Node-red on docker-compose with Kong gateway

General
4

Did you manage to configure Kong Gateway ?
I've been experimenting with it also a few months ago.

Im sharing my docker-compose file and Kong config .yml file (db-less).
Most of the Kong plugins are disabled and are just there for testing based on this Tutorial

docker-compose.yml

version: '3.3'


services:
  kong:
    image: kong
    volumes:
      - "./config:/usr/local/kong/declarative"

    environment:
      - KONG_DATABASE=off
      - KONG_DECLARATIVE_CONFIG=/usr/local/kong/declarative/kong.yml
      - KONG_PROXY_ACCESS_LOG=/dev/stdout
      - KONG_ADMIN_ACCESS_LOG=/dev/stdout
      - KONG_PROXY_ERROR_LOG=/dev/stderr
      - KONG_ADMIN_ERROR_LOG=/dev/stderr
      - KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl
      - KONG_LOG_LEVEL=debug
      - KONG_PLUGINS=bundled

    ports:
      - "8000:8000/tcp"
      - "127.0.0.1:7990:8001/tcp"
      - "8001:8001/tcp"
      - "8443:8443/tcp"
      - "127.0.0.1:8444:8444/tcp"

kong.yml (in ./config folder)

_format_version: "2.1"

services:

- name: nodered-server
  url: https://192.168.0.7:1880
  routes:
  - name: nodered
    paths:
    - /

consumers:
- username: user

basicauth_credentials:
- consumer: user
  username: Aladdin
  password: OpenSesame

keyauth_credentials:
- consumer: user
  key: abc


acls:
- consumer: user
  group: group1


plugins:

- name: request-size-limiting
  config: 
    allowed_payload_size: 1
    size_unit: kilobytes
    require_content_length: false
  enabled: false


- name: request-termination
  config: 
    status_code: 403
#    message: So long and thanks for all the fish!
    body: "{a:b}"
    content_type: "application/json; charset=utf-8"
    trigger: "q"
  enabled: false


- name: acl
  config: 
    allow:
    - group1
    hide_groups_header: true
  enabled: false


- name: basic-auth
  config: 
    hide_credentials: true
  enabled: false


- name: key-auth
  config: 
    key_names:
    - apikey
    key_in_body: false
    key_in_header: true
    key_in_query: true
    hide_credentials: false
    run_on_preflight: true
  enabled: false


- name: proxy-cache
  config: 
    response_code:
    - 200
    request_method:
    - GET
    - HEAD
    content_type:
    - text/plain
    - application/json
    - application/json; charset=utf-8
    cache_ttl: 300
    strategy: memory
  enabled: false


- name: bot-detection
  config:
    deny:
    - "(C|c)hrome"
    - "curl"
  enabled: false


- name: cors
  config:
    origins:
    - '*'
    methods:
    - GET
    - POST
    headers:
    - Accept
    - Accept-Version
    - Content-Length
    - Content-MD5
    - Content-Type
    - Date
    - X-Auth-Token
    - Authorization

    exposed_headers:
    - X-Auth-Token
    credentials: true
    max_age: 3600
    preflight_continue: false


- name: rate-limiting
  config: 
#    second: 5
    hour: 100
    policy: local
    fault_tolerant: true
    hide_client_headers: false
    redis_ssl: false
    redis_ssl_verify: false
# comment these if you don't want to store rate limiting data in redis
#    policy: redis
#    redis_host: 172.27.59.36
#    redis_password: example
  enabled: false


- name: ip-restriction
  config: 
    deny:
    - 172.28.64.0/24
    status: 401
    message: cannot grant access