npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@lopatnov/conduit

v1.1.2

Published

Production-grade reverse proxy and API gateway built on Cloudflare Pingora. TLS, JWT auth, rate limiting, load balancing, caching, Prometheus metrics, hot reload. One config file, one binary, no runtime dependencies.

Downloads

802

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

lopatnovlopatnov

Keywords

reverse-proxyapi-gatewayproxystatic-file-serverweb-serverdev-serverhttphttpshttp2websockettlsacmeload-balancerload-balancinghot-reloadcorsrate-limitingjwtauthmiddlewarewasmprometheushealth-checkrustpingora

Readme

@lopatnov/conduit

npm version npm downloads License GitHub stars

Production-grade reverse proxy and API gateway — TLS, rate limiting, JWT auth, load balancing, caching, Prometheus metrics. One config file, one binary, zero runtime dependencies.

Built on Cloudflare Pingora — the same engine that routes ~1 trillion requests/day at Cloudflare. Distributed as a native Rust binary via npm for convenience.

Getting Started

No installation needed:

npx @lopatnov/conduit init    # interactive setup wizard
npx @lopatnov/conduit         # start

Install globally — then just type conduit:

npm install -g @lopatnov/conduit
conduit init
conduit

How it works: postinstall downloads the correct pre-built native binary for your platform from GitHub Releases. No compilation. Node.js is only needed for the download — the server itself is a standalone Rust binary with no Node.js dependency at runtime.

Standard vs Full binary

The npm package installs the standard binary (--features standard). It covers the majority of production use cases: TLS, reverse proxying, static files, rate limiting, basic/API-key/JWT auth, the consumer model, ForwardAuth, response caching, auto-TLS (Let's Encrypt), compression, hot-reload, health checks, and Prometheus metrics.

Features that require the full build are not included in the standard npm binary:

| Feature | Requires | How to get it | | ---------------------------- | ------------------ | ---------------------------------------------------------------------- | | Redis rate limiting & caching | --features redis | Download full binary ↗ | | WASM plugin middleware | --features wasm | Download full binary ↗ | | Rhai scripting middleware | --features rhai | Download full binary ↗ | | OpenTelemetry OTLP tracing | --features otlp | Download full binary ↗ | | TCP proxy mode | --features tcp | Download full binary ↗ |

To get all features download conduit-*-full.tar.gz from GitHub Releases, or build from source with cargo install lopatnov-conduit --features full.

Minimal Config

Create conduit.yaml (or conduit.json):

port: 3000
proxy:
  /api: "http://localhost:4000"

Run:

conduit

GET /api/usershttp://localhost:4000/api/users. Done.

Common Recipes

Serve static files

port: 3000
static: ./dist

Reverse proxy to a backend

port: 3000
proxy: "http://localhost:4000"

SPA + API (most common)

port: 3000
static: ./dist
proxy:
  /api: "http://localhost:4000"
fallback:
  status: 200
  file: ./dist/index.html

Dev server with hot reload

port: 3000
logging: dev
hotReload: true
cors: true
static: ./src
proxy:
  /api: "http://localhost:4000"
fallback:
  status: 200
  file: ./src/index.html

Load-balanced backend with health checks

port: 8080
proxy:
  /api:
    targets:
      - "http://api1:4000"
      - "http://api2:4000"
      - "http://api3:4000"
    strategy: least-conn
    healthCheck:
      path: /health
      intervalSecs: 10
    retry:
      attempts: 3
      conditions: [connection_error, "5xx"]

Production HTTPS with manual certificates

port: 443
tls:
  cert: /etc/tls/fullchain.pem
  key: /etc/tls/privkey.pem
  httpRedirectPort: 80
http2: true
securityHeaders: true
compression: true
static: ./dist
proxy:
  /api:
    targets: ["http://api1:4000", "http://api2:4000"]
    strategy: least-conn
    stripPrefix: true
rateLimit:
  windowSecs: 60
  limit: 200
healthCheck: true
metrics:
  path: /__metrics__
  token: "$METRICS_TOKEN"

Multiple sites from one process

global:
  admin:
    bind: "127.0.0.1:2019"

sites:
  - host: app.example.com
    port: 443
    tls:
      cert: "$CERT_PATH"
      key: "$KEY_PATH"
    static: ./dist
    proxy:
      /api: "http://api:4000"

  - host: admin.example.com
    port: 443
    tls:
      cert: "$CERT_PATH"
      key: "$KEY_PATH"
    basicAuth:
      users: { admin: "$ADMIN_PASS" }
      challenge: true
    static: ./admin-ui

