For those wondering what this is, I grabbed this from the zip file:
= Cowboy
Cowboy is a small, fast and modern HTTP server for Erlang/OTP.
== Goals
Cowboy aims to provide a complete HTTP stack in a small code base.
It is optimized for low latency and low memory usage, in part
because it uses binary strings.
Cowboy provides routing capabilities, selectively dispatching requests
to handlers written in Erlang.
Because it uses Ranch for managing connections, Cowboy can easily be
embedded in any other application.
* While still online, run `make docs`
* User guide available in `doc/` in PDF and HTML formats
* Function reference man pages available in `doc/man3/` and `doc/man7/`
* Run `make install-docs` to install man pages on your system
* Full documentation in Asciidoc available in `doc/src/`
* Examples available in `examples/`
"Cowboy is a small, fast and modern HTTP server for Erlang/OTP"
It could really use this line on the linked page for people (me) that never heard of Cowboy in the first place. HTTP/2.0 gave me a clue, but plenty of client software that has HTTP/2.0 support too.
After reading about tls 1.2 sessions[s], I wanted to see how easy/hard it would be to a) run tls 1.2 without session tickets, and/or force tls 1.3+ -- the closest I came was:
which isn't all that enlightening to someone not familiar with Erlang. Does anyone know of a "best security practices" particularly for cowboy/opp/erlang and/or elixir?
I'm reminded of how for the longest time ssl was completely broken in python (it wasn't at all obvious how to force verification of certificates - especially for new developers)... And I've grudgingly come to accept that tls/http2 is complex enough that beyond getting to "it works" - even foolproof libraries need a couple of lines of text discussing trade-offs (eg. security vs performance vs ease-of multi-server deployment of session resumption).
Don't worry, heroku can barely manage to deploy docker containers into their specialized stack (try it, it's fun and massively disappointing if you have a worker process). This won't affect your heroku apps because they'll basically never be able to upgrade their routing layer. Evidence: their routing layer is already horrendously broken and has been since 2012.
If you're interested in working with cowboy, we use it extensively at Finix, directly from Erlang as well as through Phoenix from Elixir. My email is cGF0cmljaytobkBmaW5peHBheW1lbnRzLmNvbQ==
Sorry. Not trying to impress anyone. Just a simple filter. I love working with Erlang and want to meet other people who do too. Recruiters usually don't immediately recognize which base it is :)
FYI :) since it is not obvious, this is Elixir server that is used for Phoenix among other things. So, big news. I didn't follow it much but it seems they support http/2 etc.
Small detail but it's an Erlang/OTP application which supports building HTTP, HTTP/2, and web socket services on top of Ranch (a TCP connection management library by the same author). Ranch makes it easy to manage TLS setup as well as connection pool tuning to fit your load profile, keeping latency reliable and low.
Since it's built as an OTP application, it's pretty easy to drop this into any release, including something built using Elixir (commonly via Plug), LFE, Alpaca, and/or plain Erlang.
This always fills me with awe and dread at the same time (technically speaking the "awe" should cover the "dread" part but nobody uses it that way these days).
I'm in awe at the achievement, and combination of vision, drive, knowledge, and skills that the maintainer must possess (or even more inspiring: has built up along the way).
I dread the bus factor[0], or the more common weaker form of "maintainer is forced to move on from this project or just loses interest before someone else takes over and is worked in, and a lot of necessary tacit knowledge[1] is lost in the hand-over".
EDIT: Actually, I'm one to talk, working as the sole programmer at a research group... Given the required optimizations for its niche my code gets pretty hairy. I should plan a few weeks of pure cleanup and extra commenting, and general documentation.
= Cowboy
Cowboy is a small, fast and modern HTTP server for Erlang/OTP.
== Goals
Cowboy aims to provide a complete HTTP stack in a small code base. It is optimized for low latency and low memory usage, in part because it uses binary strings.
Cowboy provides routing capabilities, selectively dispatching requests to handlers written in Erlang.
Because it uses Ranch for managing connections, Cowboy can easily be embedded in any other application.
Cowboy is clean and well tested Erlang code.
== Online documentation
* https://ninenines.eu/docs/en/cowboy/2.0/guide[User guide] * https://ninenines.eu/docs/en/cowboy/2.0/manual[Function reference]
== Offline documentation
* While still online, run `make docs` * User guide available in `doc/` in PDF and HTML formats * Function reference man pages available in `doc/man3/` and `doc/man7/` * Run `make install-docs` to install man pages on your system * Full documentation in Asciidoc available in `doc/src/` * Examples available in `examples/`
== Getting help
* Official IRC Channel: #ninenines on irc.freenode.net * https://github.com/ninenines/cowboy/issues[Issues tracker] * https://ninenines.eu/services[Commercial Support]