hprox: a lightweight HTTP proxy server, and more

Versions [RSS]	0.1.0, 0.1.0.1, 0.1.0.2, 0.1.1, 0.1.2, 0.2.0, 0.2.1, 0.3.0, 0.4.0, 0.5.0, 0.5.1, 0.5.2, 0.5.3, 0.5.4, 0.6.0, 0.6.1, 0.6.2, 0.6.3
Change log	Changelog.md
Dependencies	async (>=2.2), base (>=4.12 && <5), base64-bytestring (>=1.1), binary (>=0.8), bytestring (>=0.10), case-insensitive (>=1.2), conduit (>=1.3), conduit-extra (>=1.3), dns (>=4.0), fast-logger (>=3.0), hprox, http-client (>=0.5), http-client-tls (>=0.3.4), http-reverse-proxy (>=0.4.0), http-types (>=0.12), http2 (>=4.0), optparse-applicative (>=0.14), random (>=1.2.1), tls (>=1.5), tls-session-manager (>=0.0.4), unix (>=2.7), wai (>=3.2.2), wai-extra (>=3.0), warp (>=3.2.8), warp-tls (>=3.2.12) [details]
License	Apache-2.0
Copyright	2023 Bin Jin
Author	Bin Jin
Maintainer	bjin@ctrl-d.org
Category	Web
Home page	https://github.com/bjin/hprox#readme
Bug tracker	https://github.com/bjin/hprox/issues
Source repo	head: git clone https://github.com/bjin/hprox
Uploaded	by BinJin at 2023-05-11T18:06:23Z
Distributions	NixOS:0.6.3
Executables	hprox
Downloads	2258 total (80 in the last 30 days)
Rating	(no votes yet) [estimated by Bayesian average]
Your Rating	λ λ λ
Status	Docs available [build log] Last success reported on 2023-05-11 [all 1 reports]

Readme for hprox-0.5.0

[back to package description]

hprox

hprox is a lightweight HTTP/HTTPS proxy server.

Features

Basic HTTP proxy functionality.
Simple password authentication.
TLS encryption (requires a valid certificate). Supports TLS 1.3 and HTTP/2, also known as SPDY Proxy.
TLS SNI validation (blocks all clients with invalid domain name).
Provide PAC file for easy client side configuration (supports Chrome and Firefox).
Websocket redirection (compatible with v2ray-plugin).
Reverse proxy support (redirect requests to a fallback server).
DNS-over-HTTPS (DoH) support.
naiveproxy compatible padding (HTTP Connect proxy).
HTTP/3 (QUIC) support (h3 protocol).
Implemented as a middleware, compatible with any Haskell Web Application built with wai interface. See library documents for details.

Installation

hprox should build and work on all unix-like OS with ghc support, but it's only been tested on Linux and macOS.

stack is recommended to build hprox.

stack setup
stack install

Alternatively, you also can use the statically linked binary for the latest release.

Usage

Use hprox --help to list options with detailed explanation.

To run hprox on port 8080, with simple password authentication:

echo "user:pass" > userpass.txt
hprox -p 8080 -a userpass.txt

To run hprox with TLS encryption on port 443, with certificate of example.com obtained with acme.sh:

hprox -p 443 -s example.com:$HOME/.acme.sh/example.com/fullchain.cer:$HOME/.acme.sh/example.com/example.com.key

Browsers can be configured with PAC file URL https://example.com/.hprox/proxy.pac.

To work with v2ray-plugin, with fallback page to ubuntu archive:

v2ray-plugin -server -localPort 8080 -mode websocket -host example.com -remotePort xxxx
hprox -p 443 -s example.com:fullchain.pem:privkey.pem --ws 127.0.0.1:8080 --rev archive.ubuntu.com:80

Clients will be able to connect with plugin option tls;host=example.com.

Enable HTTP/3 (QUIC) on UDP port 8443, enable DoH support (redirect to 8.8.8.8), and add naiveproxy compatible padding:

hprox -p 443 -q 8443 -s example.com:fullchain.pem:privkey.pem -a userpass.txt --naive --doh 8.8.8.8

Known Issue

Passwords are currently stored in plain text, please set permission accordingly and avoid using existing password.
HTTP/3 currently only works on the first domain as specified by -s/--tls.

License

hprox is licensed under the Apache license. See LICENSE file for details.