{"id":13567695,"url":"https://github.com/DonDebonair/secure-dev-proxy","last_synced_at":"2025-04-04T02:32:36.109Z","repository":{"id":148489419,"uuid":"145244744","full_name":"DonDebonair/secure-dev-proxy","owner":"DonDebonair","description":"Setting Up a Secure Development Proxy","archived":false,"fork":false,"pushed_at":"2018-08-18T18:51:35.000Z","size":3,"stargazers_count":7,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-26T15:01:52.892Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DonDebonair.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-08-18T18:48:25.000Z","updated_at":"2023-04-25T02:24:03.000Z","dependencies_parsed_at":"2023-06-26T01:19:55.371Z","dependency_job_id":null,"html_url":"https://github.com/DonDebonair/secure-dev-proxy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DonDebonair%2Fsecure-dev-proxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DonDebonair%2Fsecure-dev-proxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DonDebonair%2Fsecure-dev-proxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DonDebonair%2Fsecure-dev-proxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DonDebonair","download_url":"https://codeload.github.com/DonDebonair/secure-dev-proxy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247111120,"owners_count":20885385,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T13:02:39.541Z","updated_at":"2025-04-04T02:32:35.800Z","avatar_url":"https://github.com/DonDebonair.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"# Setting Up a Secure Development Proxy\n\nFollowing this guide will give you a nice local development environment with a \nreverse proxy that will forward traffic to locally running Docker containers. \nThe proxy supports HTTPS through self-signed certificates, which are added to \nthe trust store, so browsers will trust them.\n\nCustom domain names are supported and resolve automatically to the reverse proxy \nby using `dnsmasq`. We will use the `.test` tld for our custom domain names, so \nthey don't clash with any current and future tlds.\n\nThis guide has only been tested on OS X. The tools used below are also available \non Linux, so theoretically this guide should work on Linux too, with some minor \nmodifications.\n\n## Basic steps\n\n**Install dnsmasq**\n\n```\n$ brew install dnsmasq\n```\n\n**Configure and start dnsmasq**\n\n```\n$ echo \"address=/.test/127.0.0.1\" | sudo tee -a $(brew --prefix)/etc/dnsmasq.conf\n$ sudo mkdir -p /etc/resolver\n$ echo 'nameserver 127.0.0.1' | sudo tee /etc/resolver/test\n$ # doesn't work without sudo\n$ sudo brew services restart dnsmasq\n```\n\n**Install mkcert**\n\n```\n$ brew install mkcert\n```\n\n**Install a root certificate**\n\nWe'll install our own certificate authority and add it to the system trust \nstore and the trust stores of installed browsers (where necessary).\n\n```\n$ mkcert -install\n```\n\nAny certificates we create, use the CA we've just installed, so all certificates \nwill be trusted by the browser and other tools.\n\n**Creating certificates**\n\nYou can now create certificates with `mkcert` or by using the `mk-cert` script \nlocated in the `bin` directory. The latter has a couple of advantages:\n\n- It will rename the generated certificates to the right format for nginx-proxy (see below)\n- It will put the generated certificates in the `certs` directory, which is \nmounted as a volume for nginx-proxy, which will automatically pick up any new certificates \nyou create\n\n`mk-cert` can be called from any directory, so I recommend you add it to your \n`$PATH` for ease of use.\n\n**Start the proxy**\n\n```\n$ docker-compose up -d\n```\n\nThis will start [nginx-proxy](https://github.com/jwilder/nginx-proxy). You \ncan automatically proxy traffic for any domain you want to any Docker \ncontainer you start by setting the `VIRTUAL_HOST` environment variable on \nthat container to the domain you want it to respond to.\n\nnginx-proxy will run on its own network, called `proxy`, so you'll have to \nstart your containers on that network as well.\n\n## Example usage\n\nThe `docker-compose-sample-services.yml` will start 2 Apache web servers \nwhich serve the default web page. They will be connected to the `proxy` \nnetwork. They have the following `VIRTUAL_HOST` vars defined: \n`server1.test` and `server2.test`.\n\n**Create certificates for the example**\n\n```\n$ bin/mk-cert server1.test\n$ bin/mk-cert server2.test\n```\n\n**Start the Apache containers**\n\n```\n$ docker-compose -f docker-compose-sample.services.yml up\n```\n\nYou now should be able to browse to https://server1.test and https://server2.test\n\n## Acknowledgements\n\nThis guide couldn't have been possible without these excellent tools:\n\n- [nginx-proxy](https://github.com/jwilder/nginx-proxy)\n- [mkcert](https://github.com/FiloSottile/mkcert)\n\nAnd the following articles and resources were of great help in figuring all of this out:\n\n- https://medium.com/@francoisromain/set-a-local-web-development-environment-with-custom-urls-and-https-3fbe91d2eaf0\n- https://medium.com/@dvhtn/reverse-proxying-to-docker-on-os-x-el-capitan-d48bed322398\n- https://medium.com/@sumankpaul/use-nginx-proxy-and-dnsmasq-for-user-friendly-urls-during-local-development-a2ffebd8b05d\n- https://gist.github.com/jed/6147872\n\nThanks!","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FDonDebonair%2Fsecure-dev-proxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FDonDebonair%2Fsecure-dev-proxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FDonDebonair%2Fsecure-dev-proxy/lists"}