studio/proxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
45 Commits 1 Branch 0 Tags
mainline
Commit Graph

4 Commits

Author SHA1 Message Date
Sienna Meridian Satterwhite
e9bac0a8fe chore: remove legacy deps (fnntw, rayon) and unused files 
- Remove fnntw (KNN) and rayon dependencies, no longer needed with
  ensemble architecture
- Update burn features to include wgpu and train backends
- Remove dev.toml, models/.gitkeep, scripts/convert_csic.py, and
  pingora-headless.yaml (superseded by cluster gossip discovery)
- Add .DS_Store to .gitignore

Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
 2026-03-10 23:38:21 +00:00
Sienna Meridian Satterwhite
45f0751e1e feat(bench): add Criterion benchmarks and CSIC 2010 dataset converter 
8 scanner benchmarks covering allowlist fast path (7.6ns), model path
(172-445ns), and feature extraction (248ns). Python converter script
transforms CSIC 2010 raw HTTP dataset into Sunbeam audit-log JSONL
with realistic scanner feature adaptation.

Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
 2026-03-10 23:38:20 +00:00
Sienna Meridian Satterwhite
e16299068f feat: add native dual-stack IPv4/IPv6 support 
This commit implements comprehensive dual-stack support for the proxy,
allowing it to listen on both IPv4 and IPv6 addresses simultaneously.

Key changes:
- Added new dual_stack.rs module with DualStackTcpListener implementation
- Updated SSH module to use dual-stack listener
- Updated configuration documentation to reflect IPv6 support
- Added comprehensive tests for dual-stack functionality

The implementation is inspired by tokio_dual_stack but implemented
natively without external dependencies. It provides fair connection
distribution between IPv4 and IPv6 clients while maintaining full
backward compatibility with existing IPv4-only configurations.

Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
 2026-03-10 23:38:19 +00:00
Sienna Meridian Satterwhite
6ec0f78a5b feat: initial sunbeam-proxy implementation 
Custom Pingora-based edge proxy for the Sunbeam infrastructure stack.

- HTTPS termination: mkcert file-based (local dev) or rustls-acme ACME (production)
- Host-prefix routing with path-based sub-routing (auth virtual host)
- HTTP→HTTPS redirect, WebSocket passthrough
- cert-manager HTTP-01 challenge routing via Kubernetes Ingress watcher
- TLS cert auto-reload via K8s Secret watcher
- JSON structured audit logging (tracing-subscriber)
- OpenTelemetry OTLP stub (disabled by default)
- Multi-stage Dockerfile: musl static binary on chainguard/static distroless image

Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
 2026-03-10 23:38:19 +00:00