` redirect, it will be marked down due to misconfiguration. Requests should never downgrade.
|
||||||
|
|
||||||
|
### TLS
|
||||||
|
|
||||||
|
Certificate checking to ensure no servers are used which have invalid/expired certificates. This check is written to use the Mozilla ca certificate list, loaded on start/config load, to verify roots.
|
||||||
|
|
||||||
|
OS certificate trusts WERE being used to do this, however some issues with the date validation (which could be user error) caused the move to the ca bundle, which could be considered more usable.
|
||||||
|
|
||||||
|
Note: This downloads from github every startup/reload. This should be a reliable process, as long as Mozilla doesn't deprecate their repo. Their HG URL is super slow.
|
||||||
|
|
||||||
Configuration
|
Configuration
|
||||||
-------------
|
-------------
|
||||||
|
|
Loading…
Reference in New Issue