Hello everyone, I built torii, a reverse proxy written in Go with a dashboarding built in, that lets you see everything that is happening live. I built this because I got sick of parsing access logs into separate tools or setting up Grafana just to see what's hitting my proxy. It just did not make sense that i use the same tools that I use professionaly, the load is not comparable, I needed something smaller, and easier to maintain. So, I built torii, I've built it to be very easy to configure and to give me the ability to easily look at what's happening.
You can configure it through the web UI or throw a YAML file at it, whatever works for you. ACME TLS is baked in, DNS01 only for now (still undecided about HTTP01), automatic renewal, wildcards, picks up new domains from your config automatically. It does the stuff you actually need.
IP filtering with AbuseIPDB or your own lists, configurable Honeypot paths with presets, so anything hitting .git/config gets blocked immediately. User agent blocking for bots and crawlers. Coraza WAF if you want request inspection. Rate limiting. Country blocking.
I've been running it live for about two months now, actively developing against real bot traffic hitting my own internet.
A lot of what went into it came from actually seeing what was happening and thinking, this sucks, I need to fix this. So the whole thing is basically develop againt live traffic. Version 0.6.7.1, actively developed. TCP and UDP proxy support coming soon. Global middleware's are only configurable trough YAML file.
AI involvement:
Backend is ninety percent my own work. I used Claude to review code, debate architecture questions, and generate test cases. I review everything it produces. UI was built with Claude's help, around eighty percent. This is open source and I'm doing it because I enjoy coding, not to offload the work.
Screenshots:
I'd love some feedback if you give it a try
https://github.com/nunoOliveiraqwe/torii
Edit: fix links