Doorman API Gateway

A lightweight, Python-based API gateway for managing REST, SOAP, GraphQL, gRPC, and AI APIs. No low-level language expertise required.

Key Features

• Multi-Protocol Support: REST, SOAP, GraphQL, gRPC, and AI APIs
• Security: User management, authentication, authorization, roles & groups
• Traffic Control: Rate limiting, throttling, dynamic routing, credits
• Caching & Storage: Redis caching, MongoDB integration, or in memory
• Validation: Request payload validation and logging

Quick Start

Prerequisites

• Docker installed
• Environment file (.env) at repo root (use ./.env.example as template)

Run with Docker

# Build the image
docker build -t doorman:latest .

# Prepare env (first time)
cp .env.example .env
# Edit .env and set at least: DOORMAN_ADMIN_EMAIL, DOORMAN_ADMIN_PASSWORD, JWT_SECRET_KEY
# The example defaults backend PORT to 3001 to match the image.

# Run the container (backend:3001, web:3000)
docker run --rm --name doorman \
  -p 3001:3001 -p 3000:3000 \
  --env-file .env \
  doorman:latest

Access Points:

• Backend API: http://localhost:3001
• Web Client: http://localhost:3000

Run in Background

# Start detached
docker run -d --name doorman \
  -p 3001:3001 -p 3000:3000 \
  --env-file .env \
  doorman:latest

# View logs
docker logs -f doorman

# Stop container
docker stop doorman

Configuration

Required Environment Variables

• DOORMAN_ADMIN_EMAIL: Admin user email
• DOORMAN_ADMIN_PASSWORD: Admin password
• JWT_SECRET_KEY: Secret key for JWT tokens (32+ chars)

High Availability Setup

For production/HA environments:

• Set MEM_OR_EXTERNAL=REDIS
• Configure Redis connection details in .env
• Use MongoDB replica set for persistence (MONGO_DB_HOSTS, MONGO_REPLICA_SET_NAME)

Custom Ports

# Change web client port
docker run --rm --name doorman \
  -p 3001:3001 -p 3002:3002 \
  -e WEB_PORT=3002 \
  --env-file .env \
  doorman:latest

Alternative: Mount Environment Folder

# Create env folder with config files
mkdir -p env

# Run with mounted env folder
docker run --rm --name doorman \
  -p 3001:3001 -p 3000:3000 \
  -v "$(pwd)/env:/env:ro" \
  doorman:latest

Testing

Testing Against Docker

When testing from your host machine against Doorman running in Docker:

# Verbose output
make live-docker

# Quiet output
make liveq-docker

# Manual environment variable
DOORMAN_IN_DOCKER=1 make live

This configures test servers to use host.docker.internal (Mac/Windows) or 172.17.0.1 (Linux).

Documentation

• User docs live in user-docs/ with:
  • 01-getting-started.md for setup and first API
  • 02-configuration.md for environment variables
  • 03-security.md for hardening
  • 04-api-workflows.md for end-to-end examples
  • 05-operations.md for production ops and runbooks
  • 06-tools.md for diagnostics and the CORS checker

Repository Structure

doorman/
├── backend-services/    # Python gateway core, routes, services, tests
├── web-client/         # Next.js frontend
├── docker/             # Container entrypoint and scripts
├── user-docs/          # Documentation and guides
├── scripts/            # Helper scripts (preflight, coverage, maintenance)
└── generated/          # Local development artifacts

Security Notes

• Frontend only exposes NEXT_PUBLIC_* variables to the browser
• Never pass secrets to frontend build args
• Backend loads environment at runtime from --env-file or /env/*.env
• Platform/injected env variables take precedence over repo files

License

Copyright Doorman Dev, LLC

Licensed under the Apache License 2.0 - see LICENSE

Disclaimer

Use at your own risk. By using this software, you agree to the Apache 2.0 License and any annotations in the source code.

---

We welcome contributors and testers!