All Projects
Confidential context: Product buildOpen sourceIn progress

Gatify

A focused software project built around a real workflow.

Repository
Gatify cover screenshot
System Model

How the project is put together

Architecture map

6 layers / 5 directed links

100%

feedsfeedsfeedsfeedsfeeds
  1. 01
    Interface

    Developer-facing gateway configuration and local operations surface.

    Go API / Config files / CLI/dev scripts
  2. 02
    Application

    Request pipeline applies rate limiting, proxying, and traffic logging.

    Middleware pipeline / Reverse proxy / Rate limiter
  3. 03
    Services/API

    Gateway server coordinates rate-limit state and analytics persistence.

    Go HTTP server / Redis / TimescaleDB
  4. 04
    Data

    Sliding-window counters and time-series request analytics.

    Redis / TimescaleDB / PostgreSQL
  5. 05
    Auth/Permissions

    Authentication middleware is part of the roadmap, not the current core gateway.

    Planned API keys / JWT middleware
  6. 06
    Runtime

    Self-hosted local/runtime stack with standardized commands and CI checks.

    Docker Compose / Makefile / GitHub Actions
System summary

From broken workflow to operating system

Input state

A workflow needed clearer structure and better software support.

Shipped state

A shipped system made the workflow easier to operate and maintain.

Problem

The workflow constraint

Commercial API gateways come with vendor lock-in, opaque pricing, and limited customization. Developers need a self-hosted alternative that's easy to deploy, performant, and gives full control over rate limiting rules and analytics.

Outcome

What changed

Core gateway with HTTP reverse proxy
Sliding window rate limiter with Redis
Docker Compose one-command deployment
CI pipeline with GitHub Actions
Decision log

Decisions and trade-offs

Go over Node.js for the gateway

API gateways need raw throughput and low latency at the proxy layer.

Decision: Chose Go for its goroutine concurrency model, low memory footprint, and excellent HTTP performance for proxy workloads.

Trade-off: More verbose than Node.js, but significantly better performance for high-throughput proxy workloads where every microsecond counts.

Sliding window over fixed window rate limiting

Fixed window allows burst traffic at window boundaries.

Decision: Implemented sliding window algorithm in Redis for smooth, accurate rate limiting without boundary bursts.

Trade-off: Slightly more Redis operations per request, but prevents the 2x burst problem at window boundaries that fixed windows allow.

TimescaleDB over plain PostgreSQL for analytics

Analytics data is time-series — need efficient time-range queries and automatic partitioning.

Decision: Used TimescaleDB (PostgreSQL extension) for hypertables with automatic time-based partitioning and compression.

Trade-off: Adds a specialized database dependency, but dramatically improves query performance on time-series analytics data.

Technical teardown

Constraints, architecture, and proof

Go HTTP server with middleware pipeline: Rate Limit Middleware → Reverse Proxy. Redis for distributed rate limiting state (sliding window). TimescaleDB for analytics and traffic logging. Docker Compose orchestrates all services.

Must handle 10K+ requests per second with sub-millisecond overhead
Rate limiting state must be distributed (Redis) for horizontal scaling
One-command deployment with Docker Compose
Zero vendor lock-in — fully self-hosted and open source
Reliability

Deployment, security, and maintenance

CI pipeline with GitHub Actions for linting, testing, and building. Docker Compose for reproducible deployment. Makefile for standardized development commands.

Caveats

Honest edges and next improvements

Authentication middleware and analytics dashboard are planned improvements.
Next

What I would improve next

Build real-time analytics dashboard
Add JWT/API key authentication middleware
Implement circuit breaker pattern
Add WebSocket proxying support