{"id":13413827,"url":"https://github.com/rekby/lets-proxy2","last_synced_at":"2025-04-13T15:52:32.242Z","repository":{"id":35075779,"uuid":"180937807","full_name":"rekby/lets-proxy2","owner":"rekby","description":"Reverse proxy with automatically obtains TLS certificates from Let's Encrypt","archived":false,"fork":false,"pushed_at":"2024-04-01T20:39:58.000Z","size":7835,"stargazers_count":97,"open_issues_count":42,"forks_count":18,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-03-27T06:44:56.478Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rekby.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-04-12T05:39:43.000Z","updated_at":"2025-02-11T21:34:34.000Z","dependencies_parsed_at":"2024-04-01T21:38:31.040Z","dependency_job_id":null,"html_url":"https://github.com/rekby/lets-proxy2","commit_stats":null,"previous_names":[],"tags_count":48,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rekby%2Flets-proxy2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rekby%2Flets-proxy2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rekby%2Flets-proxy2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rekby%2Flets-proxy2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rekby","download_url":"https://codeload.github.com/rekby/lets-proxy2/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248741147,"owners_count":21154249,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-30T20:01:50.488Z","updated_at":"2025-04-13T15:52:32.217Z","avatar_url":"https://github.com/rekby.png","language":"Go","readme":"[![Build Status](https://travis-ci.org/rekby/lets-proxy2.svg?branch=master)](https://travis-ci.org/rekby/lets-proxy2)\n[![Coverage Status](https://coveralls.io/repos/github/rekby/lets-proxy2/badge.svg?branch=master)](https://coveralls.io/github/rekby/lets-proxy2?branch=master)\n[![Go Report Card](https://goreportcard.com/badge/github.com/rekby/lets-proxy2)](https://goreportcard.com/report/github.com/rekby/lets-proxy2)\n[![GolangCI](https://golangci.com/badges/github.com/rekby/lets-proxy2.svg)](https://golangci.com/r/github.com/rekby/lets-proxy2)\n[![Mentioned in Awesome Go](https://awesome.re/mentioned-badge.svg)](https://github.com/avelino/awesome-go)  \n\n\nРусскоязычное описание ниже (Russian below).\n\nEnglish description\n===================\nHome page: https://github.com/rekby/lets-proxy2\n\nFeatures:\n* Domain names for certificates get from request by [SNI]([url](https://en.wikipedia.org/wiki/Server_Name_Indication))\n* http-01 and tls-alpn-01 validation\n* HTTPS (with certificate autoissue) and HTTP reverse proxy\n* Zero config for start usage\n* Time limit for issue certificate\n* Auto include subdomains in certificate (default: domain and www.domain)\n* Logging for stderr and/or file\n* Self rotate log files (can disable by config)\n* Can configure backend in dependence of incoming connection IP:Port\n* Custom headers to backend\n* Self check domain before issue cert (prevent DoS cert issue attack by requests with bad domains)\n* Blacklist/whitelist of domains\n* Lock certificates (force to use manual issued certificate without internal checks)\n* Optional access to internal metrics with Prometheus format\n\nIt is next generation of https://github.com/rekby/lets-proxy, rewrited from scratch.\n\nIt is improove logging and internal structure for better test coverage and simpler support.\nAdd config support instead of many command line flags.\n\nA reverse-proxy server to handle https requests transparently. By default Lets-proxy handles\nhttps requests to port 443 and proxies them as http to port 80 on the same IP address.\n\nLets-proxy adds the http headers, `X-Forwarded-For` which contains the IP address.\nIt obtains valid TLS certificates from Let's Encrypt and handles https for free, in an automated way, \nincluding certificate renewal, and without warning in browsers. It needs only for domain be true public domain and has A/AAAA record to public available IP address.\n\nThe program was created for shared hosting and can handle many thousands of domains per server.\nIt is simple to implement and doesn't need settings to start the program on personal server/vps.\n\nQuick start:\n\n    ./lets-proxy or lets-proxy.exe\n    \nUse --help key for details:\n\n    ./lets-proxy --help or lets-proxy.exe --help\n\nРусский (Russian):\n==================\nСайт программы: https://github.com/rekby/lets-proxy2\n\nВозможности:\n* Доменные имена для выпуска сертификатов получаются из [SNI]([url](https://ru.wikipedia.org/wiki/Server_Name_Indication)), их не нужно настраивать.\n* Авторизация доменов по протоколам http-01 and tls-alpn-01\n* Проксирование HTTPS (с автовыпуском сертификата) and HTTP\n* Начать использование можно без настроек\n* Ограничение времени на получение сертификата\n* Автоматическое получение сертификата для домена и поддоменов (default: domain and www.domain)\n* Вывод логов в файл и/или на стандартный вывод ошибок\n* Самостоятельная ротация лог-файлов (отключается в настройках)\n* Можно настроить адрес перенаправления запроса в заивисмости от адреса приема запроса.\n* Настраиваемые дополнительные заголовки для передачи на внутренний сервер\n* Самостоятельная проверка возможности выпуска сертификата перед его запросом (для исключения DoS-атак путем запросов с неправильными доменами)\n* Белый/чёрный списки доменов для выпуска сертификатов\n* Фиксированный сертификат (возможность использовать самостоятельно полученный сертификат, без внутренних проверок и автообновления)\n* Опциональный доступ к внутренним метрикам в формате Prometheus\n\n\nЭта программа - следующая итерация после https://github.com/rekby/lets-proxy, переписанная с нуля.\n\nУлучшено логирование, внутреннее устройство кода - для упрощения тестирования и поддержки/развития.\nДобавлена поддержка файла настроек вместо огромного списка флагов.\n\nРеверс-прокси сервер для прозрачной обработки https-запросов. Для начала использования достаточно просто запустить его на сервере с \nзапущенным http-сервером. При этом lets-proxy начнёт слушать порт 433 и передавать запросы на порт 80 с тем же IP-адресом.\nК запросу будет добавляться заголовок `X-Forwarded-For` с IP-адресом источника запроса.\nСертификаты для работы https получаются в реальном времени от letsencrypt.org. Это правильные\n(не самоподписанные) бесплатные сертификаты, которым доверяют браузеры. Нужно только чтобы домен был общедоступен и указывал на общедоступный IP-адрес.\n\nПрограмма разрабатывается для использования на виртуальном хостинге и может работать с тысячами доменов\nна каждом сервере.\nС другой стороны она проста и не требует начальных настроек для запуска на персональном сервере.\n\nБыстрый старт:\n\n    ./lets-proxy или lets-proxy.exe\n\n\nUsed libraries (alphabet ordered):\n==================================\n\n* http://github.com/gojuno/minimock - for tests\n* http://github.com/kardianos/minwinsvc - for run as windows service\n* http://github.com/maxatome/go-testdeep - for tests\n* http://github.com/mitchellh/gox - for multiply binaries build\n* http://github.com/pelletier/go-toml - for config file.\n* http://github.com/rekby/zapcontext - for pass logger to/from context\n* http://github.com/satori/go.uuid - for generate uuid\n* http://go.uber.org/zap - for logging\n* http://golang.org/x/crypto - use acme part - for access for lets encrypt server.\n* http://golang.org/x/net - use idna part for log domain names\n* http://gopkg.in/natefinch/lumberjack.v2 - use for self log rotation.\n","funding_links":[],"categories":["Server Applications","服务端应用","服务器应用程序","Relational Databases"],"sub_categories":["HTTP Clients","查询语","HTTP客户端"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frekby%2Flets-proxy2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frekby%2Flets-proxy2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frekby%2Flets-proxy2/lists"}