Introduction to Awacs: Security & Privacy focused user behavior analysis server

About Socketkit

We at Socketkit believe that privacy and security is a fundamental human right, and wanted to develop a set of products around the idea of creating valuable insights for mobile application developers and companies without compromising privacy and security. With this idea in mind, I would like to introduce our first open-sourcely available microservice framework Awacs

Introduction to Awacs

Next-gen behavior analysis server (think Mixpanel, Google Analytics) with built-in encryption supporting HTTP2 and gRPC. Node.js, headless, API-only, horizontally scaleable.

Installation

We support Docker, Kubernetes, and Helm out of the box.

Security

We take security seriously in Awacs. We believe that security & privacy is a human right, and should be done properly.

Authorization

Every active application in Awacs has a unique authorization token to tell the server where the information belongs to. This token is sent using the x-socketkit-key HTTP header. It's recommended to have an SSL certificate in between the client and server to make it harder for an attacker to read the application authorization token.

Request Signing

It's required that every request sent to Awacs public API should be signed with ed25519 on the client side. This digital signature algorithm enables us that the information did not get manipulated in the transit between client and server. Signed payload is sent through the x-signature HTTP header.

High Availability

We have a solid health check mechanism which allows us to have the perfect horizontally scaleable infrastracture. Additionally, we support Prometheus and OpenTelemetry out of the box.

SDKs

We have a variety of SDKs for Awacs and additionally support OpenAPI auto-generated SDKs.

  • JavaScript: Available on Github.
  • Swift: Available on Github [WIP]

Deploy using Docker Compose

Create a file named docker-compose.yaml and copy the following code inside:

version: '3.9'

services:
  awacs:
    image: socketkit/awacs
    restart: always
    environment:
      NODE_ENV: 'production'
      PGDATABASE: 'awacs'
      PGUSER: 'awacs-worker'
      PGPASSWORD: 'MYSUPERSECRETKEY'
      PGHOST: 'postgresql'
    ports:
      - "3002:3002"
      - "4001:4001"
    depends_on:
      - postgresql

  postgresql:
    image: postgres
    restart: always
    environment:
      POSTGRES_DB: awacs
      POSTGRES_USER: awacs-worker
      POSTGRES_PASSWORD: MYSUPERSECRETKEY
    volumes:
      - ./postgresql/data:/var/lib/postgresql/data
    ports:
      - "5432:5432"

Run the following command in the same directory of the docker-compose file.

docker compose up

24

Categories:

Javascript

Tags:

JavascriptPrivacyGrpcOpensource