Command leproxy implements https reverse proxy with automatic Letsencrypt usage for multiple hostnames/backends
Install:
go install github.com/artyom/leproxy@latest
Run:
leproxy -addr :https -map /path/to/mapping.txt -cacheDir /path/to/letsencrypt
mapping.txt
contains host-to-backend mapping, where backend can be specified as:
- http/https url for http(s) connections to backend without passing "Host" header from request;
- host:port for http over TCP connections to backend;
- absolute path for http over unix socket connections;
- @name for http over abstract unix socket connections (linux only);
- absolute path with a trailing slash to serve files from a given directory.
Example:
subdomain1.example.com: 127.0.0.1:8080
subdomain2.example.com: /var/run/http.socket
subdomain3.example.com: @abstractUnixSocket
uploads.example.com: https://uploads-bucket.s3.amazonaws.com
# this is a comment, it can only start on a new line
static.example.com: /var/www/
Note that when @name
backend is specified, connection to abstract unix socket
is made in a manner compatible with some other implementations like uWSGI, that
calculate addrlen including trailing zero byte despite documentation not
requiring that. It won't
work with other implementations that calculate addrlen differently (i.e. by
taking into account only strlen(addr)
like Go, or even UNIX_PATH_MAX
).