A secure HTTP/HTTPS proxy server in Go with Basic authentication, TLS support, and upstream proxy chaining.

• HTTP and HTTPS proxy modes
• Basic authentication
• TLS with configurable certificates
• Upstream proxy chaining (proxy chain support)
  • Supports HTTP and HTTPS upstream proxies
  • Configurable via config.yaml or environment variables (HTTPS_PROXY, HTTP_PROXY)
  • Basic authentication to upstream proxy
• Configurable via YAML file
• Systemd service support
• Graceful shutdown

Download the latest binary from the Releases page.

1. Clone the repository:

   git clone https://github.com/hightemp/https_proxy
   cd https_proxy

2. Build the project:

   make build

Create a config.yaml file (see config.example.yaml):

proxy_addr: 0.0.0.0:8080
username: "your_username"
password: "your_password"
proto: https
cert_path: "path/to/your/cert.pem"
key_path: "path/to/your/key.pem"
# upstream_proxy: http://user:pass@upstream-proxy:8080

To route all traffic through an upstream proxy, set upstream_proxy in config.yaml:

upstream_proxy: http://user:pass@upstream-proxy:8080

HTTPS upstream proxies are also supported:

upstream_proxy: https://user:pass@upstream-proxy:8443

If upstream_proxy is not set in the config, the proxy falls back to standard environment variables (HTTPS_PROXY, HTTP_PROXY, NO_PROXY).

Generate self-signed certificates:

bash generate_certs.sh

Or use Let's Encrypt:

sudo certbot certonly --standalone -d example.com

cert_path: "/etc/letsencrypt/live/example.com/fullchain.pem"
key_path: "/etc/letsencrypt/live/example.com/privkey.pem"

./https_proxy -config config.yaml

sudo make install

Manage the service:

make start / stop / restart / status

1. Update the version in the VERSION file.

2. Run:

   make release

   This will commit, create a git tag vX.Y.Z, and push it. GitHub Actions will automatically build binaries and create a release.

This project is licensed under the MIT License.