Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -48,3 +48,6 @@

# Added by cargo
/target

# Local development SSL certificates (generated by bin/setup)
/dev/ssl/
29 changes: 29 additions & 0 deletions bin/setup
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
#!/usr/bin/env bash

set -Eeuo pipefail

echo "Setting up API Umbrella development environment..."

# Check for mkcert
if command -v mkcert &> /dev/null; then
echo "✅ mkcert found"

mkdir -p dev/ssl
if [ -f dev/ssl/localhost.pem ] && [ -f dev/ssl/localhost-key.pem ]; then
echo "✅ Local SSL certificates already exist (dev/ssl/)"
else
echo "ℹ️ Generating locally-trusted SSL certificates..."
set -x
mkcert -install
mkcert -cert-file dev/ssl/localhost.pem -key-file dev/ssl/localhost-key.pem localhost 127.0.0.1 ::1
{ set +x; } 2>/dev/null
echo "✅ SSL certificates generated"
fi
else
echo "⚠️ mkcert not found — the dev environment will use a self-signed certificate."
echo " Install mkcert for trusted local HTTPS: https://github.com/FiloSottile/mkcert"
echo " Then re-run: ./bin/setup"
fi

echo ""
echo "Setup complete! Run 'docker compose up' to start the development environment."
1 change: 1 addition & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ services:
volumes:
- .:/app
- build_cache:/build
- ./dev/ssl:/ssl:ro
environment:
HTTP_PORT: 8200
HTTPS_PORT: 8201
Expand Down
7 changes: 7 additions & 0 deletions docker/dev/docker-entrypoint
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,13 @@ mkdir -p /etc/api-umbrella
echo " password: dev_password"
echo " migrations:"
echo " password: dev_password"
if [ -f /ssl/localhost.pem ] && [ -f /ssl/localhost-key.pem ]; then
echo "hosts:"
echo " - hostname: \"*\""
echo " default: true"
echo " ssl_cert: /ssl/localhost.pem"
echo " ssl_cert_key: /ssl/localhost-key.pem"
fi
} > /etc/api-umbrella/api-umbrella.yml

mkdir -p /build/.task
Expand Down
83 changes: 81 additions & 2 deletions docs/developer/dev-setup.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,17 +11,96 @@ The easiest way to get started with API Umbrella development is to use [Docker](

After installing Docker, follow these steps:

### Optional: Trusted local HTTPS with mkcert

By default, the development environment uses a self-signed SSL certificate, which requires accepting browser warnings and using `curl -k`. To use a locally-trusted certificate instead:

1. [Install mkcert](https://github.com/FiloSottile/mkcert#installation)
2. Run the setup script:

```sh
$ ./bin/setup
```

This generates trusted certificates in `dev/ssl/` and installs mkcert's root CA in your system trust store. You only need to do this once.

### Start the development environment

```sh
# Get the code and spinup your development VM
$ git clone https://github.com/NREL/api-umbrella.git
$ cd api-umbrella
$ docker-compose up
$ docker compose up
```

Assuming all goes smoothly, you should be able to see the homepage at [https://localhost:8101/](https://localhost:8101/). You will need to need to accept the self-signed SSL certificate for localhost in order to access the development environment.
Assuming all goes smoothly, you should be able to see the homepage at [https://localhost:8201/](https://localhost:8201/). If you ran `./bin/setup` with mkcert, you can access the site directly. Otherwise, you will need to accept the self-signed SSL certificate warning in your browser.

If you're having any difficulties getting the development environment setup, then open an [issue](https://github.com/NREL/api-umbrella/issues).

## Development Data

The development environment automatically seeds some sample data to help you get started quickly.

### Admin Account

The first time you visit the admin interface, you'll need to create an admin account:

1. Go to [https://localhost:8201/admin/](https://localhost:8201/admin/)
2. Accept the self-signed certificate warning in your browser
3. Since no admin accounts exist yet, you'll be automatically redirected to a signup page
4. Fill in the signup form:
- **Email:** Enter any email address (e.g., `admin@example.com`)
- **Password:** Choose a password (minimum 14 characters)
- **Password Confirmation:** Re-enter the password
5. Click **"Sign up"** and you'll be logged in automatically

This first-time signup is only available when no admin accounts exist. Once you've created your admin account, subsequent admins can be added through the admin interface under **"Admins"** in the **"Admin Accounts"** menu.

### Demo API User

A demo API user is created with a known API key for testing:

- **Email:** `demo.developer@example.com`
- **API Key:** `DEMO_KEY_FOR_DEVELOPMENT_ONLY_1234567890`

### Demo API Backend

A sample API backend is created and published that proxies to [httpbin.org](https://httpbin.org), a useful service for testing HTTP requests:

- **Name:** HTTPBin Echo API (Dev)
- **Frontend Path:** `/echo/`
- **Backend:** `https://httpbin.org/`

### Testing the Proxy

You can test the full proxy flow using the demo API key and backend:

```sh
# Test the echo endpoint (returns request details as JSON)
$ curl -k "https://localhost:8201/echo/get?foo=bar" \
-H "X-Api-Key: DEMO_KEY_FOR_DEVELOPMENT_ONLY_1234567890"

# Test POST requests
$ curl -k "https://localhost:8201/echo/post" \
-H "X-Api-Key: DEMO_KEY_FOR_DEVELOPMENT_ONLY_1234567890" \
-H "Content-Type: application/json" \
-d '{"hello": "world"}'
```

The `-k` flag is needed to accept the self-signed SSL certificate (not needed if you used mkcert via `./bin/setup`).

### Sample Analytics Data

The development environment seeds sample API request logs so the analytics graphs have data to display. Approximately 60-150 log entries are created, spread across the past 30 days, simulating requests to the `/echo/` endpoints.

To view the analytics:

1. Log in to the admin interface at [https://localhost:8201/admin/](https://localhost:8201/admin/)
2. Go to **"Analytics"** → **"API Drilldown"** or **"Filter Logs"**
3. Select a date range that includes the past 30 days

The seeded data includes a mix of successful (200) and error (400/500) responses to demonstrate different analytics views.

## Directory Structure

A quick overview of some of the relevant directories for development:
Expand Down
2 changes: 2 additions & 0 deletions src/api-umbrella/proxy/hooks/init_preload_modules.lua
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ require "api-umbrella.utils.matches_hostname"
require "api-umbrella.utils.nillify_json_nulls"
require "api-umbrella.utils.opensearch"
require "api-umbrella.utils.pg_utils"
require "api-umbrella.utils.random_num"
require "api-umbrella.utils.random_seed"
require "api-umbrella.utils.random_token"
require "api-umbrella.utils.redirect_matches_to_https"
Expand All @@ -78,6 +79,7 @@ require "pl.path"
require "pl.stringx"
require "pl.tablex"
require "pl.utils"
require "pgmoon.json"
require "resty.logger.socket"
require "resty.lrucache.pureffi"
require "resty.mlcache"
Expand Down
Loading
Loading