CLI Reference

conduit                       start server (reads conduit.yaml / conduit.json)
conduit -c <file>             use a specific config file (.yaml or .json)
conduit --version             print version
conduit --help                show all options

conduit init [--yes]          interactive setup wizard (--yes = non-interactive)
conduit validate              validate config (exit 0 = OK, exit 1 = errors)
conduit probe                 HEAD each upstream, show latency table
conduit fmt [--write]         pretty-print / normalise config

conduit reload   [--admin ADDR]    hot-reload config without restart
conduit status   [--admin ADDR]    show uptime and in-flight requests
conduit status   [--admin ADDR] --upstream   show upstream health table
conduit upstreams [--admin ADDR]   list upstream health and latency
conduit upstreams add    --route PATH --target URL [--weight N] [--site LABEL]
conduit upstreams remove --route PATH --target URL [--site LABEL]
conduit upstreams weight --route PATH --target URL --weight N [--site LABEL]
conduit shutdown [--admin ADDR]    graceful shutdown

conduit completions bash|zsh|fish|power-shell|elvish
conduit man                   generate man page (roff)

Admin commands connect to 127.0.0.1:2019 by default. Override with --admin ADDR or CONDUIT_ADMIN environment variable.

Features

| Feature | Details | | -------------------------- | --------------------------------------------------------------------------------------- | | Reverse proxy | 8 load-balancing strategies; health checks; retry; failover; traffic mirroring | | Static files | ETag, Last-Modified, Range requests, pre-compressed .br/.gz sidecars | | TLS | Manual certificates, HTTP→HTTPS redirect, mTLS client certificates | | Auto-TLS | Let's Encrypt via ACME — automatic issue and renewal | | HTTP/2 | ALPN negotiation, h2c (cleartext), upstream H/2 support | | Compression | gzip + Brotli + Zstd (async, streaming, configurable Content-Type filter) | | WebSocket | Transparent Connection: Upgrade proxying | | Proxy cache | Memory store; stale-while-revalidate; thundering-herd lock; Redis/disk store ¹ | | IP filtering | CIDR allow/deny lists; trust X-Forwarded-For; runtime deny-list via Admin API | | Rate limiting | Token-bucket, per-IP or per-header; burst capacity; Redis-backed for clusters ¹ | | Auth | Basic Auth, API key, JWT (HS256/RS256/ES256 + JWKS), Forward Auth, Consumer model | | CORS | Origin allow-list, credentials mode, preflight | | Security headers | HSTS, CSP, X-Frame-Options, Permissions-Policy, Referrer-Policy, allowedHosts | | Request transforms | Set/remove headers before upstream; inject JWT claims ({{ jwt.sub }}) | | Response transforms | Set/remove headers on upstream response | | Scripting middleware ¹ | Rhai scripts or WASM plugins — request and response phase | | Reliability | Circuit breaker, outlier detection, retry budget, priority load-shedding | | Hot reload | conduit reload — zero-downtime, no dropped connections | | Health check | /__health__ with optional upstream status, latency, ejection state | | Prometheus | /__metrics__ — 11 metrics including per-upstream counters and latency histograms | | OpenTelemetry ¹ | OTLP distributed tracing to Grafana Tempo / Jaeger | | File upload ¹ | multipart/form-data — UUID filenames, MIME allowlist, size limits | | TCP proxy ¹ | Raw TCP passthrough — MySQL, PostgreSQL, Redis, SMTP | | Redirects | Named params (:slug), 301/302/307/308 | | Advanced routing | Glob path + method + header regex + query + cookie predicates | | Virtual hosting | Multiple sites (host matching) from one process | | SPA fallback | Per-Accept-type fallback rules | | Structured logging | dev, combined, json, short, common formats | | YAML config | conduit.yaml / conduit.yml — YAML recommended; JSON also supported | | Kubernetes ¹ | ConduitSite CRD config provider |

¹ Not included in the standard npm binary — requires the full binary.

Supported Platforms

| Platform | Architecture | Standard | Full | | -------- | ---------------------- | :------: | :--: | | Linux | x86-64 (glibc) | ✅ | ✅ | | Linux | x86-64 (musl / Docker) | ✅ | ✅ | | Linux | ARM64 | ✅ | ✅ | | Linux | RISC-V 64 | ✅ | — | | macOS | Intel (x86-64) | ✅ | ✅ | | macOS | Apple Silicon (ARM64) | ✅ | ✅ | | Windows | x86-64 | ✅ | ✅ |

Unsupported platform? Build from source:

cargo install lopatnov-conduit                      # minimal (default = [])
cargo install lopatnov-conduit --features standard  # standard (matches published binaries)
cargo install lopatnov-conduit --features full      # all features

Links

Contributing

Contributions are welcome! Read CONTRIBUTING.md before opening a pull request.

Bug reports → GitHub Issues.
Security vulnerabilities → GitHub Security Advisories.
Found it useful? A ⭐ on GitHub helps others discover the project.

License

Apache 2.0 © 2024–2026 Oleksandr Lopatnov