1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
es-public-proxy(1) "es-public-proxy Manual Page"
# NAME
es-public-proxy - simple read-only HTTP reverse-proxy for exposing an Elasticsearch node to the public internet
# SYNOPSIS
es-public-proxy --config CONFIGFILE
# DESCRIPTION
es-public-proxy is intended to be a simple and reliable alternative for the
use case of exposing popular search queries on specific indices to the public
web. HTTP requests are parsed and filtered in a safe, compiled language (Rust),
then only safe queries are re-serialized and forwarded to the backend search
instance listening on a different port.
# OPTIONS
Argument processing is crude; only one option can be specified at a time.
*-h, --help*
Prints help information
*-V, --version*
Prints version information
*--config <file>* [env: ES_PUBLIC_PROXY_CONFIG_PATH]
Supply path to configuration file (TOML), which is effectively required for operation
*--example-config*
An annotated config file (TOML) will be printed to standard out.
## CONFIGURATION
In all cases you will want to explicitly enumerate all of the indices to have
public access. There is an `unsafe_all_indices` intended for prototyping, but
this may allow access to additional non-index API endpoints.
One simple deployment pattern is to put nginx, es-public-proxy, and
elasticsearch all on the same server. In this configuration, nginx would
listen on all network interfaces on ports 80 and 443, and handle SSL upgrade
redirects from 80 to 443, as well as add transport compression, restrict client
body payload limits, etc. es-public-proxy would listen on localhost port
9292, and connect back to elasticsearch on localhost port 9200.
## LIMITATIONS
Not all of the elasticsearch API has been implemented yet. In general, this
service is likely to be more strict in parsing and corner-cases. For example:
- URL query parameters like `?human` must be expanded into a boolean like `?human=true`
- Some cases where elasticsearch will allow short-cutting a full object into a string, this proxy requires the full object format
- index patterns in configuration are not supported
# EXAMPLES
Some examples of usage will go here.
es-public-proxy --example-config > example.toml
es-public-proxy --config example.toml
|
