Awesome
Trusted-CGI
Lightweight self-hosted lambda/applications/cgi/serverless-functions engine.
Features:
- No specific requirements: just one binary. Working "as-is"
- One-click new lambda with public link and handler. Available immediately.
- Rich API
- Security: user switch, IP restrictions, Origin restrictions, tokens ....
- Time limits
- Permanent links (aliases)
- Actions - independent instruction that could be run via UI/API on server
- Scheduler: run actions in cron-tab like style
- Queues and retries
- ... etc - see docs
P.S
There is minimal version of trusted-cgi: nano-run. Check it out - it DevOps friendly with configuration-first approach (ie easier to use for infrastructure-as-a-code).
Installation
Since 0.3.3
Linux, Darwin and even Windows OS supported: pre-built binaries could be found in releases
TL;DR;
- for production for debian servers - use
apt.reddec.dev
(see docs) - locally or non-debian server - download binary and run
- for quick tests or for limited production - use docker image (
docker run --rm -p 3434:3434 reddec/trusted-cgi
)
Overview
The process flow is quite straightforward: one light daemon in background listens for requests and launches scripts/apps on demand. An executable shall read standard input (stdin) for request data and write a response to standard output (stdout).
Technically any script/application that can parse STDIN and write something to STDOUT should be capable of the execution.
Trusted-cgi designed keeping in mind that input and output data is quite small and contains structured data (json/xml), however, there are no restrictions on the platform itself.
Key differences with classic CGI:
- Only request body is being piped to scripts input (CGI pipes everything, and application has to parse it by itself - it could be very not trivial and slow (it depends))
- Request headers, form fields, and query params are pre-parsed by the platform and can be passed as an environment variable (see mapping)
- Response headers are pre-defined in manifest
Due to changes, it's possible to make the simplest script with JSON input and output like this:
import sys
import json
request = json.load(sys.stdin) # read and parse request
response = ['hello', 'world'] # do some logic and make response
json.dump(response, sys.stdout) # send it to client
Keep in mind, the platform also adds a growing number of new features - see features.
target audience
It's best (but not limited) for
- for hobby projects
- for experiments
- for projects with a low number of requests: webhooks, scheduled processing, etc..
- for a project working on low-end machines: raspberry pi, cheapest VPS, etc..
However, if your projects have overgrown the platform limitations, it should be quite easy to migrate to any other solutions, because most low-level details are hidden and could be replaced in a few days (basically - just wrap script to HTTP service)
Also, it is possible to scale the platform performance by just launching the same instances of the platform with a shared file system (or docker images) with a balancer in front of it.
Contributing
The platform is quite simple Golang project with Vue + Quasar frontend and should be easy for newcomers. Caveats and tips for backend check here
For UI check sub-repo
Any PR (docs, code, styles, features, ...) will be very helpful!
Please note, that Linux (including WSL2) or Darwin is mainly used for developing, therefore most helper scripts designed for those OS.
Requirements:
- go 1.21 (actual version check in
go.mod
) - python3
- pandoc
- docker
For multiplatform build you may need bintools:
docker run --privileged --rm tonistiigi/binfmt --install all