I’ve been building Groxy, a pre-v1 Go library for creating forward proxy servers.
It supports:
- HTTP forwarding
- HTTPS CONNECT tunneling
- middleware
- blocking/body transforms
- access logs
- proxy authentication
- opt-in HTTPS inspection
Minimal proxy
proxy, err := groxy.New(groxy.Config{
Addr: "127.0.0.1:8080",
})
if err != nil {
log.Fatal(err)
}
log.Fatal(proxy.Start())
Try it:
curl -x http://127.0.0.1:8080 http://example.com
curl -x http://127.0.0.1:8080 https://example.com
Middleware
proxy.Use(
groxy.AddRequestHeader("X-From-Groxy", "true"),
groxy.AccessLog(log.Default()),
)
Proxy auth
proxy.Use(groxy.ProxyBasicAuth("admin", os.Getenv("PROXY_PASSWORD")))
Or:
proxy.Use(groxy.ProxyBasicAuthFunc(func(username, password string) bool {
return users.Verify(username, password)
}))
Auth protects both HTTP proxy requests and HTTPS CONNECT tunnels.
HTTPS inspection
By default, HTTPS is tunneled normally.
Inspection is explicit opt-in:
HTTPSInspection: &groxy.HTTPSInspectionConfig{
CA: ca,
Intercept: groxy.MatchHosts("example.com", "*.example.com"),
}
Only inspect traffic you own or are authorized to inspect.
Feedback wanted
Groxy is pre-v1, so I’m looking for API/security feedback before stabilizing it.
Repo: https://github.com/SalzDevs/groxy
Docs: https://pkg.go.dev/github.com/SalzDevs/groxy
Top comments (0)