Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/eastlondoner/tailscale-ssl-proxy
:lock: Simple zero-config SSL reverse proxy for Tailscale users (LetsEncrypt certs)
https://github.com/eastlondoner/tailscale-ssl-proxy
https proxy ssl tailscale
Last synced: 3 months ago
JSON representation
:lock: Simple zero-config SSL reverse proxy for Tailscale users (LetsEncrypt certs)
- Host: GitHub
- URL: https://github.com/eastlondoner/tailscale-ssl-proxy
- Owner: eastlondoner
- License: mit
- Created: 2022-01-24T15:46:58.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2022-03-08T15:48:17.000Z (over 2 years ago)
- Last Synced: 2024-01-16T21:50:36.880Z (5 months ago)
- Topics: https, proxy, ssl, tailscale
- Language: Go
- Homepage:
- Size: 114 KB
- Stars: 12
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- awesome-stars - eastlondoner/tailscale-ssl-proxy - :lock: Simple zero-config SSL reverse proxy for Tailscale users (LetsEncrypt certs) (Go)
- awesome-stars - eastlondoner/tailscale-ssl-proxy - :lock: Simple zero-config SSL reverse proxy for Tailscale users (LetsEncrypt certs) (Go)
README
tailscale-ssl-proxy
Simple single-command SSL reverse proxy for Tailscale
A handy way to add Tailscale SSL support to your locally running thing -- be it your personal jupyter notebook, nodejs app or any other http application.
`tailscale-ssl-proxy` uses the official Tailscale go package to get trusted LetsEncrypt SSL certs and then proxies HTTPS traffic to your existing HTTP server in a single command. `tailscale-ssl-proxy` also redirects unencrypted HTTP traffic on port 80 to HTTPS.
## Installation
Download the latest version of tailscale-ssl-proxy using the installer script in the github release:
```sh
# Install the correct binary to ./bin
curl -L https://github.com/eastlondoner/tailscale-ssl-proxy/releases/download/v0.0.6/install-tailscale-ssl-proxy.sh | sh -s
```The installer script will fetch the latest `tailscale-ssl-proxy` binary for your OS and place it in `./bin/tailscale-ssl-proxy`
To use `tailscale-ssl-proxy` from anyhwere you now need to add it to your PATH:
#### For most linux-based systems including Mac OS
Move the binary to `/usr/local/bin`
```sh
# Move the binary to /usr/local/bin
mv ./bin/tailscale-ssl-proxy /usr/local/bin
```#### For Windows systems
TBC - need to figure out what the instructions for Windows systems are
## Quickstart
```sh
tailscale-ssl-proxy
# Listening on [::]:443
# Listening on [::]:80
# Proxying calls from https://:443 (SSL/TLS) to http://localhost:8080
# Redirecting http requests on :80 to https on port :443
```
This will immediately fetch, real LetsEncrypt certificates for the machine's Tailscale address.## Usage
Print usage using the `-help` option
```sh
tailscale-ssl-proxy -help
``````
Usage of tailscale-ssl-proxy
-from string
the tcp address and port this proxy should listen for requests on (default ":443")
-redirectHTTP string
the tcp address and port this proxy should listen for http->https request redirects. Set to 'off' to disable http->https redirect (default ":80")
-to string
the address and port for which to proxy requests to (default "http://localhost:8080")
```## Warning
The ssl certificate files (including the private key) are written to the current working directory as `cert.pem` and `key.pem` - that is the behaviour of the tailscale client. The private key is sensitive use at your own risk.
### Examples
#### Proxy to port 3000 (instead of 8080)
```sh
tailscale-ssl-proxy -to :3000
# Listening on [::]:443
# Listening on [::]:80
# Proxying calls from https://:443 (SSL/TLS) to http://localhost:3000
# Redirecting http requests on :80 to https on port :443
```#### Disable HTTP -> HTTPS Redirect
```sh
tailscale-ssl-proxy -redirectHTTP off
# Listening on [::]:443
# Proxying calls from https://:443 (SSL/TLS) to http://localhost:8080
```
Simply include the `-redirectHTTP` flag when running the program.#### Serve https on port 8443 (instaead of 443)
```sh
tailscale-ssl-proxy -from 0.0.0.0:8443
# Listening on [::]:8443
# Listening on [::]:80
# Proxying calls from https://0.0.0.0:8443 (SSL/TLS) to http://localhost:8080
# WARN: You must serve on port :443 for the LetsEncrypt certs that tailscale uses to be valid
# Redirecting http requests on :80 to https on port :8443
```
Simply include the `-redirectHTTP` flag when running the program.### Build from source
#### Build from source using Docker
You can build `tailscale-ssl-proxy` for all platforms quickly using the included Docker configurations.If you have `docker-compose` installed you can use the `./docker-make` script:
```sh
./docker-make build
```
That will build a binary for your local system and place it in the root directory.#### Build from source locally
You must have Golang installed on your system along with `make`. Then simply clone the repository and run `make`.## Attribution
Forked from ssl-proxy by Suyash Kumar