Sienna Meridian Satterwhite
a5810dd8a7
- Make K8s namespace, TLS secret, and config ConfigMap names configurable via [kubernetes] config section (previously hardcoded to "ingress") - Add CSIC 2010 dataset converter and auto-download for scanner training - Unify Dockerfile for local and production builds (remove cross-compile path) - Bake ML models directory into container image - Update CSIC dataset URL to self-hosted mirror (src.sunbeam.pt) - Fix rate_limit pipeline log missing fields - Consolidate docs/README.md into root README.md Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
88 lines
2.2 KiB
TOML
88 lines
2.2 KiB
TOML
[package]
|
|
name = "sunbeam-proxy"
|
|
version = "0.1.0"
|
|
edition = "2021"
|
|
|
|
[lib]
|
|
name = "sunbeam_proxy"
|
|
path = "src/lib.rs"
|
|
|
|
[dependencies]
|
|
# Pingora with rustls backend (pure Rust TLS, no BoringSSL C build)
|
|
pingora = { version = "0.8", features = ["rustls"] }
|
|
pingora-proxy = { version = "0.8", features = ["rustls"] }
|
|
pingora-core = { version = "0.8", features = ["rustls"] }
|
|
pingora-http = "0.8"
|
|
pingora-cache = { version = "0.8", features = ["rustls"] }
|
|
|
|
# HTTP header constants
|
|
http = "1"
|
|
|
|
# Config
|
|
serde = { version = "1", features = ["derive"] }
|
|
toml = "0.8"
|
|
|
|
# Async
|
|
tokio = { version = "1", features = ["full"] }
|
|
futures = "0.3"
|
|
async-trait = "0.1"
|
|
pin-project-lite = "0.2"
|
|
|
|
# Structured logging + OTEL
|
|
tracing = "0.1"
|
|
tracing-subscriber = { version = "0.3", features = ["json", "env-filter"] }
|
|
tracing-opentelemetry = "0.28"
|
|
opentelemetry = { version = "0.27", features = ["trace"] }
|
|
opentelemetry_sdk = { version = "0.27", features = ["rt-tokio"] }
|
|
opentelemetry-otlp = { version = "0.27", features = ["http-proto", "reqwest-client"] }
|
|
serde_json = "1"
|
|
anyhow = "1"
|
|
|
|
# DDoS detection (KNN classifier)
|
|
clap = { version = "4", features = ["derive"] }
|
|
fnntw = "0.4"
|
|
bincode = "1"
|
|
rustc-hash = "2"
|
|
|
|
# Lock-free Arc swapping for hot-reload (scanner model)
|
|
arc-swap = "1"
|
|
|
|
# Reverse DNS for bot IP verification
|
|
dns-lookup = "2"
|
|
|
|
# Prometheus metrics
|
|
prometheus = "0.13"
|
|
|
|
# Request IDs
|
|
uuid = { version = "1", features = ["v4"] }
|
|
|
|
# Static file serving and body rewriting
|
|
bytes = "1"
|
|
regex = "1"
|
|
|
|
# Auth subrequests
|
|
reqwest = { version = "0.12", features = ["rustls-tls", "blocking"], default-features = false }
|
|
|
|
# Rustls crypto provider — must be installed before any TLS init
|
|
rustls = { version = "0.23", features = ["aws-lc-rs"] }
|
|
|
|
# K8s watcher for cert/config hot-reload
|
|
kube = { version = "3", features = ["runtime", "client"] }
|
|
k8s-openapi = { version = "0.27", features = ["v1_35"] }
|
|
libc = "0.2"
|
|
|
|
[dev-dependencies]
|
|
criterion = { version = "0.5", features = ["html_reports"] }
|
|
proptest = "1"
|
|
tempfile = "3"
|
|
|
|
[[bench]]
|
|
name = "scanner_bench"
|
|
harness = false
|
|
|
|
[profile.release]
|
|
opt-level = 3
|
|
lto = true
|
|
codegen-units = 1
|
|
strip = true
|