Skip to content
/ yxorp Public

yxorp - a drop-in nginx reverse proxy with SSL for anything running locally

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

richarddewit/yxorp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
certs
certs
 
 
config
config
 
 
sites-available
sites-available
 
 
sites-enabled
sites-enabled
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
sly
sly
 
 
template.conf
template.conf
 
 
yxorp
yxorp
 
 

Repository files navigation

yxorp

A drop-in nginx reverse proxy with SSL for anything running locally, even Docker containers with a mapped port. No need to add some network to your existing Docker config. Just yxorp add ... and you're good to go.

If you normally develop using an URL like http://localhost:1337, you can use this proxy to start using https://coolapp.test (note the https, yes there are SSLs!).

Note: This does not work for MacOS, because host networking is unsupported.

Dependencies

Tool Description
docker Run the proxy inside a container
mkcert Create and auto-trust self-signed certificates
emcee Add and remove hostnames in /etc/hosts

Get started

# (Run once, takes a while) Create Diffie-Hellman (DH) parameters for SSL
$ yxorp dhparam

# Proxy coolapp.test to 127.0.0.1:8000
$ yxorp add coolapp.test 8000

# Run the proxy container
$ yxorp start

Now you can visit https://coolapp.test

Wildcard domains

You can create a wildcard configuration, however the /etc/hosts file doesn't understand that. You'll need to use dnsmasq to route the base domain or TLD to localhost.

Create the configs and certificates:

# Escape the asterisk with a \ to avoid possible side-effects
$ yxorp add \*.coolapp.test 8000

Install dnsmasq and create a new file named /etc/NetworkManager/dnsmasq.d/00-localhost.conf with the following contents:

address=/coolapp.test/127.0.0.1

Or when you want to route all domains ending with the .test TLD:

local=/test/
address=/test/127.0.0.1

NetworkManager and dnsmasq

When using NetworkManager, make sure it is using dnsmasq.

Check if NetworkManager already uses dnsmasq:

$ grep -nrw "dns=dnsmasq" /etc/NetworkManager/conf.d

If the output is blank, create a new file:

$ sudoedit /etc/NetworkManager/conf.d/00-use-dnsmasq.conf

And put this in the file:

[main]
dns=dnsmasq

Then restart NetworkManager:

$ systemctl restart NetworkManager.service

Just dnsmasq

When not using NetworkManager, just restart dnsmasq itself:

$ systemctl restart dnsmasq

Done!

Now you can visit https://nice.coolapp.test

How it works

The nginx container runs with --network="host" to be able to proxy to any locally running development server like npm run dev, rails s, django-admin runserver, mix phx.server, etc. Just find the port the app is running on, think of a hostname (add it to the app's "allowed hosts" if needed) and create the config for by running yxorp add <hostname> <port> in the yxorp folder.

Important

  • This has only been tested on Linux
  • Does not work on MacOS, because host networking is unsupported
  • Using --network="host", the Docker container "claims" ports 80 and 443, so make sure no other application is using these ports

About

yxorp - a drop-in nginx reverse proxy with SSL for anything running locally

Topics

docker nginx cli ssl development proxy nginx-proxy ssl-certificates

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Languages