haproxy-lua-http icon indicating copy to clipboard operation
haproxy-lua-http copied to clipboard
verified publisher icon haproxytech

Feature Request: Support UNIX sockets

Open markslater opened this issue 4 years ago • 1 comments

The Socket class used for making connections supports connecting to UNIX sockets, by passing an address of e.g. unix@/run/foo. Right now, it's not possible to use this feature through the HTTP library because the library mandates a prefix of http[s], and also always passes a port.

It would be really useful for tighter control of calls to sensitive endpoints to be able to use UNIX sockets. For example in the Let's Encrypt example, it would be preferable for the proxied ACME endpoints to be exposed on UNIX sockets (where they could be restricted by file system permissions), rather than 127.0.0.1 (where any user with access to the host could hit them).

markslater avatar Sep 28 '21 11:09 markslater

did you consider a PR of https://github.com/markslater/haproxy-lua-http/commit/12423fbafeb1afc26c8767f24276a9c0af6aa9bf to get that upstreamed (if accepted)?

Nothing4You avatar Jun 21 '22 12:06 Nothing4You